feat: new subcommand image scan

iseki0 · iseki0 · commit 7e427bb6982e · 2025-04-16T14:21:45.000+08:00
diff --git a/cmd/murphy/internal/binscan/cmd.go b/cmd/murphy/internal/binscan/cmd.go
@@ -21,6 +21,7 @@ import (
 var cliIOTScan bool
 var projectNameCli string
 var projectTagNames []string
+var imageScan bool
 
 func Cmd() *cobra.Command {
 	var c cobra.Command
@@ -34,6 +35,20 @@ func Cmd() *cobra.Command {
 	return &c
 }
 
+func ImageScanCmd() *cobra.Command {
+	var c cobra.Command
+	c.Use = "imagescan <DIR>"
+	c.Args = cobra.ExactArgs(1)
+	c.Run = func(cmd *cobra.Command, args []string) {
+		imageScan = true
+		binScanRun(cmd, args)
+	}
+	c.Short = "Detects open source vulnerabilities by scanning docker image files"
+	c.Flags().StringVar(&projectNameCli, "project-name", "", "specify project name")
+	c.Flags().StringArrayVar(&projectTagNames, "project-tag", make([]string, 0), "specify the tag of the project")
+	return &c
+}
+
 func binScanRun(cmd *cobra.Command, args []string) {
 	var (
 		// workaround
@@ -92,6 +107,9 @@ func binScan(ctx context.Context, scanPath string) error {
 	if cliIOTScan {
 		mode = model.ScanModeIot
 	}
+	if imageScan {
+		mode = model.ScanModeImage
+	}
 	taskResp, e := api.CreateSubTask(api.DefaultClient(), &api.CreateSubTaskRequest{
 		AccessType:      model.AccessTypeCli,
 		ScanMode:        mode,
diff --git a/cmd/murphy/root.go b/cmd/murphy/root.go
@@ -66,6 +66,7 @@ func rootCmd() *cobra.Command {
 	c.AddCommand(scan.SbomScan())
 	c.AddCommand(scan.EnvCmd())
 	c.AddCommand(binscan.Cmd())
+	c.AddCommand(binscan.ImageScanCmd())
 	c.AddCommand(internalcmd.Cmd())
 	c.AddCommand(internalcmd.MachineIdCmd())
 	return c
diff --git a/model/scan_mode.go b/model/scan_mode.go
@@ -9,4 +9,5 @@ const (
 	ScanModeIot        ScanMode = "iot"
 	ScanModeStandard   ScanMode = "standard"
 	ScanModeComp       ScanMode = "comp"
+	ScanModeImage      ScanMode = "docker"
 )

Original file line number	Diff line number	Diff line change
`@@ -9,4 +9,5 @@ const (`
`9`	`9`	`ScanModeIot ScanMode = "iot"`
`10`	`10`	`ScanModeStandard ScanMode = "standard"`
`11`	`11`	`ScanModeComp ScanMode = "comp"`
	`12`	`+ ScanModeImage ScanMode = "docker"`
`12`	`13`	`)`