Skip to content

Commit

Permalink
SP-246 Changes Sbom to SBOM
Browse files Browse the repository at this point in the history
  • Loading branch information
@francostramana
francostramana committed Mar 22, 2024
1 parent e42e41d commit 676d1c0
Show file tree
Hide file tree
Showing 7 changed files with 22 additions and 22 deletions.
6 changes: 3 additions & 3 deletions __tests__/sbom.mock.ts
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
import { Sbom } from '../src/utils/sbom.utils';
import { SBOM } from '../src/utils/sbom.utils';

export const sbomMock: Sbom[] = [
export const sbomMock: SBOM[] = [
{
components: [] // empty sbom
components: [] // empty SBOM
},
{
components: [
Expand Down
6 changes: 3 additions & 3 deletions __tests__/undeclared-policy-check.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ import { ScannerResults } from '../src/services/result.interfaces';
import * as github from '@actions/github';
import { resultsMock } from './results.mock';
import { UndeclaredPolicyCheck } from '../src/policies/undeclared-policy-check';
import * as sbom from '../src/utils/sbom.utils';
import * as sbomUtils from '../src/utils/sbom.utils';
import { sbomMock } from './sbom.mock';

describe('UndeclaredPolicyCheck', () => {
Expand All @@ -24,14 +24,14 @@ describe('UndeclaredPolicyCheck', () => {
});

it('should pass the policy check when undeclared components are not found', async () => {
jest.spyOn(sbom, 'parseSbom').mockImplementation(async _ => Promise.resolve(sbomMock[1]));
jest.spyOn(sbomUtils, 'parseSBOM').mockImplementation(async _ => Promise.resolve(sbomMock[1]));

await undeclaredPolicyCheck.run(scannerResults);
expect(undeclaredPolicyCheck.conclusion).toEqual(CONCLUSION.Success);
});

it('should fail the policy check when undeclared components are found', async () => {
jest.spyOn(sbom, 'parseSbom').mockImplementation(async _ => Promise.resolve(sbomMock[0]));
jest.spyOn(sbomUtils, 'parseSBOM').mockImplementation(async _ => Promise.resolve(sbomMock[0]));

await undeclaredPolicyCheck.run(scannerResults);
expect(undeclaredPolicyCheck.conclusion).toEqual(CONCLUSION.Neutral);
Expand Down
6 changes: 3 additions & 3 deletions action.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,15 +17,15 @@ inputs:
required: false
default: true
sbom.enabled:
description: 'Enable Sbom Identify'
description: 'Enable SBOM Identify'
required: false
default: true
sbom.filepath:
description: 'Sbom filepath'
description: 'SBOM filepath'
required: false
default: 'sbom.json'
sbom.type:
description: 'Sbom type (identify | ignore)'
description: 'SBOM type (identify | ignore)'
required: false
default: 'identify'
api.key:
Expand Down
12 changes: 6 additions & 6 deletions dist/index.js
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions src/policies/undeclared-policy-check.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ import { CHECK_NAME } from '../app.config';
import { ScannerResults } from '../services/result.interfaces';
import { Component, getComponents } from '../services/result.service';
import * as inputs from '../app.input';
import { parseSbom } from '../utils/sbom.utils';
import { parseSBOM } from '../utils/sbom.utils';
import { generateTable } from '../utils/markdown.utils';

export class UndeclaredPolicyCheck extends PolicyCheck {
Expand All @@ -17,7 +17,7 @@ export class UndeclaredPolicyCheck extends PolicyCheck {
const nonDeclaredComponents: Component[] = [];

const comps = getComponents(scannerResults);
const sbom = await parseSbom(inputs.SBOM_FILEPATH);
const sbom = await parseSBOM(inputs.SBOM_FILEPATH);

comps.forEach(c => {
if (!sbom.components.some(component => component.purl === c.purl)) {
Expand Down
4 changes: 2 additions & 2 deletions src/services/scan.service.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,12 +55,12 @@ export class ScanService {
return `docker run -v "${this.options.inputFilepath}":"/scanoss" ghcr.io/scanoss/scanoss-py:v1.9.0 scan .
--output ${this.options.outputFilepath}
${this.options.dependenciesEnabled ? `--dependencies` : ''}
${await this.detectSbom()}
${await this.detectSBOM()}
${this.options.apiUrl ? `--apiurl ${this.options.apiUrl}` : ''}
${this.options.apiKey ? `--key ${this.options.apiKey}` : ''}`.replace(/\n/gm, ' ');
}

private async detectSbom(): Promise<string> {
private async detectSBOM(): Promise<string> {
if (!this.options.sbomEnabled || !this.options.sbomFilepath) return '';

try {
Expand Down
6 changes: 3 additions & 3 deletions src/utils/sbom.utils.ts
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
import fs from 'fs';

export interface Sbom {
export interface SBOM {
components: {
purl: string;
}[];
}

export async function parseSbom(filepath: string): Promise<Sbom> {
return JSON.parse(await fs.promises.readFile(filepath, 'utf-8')) as Sbom;
export async function parseSBOM(filepath: string): Promise<SBOM> {
return JSON.parse(await fs.promises.readFile(filepath, 'utf-8')) as SBOM;
}

0 comments on commit 676d1c0

Please sign in to comment.