From a915b5072f5019f3164d4f3707fc35e044eb0258 Mon Sep 17 00:00:00 2001 From: Yasha Rise Date: Thu, 17 Apr 2025 11:04:34 +0300 Subject: [PATCH 1/6] Return image_name unless colon in name Changelog: fixed MR: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/188540 EE: true --- .../gitlab/ci/reports/security/locations/container_scanning.rb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ee/lib/gitlab/ci/reports/security/locations/container_scanning.rb b/ee/lib/gitlab/ci/reports/security/locations/container_scanning.rb index f8aff9b5431ea9..fd492777d04e02 100644 --- a/ee/lib/gitlab/ci/reports/security/locations/container_scanning.rb +++ b/ee/lib/gitlab/ci/reports/security/locations/container_scanning.rb @@ -40,6 +40,8 @@ def image_with_package_name private def docker_image_name_without_tag(image_name = prepare_image_name) + return image_name unless image_name.include?(':') + base_name, _, version = image_name.rpartition(':') return image_name if version_semver_like?(version) -- GitLab From f7fb0519e023492a77c6e3a547b769675794c35e Mon Sep 17 00:00:00 2001 From: Yasha Rise Date: Thu, 17 Apr 2025 13:46:07 +0300 Subject: [PATCH 2/6] Add specs for new image name handling --- .../ci/reports/security/locations/container_scanning_spec.rb | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/ee/spec/lib/gitlab/ci/reports/security/locations/container_scanning_spec.rb b/ee/spec/lib/gitlab/ci/reports/security/locations/container_scanning_spec.rb index faf9e51a9fddb2..a02054ba13db42 100644 --- a/ee/spec/lib/gitlab/ci/reports/security/locations/container_scanning_spec.rb +++ b/ee/spec/lib/gitlab/ci/reports/security/locations/container_scanning_spec.rb @@ -137,7 +137,10 @@ [ 'registry.gitlab.com/group/project/feature:latest', 'registry.gitlab.com/group/project/feature:glibc' - ] + ], + ['alpine', 'alpine:glibc'], + ['myregistry.com/myimage', 'myregistry.com/myimage:glibc'], + ['alpine.tar', 'alpine.tar:glibc'] ] end -- GitLab From a3ef5c1af3360ec8970a0ddff03fdce0e8593610 Mon Sep 17 00:00:00 2001 From: Yasha Rise Date: Wed, 23 Apr 2025 10:54:07 +0300 Subject: [PATCH 3/6] Tidier logic in docker_image_name_without_tag --- .../security/locations/container_scanning.rb | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/ee/lib/gitlab/ci/reports/security/locations/container_scanning.rb b/ee/lib/gitlab/ci/reports/security/locations/container_scanning.rb index fd492777d04e02..1f5e8d502386fc 100644 --- a/ee/lib/gitlab/ci/reports/security/locations/container_scanning.rb +++ b/ee/lib/gitlab/ci/reports/security/locations/container_scanning.rb @@ -39,14 +39,13 @@ def image_with_package_name private - def docker_image_name_without_tag(image_name = prepare_image_name) - return image_name unless image_name.include?(':') - - base_name, _, version = image_name.rpartition(':') - - return image_name if version_semver_like?(version) - - base_name + def docker_image_name_without_tag(image_name) + base_name, _, version = image_name.partition(':') + if base_name.empty? or version_semver_like?(version) + image_name + else + base_name + end end def prepare_image_name -- GitLab From 2f385fdd56b471de00562037e567b9427b6cceca Mon Sep 17 00:00:00 2001 From: Yasha Rise Date: Wed, 23 Apr 2025 11:41:00 +0300 Subject: [PATCH 4/6] Use || instead of or --- .../gitlab/ci/reports/security/locations/container_scanning.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ee/lib/gitlab/ci/reports/security/locations/container_scanning.rb b/ee/lib/gitlab/ci/reports/security/locations/container_scanning.rb index 1f5e8d502386fc..83b95703b0ec29 100644 --- a/ee/lib/gitlab/ci/reports/security/locations/container_scanning.rb +++ b/ee/lib/gitlab/ci/reports/security/locations/container_scanning.rb @@ -41,7 +41,7 @@ def image_with_package_name def docker_image_name_without_tag(image_name) base_name, _, version = image_name.partition(':') - if base_name.empty? or version_semver_like?(version) + if base_name.empty? || version_semver_like?(version) image_name else base_name -- GitLab From 21710def68e8a50360fd289d773c523ace9b2420 Mon Sep 17 00:00:00 2001 From: Yasha Rise Date: Wed, 23 Apr 2025 12:06:55 +0300 Subject: [PATCH 5/6] Use rpartition instead of partition --- .../gitlab/ci/reports/security/locations/container_scanning.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ee/lib/gitlab/ci/reports/security/locations/container_scanning.rb b/ee/lib/gitlab/ci/reports/security/locations/container_scanning.rb index 83b95703b0ec29..fcc8944773f91b 100644 --- a/ee/lib/gitlab/ci/reports/security/locations/container_scanning.rb +++ b/ee/lib/gitlab/ci/reports/security/locations/container_scanning.rb @@ -40,7 +40,7 @@ def image_with_package_name private def docker_image_name_without_tag(image_name) - base_name, _, version = image_name.partition(':') + base_name, _, version = image_name.rpartition(':') if base_name.empty? || version_semver_like?(version) image_name else -- GitLab From 1293844d55d03b7963f49fb63d47b831e3903ea3 Mon Sep 17 00:00:00 2001 From: Yasha Rise Date: Wed, 23 Apr 2025 16:33:41 +0300 Subject: [PATCH 6/6] Add missing default parameter --- .../gitlab/ci/reports/security/locations/container_scanning.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ee/lib/gitlab/ci/reports/security/locations/container_scanning.rb b/ee/lib/gitlab/ci/reports/security/locations/container_scanning.rb index fcc8944773f91b..021734ce877dd4 100644 --- a/ee/lib/gitlab/ci/reports/security/locations/container_scanning.rb +++ b/ee/lib/gitlab/ci/reports/security/locations/container_scanning.rb @@ -39,7 +39,7 @@ def image_with_package_name private - def docker_image_name_without_tag(image_name) + def docker_image_name_without_tag(image_name = prepare_image_name) base_name, _, version = image_name.rpartition(':') if base_name.empty? || version_semver_like?(version) image_name -- GitLab