mirror of
https://github.com/anchore/syft.git
synced 2025-11-17 16:33:21 +01:00
bb0f35bac4
* [wip] single sbom doc Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * fix tests Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * fix more tests Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * fix linting Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * update cli tests Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * remove scope in import path Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * swap SPDX tag-value formatter to single sbom document Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * bust CLI cache Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * update fixture to byte diff Signed-off-by: Christopher Angelo Phillips <christopher.phillips@anchore.com> * byte for byte Signed-off-by: Christopher Angelo Phillips <christopher.phillips@anchore.com> * bust the cache Signed-off-by: Christopher Angelo Phillips <christopher.phillips@anchore.com> * who needs cache Signed-off-by: Christopher Angelo Phillips <christopher.phillips@anchore.com> * add jar for testing Signed-off-by: Christopher Angelo Phillips <christopher.phillips@anchore.com> * no more bit flips Signed-off-by: Christopher Angelo Phillips <christopher.phillips@anchore.com> * update apk with the delta for image and directory cases Signed-off-by: Christopher Angelo Phillips <christopher.phillips@anchore.com> * restore cache workflow Signed-off-by: Christopher Angelo Phillips <christopher.phillips@anchore.com> Co-authored-by: Christopher Angelo Phillips <christopher.phillips@anchore.com>
64 lines
1.9 KiB
Go
64 lines
1.9 KiB
Go
package syft
|
|
|
|
import (
|
|
"bytes"
|
|
"testing"
|
|
|
|
"github.com/anchore/syft/syft/sbom"
|
|
|
|
"github.com/go-test/deep"
|
|
|
|
"github.com/anchore/syft/syft/format"
|
|
"github.com/anchore/syft/syft/source"
|
|
"github.com/stretchr/testify/assert"
|
|
)
|
|
|
|
// TestEncodeDecodeEncodeCycleComparison is testing for differences in how SBOM documents get encoded on multiple cycles.
|
|
// By encding and decoding the sbom we can compare the differences between the set of resulting objects. However,
|
|
// this requires specific comparisons being done, and select redactions/omissions being made. Additionally, there are
|
|
// already unit tests on each format encoder-decoder for properly functioning comparisons in depth, so there is no need
|
|
// to do an object-to-object comparison. For this reason this test focuses on a bytes-to-bytes comparison after an
|
|
// encode-decode-encode loop which will detect lossy behavior in both directions.
|
|
func TestEncodeDecodeEncodeCycleComparison(t *testing.T) {
|
|
testImage := "image-simple"
|
|
tests := []struct {
|
|
format format.Option
|
|
}{
|
|
{
|
|
format: format.JSONOption,
|
|
},
|
|
}
|
|
for _, test := range tests {
|
|
t.Run(testImage, func(t *testing.T) {
|
|
|
|
src, err := source.NewFromDirectory("./test-fixtures/pkgs")
|
|
if err != nil {
|
|
t.Fatalf("cant get dir")
|
|
}
|
|
originalCatalog, d, err := CatalogPackages(&src, source.SquashedScope)
|
|
|
|
originalSBOM := sbom.SBOM{
|
|
Artifacts: sbom.Artifacts{
|
|
PackageCatalog: originalCatalog,
|
|
Distro: d,
|
|
},
|
|
Source: src.Metadata,
|
|
}
|
|
|
|
by1, err := Encode(originalSBOM, test.format)
|
|
assert.NoError(t, err)
|
|
|
|
newSBOM, newFormat, err := Decode(bytes.NewReader(by1))
|
|
assert.NoError(t, err)
|
|
assert.Equal(t, test.format, newFormat)
|
|
|
|
by2, err := Encode(*newSBOM, test.format)
|
|
assert.NoError(t, err)
|
|
for _, diff := range deep.Equal(by1, by2) {
|
|
t.Errorf(diff)
|
|
}
|
|
assert.True(t, bytes.Equal(by1, by2))
|
|
})
|
|
}
|
|
}
|