clair: add the additional legacy empty layer (#24)

This layer was used in docker prior to being able to support truly empty layers. It is a 1k tarball of 0s.
2024-06-25 17:14:47 -04:00 · 2017-04-21 15:38:05 -04:00 · 2017-04-21 15:38:05 -04:00 · ba12ae6e91
parent 11a291f744
commit ba12ae6e91
2 changed files with 13 additions and 1 deletions
--- a/clair/types.go
+++ b/clair/types.go
@ -1,10 +1,22 @@
 package clair

+import "github.com/opencontainers/go-digest"
+
 const (
 	// EmptyLayerBlobSum is the blob sum of empty layers.
 	EmptyLayerBlobSum = "sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4"
+
+	// LegacyEmptyLayerBlobSum is the blob sum of empty layers used by docker
+	// before it could support a truly empty layer.
+	LegacyEmptyLayerBlobSum = "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef"
 )

+// IsEmptyLayer determines whether the blob sum is one of the known empty
+// layers.
+func IsEmptyLayer(blobSum digest.Digest) bool {
+	return blobSum == EmptyLayerBlobSum || blobSum == LegacyEmptyLayerBlobSum
+}
+
 var (
 	// Priorities are the vulnerability priority labels.
 	Priorities = []string{"Unknown", "Negligible", "Low", "Medium", "High", "Critical", "Defcon1"}
--- a/main.go
+++ b/main.go
@ -275,7 +275,7 @@ func main() {
 				// filter out the empty layers
 				var filteredLayers []schema1.FSLayer
 				for _, layer := range m.FSLayers {
-					if layer.BlobSum != clair.EmptyLayerBlobSum {
+					if !clair.IsEmptyLayer(layer.BlobSum) {
 						filteredLayers = append(filteredLayers, layer)
 					}
 				}