From ce9b0718090258fc2281c459a92cb17171e8942a Mon Sep 17 00:00:00 2001 From: Martin Jediny Date: Fri, 13 Dec 2024 10:54:14 +0100 Subject: [PATCH] feat: change image data field Since this script won't use the advisory data anymore, the SBOM data can be simplified. Signed-off-by: Martin Jediny --- sbom/test_update_component_sbom.py | 14 +++++++------- sbom/update_component_sbom.py | 4 +--- 2 files changed, 8 insertions(+), 10 deletions(-) diff --git a/sbom/test_update_component_sbom.py b/sbom/test_update_component_sbom.py index 2409437..3911a3c 100644 --- a/sbom/test_update_component_sbom.py +++ b/sbom/test_update_component_sbom.py @@ -12,20 +12,20 @@ class TestUpdateComponentSBOM(unittest.TestCase): def test_get_component_to_purls_map_single_arch(self) -> None: - release_note_images = [ + images = [ {"component": "comp1", "purl": "purl1"}, {"component": "comp1", "purl": "purl2"}, {"component": "comp2", "purl": "purl3"}, ] - result = get_component_to_purls_map(release_note_images) + result = get_component_to_purls_map(images) assert result == { "comp1": ["purl1", "purl2"], "comp2": ["purl3"], } def test_get_component_to_purls_map_multi_arch(self) -> None: - release_note_images = [ + images = [ { "component": "comp1", "purl": "pkg:oci/bar@sha256%3Aabcde?arch=amd64&repository_url=registry.io/foo", @@ -35,7 +35,7 @@ def test_get_component_to_purls_map_multi_arch(self) -> None: }, ] - result = get_component_to_purls_map(release_note_images) + result = get_component_to_purls_map(images) assert result == { "comp1": ["pkg:oci/bar@sha256%3Afoosha1?repository_url=registry.io/foo"], "comp1_amd64": [ @@ -167,7 +167,7 @@ def test_update_sboms_with_cyclonedex_format( # defined in the mock_open test_cyclonedx_sbom = { "bomFormat": "CycloneDX", - "releaseNotes": {"content": {"images": "foo"}}, + "images": "foo", } with patch( @@ -195,7 +195,7 @@ def test_update_sboms_with_spdx_format( ) -> None: # combining the content of data.json and sbom, since there can only be one read_data # defined in the mock_open - test_spdx_sbom = {"spdxVersion": "2.3", "releaseNotes": {"content": {"images": "foo"}}} + test_spdx_sbom = {"spdxVersion": "2.3", "images": "foo"} with patch( "builtins.open", mock_open(read_data=json.dumps(test_spdx_sbom)) @@ -222,7 +222,7 @@ def test_update_sboms_with_wrong_format( # defined in the mock_open test_spdx_sbom = { "notSbom": "NoSbomVersion", - "releaseNotes": {"content": {"images": "foo"}}, + "images": "foo", } with patch( diff --git a/sbom/update_component_sbom.py b/sbom/update_component_sbom.py index 71d507c..8df4149 100755 --- a/sbom/update_component_sbom.py +++ b/sbom/update_component_sbom.py @@ -140,9 +140,7 @@ def update_sboms(data_path: str, input_path: str, output_path: str) -> None: with open(data_path, "r") as data_file: data = json.load(data_file) - component_to_purls_map = get_component_to_purls_map( - data["releaseNotes"]["content"].get("images", []) - ) + component_to_purls_map = get_component_to_purls_map(data.get("images", [])) # get all json files in input dir input_jsons = glob.glob(os.path.join(input_path, "*.json")) # loop through files