fix (whitesourceExecuteScan) keep tar extension for target image donwload (#3774)

* explicitly adding tar extension to project name when constructing the targetFilePath for whitesource docker image download * comments * correcting comment for better readability * replace spaces in the project name with underscroe * better comments * passing legacy format download * appending format to value * keeping the download format for protecode as legacy * improving docu * keeping legacy format the default * keeping tar file name same as project name to avoid duplicate names * keeping legacy format download hard coded Co-authored-by: anilkeshav27 <you@example.com>
2025-10-30 23:57:50 +02:00 · 2022-05-13 18:56:41 +02:00
parent b7cc1eb62f
commit e6724d7f05
6 changed files with 35 additions and 4 deletions
--- a/cmd/containerSaveImage.go
+++ b/cmd/containerSaveImage.go
@@ -19,7 +19,7 @@ func containerSaveImage(config containerSaveImageOptions, telemetryData *telemet

 	fileUtils := piperutils.Files{}

-	dClientOptions := piperDocker.ClientOptions{ImageName: config.ContainerImage, RegistryURL: config.ContainerRegistryURL, LocalPath: config.FilePath}
+	dClientOptions := piperDocker.ClientOptions{ImageName: config.ContainerImage, RegistryURL: config.ContainerRegistryURL, LocalPath: config.FilePath, ImageFormat: config.ImageFormat}
 	dClient := &piperDocker.Client{}
 	dClient.SetOptions(dClientOptions)

@@ -40,6 +40,10 @@ func runContainerSaveImage(config *containerSaveImageOptions, telemetryData *tel
 		tarfilePath = filenameFromContainer(rootPath, config.ContainerImage)
 	} else {
 		tarfilePath = filepath.Join(rootPath, tarfilePath)
+		// tarfilePath is passed as project name that will not consist of the .tar extension hence adding the extension and replacing spaces with _
+		if fileExtension := filepath.Ext(tarfilePath); fileExtension != ".tar" {
+			tarfilePath = fmt.Sprintf("%s.tar", tarfilePath)
+		}
 	}

 	log.Entry().Infof("Downloading '%s' to '%s'", config.ContainerImage, tarfilePath)
--- a/cmd/containerSaveImage_generated.go
+++ b/cmd/containerSaveImage_generated.go
@@ -22,6 +22,7 @@ type containerSaveImageOptions struct {
 	ContainerRegistryUser     string `json:"containerRegistryUser,omitempty"`
 	FilePath                  string `json:"filePath,omitempty"`
 	DockerConfigJSON          string `json:"dockerConfigJSON,omitempty"`
+	ImageFormat               string `json:"imageFormat,omitempty" validate:"possible-values=tarball oci legacy"`
 }

 // ContainerSaveImageCommand Saves a container image as a tar file
@@ -124,6 +125,7 @@ func addContainerSaveImageFlags(cmd *cobra.Command, stepConfig *containerSaveIma
 	cmd.Flags().StringVar(&stepConfig.ContainerRegistryUser, "containerRegistryUser", os.Getenv("PIPER_containerRegistryUser"), "For `buildTool: docker`: Username for container registry access - typically provided by the CI/CD environment.")
 	cmd.Flags().StringVar(&stepConfig.FilePath, "filePath", os.Getenv("PIPER_filePath"), "The path to the file to which the image should be saved.")
 	cmd.Flags().StringVar(&stepConfig.DockerConfigJSON, "dockerConfigJSON", os.Getenv("PIPER_dockerConfigJSON"), "Path to the file `.docker/config.json` - this is typically provided by your CI/CD system. You can find more details about the Docker credentials in the [Docker documentation](https://docs.docker.com/engine/reference/commandline/login/).")
+	cmd.Flags().StringVar(&stepConfig.ImageFormat, "imageFormat", `legacy`, "Format of the image when saving the docker image locally.")

