2021-12-03 22:50:58 -05:00
|
|
|
//go:build extended
|
2020-10-14 16:47:20 -05:00
|
|
|
// +build extended
|
|
|
|
|
2020-06-16 20:52:40 -05:00
|
|
|
package cli
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
|
|
|
"errors"
|
|
|
|
"fmt"
|
|
|
|
"io"
|
|
|
|
"strings"
|
|
|
|
"sync"
|
|
|
|
"time"
|
|
|
|
|
|
|
|
"github.com/briandowns/spinner"
|
2021-12-03 22:50:58 -05:00
|
|
|
zotErrors "zotregistry.io/zot/errors"
|
2020-06-16 20:52:40 -05:00
|
|
|
)
|
|
|
|
|
2020-07-06 17:44:32 -05:00
|
|
|
func getImageSearchers() []searcher {
|
2020-06-16 20:52:40 -05:00
|
|
|
searchers := []searcher{
|
|
|
|
new(allImagesSearcher),
|
|
|
|
new(imageByNameSearcher),
|
2021-05-26 12:22:31 -05:00
|
|
|
new(imagesByDigestSearcher),
|
2020-06-16 20:52:40 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
return searchers
|
|
|
|
}
|
|
|
|
|
2020-07-06 17:44:32 -05:00
|
|
|
func getCveSearchers() []searcher {
|
|
|
|
searchers := []searcher{
|
|
|
|
new(cveByImageSearcher),
|
|
|
|
new(imagesByCVEIDSearcher),
|
|
|
|
new(tagsByImageNameAndCVEIDSearcher),
|
|
|
|
new(fixedTagsSearcher),
|
|
|
|
}
|
|
|
|
|
|
|
|
return searchers
|
|
|
|
}
|
|
|
|
|
2020-06-16 20:52:40 -05:00
|
|
|
type searcher interface {
|
2020-07-17 14:42:22 -05:00
|
|
|
search(searchConfig searchConfig) (bool, error)
|
2020-06-16 20:52:40 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
func canSearch(params map[string]*string, requiredParams *set) bool {
|
|
|
|
for key, value := range params {
|
|
|
|
if requiredParams.contains(key) && *value == "" {
|
|
|
|
return false
|
|
|
|
} else if !requiredParams.contains(key) && *value != "" {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
|
2020-07-17 14:42:22 -05:00
|
|
|
type searchConfig struct {
|
|
|
|
params map[string]*string
|
2020-07-06 17:44:32 -05:00
|
|
|
searchService SearchService
|
2020-07-17 14:42:22 -05:00
|
|
|
servURL *string
|
|
|
|
user *string
|
|
|
|
outputFormat *string
|
|
|
|
verifyTLS *bool
|
2020-07-06 17:44:32 -05:00
|
|
|
fixedFlag *bool
|
2021-05-28 11:27:17 -05:00
|
|
|
verbose *bool
|
2020-07-17 14:42:22 -05:00
|
|
|
resultWriter io.Writer
|
|
|
|
spinner spinnerState
|
|
|
|
}
|
|
|
|
|
2020-06-16 20:52:40 -05:00
|
|
|
type allImagesSearcher struct{}
|
|
|
|
|
2020-07-17 14:42:22 -05:00
|
|
|
func (search allImagesSearcher) search(config searchConfig) (bool, error) {
|
|
|
|
if !canSearch(config.params, newSet("")) {
|
2020-06-16 20:52:40 -05:00
|
|
|
return false, nil
|
|
|
|
}
|
|
|
|
|
2020-07-17 14:42:22 -05:00
|
|
|
username, password := getUsernameAndPassword(*config.user)
|
2020-07-06 17:44:32 -05:00
|
|
|
imageErr := make(chan stringResult)
|
2020-06-16 20:52:40 -05:00
|
|
|
ctx, cancel := context.WithCancel(context.Background())
|
|
|
|
|
|
|
|
var wg sync.WaitGroup
|
|
|
|
|
|
|
|
wg.Add(1)
