diff --git a/tasks/create-product-sbom/README.md b/tasks/create-product-sbom/README.md index 2351c6672..7ea3637a3 100644 --- a/tasks/create-product-sbom/README.md +++ b/tasks/create-product-sbom/README.md @@ -9,3 +9,5 @@ releaseNotes content. |------------------|--------------------------------------------------------------------------|----------|---------------| | dataJsonPath | Path to the JSON string of the merged data containing the release notes | No | - | +## Changes in 1.0.0 +Output directory path instead of a file path. diff --git a/tasks/create-product-sbom/create-product-sbom.yaml b/tasks/create-product-sbom/create-product-sbom.yaml index 94e447950..befea007d 100644 --- a/tasks/create-product-sbom/create-product-sbom.yaml +++ b/tasks/create-product-sbom/create-product-sbom.yaml @@ -4,7 +4,7 @@ kind: Task metadata: name: create-product-sbom labels: - app.kubernetes.io/version: "0.1.0" + app.kubernetes.io/version: "0.2.0" annotations: tekton.dev/pipelines.minVersion: "0.12.1" tekton.dev/tags: release @@ -20,7 +20,9 @@ spec: description: Workspace to save the product-level SBOM to. results: - name: productSBOMPath - description: Relative path to the created product-level SBOM in the data workspace. + description: >- + Relative path to the directory containing the created product-level SBOM + in the data workspace. steps: - name: create-sbom image: quay.io/konflux-ci/release-service-utils:c7e14c3521e37e99f407e11d6f7f1b15f1b3ec01 @@ -28,11 +30,25 @@ spec: #!/usr/bin/env bash set -eux - SBOM_FILE="product_sbom.json" - SBOM_PATH="$(dirname "$(params.dataJsonPath)")/${SBOM_FILE}" - OUTPUT_PATH=$(workspaces.data.path)/${SBOM_PATH} - + tmp_sbom="$(mktemp)" create_product_sbom --data-path "$(workspaces.data.path)/$(params.dataJsonPath)" \ - --output-path "$OUTPUT_PATH" + --output-path "$tmp_sbom" + + product_name="$(jq -r '.packages[0].name' "$tmp_sbom")" + product_version="$(jq -r '.packages[0].versionInfo' "$tmp_sbom")" + + # Replace whitespace with dashes + normalized_name="$(echo -n "${product_name}" | tr '[:space:]' '-')" + + sbom_dir="product-sboms" + # the combination of name + version is later used as an ID in Atlas + sbom_path="${sbom_dir}/${normalized_name}-${product_version}.json" + + # takes into account the subdirectory of the data.json if any + subdir_sbom_path="$(dirname "$(params.dataJsonPath)")/${sbom_path}" + + output_path=$(workspaces.data.path)/${subdir_sbom_path} + mkdir -p "$(dirname "$output_path")" + cp "$tmp_sbom" "$output_path" - echo -n "$SBOM_PATH" > "$(results.productSBOMPath.path)" + echo -n "$(dirname "$subdir_sbom_path")" > "$(results.productSBOMPath.path)" diff --git a/tasks/create-product-sbom/tests/test-create-product-sbom-basic.yaml b/tasks/create-product-sbom/tests/test-create-product-sbom-basic.yaml index d4b319b41..255b4be8c 100644 --- a/tasks/create-product-sbom/tests/test-create-product-sbom-basic.yaml +++ b/tasks/create-product-sbom/tests/test-create-product-sbom-basic.yaml @@ -58,11 +58,11 @@ spec: - name: data workspace: tests-workspace params: - - name: sbom + - name: sbomDir value: $(tasks.run-task.results.productSBOMPath) taskSpec: params: - - name: sbom + - name: sbomDir workspaces: - name: data steps: @@ -72,7 +72,7 @@ spec: #!/usr/bin/env sh set -eux - cp "$(workspaces.data.path)/$(params.sbom)" sbom.json + cp "$(workspaces.data.path)/$(params.sbomDir)/Red-Hat-Openstack-Product-123.json" sbom.json test "$(jq -r '.name' sbom.json)" == "Red Hat Openstack Product" diff --git a/tasks/create-product-sbom/tests/test-create-product-sbom-multiple-purls.yaml b/tasks/create-product-sbom/tests/test-create-product-sbom-multiple-purls.yaml index 350d7bf18..991d45818 100644 --- a/tasks/create-product-sbom/tests/test-create-product-sbom-multiple-purls.yaml +++ b/tasks/create-product-sbom/tests/test-create-product-sbom-multiple-purls.yaml @@ -62,11 +62,11 @@ spec: - name: data workspace: tests-workspace params: - - name: sbom + - name: sbomDir value: $(tasks.run-task.results.productSBOMPath) taskSpec: params: - - name: sbom + - name: sbomDir workspaces: - name: data steps: @@ -76,7 +76,7 @@ spec: #!/usr/bin/env sh set -eux - cp "$(workspaces.data.path)/$(params.sbom)" sbom.json + cp "$(workspaces.data.path)/$(params.sbomDir)/Red-Hat-Openstack-Product-123.json" sbom.json test "$(jq -r '.name' sbom.json)" == "Red Hat Openstack Product"