Skip to content

bug: remove chance for panic; provide default attestation path#1214

Merged
spiffcs merged 3 commits intomainfrom
attestation-panic-1210
Sep 19, 2022
Merged

bug: remove chance for panic; provide default attestation path#1214
spiffcs merged 3 commits intomainfrom
attestation-panic-1210

Conversation

@spiffcs
Copy link
Copy Markdown
Contributor

@spiffcs spiffcs commented Sep 19, 2022
edited
Loading

Summary

Closes #1210

Given a user could provide a typo value for their desired output, the format value in attest had a chance to be nil.
This PR adds a guard against FormatByName returning nil by adding a default format attestation path as syft-json.

Another option is we could error out and inform the user that their format is unrecognized rather than providing a default. I'm open to either approach but chose to try and provide a successful command rather than error case in this instance.

A CLI test has been added to cover this typo case.

Signed-off-by: Christopher Phillips christopher.phillips@anchore.com

@spiffcs
bug: remove chance for panic and provide default
7bb7656 
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
@spiffcs
bug: add default attestation format
d4d23dd 
	- on format identification failure provide default path for
	  succesful command execution

Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
@spiffcs
bug: update cli tests and use syftjson as default
f97e1b1 
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Sep 19, 2022

Benchmark Test Results

Benchmark results from the latest changes vs base branch 
name                                                       old time/op    new time/op    delta
ImagePackageCatalogers/alpmdb-cataloger-2                    11.3ms ± 1%    13.1ms ± 3%  +15.62%  (p=0.008 n=5+5)
ImagePackageCatalogers/ruby-gemspec-cataloger-2              1.32ms ± 8%    1.63ms ±10%  +23.63%  (p=0.008 n=5+5)
ImagePackageCatalogers/python-package-cataloger-2            3.20ms ± 0%    3.77ms ± 2%  +17.83%  (p=0.008 n=5+5)
ImagePackageCatalogers/php-composer-installed-cataloger-2    1.02ms ± 0%    1.26ms ± 3%  +23.37%  (p=0.008 n=5+5)
ImagePackageCatalogers/javascript-package-cataloger-2         712µs ± 0%     918µs ± 2%  +28.87%  (p=0.008 n=5+5)
ImagePackageCatalogers/dpkgdb-cataloger-2                     833µs ± 1%    1069µs ± 2%  +28.35%  (p=0.008 n=5+5)
ImagePackageCatalogers/rpm-db-cataloger-2                    1.20ms ± 1%    1.61ms ±13%  +34.56%  (p=0.008 n=5+5)
ImagePackageCatalogers/java-cataloger-2                      14.0ms ± 2%    16.8ms ± 1%  +19.65%  (p=0.008 n=5+5)
ImagePackageCatalogers/apkdb-cataloger-2                     1.19ms ± 1%    1.47ms ± 3%  +23.62%  (p=0.008 n=5+5)
ImagePackageCatalogers/go-module-binary-cataloger-2          2.13µs ± 1%    2.54µs ± 2%  +19.49%  (p=0.008 n=5+5)
ImagePackageCatalogers/dotnet-deps-cataloger-2               1.31ms ± 0%    1.63ms ± 4%  +24.20%  (p=0.008 n=5+5)
ImagePackageCatalogers/portage-cataloger-2                    661µs ± 0%     859µs ± 3%  +29.93%  (p=0.008 n=5+5)

name                                                       old alloc/op   new alloc/op   delta
ImagePackageCatalogers/alpmdb-cataloger-2                    5.26MB ± 0%    5.26MB ± 0%     ~     (p=1.000 n=5+5)
ImagePackageCatalogers/ruby-gemspec-cataloger-2               202kB ± 0%     202kB ± 0%     ~     (p=0.421 n=5+5)
ImagePackageCatalogers/python-package-cataloger-2             944kB ± 0%     945kB ± 0%     ~     (p=0.095 n=5+5)
ImagePackageCatalogers/php-composer-installed-cataloger-2     214kB ± 0%     214kB ± 0%     ~     (p=0.095 n=5+5)
ImagePackageCatalogers/javascript-package-cataloger-2         158kB ± 0%     158kB ± 0%     ~     (p=0.690 n=5+5)
ImagePackageCatalogers/dpkgdb-cataloger-2                     203kB ± 0%     203kB ± 0%     ~     (p=0.151 n=5+5)
ImagePackageCatalogers/rpm-db-cataloger-2                     302kB ± 0%     301kB ± 0%   -0.22%  (p=0.008 n=5+5)
ImagePackageCatalogers/java-cataloger-2                      3.44MB ± 0%    3.44MB ± 0%     ~     (p=0.548 n=5+5)
ImagePackageCatalogers/apkdb-cataloger-2                     1.25MB ± 0%    1.25MB ± 0%     ~     (p=0.421 n=5+5)
ImagePackageCatalogers/go-module-binary-cataloger-2            672B ± 0%      672B ± 0%     ~     (all equal)
ImagePackageCatalogers/dotnet-deps-cataloger-2                369kB ± 0%     369kB ± 0%     ~     (p=0.095 n=5+5)
ImagePackageCatalogers/portage-cataloger-2                    136kB ± 0%     136kB ± 0%     ~     (p=0.738 n=5+5)

