2022-10-10 07:05:55 -05:00
|
|
|
//go:build search
|
|
|
|
// +build search
|
2020-10-14 16:47:20 -05:00
|
|
|
|
2020-06-16 20:52:40 -05:00
|
|
|
package cli
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
|
|
|
"errors"
|
|
|
|
"fmt"
|
|
|
|
"io"
|
|
|
|
"strings"
|
|
|
|
"sync"
|
|
|
|
"time"
|
|
|
|
|
|
|
|
"github.com/briandowns/spinner"
|
2022-10-20 11:39:20 -05:00
|
|
|
|
2021-12-03 22:50:58 -05:00
|
|
|
zotErrors "zotregistry.io/zot/errors"
|
2020-06-16 20:52:40 -05:00
|
|
|
)
|
|
|
|
|
2020-07-06 17:44:32 -05:00
|
|
|
func getImageSearchers() []searcher {
|
2020-06-16 20:52:40 -05:00
|
|
|
searchers := []searcher{
|
|
|
|
new(allImagesSearcher),
|
|
|
|
new(imageByNameSearcher),
|
2021-05-26 12:22:31 -05:00
|
|
|
new(imagesByDigestSearcher),
|
2020-06-16 20:52:40 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
return searchers
|
|
|
|
}
|
|
|
|
|
2020-07-06 17:44:32 -05:00
|
|
|
func getCveSearchers() []searcher {
|
|
|
|
searchers := []searcher{
|
|
|
|
new(cveByImageSearcher),
|
|
|
|
new(imagesByCVEIDSearcher),
|
|
|
|
new(tagsByImageNameAndCVEIDSearcher),
|
|
|
|
new(fixedTagsSearcher),
|
|
|
|
}
|
|
|
|
|
|
|
|
return searchers
|
|
|
|
}
|
|
|
|
|
2022-01-19 10:57:10 -05:00
|
|
|
func getImageSearchersGQL() []searcher {
|
|
|
|
searchers := []searcher{
|
|
|
|
new(allImagesSearcherGQL),
|
|
|
|
new(imageByNameSearcherGQL),
|
|
|
|
new(imagesByDigestSearcherGQL),
|
2022-09-23 11:23:31 -05:00
|
|
|
new(derivedImageListSearcherGQL),
|
2022-09-22 14:08:58 -05:00
|
|
|
new(baseImageListSearcherGQL),
|
2022-01-19 10:57:10 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
return searchers
|
|
|
|
}
|
|
|
|
|
|
|
|
func getCveSearchersGQL() []searcher {
|
|
|
|
searchers := []searcher{
|
|
|
|
new(cveByImageSearcherGQL),
|
|
|
|
new(imagesByCVEIDSearcherGQL),
|
|
|
|
new(tagsByImageNameAndCVEIDSearcherGQL),
|
|
|
|
new(fixedTagsSearcherGQL),
|
|
|
|
}
|
|
|
|
|
|
|
|
return searchers
|
|
|
|
}
|
|
|
|
|
2020-06-16 20:52:40 -05:00
|
|
|
type searcher interface {
|
2020-07-17 14:42:22 -05:00
|
|
|
search(searchConfig searchConfig) (bool, error)
|
2020-06-16 20:52:40 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
func canSearch(params map[string]*string, requiredParams *set) bool {
|
|
|
|
for key, value := range params {
|
|
|
|
if requiredParams.contains(key) && *value == "" {
|
|
|
|
return false
|
|
|
|
} else if !requiredParams.contains(key) && *value != "" {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
|
2020-07-17 14:42:22 -05:00
|
|
|
type searchConfig struct {
|
|
|
|
params map[string]*string
|
2020-07-06 17:44:32 -05:00
|
|
|
searchService SearchService
|
2020-07-17 14:42:22 -05:00
|
|
|
servURL *string
|
|
|
|
user *string
|
|
|
|
outputFormat *string
|
|
|
|
verifyTLS *bool
|
2020-07-06 17:44:32 -05:00
|
|
|
fixedFlag *bool
|
2021-05-28 11:27:17 -05:00
|
|
|
verbose *bool
|
2022-09-23 11:24:01 -05:00
|
|
|
debug *bool
|
2020-07-17 14:42:22 -05:00
|
|
|
resultWriter io.Writer
|
|
|
|
spinner spinnerState
|
|
|
|
}
|
|
|
|
|
2020-06-16 20:52:40 -05:00
|
|
|
type allImagesSearcher struct{}
|
|
|
|
|
2020-07-17 14:42:22 -05:00
|
|
|
func (search allImagesSearcher) search(config searchConfig) (bool, error) {
|
|
|
|
if !canSearch(config.params, newSet("")) {
|
2020-06-16 20:52:40 -05:00
|
|
|
return false, nil
|
|
|
|
}
|
|
|
|
|
2020-07-17 14:42:22 -05:00
|
|
|
username, password := getUsernameAndPassword(*config.user)
|
2020-07-06 17:44:32 -05:00
|
|
|
imageErr := make(chan stringResult)
|
2020-06-16 20:52:40 -05:00
|
|
|
ctx, cancel := context.WithCancel(context.Background())
|
|
|
|
|
|
|
|
var wg sync.WaitGroup
|
|
|
|
|
|
|
|
wg.Add(1)
|
|
|
|
|
2020-07-17 14:42:22 -05:00
