92afd86cbb
Values returned now by GetCVESummaryForImage // not scannable / error during scan - max severity "" - cve count 0 - Errors // scannable no issues found - max severity "NONE" - cve count 0 - no Errors // scannable issues found - max severity from Scanner - cve count >0 - no Errors Before this change the max severity in case #1 and #2 was "UNKNOWN" which is also possible value for case #3. To better distinguish them return different max severities. This feature would be consumed by the UI. Signed-off-by: Andrei Aaron <andaaron@cisco.com> |
||
---|---|---|
.. | ||
config | ||
lint | ||
monitoring | ||
scrub | ||
search | ||
sync | ||
_zot.md | ||
extension_metrics.go | ||
extension_metrics_disabled.go | ||
extension_scrub.go | ||
extension_scrub_disabled.go | ||
extension_search.go | ||
extension_search_disabled.go | ||
extension_sync.go | ||
extension_sync_disabled.go | ||
extensions_lint.go | ||
extensions_lint_disabled.go | ||
extensions_test.go | ||
README.md |
Adding new extensions
As new requirements come and build time extensions need to be added, there are a few things that you have to make sure are present before commiting :
- files that should be included in the binary only with a specific extension must contain the following syntax at the beginning of the file :
//go:build sync will be added automatically by the linter, so only the second line is mandatory .
NOTE: the third line in the example should be blank, otherwise the build tag would be just another comment.
//go:build sync
// +build sync
package extensions
...................
-
when adding a new tag, specify the new order in which multiple tags should be used (bottom of this page)
-
for each and every new file that contains functions (functionalities) specific to an extension, one should create a corresponding file that must contain the exact same functions, but no functionalities included. This file must begin with an "anti-tag" (e.g. // +build !sync) which will include this file in binaries that don't include this extension ( in this example, the file won't be used in binaries that include sync extension ). See extension-sync-disabled.go for an example.
-
when a new extension comes out, the developer should also write some blackbox tests, where a binary that contains the new extension should be tested in a real usage scenario. See test/blackbox folder for multiple extensions examples.
-
newly added blackbox tests should have targets in Makefile. You should also add them as Github Workflows, in .github/workflows/ecosystem-tools.yaml
-
with every new extension, you should modify the EXTENSIONS variable in Makefile by adding the new extension. The EXTENSIONS variable represents all extensions and is used in Make targets that require them all (e.g make test).
-
the available extensions that can be used at the moment are: sync, scrub, metrics, search . NOTE: When multiple extensions are used, they should be enlisted in the above presented order.