|
|
|
|
|
2020-07-17 14:42:22 -05:00
|
|
|
go config.searchService.getAllImages(ctx, config, username, password, imageErr, &wg)
|
2020-06-16 20:52:40 -05:00
|
|
|
wg.Add(1)
|
|
|
|
|
2021-12-13 14:23:31 -05:00
|
|
|
errCh := make(chan error, 1)
|
2020-06-16 20:52:40 -05:00
|
|
|
|
2020-07-06 17:44:32 -05:00
|
|
|
go collectResults(config, &wg, imageErr, cancel, printImageTableHeader, errCh)
|
2020-06-16 20:52:40 -05:00
|
|
|
wg.Wait()
|
|
|
|
select {
|
|
|
|
case err := <-errCh:
|
|
|
|
return true, err
|
|
|
|
default:
|
|
|
|
return true, nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
type imageByNameSearcher struct{}
|
|
|
|
|
2020-07-17 14:42:22 -05:00
|
|
|
func (search imageByNameSearcher) search(config searchConfig) (bool, error) {
|
|
|
|
if !canSearch(config.params, newSet("imageName")) {
|
2020-06-16 20:52:40 -05:00
|
|
|
return false, nil
|
|
|
|
}
|
|
|
|
|
2020-07-17 14:42:22 -05:00
|
|
|
username, password := getUsernameAndPassword(*config.user)
|
2020-07-06 17:44:32 -05:00
|
|
|
imageErr := make(chan stringResult)
|
|
|
|
ctx, cancel := context.WithCancel(context.Background())
|
|
|
|
|
|
|
|
var wg sync.WaitGroup
|
|
|
|
|
|
|
|
wg.Add(1)
|
|
|
|
|
|
|
|
go config.searchService.getImageByName(ctx, config, username, password,
|
|
|
|
*config.params["imageName"], imageErr, &wg)
|
|
|
|
wg.Add(1)
|
|
|
|
|
2021-12-13 14:23:31 -05:00
|
|
|
errCh := make(chan error, 1)
|
2020-07-06 17:44:32 -05:00
|
|
|
go collectResults(config, &wg, imageErr, cancel, printImageTableHeader, errCh)
|
|
|
|
|
|
|
|
wg.Wait()
|
|
|
|
|
|
|
|
select {
|
|
|
|
case err := <-errCh:
|
|
|
|
return true, err
|
|
|
|
default:
|
|
|
|
return true, nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-05-26 12:22:31 -05:00
|
|
|
type imagesByDigestSearcher struct{}
|
|
|
|
|
|
|
|
func (search imagesByDigestSearcher) search(config searchConfig) (bool, error) {
|
|
|
|
if !canSearch(config.params, newSet("digest")) {
|
|
|
|
return false, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
username, password := getUsernameAndPassword(*config.user)
|
|
|
|
imageErr := make(chan stringResult)
|
|
|
|
ctx, cancel := context.WithCancel(context.Background())
|
|
|
|
|
|
|
|
var wg sync.WaitGroup
|
|
|
|
|
|
|
|
wg.Add(1)
|
|
|
|
|
|
|
|
go config.searchService.getImagesByDigest(ctx, config, username, password,
|
|
|
|
*config.params["digest"], imageErr, &wg)
|
|
|
|
wg.Add(1)
|
|
|
|
|
2021-12-13 14:23:31 -05:00
|
|
|
errCh := make(chan error, 1)
|
2021-05-26 12:22:31 -05:00
|
|
|
go collectResults(config, &wg, imageErr, cancel, printImageTableHeader, errCh)
|
|
|
|
|
|
|
|
wg.Wait()
|
|
|
|
|
|
|
|
select {
|
|
|
|
case err := <-errCh:
|
|
|
|
return true, err
|
|
|
|
default:
|
|
|
|
return true, nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-07-06 17:44:32 -05:00
