feat: add virtual machine scan command (#2910)

Co-authored-by: knqyf263 <knqyf263@gmail.com>

pkg/commands/artifact/run.go

@@ -40,6 +40,7 @@ const (
 	TargetRepository     TargetKind = "repo"
 	TargetImageArchive   TargetKind = "archive"
 	TargetSBOM           TargetKind = "sbom"
+	TargetVM             TargetKind = "vm"
 
 	devVersion = "dev"
 )
@@ -78,6 +79,8 @@ type Runner interface {
 	ScanRepository(ctx context.Context, opts flag.Options) (types.Report, error)
 	// ScanSBOM scans SBOM
 	ScanSBOM(ctx context.Context, opts flag.Options) (types.Report, error)
+	// ScanVM scans VM
+	ScanVM(ctx context.Context, opts flag.Options) (types.Report, error)
 	// Filter filter a report
 	Filter(ctx context.Context, opts flag.Options, report types.Report) (types.Report, error)
 	// Report a writes a report
@@ -224,6 +227,22 @@ func (r *runner) ScanSBOM(ctx context.Context, opts flag.Options) (types.Report,
 	return r.scanArtifact(ctx, opts, s)
 }
 
+func (r *runner) ScanVM(ctx context.Context, opts flag.Options) (types.Report, error) {
+	// TODO: Does VM scan disable lock file..?
+	opts.DisabledAnalyzers = analyzer.TypeLockfiles
+
+	var s InitializeScanner
+	if opts.ServerAddr == "" {
+		// Scan virtual machine in standalone mode
+		s = vmStandaloneScanner
+	} else {
+		// Scan virtual machine in client/server mode
+		s = vmRemoteScanner
+	}
+
+	return r.scanArtifact(ctx, opts, s)
+}
+
 func (r *runner) scanArtifact(ctx context.Context, opts flag.Options, initializeScanner InitializeScanner) (types.Report, error) {
 	report, err := scan(ctx, opts, initializeScanner, r.cache)
 	if err != nil {
@@ -385,6 +404,10 @@ func Run(ctx context.Context, opts flag.Options, targetKind TargetKind) (err err
 		if report, err = r.ScanSBOM(ctx, opts); err != nil {
 			return xerrors.Errorf("sbom scan error: %w", err)
 		}
+	case TargetVM:
+		if report, err = r.ScanVM(ctx, opts); err != nil {
+			return xerrors.Errorf("vm scan error: %w", err)
+		}
 	}
 
 	report, err = r.Filter(ctx, opts, report)