Skip to content

Commit 4a8fc15

Browse files
riteshnoronhariteshnoronha
authored
Merge pull request #114 from interlynk-io/fix/unique-tools
Fix/unique tools
2 parents 401e628 + f06a4dd commit 4a8fc15

File tree

5 files changed

+129
-38
lines changed

5 files changed

+129
-38
lines changed

pkg/edit/cdx.go

+88-1
Original file line numberDiff line numberDiff line change
@@ -178,6 +178,93 @@ func cdxFindComponent(b *cydx.BOM, c *configParams) *cydx.Component {
178178
return nil
179179
}
180180

181+
func cdxUniqTools(a *cydx.ToolsChoice, b *cydx.ToolsChoice) *cydx.ToolsChoice {
182+
choices := cydx.ToolsChoice{}
183+
184+
if a == nil && b == nil {
185+
return &choices
186+
}
187+
188+
if a == nil && b != nil {
189+
return b
190+
}
191+
192+
if a != nil && b == nil {
193+
return a
194+
}
195+
196+
if a.Tools != nil && b.Tools != nil {
197+
choices.Tools = new([]cydx.Tool)
198+
uniqTools := make(map[string]string)
199+
200+
for _, tool := range *a.Tools {
201+
key := fmt.Sprintf("%s-%s", strings.ToLower(tool.Name), strings.ToLower(tool.Version))
202+
203+
if _, ok := uniqTools[key]; !ok {
204+
*choices.Tools = append(*choices.Tools, tool)
205+
uniqTools[key] = key
206+
}
207+
}
208+
209+
for _, tool := range *b.Tools {
210+
key := fmt.Sprintf("%s-%s", strings.ToLower(tool.Name), strings.ToLower(tool.Version))
211+
212+
if _, ok := uniqTools[key]; !ok {
213+
*choices.Tools = append(*choices.Tools, tool)
214+
uniqTools[key] = key
215+
}
216+
}
217+
}
218+
219+
if a.Components != nil && b.Components != nil {
220+
choices.Components = new([]cydx.Component)
221+
uniqTools := make(map[string]string)
222+
223+
for _, tool := range *a.Components {
224+
key := fmt.Sprintf("%s-%s", strings.ToLower(tool.Name), strings.ToLower(tool.Version))
225+
226+
if _, ok := uniqTools[key]; !ok {
227+
*choices.Components = append(*choices.Components, tool)
228+
uniqTools[key] = key
229+
}
230+
}
231+
232+
for _, tool := range *b.Components {
233+
key := fmt.Sprintf("%s-%s", strings.ToLower(tool.Name), strings.ToLower(tool.Version))
234+
235+
if _, ok := uniqTools[key]; !ok {
236+
*choices.Components = append(*choices.Components, tool)
237+
uniqTools[key] = key
238+
}
239+
}
240+
}
241+
242+
if a.Services != nil && b.Services != nil {
243+
choices.Services = new([]cydx.Service)
244+
uniqTools := make(map[string]string)
245+
246+
for _, tool := range *a.Services {
247+
key := fmt.Sprintf("%s-%s", strings.ToLower(tool.Name), strings.ToLower(tool.Version))
248+
249+
if _, ok := uniqTools[key]; !ok {
250+
*choices.Services = append(*choices.Services, tool)
251+
uniqTools[key] = key
252+
}
253+
}
254+
255+
for _, tool := range *b.Services {
256+
key := fmt.Sprintf("%s-%s", strings.ToLower(tool.Name), strings.ToLower(tool.Version))
257+
258+
if _, ok := uniqTools[key]; !ok {
259+
*choices.Services = append(*choices.Services, tool)
260+
uniqTools[key] = key
261+
}
262+
}
263+
}
264+
265+
return &choices
266+
}
267+
181268
func cdxConstructTools(b *cydx.BOM, c *configParams) *cydx.ToolsChoice {
182269
choice := cydx.ToolsChoice{}
183270

@@ -226,7 +313,7 @@ func cdxConstructHashes(_ *cydx.BOM, c *configParams) *[]cydx.Hash {
226313
return &hashes
227314
}
228315

229-
func cdxConstructLicenses(b *cydx.BOM, c *configParams) cydx.Licenses {
316+
func cdxConstructLicenses(_ *cydx.BOM, c *configParams) cydx.Licenses {
230317
licenses := cydx.Licenses{}
231318