|
|
|
type cveByImageSearcher struct{}
|
|
|
|
|
|
|
|
func (search cveByImageSearcher) search(config searchConfig) (bool, error) {
|
|
|
|
if !canSearch(config.params, newSet("imageName")) || *config.fixedFlag {
|
|
|
|
return false, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
if !validateImageNameTag(*config.params["imageName"]) {
|
|
|
|
return true, errInvalidImageNameAndTag
|
|
|
|
}
|
|
|
|
|
|
|
|
username, password := getUsernameAndPassword(*config.user)
|
|
|
|
strErr := make(chan stringResult)
|
|
|
|
ctx, cancel := context.WithCancel(context.Background())
|
|
|
|
|
|
|
|
var wg sync.WaitGroup
|
|
|
|
|
|
|
|
wg.Add(1)
|
|
|
|
|
|
|
|
go config.searchService.getCveByImage(ctx, config, username, password, *config.params["imageName"], strErr, &wg)
|
|
|
|
wg.Add(1)
|
|
|
|
|
2021-12-13 14:23:31 -05:00
|
|
|
errCh := make(chan error, 1)
|
2020-07-06 17:44:32 -05:00
|
|
|
go collectResults(config, &wg, strErr, cancel, printCVETableHeader, errCh)
|
|
|
|
|
|
|
|
wg.Wait()
|
|
|
|
|
|
|
|
select {
|
|
|
|
case err := <-errCh:
|
|
|
|
return true, err
|
|
|
|
default:
|
|
|
|
return true, nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
type imagesByCVEIDSearcher struct{}
|
|
|
|
|
|
|
|
func (search imagesByCVEIDSearcher) search(config searchConfig) (bool, error) {
|
2021-12-13 14:23:31 -05:00
|
|
|
if !canSearch(config.params, newSet("cvid")) || *config.fixedFlag {
|
2020-07-06 17:44:32 -05:00
|
|
|
return false, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
username, password := getUsernameAndPassword(*config.user)
|
|
|
|
strErr := make(chan stringResult)
|
2020-06-16 20:52:40 -05:00
|
|
|
ctx, cancel := context.WithCancel(context.Background())
|
|
|
|
|
|
|
|
var wg sync.WaitGroup
|
|
|
|
|
|
|
|
wg.Add(1)
|
|
|
|
|
2021-12-13 14:23:31 -05:00
|
|
|
go config.searchService.getImagesByCveID(ctx, config, username, password, *config.params["cvid"], strErr, &wg)
|
2020-06-16 20:52:40 -05:00
|
|
|
wg.Add(1)
|
|
|
|
|
2021-12-13 14:23:31 -05:00
|
|
|
errCh := make(chan error, 1)
|
2020-07-06 17:44:32 -05:00
|
|
|
go collectResults(config, &wg, strErr, cancel, printImageTableHeader, errCh)
|
2020-06-16 20:52:40 -05:00
|
|
|
|
|
|
|
wg.Wait()
|
|
|
|
|
|
|
|
select {
|
|
|
|
case err := <-errCh:
|
|
|
|
return true, err
|
|
|
|
default:
|
|
|
|
return true, nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-07-06 17:44:32 -05:00
|
|
|
type tagsByImageNameAndCVEIDSearcher struct{}
|
|
|
|
|
|
|
|
func (search tagsByImageNameAndCVEIDSearcher) search(config searchConfig) (bool, error) {
|
2021-12-13 14:23:31 -05:00
|
|
|
if !canSearch(config.params, newSet("cvid", "imageName")) || *config.fixedFlag {
|
2020-07-06 17:44:32 -05:00
|
|
|
return false, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