|
|
|
go config.searchService.getAllImages(ctx, config, username, password, imageErr, &wg)
|
2020-06-16 20:52:40 -05:00
|
|
|
wg.Add(1)
|
|
|
|
|
2021-12-13 14:23:31 -05:00
|
|
|
errCh := make(chan error, 1)
|
2020-06-16 20:52:40 -05:00
|
|
|
|
2020-07-06 17:44:32 -05:00
|
|
|
go collectResults(config, &wg, imageErr, cancel, printImageTableHeader, errCh)
|
2020-06-16 20:52:40 -05:00
|
|
|
wg.Wait()
|
|
|
|
select {
|
|
|
|
case err := <-errCh:
|
|
|
|
return true, err
|
|
|
|
default:
|
|
|
|
return true, nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-01-19 10:57:10 -05:00
|
|
|
type allImagesSearcherGQL struct{}
|
|
|
|
|
|
|
|
func (search allImagesSearcherGQL) search(config searchConfig) (bool, error) {
|
|
|
|
if !canSearch(config.params, newSet("")) {
|
|
|
|
return false, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
err := getImages(config)
|
|
|
|
|
|
|
|
return true, err
|
|
|
|
}
|
|
|
|
|
2020-06-16 20:52:40 -05:00
|
|
|
type imageByNameSearcher struct{}
|
|
|
|
|
2020-07-17 14:42:22 -05:00
|
|
|
func (search imageByNameSearcher) search(config searchConfig) (bool, error) {
|
|
|
|
if !canSearch(config.params, newSet("imageName")) {
|
2020-06-16 20:52:40 -05:00
|
|
|
return false, nil
|
|
|
|
}
|
|
|
|
|
2020-07-17 14:42:22 -05:00
|
|
|
username, password := getUsernameAndPassword(*config.user)
|
2020-07-06 17:44:32 -05:00
|
|
|
imageErr := make(chan stringResult)
|
|
|
|
ctx, cancel := context.WithCancel(context.Background())
|
|
|
|
|
|
|
|
var wg sync.WaitGroup
|
|
|
|
|
|
|
|
wg.Add(1)
|
|
|
|
|
|
|
|
go config.searchService.getImageByName(ctx, config, username, password,
|
|
|
|
*config.params["imageName"], imageErr, &wg)
|
|
|
|
wg.Add(1)
|
|
|
|
|
2021-12-13 14:23:31 -05:00
|
|
|
errCh := make(chan error, 1)
|
2020-07-06 17:44:32 -05:00
|
|
|
go collectResults(config, &wg, imageErr, cancel, printImageTableHeader, errCh)
|
|
|
|
|
|
|
|
wg.Wait()
|
|
|
|
|
|
|
|
select {
|
|
|
|
case err := <-errCh:
|
|
|
|
return true, err
|
|
|
|
default:
|
|
|
|
return true, nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-01-19 10:57:10 -05:00
|
|
|
type imageByNameSearcherGQL struct{}
|
|
|
|
|
|
|
|
func (search imageByNameSearcherGQL) search(config searchConfig) (bool, error) {
|
|
|
|
if !canSearch(config.params, newSet("imageName")) {
|
|
|
|
return false, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
err := getImages(config)
|
|
|
|
|
|
|
|
return true, err
|
|
|
|
}
|
|
|
|
|
|
|
|
func getImages(config searchConfig) error {
|
|
|
|
username, password := getUsernameAndPassword(*config.user)
|
|
|
|
ctx, cancel := context.WithCancel(context.Background())
|
|
|
|
|
|
|
|
defer cancel()
|
|
|
|
|
|
|
|
imageList, err := config.searchService.getImagesGQL(ctx, config, username, password, *config.params["imageName"])
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2023-02-15 14:34:07 -05:00
|
|
|
return printResult(config, imageList.Data.Results)
|
2022-01-19 10:57:10 -05:00
|
|
|
}
|
|
|
|
|
2021-05-26 12:22:31 -05:00
|
|
|
type imagesByDigestSearcher struct{}
|
|
|
|
|
|
|
|
func (search imagesByDigestSearcher) search(config searchConfig) (bool, error) {
|
|
|
|
if !canSearch(config.params, newSet("digest")) {
|
|
|
|
return false, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
username, password := getUsernameAndPassword(*config.user)
|
|
|
|
imageErr := make(chan stringResult)
|
|
|
|
ctx, cancel := context.WithCancel(context.Background())
|
|
|
|
|
|
|
|
var wg sync.WaitGroup
|
|
|
|
|
|
|
|
wg.Add(1)
|
|
|
|
|
|
|
|
go config.searchService.getImagesByDigest(ctx, config, username, password,
|
|
|
|
*config.params["digest"], imageErr, &wg)
|
|
|
|
wg.Add(1)
|
|
|
|
|
