feat: pair down changes to not be config based

Signed-off-by: Christopher Phillips <[email protected]>
anchore · Aug 7, 2023 · 1a0df53 · 1a0df53
1 parent b67898a
commit 1a0df53
Show file tree

Hide file tree

Showing 8 changed files with 29 additions and 19 deletions.
diff --git a/internal/config/application.go b/internal/config/application.go
@@ -64,7 +64,7 @@ type Application struct {
 	Source                 sourceCfg          `yaml:"source" json:"source" mapstructure:"source"`
 	Parallelism            int                `yaml:"parallelism" json:"parallelism" mapstructure:"parallelism"`                                           // the number of catalog workers to run in parallel
 	DefaultImagePullSource string             `yaml:"default-image-pull-source" json:"default-image-pull-source" mapstructure:"default-image-pull-source"` // specify default image pull source
-	BasePath               string             `yaml:"base-path" json:"base-path" mapstructure:"base-path"`
+	BasePath               string             `yaml:"base-path" json:"base-path" mapstructure:"base-path"`                                                 // specify base path for all file paths
 }
 
 func (cfg Application) ToCatalogerConfig() cataloger.Config {
@@ -85,7 +85,6 @@ func (cfg Application) ToCatalogerConfig() cataloger.Config {
 		LinuxKernel: kernel.LinuxCatalogerConfig{
 			CatalogModules: cfg.LinuxKernel.CatalogModules,
 		},
-		PackageExclusions: cataloger.DefaultPackageExclusionsConfig(),
 	}
 }
 

diff --git a/syft/lib.go b/syft/lib.go
@@ -76,12 +76,11 @@ func CatalogPackages(src source.Source, cfg cataloger.Config) (*pkg.Collection,
 
 	relationships = append(relationships, newSourceRelationshipsFromCatalog(src, catalog)...)
 
-	// apply any package exclusions to the catalog
+	// apply exclusions to the package catalog
+	// https://github.com/anchore/syft/issues/931
 	for _, r := range relationships {
-		for _, e := range cfg.PackageExclusions.Exclusions {
-			if e.Match(r, catalog) {
-				catalog.Delete(r.To.ID())
-			}
+		if cataloger.Exclude(r, catalog) {
+			catalog.Delete(r.To.ID())
 		}
 	}
 

diff --git a/syft/pkg/cataloger/config.go b/syft/pkg/cataloger/config.go
@@ -12,7 +12,6 @@ type Config struct {
 	Search            SearchConfig
 	Golang            golang.GoCatalogerOpts
 	LinuxKernel       kernel.LinuxCatalogerConfig
-	PackageExclusions PackageExclusionsConfig
 	Catalogers        []string
 	Parallelism       int
 }
@@ -23,7 +22,6 @@ func DefaultConfig() Config {
 		Search:            DefaultSearchConfig(),
 		Parallelism:       1,
 		LinuxKernel:       kernel.DefaultLinuxCatalogerConfig(),
-		PackageExclusions: DefaultPackageExclusionsConfig(),
 	}
 }
 

diff --git a/syft/pkg/cataloger/deb/cataloger.go b/syft/pkg/cataloger/deb/cataloger.go
@@ -7,11 +7,11 @@ import (
 	"github.com/anchore/syft/syft/pkg/cataloger/generic"
 )
 
-const catalogerName = "dpkgdb-cataloger"
+const CatalogerName = "dpkgdb-cataloger"
 
 // NewDpkgdbCataloger returns a new Deb package cataloger capable of parsing DPKG status DB files.
 func NewDpkgdbCataloger() *generic.Cataloger {
-	return generic.NewCataloger(catalogerName).
+	return generic.NewCataloger(CatalogerName).
 		// note: these globs have been intentionally split up in order to improve search performance,
 		// please do NOT combine into: "**/var/lib/dpkg/{status,status.d/*}"
 		WithParserByGlobs(parseDpkgDB, "**/var/lib/dpkg/status", "**/var/lib/dpkg/status.d/*")

diff --git a/syft/pkg/cataloger/nix/cataloger.go b/syft/pkg/cataloger/nix/cataloger.go
@@ -12,7 +12,7 @@ import (
 )
 
 const (
-	catalogerName = "nix-store-cataloger"
+	CatalogerName = "nix-store-cataloger"
 	nixStoreGlob  = "**/nix/store/*"
 )
 
