feat(filesystem): scan in client/server mode #1829
Conversation
…ion to `fs` command
pkg/commands/app.go
Outdated
| @@ -313,6 +312,19 @@ var ( | |||
| EnvVars: []string{"TRIVY_INSECURE"}, | |||
| } | |||
|
|
|||
| remoteServer = cli.StringFlag{ | |||
| Name: "remote", | |||
There was a problem hiding this comment.
I want to rename it with --server, but --remote should be also used as an alias.
pkg/commands/artifact/option.go
Outdated
| @@ -18,9 +21,19 @@ type Option struct { | |||
| option.CacheOption | |||
| option.ConfigOption | |||
|
|
|||
| // For policy downloading | |||
| NoProgress bool | |||
There was a problem hiding this comment.
We already have it from DBOption.
trivy/pkg/commands/option/db.go
Line 16 in 78b2b89
There was a problem hiding this comment.
Removed. the comment got confused me.
pkg/commands/artifact/option.go
Outdated
| RemoteAddr string | ||
| token string | ||
| tokenHeader string | ||
| customHeaders []string | ||
| // this field is populated in Init() | ||
| CustomHeaders http.Header |
There was a problem hiding this comment.
We should define a new struct for these options.
There was a problem hiding this comment.
I've created a new struct: RemoteOption
pkg/scanner/scan.go
Outdated
| @@ -46,6 +46,12 @@ var StandaloneFilesystemSet = wire.NewSet( | |||
| StandaloneSuperSet, | |||
| ) | |||
|
|
|||
| // StandaloneFilesystemRemoteSet binds filesystem dependencies for client/server mode | |||
| var StandaloneFilesystemRemoteSet = wire.NewSet( | |||
There was a problem hiding this comment.
This is not standalone, but client/server.
pkg/commands/artifact/run.go
Outdated
| return remoteCache.NewRemoteCache(c.RemoteAddr, c.CustomHeaders, c.Insecure), nil, nil | ||
| } | ||
|
|
||
| func initFSCache(c Option) (cache.ArtifactCache, cache.LocalArtifactCache, error) { |
There was a problem hiding this comment.
We may want to rename it with initCache and define NopCache like NopCloser.
https://pkg.go.dev/io#NopCloser
The signature could be:
func NopCache(ArtifactCache) Cache
so that RemoteCache can implement cache.Cache. Then, update operation.go as below.
// client/server mode
if c.ServerAddr != "" {
remoteCache, err = cache. NewRemoteCache(c.ServerAddr, c.CustomHeaders, c.Insecure)
if err != nil {...}
// Wrap RemoteCache so that it can implement cache.Cache
return Cache{Cache: cache.NopCache(remoteCache)}, nil
}
// standalone mode with local fs cache
fsCache, err := cache.NewFSCache(utils.CacheDir())
if err != nil {...}
return Cache{Cache: fsCache}, nil
trivy/pkg/commands/operation/operation.go
Lines 59 to 63 in cabd18d
What do you think of it?
There was a problem hiding this comment.
I think it's an interesting idea. I've done it
pkg/commands/artifact/option_test.go
Outdated
| @@ -177,11 +253,17 @@ func TestOption_Init(t *testing.T) { | |||
| set.Bool("reset", false, "") | |||
| set.Bool("skip-db-update", false, "") | |||
| set.Bool("download-db-only", false, "") | |||
| set.Bool("clear-cache", false, "") | |||
pkg/commands/option/remote.go
Outdated
| } | ||
|
|
||
| // Init initialize the options for client/server mode | ||
| func (c *RemoteOption) Init(logger *zap.SugaredLogger) (err error) { |
There was a problem hiding this comment.
Looks like we don't need to return an error.
There was a problem hiding this comment.
good catch! removed.
integration/client_server_test.go
Outdated
| RemoteAddrOption: "--server", | ||
| Target: "testdata/fixtures/fs/pom/", | ||
| }, | ||
| golden: "testdata/fs-pom.json.golder", |
There was a problem hiding this comment.
We have to use the same golden file with standalone mode. Maybe we have some differences now?
|
Thanks! |
Co-authored-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
Description
Added a new option
--servertofilesystemcommand for support local filesystem scan in client/server mode.Also there was moved
clientpackage toartifact/client.go.Related issues
Checklist