2021-12-13 14:23:31 -05:00
|
|
|
errCh := make(chan error, 1)
|
2021-05-26 12:22:31 -05:00
|
|
|
go collectResults(config, &wg, imageErr, cancel, printImageTableHeader, errCh)
|
|
|
|
|
|
|
|
wg.Wait()
|
|
|
|
|
|
|
|
select {
|
|
|
|
case err := <-errCh:
|
|
|
|
return true, err
|
|
|
|
default:
|
|
|
|
return true, nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-09-23 11:23:31 -05:00
|
|
|
type derivedImageListSearcherGQL struct{}
|
|
|
|
|
|
|
|
func (search derivedImageListSearcherGQL) search(config searchConfig) (bool, error) {
|
|
|
|
if !canSearch(config.params, newSet("derivedImage")) {
|
|
|
|
return false, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
username, password := getUsernameAndPassword(*config.user)
|
|
|
|
ctx, cancel := context.WithCancel(context.Background())
|
|
|
|
|
|
|
|
defer cancel()
|
|
|
|
|
|
|
|
imageList, err := config.searchService.getDerivedImageListGQL(ctx, config, username,
|
|
|
|
password, *config.params["derivedImage"])
|
|
|
|
if err != nil {
|
|
|
|
return true, err
|
|
|
|
}
|
|
|
|
|
2023-02-15 14:34:07 -05:00
|
|
|
if err := printResult(config, imageList.Data.Results); err != nil {
|
2022-09-23 11:23:31 -05:00
|
|
|
return true, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return true, nil
|
|
|
|
}
|
|
|
|
|
2022-09-22 14:08:58 -05:00
|
|
|
type baseImageListSearcherGQL struct{}
|
|
|
|
|
|
|
|
func (search baseImageListSearcherGQL) search(config searchConfig) (bool, error) {
|
|
|
|
if !canSearch(config.params, newSet("baseImage")) {
|
|
|
|
return false, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
username, password := getUsernameAndPassword(*config.user)
|
|
|
|
ctx, cancel := context.WithCancel(context.Background())
|
|
|
|
|
|
|
|
defer cancel()
|
|
|
|
|
|
|
|
imageList, err := config.searchService.getBaseImageListGQL(ctx, config, username,
|
|
|
|
password, *config.params["baseImage"])
|
|
|
|
if err != nil {
|
|
|
|
return true, err
|
|
|
|
}
|
|
|
|
|
2023-02-15 14:34:07 -05:00
|
|
|
if err := printResult(config, imageList.Data.Results); err != nil {
|
2022-09-22 14:08:58 -05:00
|
|
|
return true, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return true, nil
|
|
|
|
}
|
|
|
|
|
2022-01-19 10:57:10 -05:00
|
|
|
type imagesByDigestSearcherGQL struct{}
|
|
|
|
|
|
|
|
func (search imagesByDigestSearcherGQL) search(config searchConfig) (bool, error) {
|
|
|
|
if !canSearch(config.params, newSet("digest")) {
|
|
|
|
return false, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// var builder strings.Builder
|
|
|
|
|
|
|
|
username, password := getUsernameAndPassword(*config.user)
|
|
|
|
ctx, cancel := context.WithCancel(context.Background())
|
|
|
|
|
|
|
|
defer cancel()
|
|
|
|
|
|
|
|
imageList, err := config.searchService.getImagesByDigestGQL(ctx, config, username, password, *config.params["digest"])
|
|
|
|
if err != nil {
|
|
|
|
return true, err
|
|
|
|
}
|
|
|
|
|
2023-02-15 14:34:07 -05:00
|
|
|
if err := printResult(config, imageList.Data.Results); err != nil {
|
2022-01-19 10:57:10 -05:00
|
|
|
return true, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return true, nil
|
|
|
|
}
|
|
|
|
|
2020-07-06 17:44:32 -05:00
|
|
|
type cveByImageSearcher struct{}
|
|
|
|
|
|
|
|
func (search cveByImageSearcher) search(config searchConfig) (bool, error) {
|
|
|
|
if !canSearch(config.params, newSet("imageName")) || *config.fixedFlag {
|
|
|
|
return false, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
if !validateImageNameTag(*config.params["imageName"]) {
|
|
|
|
return true, errInvalidImageNameAndTag
|
|
|
|
}
|
|
|
|
|
|
|
|
username, password := getUsernameAndPassword(*config.user)
|
|
|
|
strErr := make(chan stringResult)
