From ea203a2c694e7af9b6242ead87d54e1fa73a5435 Mon Sep 17 00:00:00 2001 From: Jesse Awan <44555906+I501307@users.noreply.github.com> Date: Tue, 26 Jan 2021 09:59:10 +0100 Subject: [PATCH] fix(protecode): handle sha256 in upload artifacts (#2532) * add sha256 check to protecodeExecuteScan * remove trailing spaces * add Unit-Test for getTarName * Apply suggestions from code review Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com> --- cmd/protecodeExecuteScan.go | 6 +++++- cmd/protecodeExecuteScan_test.go | 13 +++++++++++-- 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/cmd/protecodeExecuteScan.go b/cmd/protecodeExecuteScan.go index f5e72df1b..3bac12958 100644 --- a/cmd/protecodeExecuteScan.go +++ b/cmd/protecodeExecuteScan.go @@ -330,11 +330,15 @@ func correctDockerConfigEnvVar(config *protecodeExecuteScanOptions) { func getTarName(config *protecodeExecuteScanOptions) string { // remove original version fileName := strings.TrimSuffix(config.ScanImage, ":"+config.ArtifactVersion) + // remove sha digest if exists + sha256 := "@sha256" + if index := strings.Index(fileName, sha256); index > -1 { + fileName = fileName[:index] + } // append trimmed version if version := handleArtifactVersion(config.ArtifactVersion); len(version) > 0 { fileName = fileName + "_" + version } - // replace unwanted chars fileName = strings.ReplaceAll(fileName, "/", "_") return fileName + ".tar" } diff --git a/cmd/protecodeExecuteScan_test.go b/cmd/protecodeExecuteScan_test.go index 43181791e..6d526c5cc 100644 --- a/cmd/protecodeExecuteScan_test.go +++ b/cmd/protecodeExecuteScan_test.go @@ -399,13 +399,22 @@ func TestGetTarName(t *testing.T) { "3.20.20-20200131085038+eeb7c1033339bfd404d21ec5e7dc05c80e9e985e", "abc_3.tar", }, - "without version ": { + "without version": { "abc", "", "abc.tar", }, + "ScanImage without sha as artifactVersion": { + "abc@sha256:12345", + "", + "abc.tar", + }, + "ScanImage with sha as artifactVersion": { + "ppiper/cf-cli@sha256:c25dbacb9ab6e912afe0fe926d8f9d949c60adfe55d16778bde5941e6c37be11", + "c25dbacb9ab6e912afe0fe926d8f9d949c60adfe55d16778bde5941e6c37be11", + "ppiper_cf-cli_c25dbacb9ab6e912afe0fe926d8f9d949c60adfe55d16778bde5941e6c37be11.tar", + }, } - for name, c := range cases { t.Run(name, func(t *testing.T) { assert.Equal(t, c.expect, getTarName(&protecodeExecuteScanOptions{ScanImage: c.image, ArtifactVersion: c.version}))