diff --git a/syft/cataloger/ruby/catalogers.go b/syft/cataloger/ruby/catalogers.go index 960cbf7209a..4cfa16ad98a 100644 --- a/syft/cataloger/ruby/catalogers.go +++ b/syft/cataloger/ruby/catalogers.go @@ -19,7 +19,7 @@ func NewGemFileLockCataloger() *common.GenericCataloger { // NewGemSpecCataloger returns a new Bundler cataloger object tailored for detecting installations of gems (e.g. Gemspec). func NewGemSpecCataloger() *common.GenericCataloger { globParsers := map[string]common.ParserFn{ - "**/specification/*.gemspec": parseGemSpecEntries, + "**/specifications/*.gemspec": parseGemSpecEntries, } return common.NewGenericCataloger(nil, globParsers, "ruby-gemspec-cataloger") diff --git a/test/inline-compare/Makefile b/test/inline-compare/Makefile index 58065ebfd34..59b4d646d5f 100644 --- a/test/inline-compare/Makefile +++ b/test/inline-compare/Makefile @@ -25,7 +25,7 @@ all: clean-syft compare-image: $(SYFT_REPORT) $(INLINE_REPORT) ./compare.py $(COMPARE_IMAGE) -.PHONY: gather-iamge +.PHONY: gather-image gather-image: $(SYFT_REPORT) $(INLINE_REPORT) $(INLINE_REPORT): diff --git a/test/inline-compare/compare-all.sh b/test/inline-compare/compare-all.sh index 54733d6ff66..85a8e9e20ef 100755 --- a/test/inline-compare/compare-all.sh +++ b/test/inline-compare/compare-all.sh @@ -2,7 +2,7 @@ set -eu # TODO: Add "alpine:3.12.0" back in when we've figured out how to handle the apk version field w/ and w/o release information (see issue: https://github.com/anchore/syft/pull/195) -images=("debian:10.5" "centos:8.2.2004") +images=("debian:10.5" "centos:8.2.2004" "rails:5.0.1") # gather all image analyses for img in "${images[@]}"; do diff --git a/test/inline-compare/compare.py b/test/inline-compare/compare.py index a5299da0fd3..d17accc74fe 100755 --- a/test/inline-compare/compare.py +++ b/test/inline-compare/compare.py @@ -33,8 +33,9 @@ def __init__(self, image, report_dir="./"): def packages(self): python_packages, python_metadata = self._python_packages() - os_pacakges, os_metadata = self._os_packages() - return python_packages | os_pacakges, {**python_metadata, **os_metadata} + gem_packages, gem_metadata = self._gem_packages() + os_packages, os_metadata = self._os_packages() + return python_packages | os_packages | gem_packages , {**python_metadata, **os_metadata, **gem_metadata} def _report_path(self, report): return os.path.join( @@ -67,6 +68,18 @@ def _python_packages(self): return packages, metadata + def _gem_packages(self): + packages = set() + metadata = collections.defaultdict(dict) + for entry in self._enumerate_section( + report="content-gem", section="content" + ): + package = Package(name=entry["package"], type=entry["type"].lower(),) + packages.add(package) + metadata[package.type][package] = Metadata(version=entry["version"]) + + return packages, metadata + def _os_packages(self): packages = set() metadata = collections.defaultdict(dict) @@ -162,7 +175,7 @@ def main(image): for package in syft_packages: metadata = syft_metadata[package.type][package] # we only want to really count mismatched metadata for packages that are at least found by inline - if package in inline_metadata[package.type]: + if package in inline_metadata.get(package.type, []): syft_overlap_metadata_set.add((package, metadata)) same_metadata = syft_overlap_metadata_set & inline_metadata_set @@ -202,8 +215,10 @@ def main(image): print(colors.bold+"Summary:", colors.reset) print(" Image: %s" % image) - print(" Inline Packages: %d" % len(inline_packages)) - print(" Syft Packages: %d" % len(syft_packages)) + print(" Inline Packages : %d" % len(inline_packages)) + print(" Syft Packages : %d" % len(syft_packages)) + print(" (extra) : %d" % len(bonus_packages)) + print(" (missing) : %d" % len(missing_packages)) print( " Baseline Packages Matched: %2.3f %% (%d/%d packages)" % (percent_overlap_packages, len(same_packages), len(inline_packages)) diff --git a/test/integration/test-fixtures/image-pkg-coverage/ruby/specification/bundler.gemspec b/test/integration/test-fixtures/image-pkg-coverage/ruby/specifications/bundler.gemspec similarity index 100% rename from test/integration/test-fixtures/image-pkg-coverage/ruby/specification/bundler.gemspec rename to test/integration/test-fixtures/image-pkg-coverage/ruby/specifications/bundler.gemspec