From b400110e83f70fe9432b3b7709a82c5db428e116 Mon Sep 17 00:00:00 2001 From: Simar Date: Fri, 17 Mar 2023 17:08:40 -0700 Subject: [PATCH] feat(misconf): Add glob support to `--skip-dirs` and `--skip-files` options Addresses: https://github.com/aquasecurity/trivy/issues/3754 Signed-off-by: Simar --- pkg/flag/options.go | 19 +++++++++++++++++++ pkg/flag/options_test.go | 32 ++++++++++++++++++++++++++++++++ pkg/flag/scan_flags.go | 4 ++-- pkg/flag/testdata/.dotdir/bar | 1 + pkg/flag/testdata/.dotdir/foo | 1 + 5 files changed, 55 insertions(+), 2 deletions(-) create mode 100644 pkg/flag/testdata/.dotdir/bar create mode 100644 pkg/flag/testdata/.dotdir/foo diff --git a/pkg/flag/options.go b/pkg/flag/options.go index c0cdd7ee447a..bbf8c413aab2 100644 --- a/pkg/flag/options.go +++ b/pkg/flag/options.go @@ -4,6 +4,7 @@ import ( "fmt" "io" "os" + "path/filepath" "strings" "sync" "time" @@ -249,6 +250,24 @@ func getValue(flag *Flag) any { return viper.Get(flag.ConfigName) } +func explodeGlob(paths []string, dir string) []string { + var exploded []string + + for _, path := range paths { + if !strings.Contains(path, "*") { + exploded = append(exploded, path) + continue + } + if globPaths, err := filepath.Glob(filepath.Join(dir, path)); err == nil { + for _, globPath := range globPaths { + exploded = append(exploded, globPath) + } + } + } + + return exploded +} + func (f *Flags) groups() []FlagGroup { var groups []FlagGroup // This order affects the usage message, so they are sorted by frequency of use. diff --git a/pkg/flag/options_test.go b/pkg/flag/options_test.go index 6c84ae7d9813..3674eb6974ac 100644 --- a/pkg/flag/options_test.go +++ b/pkg/flag/options_test.go @@ -1,6 +1,7 @@ package flag import ( + "fmt" "testing" "github.com/spf13/viper" @@ -80,3 +81,34 @@ func Test_getStringSlice(t *testing.T) { }) } } + +func Test_explodeGlob(t *testing.T) { + testCases := []struct { + skipInput []string + want []string + }{ + { + skipInput: []string{"./testdata/*/*"}, + want: []string{"testdata/.dotdir/bar", "testdata/.dotdir/foo"}, + }, + { + skipInput: []string{"./testdata/*/bar"}, + want: []string{"testdata/.dotdir/bar"}, + }, + { + skipInput: []string{"path/with/no/glob"}, + want: []string{"path/with/no/glob"}, + }, + { + skipInput: []string{"./testdata/doesnotexist/*"}, + want: []string(nil), + }, + } + + for i, tc := range testCases { + t.Run(fmt.Sprint(i), func(t *testing.T) { + assert.Equal(t, tc.want, explodeGlob(tc.skipInput, ".")) + }) + } + +} diff --git a/pkg/flag/scan_flags.go b/pkg/flag/scan_flags.go index 4a6330107bf9..ae883c66030f 100644 --- a/pkg/flag/scan_flags.go +++ b/pkg/flag/scan_flags.go @@ -138,8 +138,8 @@ func (f *ScanFlagGroup) ToOptions(args []string) (ScanOptions, error) { return ScanOptions{ Target: target, - SkipDirs: getStringSlice(f.SkipDirs), - SkipFiles: getStringSlice(f.SkipFiles), + SkipDirs: explodeGlob(getStringSlice(f.SkipDirs), target), + SkipFiles: explodeGlob(getStringSlice(f.SkipFiles), target), OfflineScan: getBool(f.OfflineScan), Scanners: scanners, FilePatterns: getStringSlice(f.FilePatterns), diff --git a/pkg/flag/testdata/.dotdir/bar b/pkg/flag/testdata/.dotdir/bar new file mode 100644 index 000000000000..ba0e162e1c47 --- /dev/null +++ b/pkg/flag/testdata/.dotdir/bar @@ -0,0 +1 @@ +bar \ No newline at end of file diff --git a/pkg/flag/testdata/.dotdir/foo b/pkg/flag/testdata/.dotdir/foo new file mode 100644 index 000000000000..19102815663d --- /dev/null +++ b/pkg/flag/testdata/.dotdir/foo @@ -0,0 +1 @@ +foo \ No newline at end of file