diff --git a/pkg/utils/build/sbom.go b/pkg/utils/build/sbom.go deleted file mode 100644 index 3c831fc7f..000000000 --- a/pkg/utils/build/sbom.go +++ /dev/null @@ -1,90 +0,0 @@ -package build - -import ( - "encoding/json" - "fmt" - "os" -) - -func GetParsedSbomFilesContentFromImage(image string) (*SbomPurl, *SbomCyclonedx, error) { - tmpDir, err := ExtractImage(image) - defer os.RemoveAll(tmpDir) - if err != nil { - return nil, nil, err - } - - purl, err := getSbomPurlContent(tmpDir) - if err != nil { - return nil, nil, fmt.Errorf("failed to get sbom purl content: %+v", err) - } - - cyclonedx, err := getSbomCyclonedxContent(tmpDir) - if err != nil { - return nil, nil, fmt.Errorf("failed to get sbom cyclonedx content: %+v", err) - } - return purl, cyclonedx, nil -} - -type SbomPurl struct { - ImageContents struct { - Dependencies []struct { - Purl string `json:"purl"` - } `json:"dependencies"` - } `json:"image_contents"` -} - -type SbomCyclonedx struct { - BomFormat string - SpecVersion string - Version int - Components []struct { - Name string `json:"name"` - Purl string `json:"purl"` - Type string `json:"type"` - Version string `json:"version"` - } `json:"components"` -} - -func getSbomPurlContent(rootDir string) (*SbomPurl, error) { - sbomPurlFilePath := rootDir + "/root/buildinfo/content_manifests/sbom-purl.json" - file, err := os.Stat(sbomPurlFilePath) - if err != nil { - return nil, fmt.Errorf("sbom file not found in path %s", sbomPurlFilePath) - } - if file.Size() == 0 { - return nil, fmt.Errorf("sbom file %s is empty", sbomPurlFilePath) - } - - b, err := os.ReadFile(sbomPurlFilePath) - if err != nil { - return nil, fmt.Errorf("error when reading sbom file %s: %v", sbomPurlFilePath, err) - } - sbom := &SbomPurl{} - if err := json.Unmarshal(b, sbom); err != nil { - return nil, fmt.Errorf("error when parsing sbom PURL json: %v", err) - } - - return sbom, nil -} - -func getSbomCyclonedxContent(rootDir string) (*SbomCyclonedx, error) { - sbomCyclonedxFilePath := rootDir + "/root/buildinfo/content_manifests/sbom-cyclonedx.json" - file, err := os.Stat(sbomCyclonedxFilePath) - if err != nil { - return nil, fmt.Errorf("sbom file not found in path %s", sbomCyclonedxFilePath) - } - if file.Size() == 0 { - return nil, fmt.Errorf("sbom file %s is empty", sbomCyclonedxFilePath) - } - - b, err := os.ReadFile(sbomCyclonedxFilePath) - if err != nil { - return nil, fmt.Errorf("error when reading sbom file %s: %v", sbomCyclonedxFilePath, err) - } - sbom := &SbomCyclonedx{} - if err := json.Unmarshal(b, sbom); err != nil { - return nil, fmt.Errorf("error when parsing sbom CycloneDX json: %v", err) - } - - return sbom, nil -} diff --git a/tests/build/build_templates.go b/tests/build/build_templates.go index 17c1fa356..3ca37255a 100644 --- a/tests/build/build_templates.go +++ b/tests/build/build_templates.go @@ -597,35 +597,6 @@ var _ = framework.BuildSuiteDescribe("Build templates E2E test", Label("build", ContainElements(tekton.MatchTaskRunResultWithJSONPathValue(constants.TektonTaskTestOutputName, "{$.result}", `["SUCCESS"]`)), ) }) - It("contains non-empty sbom files", Label(buildTemplatesTestLabel), func() { - purl, cyclonedx, err := build.GetParsedSbomFilesContentFromImage(imageWithDigest) - Expect(err).NotTo(HaveOccurred()) - - Expect(cyclonedx.BomFormat).To(Equal("CycloneDX")) - Expect(cyclonedx.SpecVersion).ToNot(BeEmpty()) - Expect(cyclonedx.Version).ToNot(BeZero()) - if !strings.Contains(scenario.GitURL, "from-scratch") { - Expect(cyclonedx.Components).ToNot(BeEmpty()) - - numberOfLibraryComponents := 0 - for _, component := range cyclonedx.Components { - Expect(component.Name).ToNot(BeEmpty()) - Expect(component.Type).ToNot(BeEmpty()) - - if component.Type == "library" || component.Type == "application" { - Expect(component.Purl).ToNot(BeEmpty()) - numberOfLibraryComponents++ - } - } - - Expect(purl.ImageContents.Dependencies).ToNot(BeEmpty()) - Expect(purl.ImageContents.Dependencies).To(HaveLen(numberOfLibraryComponents)) - - for _, dependency := range purl.ImageContents.Dependencies { - Expect(dependency.Purl).ToNot(BeEmpty()) - } - } - }) }) Context("build-definitions ec pipelines", Label(buildTemplatesTestLabel), func() { diff --git a/tests/konflux-demo/konflux-demo.go b/tests/konflux-demo/konflux-demo.go index 68499b154..d6f0c08f9 100644 --- a/tests/konflux-demo/konflux-demo.go +++ b/tests/konflux-demo/konflux-demo.go @@ -265,19 +265,7 @@ var _ = framework.KonfluxDemoSuiteDescribe(Label(devEnvTestLabel), func() { }) When("Build PipelineRun completes successfully", func() { - It("should be possible to download the SBOM file", func() { - var outputImage string - for _, p := range pipelineRun.Spec.Params { - if p.Name == "output-image" { - outputImage = p.Value.StringVal - } - } - Expect(outputImage).ToNot(BeEmpty(), "output image of a component could not be found") - - _, _, err = build.GetParsedSbomFilesContentFromImage(outputImage) - Expect(err).NotTo(HaveOccurred()) - }) - + It("should validate Tekton TaskRun test results successfully", func() { pipelineRun, err = fw.AsKubeAdmin.HasController.GetComponentPipelineRun(component.GetName(), appSpec.ApplicationName, fw.UserNamespace, headSHA) Expect(err).ShouldNot(HaveOccurred())