github.com/vchain-us/vcn@v0.9.11-0.20210921212052-a2484d23c0b3/pkg/bom/output.go (about) 1 /* 2 * Copyright (c) 2021 CodeNotary, Inc. All Rights Reserved. 3 * This software is released under GPL3. 4 * The full license information can be found under: 5 * https://www.gnu.org/licenses/gpl-3.0.en.html 6 * 7 */ 8 9 package bom 10 11 import ( 12 "fmt" 13 14 cyclonedx "github.com/CycloneDX/cyclonedx-go" 15 "github.com/spf13/viper" 16 17 "github.com/vchain-us/vcn/pkg/bom/artifact" 18 "github.com/vchain-us/vcn/pkg/bom/docker" 19 "github.com/vchain-us/vcn/pkg/bom/golang" 20 ) 21 22 const ( 23 dynamicLinkage = "Dynamic" 24 staticLinkage = "Static" 25 ) 26 27 func Output(a artifact.Artifact) error { 28 filename := viper.GetString("bom-spdx") 29 if filename != "" { 30 err := OutputSpdxText(a, filename) 31 if err != nil { 32 return fmt.Errorf("cannot output SPDX: %w", err) 33 } 34 } 35 36 filename = viper.GetString("bom-cyclonedx-json") 37 if filename != "" { 38 err := OutputCycloneDX(a, filename, cyclonedx.BOMFileFormatJSON) 39 if err != nil { 40 return fmt.Errorf("cannot output CycloneDX JSON: %w", err) 41 } 42 } 43 44 filename = viper.GetString("bom-cyclonedx-xml") 45 if filename != "" { 46 err := OutputCycloneDX(a, filename, cyclonedx.BOMFileFormatXML) 47 if err != nil { 48 return fmt.Errorf("cannot output CycloneDX XML: %w", err) 49 } 50 } 51 52 return nil 53 } 54 55 // DepLinkType returns the link type 56 // static linkage only in following cases: 57 // - artifact is a container 58 // - artifact is a Go binary and dependency is Go 59 func DepLinkType(a artifact.Artifact, d artifact.Dependency) string { 60 if d.Kind == golang.AssetType { 61 return staticLinkage 62 } 63 64 if a.Type() == docker.AssetType { 65 return staticLinkage 66 } 67 68 return dynamicLinkage 69 }