lib/gitlab/ci/parsers/sbom/source/dependency_scanning.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49

# frozen_string_literal: true

module Gitlab
  module Ci
    module Parsers
      module Sbom
        module Source
          class DependencyScanning
            REQUIRED_ATTRIBUTES = [
              %w[input_file path]
            ].freeze

            def self.source(...)
              new(...).source
            end

            def initialize(data)
              @data = data
            end

            def source
              return unless required_attributes_present?

              ::Gitlab::Ci::Reports::Sbom::Source.new(
                type: :dependency_scanning,
                data: data,
                fingerprint: fingerprint
              )
            end

            private

            attr_reader :data

            def required_attributes_present?
              REQUIRED_ATTRIBUTES.all? do |keys|
                data.dig(*keys).present?
              end
            end

            def fingerprint
              Digest::SHA256.hexdigest(data.to_json)
            end
          end
        end
      end
    end
  end
end