rpm: use rpm FileInstalledByRPM in language indexers

Check whether interesting paths were installed by RPM during language
level indexing.

Signed-off-by: crozzy <[email protected]>

Author: crozzy

gobin/gobin.go

@@ -28,6 +28,7 @@ import (
 
 	"github.com/quay/claircore"
 	"github.com/quay/claircore/indexer"
+	"github.com/quay/claircore/rpm"
 )
 
 // Detector detects go binaries and reports the packages used to build them.
@@ -86,7 +87,8 @@ func (Detector) Scan(ctx context.Context, l *claircore.Layer) ([]*claircore.Pack
 	// Only create a single spool file per call, re-use for every binary.
 	var spool spoolfile
 	walk := func(p string, d fs.DirEntry, err error) error {
-		ctx := zlog.ContextWithValues(ctx, "path", d.Name())
+		ctx := zlog.ContextWithValues(ctx, "filename", d.Name())
+
 		switch {
 		case err != nil:
 			return err
@@ -107,6 +109,18 @@ func (Detector) Scan(ctx context.Context, l *claircore.Layer) ([]*claircore.Pack
 			// Not executable
 			return nil
 		}
+
+		isRPM, err := rpm.FileInstalledByRPM(ctx, l, p)
+		if err != nil {
+			return err
+		}
+		if isRPM {
+			zlog.Debug(ctx).
+				Str("path", p).
+				Msg("file path determined to be of RPM origin")
+			return nil
+		}
+
 		f, err := sys.Open(p)
 		if err != nil {
 			// TODO(crozzy): Remove log line once controller is in a

gobin/gobin_test.go

@@ -61,6 +61,12 @@ func TestEmptyFile(t *testing.T) {
 	if err := l.Init(ctx, &test.AnyDescription, f); err != nil {
 		t.Error(err)
 	}
+	t.Cleanup(func() {
+		if err := l.Close(); err != nil {
+			t.Error(err)
+		}
+	})
+
 	var s Detector
 	_, err = s.Scan(ctx, &l)
 	if err != nil {
@@ -138,6 +144,11 @@ func TestScanner(t *testing.T) {
 	if err := l.Init(ctx, &test.AnyDescription, f); err != nil {
 		t.Error(err)
 	}
+	t.Cleanup(func() {
+		if err := l.Close(); err != nil {
+			t.Error(err)
+		}
+	})
 
 	// Run the scanner on the fake layer.
 	var s Detector

java/packagescanner.go

@@ -24,6 +24,7 @@ import (
 	"github.com/quay/claircore"
 	"github.com/quay/claircore/indexer"
 	"github.com/quay/claircore/java/jar"
+	"github.com/quay/claircore/rpm"
 )
 
 var (
@@ -147,6 +148,17 @@ func (s *Scanner) Scan(ctx context.Context, layer *claircore.Layer) ([]*claircor
 	defer putBuf(buf)
 	for _, n := range ars {
 		ctx := zlog.ContextWithValues(ctx, "file", n)
+		isRPM, err := rpm.FileInstalledByRPM(ctx, layer, n)
+		if err != nil {
+			return nil, err
+		}
+		if isRPM {
+			zlog.Debug(ctx).
+				Str("path", n).
+				Msg("file path determined to be of RPM origin")
+			continue
+		}
+
 		sh.Reset()
 		buf.Reset()
 		// Calculate the SHA1 as it's buffered, since it may be needed for

nodejs/packagescanner.go

@@ -17,6 +17,7 @@ import (
 	"github.com/Masterminds/semver"
 	"github.com/quay/claircore"
 	"github.com/quay/claircore/indexer"
+	"github.com/quay/claircore/rpm"
 )
 
 const repository = "npm"
@@ -92,6 +93,17 @@ func (s *Scanner) Scan(ctx context.Context, layer *claircore.Layer) ([]*claircor
 	ret := make([]*claircore.Package, 0, len(pkgs))
 	var invalidPkgs []string
 	for _, p := range pkgs {
+		isRPM, err := rpm.FileInstalledByRPM(ctx, layer, p)
+		if err != nil {
+			return nil, err
+		}
+		if isRPM {
+			zlog.Debug(ctx).
+				Str("path", p).
+				Msg("file path determined to be of RPM origin")
+			continue
+		}
+
 		f, err := sys.Open(p)
 		if err != nil {
 			return nil, fmt.Errorf("nodejs: unable to open file %q: %w", p, err)

python/packagescanner.go

@@ -19,6 +19,7 @@ import (
 	"github.com/quay/claircore"
 	"github.com/quay/claircore/indexer"
 	"github.com/quay/claircore/pkg/pep440"
+	"github.com/quay/claircore/rpm"
 )
 
 var (
@@ -79,6 +80,16 @@ func (ps *Scanner) Scan(ctx context.Context, layer *claircore.Layer) ([]*clairco
 	}
 	var ret []*claircore.Package
 	for _, n := range ms {
+		isRPM, err := rpm.FileInstalledByRPM(ctx, layer, n)
+		if err != nil {
+			return nil, err
+		}
+		if isRPM {
+			zlog.Debug(ctx).
+				Str("path", n).
+				Msg("file path determined to be of RPM origin")
+			continue
+		}
 		b, err := fs.ReadFile(sys, n)
 		if err != nil {
 			return nil, fmt.Errorf("python: unable to read file: %w", err)
@@ -143,14 +154,14 @@ func findDeliciousEgg(ctx context.Context, sys fs.FS) (out []string, err error)
 	// Is this layer an rpm layer?
 	//
 	// If so, files in the disto-managed directory can be skipped.
-	var rpm bool
+	var isRPM bool
 	for _, p := range []string{
 		"var/lib/rpm/Packages",
 		"var/lib/rpm/rpmdb.sqlite",
 		"var/lib/rpm/Packages.db",
 	} {
 		if fi, err := fs.Stat(sys, p); err == nil && fi.Mode().IsRegular() {
-			rpm = true
+			isRPM = true
 			break
 		}
 	}
@@ -172,12 +183,12 @@ func findDeliciousEgg(ctx context.Context, sys fs.FS) (out []string, err error)
 		switch {
 		case err != nil:
 			return err
-		case (rpm || dpkg) && d.Type().IsDir():
+		case (isRPM || dpkg) && d.Type().IsDir():
 			// Skip one level up from the "packages" directory so the walk also
 			// skips the standard library.
 			var pat string
 			switch {
-			case rpm:
+			case isRPM:
 				pat = `usr/lib*/python[23].*`
 				ev = ev.Bool("rpm_dir", true)
 			case dpkg:

ruby/packagescanner.go

@@ -16,6 +16,7 @@ import (
 
 	"github.com/quay/claircore"
 	"github.com/quay/claircore/indexer"
+	"github.com/quay/claircore/rpm"
 )
 
 var (
@@ -103,6 +104,16 @@ func (ps *Scanner) Scan(ctx context.Context, layer *claircore.Layer) ([]*clairco
 
 	var ret []*claircore.Package
 	for _, g := range gs {
+		isRPM, err := rpm.FileInstalledByRPM(ctx, layer, g)
+		if err != nil {
+			return nil, fmt.Errorf("ruby: unable to check RPM db: %w", err)
+		}
+		if isRPM {
+			zlog.Debug(ctx).
+				Str("path", g).
+				Msg("file path determined to be of RPM origin")
+			continue
+		}
 		f, err := sys.Open(g)
 		if err != nil {
 			return nil, fmt.Errorf("ruby: unable to open file: %w", err)