From 172e4a12748fd146fdd0e9eca12ade4c51dabda9 Mon Sep 17 00:00:00 2001 From: GitLab Bot Date: Wed, 17 Jan 2024 06:07:23 +0000 Subject: Add latest changes from gitlab-org/gitlab@master --- lib/gitlab/ci/parsers/sbom/component.rb | 59 +++++++++++++++++++++++++++++++++ 1 file changed, 59 insertions(+) create mode 100644 lib/gitlab/ci/parsers/sbom/component.rb (limited to 'lib/gitlab/ci/parsers/sbom/component.rb') diff --git a/lib/gitlab/ci/parsers/sbom/component.rb b/lib/gitlab/ci/parsers/sbom/component.rb new file mode 100644 index 00000000000..1a4aa5071ae --- /dev/null +++ b/lib/gitlab/ci/parsers/sbom/component.rb @@ -0,0 +1,59 @@ +# frozen_string_literal: true + +module Gitlab + module Ci + module Parsers + module Sbom + class Component + include Gitlab::Utils::StrongMemoize + + TRIVY_SOURCE_PACKAGE_FIELD = 'SrcName' + + def initialize(data) + @data = data + end + + def parse + ::Gitlab::Ci::Reports::Sbom::Component.new( + type: data['type'], + name: data['name'], + purl: purl, + version: data['version'], + properties: properties, + source_package_name: source_package_name + ) + end + + private + + attr_reader :data + + def purl + return unless data['purl'] + + ::Sbom::PackageUrl.parse(data['purl']) + end + strong_memoize_attr :purl + + def properties + CyclonedxProperties.parse_trivy_source(data['properties']) + end + strong_memoize_attr :properties + + def source_package_name + return unless container_scanning_component? + + properties&.data&.dig(TRIVY_SOURCE_PACKAGE_FIELD) || data['name'] + end + + def container_scanning_component? + return false unless data['purl'] + + Enums::Sbom.container_scanning_purl_type?(purl.type) + end + strong_memoize_attr :container_scanning_component? + end + end + end + end +end -- cgit v1.2.3