mirror of
https://github.com/anchore/syft.git
synced 2025-11-17 16:33:21 +01:00
24f08e7738
* add convert command Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * mvp Signed-off-by: Jonas Galvão Xavier <jonasx@anchore.com> * fix hanging bug Signed-off-by: Jonas Galvão Xavier <jonasx@anchore.com> * validate SBOM formats for conversion Signed-off-by: Jonas Galvão Xavier <jonasx@anchore.com> * move convert cmd to new structure Signed-off-by: Jonas Galvão Xavier <jonasx@anchore.com> * remove bin Signed-off-by: Jonas Galvão Xavier <jonasx@anchore.com> * drop event loop from convert cmd extract SBOM type from document namespace Signed-off-by: Jonas Galvão Xavier <jonasx@anchore.com> * validate SPDX in tests Signed-off-by: Jonas Galvão Xavier <jonasx@anchore.com> * documenting convert cmd Signed-off-by: Jonas Galvão Xavier <jonasx@anchore.com> * support output format=file.json notation Signed-off-by: Jonas Galvão Xavier <jonasx@anchore.com> * test convertible formats Signed-off-by: Jonas Galvão Xavier <jonasx@anchore.com> * fix typo Signed-off-by: Jonas Galvão Xavier <jonasx@anchore.com> * clean up Signed-off-by: Jonas Galvão Xavier <jonasx@anchore.com> * more clean up and docs Signed-off-by: Jonas Galvão Xavier <jonasx@anchore.com> * feedback changes Signed-off-by: Jonas Galvão Xavier <jonasx@anchore.com> * nit Signed-off-by: Jonas Xavier <jonasx@anchore.com> * feedback changes Signed-off-by: Jonas Xavier <jonasx@anchore.com> * re-use more code Signed-off-by: Jonas Xavier <jonasx@anchore.com> * undo encode-decode cycle test Signed-off-by: Jonas Xavier <jonasx@anchore.com> * remove unnecessary test constraint Signed-off-by: Jonas Xavier <jonasx@anchore.com> * fix readme Signed-off-by: Jonas Xavier <jonasx@anchore.com> * try verbose Signed-off-by: Jonas Xavier <jonasx@anchore.com> * cleaner README and no table conversion Signed-off-by: Jonas Xavier <jonasx@anchore.com> * simpler conversion Signed-off-by: Jonas Xavier <jonasx@anchore.com> * feedback changes and cleanup Signed-off-by: Jonas Xavier <jonasx@anchore.com> * nit space fix Signed-off-by: Jonas Xavier <jonasx@anchore.com> * use defer Signed-off-by: Jonas Xavier <jonasx@anchore.com> * feedback changes Signed-off-by: Jonas Xavier <jonasx@anchore.com> Co-authored-by: Keith Zantow <kzantow@gmail.com>
79 lines
2.1 KiB
Go
79 lines
2.1 KiB
Go
package integration
|
|
|
|
import (
|
|
"context"
|
|
"io/ioutil"
|
|
"os"
|
|
"testing"
|
|
|
|
"github.com/anchore/syft/cmd/syft/cli/convert"
|
|
"github.com/anchore/syft/internal/config"
|
|
"github.com/anchore/syft/internal/formats/cyclonedxjson"
|
|
"github.com/anchore/syft/internal/formats/cyclonedxxml"
|
|
"github.com/anchore/syft/internal/formats/spdx22json"
|
|
"github.com/anchore/syft/internal/formats/spdx22tagvalue"
|
|
"github.com/anchore/syft/internal/formats/syftjson"
|
|
"github.com/anchore/syft/internal/formats/table"
|
|
"github.com/anchore/syft/syft"
|
|
"github.com/anchore/syft/syft/sbom"
|
|
"github.com/anchore/syft/syft/source"
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
var convertibleFormats = []sbom.Format{
|
|
syftjson.Format(),
|
|
spdx22json.Format(),
|
|
spdx22tagvalue.Format(),
|
|
cyclonedxjson.Format(),
|
|
cyclonedxxml.Format(),
|
|
}
|
|
|
|
// TestConvertCmd tests if the converted SBOM is a valid document according
|
|
// to spec.
|
|
// TODO: This test can, but currently does not, check the converted SBOM content. It
|
|
// might be useful to do that in the future, once we gather a better understanding of
|
|
// what users expect from the convert command.
|
|
func TestConvertCmd(t *testing.T) {
|
|
for _, format := range convertibleFormats {
|
|
t.Run(format.ID().String(), func(t *testing.T) {
|
|
sbom, _ := catalogFixtureImage(t, "image-pkg-coverage", source.SquashedScope)
|
|
format := syft.FormatByID(syftjson.ID)
|
|
|
|
f, err := ioutil.TempFile("", "test-convert-sbom-")
|
|
require.NoError(t, err)
|
|
defer func() {
|
|
err := f.Close()
|
|
require.NoError(t, err)
|
|
os.Remove(f.Name())
|
|
}()
|
|
|
|
err = format.Encode(f, sbom)
|
|
require.NoError(t, err)
|
|
|
|
stdr, stdw, err := os.Pipe()
|
|
require.NoError(t, err)
|
|
originalStdout := os.Stdout
|
|
os.Stdout = stdw
|
|
|
|
ctx := context.Background()
|
|
app := &config.Application{Outputs: []string{format.ID().String()}}
|
|
|
|
err = convert.Run(ctx, app, []string{f.Name()})
|
|
require.NoError(t, err)
|
|
stdw.Close()
|
|
|
|
out, err := ioutil.ReadAll(stdr)
|
|
require.NoError(t, err)
|
|
|
|
os.Stdout = originalStdout
|
|
|
|
formatFound := syft.IdentifyFormat(out)
|
|
if format.ID() == table.ID {
|
|
require.Nil(t, formatFound)
|
|
return
|
|
}
|
|
require.Equal(t, format.ID(), formatFound.ID())
|
|
})
|
|
}
|
|
}
|