Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add parent project support #18

Merged
merged 3 commits into from
Sep 7, 2024
Merged

Add parent project support #18

merged 3 commits into from
Sep 7, 2024

Conversation

LucasVanHaaren
Copy link
Contributor

@LucasVanHaaren LucasVanHaaren commented Jul 16, 2024
edited
Loading

Hi,

I have worked a bit to add parent project support like mentionned in #16. I successfully pushed some SBOMs with and without specified parent with a sbomreport generated by my local trivy-operator.
Seems to work well but I can't managed to pass the unit test TestUpload_Run (See the stacktrace here).

I also tried to use the provided sbomreport testdata/v1alpha1.json but I can't managed to push it to my dtrack instance with the following command :

cat testdata/v1alpha1.json | sbomreport-to-dependencytrack --base-url "https://<REDACTED>" --api-key "<READACTED>" --project-name "some-test" --project-version "v1"

But I got the following 400 error :

Error: {"status":400,"title":"The uploaded BOM is invalid","detail":"Schema validation failed","errors":["$.components[1].licenses[0].license: must be valid to one and only one schema, but 0 are valid","$.components[1].licenses[0].license: required property 'id' not found","$.components[1].licenses[0].license: required property 'name' not found","$.components[1].licenses[0]: must be valid to one and only one schema, but 2 are valid with indexes '0, 1'","$.components[2].licenses[0].license: must be valid to one and only one schema, but 0 are valid","$.components[2].licenses[0].license: required property 'id' not found","$.components[2].licenses[0].license: required property 'name' not found","$.components[2].licenses[0]: must be valid to one and only one schema, but 2 are valid with indexes '0, 1'","$.components[3].licenses[0].license: must be valid to one and only one schema, but 0 are valid","$.components[3].licenses[0].license: required property 'id' not found","$.components[3].licenses[0].license: required property 'name' not found","$.components[3].licenses[0]: must be valid to one and only one schema, but 2 are valid with indexes '0, 1'","$.components[4].licenses[0].license: must be valid to one and only one schema, but 0 are valid","$.components[4].licenses[0].license: required property 'id' not found","$.components[4].licenses[0].license: required property 'name' not found","$.components[4].licenses[0]: must be valid to one and only one schema, but 2 are valid with indexes '0, 1'","$.components[5].licenses[0].license: must be valid to one and only one schema, but 0 are valid","$.components[5].licenses[0].license: required property 'id' not found","$.components[5].licenses[0].license: required property 'name' not found","$.components[5].licenses[0]: must be valid to one and only one schema, but 2 are valid with indexes '0, 1'","$.components[6].licenses[0].license: must be valid to one and only one schema, but 0 are valid","$.components[6].licenses[0].license: required property 'id' not found","$.components[6].licenses[0].license: required property 'name' not found","$.components[6].licenses[0]: must be valid to one and only one schema, but 2 are valid with indexes '0, 1'","$.components[7].licenses[0].license: must be valid to one and only one schema, but 0 are valid","$.components[7].licenses[0].license: required property 'id' not found","$.components[7].licenses[0].license: required property 'name' not found","$.components[7].licenses[0]: must be valid to one and only one schema, but 2 are valid with indexes '0, 1'","$.components[7].licenses[1].license: must be valid to one and only one schema, but 0 are valid","$.components[7].licenses[1].license: required property 'id' not found","$.components[7].licenses[1].license: required property 'name' not found","$.components[7].licenses[1]: must be valid to one and only one schema, but 2 are valid with indexes '0, 1'","$.components[8].licenses[0].license: must be valid to one and only one schema, but 0 are valid","$.components[8].licenses[0].license: required property 'id' not found","$.components[8].licenses[0].license: required property 'name' not found","$.components[8].licenses[0]: must be valid to one and only one schema, but 2 are valid with indexes '0, 1'","$.components[8].licenses[1].license: must be valid to one and only one schema, but 0 are valid","$.components[8].licenses[1].license: required property 'id' not found","$.components[8].licenses[1].license: required property 'name' not found","$.components[8].licenses[1]: must be valid to one and only one schema, but 2 are valid with indexes '0, 1'","$.components[9].licenses[0].license: must be valid to one and only one schema, but 0 are valid","$.components[9].licenses[0].license: required property 'id' not found","$.components[9].licenses[0].license: required property 'name' not found","$.components[9].licenses[0]: must be valid to one and only one schema, but 2 are valid with indexes '0, 1'","$.components[10].licenses[0].license: must be valid to one and only one schema, but 0 are valid","$.components[10].licenses[0].license: required property 'id' not found","$.components[10].licenses[0].license: required property 'name' not found","$.components[10].licenses[0]: must be valid to one and only one schema, but 2 are valid with indexes '0, 1'","$.components[11].licenses[0].license: must be valid to one and only one schema, but 0 are valid","$.components[11].licenses[0].license: required property 'id' not found","$.components[11].licenses[0].license: required property 'name' not found","$.components[11].licenses[0]: must be valid to one and only one schema, but 2 are valid with indexes '0, 1'","$.components[11].licenses[1].license: must be valid to one and only one schema, but 0 are valid","$.components[11].licenses[1].license: required property 'id' not found","$.components[11].licenses[1].license: required property 'name' not found","$.components[11].licenses[1]: must be valid to one and only one schema, but 2 are valid with indexes '0, 1'","$.components[11].licenses[2].license: must be valid to one and only one schema, but 0 are valid","$.components[11].licenses[2].license: required property 'id' not found","$.components[11].licenses[2].license: required property 'name' not found","$.components[11].licenses[2]: must be valid to one and only one schema, but 2 are valid with indexes '0, 1'","$.components[12].licenses[0].license: must be valid to one and only one schema, but 0 are valid","$.components[12].licenses[0].license: required property 'id' not found","$.components[12].licenses[0].license: required property 'name' not found","$.components[12].licenses[0]: must be valid to one and only one schema, but 2 are valid with indexes '0, 1'","$.components[13].licenses[0].license: must be valid to one and only one schema, but 0 are valid","$.components[13].licenses[0].license: required property 'id' not found","$.components[13].licenses[0].license: required property 'name' not found","$.components[13].licenses[0]: must be valid to one and only one schema, but 2 are valid with indexes '0, 1'","$.components[14].licenses[0].license: must be valid to one and only one schema, but 0 are valid","$.components[14].licenses[0].license: required property 'id' not found","$.components[14].licenses[0].license: required property 'name' not found","$.components[14].licenses[0]: must be valid to one and only one schema, but 2 are valid with indexes '0, 1'","$.components[15].licenses[0].license: must be valid to one and only one schema, but 0 are valid","$.components[15].licenses[0].license: required property 'id' not found","$.components[15].licenses[0].license: required property 'name' not found","$.components[15].licenses[0]: must be valid to one and only one schema, but 2 are valid with indexes '0, 1'"]} (status: 400)

