Add image hash and schema version to scan results

docker/docker.go

@@ -51,7 +51,7 @@ type Image struct {
 	password      string
 	client        http.Client
 	Digest        string
-	schemaVersion int
+	SchemaVersion int
 	os            string
 	arch          string
 	imageName     string
@@ -65,7 +65,7 @@ func (i *Image) LayerName(index int) string {
 
 func (i *Image) AnalyzedLayerName() string {
 	index := len(i.FsLayers) - 1
-	if i.schemaVersion == 1 {
+	if i.SchemaVersion == 1 {
 		index = 0
 	}
 	return i.LayerName(index)
@@ -420,7 +420,7 @@ func parseImageResponse(resp *http.Response, image *Image) error {
 			image.FsLayers[i].BlobSum = imageV2.Layers[i].Digest
 		}
 		image.Digest = imageV2.Config.Digest
-		image.schemaVersion = imageV2.SchemaVersion
+		image.SchemaVersion = imageV2.SchemaVersion
 	case "application/vnd.docker.distribution.manifest.v1+prettyjws":
 		body, err := ioutil.ReadAll(resp.Body)
 		if err != nil {
@@ -437,7 +437,7 @@ func parseImageResponse(resp *http.Response, image *Image) error {
 			return fmt.Errorf("number of layers(%v) doesn't match the number of commands(%v)", len(schema1.FSLayers), len(schema1.ExtractedV1Compatibility))
 		}
 		extractV1LayersWithCommands(image, schema1)
-		image.schemaVersion = schema1.SchemaVersion
+		image.SchemaVersion = schema1.SchemaVersion
 	default:
 		dump, dumpErr := httputil.DumpResponse(resp, false)
 		if dumpErr != nil {

main.go

@@ -50,20 +50,20 @@ func main() {
 		os.Exit(2)
 	}
 
-	vulnerabilities, commands, err := run.ExecuteScan(conf)
+	scanResults, err := run.ExecuteScan(conf)
 	if err != nil {
 		errStr := fmt.Sprintf("Failed to execute scan: %v", err)
 		log.Errorf(errStr)
 		result.ScanErrMsg = errStr
 		exit(2, conf, result)
 	}
 
-	result.Vulnerabilities = filterVulnerabilities(conf.ClairOutput, vulnerabilities)
-	result.LayerCommands = commands
+	result.Vulnerabilities = filterVulnerabilities(conf.ClairOutput, scanResults.Vulnerabilities)
+	result.LayerCommands = scanResults.FsLayerCommands
 	result.Success = true
 
-	log.Infof("Found %d vulnerabilities", len(vulnerabilities))
-	vsNumber := format.PrintVulnerabilities(conf, vulnerabilities)
+	log.Infof("Found %d vulnerabilities", len(scanResults.Vulnerabilities))
+	vsNumber := format.PrintVulnerabilities(conf, scanResults.Vulnerabilities)
 
 	if conf.Threshold != 0 && vsNumber > conf.Threshold {
 		exit(1, conf, result)

run/run.go

@@ -8,23 +8,30 @@ import (
 	log "github.com/sirupsen/logrus"
 )
 
-func ExecuteScan(conf *config.Config) ([]*clair.Vulnerability, []*docker.FsLayerCommand, error) {
+type ScanResults struct {
+	Vulnerabilities    []*clair.Vulnerability
+	FsLayerCommands    []*docker.FsLayerCommand
+	ImageHash          string
+	ImageSchemaVersion int
+}
+
+func ExecuteScan(conf *config.Config) (*ScanResults, error) {
 	image, err := docker.NewImage(&conf.DockerConfig)
 	if err != nil {
-		return nil, nil, fmt.Errorf("failed to parse name: %v", err)
+		return nil, fmt.Errorf("failed to parse name: %v", err)
 	}
 
 	err = image.Pull()
 	if err != nil {
-		return nil, nil, fmt.Errorf("failed to pull image: %v", err)
+		return nil, fmt.Errorf("failed to pull image: %v", err)
 	}
 
 	if err := image.FetchFsCommands(&conf.DockerConfig); err != nil {
-		return nil, nil, fmt.Errorf("failed to fetch layer commands: %v", err)
+		return nil, fmt.Errorf("failed to fetch layer commands: %v", err)
 	}
 
 	if len(image.FsLayers) == 0 {
-		return nil, nil, fmt.Errorf("failed to pull pull fsLayers")
+		return nil, fmt.Errorf("failed to pull pull fsLayers")
 	}
 
 	commands := image.GetFsCommands()
@@ -43,5 +50,10 @@ func ExecuteScan(conf *config.Config) ([]*clair.Vulnerability, []*docker.FsLayer
 		}
 	}
 
-	return vulnerabilities, commands, err
-}
+	return &ScanResults{
+		Vulnerabilities:    vulnerabilities,
+		FsLayerCommands:    commands,
+		ImageHash:          docker.TrimDigest(image.Digest),
+		ImageSchemaVersion: image.SchemaVersion,
+	}, err
+}