Skip to content

Commit 28d44d3

Browse files
fix: forward ospkg detector options through ospkg.NewScanner (#10811)
Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
1 parent 5619ae1 commit 28d44d3

2 files changed

Lines changed: 66 additions & 4 deletions

File tree

pkg/scan/ospkg/scan.go

Lines changed: 8 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -16,10 +16,14 @@ type Scanner interface {
1616
Scan(ctx context.Context, target types.ScanTarget, options types.ScanOptions) (types.Result, bool, error)
1717
}
1818

19-
type scanner struct{}
19+
type scanner struct {
20+
opts []ospkgDetector.Option
21+
}
2022

21-
func NewScanner() Scanner {
22-
return &scanner{}
23+
// NewScanner creates a new OS package scanner.
24+
// The given options are forwarded to ospkgDetector.NewDetector during Scan.
25+
func NewScanner(opts ...ospkgDetector.Option) Scanner {
26+
return &scanner{opts: opts}
2327
}
2428

2529
func (s *scanner) Scan(ctx context.Context, target types.ScanTarget, opts types.ScanOptions) (types.Result, bool, error) {
@@ -55,7 +59,7 @@ func (s *scanner) Scan(ctx context.Context, target types.ScanTarget, opts types.
5559
return result, false, nil
5660
}
5761

58-
detector, err := ospkgDetector.NewDetector(target)
62+
detector, err := ospkgDetector.NewDetector(target, s.opts...)
5963
if err != nil {
6064
return result, false, xerrors.Errorf("unable to initialize Detector for OS packages: %w", err)
6165
}

pkg/scan/ospkg/scan_test.go

Lines changed: 58 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,58 @@
1+
package ospkg_test
2+
3+
import (
4+
"context"
5+
"testing"
6+
7+
"github.com/stretchr/testify/assert"
8+
"github.com/stretchr/testify/require"
9+
10+
ospkgDetector "github.com/aquasecurity/trivy/pkg/detector/ospkg"
11+
ftypes "github.com/aquasecurity/trivy/pkg/fanal/types"
12+
"github.com/aquasecurity/trivy/pkg/scan/ospkg"
13+
"github.com/aquasecurity/trivy/pkg/types"
14+
)
15+
16+
type mockDriver struct {
17+
called bool
18+
vulns []types.DetectedVulnerability
19+
}
20+
21+
func (m *mockDriver) Detect(_ context.Context, _ string, _ *ftypes.Repository, _ []ftypes.Package) ([]types.DetectedVulnerability, error) {
22+
m.called = true
23+
return m.vulns, nil
24+
}
25+
26+
func (m *mockDriver) IsSupportedVersion(_ context.Context, _ ftypes.OSType, _ string) bool {
27+
return true
28+
}
29+
30+
// TestScanner_Scan_ForwardsOptions verifies that options passed to NewScanner
31+
// are forwarded to ospkgDetector.NewDetector during Scan.
32+
func TestScanner_Scan_ForwardsOptions(t *testing.T) {
33+
target := types.ScanTarget{
34+
OS: ftypes.OS{
35+
Family: ftypes.CentOS,
36+
Name: "7",
37+
},
38+
Packages: []ftypes.Package{
39+
{Name: "vim"},
40+
},
41+
}
42+
opts := types.ScanOptions{
43+
Scanners: types.Scanners{types.VulnerabilityScanner},
44+
}
45+
46+
want := []types.DetectedVulnerability{
47+
{VulnerabilityID: "CVE-2024-0001"},
48+
}
49+
50+
mockDrv := &mockDriver{vulns: want}
51+
s := ospkg.NewScanner(ospkgDetector.WithDriver(target.OS.Family, mockDrv))
52+
53+
result, _, err := s.Scan(t.Context(), target, opts)
54+
require.NoError(t, err)
55+
56+
assert.True(t, mockDrv.called, "expected the driver registered via the option to be used")
57+
assert.Equal(t, want, result.Vulnerabilities)
58+
}

0 commit comments

Comments
 (0)