|
|
|
|
ctx, cancel := context.WithCancel(context.Background())
|
|
|
|
|
|
|
|
var wg sync.WaitGroup
|
|
|
|
|
|
|
|
wg.Add(1)
|
|
|
|
|
|
|
|
go config.searchService.getCveByImage(ctx, config, username, password, *config.params["imageName"], strErr, &wg)
|
|
|
|
wg.Add(1)
|
|
|
|
|
2021-12-13 14:23:31 -05:00
|
|
|
errCh := make(chan error, 1)
|
2020-07-06 17:44:32 -05:00
|
|
|
go collectResults(config, &wg, strErr, cancel, printCVETableHeader, errCh)
|
|
|
|
|
|
|
|
wg.Wait()
|
|
|
|
|
|
|
|
select {
|
|
|
|
case err := <-errCh:
|
|
|
|
return true, err
|
|
|
|
default:
|
|
|
|
return true, nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-01-19 10:57:10 -05:00
|
|
|
type cveByImageSearcherGQL struct{}
|
|
|
|
|
|
|
|
func (search cveByImageSearcherGQL) search(config searchConfig) (bool, error) {
|
|
|
|
if !canSearch(config.params, newSet("imageName")) || *config.fixedFlag {
|
|
|
|
return false, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
if !validateImageNameTag(*config.params["imageName"]) {
|
|
|
|
return true, errInvalidImageNameAndTag
|
|
|
|
}
|
|
|
|
|
|
|
|
var builder strings.Builder
|
|
|
|
|
|
|
|
username, password := getUsernameAndPassword(*config.user)
|
|
|
|
ctx, cancel := context.WithCancel(context.Background())
|
|
|
|
|
|
|
|
defer cancel()
|
|
|
|
|
|
|
|
cveList, err := config.searchService.getCveByImageGQL(ctx, config, username, password, *config.params["imageName"])
|
|
|
|
if err != nil {
|
|
|
|
return true, err
|
|
|
|
}
|
|
|
|
|
|
|
|
if len(cveList.Data.CVEListForImage.CVEList) > 0 &&
|
|
|
|
(*config.outputFormat == defaultOutoutFormat || *config.outputFormat == "") {
|
2022-10-11 10:56:03 -05:00
|
|
|
printCVETableHeader(&builder, *config.verbose, 0, 0)
|
2022-01-19 10:57:10 -05:00
|
|
|
fmt.Fprint(config.resultWriter, builder.String())
|
|
|
|
}
|
|
|
|
|
2023-01-11 18:02:29 -05:00
|
|
|
if len(cveList.Data.CVEListForImage.CVEList) == 0 {
|
|
|
|
fmt.Fprint(config.resultWriter, "No CVEs found for image\n")
|
|
|
|
|
|
|
|
return true, nil
|
|
|
|
}
|
|
|
|
|
2022-01-19 10:57:10 -05:00
|
|
|
out, err := cveList.string(*config.outputFormat)
|
|
|
|
if err != nil {
|
|
|
|
return true, err
|
|
|
|
}
|
|
|
|
|
|
|
|
fmt.Fprint(config.resultWriter, out)
|
|
|
|
|
|
|
|
return true, nil
|
|
|
|
}
|
|
|
|
|
2020-07-06 17:44:32 -05:00
|
|
|
type imagesByCVEIDSearcher struct{}
|
|
|
|
|
|
|
|
func (search imagesByCVEIDSearcher) search(config searchConfig) (bool, error) {
|
2022-01-19 10:57:10 -05:00
|
|
|
if !canSearch(config.params, newSet("cveID")) || *config.fixedFlag {
|
2020-07-06 17:44:32 -05:00
|
|
|
return false, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
username, password := getUsernameAndPassword(*config.user)
|
|
|
|
strErr := make(chan stringResult)
|
2020-06-16 20:52:40 -05:00
|
|
|
ctx, cancel := context.WithCancel(context.Background())
|
|
|
|
|
|
|
|
var wg sync.WaitGroup
|
|
|
|
|
|
|
|
wg.Add(1)
|
|
|
|
|
2022-01-19 10:57:10 -05:00
|
|
|
go config.searchService.getImagesByCveID(ctx, config, username, password, *config.params["cveID"], strErr, &wg)
|
2020-06-16 20:52:40 -05:00
|
|
|
wg.Add(1)
|
|
|
|
|
2021-12-13 14:23:31 -05:00
|
|
|
errCh := make(chan error, 1)
|
2020-07-06 17:44:32 -05:00
|
|
|
go collectResults(config, &wg, strErr, cancel, printImageTableHeader, errCh)
|
2020-06-16 20:52:40 -05:00
|
|
|
|
|
|
|
wg.Wait()
|
|
|
|
|
|
|
|
select {
|
|
|
|
case err := <-errCh:
|
|
|
|
return true, err
|
|
|
|
default:
|
|
|
|
return true, nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-01-19 10:57:10 -05:00
|
|
|
type imagesByCVEIDSearcherGQL struct{}
|
|
|
|
|
|
|
|
func (search imagesByCVEIDSearcherGQL) search(config searchConfig) (bool, error) {
