Make scalibr compatible with Windows (as a standalone binary).

PiperOrigin-RevId: 628049948
google · Apr 29, 2024 · 092c3d5 · 092c3d5
1 parent 93726cf
commit 092c3d5
Show file tree

Hide file tree

Showing 4 changed files with 123 additions and 0 deletions.
diff --git a/...ic_linux/etcpasswdpermissions/detector.go → ...ux/etcpasswdpermissions/detector_linux.go b/...ic_linux/etcpasswdpermissions/detector.go → ...ux/etcpasswdpermissions/detector_linux.go
@@ -12,6 +12,8 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
+//go:build linux
+
 // Package etcpasswdpermissions implements a detector for the "Ensure permissions on /etc/passwd- are configured" CIS check.
 package etcpasswdpermissions
 
@@ -40,10 +42,12 @@ func (Detector) Version() int { return 0 }
 // RequiredExtractors returns an empty list as there are no dependencies.
 func (Detector) RequiredExtractors() []string { return []string{} }
 
+// Scan starts the scan.
 func (d Detector) Scan(ctx context.Context, scanRoot string, ix *inventoryindex.InventoryIndex) ([]*detector.Finding, error) {
 	return d.ScanFS(ctx, os.DirFS(scanRoot), ix)
 }
 
+// ScanFS starts the scan from a pseudo-filesystem.
 func (Detector) ScanFS(ctx context.Context, fs fs.FS, ix *inventoryindex.InventoryIndex) ([]*detector.Finding, error) {
 	f, err := fs.Open("etc/passwd")
 	if err != nil {

diff --git a/detector/cis/generic_linux/etcpasswdpermissions/detector_windows.go b/detector/cis/generic_linux/etcpasswdpermissions/detector_windows.go
@@ -0,0 +1,43 @@
+// Copyright 2024 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//go:build windows
+
+package etcpasswdpermissions
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/google/osv-scalibr/detector"
+	"github.com/google/osv-scalibr/inventoryindex"
+)
+
+// Detector is a SCALIBR Detector for the CIS check "Ensure permissions on /etc/passwd- are configured"
+// from the CIS Distribution Independent Linux benchmarks.
+type Detector struct{}
+
+// Name of the detector.
+func (Detector) Name() string { return "cis/generic_linux/etcpasswdpermissions" }
+
+// Version of the detector.
+func (Detector) Version() int { return 0 }
+
+// RequiredExtractors returns an empty list as there are no dependencies.
+func (Detector) RequiredExtractors() []string { return []string{} }
+
+// Scan is a no-op for Windows.
+func (d Detector) Scan(ctx context.Context, scanRoot string, ix *inventoryindex.InventoryIndex) ([]*detector.Finding, error) {
+	return nil, fmt.Errorf("Plugin not supported on Windows")
+}
diff --git a/extractor/os/rpm/extractor.go → extractor/os/rpm/extractor_linux.go b/extractor/os/rpm/extractor.go → extractor/os/rpm/extractor_linux.go
@@ -12,6 +12,8 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
+//go:build linux
+
 // Package rpm extracts packages from rpm database.
 package rpm
 

diff --git a/extractor/os/rpm/extractor_windows.go b/extractor/os/rpm/extractor_windows.go
@@ -0,0 +1,74 @@
+// Copyright 2024 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//go:build windows
+
+package rpm
+
+import (
+	"context"
+	"fmt"
+	"io/fs"
+
+	"github.com/google/osv-scalibr/extractor"
+	"github.com/google/osv-scalibr/purl"
+)
+
+// Name is the name for the RPM extractor
+const Name = "os/rpm"
+
+// Extractor extracts rpm packages from rpm database.
+type Extractor struct{}
+
+// Config contains RPM specific configuration values
+type Config struct{}
+
+// DefaultConfig returns the default configuration values for the RPM extractor.
+func DefaultConfig() Config { return Config{} }
+
+// New returns an RPM extractor.
+//
+// For most use cases, initialize with:
+// ```
+// e := New(DefaultConfig())
+// ```
+func New(cfg Config) *Extractor {
+	return &Extractor{}
+}
+
+// Name of the extractor.
+func (e Extractor) Name() string { return Name }
+
+// Version of the extractor.
+func (e Extractor) Version() int { return 0 }
+
+// FileRequired always returns false as RPM extractor is not supported on Windows.
+func (e Extractor) FileRequired(path string, _ fs.FileMode) bool {
+	return false
+}
+
+// Extract extracts packages from rpm status files passed through the scan input.
+func (e Extractor) Extract(ctx context.Context, input *extractor.ScanInput) ([]*extractor.Inventory, error) {
+	return nil, fmt.Errorf("Windows is not supported")
+}
+
+// ToPURL converts an inventory created by this extractor into a PURL.
+func (e Extractor) ToPURL(i *extractor.Inventory) (*purl.PackageURL, error) {
+	return nil, fmt.Errorf("Windows is not supported")
+}
+
+// ToCPEs is not applicable as this extractor does not infer CPEs from the Inventory.
+func (e Extractor) ToCPEs(i *extractor.Inventory) ([]string, error) {
+	return []string{}, fmt.Errorf("Windows is not supported")
+}