minor review adjustments

Signed-off-by: Alex Goodman <[email protected]>
anchore · Nov 12, 2024 · 2c97d5d · 2c97d5d
1 parent 8c06316
commit 2c97d5d
Show file tree

Hide file tree

Showing 7 changed files with 27 additions and 29 deletions.
diff --git a/go.mod b/go.mod
@@ -89,8 +89,8 @@ require google.golang.org/genproto v0.0.0-20240213162025-012b6fc9bca9 // indirec
 require (
 	github.com/BurntSushi/toml v1.4.0
 	github.com/OneOfOne/xxhash v1.2.8
-	github.com/hashicorp/hcl/v2 v2.22.0
 	github.com/adrg/xdg v0.5.3
+	github.com/hashicorp/hcl/v2 v2.22.0
 	github.com/magiconair/properties v1.8.7
 	golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56
 )

diff --git a/internal/task/package_tasks.go b/internal/task/package_tasks.go
@@ -152,6 +152,6 @@ func DefaultPackageTaskFactories() PackageTaskFactories {
 		),
 		newSimplePackageTaskFactory(sbomCataloger.NewCataloger, "sbom"), // note: not evidence of installed packages
 		newSimplePackageTaskFactory(wordpress.NewWordpressPluginCataloger, pkgcataloging.DirectoryTag, pkgcataloging.ImageTag, "wordpress"),
-		newSimplePackageTaskFactory(terraform.NewTerraformCataloger, pkgcataloging.DirectoryTag, "terraform"),
+		newSimplePackageTaskFactory(terraform.NewLockCataloger, pkgcataloging.DeclaredTag, pkgcataloging.DirectoryTag, "terraform"),
 	}
 }
diff --git a/syft/internal/packagemetadata/names.go b/syft/internal/packagemetadata/names.go
@@ -109,7 +109,7 @@ var jsonTypes = makeJSONTypes(
 	jsonNamesWithoutLookup(pkg.RustBinaryAuditEntry{}, "rust-cargo-audit-entry", "RustCargoPackageMetadata"), // the legacy value is split into two types, where the other is preferred
 	jsonNames(pkg.WordpressPluginEntry{}, "wordpress-plugin-entry", "WordpressMetadata"),
 	jsonNames(pkg.LuaRocksPackage{}, "luarocks-package"),
-	jsonNames(pkg.TerraformLockEntry{}, "terraform-lock-entry", "TerraformMetadata"),
+	jsonNames(pkg.TerraformLockEntry{}, "terraform-lock-entry"),
 )
 
 func expandLegacyNameVariants(names ...string) []string {

diff --git a/syft/pkg/cataloger/terraform/cataloger.go b/syft/pkg/cataloger/terraform/cataloger.go
@@ -5,8 +5,7 @@ import (
 	"github.com/anchore/syft/syft/pkg/cataloger/generic"
 )
 
-func NewTerraformCataloger() pkg.Cataloger {
-	return generic.NewCataloger("terraform-cataloger").
-		WithParserByGlobs(parseTerraformLock, "**/.terraform.lock.hcl").
-		WithProcessors()
+func NewLockCataloger() pkg.Cataloger {
+	return generic.NewCataloger("terraform-lock-cataloger").
+		WithParserByGlobs(parseTerraformLock, "**/.terraform.lock.hcl")
 }
diff --git a/syft/pkg/cataloger/terraform/cataloger_test.go b/syft/pkg/cataloger/terraform/cataloger_test.go
@@ -11,15 +11,15 @@ import (
 )
 
 func TestTerraformCataloger(t *testing.T) {
-	c := NewTerraformCataloger()
+	c := NewLockCataloger()
 
 	fileLoc := file.NewLocation(".terraform.lock.hcl")
 	location := fileLoc.WithAnnotation(pkg.EvidenceAnnotationKey, pkg.PrimaryEvidenceAnnotation)
 
 	awsProviderPkg := pkg.Package{
 		Name:      "registry.terraform.io/hashicorp/aws",
 		Version:   "5.72.1",
-		FoundBy:   "terraform-cataloger",
+		FoundBy:   "terraform-lock-cataloger",
 		Locations: file.NewLocationSet(location),
 		Type:      pkg.TerraformPkg,
 		PURL:      "pkg:terraform/registry.terraform.io/hashicorp/[email protected]",
@@ -52,7 +52,7 @@ func TestTerraformCataloger(t *testing.T) {
 	gcpProviderPkg := pkg.Package{
 		Name:      "registry.terraform.io/hashicorp/google",
 		Version:   "6.8.0",
-		FoundBy:   "terraform-cataloger",
+		FoundBy:   "terraform-lock-cataloger",
 		Locations: file.NewLocationSet(location),
 		Type:      pkg.TerraformPkg,
 		PURL:      "pkg:terraform/registry.terraform.io/hashicorp/[email protected]",

diff --git a/syft/pkg/cataloger/terraform/parse_tf_lock.go b/syft/pkg/cataloger/terraform/parse_tf_lock.go
@@ -5,9 +5,9 @@ import (
 	"fmt"
 	"io"
 
