github.com/kastenhq/syft@v0.0.0-20230821225854-0710af25cdbe/syft/formats/github/encoder_test.go (about) 1 package github 2 3 import ( 4 "testing" 5 6 "github.com/google/go-cmp/cmp" 7 "github.com/google/go-cmp/cmp/cmpopts" 8 "github.com/stretchr/testify/assert" 9 10 "github.com/anchore/packageurl-go" 11 "github.com/kastenhq/syft/syft/file" 12 "github.com/kastenhq/syft/syft/internal/sourcemetadata" 13 "github.com/kastenhq/syft/syft/linux" 14 "github.com/kastenhq/syft/syft/pkg" 15 "github.com/kastenhq/syft/syft/sbom" 16 "github.com/kastenhq/syft/syft/source" 17 ) 18 19 func sbomFixture() sbom.SBOM { 20 s := sbom.SBOM{ 21 Source: source.Description{ 22 Metadata: source.StereoscopeImageSourceMetadata{ 23 UserInput: "ubuntu:18.04", 24 Architecture: "amd64", 25 }, 26 }, 27 Artifacts: sbom.Artifacts{ 28 LinuxDistribution: &linux.Release{ 29 ID: "ubuntu", 30 VersionID: "18.04", 31 IDLike: []string{"debian"}, 32 }, 33 Packages: pkg.NewCollection(), 34 }, 35 } 36 for _, p := range []pkg.Package{ 37 { 38 Name: "pkg-1", 39 Version: "1.0.1", 40 Locations: file.NewLocationSet( 41 file.NewLocationFromCoordinates(file.Coordinates{ 42 RealPath: "/usr/lib", 43 FileSystemID: "fsid-1", 44 }), 45 ), 46 }, 47 { 48 Name: "pkg-2", 49 Version: "2.0.2", 50 Locations: file.NewLocationSet( 51 file.NewLocationFromCoordinates(file.Coordinates{ 52 RealPath: "/usr/lib", 53 FileSystemID: "fsid-1", 54 }), 55 ), 56 }, 57 { 58 Name: "pkg-3", 59 Version: "3.0.3", 60 Locations: file.NewLocationSet( 61 file.NewLocationFromCoordinates(file.Coordinates{ 62 RealPath: "/etc", 63 FileSystemID: "fsid-1", 64 }), 65 ), 66 }, 67 } { 68 p.PURL = packageurl.NewPackageURL( 69 "generic", 70 "", 71 p.Name, 72 p.Version, 73 nil, 74 "", 75 ).ToString() 76 s.Artifacts.Packages.Add(p) 77 } 78 79 return s 80 } 81 82 func Test_toGithubModel(t *testing.T) { 83 tracker := sourcemetadata.NewCompletionTester(t) 84 85 tests := []struct { 86 name string 87 metadata any 88 testPath string 89 expected *DependencySnapshot 90 }{ 91 { 92 name: "image", 93 expected: &DependencySnapshot{ 94 Version: 0, 95 Detector: DetectorMetadata{ 96 Name: "syft", 97 Version: "0.0.0-dev", 98 URL: "https://github.com/anchore/syft", 99 }, 100 Metadata: Metadata{ 101 "syft:distro": "pkg:generic/ubuntu@18.04?like=debian", 102 }, 103 //Scanned: actual.Scanned, 104 Manifests: Manifests{ 105 "ubuntu:18.04:/usr/lib": Manifest{ 106 Name: "ubuntu:18.04:/usr/lib", 107 File: FileInfo{ 108 SourceLocation: "ubuntu:18.04:/usr/lib", 109 }, 110 Metadata: Metadata{ 111 "syft:filesystem": "fsid-1", 112 }, 113 Resolved: DependencyGraph{ 114 "pkg:generic/pkg-1@1.0.1": DependencyNode{ 115 PackageURL: "pkg:generic/pkg-1@1.0.1", 116 Scope: DependencyScopeRuntime, 117 Relationship: DependencyRelationshipDirect, 118 Metadata: Metadata{}, 119 }, 120 "pkg:generic/pkg-2@2.0.2": DependencyNode{ 121 PackageURL: "pkg:generic/pkg-2@2.0.2", 122 Scope: DependencyScopeRuntime, 123 Relationship: DependencyRelationshipDirect, 124 Metadata: Metadata{}, 125 }, 126 }, 127 }, 128 "ubuntu:18.04:/etc": Manifest{ 129 Name: "ubuntu:18.04:/etc", 130 File: FileInfo{ 131 SourceLocation: "ubuntu:18.04:/etc", 132 }, 133 Metadata: Metadata{ 134 "syft:filesystem": "fsid-1", 135 }, 136 Resolved: DependencyGraph{ 137 "pkg:generic/pkg-3@3.0.3": DependencyNode{ 138 PackageURL: "pkg:generic/pkg-3@3.0.3", 139 Scope: DependencyScopeRuntime, 140 Relationship: DependencyRelationshipDirect, 141 Metadata: Metadata{}, 142 }, 143 }, 144 }, 145 }, 146 }, 147 }, 148 { 149 name: "current directory", 150 metadata: source.DirectorySourceMetadata{Path: "."}, 151 testPath: "etc", 152 }, 153 { 154 name: "relative directory", 155 metadata: source.DirectorySourceMetadata{Path: "./artifacts"}, 156 testPath: "artifacts/etc", 157 }, 158 { 159 name: "absolute directory", 160 metadata: source.DirectorySourceMetadata{Path: "/artifacts"}, 161 testPath: "/artifacts/etc", 162 }, 163 { 164 name: "file", 165 metadata: source.FileSourceMetadata{Path: "./executable"}, 166 testPath: "executable", 167 }, 168 { 169 name: "archive", 170 metadata: source.FileSourceMetadata{Path: "./archive.tar.gz"}, 171 testPath: "archive.tar.gz:/etc", 172 }, 173 } 174 175 for _, test := range tests { 176 t.Run(test.name, func(t *testing.T) { 177 s := sbomFixture() 178 179 if test.metadata != nil { 180 s.Source.Metadata = test.metadata 181 } 182 actual := toGithubModel(&s) 183 184 if test.expected != nil { 185 if d := cmp.Diff(*test.expected, actual, cmpopts.IgnoreFields(DependencySnapshot{}, "Scanned")); d != "" { 186 t.Errorf("unexpected result (-want +got):\n%s", d) 187 } 188 } 189 190 assert.Equal(t, test.testPath, actual.Manifests[test.testPath].Name) 191 192 // track each scheme tested (passed or not) 193 tracker.Tested(t, s.Source.Metadata) 194 }) 195 } 196 }