 	cmd.MarkFlagRequired("containerRegistryUrl")
 	cmd.MarkFlagRequired("containerImage")
@@ -243,6 +245,15 @@ func containerSaveImageMetadata() config.StepData {
 						Aliases:   []config.Alias{},
 						Default:   os.Getenv("PIPER_dockerConfigJSON"),
 					},
+					{
+						Name:        "imageFormat",
+						ResourceRef: []config.ResourceReference{},
+						Scope:       []string{"PARAMETERS", "STAGES", "STEPS"},
+						Type:        "string",
+						Mandatory:   false,
+						Aliases:     []config.Alias{},
+						Default:     `legacy`,
+					},
 				},
 			},
 		},
--- a/cmd/protecodeExecuteScan.go
+++ b/cmd/protecodeExecuteScan.go
@@ -50,7 +50,7 @@ func protecodeExecuteScan(config protecodeExecuteScanOptions, telemetryData *tel
 	log.Entry().Debug("Create protecode client")
 	client := createProtecodeClient(&config)

-	dClientOptions := piperDocker.ClientOptions{ImageName: config.ScanImage, RegistryURL: config.DockerRegistryURL, LocalPath: config.FilePath}
+	dClientOptions := piperDocker.ClientOptions{ImageName: config.ScanImage, RegistryURL: config.DockerRegistryURL, LocalPath: config.FilePath, ImageFormat: "legacy"}
 	dClient := &piperDocker.Client{}
 	dClient.SetOptions(dClientOptions)

--- a/cmd/whitesourceExecuteScan.go
+++ b/cmd/whitesourceExecuteScan.go
@@ -178,8 +178,9 @@ func runWhitesourceScan(config *ScanOptions, scan *ws.Scan, utils whitesourceUti
 			ContainerRegistryPassword: config.ContainerRegistryPassword,
 			DockerConfigJSON:          config.DockerConfigJSON,
 			FilePath:                  config.ProjectName,
+			ImageFormat:               "legacy", // keep the image format legacy or whitesource is not able to read layers
 		}
-		dClientOptions := piperDocker.ClientOptions{ImageName: saveImageOptions.ContainerImage, RegistryURL: saveImageOptions.ContainerRegistryURL, LocalPath: ""}
+		dClientOptions := piperDocker.ClientOptions{ImageName: saveImageOptions.ContainerImage, RegistryURL: saveImageOptions.ContainerRegistryURL, LocalPath: "", ImageFormat: "legacy"}
 		dClient := &piperDocker.Client{}
 		dClient.SetOptions(dClientOptions)
 		if _, err := runContainerSaveImage(&saveImageOptions, &telemetry.CustomData{}, "./cache", "", dClient, utils); err != nil {
--- a/pkg/docker/docker.go
+++ b/pkg/docker/docker.go
@@ -85,6 +85,7 @@ type Client struct {
 	registryURL   string
 	localPath     string
 	includeLayers bool
+	imageFormat   string
 }

 // ClientOptions defines the options to be set on the client
@@ -92,6 +93,7 @@ type ClientOptions struct {
 	ImageName   string
 	RegistryURL string
 	LocalPath   string
+	ImageFormat string
 }

 //Download interface for download an image to a local path
@@ -106,6 +108,7 @@ func (c *Client) SetOptions(options ClientOptions) {
 	c.imageName = options.ImageName
 	c.registryURL = options.RegistryURL
 	c.localPath = options.LocalPath
+	c.imageFormat = options.ImageFormat
 }

 //DownloadImageContent downloads the image content into the given targetDir. Returns with an error if the targetDir doesnt exist
@@ -168,7 +171,7 @@ func (c *Client) DownloadImage(imageSource, targetFile string) (v1.Image, error)
 	craneCmd := cranecmd.NewCmdPull(&noOpts)
 	craneCmd.SetOut(log.Writer())
 	craneCmd.SetErr(log.Writer())
-	craneCmd.SetArgs([]string{imageRef.Name(), tmpFile.Name(), "--format=tarball"})
+	craneCmd.SetArgs([]string{imageRef.Name(), tmpFile.Name(), "--format=" + c.imageFormat})

 	if err := craneCmd.Execute(); err != nil {
 		defer os.Remove(tmpFile.Name())
--- a/resources/metadata/containerSaveImage.yaml
+++ b/resources/metadata/containerSaveImage.yaml
@@ -93,3 +93,15 @@ spec:
          - type: vaultSecretFile
            name: dockerConfigFileVaultSecretName
            default: docker-config
+      - name: imageFormat
+        type: string
+        description: Format of the image when saving the docker image locally.
+        scope:
+          - PARAMETERS
+          - STAGES
+          - STEPS
+        default: legacy
+        possibleValues:
+          - tarball
+          - oci
+          - legacy