Skip to content

Commit

Permalink
feature: Add SBOM support as a possible result [TAROT-2832]
Browse files Browse the repository at this point in the history
@afsmeira
afsmeira authored Sep 18, 2024
1 parent f6ec251 commit 2c84edb
Showing 4 changed files with 34 additions and 1 deletion.
1 change: 1 addition & 0 deletions go.mod
View file
Original file line number Diff line number Diff line change
@@ -3,6 +3,7 @@ module github.com/codacy/codacy-engine-golang-seed/v6
go 1.21

require (
github.com/CycloneDX/cyclonedx-go v0.9.1
github.com/samber/lo v1.47.0
github.com/sirupsen/logrus v1.9.3
github.com/stretchr/testify v1.9.0
12 changes: 12 additions & 0 deletions go.sum
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

15 changes: 15 additions & 0 deletions result.go
View file
Original file line number Diff line number Diff line change
@@ -3,6 +3,7 @@ package codacytool
import (
"encoding/json"

"github.com/CycloneDX/cyclonedx-go"
"github.com/sirupsen/logrus"
)

@@ -44,6 +45,20 @@ func (i FileError) GetFile() string {
return i.File
}

// SBOM represents a Software Bill of Materials in the CycloneDX format.
type SBOM struct {
cyclonedx.BOM
}

func (s SBOM) ToJSON() ([]byte, error) {
return json.Marshal(s)
}

// GetFile always returns an empty value since SBOM is for the whole project, not a single file.
func (s SBOM) GetFile() string {
return ""
}

type Results []Result

func (r Results) ToJSON() []string {
7 changes: 6 additions & 1 deletion result_test.go
View file
Original file line number Diff line number Diff line change
@@ -19,15 +19,17 @@ func TestResultsToJSON(t *testing.T) {
File: "file-error",
Message: "file-error",
}
sbom := SBOM{}
badResult := BadResult{}

expectedJSONResults := []string{
`{"filename":"file","line":5,"message":"message","patternId":"pattern ID"}`,
`{"filename":"file-error","message":"file-error"}`,
`{"bomFormat":"","specVersion":"SpecVersion(0)","version":0}`,
}

// Act
jsonResults := Results{issue, fileError, badResult}.ToJSON()
jsonResults := Results{issue, fileError, sbom, badResult}.ToJSON()

// Assert
// Since a JSON object does not have order, we can't simply assert by doing `assert.ElementsMatch`.
@@ -44,14 +46,17 @@ func TestResultsGetFile(t *testing.T) {
// Arrange
issue := Issue{File: "issue-file"}
fileError := FileError{File: "file-error"}
sbom := SBOM{}

// Act
issueFile := issue.GetFile()
fileErrorFile := fileError.GetFile()
sbomFile := sbom.GetFile()

// Assert
assert.Equal(t, "issue-file", issueFile)
assert.Equal(t, "file-error", fileErrorFile)
assert.Empty(t, sbomFile)
}

type BadResult struct{}

0 comments on commit 2c84edb

Please sign in to comment.