openclarity · pbalogh-sa · Oct 6, 2023 · Oct 4, 2023 · Oct 4, 2023 · Oct 4, 2023
@@ -114,7 +114,7 @@ var ScanCmd = &cobra.Command{
 			families.SetMountPointsForFamiliesInput(mountPoints, config)
 		}
 
-		err = cli.MarkInProgress(ctx)
+		err = cli.MarkInProgress(ctx, config)
 		if err != nil {
 			return fmt.Errorf("failed to inform server %v scan has started: %w", server, err)
 		}

diff --git a/pkg/apiserver/database/gorm/odata.go b/pkg/apiserver/database/gorm/odata.go
@@ -491,7 +491,7 @@ var schemaMetas = map[string]odatasql.SchemaMeta{
 			"scansCount":   odatasql.FieldMeta{FieldType: odatasql.NumberFieldType},
 			"assetInfo": odatasql.FieldMeta{
 				FieldType:             odatasql.ComplexFieldType,
-				ComplexFieldSchemas:   []string{"VMInfo", "ContainerInfo", "ContainerImageInfo"},
+				ComplexFieldSchemas:   []string{"VMInfo", "DirInfo", "ContainerInfo", "ContainerImageInfo"},
 				DiscriminatorProperty: "objectType",
 			},
 			"summary": odatasql.FieldMeta{

@@ -18,6 +18,7 @@ package state
 import (
 	"context"
 
+	"github.com/openclarity/vmclarity/pkg/shared/families"
 	"github.com/openclarity/vmclarity/pkg/shared/families/types"
 	"github.com/openclarity/vmclarity/pkg/shared/log"
 )
@@ -28,7 +29,7 @@ func (l *LocalState) WaitForReadyState(context.Context) error {
 	return nil
 }
 
-func (l *LocalState) MarkInProgress(ctx context.Context) error {
+func (l *LocalState) MarkInProgress(ctx context.Context, _ *families.Config) error {
 	logger := log.GetLoggerFromContextOrDiscard(ctx)
 	logger.Info("Scanning is in progress")
 	return nil

@@ -18,12 +18,13 @@ package state
 import (
 	"context"
 
+	"github.com/openclarity/vmclarity/pkg/shared/families"
 	"github.com/openclarity/vmclarity/pkg/shared/families/types"
 )
 
 type Manager interface {
 	WaitForReadyState(context.Context) error
-	MarkInProgress(context.Context) error
+	MarkInProgress(context.Context, *families.Config) error
 	MarkFamilyScanInProgress(context.Context, types.FamilyType) error
 	MarkDone(context.Context, []error) error
 	IsAborted(ctx context.Context) (bool, error)

@@ -0,0 +1,88 @@
+{
+  "sbom": {
+    "Enabled": true,
+    "AnalyzersList": [
+      "syft"
+    ],
+    "Inputs": [
+      {
+        "StripPathFromResult": null,
+        "Input": "test",
+        "InputType": "dir"
+      }
+    ],
+    "MergeWith": null,
+    "AnalyzersConfig": {
+      "Registry": null,
+      "Analyzer": {
+        "OutputFormat": "",
+        "AnalyzerList": [
+          "syft"
+        ],
+        "Scope": "",
+        "TrivyConfig": {
+          "Timeout": 0,
+          "CacheDir": "",
+          "TempDir": ""
+        }
+      },
+      "Scanner": null,
+      "LocalImageScan": false
+    }
+  },
+  "vulnerabilities": {
+    "Enabled": false,
+    "ScannersList": null,
+    "Inputs": null,
+    "InputFromSbom": false,
+    "ScannersConfig": null
+  },
+  "secrets": {
+    "Enabled": false,
+    "ScannersList": null,
+    "StripInputPaths": false,
+    "Inputs": null,
+    "ScannersConfig": null
+  },
+  "rootkits": {
+    "Enabled": false,
+    "ScannersList": null,
+    "StripInputPaths": false,
+    "Inputs": null,
+    "ScannersConfig": null
+  },
+  "malware": {
+    "Enabled": false,
+    "ScannersList": null,
+    "StripInputPaths": false,
+    "Inputs": null,
+    "ScannersConfig": null
+  },
+  "misconfiguration": {
+    "enabled": false,
+    "ScannersList": null,
+    "StripInputPaths": false,
+    "Inputs": null,
+    "ScannersConfig": {
+      "Lynis": {
+        "InstallPath": ""
+      }
+    }
+  },
+  "infofinder": {
+    "enabled": false,
+    "ScannersList": null,
+    "StripInputPaths": false,
+    "Inputs": null,
+    "ScannersConfig": {
+      "SSHTopology": {}
+    }
+  },
+  "exploits": {
+    "enabled": false,
+    "ScannersList": null,
+    "Inputs": null,
+    "InputFromVuln": false,
+    "ScannersConfig": null
+  }
+}
@@ -17,19 +17,22 @@ package state
 
