Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

bug: remove chance for panic; provide default attestation path #1214

Merged
merged 3 commits into from
Sep 19, 2022

Conversation

spiffcs
Copy link
Contributor

@spiffcs spiffcs commented Sep 19, 2022

Summary

Closes #1210

Given a user could provide a typo value for their desired output, the format value in attest had a chance to be nil.
This PR adds a guard against FormatByName returning nil by adding a default format attestation path as syft-json.

Another option is we could error out and inform the user that their format is unrecognized rather than providing a default. I'm open to either approach but chose to try and provide a successful command rather than error case in this instance.

A CLI test has been added to cover this typo case.

Signed-off-by: Christopher Phillips [email protected]

	- on format identification failure provide default path for
	  succesful command execution

Signed-off-by: Christopher Phillips <[email protected]>
@github-actions
Copy link

Benchmark Test Results

Benchmark results from the latest changes vs base branch
name                                                       old time/op    new time/op    delta
ImagePackageCatalogers/alpmdb-cataloger-2                    11.3ms ± 1%    13.1ms ± 3%  +15.62%  (p=0.008 n=5+5)
ImagePackageCatalogers/ruby-gemspec-cataloger-2              1.32ms ± 8%    1.63ms ±10%  +23.63%  (p=0.008 n=5+5)
ImagePackageCatalogers/python-package-cataloger-2            3.20ms ± 0%    3.77ms ± 2%  +17.83%  (p=0.008 n=5+5)
ImagePackageCatalogers/php-composer-installed-cataloger-2    1.02ms ± 0%    1.26ms ± 3%  +23.37%  (p=0.008 n=5+5)
ImagePackageCatalogers/javascript-package-cataloger-2         712µs ± 0%     918µs ± 2%  +28.87%  (p=0.008 n=5+5)
ImagePackageCatalogers/dpkgdb-cataloger-2                     833µs ± 1%    1069µs ± 2%  +28.35%  (p=0.008 n=5+5)
ImagePackageCatalogers/rpm-db-cataloger-2                    1.20ms ± 1%    1.61ms ±13%  +34.56%  (p=0.008 n=5+5)
ImagePackageCatalogers/java-cataloger-2                      14.0ms ± 2%    16.8ms ± 1%  +19.65%  (p=0.008 n=5+5)
ImagePackageCatalogers/apkdb-cataloger-2                     1.19ms ± 1%    1.47ms ± 3%  +23.62%  (p=0.008 n=5+5)
ImagePackageCatalogers/go-module-binary-cataloger-2          2.13µs ± 1%    2.54µs ± 2%  +19.49%  (p=0.008 n=5+5)
ImagePackageCatalogers/dotnet-deps-cataloger-2               1.31ms ± 0%    1.63ms ± 4%  +24.20%  (p=0.008 n=5+5)
ImagePackageCatalogers/portage-cataloger-2                    661µs ± 0%     859µs ± 3%  +29.93%  (p=0.008 n=5+5)

name                                                       old alloc/op   new alloc/op   delta
ImagePackageCatalogers/alpmdb-cataloger-2                    5.26MB ± 0%    5.26MB ± 0%     ~     (p=1.000 n=5+5)
ImagePackageCatalogers/ruby-gemspec-cataloger-2               202kB ± 0%     202kB ± 0%     ~     (p=0.421 n=5+5)
ImagePackageCatalogers/python-package-cataloger-2             944kB ± 0%     945kB ± 0%     ~     (p=0.095 n=5+5)
ImagePackageCatalogers/php-composer-installed-cataloger-2     214kB ± 0%     214kB ± 0%     ~     (p=0.095 n=5+5)
ImagePackageCatalogers/javascript-package-cataloger-2         158kB ± 0%     158kB ± 0%     ~     (p=0.690 n=5+5)
ImagePackageCatalogers/dpkgdb-cataloger-2                     203kB ± 0%     203kB ± 0%     ~     (p=0.151 n=5+5)
ImagePackageCatalogers/rpm-db-cataloger-2                     302kB ± 0%     301kB ± 0%   -0.22%  (p=0.008 n=5+5)
ImagePackageCatalogers/java-cataloger-2                      3.44MB ± 0%    3.44MB ± 0%     ~     (p=0.548 n=5+5)
ImagePackageCatalogers/apkdb-cataloger-2                     1.25MB ± 0%    1.25MB ± 0%     ~     (p=0.421 n=5+5)
ImagePackageCatalogers/go-module-binary-cataloger-2            672B ± 0%      672B ± 0%     ~     (all equal)
ImagePackageCatalogers/dotnet-deps-cataloger-2                369kB ± 0%     369kB ± 0%     ~     (p=0.095 n=5+5)
ImagePackageCatalogers/portage-cataloger-2                    136kB ± 0%     136kB ± 0%     ~     (p=0.738 n=5+5)

