castai
diff --git a/‎.github/workflows/default.yaml
Lines changed: 16 additions & 0 deletions b/‎.github/workflows/default.yaml
Lines changed: 16 additions & 0 deletions
diff --git a/‎README.md
Lines changed: 4 additions & 0 deletions b/‎README.md
Lines changed: 4 additions & 0 deletions
diff --git a/‎artifact.go
Lines changed: 4 additions & 12 deletions b/‎artifact.go
Lines changed: 4 additions & 12 deletions
diff --git a/‎artifact_test.go
Lines changed: 58 additions & 0 deletions b/‎artifact_test.go
Lines changed: 58 additions & 0 deletions
diff --git a/‎dpkg/copyright.go
Lines changed: 4 additions & 2 deletions b/‎dpkg/copyright.go
Lines changed: 4 additions & 2 deletions
@@ -0,0 +1,16 @@
+name: Default
+
+on: [push]
+
+jobs:
+  build:
+    runs-on: ubuntu-22.04
+    steps:
+      - uses: actions/checkout@v4
+      - name: Setup Go
+        uses: actions/setup-go@v4
+        with:
+          go-version: '1.21.4'
+      - name: Test
+        run: go test ./...
+
@@ -1,2 +1,6 @@
 # image-analyzer
 OCI images analyzer
+
+This repository exists for 2 reasons:
+- `github.com/castai/image-analyzer/image/daemon.Image` interface.
+- Having various analyzers bundled in a single module.
@@ -85,7 +85,7 @@ type Artifact struct {
 
 type ArtifactOption = artifact.Option
 
-func NewArtifact(img types.Image, log logrus.FieldLogger, c CacheClient, opt artifact.Option) (*Artifact, error) {
+func NewArtifact(img types.Image, log logrus.FieldLogger, c CacheClient, opt ArtifactOption) (*Artifact, error) {
 	a, err := analyzer.NewAnalyzerGroup(analyzer.AnalyzerOptions{
 		Group:             opt.AnalyzerGroup,
 		DisabledAnalyzers: opt.DisabledAnalyzers,
@@ -108,7 +108,7 @@ func NewArtifact(img types.Image, log logrus.FieldLogger, c CacheClient, opt art
 		log:            log,
 		image:          img,
 		cache:          c,
-		walker:         walker.NewLayerTar(opt.SkipFiles, opt.SkipDirs, opt.Slow),
+		walker:         walker.NewLayerTar(opt.SkipFiles, opt.SkipDirs),
 		analyzer:       a,
 		configAnalyzer: ca,
 		artifactOption: opt,
@@ -249,11 +249,7 @@ func (a Artifact) inspect(ctx context.Context, missingImageKey string, layerKeys
 	blobInfo := make(chan types.BlobInfo)
 
 	errCh := make(chan error)
-	limit := semaphore.NewWeighted(parallel)
-	if a.artifactOption.Slow {
-		// Inspect layers in series
-		limit = semaphore.NewWeighted(1)
-	}
+	limit := semaphore.NewWeighted(int64(a.artifactOption.Parallel))
 
 	var osFound types.OS
 
@@ -337,11 +333,7 @@ func (a Artifact) inspectLayer(ctx context.Context, diffID string, disabled []an
 	var wg sync.WaitGroup
 	opts := analyzer.AnalysisOptions{Offline: a.artifactOption.Offline}
 	result := analyzer.NewAnalysisResult()
-	limit := semaphore.NewWeighted(parallel)
-	if a.artifactOption.Slow {
-		// Inspect layers in series
-		limit = semaphore.NewWeighted(1)
-	}
+	limit := semaphore.NewWeighted(int64(a.artifactOption.Parallel))
 
 	// Walk a tar layer
 	opqDirs, whFiles, err := a.walker.Walk(r, func(filePath string, info os.FileInfo, opener analyzer.Opener) error {
 