@@ -24,7 +24,7 @@ func NewStoreCataloger() *StoreCataloger {
 }
 
 func (c *StoreCataloger) Name() string {
-	return catalogerName
+	return CatalogerName
 }
 
 func (c *StoreCataloger) Catalog(resolver file.Resolver) ([]pkg.Package, []artifact.Relationship, error) {

diff --git a/syft/pkg/cataloger/nix/cataloger_test.go b/syft/pkg/cataloger/nix/cataloger_test.go
@@ -24,7 +24,7 @@ func TestCataloger_Catalog(t *testing.T) {
 					Version:      "2.34-210",
 					PURL:         "pkg:nix/[email protected]?output=bin&outputhash=h0cnbmfcn93xm5dg2x27ixhag1cwndga",
 					Locations:    file.NewLocationSet(file.NewLocation("nix/store/h0cnbmfcn93xm5dg2x27ixhag1cwndga-glibc-2.34-210-bin")),
-					FoundBy:      catalogerName,
+					FoundBy:      CatalogerName,
 					Type:         pkg.NixPkg,
 					MetadataType: pkg.NixStoreMetadataType,
 					Metadata: pkg.NixStoreMetadata{

diff --git a/syft/pkg/cataloger/nix/package.go b/syft/pkg/cataloger/nix/package.go
@@ -10,7 +10,7 @@ func newNixStorePackage(storePath nixStorePath, locations ...file.Location) pkg.
 	p := pkg.Package{
 		Name:         storePath.name,
 		Version:      storePath.version,
-		FoundBy:      catalogerName,
+		FoundBy:      CatalogerName,
 		Locations:    file.NewLocationSet(locations...),
 		Type:         pkg.NixPkg,
 		PURL:         packageURL(storePath),

diff --git a/syft/pkg/cataloger/package_exclusions_config.go b/syft/pkg/cataloger/package_exclusions_config.go
@@ -8,6 +8,8 @@ import (
 	"github.com/anchore/syft/syft/pkg/cataloger/alpm"
 	"github.com/anchore/syft/syft/pkg/cataloger/apkdb"
 	"github.com/anchore/syft/syft/pkg/cataloger/binary"
+	"github.com/anchore/syft/syft/pkg/cataloger/deb"
+	"github.com/anchore/syft/syft/pkg/cataloger/nix"
 )
 
 type CategoryType string
@@ -21,6 +23,10 @@ var CatalogerTypeIndex = map[CategoryType][]string{
 	"os": {
 		apkdb.CatalogerName,
 		alpm.CatalogerName,
+		deb.CatalogerName,
+		nix.CatalogerName,
+		"rpm-db-cataloger",
+		"rpm-file-cataloger",
 	},
 	"binary": {
 		binary.CatalogerName,
@@ -37,7 +43,13 @@ type PackageExclusion struct {
 	ExclusionType    CategoryType
 }
 
-func (e PackageExclusion) Match(r artifact.Relationship, c *pkg.Collection) bool {
+// Exclude will remove packages from a collection given the following properties are true
+// 1) the relationship between packages is OwnershipByFileOverlap
+// 2) the parent is an "os" package
+// 3) the child is a synthetic package generated by the binary cataloger
+// 4) the package names are identical
+// This exclude was implemented as a way to help resolve: https://github.com/anchore/syft/issues/931
+func Exclude(r artifact.Relationship, c *pkg.Collection) bool {
 	parent := c.Package(r.From.ID())
 	if parent == nil {
 		return false
@@ -47,10 +59,12 @@ func (e PackageExclusion) Match(r artifact.Relationship, c *pkg.Collection) bool
 		return false
 	}
 
-	parentInExclusion := slices.Contains(CatalogerTypeIndex[e.ParentType], parent.FoundBy)
-	childInExclusion := slices.Contains(CatalogerTypeIndex[e.ExclusionType], child.FoundBy)
+	parentInExclusion := slices.Contains(CatalogerTypeIndex["os"], parent.FoundBy)
+	childInExclusion := slices.Contains(CatalogerTypeIndex["binary"], child.FoundBy)
 
-	return e.RelationshipType == r.Type && parentInExclusion && childInExclusion
+	return artifact.OwnershipByFileOverlapRelationship == r.Type &&
+		parentInExclusion &&
+		childInExclusion
 }
 
 func DefaultPackageExclusionsConfig() PackageExclusionsConfig {