-
Notifications
You must be signed in to change notification settings - Fork 505
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #2147 from puerco/spdx-multiarch-images
SPDX bug fixes found during v1.22.0-beta.0
Showing
13 changed files
with
1,152 additions
and
461 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,141 @@ | ||
/* | ||
Copyright 2021 The Kubernetes Authors. | ||
Licensed under the Apache License, Version 2.0 (the "License"); | ||
you may not use this file except in compliance with the License. | ||
You may obtain a copy of the License at | ||
http://www.apache.org/licenses/LICENSE-2.0 | ||
Unless required by applicable law or agreed to in writing, software | ||
distributed under the License is distributed on an "AS IS" BASIS, | ||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
See the License for the specific language governing permissions and | ||
limitations under the License. | ||
*/ | ||
|
||
package spdx | ||
|
||
import ( | ||
"crypto/sha1" | ||
"os" | ||
"path/filepath" | ||
"strings" | ||
|
||
"github.com/pkg/errors" | ||
"sigs.k8s.io/release-utils/hash" | ||
"sigs.k8s.io/release-utils/util" | ||
) | ||
|
||
// Object is an interface that dictates the common methods of spdx | ||
// objects. Currently this includes files and packages. | ||
type Object interface { | ||
SPDXID() string | ||
ReadSourceFile(string) error | ||
Render() (string, error) | ||
BuildID(seeds ...string) | ||
} | ||
|
||
type Entity struct { | ||
ID string // Identifier string for the object in the doc | ||
SourceFile string // Local file to read for information | ||
Name string // Name of the package | ||
DownloadLocation string // Download point for the entity | ||
CopyrightText string // NOASSERTION | ||
FileName string // Name of the file | ||
LicenseConcluded string // LicenseID o NOASSERTION | ||
Opts *ObjectOptions // Entity options | ||
Relationships []*Relationship // List of objects that have a relationship woth this package | ||
Checksum map[string]string // Colection of source file checksums | ||
} | ||
|
||
type ObjectOptions struct { | ||
WorkDir string | ||
} | ||
|
||
func (e *Entity) Options() *ObjectOptions { | ||
return e.Opts | ||
} | ||
|
||
// SPDXID returns the SPDX reference string for the object | ||
func (e *Entity) SPDXID() string { | ||
return e.ID | ||
} | ||
|
||
// BuildID sets the file ID, optionally from a series of strings | ||
func (e *Entity) BuildID(seeds ...string) { | ||
if len(seeds) <= 1 { | ||
seeds = append(seeds, e.Name) | ||
} | ||
e.ID = buildIDString(seeds...) | ||
} | ||
|
||
// AddRelated this adds a related object to the file to be rendered | ||
// on the document. The exact output depends on the related obj options | ||
func (e *Entity) AddRelationship(rel *Relationship) { | ||
e.Relationships = append(e.Relationships, rel) | ||
} | ||
|
||
// ReadChecksums receives a path to a file and calculates its checksums | ||
func (e *Entity) ReadChecksums(filePath string) error { | ||
if e.Checksum == nil { | ||
e.Checksum = map[string]string{} | ||
} | ||
file, err := os.Open(filePath) | ||
if err != nil { | ||
return errors.Wrap(err, "opening file for reading: "+filePath) | ||
} | ||
defer file.Close() | ||
// TODO: Make this line like the others once this PR is | ||
// included in a k-sigs/release-util release: | ||
// https://github.com/kubernetes-sigs/release-utils/pull/16 | ||
s1, err := hash.ForFile(filePath, sha1.New()) | ||
if err != nil { | ||
return errors.Wrap(err, "getting sha1 sum for file") | ||
} | ||
s256, err := hash.SHA256ForFile(filePath) | ||
if err != nil { | ||
return errors.Wrap(err, "getting file checksums") | ||
} | ||
s512, err := hash.SHA512ForFile(filePath) | ||
if err != nil { | ||
return errors.Wrap(err, "getting file checksums") | ||
} | ||
|
||
e.Checksum = map[string]string{ | ||
"SHA1": s1, | ||
"SHA256": s256, | ||
"SHA512": s512, | ||
} | ||
return nil | ||
} | ||
|
||
// ReadSourceFile reads the source file for the package and populates | ||
// the fields derived from it (Checksums and FileName) | ||
func (e *Entity) ReadSourceFile(path string) error { | ||
if !util.Exists(path) { | ||
return errors.New("unable to find package source file") | ||
} | ||
|
||
if err := e.ReadChecksums(path); err != nil { | ||
return errors.Wrap(err, "reading file checksums") | ||
} | ||
|
||
e.SourceFile = path | ||
|
||
// If the entity name is blank, we set it to the file path | ||
e.FileName = strings.TrimPrefix( | ||
path, e.Options().WorkDir+string(filepath.Separator), | ||
) | ||
|
||
if e.Name == "" { | ||
