diff --git a/docker/ops.go b/docker/ops.go index b5ddc49..6f03786 100644 --- a/docker/ops.go +++ b/docker/ops.go @@ -2,7 +2,7 @@ package docker import ( "github.com/docker/distribution/reference" - "github.com/docker/index-cli-plugin/sbom" + "github.com/docker/index-cli-plugin/lsp" "github.com/moby/buildkit/frontend/dockerfile/parser" //"reflect" @@ -53,7 +53,7 @@ func parse_uri(s string) (Reference, error) { return Reference{Path: path, Domain: domain, Tag: tag, Digest: digest}, err } -func generate_sbom(message *babashka.Message, s string) error { +func generate_sbom(message *babashka.Message, image string, username string, password string) error { tx_channel := make(chan string) go func() error { @@ -72,7 +72,13 @@ func generate_sbom(message *babashka.Message, s string) error { return nil }() - return sbom.Send(s, tx_channel) + l := lsp.New() + + if username != "" && password != "" { + l.WithAuth(username, password) + } + + return l.Send(image, tx_channel) } func generate_hashes(message *babashka.Message, s string) error { @@ -94,7 +100,7 @@ func generate_hashes(message *babashka.Message, s string) error { return nil }() - return sbom.SendFileHashes(s, tx_channel) + return lsp.New().SendFileHashes(s, tx_channel) } func ProcessMessage(message *babashka.Message) (any, error) { @@ -173,8 +179,8 @@ func ProcessMessage(message *babashka.Message) (any, error) { if err := json.Unmarshal([]byte(message.Args), &args); err != nil { return nil, err } - - err := generate_sbom(message, args[0]) + // TODO add username and password to inbound message + err := generate_sbom(message, args[0], "", "") if err != nil { babashka.WriteErrorResponse(message, err) } diff --git a/go.mod b/go.mod index c75d05d..4cc54cc 100644 --- a/go.mod +++ b/go.mod @@ -4,6 +4,7 @@ go 1.19 require ( github.com/docker/distribution v2.8.1+incompatible + github.com/docker/index-cli-plugin v0.0.33-0.20230203084141-88bf36ae38c6 github.com/jackpal/bencode-go v1.0.0 github.com/moby/buildkit v0.10.6 ) @@ -27,7 +28,7 @@ require ( github.com/Masterminds/semver/v3 v3.1.1 // indirect github.com/Masterminds/sprig/v3 v3.2.2 // indirect github.com/Microsoft/go-winio v0.5.2 // indirect - github.com/Microsoft/hcsshim v0.9.4 // indirect + github.com/Microsoft/hcsshim v0.9.5 // indirect github.com/ProtonMail/go-crypto v0.0.0-20220824120805-4b6e5c587895 // indirect github.com/acobaugh/osrelease v0.1.0 // indirect github.com/acomagu/bufpipe v1.0.3 // indirect @@ -48,7 +49,7 @@ require ( github.com/cespare/xxhash/v2 v2.1.2 // indirect github.com/cloudflare/circl v1.1.0 // indirect github.com/containerd/cgroups v1.0.4 // indirect - github.com/containerd/containerd v1.6.8 // indirect + github.com/containerd/containerd v1.6.12 // indirect github.com/containerd/continuity v0.3.0 // indirect github.com/containerd/fifo v1.0.0 // indirect github.com/containerd/stargz-snapshotter/estargz v0.12.0 // indirect @@ -66,7 +67,6 @@ require ( github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c // indirect github.com/docker/go-metrics v0.0.1 // indirect github.com/docker/go-units v0.5.0 // indirect - github.com/docker/index-cli-plugin v0.0.27-0.20230104225926-3eb6de3c7d6b // indirect github.com/dsnet/compress v0.0.2-0.20210315054119-f66993602bf5 // indirect github.com/dustin/go-humanize v1.0.0 // indirect github.com/ekzhu/minhash-lsh v0.0.0-20171225071031-5c06ee8586a1 // indirect @@ -116,7 +116,7 @@ require ( github.com/mattn/go-colorable v0.1.13 // indirect github.com/mattn/go-isatty v0.0.16 // indirect github.com/mattn/go-runewidth v0.0.13 // indirect - github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect + github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect