feat: move file patterns to a global level to be able to use it on any analyzer

[jerbob92]

Description

This is the functionality of aquasecurity/fanal#372 moved into Trivy since Fanal was merged into it.

This PR moves the file patterns feature from the config analyzers to a global level so that we can use it on any analyzer.
In favor of aquasecurity/fanal#370, aquasecurity/fanal#357, aquasecurity/fanal#355 as this feature will allow you to set the needed file patterns yourself.

This also makes the config analyzers more like the other analyzers.

This can be enabled in Trivy without changing anything to the config scanner. The other commands will just get a --filter-patterns option.

Checklist

• I've read the guidelines for contributing to this repository.
• I've followed the conventions in the PR title.
• I've added tests that prove my fix is effective or that my feature works.
• I've updated the documentation with the relevant information (if needed).
• I've added usage information (if the PR introduces new options)
• I've included a "before" and "after" example to the description (if the PR is a user interface change).

[jerbob92]

@owenrumney @liamg @knqyf263
Is anyone going to look at this?

[jerbob92]

@owenrumney @liamg @knqyf263 Are you guys straight up collectively ignoring me or is something else going on?

[liamg]

Hi @jerbob92 - sorry about this! Entirely my fault. It's been a busy couple of weeks and I totally missed this but that's no excuse, I apologise. Looking now 👀

[jerbob92]

Hi @jerbob92 - sorry about this! Entirely my fault. It's been a busy couple of weeks and I totally missed this but that's no excuse, I apologise. Looking now eyes

Thanks! Just wondering whether I have to keep updating this MR 😅

[liamg]

LGTM! 🚀

Sorry for the delay 🐌

[liamg]

If you could check the conflicts I'll make sure we merge this ASAP :)

[jerbob92]

@liamg the current failure is this:

    docker_engine_test.go:275: 
        	Error Trace:	/home/runner/work/trivy/trivy/integration/docker_engine_test.go:275
        	Error:      	Received unexpected error:
        	            	Error: No such image: ghcr.io/aquasecurity/trivy-test-images:amazon-2
        	Test:       	TestDockerEngine/amazonlinux:2
        	Messages:   	amazonlinux:2

That doesn't seem related to my changes, do you have any idea?

[liamg]

@jerbob92 I haven't seen this failure before - I'll raise it internally and see if I can find a solution.

[liamg]

Apparently this is a fairly common issue with GHCR being unreliable 😬 - I've kicked off the integration tests again 🤞

[liamg]

@knqyf263 What do you think? Can we merge this? 😃

[knqyf263]

@liamg Thanks for reviewing.
@jerbob92 I hope to take a look shortly.

[knqyf263]

Could you also update this doc?

trivy/docs/docs/references/customization/config-file.md

Lines 198 to 200 in 2580ea1

	# Same as '--file-patterns'
	# Default is empty
	file-patterns:

[knqyf263]

Having it in a dedicated method seems better.

func (ag AnalyzerGroup) filePatternMatch(analyzerType Type, filePath string) {
for _, pattern := range ag.filePatterns[analyzerType] {
if pattern.MatchString(cleanPath) {
return true
}
}
return false
}

[jerbob92]

Could you also update this doc?

trivy/docs/docs/references/customization/config-file.md

Lines 198 to 200 in 2580ea1

	# Same as '--file-patterns'
	# Default is empty
	file-patterns:

Moving it to scan options?

[CLAassistant]

All committers have signed the CLA.

[jerbob92]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.You have signed the CLA already but the status is still pending? Let us recheck it.

Huh? Didn't I already sign this?

[afdesk]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.You have signed the CLA already but the status is still pending? Let us recheck it.

Huh? Didn't I already sign this?

@jerbob92 it seems CLA was updated

[knqyf263]

Moving it to scan options?

Yes

[knqyf263]

Thanks for your contribution and patience🙇