name                                                       old allocs/op  new allocs/op  delta
ImagePackageCatalogers/alpmdb-cataloger-2                     85.7k ± 0%     85.7k ± 0%     ~     (p=0.643 n=5+5)
ImagePackageCatalogers/ruby-gemspec-cataloger-2               4.25k ± 0%     4.25k ± 0%     ~     (p=0.333 n=4+5)
ImagePackageCatalogers/python-package-cataloger-2             16.6k ± 0%     16.6k ± 0%     ~     (p=0.246 n=5+5)
ImagePackageCatalogers/php-composer-installed-cataloger-2     5.53k ± 0%     5.54k ± 0%     ~     (p=0.103 n=5+5)
ImagePackageCatalogers/javascript-package-cataloger-2         3.32k ± 0%     3.32k ± 0%     ~     (p=1.000 n=5+5)
ImagePackageCatalogers/dpkgdb-cataloger-2                     4.60k ± 0%     4.60k ± 0%     ~     (all equal)
ImagePackageCatalogers/rpm-db-cataloger-2                     8.13k ± 0%     8.13k ± 0%     ~     (all equal)
ImagePackageCatalogers/java-cataloger-2                       57.5k ± 0%     57.5k ± 0%     ~     (p=0.548 n=5+5)
ImagePackageCatalogers/apkdb-cataloger-2                      5.43k ± 0%     5.43k ± 0%     ~     (p=1.000 n=5+5)
ImagePackageCatalogers/go-module-binary-cataloger-2            15.0 ± 0%      15.0 ± 0%     ~     (all equal)
ImagePackageCatalogers/dotnet-deps-cataloger-2                7.27k ± 0%     7.27k ± 0%     ~     (all equal)
ImagePackageCatalogers/portage-cataloger-2                    3.59k ± 0%     3.59k ± 0%     ~     (all equal)

@spiffcs spiffcs enabled auto-merge (squash) September 19, 2022 15:42
@spiffcs spiffcs merged commit 0f99215 into main Sep 19, 2022
@spiffcs spiffcs deleted the attestation-panic-1210 branch September 19, 2022 15:50
spiffcs added a commit to luhring/syft that referenced this pull request Sep 19, 2022
* main:
  bug: remove chance for panic; provide default attestation path (anchore#1214)
  refactor: update Makefile organization; update DEVELOPING.md instructions (anchore#1212)
  refactor: replace ioutil=>io; update linter (anchore#1211)
  Update bootstrap tools to latest versions. (anchore#1204)
  Add gosimports (anchore#1205)
  refactor: move formats from internal into syft module (anchore#1172)
  warn on errors from RPM DB parsing (anchore#1200)
  docs: improve Singularity image source docs (anchore#1190)

Signed-off-by: Christopher Phillips <[email protected]>
spiffcs added a commit that referenced this pull request Sep 19, 2022
spiffcs added a commit that referenced this pull request Oct 21, 2022
spiffcs added a commit that referenced this pull request Oct 21, 2022
GijsCalis pushed a commit to GijsCalis/syft that referenced this pull request Feb 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

attest panic on MacOS
2 participants