if strings.Contains(*config.params["imageName"], ":") {
|
|
|
|
return true, errInvalidImageName
|
|
|
|
}
|
|
|
|
|
|
|
|
username, password := getUsernameAndPassword(*config.user)
|
|
|
|
strErr := make(chan stringResult)
|
|
|
|
ctx, cancel := context.WithCancel(context.Background())
|
|
|
|
|
|
|
|
var wg sync.WaitGroup
|
|
|
|
|
|
|
|
wg.Add(1)
|
|
|
|
|
|
|
|
go config.searchService.getImageByNameAndCVEID(ctx, config, username, password, *config.params["imageName"],
|
2021-12-13 14:23:31 -05:00
|
|
|
*config.params["cvid"], strErr, &wg)
|
2020-07-06 17:44:32 -05:00
|
|
|
wg.Add(1)
|
|
|
|
|
2021-12-13 14:23:31 -05:00
|
|
|
errCh := make(chan error, 1)
|
2020-07-06 17:44:32 -05:00
|
|
|
go collectResults(config, &wg, strErr, cancel, printImageTableHeader, errCh)
|
|
|
|
|
|
|
|
wg.Wait()
|
|
|
|
|
|
|
|
select {
|
|
|
|
case err := <-errCh:
|
|
|
|
return true, err
|
|
|
|
default:
|
|
|
|
return true, nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
type fixedTagsSearcher struct{}
|
|
|
|
|
|
|
|
func (search fixedTagsSearcher) search(config searchConfig) (bool, error) {
|
2021-12-13 14:23:31 -05:00
|
|
|
if !canSearch(config.params, newSet("cvid", "imageName")) || !*config.fixedFlag {
|
2020-07-06 17:44:32 -05:00
|
|
|
return false, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
if strings.Contains(*config.params["imageName"], ":") {
|
|
|
|
return true, errInvalidImageName
|
|
|
|
}
|
|
|
|
|
|
|
|
username, password := getUsernameAndPassword(*config.user)
|
|
|
|
strErr := make(chan stringResult)
|
|
|
|
ctx, cancel := context.WithCancel(context.Background())
|
|
|
|
|
|
|
|
var wg sync.WaitGroup
|
|
|
|
|
|
|
|
wg.Add(1)
|
|
|
|
|
|
|
|
go config.searchService.getFixedTagsForCVE(ctx, config, username, password, *config.params["imageName"],
|
2021-12-13 14:23:31 -05:00
|
|
|
*config.params["cvid"], strErr, &wg)
|
2020-07-06 17:44:32 -05:00
|
|
|
wg.Add(1)
|
|
|
|
|
2021-12-13 14:23:31 -05:00
|
|
|
errCh := make(chan error, 1)
|
2020-07-06 17:44:32 -05:00
|
|
|
go collectResults(config, &wg, strErr, cancel, printImageTableHeader, errCh)
|
|
|
|
|
|
|
|
wg.Wait()
|
|
|
|
|
|
|
|
select {
|
|
|
|
case err := <-errCh:
|
|
|
|
return true, err
|
|
|
|
default:
|
|
|
|
return true, nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func collectResults(config searchConfig, wg *sync.WaitGroup, imageErr chan stringResult,
|
2022-03-21 12:37:23 -05:00
|
|
|
cancel context.CancelFunc, printHeader printHeader, errCh chan error,
|
|
|
|
) {
|
2020-06-16 20:52:40 -05:00
|
|
|
var foundResult bool
|
|
|
|
|
|
|
|
defer wg.Done()
|
2020-07-17 14:42:22 -05:00
|
|
|
config.spinner.startSpinner()
|
2020-06-16 20:52:40 -05:00
|
|
|
|
|
|
|
for {
|
|
|
|
select {
|
2020-07-17 14:42:22 -05:00
|
|
|
case result, ok := <-imageErr:
|
|
|
|
config.spinner.stopSpinner()
