feat: pass image id to snyk docker plugin

When image id is available in workload metadata, we want snyk docker plugin to collect image names as a new fact for populating in the container image store.
snyk · Jan 12, 2023 · 2f336de · 2f336de
1 parent 94ecbef
commit 2f336de
Show file tree

Hide file tree

Showing 4 changed files with 10 additions and 2 deletions.
diff --git a/src/scanner/images/index.ts b/src/scanner/images/index.ts
@@ -123,6 +123,7 @@ export async function scanImages(
       const pluginResponse = await scan({
         path: archivePath,
         imageNameAndTag: imageName,
+        imageNameAndDigest: imageWithDigest,
       });
 
       if (

diff --git a/src/scanner/index.ts b/src/scanner/index.ts
@@ -103,7 +103,7 @@ export function getUniqueImages(workloadMetadata: IWorkload[]): IScanImage[] {
 
     accum[meta.imageName] = {
       imageWithDigest: digest && `${imageName}@${digest}`,
-      imageName: meta.imageName, // Image name with tag
+      imageName: meta.imageName, // Image name with tag or digest, according to metadata image field declaration
       skopeoRepoType: SkopeoRepositoryType.DockerArchive,
     };
 

diff --git a/test/system/kind.spec.ts b/test/system/kind.spec.ts
@@ -247,6 +247,13 @@ test('Kubernetes-Monitor with KinD', async () => {
               { type: 'imageLayers', data: expect.any(Array) },
               { type: 'rootFs', data: expect.any(Array) },
               { type: 'imageOsReleasePrettyName', data: expect.any(String) },
+              {
+                type: 'imageNames',
+                data: [
+                  'docker.io/library/openjdk:latest',
+                  expect.stringContaining('docker.io/library/openjdk@sha256:'),
+                ],
+              },
             ]),
             target: { image: 'docker-image|docker.io/library/openjdk' },
             identity: { type: 'rpm', args: { platform: 'linux/amd64' } },

diff --git a/test/unit/scanner/images.spec.ts b/test/unit/scanner/images.spec.ts
@@ -133,7 +133,7 @@ describe('getImageParts()', () => {
           .imageName,
       ).toEqual('kind-registry:5000/python-27');
     });
-    it('removed repository/image:tag contining dashes', () => {
+    it('removed repository/image:tag continuing dashes', () => {
       expect(
         scannerImages.getImageParts(
           'kind-registry:5000/test/python-27:rc-buster',