Skip to content

Commit

Permalink
Add integration test for Julia SBOMs
Browse files Browse the repository at this point in the history
  • Loading branch information
@Octogonapus
Octogonapus committed Dec 8, 2023
1 parent cfd4711 commit 30b6bbc
Show file tree
Hide file tree
Showing 5 changed files with 291 additions and 0 deletions.
18 changes: 18 additions & 0 deletions integration/repo_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -393,6 +393,24 @@ func TestRepository(t *testing.T) {
report.ArtifactType = ftypes.ArtifactFilesystem
},
},
{
name: "julia generating SPDX SBOM",
args: args{
command: "rootfs",
format: "spdx-json",
input: "testdata/fixtures/repo/julia",
},
golden: "testdata/julia-spdx.json.golden",
},
{
name: "julia generating CycloneDX SBOM",
args: args{
command: "rootfs",
format: "cyclonedx",
input: "testdata/fixtures/repo/julia",
},
golden: "testdata/julia-cyclonedx.json.golden",
},
}

// Set up testing DB
Expand Down
16 changes: 16 additions & 0 deletions integration/testdata/fixtures/repo/julia/Manifest.toml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
# This file is machine-generated - editing it directly is not advised

julia_version = "1.9.0"
manifest_format = "2.0"
project_hash = "f0a796fb78285c02ad123fec6e14c8bac09a2ccc"

[[deps.A]]
uuid = "ead4f63c-334e-11e9-00e6-e7f0a5f21b60"

[deps.A.deps]
B = "f41f7b98-334e-11e9-1257-49272045fb24"

[[deps.B]]
uuid = "f41f7b98-334e-11e9-1257-49272045fb24"
[[deps.B]]
uuid = "edca9bc6-334e-11e9-3554-9595dbb4349c"
7 changes: 7 additions & 0 deletions integration/testdata/fixtures/repo/julia/Project.toml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
name = "packageName"
uuid = "1c653b0a-0b5a-4cff-b25a-92f0db012773"
version = "0.1.0"