github.com/mholt/archiver/v3 v3.5.1 // indirect github.com/microsoft/go-rustaudit v0.0.0-20220730194248-4b17361d90a5 // indirect github.com/miekg/pkcs11 v1.1.1 // indirect diff --git a/go.sum b/go.sum index 9c546a4..7181967 100644 --- a/go.sum +++ b/go.sum @@ -126,6 +126,8 @@ github.com/Microsoft/hcsshim v0.8.23/go.mod h1:4zegtUJth7lAvFyc6cH2gGQ5B3OFQim01 github.com/Microsoft/hcsshim v0.9.2/go.mod h1:7pLA8lDk46WKDWlVsENo92gC0XFa8rbKfyFRBqxEbCc= github.com/Microsoft/hcsshim v0.9.4 h1:mnUj0ivWy6UzbB1uLFqKR6F+ZyiDc7j4iGgHTpO+5+I= github.com/Microsoft/hcsshim v0.9.4/go.mod h1:7pLA8lDk46WKDWlVsENo92gC0XFa8rbKfyFRBqxEbCc= +github.com/Microsoft/hcsshim v0.9.5 h1:AbV+VPfTrIVffukazHcpxmz/sRiE6YaMDzHWR9BXZHo= +github.com/Microsoft/hcsshim v0.9.5/go.mod h1:7pLA8lDk46WKDWlVsENo92gC0XFa8rbKfyFRBqxEbCc= github.com/Microsoft/hcsshim/test v0.0.0-20201218223536-d3e5debf77da/go.mod h1:5hlzMzRKMLyo42nCZ9oml8AdTlq/0cvIaBv6tK1RehU= github.com/Microsoft/hcsshim/test v0.0.0-20210227013316-43a75bb4edd3/go.mod h1:mw7qgWloBUl75W/gVH3cQszUg1+gUITj7D6NY7ywVnY= github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= @@ -307,6 +309,8 @@ github.com/containerd/containerd v1.5.8/go.mod h1:YdFSv5bTFLpG2HIYmfqDpSYYTDX+mc github.com/containerd/containerd v1.6.1/go.mod h1:1nJz5xCZPusx6jJU8Frfct988y0NpumIq9ODB0kLtoE= github.com/containerd/containerd v1.6.8 h1:h4dOFDwzHmqFEP754PgfgTeVXFnLiRc6kiqC7tplDJs= github.com/containerd/containerd v1.6.8/go.mod h1:By6p5KqPK0/7/CgO/A6t/Gz+CUYUu2zf1hUaaymVXB0= +github.com/containerd/containerd v1.6.12 h1:kJ9b3mOFKf8yqo05Ob+tMoxvt1pbVWhnB0re9Y+k+8c= +github.com/containerd/containerd v1.6.12/go.mod h1:K4Bw7gjgh4TnkmQY+py/PYQGp4e7xgnHAeg87VeWb3A= github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= github.com/containerd/continuity v0.0.0-20190815185530-f2a389ac0a02/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= github.com/containerd/continuity v0.0.0-20191127005431-f65d91d395eb/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= @@ -466,6 +470,8 @@ github.com/docker/index-cli-plugin v0.0.27-0.20230104215933-7910587620f1 h1:7l/w github.com/docker/index-cli-plugin v0.0.27-0.20230104215933-7910587620f1/go.mod h1:Ii4IZOFwVpfut3fbBjjQxO5yeAfHSYuUy6wcsmTsDec= github.com/docker/index-cli-plugin v0.0.27-0.20230104225926-3eb6de3c7d6b h1:CaERx6JLL22nubKUZIVleIiXgMnSwyhi7jS0AcjJfgs= github.com/docker/index-cli-plugin v0.0.27-0.20230104225926-3eb6de3c7d6b/go.mod h1:Ii4IZOFwVpfut3fbBjjQxO5yeAfHSYuUy6wcsmTsDec= +github.com/docker/index-cli-plugin v0.0.33-0.20230203084141-88bf36ae38c6 h1:L4ncM7lESPnUkuiwyCrYw/6IKGDNdgWgKds4pKzjwt0= +github.com/docker/index-cli-plugin v0.0.33-0.20230203084141-88bf36ae38c6/go.mod h1:8lunxSyNMPeJRCF6aQB7JlhUXzEAB9X9XpzdCVP+WfA= github.com/docker/libtrust v0.0.0-20150114040149-fa567046d9b1/go.mod h1:cyGadeNEkKy96OOhEzfZl+yxihPEzKnqJwvfuSUqbZE= github.com/docker/libtrust v0.0.0-20160708172513-aabc10ec26b7/go.mod h1:cyGadeNEkKy96OOhEzfZl+yxihPEzKnqJwvfuSUqbZE= github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM= @@ -911,6 +917,8 @@ github.com/mattn/go-sqlite3 v1.14.12/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4 github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 h1:I0XW9+e1XWDxdcEniV4rQAIOPUGDq67JSCiRCgGCZLI= github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= +github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= +github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/maxbrunsfeld/counterfeiter/v6 v6.2.2/go.mod h1:eD9eIE7cdwcMi9rYluz88Jz2VyhSmden33/aXg4oVIY= github.com/mholt/archiver/v3 v3.5.1 h1:rDjOBX9JSF5BvoJGvjqK479aL70qh9DIpZCl+k7Clwo= github.com/mholt/archiver/v3 v3.5.1/go.mod h1:e3dqJ7H78uzsRSEACH1joayhuSyhnonssnDhppzS1L4=