|
|
|
|
if !canSearch(config.params, newSet("cveID")) || *config.fixedFlag {
|
|
|
|
return false, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
username, password := getUsernameAndPassword(*config.user)
|
|
|
|
ctx, cancel := context.WithCancel(context.Background())
|
|
|
|
|
|
|
|
defer cancel()
|
|
|
|
|
|
|
|
imageList, err := config.searchService.getImagesByCveIDGQL(ctx, config, username, password, *config.params["cveID"])
|
|
|
|
if err != nil {
|
|
|
|
return true, err
|
|
|
|
}
|
|
|
|
|
2023-02-15 14:34:07 -05:00
|
|
|
if err := printResult(config, imageList.Data.Results); err != nil {
|
2022-01-19 10:57:10 -05:00
|
|
|
return true, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return true, nil
|
|
|
|
}
|
|
|
|
|
2020-07-06 17:44:32 -05:00
|
|
|
type tagsByImageNameAndCVEIDSearcher struct{}
|
|
|
|
|
|
|
|
func (search tagsByImageNameAndCVEIDSearcher) search(config searchConfig) (bool, error) {
|
2022-01-19 10:57:10 -05:00
|
|
|
if !canSearch(config.params, newSet("cveID", "imageName")) || *config.fixedFlag {
|
2020-07-06 17:44:32 -05:00
|
|
|
return false, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
if strings.Contains(*config.params["imageName"], ":") {
|
|
|
|
return true, errInvalidImageName
|
|
|
|
}
|
|
|
|
|
|
|
|
username, password := getUsernameAndPassword(*config.user)
|
|
|
|
strErr := make(chan stringResult)
|
|
|
|
ctx, cancel := context.WithCancel(context.Background())
|
|
|
|
|
|
|
|
var wg sync.WaitGroup
|
|
|
|
|
|
|
|
wg.Add(1)
|
|
|
|
|
|
|
|
go config.searchService.getImageByNameAndCVEID(ctx, config, username, password, *config.params["imageName"],
|
2022-01-19 10:57:10 -05:00
|
|
|
*config.params["cveID"], strErr, &wg)
|
2020-07-06 17:44:32 -05:00
|
|
|
wg.Add(1)
|
|
|
|
|
2021-12-13 14:23:31 -05:00
|
|
|
errCh := make(chan error, 1)
|
2020-07-06 17:44:32 -05:00
|
|
|
go collectResults(config, &wg, strErr, cancel, printImageTableHeader, errCh)
|
|
|
|
|
|
|
|
wg.Wait()
|
|
|
|
|
|
|
|
select {
|
|
|
|
case err := <-errCh:
|
|
|
|
return true, err
|
|
|
|
default:
|
|
|
|
return true, nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-01-19 10:57:10 -05:00
|
|
|
type tagsByImageNameAndCVEIDSearcherGQL struct{}
|
|
|
|
|
|
|
|
func (search tagsByImageNameAndCVEIDSearcherGQL) search(config searchConfig) (bool, error) {
|
|
|
|
if !canSearch(config.params, newSet("cveID", "imageName")) || *config.fixedFlag {
|
|
|
|
return false, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
if strings.Contains(*config.params["imageName"], ":") {
|
|
|
|
return true, errInvalidImageName
|
|
|
|
}
|
|
|
|
|
|
|
|
err := getTagsByCVE(config)
|
|
|
|
|
|
|
|
return true, err
|
|
|
|
}
|
|
|
|
|
|
|
|
type fixedTagsSearcherGQL struct{}
|
|
|
|
|
|
|
|
func (search fixedTagsSearcherGQL) search(config searchConfig) (bool, error) {
|
|
|
|
if !canSearch(config.params, newSet("cveID", "imageName")) || !*config.fixedFlag {
|
|
|
|
return false, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
err := getTagsByCVE(config)
|
|
|
|
|
|
|
|
return true, err
|
|
|
|
}
|
|
|
|
|
2020-07-06 17:44:32 -05:00
|
|
|
type fixedTagsSearcher struct{}
|
|
|
|
|
|
|
|
func (search fixedTagsSearcher) search(config searchConfig) (bool, error) {
|
2022-01-19 10:57:10 -05:00
|
|
|
if !canSearch(config.params, newSet("cveID", "imageName")) || !*config.fixedFlag {
|
2020-07-06 17:44:32 -05:00
|
|
|
return false, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
if strings.Contains(*config.params["imageName"], ":") {
|
|
|
|
return true, errInvalidImageName
|
|
|
|
}
|
|
|
|
|
|
|
|
username, password := getUsernameAndPassword(*config.user)
|
|
|
|
strErr := make(chan stringResult)
