From d7a8933e189e6616f27eeffcf7f5a24d29bfdbf5 Mon Sep 17 00:00:00 2001 From: Will Murphy Date: Thu, 4 Apr 2024 16:58:08 -0400 Subject: [PATCH 1/3] Display which provider caused which error in output Otherwise, the output is very difficult to parse. Signed-off-by: Will Murphy --- go.mod | 2 +- go.sum | 2 ++ syft/get_source.go | 51 ++++++++-------------------------------------- 3 files changed, 12 insertions(+), 43 deletions(-) diff --git a/go.mod b/go.mod index b58bc9c95d8..5cb54b2c60f 100644 --- a/go.mod +++ b/go.mod @@ -17,7 +17,7 @@ require ( github.com/anchore/go-testutils v0.0.0-20200925183923-d5f45b0d3c04 github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b github.com/anchore/packageurl-go v0.1.1-0.20240202171727-877e1747d426 - github.com/anchore/stereoscope v0.0.2-0.20240229175558-fe426d1b1c84 + github.com/anchore/stereoscope v0.0.2-0.20240408144509-8d7048637a90 github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be // we are hinting brotli to latest due to warning when installing archiver v3: // go: warning: github.com/andybalholm/brotli@v1.0.1: retracted by module author: occasional panics and data corruption diff --git a/go.sum b/go.sum index 11c5782dfcd..8111d8b83b8 100644 --- a/go.sum +++ b/go.sum @@ -113,6 +113,8 @@ github.com/anchore/packageurl-go v0.1.1-0.20240202171727-877e1747d426 h1:agoiZch github.com/anchore/packageurl-go v0.1.1-0.20240202171727-877e1747d426/go.mod h1:Blo6OgJNiYF41ufcgHKkbCKF2MDOMlrqhXv/ij6ocR4= github.com/anchore/stereoscope v0.0.2-0.20240229175558-fe426d1b1c84 h1:/E74wU51M87fX5UWHubLZiENXbuAci+xtbSb+JFsIYg= github.com/anchore/stereoscope v0.0.2-0.20240229175558-fe426d1b1c84/go.mod h1:evQiJMQG56Z7/L5uhA8kfhhjF6ESJUZzUH9ms6bQ2Co= +github.com/anchore/stereoscope v0.0.2-0.20240408144509-8d7048637a90 h1:9vp/542duKZNCybC0kliuK0stKDxQXWvnEXzrjZWszo= +github.com/anchore/stereoscope v0.0.2-0.20240408144509-8d7048637a90/go.mod h1:cA2K/Q7863hceycCSYhojMA7m4Zc3ED/iVYCJuIoj2U= github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8= github.com/andybalholm/brotli v1.0.1/go.mod h1:loMXtMfwqflxFJPmdbJO0a3KNoPuLBgiu3qAvBg8x/Y= github.com/andybalholm/brotli v1.0.4 h1:V7DdXeJtZscaqfNuAdSRuRFzuiKlHSC/Zh3zl9qY3JY= diff --git a/syft/get_source.go b/syft/get_source.go index c555ea70f14..11b43a32ee6 100644 --- a/syft/get_source.go +++ b/syft/get_source.go @@ -4,9 +4,9 @@ import ( "context" "errors" "fmt" - "os" - "github.com/anchore/syft/syft/source" + "os" + "strings" ) // GetSource uses all of Syft's known source providers to attempt to resolve the user input to a usable source.Source @@ -21,21 +21,16 @@ func GetSource(ctx context.Context, userInput string, cfg *GetSourceConfig) (sou } var errs []error - var fileNotfound error + var fileNotFoundProviders []string // call each source provider until we find a valid source for _, p := range providers { src, err := p.Provide(ctx) if err != nil { - err = eachError(err, func(err error) error { - if errors.Is(err, os.ErrNotExist) { - fileNotfound = err - return nil - } - return err - }) - if