Support aarch64 systems (#62)

bluesentinelsec · Michael Long · web-flow · commit 016a421c182f · 2024-06-27T15:52:10.000-04:00
* WIP: fix aarch64 issue

* refactor &amp; add more test cases

---------

Co-authored-by: Michael Long &lt;mlongii@amazon.com&gt;
diff --git a/entrypoint/entrypoint/orchestrator.py b/entrypoint/entrypoint/orchestrator.py
@@ -4,6 +4,7 @@
 import os
 import platform
 import shutil
+import sys
 import tempfile
 
 from entrypoint import dockerfile
@@ -80,18 +81,13 @@ def post_dockerfile_step_summary(args, total_vulns):
 
 def download_install_sbomgen(sbomgen_version: str, install_dst: str) -> bool:
     cpu_arch = platform.machine()
-    if "x86_64" in cpu_arch:
-        cpu_arch = "amd64"
-
-    elif "arm64" in cpu_arch:
-        cpu_arch = "arm64"
-
-    else:
-        logging.error(f"expected a CPU architecture of x86_64, arm64, or amd64, but received: {cpu_arch}")
-        return False
+    sbomgen_arch = get_sbomgen_arch(cpu_arch)
+    if not sbomgen_arch:
+        logging.error(f"expected a CPU architecture of x86_64, amd64, arm64, or aarch64, but received: {cpu_arch}")
+        sys.exit(1)
 
     # download sbomgen
-    url = installer.get_sbomgen_url("Linux", cpu_arch, sbomgen_version)
+    url = installer.get_sbomgen_url("Linux", sbomgen_arch, sbomgen_version)
     dst = tempfile.gettempdir()
     dst = os.path.join(dst, "inspector-sbomgen.zip")
     ret = installer.download_sbomgen(url, dst)
@@ -124,6 +120,32 @@ def download_install_sbomgen(sbomgen_version: str, install_dst: str) -> bool:
     return True
 
 
+def get_sbomgen_arch(host_cpu):
+    """
+    get the CPU architecture for the
+    inspector-sbomgen release binary
+    based on the host system's CPU arch
+    """
+    if not host_cpu:
+        return None
+
+    # map the host platform's CPU architecture to
+    # the correct sbomgen binary architecture
+    architecture_map = {
+        "x86_64": "amd64",
+        "amd64": "amd64",
+        "arm64": "arm64",
+        "aarch64": "arm64"
+    }
+
+    for supported_cpu in architecture_map:
+        if host_cpu.lower() == supported_cpu:
+            sbomgen_arch = architecture_map[supported_cpu]
+            return sbomgen_arch
+
+    return None
+
+
 def invoke_sbomgen(args) -> int:
     sbomgen = installer.get_sbomgen_install_path()
     if sbomgen == "":
diff --git a/entrypoint/tests/test_orchestrator.py b/entrypoint/tests/test_orchestrator.py
@@ -116,6 +116,49 @@ def test_system_against_dockerfile_findings(self):
             dockerfile.write_dockerfile_report_csv(args.out_scan, args.out_dockerfile_scan_csv)
             dockerfile.write_dockerfile_report_md(args.out_scan, args.out_dockerfile_scan_md)
 
+    def test_get_sbomgen_arch(self):
+
+        test_cases = [
+            # supported platforms (ARM and Intel 64-bit)
+            {"input": "x86_64", "expected": "amd64"},
+            {"input": "amd64", "expected": "amd64"},
+            {"input": "arm64", "expected": "arm64"},
+            {"input": "aarch64", "expected": "arm64"},
+
+            # test case insensitivity
+            {"input": "X86_64", "expected": "amd64"},
+            {"input": "AMD64", "expected": "amd64"},
+            {"input": "ARM64", "expected": "arm64"},
+            {"input": "aARCh64", "expected": "arm64"},
+
+            # unsupported platforms (32-bit, non-intel, non-arm)
+            {"input": "arm", "expected": None},
+            {"input": "armv6l", "expected": None},
+            {"input": "armv7l", "expected": None},
+            {"input": "armv8l", "expected": None},
+            {"input": "i386", "expected": None},
+            {"input": "i486", "expected": None},
+            {"input": "i586", "expected": None},
+            {"input": "i686", "expected": None},
+            {"input": "ppc", "expected": None},
+            {"input": "ppc64", "expected": None},
+            {"input": "ppc64le", "expected": None},
+            {"input": "sparc", "expected": None},
+            {"input": "sparc64", "expected": None},
+            {"input": "mips", "expected": None},
+            {"input": "mips64", "expected": None},
+
+            # malformed input
+            {"input": "garbage", "expected": None},
+            {"input": "213123123123", "expected": None},
+            {"input": "", "expected": None},
+            {"input": None, "expected": None},
+        ]
+
+        for each_test in test_cases:
+            result = orchestrator.get_sbomgen_arch(each_test["input"])
+            self.assertEqual(result, each_test["expected"])
+
 
 def read_test_file(file: str) -> str:
     file_contents = ""