232319
for _, license := range c.licenses {

pkg/edit/cdx_edit.go

+1-12
Original file line numberDiff line numberDiff line change
@@ -285,18 +285,7 @@ func (d *cdxEditDoc) tools() error {
285285
}
286286
} else if d.c.onAppend() {
287287
if d.bom.Metadata.Tools != nil {
288-
if d.bom.SpecVersion > cydx.SpecVersion1_4 {
289-
if d.bom.Metadata.Tools.Components == nil {
290-
d.bom.Metadata.Tools.Components = &[]cydx.Component{}
291-
}
292-
293-
*d.bom.Metadata.Tools.Components = append(*d.bom.Metadata.Tools.Components, *choice.Components...)
294-
} else {
295-
if d.bom.Metadata.Tools.Tools == nil {
296-
d.bom.Metadata.Tools.Tools = &[]cydx.Tool{}
297-
}
298-
*d.bom.Metadata.Tools.Tools = append(*d.bom.Metadata.Tools.Tools, *choice.Tools...)
299-
}
288+
d.bom.Metadata.Tools = cdxUniqTools(d.bom.Metadata.Tools, choice)
300289
} else {
301290
d.bom.Metadata.Tools = choice
302291
}

pkg/edit/config.go

-8
Original file line numberDiff line numberDiff line change
@@ -20,8 +20,6 @@ import (
2020
"os"
2121
"regexp"
2222
"strings"
23-
24-
"sigs.k8s.io/release-utils/version"
2523
)
2624

2725
var supportedSubjects map[string]bool = map[string]bool{
@@ -245,12 +243,6 @@ func convertToConfigParams(eParams *EditParams) (*configParams, error) {
245243
})
246244
}
247245

248-
// Always add SBOMASM to the tool list
249-
p.tools = append(p.tools, paramTuple{
250-
name: "sbomasm",
251-
value: version.GetVersionInfo().GitVersion,
252-
})
253-
254246
p.copyright = eParams.CopyRight
255247
p.lifecycles = eParams.Lifecycles
256248
p.description = eParams.Description

pkg/edit/spdx.go

+37
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@ package edit
33
import (
44
"context"
55
"errors"
6+
"fmt"
67
"io"
78
"os"
89
"strings"
@@ -11,6 +12,7 @@ import (
1112
"github.com/interlynk-io/sbomasm/pkg/logger"
1213
"github.com/spdx/tools-golang/spdx"
1314

15+
"github.com/samber/lo"
1416
spdx_json "github.com/spdx/tools-golang/json"
1517
spdx_rdf "github.com/spdx/tools-golang/rdf"
1618
"github.com/spdx/tools-golang/spdx/common"
@@ -204,3 +206,38 @@ func spdxConstructHashes(_ *spdx.Document, c *configParams) []spdx.Checksum {
204206

205207
return hashes
206208
}
209+
210+
func spdxConstructTools(_ *spdx.Document, c *configParams) []spdx.Creator {
211+
tools := []spdx.Creator{}
212+
uniqTools := make(map[string]bool)
213+
214+
for _, tool := range c.tools {
215+
parts := []string{tool.name, tool.value}
216+
key := fmt.Sprintf("%s-%s", strings.ToLower(tool.name), strings.ToLower(tool.value))
217+
218+
if _, ok := uniqTools[key]; !ok {
219+
tools = append(tools, spdx.Creator{
220+
CreatorType: "Tool",
221+
Creator: strings.Join(lo.Compact(parts), "-"),
222+
})
223+
224+
uniqTools[key] = true
225+
}
226+
}
227+
return tools
228+
}
229+
230+
func spdxUniqueTools(a []spdx.Creator, b []spdx.Creator) []spdx.Creator {
231+
tools := a
232+
uniqTools := make(map[string]bool)
233+
234+
for _, tool := range b {
235+
key := fmt.Sprintf("%s-%s", strings.ToLower(tool.CreatorType), strings.ToLower(tool.Creator))
236+
237+
if _, ok := uniqTools[key]; !ok {
238+
tools = append(tools, tool)
239+
uniqTools[key] = true
240+
}
241+
}
242+
return tools
243+
}

pkg/edit/spdx_edit.go

+3-17
Original file line numberDiff line numberDiff line change
@@ -361,22 +361,7 @@ func (d *spdxEditDoc) tools() error {
361361
return errNotSupported
362362
}
363363

364-
tools := []spdx.Creator{}
365-
uniqTools := make(map[string]bool)
366-
367-
for _, tool := range d.c.tools {
368-
parts := []string{tool.name, tool.value}
369-
key := fmt.Sprintf("%s-%s", strings.ToLower(tool.name), strings.ToLower(tool.value))
370-
371-
if _, ok := uniqTools[key]; !ok {
372-
tools = append(tools, spdx.Creator{
373-
CreatorType: "Tool",
374-
Creator: strings.Join(lo.Compact(parts), "-"),
375-
})
376-
377-
uniqTools[key] = true
378-
}
379-
}
364+
tools := spdxConstructTools(d.bom, d.c)
380365

381366
if d.c.onMissing() {
382367
if d.bom.CreationInfo == nil {
@@ -396,7 +381,8 @@ func (d *spdxEditDoc) tools() error {
396381
} else if d.bom.CreationInfo.Creators == nil {
397382
d.bom.CreationInfo.Creators = tools
398383
} else {
399-
d.bom.CreationInfo.Creators = append(d.bom.CreationInfo.Creators, tools...)
384+
//d.bom.CreationInfo.Creators = append(d.bom.CreationInfo.Creators, tools...)
385+
d.bom.CreationInfo.Creators = spdxUniqueTools(d.bom.CreationInfo.Creators, tools)
400386
}
401387
} else {
402388
if d.bom.CreationInfo == nil {

0 commit comments

Comments
 (0)