From e051cfd9962f37d9d608cb3b73a1c3da52416376 Mon Sep 17 00:00:00 2001 From: tomersein Date: Tue, 19 Nov 2024 15:11:43 +0200 Subject: [PATCH 1/2] add set layer limit Signed-off-by: tomersein --- cmd/syft/internal/options/source.go | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/cmd/syft/internal/options/source.go b/cmd/syft/internal/options/source.go index fcc81bd31d4..4ad672915d5 100644 --- a/cmd/syft/internal/options/source.go +++ b/cmd/syft/internal/options/source.go @@ -5,6 +5,8 @@ import ( "sort" "strings" + stereoscopeFile "github.com/anchore/stereoscope/pkg/file" + "github.com/dustin/go-humanize" "github.com/scylladb/go-set/strset" "github.com/anchore/clio" @@ -20,7 +22,8 @@ type sourceConfig struct { } type fileSource struct { - Digests []string `json:"digests" yaml:"digests" mapstructure:"digests"` + Digests []string `json:"digests" yaml:"digests" mapstructure:"digests"` + MaxLayerSize string `json:"max-layer-size" yaml:"max-layer-size" mapstructure:"max-layer-size"` } var _ interface { @@ -53,6 +56,13 @@ func (c *fileSource) PostLoad() error { digests := strset.New(c.Digests...).List() sort.Strings(digests) c.Digests = digests + if c.MaxLayerSize != "" { + perFileReadLimit, err := humanize.ParseBytes(c.MaxLayerSize) + if err != nil { + return err + } + stereoscopeFile.SetPerFileReadLimit(int64(perFileReadLimit)) + } return nil } From ee31ef80dd4d169cb038985dbb88e955f92105f7 Mon Sep 17 00:00:00 2001 From: tomersein Date: Sat, 30 Nov 2024 08:15:51 +0200 Subject: [PATCH 2/2] limit layer size Signed-off-by: tomersein --- cmd/syft/internal/options/source.go | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/cmd/syft/internal/options/source.go b/cmd/syft/internal/options/source.go index 4ad672915d5..53078305c2e 100644 --- a/cmd/syft/internal/options/source.go +++ b/cmd/syft/internal/options/source.go @@ -22,14 +22,15 @@ type sourceConfig struct { } type fileSource struct { - Digests []string `json:"digests" yaml:"digests" mapstructure:"digests"` - MaxLayerSize string `json:"max-layer-size" yaml:"max-layer-size" mapstructure:"max-layer-size"` + Digests []string `json:"digests" yaml:"digests" mapstructure:"digests"` } var _ interface { clio.FieldDescriber } = (*sourceConfig)(nil) +var _ clio.PostLoader = (*imageSource)(nil) + func (o *sourceConfig) DescribeFields(descriptions clio.FieldDescriptionSet) { descriptions.Add(&o.File.Digests, `the file digest algorithms to use on the scanned file (options: "md5", "sha1", "sha224", "sha256", "sha384", "sha512")`) descriptions.Add(&o.Image.DefaultPullSource, `allows users to specify which image source should be used to generate the sbom @@ -38,6 +39,7 @@ valid values are: registry, docker, podman`) type imageSource struct { DefaultPullSource string `json:"default-pull-source" yaml:"default-pull-source" mapstructure:"default-pull-source"` + MaxLayerSize string `json:"max-layer-size" yaml:"max-layer-size" mapstructure:"max-layer-size"` } func defaultSourceConfig() sourceConfig { @@ -56,6 +58,10 @@ func (c *fileSource) PostLoad() error { digests := strset.New(c.Digests...).List() sort.Strings(digests) c.Digests = digests + return nil +} + +func (c *imageSource) PostLoad() error { if c.MaxLayerSize != "" { perFileReadLimit, err := humanize.ParseBytes(c.MaxLayerSize) if err != nil { @@ -63,10 +69,6 @@ func (c *fileSource) PostLoad() error { } stereoscopeFile.SetPerFileReadLimit(int64(perFileReadLimit)) } - return nil -} - -func (c imageSource) PostLoad() error { return checkDefaultSourceValues(c.DefaultPullSource) }