diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2024-01-17 09:07:23 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2024-01-17 09:07:23 +0300 |
commit | 172e4a12748fd146fdd0e9eca12ade4c51dabda9 (patch) | |
tree | 7d4be9fa2966dbaf4f9f98937db051627e78b816 /lib/gitlab/ci/parsers | |
parent | 4c872af312f27f2e2da967a6efebd76e88119caa (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'lib/gitlab/ci/parsers')
-rw-r--r-- | lib/gitlab/ci/parsers/sbom/component.rb | 59 | ||||
-rw-r--r-- | lib/gitlab/ci/parsers/sbom/cyclonedx.rb | 10 |
2 files changed, 60 insertions, 9 deletions
diff --git a/lib/gitlab/ci/parsers/sbom/component.rb b/lib/gitlab/ci/parsers/sbom/component.rb new file mode 100644 index 00000000000..1a4aa5071ae --- /dev/null +++ b/lib/gitlab/ci/parsers/sbom/component.rb @@ -0,0 +1,59 @@ +# frozen_string_literal: true + +module Gitlab + module Ci + module Parsers + module Sbom + class Component + include Gitlab::Utils::StrongMemoize + + TRIVY_SOURCE_PACKAGE_FIELD = 'SrcName' + + def initialize(data) + @data = data + end + + def parse + ::Gitlab::Ci::Reports::Sbom::Component.new( + type: data['type'], + name: data['name'], + purl: purl, + version: data['version'], + properties: properties, + source_package_name: source_package_name + ) + end + + private + + attr_reader :data + + def purl + return unless data['purl'] + + ::Sbom::PackageUrl.parse(data['purl']) + end + strong_memoize_attr :purl + + def properties + CyclonedxProperties.parse_trivy_source(data['properties']) + end + strong_memoize_attr :properties + + def source_package_name + return unless container_scanning_component? + + properties&.data&.dig(TRIVY_SOURCE_PACKAGE_FIELD) || data['name'] + end + + def container_scanning_component? + return false unless data['purl'] + + Enums::Sbom.container_scanning_purl_type?(purl.type) + end + strong_memoize_attr :container_scanning_component? + end + end + end + end +end diff --git a/lib/gitlab/ci/parsers/sbom/cyclonedx.rb b/lib/gitlab/ci/parsers/sbom/cyclonedx.rb index 62cd322e141..9c48dd69a41 100644 --- a/lib/gitlab/ci/parsers/sbom/cyclonedx.rb +++ b/lib/gitlab/ci/parsers/sbom/cyclonedx.rb @@ -58,15 +58,7 @@ module Gitlab def parse_components data['components']&.each_with_index do |component_data, index| - properties = component_data['properties'] - component = ::Gitlab::Ci::Reports::Sbom::Component.new( - type: component_data['type'], - name: component_data['name'], - purl: component_data['purl'], - version: component_data['version'] - ) - - component.properties = CyclonedxProperties.parse_trivy_source(properties) if properties + component = Component.new(component_data).parse report.add_component(component) if component.ingestible? rescue ::Sbom::PackageUrl::InvalidPackageUrl report.add_error("/components/#{index}/purl is invalid") |