Separate the execution vendor type sbom from image_scan (#20504)

Add vendor type SBOM for execution fixes #20495 Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-11-22 10:15:35 +01:00 · 2024-05-29 15:45:28 +08:00 · 2024-05-29 15:45:28 +08:00 · 6d782ae695
commit 6d782ae695
parent 1f0c8289a5
7 changed files with 42 additions and 3 deletions
--- a/src/controller/scan/base_controller.go
+++ b/src/controller/scan/base_controller.go
@ -333,7 +333,11 @@ func (bc *basicController) Scan(ctx context.Context, artifact *ar.Artifact, opti
 		if op := operator.FromContext(ctx); op != "" {
 			extraAttrs["operator"] = op
 		}
-		executionID, err := bc.execMgr.Create(ctx, job.ImageScanJobVendorType, artifact.ID, task.ExecutionTriggerManual, extraAttrs)
+		vendorType := handler.JobVendorType()
 		// for vulnerability and generate sbom, use different vendor type
 		// because the execution reaper only keep the latest execution for the vendor type IMAGE_SCAN
 		// both vulnerability and sbom need to keep the latest scan execution to get the latest scan status
 		executionID, err := bc.execMgr.Create(ctx, vendorType, artifact.ID, task.ExecutionTriggerManual, extraAttrs)
 		if err != nil {
 			return err
 		}
@ -364,7 +368,8 @@ func (bc *basicController) Stop(ctx context.Context, artifact *ar.Artifact, capT
 	if artifact == nil {
 		return errors.New("nil artifact to stop scan")
 	}
-	query := q.New(q.KeyWords{"vendor_type": job.ImageScanJobVendorType, "extra_attrs.artifact.digest": artifact.Digest, "extra_attrs.enabled_capabilities.type": capType})
+	vendorType := sca.GetScanHandler(capType).JobVendorType()
 	query := q.New(q.KeyWords{"vendor_type": vendorType, "extra_attrs.artifact.digest": artifact.Digest, "extra_attrs.enabled_capabilities.type": capType})
 	executions, err := bc.execMgr.List(ctx, query)
 	if err != nil {
 		return err
@ -960,7 +965,8 @@ func (bc *basicController) launchScanJob(ctx context.Context, param *launchScanJ
 	params[sca.JobParameterRequest] = sJSON
 	params[sca.JobParameterMimes] = mimes
 	params[sca.JobParameterRobot] = robotJSON
-
+	// because there is only one task type implementation
 	// both the vulnerability scan and generate sbom use the same job type for now
 	j := &task.Job{
 		Name: job.ImageScanJobVendorType,
 		Metadata: &job.Metadata{
--- a/src/controller/scan/base_controller_test.go
+++ b/src/controller/scan/base_controller_test.go
@ -342,6 +342,8 @@ func (suite *ControllerTestSuite) SetupSuite() {
 		reportConverter: &postprocessorstesting.ScanReportV1ToV2Converter{},
 		cache:           func() cache.Cache { return suite.cache },
 	}
 	mock.OnAnything(suite.scanHandler, "JobVendorType").Return("IMAGE_SCAN")
 }
 // TearDownSuite ...
--- a/src/jobservice/job/known_jobs.go
+++ b/src/jobservice/job/known_jobs.go
@ -22,6 +22,8 @@ const (
 	// ImageScanJobVendorType is name of scan job it will be used as key to register to job service.
 	ImageScanJobVendorType = "IMAGE_SCAN"
 	// SBOMJobVendorType key to create sbom generate execution.
 	SBOMJobVendorType = "SBOM"
 	// GarbageCollectionVendorType job name
 	GarbageCollectionVendorType = "GARBAGE_COLLECTION"
 	// ReplicationVendorType : the name of the replication job in job service
@ -52,6 +54,7 @@ var (
 	// executionSweeperCount stores the count for execution retained
 	executionSweeperCount = map[string]int64{
 		ImageScanJobVendorType:          1,
 		SBOMJobVendorType:               1,
 		ScanAllVendorType:               1,
 		PurgeAuditVendorType:            10,
 		ExecSweepVendorType:             10,
--- a/src/pkg/scan/handler.go
+++ b/src/pkg/scan/handler.go
@ -50,6 +50,8 @@ type Handler interface {
 	// PostScan defines the operation after scan
 	PostScan(ctx job.Context, sr *v1.ScanRequest, rp *scan.Report, rawReport string, startTime time.Time, robot *model.Robot) (string, error)
 	ReportHandler
 	// JobVendorType returns the job vendor type
 	JobVendorType() string
 }
 // ReportHandler handler for scan report, it could be sbom report or vulnerability report
--- a/src/pkg/scan/sbom/sbom.go
+++ b/src/pkg/scan/sbom/sbom.go
@ -345,3 +345,7 @@ func (h *scanHandler) GetSummary(ctx context.Context, art *artifact.Artifact, mi
 	err = json.Unmarshal([]byte(reportContent), &result)
 	return result, err
 }
 func (h *scanHandler) JobVendorType() string {
 	return job.SBOMJobVendorType
 }
--- a/src/pkg/scan/vulnerability/vul.go
+++ b/src/pkg/scan/vulnerability/vul.go
@ -301,3 +301,7 @@ func (h *scanHandler) GetSummary(ctx context.Context, ar *artifact.Artifact, mim
 	return summaries, nil
 }
 func (h *scanHandler) JobVendorType() string {
 	return job.ImageScanJobVendorType
 }
--- a/src/testing/pkg/scan/handler.go
+++ b/src/testing/pkg/scan/handler.go
@ -89,6 +89,24 @@ func (_m *Handler) GetSummary(ctx context.Context, ar *artifact.Artifact, mimeTy
 	return r0, r1
 }
 // JobVendorType provides a mock function with given fields:
 func (_m *Handler) JobVendorType() string {
 	ret := _m.Called()
 	if len(ret) == 0 {
 		panic("no return value specified for JobVendorType")
 	}
 	var r0 string
 	if rf, ok := ret.Get(0).(func() string); ok {
 		r0 = rf()
 	} else {
 		r0 = ret.Get(0).(string)
 	}
 	return r0
 }
 // MakePlaceHolder provides a mock function with given fields: ctx, art, r
 func (_m *Handler) MakePlaceHolder(ctx context.Context, art *artifact.Artifact, r *scanner.Registration) ([]*scan.Report, error) {
 	ret := _m.Called(ctx, art, r)