err != nil { - errs = append(errs, err) + if errors.Is(err, os.ErrNotExist) { + fileNotFoundProviders = append(fileNotFoundProviders, p.Name()) + } else { + errs = append(errs, fmt.Errorf("%s: %w", p.Name(), err)) } } if src != nil { @@ -52,8 +47,8 @@ func GetSource(ctx context.Context, userInput string, cfg *GetSourceConfig) (sou } } - if fileNotfound != nil { - errs = append([]error{fileNotfound}, errs...) + if len(fileNotFoundProviders) > 0 { + errs = append(errs, fmt.Errorf("additionally, the following providers failed with %w: %s", os.ErrNotExist, strings.Join(fileNotFoundProviders, ", "))) } return nil, sourceError(userInput, errs...) } @@ -71,31 +66,3 @@ func sourceError(userInput string, errs ...error) error { } return fmt.Errorf("errors occurred attempting to resolve '%s':%s", userInput, errorTexts) } - -func eachError(err error, fn func(error) error) error { - out := fn(err) - // unwrap singly wrapped errors - if e, ok := err.(interface { - Unwrap() error - }); ok { - wrapped := e.Unwrap() - got := eachError(wrapped, fn) - // return the outer error if received the same wrapped error - if errors.Is(got, wrapped) { - return err - } - return got - } - // unwrap errors from errors.Join - if errs, ok := err.(interface { - Unwrap() []error - }); ok { - for _, e := range errs.Unwrap() { - e = eachError(e, fn) - if e != nil { - out = errors.Join(out, e) - } - } - } - return out -} From bf206d5a0b6eeccf1eb9d303b1af0a488c8cf4f4 Mon Sep 17 00:00:00 2001 From: Will Murphy Date: Mon, 8 Apr 2024 13:05:16 -0400 Subject: [PATCH 2/3] lint fix Signed-off-by: Will Murphy --- go.sum | 2 -- syft/get_source.go | 3 ++- syft/pkg/cataloger/php/parse_pecl_serialized.go | 3 ++- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/go.sum b/go.sum index 7ab8fc59668..ff5055de8ed 100644 --- a/go.sum +++ b/go.sum @@ -111,8 +111,6 @@ github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b h1:e1bmaoJfZV github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b/go.mod h1:Bkc+JYWjMCF8OyZ340IMSIi2Ebf3uwByOk6ho4wne1E= github.com/anchore/packageurl-go v0.1.1-0.20240312213626-055233e539b4 h1:SjemQ90fgflz39HG+VMkNfrpUVJpcFW6ZFA3TDXqzBM= github.com/anchore/packageurl-go v0.1.1-0.20240312213626-055233e539b4/go.mod h1:Blo6OgJNiYF41ufcgHKkbCKF2MDOMlrqhXv/ij6ocR4= -github.com/anchore/stereoscope v0.0.2-0.20240229175558-fe426d1b1c84 h1:/E74wU51M87fX5UWHubLZiENXbuAci+xtbSb+JFsIYg= -github.com/anchore/stereoscope v0.0.2-0.20240229175558-fe426d1b1c84/go.mod h1:evQiJMQG56Z7/L5uhA8kfhhjF6ESJUZzUH9ms6bQ2Co= github.com/anchore/stereoscope v0.0.2-0.20240408144509-8d7048637a90 h1:9vp/542duKZNCybC0kliuK0stKDxQXWvnEXzrjZWszo= github.com/anchore/stereoscope v0.0.2-0.20240408144509-8d7048637a90/go.mod h1:cA2K/Q7863hceycCSYhojMA7m4Zc3ED/iVYCJuIoj2U= github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8= diff --git a/syft/get_source.go b/syft/get_source.go index 11b43a32ee6..8bd7e8801a5 100644 --- a/syft/get_source.go +++ b/syft/get_source.go @@ -4,9 +4,10 @@ import ( "context" "errors" "fmt" - "github.com/anchore/syft/syft/source" "os" "strings" + + "github.com/anchore/syft/syft/source" ) // GetSource uses all of Syft's known source providers to attempt to resolve the user input to a usable source.Source diff --git a/syft/pkg/cataloger/php/parse_pecl_serialized.go b/syft/pkg/cataloger/php/parse_pecl_serialized.go index 9779c7e047e..7f48f209607 100644 --- a/syft/pkg/cataloger/php/parse_pecl_serialized.go +++ b/syft/pkg/cataloger/php/parse_pecl_serialized.go @@ -5,12 +5,13 @@ import ( "fmt" "io" + "github.com/elliotchance/phpserialize" + "github.com/anchore/syft/internal/log" "github.com/anchore/syft/syft/artifact" "github.com/anchore/syft/syft/file" "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/pkg/cataloger/generic" - "github.com/elliotchance/phpserialize" ) // parsePeclSerialized is a parser function for PECL metadata contents, returning "Default" php packages discovered. From ce92b22cb8f8bce538372b57c1fe746731ae18d1 Mon Sep 17 00:00:00 2001 From: Will Murphy Date: Tue, 23 Apr 2024 14:05:19 -0400 Subject: [PATCH 3/3] bump stereoscope to v0.0.2 Signed-off-by: Will Murphy --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index e38de9780e5..6cf40b84309 100644 --- a/go.mod +++ b/go.mod @@ -17,7 +17,7 @@ require ( github.com/anchore/go-testutils v0.0.0-20200925183923-d5f45b0d3c04 github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b github.com/anchore/packageurl-go v0.1.1-0.20240312213626-055233e539b4 - github.com/anchore/stereoscope v0.0.2-0.20240408144509-8d7048637a90 + github.com/anchore/stereoscope v0.0.2 github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be // we are hinting brotli to latest due to warning when installing archiver v3: // go: warning: github.com/andybalholm/brotli@v1.0.1: retracted by module author: occasional panics and data corruption diff --git a/go.sum b/go.sum index 95508537708..c6a4c3e450b 100644 --- a/go.sum +++ b/go.sum @@ -111,8 +111,8 @@ github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b h1:e1bmaoJfZV github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b/go.mod h1:Bkc+JYWjMCF8OyZ340IMSIi2Ebf3uwByOk6ho4wne1E= github.com/anchore/packageurl-go v0.1.1-0.20240312213626-055233e539b4 h1:SjemQ90fgflz39HG+VMkNfrpUVJpcFW6ZFA3TDXqzBM= github.com/anchore/packageurl-go v0.1.1-0.20240312213626-055233e539b4/go.mod h1:Blo6OgJNiYF41ufcgHKkbCKF2MDOMlrqhXv/ij6ocR4= -github.com/anchore/stereoscope v0.0.2-0.20240408144509-8d7048637a90 h1:9vp/542duKZNCybC0kliuK0stKDxQXWvnEXzrjZWszo= -github.com/anchore/stereoscope v0.0.2-0.20240408144509-8d7048637a90/go.mod h1:cA2K/Q7863hceycCSYhojMA7m4Zc3ED/iVYCJuIoj2U= +github.com/anchore/stereoscope v0.0.2 h1:UTFHB/I3w7dfKvgf0K8+3T5MLZ5/hGhgbNUPVU4T26s= +github.com/anchore/stereoscope v0.0.2/go.mod h1:ckIamHiRMp8iBwWoTtE5Xkt9VQ5QC+6+O4VzwqyZr5Q= github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8= github.com/andybalholm/brotli v1.0.1/go.mod h1:loMXtMfwqflxFJPmdbJO0a3KNoPuLBgiu3qAvBg8x/Y= github.com/andybalholm/brotli v1.0.4 h1:V7DdXeJtZscaqfNuAdSRuRFzuiKlHSC/Zh3zl9qY3JY=