|
|
|
|
|
|
|
|
if !ok {
|
|
|
|
cancel()
|
2021-12-13 14:23:31 -05:00
|
|
|
|
2020-07-17 14:42:22 -05:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2020-06-16 20:52:40 -05:00
|
|
|
if result.Err != nil {
|
|
|
|
cancel()
|
|
|
|
errCh <- result.Err
|
|
|
|
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2020-07-06 17:44:32 -05:00
|
|
|
if !foundResult && (*config.outputFormat == defaultOutoutFormat || *config.outputFormat == "") {
|
2020-06-16 20:52:40 -05:00
|
|
|
var builder strings.Builder
|
|
|
|
|
2021-05-28 11:27:17 -05:00
|
|
|
printHeader(&builder, *config.verbose)
|
2020-07-17 14:42:22 -05:00
|
|
|
fmt.Fprint(config.resultWriter, builder.String())
|
2020-06-16 20:52:40 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
foundResult = true
|
|
|
|
|
2020-07-17 14:42:22 -05:00
|
|
|
fmt.Fprint(config.resultWriter, result.StrValue)
|
2020-06-16 20:52:40 -05:00
|
|
|
case <-time.After(waitTimeout):
|
2020-07-17 14:42:22 -05:00
|
|
|
config.spinner.stopSpinner()
|
2020-07-06 17:44:32 -05:00
|
|
|
cancel()
|
|
|
|
|
|
|
|
errCh <- zotErrors.ErrCLITimeout
|
2020-07-17 14:42:22 -05:00
|
|
|
|
2020-06-16 20:52:40 -05:00
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func getUsernameAndPassword(user string) (string, string) {
|
|
|
|
if strings.Contains(user, ":") {
|
|
|
|
split := strings.Split(user, ":")
|
2021-12-13 14:23:31 -05:00
|
|
|
|
2020-06-16 20:52:40 -05:00
|
|
|
return split[0], split[1]
|
|
|
|
}
|
|
|
|
|
|
|
|
return "", ""
|
|
|
|
}
|
|
|
|
|
2020-07-06 17:44:32 -05:00
|
|
|
func validateImageNameTag(input string) bool {
|
|
|
|
if !strings.Contains(input, ":") {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
|
|
|
split := strings.Split(input, ":")
|
|
|
|
name := strings.TrimSpace(split[0])
|
|
|
|
tag := strings.TrimSpace(split[1])
|
|
|
|
|
|
|
|
if name == "" || tag == "" {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
|
2020-10-14 16:47:20 -05:00
|
|
|
type spinnerState struct {
|
|
|
|
spinner *spinner.Spinner
|
|
|
|
enabled bool
|
|
|
|
}
|
|
|
|
|
|
|
|
func (spinner *spinnerState) startSpinner() {
|
|
|
|
if spinner.enabled {
|
|
|
|
spinner.spinner.Start()
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (spinner *spinnerState) stopSpinner() {
|
|
|
|
if spinner.enabled && spinner.spinner.Active() {
|
|
|
|
spinner.spinner.Stop()
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-06-16 20:52:40 -05:00
|
|
|
type set struct {
|
|
|
|
m map[string]struct{}
|
|
|
|
}
|
|
|
|
|
|
|
|
func getEmptyStruct() struct{} {
|
|
|
|
return struct{}{}
|
|
|
|
}
|
|
|
|
|
|
|
|
func newSet(initialValues ...string) *set {
|
2021-12-13 14:23:31 -05:00
|
|
|
ret := &set{}
|
|
|
|
ret.m = make(map[string]struct{})
|
2020-06-16 20:52:40 -05:00
|
|
|
|
|
|
|
for _, val := range initialValues {
|