-	"github.com/anchore/packageurl-go"
 	"github.com/hashicorp/hcl/v2/hclsimple"
 
+	"github.com/anchore/packageurl-go"
 	"github.com/anchore/syft/syft/artifact"
 	"github.com/anchore/syft/syft/file"
 	"github.com/anchore/syft/syft/pkg"
@@ -34,10 +34,9 @@ func parseTerraformLock(_ context.Context, _ file.Resolver, _ *generic.Environme
 	pkgs := make([]pkg.Package, 0, len(lockFile.Providers))
 
 	for _, provider := range lockFile.Providers {
-		pkg := pkg.Package{
+		p := pkg.Package{
 			Name:      provider.URL,
 			Version:   provider.Version,
-			FoundBy:   "terraform-cataloger",
 			Locations: file.NewLocationSet(reader.Location.WithAnnotation(pkg.EvidenceAnnotationKey, pkg.PrimaryEvidenceAnnotation)),
 			Licenses:  pkg.NewLicenseSet(), // TODO: license could be found in .terraform/providers/${name}/${version}/${arch}/LICENSE.txt
 			// TODO: Language?
@@ -46,9 +45,9 @@ func parseTerraformLock(_ context.Context, _ file.Resolver, _ *generic.Environme
 			PURL:     packageurl.NewPackageURL(packageurl.TypeTerraform, "", provider.URL, provider.Version, nil, "").String(),
 			Metadata: provider,
 		}
-		pkg.SetID()
+		p.SetID()
 
-		pkgs = append(pkgs, pkg)
+		pkgs = append(pkgs, p)
 	}
 
 	return pkgs, nil, nil

diff --git a/syft/pkg/type.go b/syft/pkg/type.go
@@ -33,6 +33,7 @@ const (
 	LinuxKernelModulePkg    Type = "linux-kernel-module"
 	NixPkg                  Type = "nix"
 	NpmPkg                  Type = "npm"
+	OpamPkg                 Type = "opam"
 	PhpComposerPkg          Type = "php-composer"
 	PhpPeclPkg              Type = "php-pecl"
 	PortagePkg              Type = "portage"
@@ -43,9 +44,8 @@ const (
 	RustPkg                 Type = "rust-crate"
 	SwiftPkg                Type = "swift"
 	SwiplPackPkg            Type = "swiplpack"
-	OpamPkg                 Type = "opam"
-	WordpressPluginPkg      Type = "wordpress-plugin"
 	TerraformPkg            Type = "terraform"
+	WordpressPluginPkg      Type = "wordpress-plugin"
 )
 
 // AllPkgs represents all supported package types
@@ -72,6 +72,7 @@ var AllPkgs = []Type{
 	LinuxKernelModulePkg,
 	NixPkg,
 	NpmPkg,
+	OpamPkg,
 	PhpComposerPkg,
 	PhpPeclPkg,
 	PortagePkg,
@@ -82,9 +83,8 @@ var AllPkgs = []Type{
 	RustPkg,
 	SwiftPkg,
 	SwiplPackPkg,
-	OpamPkg,
-	WordpressPluginPkg,
 	TerraformPkg,
+	WordpressPluginPkg,
 }
 
 // PackageURLType returns the PURL package type for the current package.
@@ -133,14 +133,16 @@ func (t Type) PackageURLType() string {
 		return packageurl.TypePyPi
 	case PortagePkg:
 		return "portage"
+	case LuaRocksPkg:
+		return packageurl.TypeLuaRocks
 	case NixPkg:
 		return "nix"
 	case NpmPkg:
 		return packageurl.TypeNPM
+	case OpamPkg:
+		return "opam"
 	case Rpkg:
 		return packageurl.TypeCran
-	case LuaRocksPkg:
-		return packageurl.TypeLuaRocks
 	case RpmPkg:
 		return packageurl.TypeRPM
 	case RustPkg:
@@ -149,12 +151,10 @@ func (t Type) PackageURLType() string {
 		return packageurl.TypeSwift
 	case SwiplPackPkg:
 		return "swiplpack"
-	case OpamPkg:
-		return "opam"
-	case WordpressPluginPkg:
-		return "wordpress-plugin"
 	case TerraformPkg:
 		return "terraform"
+	case WordpressPluginPkg:
+		return "wordpress-plugin"
 	default:
 		// TODO: should this be a "generic" purl type instead?
 		return ""
@@ -225,18 +225,18 @@ func TypeByName(name string) Type {
 		return LinuxKernelModulePkg
 	case "nix":
 		return NixPkg
+	case "opam":
+		return OpamPkg
 	case packageurl.TypeCran:
 		return Rpkg
 	case packageurl.TypeSwift:
 		return SwiftPkg
 	case "swiplpack":
 		return SwiplPackPkg
-	case "opam":
-		return OpamPkg
-	case "wordpress-plugin":
-		return WordpressPluginPkg
 	case "terraform":
 		return TerraformPkg
+	case "wordpress-plugin":
+		return WordpressPluginPkg
 	default:
 		return UnknownPkg
 	}