@@ -0,0 +1,58 @@
+package analyzer
+
+import (
+	"context"
+	"testing"
+
+	"github.com/aquasecurity/trivy/pkg/fanal/types"
+	"github.com/sirupsen/logrus"
+	"github.com/stretchr/testify/require"
+
+	"github.com/castai/image-analyzer/image"
+)
+
+func TestArtifact(t *testing.T) {
+	r := require.New(t)
+	ctx := context.Background()
+	log := logrus.New()
+	log.SetLevel(logrus.DebugLevel)
+
+	digest := "alpine@sha256:60eda2a7bc29a54fe6beae0d72312ea995eb3b8387535e8dbf6767fd1b765d34" // linux/amd64 digest
+	img, err := image.NewFromRemote(ctx, digest, types.ImageOptions{})
+	r.NoError(err)
+
+	artifact, err := NewArtifact(img, log, mockBlockCache{}, ArtifactOption{
+		Offline:  true,
+		Parallel: 1,
+	})
+	r.NoError(err)
+
+	ref, err := artifact.Inspect(ctx)
+	r.NoError(err)
+	r.NotNil(ref)
+	r.NotNil(ref.BlobsInfo)
+	r.Len(ref.BlobsInfo, 1)
+	r.Len(ref.BlobsInfo[0].PackageInfos, 1)
+	r.Len(ref.BlobsInfo[0].PackageInfos[0].Packages, 15)
+
+	r.NotNil(ref.ConfigFile)
+	r.Equal("amd64", ref.ConfigFile.Architecture)
+	r.Equal("linux", ref.ConfigFile.OS)
+
+	r.NotNil(ref.ArtifactInfo)
+	r.Equal("amd64", ref.ArtifactInfo.Architecture)
+	r.Equal("linux", ref.ArtifactInfo.OS)
+
+	r.NotNil(ref.OsInfo)
+	r.Equal("alpine", string(ref.OsInfo.Family))
+}
+
+type mockBlockCache struct{}
+
+func (mockBlockCache) PutBlob(ctx context.Context, key string, blob []byte) error {
+	return nil
+}
+
+func (mockBlockCache) GetBlob(ctx context.Context, key string) ([]byte, error) {
+	return nil, ErrCacheNotFound
+}
@@ -31,7 +31,8 @@ var (
 
 // dpkgLicenseAnalyzer parses copyright files and detect licenses
 type dpkgLicenseAnalyzer struct {
-	licenseFull bool
+	licenseFull               bool
+	classifierConfidenceLevel float64
 }
 
 // Analyze parses /usr/share/doc/*/copyright files
@@ -45,7 +46,7 @@ func (a *dpkgLicenseAnalyzer) Analyze(_ context.Context, input analyzer.Analysis
 			return nil, xerrors.Errorf("seek error: %w", err)
 		}
 
-		licenseFile, err := licensing.Classify(input.FilePath, input.Content)
+		licenseFile, err := licensing.Classify(input.FilePath, input.Content, a.classifierConfidenceLevel)
 		if err != nil {
 			return nil, xerrors.Errorf("license classification error: %w", err)
 		}
@@ -117,6 +118,7 @@ func (a *dpkgLicenseAnalyzer) parseCopyright(r dio.ReadSeekerAt) []types.License
 
 func (a *dpkgLicenseAnalyzer) Init(opt analyzer.AnalyzerOptions) error {
 	a.licenseFull = opt.LicenseScannerOption.Full
+	a.classifierConfidenceLevel = opt.LicenseScannerOption.ClassifierConfidenceLevel
 	return nil
 }
Original file line number	Diff line number	Diff line change
`@@ -31,7 +31,8 @@ var (`
`31`	`31`
`32`	`32`	`// dpkgLicenseAnalyzer parses copyright files and detect licenses`
`33`	`33`	`type dpkgLicenseAnalyzer struct {`
`34`		`- licenseFull bool`
	`34`	`+ licenseFull bool`
	`35`	`+ classifierConfidenceLevel float64`
`35`	`36`	`}`
`36`	`37`
`37`	`38`	`// Analyze parses /usr/share/doc/*/copyright files`
`@@ -45,7 +46,7 @@ func (a *dpkgLicenseAnalyzer) Analyze(_ context.Context, input analyzer.Analysis`
`45`	`46`	`return nil, xerrors.Errorf("seek error: %w", err)`
`46`	`47`	`}`
`47`	`48`
`48`		`- licenseFile, err := licensing.Classify(input.FilePath, input.Content)`
	`49`	`+ licenseFile, err := licensing.Classify(input.FilePath, input.Content, a.classifierConfidenceLevel)`
`49`	`50`	`if err != nil {`
`50`	`51`	`return nil, xerrors.Errorf("license classification error: %w", err)`
`51`	`52`	`}`
`@@ -117,6 +118,7 @@ func (a *dpkgLicenseAnalyzer) parseCopyright(r dio.ReadSeekerAt) []types.License`
`117`	`118`
`118`	`119`	`func (a *dpkgLicenseAnalyzer) Init(opt analyzer.AnalyzerOptions) error {`
`119`	`120`	`a.licenseFull = opt.LicenseScannerOption.Full`
	`121`	`+ a.classifierConfidenceLevel = opt.LicenseScannerOption.ClassifierConfidenceLevel`
`120`	`122`	`return nil`
`121`	`123`	`}`
`122`	`124`