Thank you in advance for your support :)

@LucasVanHaaren
feat: add parent project support
41eb4e1 
- add parent details to data structure

- add cli and server options

- add args in core functions
@LucasVanHaaren
Merge remote-tracking branch 'upstream/main'
14fe9e5
@takumakume
Copy link
Owner

@LucasVanHaaren

The recently generated SBOMReport was in the following format.
#19

The format of the license is slightly different. Can I use this test data?

@LucasVanHaaren
Copy link
Contributor Author

LucasVanHaaren commented Aug 6, 2024
edited
Loading

Hello @takumakume,

Sorry for the delay, was a bit busy...
Just tried with the new format of SBOMreport you mentioned and it works well with my additions !

cat testdata/v1alpha1.json | go run main.go --base-url "<TRUNCATED>" --api-key "<TRUNC>" --project-name "test-for-pr" --project-version "v1" --parent-name "PARENT"
2024/08/06 17:11:11 Uploading BOM: project test-for-pr:v1
2024/08/06 17:11:11 Polling completion of upload BOM: project test-for-pr:v1 token 40f1bf18-1f00-498f-bb69-567ad9404576
2024/08/06 17:11:12 BOM upload completed: project test-for-pr:v1 token 40f1bf18-1f00-498f-bb69-567ad9404576

@LucasVanHaaren
Copy link
Contributor Author

LucasVanHaaren commented Aug 7, 2024
edited
Loading

Hello @takumakume,

I fixed the TestUpload_Run which was failing !
Now the whole test suite passed successfully

@takumakume
Copy link
Owner

takumakume commented Sep 7, 2024
edited
Loading

Sorry for the delay
I checked!
Thank you for the contrib!

This PR will be merged.
In Dtrack 4.12, there was a phenomenon that when a tag was specified with parentName and parentVersion specified, it became a non-child Project.

@takumakume takumakume marked this pull request as ready for review September 7, 2024 05:16
@takumakume takumakume merged commit 473076c into takumakume:main Sep 7, 2024
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@LucasVanHaaren @takumakume