|
|
|
|
ctx, cancel := context.WithCancel(context.Background())
|
|
|
|
|
|
|
|
var wg sync.WaitGroup
|
|
|
|
|
|
|
|
wg.Add(1)
|
|
|
|
|
|
|
|
go config.searchService.getFixedTagsForCVE(ctx, config, username, password, *config.params["imageName"],
|
2022-01-19 10:57:10 -05:00
|
|
|
*config.params["cveID"], strErr, &wg)
|
2020-07-06 17:44:32 -05:00
|
|
|
wg.Add(1)
|
|
|
|
|
2021-12-13 14:23:31 -05:00
|
|
|
errCh := make(chan error, 1)
|
2020-07-06 17:44:32 -05:00
|
|
|
go collectResults(config, &wg, strErr, cancel, printImageTableHeader, errCh)
|
|
|
|
|
|
|
|
wg.Wait()
|
|
|
|
|
|
|
|
select {
|
|
|
|
case err := <-errCh:
|
|
|
|
return true, err
|
|
|
|
default:
|
|
|
|
return true, nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-01-19 10:57:10 -05:00
|
|
|
func getTagsByCVE(config searchConfig) error {
|
|
|
|
if strings.Contains(*config.params["imageName"], ":") {
|
|
|
|
return errInvalidImageName
|
|
|
|
}
|
|
|
|
|
|
|
|
username, password := getUsernameAndPassword(*config.user)
|
|
|
|
ctx, cancel := context.WithCancel(context.Background())
|
|
|
|
|
|
|
|
defer cancel()
|
|
|
|
|
|
|
|
var imageList []imageStruct
|
|
|
|
|
|
|
|
if *config.fixedFlag {
|
|
|
|
fixedTags, err := config.searchService.getFixedTagsForCVEGQL(ctx, config, username, password,
|
|
|
|
*config.params["imageName"], *config.params["cveID"])
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2023-02-15 14:34:07 -05:00
|
|
|
imageList = fixedTags.Data.Results
|
2022-01-19 10:57:10 -05:00
|
|
|
} else {
|
|
|
|
tags, err := config.searchService.getTagsForCVEGQL(ctx, config, username, password,
|
|
|
|
*config.params["imageName"], *config.params["cveID"])
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2023-02-15 14:34:07 -05:00
|
|
|
imageList = tags.Data.Results
|
2022-01-19 10:57:10 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
return printResult(config, imageList)
|
|
|
|
}
|
|
|
|
|
2020-07-06 17:44:32 -05:00
|
|
|
func collectResults(config searchConfig, wg *sync.WaitGroup, imageErr chan stringResult,
|
2022-03-21 12:37:23 -05:00
|
|
|
cancel context.CancelFunc, printHeader printHeader, errCh chan error,
|
|
|
|
) {
|
2020-06-16 20:52:40 -05:00
|
|
|
var foundResult bool
|
|
|
|
|
|
|
|
defer wg.Done()
|
2020-07-17 14:42:22 -05:00
|
|
|
config.spinner.startSpinner()
|
2020-06-16 20:52:40 -05:00
|
|
|
|
|
|
|
for {
|
|
|
|
select {
|
2020-07-17 14:42:22 -05:00
|
|
|
case result, ok := <-imageErr:
|
|
|
|
config.spinner.stopSpinner()
|
|
|
|
|
|
|
|
if !ok {
|
|
|
|
cancel()
|
2021-12-13 14:23:31 -05:00
|
|
|
|
2020-07-17 14:42:22 -05:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2020-06-16 20:52:40 -05:00
|
|
|
if result.Err != nil {
|
|
|
|
cancel()
|
|
|
|
errCh <- result.Err
|
|
|
|
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2020-07-06 17:44:32 -05:00
|
|
|
if !foundResult && (*config.outputFormat == defaultOutoutFormat || *config.outputFormat == "") {
|
2020-06-16 20:52:40 -05:00
|
|
|
var builder strings.Builder
|
|
|
|
|
2022-10-11 10:56:03 -05:00
|
|
|
printHeader(&builder, *config.verbose, 0, 0)
|
2020-07-17 14:42:22 -05:00
|
|
|
fmt.Fprint(config.resultWriter, builder.String())
|
2020-06-16 20:52:40 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
foundResult = true
|
|
|
|
|
2020-07-17 14:42:22 -05:00
|
|
|
fmt.Fprint(config.resultWriter, result.StrValue)
|
2020-06-16 20:52:40 -05:00
|
|
|
case <-time.After(waitTimeout):
|
2020-07-17 14:42:22 -05:00
|
|
|
config.spinner.stopSpinner()
|
2020-07-06 17:44:32 -05:00
|
|
|
cancel()
|
|
|
|
|
|
|
|
errCh <- zotErrors.ErrCLITimeout
|
2020-07-17 14:42:22 -05:00
|
|
|
|
2020-06-16 20:52:40 -05:00
