From d7594298310f81053d1d63d42f47d0ffc4053bbb Mon Sep 17 00:00:00 2001 From: "stonezdj(Daojun Zhang)" Date: Sat, 20 Apr 2024 10:37:30 +0800 Subject: [PATCH] Set default capability for old scanners (#20306) Signed-off-by: stonezdj Co-authored-by: Wang Yan --- src/pkg/scan/rest/v1/models.go | 12 ++++++++++-- src/pkg/scan/rest/v1/models_test.go | 26 ++++++++++++++++++++++++++ 2 files changed, 36 insertions(+), 2 deletions(-) diff --git a/src/pkg/scan/rest/v1/models.go b/src/pkg/scan/rest/v1/models.go index 21352c749625..9c25c16ea76e 100644 --- a/src/pkg/scan/rest/v1/models.go +++ b/src/pkg/scan/rest/v1/models.go @@ -161,14 +161,22 @@ func (md *ScannerAdapterMetadata) GetCapability(mimeType string) *ScannerCapabil // ConvertCapability converts the capability to map, used in get scanner API func (md *ScannerAdapterMetadata) ConvertCapability() map[string]interface{} { capabilities := make(map[string]interface{}) + oldScanner := true for _, c := range md.Capabilities { + if len(c.Type) > 0 { + oldScanner = false + } if c.Type == ScanTypeVulnerability { capabilities[supportVulnerability] = true - } - if c.Type == ScanTypeSbom { + } else if c.Type == ScanTypeSbom { capabilities[supportSBOM] = true } } + if oldScanner && len(capabilities) == 0 { + // to compatible with old version scanner, suppose they should always support scan vulnerability when capability is empty + capabilities[supportVulnerability] = true + capabilities[supportSBOM] = false + } return capabilities } diff --git a/src/pkg/scan/rest/v1/models_test.go b/src/pkg/scan/rest/v1/models_test.go index e96aa01788fd..96590bc4c68d 100644 --- a/src/pkg/scan/rest/v1/models_test.go +++ b/src/pkg/scan/rest/v1/models_test.go @@ -13,3 +13,29 @@ func TestIsSupportedMimeType(t *testing.T) { // Test with an unsupported mime type assert.False(t, isSupportedMimeType("unsupported/mime-type"), "isSupportedMimeType should return false for unsupported mime types") } + +func TestConvertCapability(t *testing.T) { + md := &ScannerAdapterMetadata{ + Capabilities: []*ScannerCapability{ + {Type: ScanTypeSbom}, + {Type: ScanTypeVulnerability}, + }, + } + result := md.ConvertCapability() + assert.Equal(t, result[supportSBOM], true) + assert.Equal(t, result[supportVulnerability], true) +} + +func TestConvertCapabilityOldScaner(t *testing.T) { + md := &ScannerAdapterMetadata{ + Capabilities: []*ScannerCapability{ + { + ConsumesMimeTypes: []string{"application/vnd.oci.image.manifest.v1+json", "application/vnd.docker.distribution.manifest.v2+json"}, + ProducesMimeTypes: []string{MimeTypeNativeReport}, + }, + }, + } + result := md.ConvertCapability() + assert.Equal(t, result[supportSBOM], false) + assert.Equal(t, result[supportVulnerability], true) +}