e.Name = e.FileName | ||
} | ||
|
||
return nil | ||
} | ||
|
||
// Render is overridden by Package and File with their own variants | ||
func (e *Entity) Render() (string, error) { | ||
return "", nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,101 @@ | ||
/* | ||
Copyright 2021 The Kubernetes Authors. | ||
Licensed under the Apache License, Version 2.0 (the "License"); | ||
you may not use this file except in compliance with the License. | ||
You may obtain a copy of the License at | ||
http://www.apache.org/licenses/LICENSE-2.0 | ||
Unless required by applicable law or agreed to in writing, software | ||
distributed under the License is distributed on an "AS IS" BASIS, | ||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
See the License for the specific language governing permissions and | ||
limitations under the License. | ||
*/ | ||
|
||
package spdx | ||
|
||
import ( | ||
"fmt" | ||
|
||
"github.com/pkg/errors" | ||
) | ||
|
||
type RelationshipType string | ||
|
||
// nolint | ||
const ( | ||
DESCRIBES RelationshipType = "DESCRIBES" | ||
DESCRIBED_BY RelationshipType = "DESCRIBED_BY" | ||
CONTAINS RelationshipType = "CONTAINS" | ||
CONTAINED_BY RelationshipType = "CONTAINED_BY" | ||
DEPENDS_ON RelationshipType = "DEPENDS_ON" | ||
DEPENDENCY_OF RelationshipType = "DEPENDENCY_OF" | ||
DEPENDENCY_MANIFEST_OF RelationshipType = "DEPENDENCY_MANIFEST_OF" | ||
BUILD_DEPENDENCY_OF RelationshipType = "BUILD_DEPENDENCY_OF" | ||
DEV_DEPENDENCY_OF RelationshipType = "DEV_DEPENDENCY_OF" | ||
OPTIONAL_DEPENDENCY_OF RelationshipType = "OPTIONAL_DEPENDENCY_OF" | ||
PROVIDED_DEPENDENCY_OF RelationshipType = "PROVIDED_DEPENDENCY_OF" | ||
TEST_DEPENDENCY_OF RelationshipType = "TEST_DEPENDENCY_OF" | ||
RUNTIME_DEPENDENCY_OF RelationshipType = "RUNTIME_DEPENDENCY_OF" | ||
EXAMPLE_OF RelationshipType = "EXAMPLE_OF" | ||
GENERATES RelationshipType = "GENERATES" | ||
GENERATED_FROM RelationshipType = "GENERATED_FROM" | ||
ANCESTOR_OF RelationshipType = "ANCESTOR_OF" | ||
DESCENDANT_OF RelationshipType = "DESCENDANT_OF" | ||
VARIANT_OF RelationshipType = "VARIANT_OF" | ||
DISTRIBUTION_ARTIFACT RelationshipType = "DISTRIBUTION_ARTIFACT" | ||
PATCH_FOR RelationshipType = "PATCH_FOR" | ||
PATCH_APPLIED RelationshipType = "PATCH_APPLIED" | ||
COPY_OF RelationshipType = "COPY_OF" | ||
FILE_ADDED RelationshipType = "FILE_ADDED" | ||
FILE_DELETED RelationshipType = "FILE_DELETED" | ||
FILE_MODIFIED RelationshipType = "FILE_MODIFIED" | ||
EXPANDED_FROM_ARCHIVE RelationshipType = "EXPANDED_FROM_ARCHIVE" | ||
DYNAMIC_LINK RelationshipType = "DYNAMIC_LINK" | ||
STATIC_LINK RelationshipType = "STATIC_LINK" | ||
DATA_FILE_OF RelationshipType = "DATA_FILE_OF" | ||
TEST_CASE_OF RelationshipType = "TEST_CASE_OF" | ||
BUILD_TOOL_OF RelationshipType = "BUILD_TOOL_OF" | ||
DEV_TOOL_OF RelationshipType = "DEV_TOOL_OF" | ||
TEST_OF RelationshipType = "TEST_OF" | ||
TEST_TOOL_OF RelationshipType = "TEST_TOOL_OF" | ||
DOCUMENTATION_OF RelationshipType = "DOCUMENTATION_OF" | ||
OPTIONAL_COMPONENT_OF RelationshipType = "OPTIONAL_COMPONENT_OF" | ||
METAFILE_OF RelationshipType = "METAFILE_OF" | ||
PACKAGE_OF RelationshipType = "PACKAGE_OF" | ||
AMENDS RelationshipType = "AMENDS" | ||
PREREQUISITE_FOR RelationshipType = "PREREQUISITE_FOR" | ||
HAS_PREREQUISITE RelationshipType = "HAS_PREREQUISITE" | ||
OTHER RelationshipType = "OTHER" | ||
) | ||
|
||
type Relationship struct { | ||
FullRender bool // Flag, then true the package will be rendered in the doc | ||
PeerReference string // SPDX Ref of the peer object. Will override the ID of provided package if set | ||
Comment string // Relationship ship commnet | ||
Type RelationshipType // Relationship of the specified package | ||
Peer Object // | ||
} | ||
|
||
func (ro *Relationship) Render(hostObject Object) (string, error) { | ||
if ro.Peer.SPDXID() == "" { | ||
return "", errors.New("unable to render relationship, peer object has no SPDX ID") | ||
} | ||
|
||
if hostObject.SPDXID() == "" { | ||
return "", errors.New("Unable to rennder relationship, hostObject has no ID") | ||
} | ||
|
||
docFragment := "" | ||
if ro.FullRender { | ||
objDoc, err := ro.Peer.Render() | ||
if err != nil { | ||
return "", errors.Wrapf(err, "rendering related object %s", hostObject.SPDXID()) | ||
} | ||
docFragment += objDoc | ||
} | ||
docFragment += fmt.Sprintf("Relationship: %s %s %s\n", hostObject.SPDXID(), ro.Type, ro.Peer.SPDXID()) | ||
return docFragment, nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Large diffs are not rendered by default.
Oops, something went wrong.