[deps]
A = "ead4f63c-334e-11e9-00e6-e7f0a5f21b60"
B = "edca9bc6-334e-11e9-3554-9595dbb4349c"
126 changes: 126 additions & 0 deletions integration/testdata/julia-cyclonedx.json.golden
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,126 @@
{
"$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.5",
"serialNumber": "urn:uuid:3ff14136-e09f-4df9-80ea-000000000001",
"version": 1,
"metadata": {
"timestamp": "2021-08-25T12:20:30+00:00",
"tools": [
{
"vendor": "aquasecurity",
"name": "trivy",
"version": "dev"
}
],
"component": {
"bom-ref": "3ff14136-e09f-4df9-80ea-000000000002",
"type": "application",
"name": "testdata/fixtures/repo/julia",
"properties": [
{
"name": "aquasecurity:trivy:SchemaVersion",
"value": "2"
}
]
}
},
"components": [
{
"bom-ref": "98bde055-d07d-4cb8-91a7-cf00399e7169",
"type": "application",
"name": "Manifest.toml",
"properties": [
{
"name": "aquasecurity:trivy:Class",
"value": "lang-pkgs"
},
{
"name": "aquasecurity:trivy:Type",
"value": "julia"
}
]
},
{
"bom-ref": "pkg:julia/[email protected]?uuid=ead4f63c-334e-11e9-00e6-e7f0a5f21b60",
"type": "library",
"name": "A",
"version": "1.9.0",
"purl": "pkg:julia/[email protected]?uuid=ead4f63c-334e-11e9-00e6-e7f0a5f21b60",
"properties": [
{
"name": "aquasecurity:trivy:PkgID",
"value": "ead4f63c-334e-11e9-00e6-e7f0a5f21b60"
},
{
"name": "aquasecurity:trivy:PkgType",
"value": "julia"
}
]
},
{
"bom-ref": "pkg:julia/[email protected]?uuid=edca9bc6-334e-11e9-3554-9595dbb4349c",
"type": "library",
"name": "B",
"version": "1.9.0",
"purl": "pkg:julia/[email protected]?uuid=edca9bc6-334e-11e9-3554-9595dbb4349c",
"properties": [
{
"name": "aquasecurity:trivy:PkgID",
"value": "edca9bc6-334e-11e9-3554-9595dbb4349c"
},
{
"name": "aquasecurity:trivy:PkgType",
"value": "julia"
}
]
},
{
"bom-ref": "pkg:julia/[email protected]?uuid=f41f7b98-334e-11e9-1257-49272045fb24",
"type": "library",
"name": "B",
"version": "1.9.0",
"purl": "pkg:julia/[email protected]?uuid=f41f7b98-334e-11e9-1257-49272045fb24",
"properties": [
{
"name": "aquasecurity:trivy:PkgID",
"value": "f41f7b98-334e-11e9-1257-49272045fb24"
},
{
"name": "aquasecurity:trivy:PkgType",
"value": "julia"
}
]
}
],
"dependencies": [
{
"ref": "3ff14136-e09f-4df9-80ea-000000000002",
"dependsOn": [
"3ff14136-e09f-4df9-80ea-000000000003"
]
},
{
"ref": "3ff14136-e09f-4df9-80ea-000000000003",
"dependsOn": [
"pkg:julia/[email protected]?uuid=ead4f63c-334e-11e9-00e6-e7f0a5f21b60",
"pkg:julia/[email protected]?uuid=edca9bc6-334e-11e9-3554-9595dbb4349c"
]
},
{
"ref": "pkg:julia/[email protected]?uuid=ead4f63c-334e-11e9-00e6-e7f0a5f21b60",
"dependsOn": [
"pkg:julia/[email protected]?uuid=f41f7b98-334e-11e9-1257-49272045fb24"
]
},
{
"ref": "pkg:julia/[email protected]?uuid=edca9bc6-334e-11e9-3554-9595dbb4349c",
"dependsOn": []
},
{
"ref": "pkg:julia/[email protected]?uuid=f41f7b98-334e-11e9-1257-49272045fb24",
"dependsOn": []
}
],
"vulnerabilities": []
}
124 changes: 124 additions & 0 deletions integration/testdata/julia-spdx.json.golden
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,124 @@
{
"spdxVersion": "SPDX-2.3",
"dataLicense": "CC0-1.0",
"SPDXID": "SPDXRef-DOCUMENT",
"name": "testdata/fixtures/repo/julia",
"documentNamespace": "http://aquasecurity.github.io/trivy/filesystem/testdata/fixtures/repo/julia-3ff14136-e09f-4df9-80ea-000000000001",
"creationInfo": {
"creators": [
"Organization: aquasecurity",
"Tool: trivy-dev"
],
"created": "2021-08-25T12:20:30Z"
},
"packages": [
{
"name": "A",
"SPDXID": "SPDXRef-Package-98c684976168b8a7",
"versionInfo": "1.9.0",
"supplier": "NOASSERTION",
"downloadLocation": "NONE",
"filesAnalyzed": false,
"licenseConcluded": "NONE",
"licenseDeclared": "NONE",
"externalRefs": [
{
"referenceCategory": "PACKAGE-MANAGER",
"referenceType": "purl",
"referenceLocator": "pkg:julia/[email protected]?uuid=ead4f63c-334e-11e9-00e6-e7f0a5f21b60"
}
],
"attributionTexts": [
"PkgID: ead4f63c-334e-11e9-00e6-e7f0a5f21b60"
],
"primaryPackagePurpose": "LIBRARY"
},
{
"name": "B",
"SPDXID": "SPDXRef-Package-5227d958c1e56548",
"versionInfo": "1.9.0",
"supplier": "NOASSERTION",
"downloadLocation": "NONE",
"filesAnalyzed": false,
"licenseConcluded": "NONE",
"licenseDeclared": "NONE",
"externalRefs": [
{
"referenceCategory": "PACKAGE-MANAGER",
"referenceType": "purl",
"referenceLocator": "pkg:julia/[email protected]?uuid=f41f7b98-334e-11e9-1257-49272045fb24"
}
],
"attributionTexts": [
"PkgID: f41f7b98-334e-11e9-1257-49272045fb24"
],
"primaryPackagePurpose": "LIBRARY"
},
{
"name": "B",
"SPDXID": "SPDXRef-Package-c8743c7836aa8a43",
"versionInfo": "1.9.0",
"supplier": "NOASSERTION",
"downloadLocation": "NONE",
"filesAnalyzed": false,
"licenseConcluded": "NONE",
"licenseDeclared": "NONE",
"externalRefs": [
{
"referenceCategory": "PACKAGE-MANAGER",
"referenceType": "purl",
"referenceLocator": "pkg:julia/[email protected]?uuid=edca9bc6-334e-11e9-3554-9595dbb4349c"
}
],
"attributionTexts": [
"PkgID: edca9bc6-334e-11e9-3554-9595dbb4349c"
],
"primaryPackagePurpose": "LIBRARY"
},
{
"name": "julia",
"SPDXID": "SPDXRef-Application-7d3c9e4ebc4e0210",
"downloadLocation": "NONE",
"filesAnalyzed": false,
"sourceInfo": "Manifest.toml",
"primaryPackagePurpose": "APPLICATION"
},
{
"name": "testdata/fixtures/repo/julia",
"SPDXID": "SPDXRef-Filesystem-1be792dd0077c431",
"downloadLocation": "NONE",
"filesAnalyzed": false,
"attributionTexts": [
"SchemaVersion: 2"
],
"primaryPackagePurpose": "SOURCE"
}
],
"relationships": [
{
"spdxElementId": "SPDXRef-DOCUMENT",
"relatedSpdxElement": "SPDXRef-Filesystem-1be792dd0077c431",
"relationshipType": "DESCRIBES"
},
{
"spdxElementId": "SPDXRef-Filesystem-1be792dd0077c431",
"relatedSpdxElement": "SPDXRef-Application-7d3c9e4ebc4e0210",
"relationshipType": "CONTAINS"
},
{
"spdxElementId": "SPDXRef-Application-7d3c9e4ebc4e0210",
"relatedSpdxElement": "SPDXRef-Package-98c684976168b8a7",
"relationshipType": "CONTAINS"
},
{
"spdxElementId": "SPDXRef-Application-7d3c9e4ebc4e0210",
"relatedSpdxElement": "SPDXRef-Package-c8743c7836aa8a43",
"relationshipType": "CONTAINS"
},
{
"spdxElementId": "SPDXRef-Application-7d3c9e4ebc4e0210",
"relatedSpdxElement": "SPDXRef-Package-5227d958c1e56548",
"relationshipType": "CONTAINS"
}
]
}

0 comments on commit 30b6bbc

Please sign in to comment.