 import (
 	"context"
+	"encoding/json"
 	"errors"
 	"fmt"
 	"time"
 
 	"github.com/openclarity/vmclarity/api/models"
 	"github.com/openclarity/vmclarity/pkg/shared/backendclient"
+	"github.com/openclarity/vmclarity/pkg/shared/families"
 	"github.com/openclarity/vmclarity/pkg/shared/families/types"
 	"github.com/openclarity/vmclarity/pkg/shared/log"
 	"github.com/openclarity/vmclarity/pkg/shared/utils"
 )
 
 const (
-	DefaultWaitForVolRetryInterval = 15 * time.Second
+	DefaultWaitForVolRetryInterval   = 15 * time.Second
+	effectiveScanConfigAnnotationKey = "openclarity.io/vmclarity-scanner/config"
 )
 
 type AssetScanID = models.AssetScanID
@@ -75,7 +78,7 @@ func (v *VMClarityState) WaitForReadyState(ctx context.Context) error {
 	}
 }
 
-func (v *VMClarityState) MarkInProgress(ctx context.Context) error {
+func (v *VMClarityState) MarkInProgress(ctx context.Context, config *families.Config) error {
 	assetScan, err := v.client.GetAssetScan(ctx, v.assetScanID, models.GetAssetScansAssetScanIDParams{})
 	if err != nil {
 		return fmt.Errorf("failed to get asset scan: %w", err)
@@ -100,6 +103,11 @@ func (v *VMClarityState) MarkInProgress(ctx context.Context) error {
 	assetScan.Status.General.State = &state
 	assetScan.Status.General.LastTransitionTime = utils.PointerTo(time.Now())
 
+	assetScan.Annotations, err = appendEffectiveScanConfigAnnotation(assetScan.Annotations, config)
+	if err != nil {
+		return fmt.Errorf("failed to add effective scan config annotation: %w", err)
+	}
+
 	err = v.client.PatchAssetScan(ctx, assetScan, v.assetScanID)
 	if err != nil {
 		return fmt.Errorf("failed to patch asset scan: %w", err)
@@ -407,3 +415,30 @@ func NewVMClarityState(client *backendclient.BackendClient, id AssetScanID) (*VM
 		assetScanID: id,
 	}, nil
 }
+
+func appendEffectiveScanConfigAnnotation(annotations *models.Annotations, config *families.Config) (*models.Annotations, error) {
+	configJSON, err := json.Marshal(config)
+	if err != nil {
+		return nil, fmt.Errorf("failed to marshal effective families config: %w", err)
+	}
+	effectiveScanConfigAnnotations := models.Annotations{
+		{
+			Key:   utils.PointerTo(effectiveScanConfigAnnotationKey),
+			Value: utils.PointerTo(string(configJSON)),
+		},
+	}
+	if annotations == nil {
+		return &effectiveScanConfigAnnotations, nil
+	}
+	var newAnnotations models.Annotations
+	for _, annotation := range *annotations {
+		// If effective scan config annotation exists we will overwrite it.
+		if *annotation.Key == effectiveScanConfigAnnotationKey {
+			continue
+		}
+		newAnnotations = append(newAnnotations, annotation)
+	}
+	newAnnotations = append(newAnnotations, effectiveScanConfigAnnotations...)
+
+	return &newAnnotations, nil
+}