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func getUsernameAndPassword(user string) (string, string) {
|
|
|
|
if strings.Contains(user, ":") {
|
|
|
|
split := strings.Split(user, ":")
|
2021-12-13 14:23:31 -05:00
|
|
|
|
2020-06-16 20:52:40 -05:00
|
|
|
return split[0], split[1]
|
|
|
|
}
|
|
|
|
|
|
|
|
return "", ""
|
|
|
|
}
|
|
|
|
|
2020-07-06 17:44:32 -05:00
|
|
|
func validateImageNameTag(input string) bool {
|
|
|
|
if !strings.Contains(input, ":") {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
|
|
|
split := strings.Split(input, ":")
|
|
|
|
name := strings.TrimSpace(split[0])
|
|
|
|
tag := strings.TrimSpace(split[1])
|
|
|
|
|
|
|
|
if name == "" || tag == "" {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
|
2020-10-14 16:47:20 -05:00
|
|
|
type spinnerState struct {
|
|
|
|
spinner *spinner.Spinner
|
|
|
|
enabled bool
|
|
|
|
}
|
|
|
|
|
|
|
|
func (spinner *spinnerState) startSpinner() {
|
|
|
|
if spinner.enabled {
|
|
|
|
spinner.spinner.Start()
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (spinner *spinnerState) stopSpinner() {
|
|
|
|
if spinner.enabled && spinner.spinner.Active() {
|
|
|
|
spinner.spinner.Stop()
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-06-16 20:52:40 -05:00
|
|
|
type set struct {
|
|
|
|
m map[string]struct{}
|
|
|
|
}
|
|
|
|
|
|
|
|
func getEmptyStruct() struct{} {
|
|
|
|
return struct{}{}
|
|
|
|
}
|
|
|
|
|
|
|
|
func newSet(initialValues ...string) *set {
|
2022-01-19 10:57:10 -05:00
|
|
|
setValues := &set{}
|
|
|
|
setValues.m = make(map[string]struct{})
|
2020-06-16 20:52:40 -05:00
|
|
|
|
|
|
|
for _, val := range initialValues {
|
2022-01-19 10:57:10 -05:00
|
|
|
setValues.m[val] = getEmptyStruct()
|
2020-06-16 20:52:40 -05:00
|
|
|
}
|
|
|
|
|
2022-01-19 10:57:10 -05:00
|
|
|
return setValues
|
2020-06-16 20:52:40 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
func (s *set) contains(value string) bool {
|
|
|
|
_, c := s.m[value]
|
2021-12-13 14:23:31 -05:00
|
|
|
|
2020-06-16 20:52:40 -05:00
|
|
|
return c
|
|
|
|
}
|
|
|
|
|
2022-01-19 10:57:10 -05:00
|
|
|
const (
|
|
|
|
waitTimeout = httpTimeout + 5*time.Second
|
|
|
|
)
|
|
|
|
|
2020-06-16 20:52:40 -05:00
|
|
|
var (
|
|
|
|
ErrCannotSearch = errors.New("cannot search with these parameters")
|
|
|
|
ErrInvalidOutputFormat = errors.New("invalid output format")
|
|
|
|
)
|
|
|
|
|
2020-07-06 17:44:32 -05:00
|
|
|
type stringResult struct {
|
2020-06-16 20:52:40 -05:00
|
|
|
StrValue string
|
|
|
|
Err error
|
|
|
|
}
|
|
|
|
|
2022-10-11 10:56:03 -05:00
|
|
|
type printHeader func(writer io.Writer, verbose bool, maxImageNameLen, maxTagLen int)
|
2020-07-06 17:44:32 -05:00
|
|
|
|
2022-10-11 10:56:03 -05:00
|
|
|
func printImageTableHeader(writer io.Writer, verbose bool, maxImageNameLen, maxTagLen int) {
|
2020-07-06 17:44:32 -05:00
|
|
|
table := getImageTableWriter(writer)
|
2021-05-28 11:27:17 -05:00
|
|
|
|
|
|
|
table.SetColMinWidth(colImageNameIndex, imageNameWidth)
|
|
|
|
table.SetColMinWidth(colTagIndex, tagWidth)
|
|
|
|
table.SetColMinWidth(colDigestIndex, digestWidth)
|
|
|
|
table.SetColMinWidth(colSizeIndex, sizeWidth)
|
2022-10-20 11:35:24 -05:00
|
|
|
table.SetColMinWidth(colIsSignedIndex, isSignedWidth)
|
2021-05-28 11:27:17 -05:00
|
|
|
|
|
|
|
if verbose {
|
|
|
|
table.SetColMinWidth(colConfigIndex, configWidth)
|
|
|
|
table.SetColMinWidth(colLayersIndex, layersWidth)
|
|
|
|
}
|
|
|
|
|
2022-10-20 11:35:24 -05:00
|
|
|
row := make([]string, 7) //nolint:gomnd
|
2020-07-06 17:44:32 -05:00
|
|
|
|
2022-10-11 10:56:03 -05:00
|
|
|
// adding spaces so that image name and tag columns are aligned
|
|
|
|
// in case the name/tag are fully shown and too long
|
|
|
|
var offset string
|
