Merge pull request #113 from interlynk-io/fix/edit-add-tools

riteshnoronha · web-flow · commit 401e62816e16 · 2024-10-24T21:12:46.000-07:00
Improved tool edits
diff --git a/pkg/edit/cdx.go b/pkg/edit/cdx.go
@@ -6,6 +6,7 @@ import (
 	"fmt"
 	"io"
 	"os"
+	"strings"
 
 	cydx "github.com/CycloneDX/cyclonedx-go"
 	"github.com/google/uuid"
@@ -180,20 +181,32 @@ func cdxFindComponent(b *cydx.BOM, c *configParams) *cydx.Component {
 func cdxConstructTools(b *cydx.BOM, c *configParams) *cydx.ToolsChoice {
 	choice := cydx.ToolsChoice{}
 
+	if b.SpecVersion > cydx.SpecVersion1_4 {
+		choice.Components = new([]cydx.Component)
+	} else {
+		choice.Tools = new([]cydx.Tool)
+	}
+
+	uniqTools := make(map[string]string)
+
 	for _, tool := range c.tools {
-		if b.SpecVersion > cydx.SpecVersion1_4 {
-			choice.Components = new([]cydx.Component)
-			*choice.Components = append(*choice.Components, cydx.Component{
-				Type:    cydx.ComponentTypeApplication,
-				Name:    tool.name,
-				Version: tool.value,
-			})
-		} else {
-			choice.Tools = new([]cydx.Tool)
-			*choice.Tools = append(*choice.Tools, cydx.Tool{
-				Name:    tool.name,
-				Version: tool.value,
-			})
+		key := fmt.Sprintf("%s-%s", strings.ToLower(tool.name), strings.ToLower(tool.value))
+
+		if _, ok := uniqTools[key]; !ok {
+			if b.SpecVersion > cydx.SpecVersion1_4 {
+				*choice.Components = append(*choice.Components, cydx.Component{
+					Type:    cydx.ComponentTypeApplication,
+					Name:    tool.name,
+					Version: tool.value,
+				})
+			} else {
+				*choice.Tools = append(*choice.Tools, cydx.Tool{
+					Name:    tool.name,
+					Version: tool.value,
+				})
+			}
+
+			uniqTools[key] = key
 		}
 	}
 
diff --git a/pkg/edit/config.go b/pkg/edit/config.go
@@ -20,6 +20,8 @@ import (
 	"os"
 	"regexp"
 	"strings"
+
+	"sigs.k8s.io/release-utils/version"
 )
 
 var supportedSubjects map[string]bool = map[string]bool{
@@ -243,6 +245,12 @@ func convertToConfigParams(eParams *EditParams) (*configParams, error) {
 		})
 	}
 
+	// Always add SBOMASM to the tool list
+	p.tools = append(p.tools, paramTuple{
+		name:  "sbomasm",
+		value: version.GetVersionInfo().GitVersion,
+	})
+
 	p.copyright = eParams.CopyRight
 	p.lifecycles = eParams.Lifecycles
 	p.description = eParams.Description
diff --git a/pkg/edit/spdx_edit.go b/pkg/edit/spdx_edit.go
@@ -362,14 +362,20 @@ func (d *spdxEditDoc) tools() error {
 	}
 
 	tools := []spdx.Creator{}
+	uniqTools := make(map[string]bool)
 
 	for _, tool := range d.c.tools {
 		parts := []string{tool.name, tool.value}
+		key := fmt.Sprintf("%s-%s", strings.ToLower(tool.name), strings.ToLower(tool.value))
 
-		tools = append(tools, spdx.Creator{
-			CreatorType: "Tool",
-			Creator:     strings.Join(lo.Compact(parts), "-"),
-		})
+		if _, ok := uniqTools[key]; !ok {
+			tools = append(tools, spdx.Creator{
+				CreatorType: "Tool",
+				Creator:     strings.Join(lo.Compact(parts), "-"),
+			})
+
+			uniqTools[key] = true
+		}
 	}
 
 	if d.c.onMissing() {