name                                                       old allocs/op  new allocs/op  delta
ImagePackageCatalogers/alpmdb-cataloger-2                     85.7k ± 0%     85.7k ± 0%     ~     (p=0.643 n=5+5)
ImagePackageCatalogers/ruby-gemspec-cataloger-2               4.25k ± 0%     4.25k ± 0%     ~     (p=0.333 n=4+5)
ImagePackageCatalogers/python-package-cataloger-2             16.6k ± 0%     16.6k ± 0%     ~     (p=0.246 n=5+5)
ImagePackageCatalogers/php-composer-installed-cataloger-2     5.53k ± 0%     5.54k ± 0%     ~     (p=0.103 n=5+5)
ImagePackageCatalogers/javascript-package-cataloger-2         3.32k ± 0%     3.32k ± 0%     ~     (p=1.000 n=5+5)
ImagePackageCatalogers/dpkgdb-cataloger-2                     4.60k ± 0%     4.60k ± 0%     ~     (all equal)
ImagePackageCatalogers/rpm-db-cataloger-2                     8.13k ± 0%     8.13k ± 0%     ~     (all equal)
ImagePackageCatalogers/java-cataloger-2                       57.5k ± 0%     57.5k ± 0%     ~     (p=0.548 n=5+5)
ImagePackageCatalogers/apkdb-cataloger-2                      5.43k ± 0%     5.43k ± 0%     ~     (p=1.000 n=5+5)
ImagePackageCatalogers/go-module-binary-cataloger-2            15.0 ± 0%      15.0 ± 0%     ~     (all equal)
ImagePackageCatalogers/dotnet-deps-cataloger-2                7.27k ± 0%     7.27k ± 0%     ~     (all equal)
ImagePackageCatalogers/portage-cataloger-2                    3.59k ± 0%     3.59k ± 0%     ~     (all equal)

@spiffcs spiffcs enabled auto-merge (squash) September 19, 2022 15:42
@spiffcs spiffcs merged commit 0f99215 into main Sep 19, 2022
@spiffcs spiffcs deleted the attestation-panic-1210 branch September 19, 2022 15:50
spiffcs added a commit to luhring/syft that referenced this pull request Sep 19, 2022
@spiffcs
Merge branch 'main' into apk-dependencies
2773d08 
* main:
  bug: remove chance for panic; provide default attestation path (anchore#1214)
  refactor: update Makefile organization; update DEVELOPING.md instructions (anchore#1212)
  refactor: replace ioutil=>io; update linter (anchore#1211)
  Update bootstrap tools to latest versions. (anchore#1204)
  Add gosimports (anchore#1205)
  refactor: move formats from internal into syft module (anchore#1172)
  warn on errors from RPM DB parsing (anchore#1200)
  docs: improve Singularity image source docs (anchore#1190)

Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
spiffcs added a commit that referenced this pull request Sep 19, 2022
@spiffcs
bug: remove chance for panic; provide default attestation path (#1214)
53f55e7 
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
aiwantaozi pushed a commit to aiwantaozi/syft that referenced this pull request Oct 20, 2022
@spiffcs @aiwantaozi
bug: remove chance for panic; provide default attestation path (ancho…
6a58d9e 
…re#1214)
spiffcs added a commit that referenced this pull request Oct 21, 2022
@spiffcs
bug: remove chance for panic; provide default attestation path (#1214)
09a721d 
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
spiffcs added a commit that referenced this pull request Oct 21, 2022
@spiffcs
bug: remove chance for panic; provide default attestation path (#1214)
7f34397 
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
GijsCalis pushed a commit to GijsCalis/syft that referenced this pull request Feb 19, 2024
@spiffcs
bug: remove chance for panic; provide default attestation path (ancho…
182e0a2 
…re#1214)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kzantow kzantow kzantow approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

attest panic on MacOS

2 participants

@spiffcs @kzantow