|
|
|
if maxImageNameLen > len("IMAGE NAME") {
|
|
|
|
offset = strings.Repeat(" ", maxImageNameLen-len("IMAGE NAME"))
|
|
|
|
row[colImageNameIndex] = "IMAGE NAME" + offset
|
|
|
|
} else {
|
|
|
|
row[colImageNameIndex] = "IMAGE NAME"
|
|
|
|
}
|
|
|
|
|
|
|
|
if maxTagLen > len("TAG") {
|
|
|
|
offset = strings.Repeat(" ", maxTagLen-len("TAG"))
|
|
|
|
row[colTagIndex] = "TAG" + offset
|
|
|
|
} else {
|
|
|
|
row[colTagIndex] = "TAG"
|
|
|
|
}
|
|
|
|
|
2020-07-06 17:44:32 -05:00
|
|
|
row[colDigestIndex] = "DIGEST"
|
|
|
|
row[colSizeIndex] = "SIZE"
|
2022-10-20 11:35:24 -05:00
|
|
|
row[colIsSignedIndex] = "SIGNED"
|
2020-07-06 17:44:32 -05:00
|
|
|
|
2021-05-28 11:27:17 -05:00
|
|
|
if verbose {
|
|
|
|
row[colConfigIndex] = "CONFIG"
|
|
|
|
row[colLayersIndex] = "LAYERS"
|
|
|
|
}
|
|
|
|
|
2020-07-06 17:44:32 -05:00
|
|
|
table.Append(row)
|
|
|
|
table.Render()
|
|
|
|
}
|
|
|
|
|
2022-10-11 10:56:03 -05:00
|
|
|
func printCVETableHeader(writer io.Writer, verbose bool, maxImgLen, maxTagLen int) {
|
2020-07-06 17:44:32 -05:00
|
|
|
table := getCVETableWriter(writer)
|
2021-12-13 14:23:31 -05:00
|
|
|
row := make([]string, 3) //nolint:gomnd
|
2020-07-06 17:44:32 -05:00
|
|
|
row[colCVEIDIndex] = "ID"
|
|
|
|
row[colCVESeverityIndex] = "SEVERITY"
|
|
|
|
row[colCVETitleIndex] = "TITLE"
|
|
|
|
|
2020-06-16 20:52:40 -05:00
|
|
|
table.Append(row)
|
|
|
|
table.Render()
|
|
|
|
}
|
|
|
|
|
2022-01-19 10:57:10 -05:00
|
|
|
func printResult(config searchConfig, imageList []imageStruct) error {
|
|
|
|
var builder strings.Builder
|
2022-10-11 10:56:03 -05:00
|
|
|
maxImgNameLen := 0
|
|
|
|
maxTagLen := 0
|
2022-01-19 10:57:10 -05:00
|
|
|
|
|
|
|
if len(imageList) > 0 {
|
2022-10-11 10:56:03 -05:00
|
|
|
for i := range imageList {
|
|
|
|
if maxImgNameLen < len(imageList[i].RepoName) {
|
|
|
|
maxImgNameLen = len(imageList[i].RepoName)
|
|
|
|
}
|
|
|
|
|
|
|
|
if maxTagLen < len(imageList[i].Tag) {
|
|
|
|
maxTagLen = len(imageList[i].Tag)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
printImageTableHeader(&builder, *config.verbose, maxImgNameLen, maxTagLen)
|
2022-01-19 10:57:10 -05:00
|
|
|
fmt.Fprint(config.resultWriter, builder.String())
|
|
|
|
}
|
|
|
|
|
|
|
|
for i := range imageList {
|
|
|
|
img := imageList[i]
|
|
|
|
img.verbose = *config.verbose
|
|
|
|
|
2022-10-11 10:56:03 -05:00
|
|
|
out, err := img.string(*config.outputFormat, maxImgNameLen, maxTagLen)
|
2022-01-19 10:57:10 -05:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
fmt.Fprint(config.resultWriter, out)
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
2020-07-06 17:44:32 -05:00
|
|
|
|
|
|
|
var (
|
|
|
|
errInvalidImageNameAndTag = errors.New("cli: Invalid input format. Expected IMAGENAME:TAG")
|
|
|
|
errInvalidImageName = errors.New("cli: Invalid input format. Expected IMAGENAME without :TAG")
|
2020-06-16 20:52:40 -05:00
|
|
|
)
|
2022-06-02 09:14:21 -05:00
|
|
|
|
|
|
|
type repoSearcher struct{}
|
|
|
|
|
|
|
|
func (search repoSearcher) searchRepos(config searchConfig) error {
|
|
|
|
username, password := getUsernameAndPassword(*config.user)
|
|
|
|
repoErr := make(chan stringResult)
|
|
|
|
ctx, cancel := context.WithCancel(context.Background())
|
|
|
|
|
|
|
|
var wg sync.WaitGroup
|
|
|
|
|
|
|
|
wg.Add(1)
|
|
|
|
|
|
|
|
go config.searchService.getRepos(ctx, config, username, password, repoErr, &wg)
|
|
|
|
wg.Add(1)
|
|
|
|
|
|
|
|
errCh := make(chan error, 1)
|
|
|
|
|
|
|
|
go collectResults(config, &wg, repoErr, cancel, printImageTableHeader, errCh)
|
|
|
|
wg.Wait()
|
|
|
|
select {
|
|
|
|
case err := <-errCh:
|
|
|
|
return err
|
|
|
|
default:
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
}
|