diff --git a/cmd/whitesourceExecuteScan.go b/cmd/whitesourceExecuteScan.go index 2fc339439c..fccd5c62cd 100644 --- a/cmd/whitesourceExecuteScan.go +++ b/cmd/whitesourceExecuteScan.go @@ -200,10 +200,10 @@ func runWhitesourceScan(ctx context.Context, config *ScanOptions, scan *ws.Scan, // Download Docker image for container scan // ToDo: move it to improve testability if config.BuildTool == "docker" { - if len(config.ScanImages) != 0 { + if len(config.ScanImages) != 0 && config.ActivateMultipleImagesScan { for _, image := range config.ScanImages { config.ScanImage = image - err := downloadDockerImageAsTar(config, utils) + err := downloadDockerImageAsTarNew(config, utils) if err != nil { return errors.Wrapf(err, "failed to download docker image") } @@ -1088,7 +1088,7 @@ func createToolRecordWhitesource(utils whitesourceUtils, workspace string, confi return record.GetFileName(), nil } -func downloadDockerImageAsTar(config *ScanOptions, utils whitesourceUtils) error { +func downloadDockerImageAsTarNew(config *ScanOptions, utils whitesourceUtils) error { imageNameToSave := strings.Replace(config.ScanImage, "/", "-", -1) @@ -1113,3 +1113,27 @@ func downloadDockerImageAsTar(config *ScanOptions, utils whitesourceUtils) error return nil } + +func downloadDockerImageAsTar(config *ScanOptions, utils whitesourceUtils) error { + + saveImageOptions := containerSaveImageOptions{ + ContainerImage: config.ScanImage, + ContainerRegistryURL: config.ScanImageRegistryURL, + ContainerRegistryUser: config.ContainerRegistryUser, + ContainerRegistryPassword: config.ContainerRegistryPassword, + DockerConfigJSON: config.DockerConfigJSON, + FilePath: config.ProjectName, // previously was config.ProjectName + ImageFormat: "legacy", // keep the image format legacy or whitesource is not able to read layers + } + dClientOptions := piperDocker.ClientOptions{ImageName: saveImageOptions.ContainerImage, RegistryURL: saveImageOptions.ContainerRegistryURL, LocalPath: "", ImageFormat: "legacy"} + dClient := &piperDocker.Client{} + dClient.SetOptions(dClientOptions) + if _, err := runContainerSaveImage(&saveImageOptions, &telemetry.CustomData{}, "./cache", "", dClient, utils); err != nil { + if strings.Contains(fmt.Sprint(err), "no image found") { + log.SetErrorCategory(log.ErrorConfiguration) + } + return errors.Wrapf(err, "failed to download Docker image %v", config.ScanImage) + } + + return nil +} diff --git a/cmd/whitesourceExecuteScan_generated.go b/cmd/whitesourceExecuteScan_generated.go index df6ff9227b..d89d3b938e 100644 --- a/cmd/whitesourceExecuteScan_generated.go +++ b/cmd/whitesourceExecuteScan_generated.go @@ -56,6 +56,7 @@ type whitesourceExecuteScanOptions struct { ScanImage string `json:"scanImage,omitempty"` ScanImages []string `json:"scanImages,omitempty"` SkipParentProjectResolution bool `json:"skipParentProjectResolution,omitempty"` + ActivateMultipleImagesScan bool `json:"activateMultipleImagesScan,omitempty"` ScanImageRegistryURL string `json:"scanImageRegistryUrl,omitempty"` SecurityVulnerabilities bool `json:"securityVulnerabilities,omitempty"` ServiceURL string `json:"serviceUrl,omitempty"` @@ -353,6 +354,7 @@ func addWhitesourceExecuteScanFlags(cmd *cobra.Command, stepConfig *whitesourceE cmd.Flags().StringVar(&stepConfig.ScanImage, "scanImage", os.Getenv("PIPER_scanImage"), "For `buildTool: docker`: Defines the docker image which should be scanned.") cmd.Flags().StringSliceVar(&stepConfig.ScanImages, "scanImages", []string{}, "For `buildTool: docker`: Allowing to scan multiple docker images. In case parent project will not contain any dependecies, use skipParentProjectResolution parameter") cmd.Flags().BoolVar(&stepConfig.SkipParentProjectResolution, "skipParentProjectResolution", false, "Parameter for multi-module, multi-images projects to skip the parent project resolution for reporing purpose Could be used if parent project is set as just a placeholder for scan and doesn't contain any dependencies.") + cmd.Flags().BoolVar(&stepConfig.ActivateMultipleImagesScan, "activateMultipleImagesScan", false, "Use this parameter to activate the scan of multiple images. Additionally you'll need to provide skipParentProjectResolution and scanImages parameters") cmd.Flags().StringVar(&stepConfig.ScanImageRegistryURL, "scanImageRegistryUrl", os.Getenv("PIPER_scanImageRegistryUrl"), "For `buildTool: docker`: Defines the registry where the scanImage is located.") cmd.Flags().BoolVar(&stepConfig.SecurityVulnerabilities, "securityVulnerabilities", true, "Whether security compliance is considered and reported as part of the assessment.") cmd.Flags().StringVar(&stepConfig.ServiceURL, "serviceUrl", `https://saas.whitesourcesoftware.com/api`, "URL to the WhiteSource API endpoint.") @@ -778,6 +780,15 @@ func whitesourceExecuteScanMetadata() config.StepData { Aliases: []config.Alias{}, Default: false, }, + { + Name: "activateMultipleImagesScan", + ResourceRef: []config.ResourceReference{}, + Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, + Type: "bool", + Mandatory: false, + Aliases: []config.Alias{}, + Default: false, + }, { Name: "scanImageRegistryUrl", ResourceRef: []config.ResourceReference{ diff --git a/resources/metadata/whitesourceExecuteScan.yaml b/resources/metadata/whitesourceExecuteScan.yaml index dc1d926ae1..bb537c72ee 100644 --- a/resources/metadata/whitesourceExecuteScan.yaml +++ b/resources/metadata/whitesourceExecuteScan.yaml @@ -396,6 +396,14 @@ spec: - STAGES - STEPS default: false + - name: activateMultipleImagesScan + type: bool + description: "Use this parameter to activate the scan of multiple images. Additionally you'll need to provide skipParentProjectResolution and scanImages parameters" + scope: + - PARAMETERS + - STAGES + - STEPS + default: false - name: scanImageRegistryUrl type: string description: "For `buildTool: docker`: Defines the registry where the scanImage is located."