Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add pipeline to publish scan to federatedcode #1400

Merged
merged 19 commits into from
Nov 12, 2024
Merged
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Add test for federatedcode
Signed-off-by: Keshav Priyadarshi <[email protected]>
keshav-space committed Oct 15, 2024

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
commit 930a5cc6c226d2649869dc608f3c69f44646e20a
3 changes: 1 addition & 2 deletions scanpipe/pipelines/publish_to_federatedcode.py
Original file line number Diff line number Diff line change
@@ -20,7 +20,6 @@
# ScanCode.io is a free software code scanning tool from nexB Inc. and others.
# Visit https://github.com/aboutcode-org/scancode.io for support and download.

import shutil

from scanpipe.pipelines import Pipeline
from scanpipe.pipes import federatedcode
@@ -100,4 +99,4 @@ def commit_and_push_changes(self):

def delete_local_clone(self):
"""Remove local clone."""
shutil.rmtree(self.repo.working_dir)
federatedcode.delete_local_clone(repo=self.repo)
33 changes: 20 additions & 13 deletions scanpipe/pipes/federatedcode.py
Original file line number Diff line number Diff line change
@@ -21,6 +21,7 @@
# Visit https://github.com/aboutcode-org/scancode.io for support and download.


import shutil
import tempfile
import textwrap
from pathlib import Path
@@ -52,6 +53,20 @@ def is_configured():
return True, ""
keshav-space marked this conversation as resolved.
Show resolved Hide resolved


def get_package_repository(package, logger=None):
"""Return the Git repository URL and scan path for a given package."""
FEDERATEDCODE_GIT_ACCOUNT_URL = f'{settings.FEDERATEDCODE_GIT_ACCOUNT.rstrip("/")}/'
package_base_dir = hashid.get_package_base_dir(purl=package.purl)
package_repo_name = package_base_dir.parts[0]

package_scan_path = package_base_dir / package.version / "scancodeio.json"
package_git_repo_url = urljoin(
FEDERATEDCODE_GIT_ACCOUNT_URL, f"{package_repo_name}.git"
)

return package_git_repo_url, package_scan_path


def clone_repository(repo_url, logger=None):
"""Clone repository to local_path."""
local_dir = tempfile.mkdtemp()
@@ -73,19 +88,6 @@ def clone_repository(repo_url, logger=None):
return repo


def get_package_repository(package, logger=None):
"""Return the Git repository URL and scan path for a given package."""
package_base_dir = hashid.get_package_base_dir(purl=package.purl)
package_repo_name = package_base_dir.parts[0]

package_scan_path = package_base_dir / package.version / "scancodeio.json"
package_git_repo_url = urljoin(
settings.FEDERATEDCODE_GIT_ACCOUNT, f"{package_repo_name}.git"
)

return package_git_repo_url, package_scan_path


def add_scan_result(project, repo, package_scan_file, logger=None):
"""Add package scan result to the local Git repository."""
relative_scan_file_path = Path(*package_scan_file.parts[1:])
@@ -123,3 +125,8 @@ def commit_and_push_changes(
repo.index.add([file_to_commit])
repo.index.commit(textwrap.dedent(commit_message))
repo.git.push(remote_name, default_branch)


def delete_local_clone(repo):
"""Remove local clone."""
shutil.rmtree(repo.working_dir)
74 changes: 74 additions & 0 deletions scanpipe/tests/pipes/test_federatedcode.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,74 @@
# SPDX-License-Identifier: Apache-2.0
#
# http://nexb.com and https://github.com/nexB/scancode.io
# The ScanCode.io software is licensed under the Apache License version 2.0.
# Data generated with ScanCode.io is provided as-is without warranties.
# ScanCode is a trademark of nexB Inc.
#
# You may not use this software except in compliance with the License.
# You may obtain a copy of the License at: http://apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software distributed
# under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
# CONDITIONS OF ANY KIND, either express or implied. See the License for the
# specific language governing permissions and limitations under the License.
#
# Data Generated with ScanCode.io is provided on an "AS IS" BASIS, WITHOUT WARRANTIES
# OR CONDITIONS OF ANY KIND, either express or implied. No content created from
# ScanCode.io should be considered or used as legal advice. Consult an Attorney
# for any legal advice.
#
# ScanCode.io is a free software code scanning tool from nexB Inc. and others.
# Visit https://github.com/nexB/scancode.io for support and download.

import shutil
import tempfile
from pathlib import Path
from unittest.mock import patch

from django.test import TestCase

import git

from scanpipe import models
from scanpipe.pipes import federatedcode
from scanpipe.tests import make_package


class ScanPipeFederatedCodeTest(TestCase):
def setUp(self):
self.project1 = models.Project.objects.create(name="Analysis")

@patch(
"scanpipe.pipes.federatedcode.settings.FEDERATEDCODE_GIT_ACCOUNT",
"https://github.com/test/",
)
def test_scanpipe_pipes_federatedcode_get_package_repository(self):
package = make_package(
project=self.project1,
package_url="pkg:npm/[email protected]",
version="v.1.2.3",
)
expected_git_repo = "https://github.com/test/aboutcode-packages-03f1.git"
expected_scan_path = "aboutcode-packages-03f1/npm/foobar/v1.2.3/scancodeio.json"
git_repo, scan_path = federatedcode.get_package_repository(package=package)

self.assertEqual(expected_git_repo, git_repo)
self.assertEqual(expected_scan_path, str(scan_path))

def test_scanpipe_pipes_federatedcode_add_scan_result(self):
local_dir = tempfile.mkdtemp()
repo = git.Repo.init(local_dir)

federatedcode.add_scan_result(
self.project1, repo, Path("repo/npm/foobar/v1.2.3/scancodeio.json")
)

self.assertIn("npm/foobar/v1.2.3/scancodeio.json", repo.untracked_files)
shutil.rmtree(repo.working_dir)

def test_scancpipe_pipes_federatedcode_delete_local_clone(self):
keshav-space marked this conversation as resolved.
Show resolved Hide resolved
local_dir = tempfile.mkdtemp()
repo = git.Repo.init(local_dir)
federatedcode.delete_local_clone(repo)

self.assertEqual(False, Path(local_dir).exists())