diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-08-01 09:12:25 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-08-01 09:12:25 +0300 |
| commit | 2bfa43cf3a8b0bb25a85066ff48db58f068bc493 (patch) | |
| tree | 7ba5f89b4953742f025f5c8e0911cd1f964bb2e5 /lib/gitlab/ci/parsers | |
| parent | 188f99dcc3de4678b308851d1cd8d26a200393cd (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'lib/gitlab/ci/parsers')
| -rw-r--r-- | lib/gitlab/ci/parsers/sbom/cyclonedx.rb | 18 | ||||
| -rw-r--r-- | lib/gitlab/ci/parsers/sbom/validators/cyclonedx_schema_validator.rb | 37 |
2 files changed, 54 insertions, 1 deletions
diff --git a/lib/gitlab/ci/parsers/sbom/cyclonedx.rb b/lib/gitlab/ci/parsers/sbom/cyclonedx.rb index 70c9e81aa3a..86516aa2a7a 100644 --- a/lib/gitlab/ci/parsers/sbom/cyclonedx.rb +++ b/lib/gitlab/ci/parsers/sbom/cyclonedx.rb @@ -16,7 +16,7 @@ module Gitlab def parse! @data = Gitlab::Json.parse(json_data) - return unless supported_spec_version? + return unless valid? parse_components rescue JSON::ParserError => e @@ -27,6 +27,14 @@ module Gitlab attr_reader :json_data, :report, :data + def schema_validator + @schema_validator ||= Validators::CyclonedxSchemaValidator.new(data) + end + + def valid? + valid_schema? && supported_spec_version? + end + def supported_spec_version? return true if SUPPORTED_SPEC_VERSIONS.include?(data['specVersion']) @@ -38,6 +46,14 @@ module Gitlab false end + def valid_schema? + return true if schema_validator.valid? + + schema_validator.errors.each { |error| report.add_error(error) } + + false + end + def parse_components data['components']&.each do |component| next unless supported_component_type?(component['type']) diff --git a/lib/gitlab/ci/parsers/sbom/validators/cyclonedx_schema_validator.rb b/lib/gitlab/ci/parsers/sbom/validators/cyclonedx_schema_validator.rb new file mode 100644 index 00000000000..9d56e001c2f --- /dev/null +++ b/lib/gitlab/ci/parsers/sbom/validators/cyclonedx_schema_validator.rb @@ -0,0 +1,37 @@ +# frozen_string_literal: true + +module Gitlab + module Ci + module Parsers + module Sbom + module Validators + class CyclonedxSchemaValidator + SCHEMA_PATH = Rails.root.join('app', 'validators', 'json_schemas', 'cyclonedx_report.json').freeze + + def initialize(report_data) + @report_data = report_data + end + + def valid? + errors.empty? + end + + def errors + @errors ||= pretty_errors + end + + private + + def raw_errors + JSONSchemer.schema(SCHEMA_PATH).validate(@report_data) + end + + def pretty_errors + raw_errors.map { |error| JSONSchemer::Errors.pretty(error) } + end + end + end + end + end + end +end |