2021-12-13 14:23:31 -05:00
|
|
|
ret.m[val] = getEmptyStruct()
|
2020-06-16 20:52:40 -05:00
|
|
|
}
|
|
|
|
|
2021-12-13 14:23:31 -05:00
|
|
|
return ret
|
2020-06-16 20:52:40 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
func (s *set) contains(value string) bool {
|
|
|
|
_, c := s.m[value]
|
2021-12-13 14:23:31 -05:00
|
|
|
|
2020-06-16 20:52:40 -05:00
|
|
|
return c
|
|
|
|
}
|
|
|
|
|
|
|
|
var (
|
|
|
|
ErrCannotSearch = errors.New("cannot search with these parameters")
|
|
|
|
ErrInvalidOutputFormat = errors.New("invalid output format")
|
|
|
|
)
|
|
|
|
|
2020-07-06 17:44:32 -05:00
|
|
|
type stringResult struct {
|
2020-06-16 20:52:40 -05:00
|
|
|
StrValue string
|
|
|
|
Err error
|
|
|
|
}
|
|
|
|
|
2021-05-28 11:27:17 -05:00
|
|
|
type printHeader func(writer io.Writer, verbose bool)
|
2020-07-06 17:44:32 -05:00
|
|
|
|
2021-05-28 11:27:17 -05:00
|
|
|
func printImageTableHeader(writer io.Writer, verbose bool) {
|
2020-07-06 17:44:32 -05:00
|
|
|
table := getImageTableWriter(writer)
|
2021-05-28 11:27:17 -05:00
|
|
|
|
|
|
|
table.SetColMinWidth(colImageNameIndex, imageNameWidth)
|
|
|
|
table.SetColMinWidth(colTagIndex, tagWidth)
|
|
|
|
table.SetColMinWidth(colDigestIndex, digestWidth)
|
|
|
|
table.SetColMinWidth(colSizeIndex, sizeWidth)
|
|
|
|
|
|
|
|
if verbose {
|
|
|
|
table.SetColMinWidth(colConfigIndex, configWidth)
|
|
|
|
table.SetColMinWidth(colLayersIndex, layersWidth)
|
|
|
|
}
|
|
|
|
|
2021-12-13 14:23:31 -05:00
|
|
|
row := make([]string, 6) //nolint:gomnd
|
2020-07-06 17:44:32 -05:00
|
|
|
|
|
|
|
row[colImageNameIndex] = "IMAGE NAME"
|
|
|
|
row[colTagIndex] = "TAG"
|
|
|
|
row[colDigestIndex] = "DIGEST"
|
|
|
|
row[colSizeIndex] = "SIZE"
|
|
|
|
|
2021-05-28 11:27:17 -05:00
|
|
|
if verbose {
|
|
|
|
row[colConfigIndex] = "CONFIG"
|
|
|
|
row[colLayersIndex] = "LAYERS"
|
|
|
|
}
|
|
|
|
|
2020-07-06 17:44:32 -05:00
|
|
|
table.Append(row)
|
|
|
|
table.Render()
|
|
|
|
}
|
|
|
|
|
2021-05-28 11:27:17 -05:00
|
|
|
func printCVETableHeader(writer io.Writer, verbose bool) {
|
2020-07-06 17:44:32 -05:00
|
|
|
table := getCVETableWriter(writer)
|
2021-12-13 14:23:31 -05:00
|
|
|
row := make([]string, 3) //nolint:gomnd
|
2020-07-06 17:44:32 -05:00
|
|
|
row[colCVEIDIndex] = "ID"
|
|
|
|
row[colCVESeverityIndex] = "SEVERITY"
|
|
|
|
row[colCVETitleIndex] = "TITLE"
|
|
|
|
|
2020-06-16 20:52:40 -05:00
|
|
|
table.Append(row)
|
|
|
|
table.Render()
|
|
|
|
}
|
|
|
|
|
|
|
|
const (
|
2020-07-06 17:44:32 -05:00
|
|
|
waitTimeout = httpTimeout + 5*time.Second
|
|
|
|
)
|
|
|
|
|
|
|
|
var (
|
|
|
|
errInvalidImageNameAndTag = errors.New("cli: Invalid input format. Expected IMAGENAME:TAG")
|
|
|
|
errInvalidImageName = errors.New("cli: Invalid input format. Expected IMAGENAME without :TAG")
|
2020-06-16 20:52:40 -05:00
|
|
|
)
|