Ent - IngestHasSBOMs implementation with tests (#1265)

Signed-off-by: mrizzi <mrizzi@redhat.com>
guacsec · Sep 13, 2023 · b28dce1 · b28dce1
1 parent 88dfb7e
commit b28dce1
Show file tree

Hide file tree

Showing 2 changed files with 243 additions and 0 deletions.
diff --git a/pkg/assembler/backends/ent/backend/sbom.go b/pkg/assembler/backends/ent/backend/sbom.go
@@ -25,6 +25,7 @@ import (
 	"github.com/guacsec/guac/pkg/assembler/backends/ent/predicate"
 	"github.com/guacsec/guac/pkg/assembler/graphql/model"
 	"github.com/pkg/errors"
+	"github.com/vektah/gqlparser/v2/gqlerror"
 )
 
 func (b *EntBackend) HasSBOM(ctx context.Context, spec *model.HasSBOMSpec) ([]*model.HasSbom, error) {
@@ -152,3 +153,21 @@ func (b *EntBackend) IngestHasSbom(ctx context.Context, subject model.PackageOrA
 	}
 	return toModelHasSBOM(sbom), nil
 }
+
+func (b *EntBackend) IngestHasSBOMs(ctx context.Context, subjects model.PackageOrArtifactInputs, hasSBOMs []*model.HasSBOMInputSpec) ([]*model.HasSbom, error) {
+	var modelHasSboms []*model.HasSbom
+	for i, hasSbom := range hasSBOMs {
+		var subject model.PackageOrArtifactInput
+		if len(subjects.Artifacts) > 0 {
+			subject = model.PackageOrArtifactInput{Artifact: subjects.Artifacts[i]}
+		} else {
+			subject = model.PackageOrArtifactInput{Package: subjects.Packages[i]}
+		}
+		modelHasSbom, err := b.IngestHasSbom(ctx, subject, *hasSbom)
+		if err != nil {
+			return nil, gqlerror.Errorf("IngestHasSBOMs failed with err: %v", err)
+		}
+		modelHasSboms = append(modelHasSboms, modelHasSbom)
+	}
+	return modelHasSboms, nil
+}
diff --git a/pkg/assembler/backends/ent/backend/sbom_test.go b/pkg/assembler/backends/ent/backend/sbom_test.go
@@ -516,3 +516,227 @@ func (s *Suite) Test_HasSBOM() {
 		})
 	}
 }
+
+func (s *Suite) TestIngestHasSBOMs() {
+	type call struct {
+		Sub model.PackageOrArtifactInputs
+		HS  []*model.HasSBOMInputSpec
+	}
+	tests := []struct {
+		Name         string
+		InPkg        []*model.PkgInputSpec
+		InArt        []*model.ArtifactInputSpec
+		Calls        []call
+		Query        *model.HasSBOMSpec
+		ExpHS        []*model.HasSbom
+		ExpIngestErr bool
+		ExpQueryErr  bool
+	}{
+		{
+			Name:  "HappyPath",
+			InPkg: []*model.PkgInputSpec{p1},
+			Calls: []call{
+				{
+					Sub: model.PackageOrArtifactInputs{
+						Packages: []*model.PkgInputSpec{p1},
+					},
+					HS: []*model.HasSBOMInputSpec{
+						{
+							URI: "test uri",
+						},
+					},
+				},
+			},
+			Query: &model.HasSBOMSpec{
+				URI: ptrfrom.String("test uri"),
+			},
+			ExpHS: []*model.HasSbom{
+				{
+					Subject: p1out,
+					URI:     "test uri",
+				},
+			},
+		},
+		{
+			Name:  "Ingest same twice",
+			InPkg: []*model.PkgInputSpec{p1},
+			Calls: []call{
+				{
+					Sub: model.PackageOrArtifactInputs{
+						Packages: []*model.PkgInputSpec{p1, p1},
+					},
+					HS: []*model.HasSBOMInputSpec{
+						{
+							URI: "test uri",
+						},
+						{
+							URI: "test uri",
+						},
+					},
+				},
+			},
+			Query: &model.HasSBOMSpec{
+				URI: ptrfrom.String("test uri"),
+			},
+			ExpHS: []*model.HasSbom{
+				{
+					Subject: p1out,
+					URI:     "test uri",
+				},
+			},
+		},
+		{
+			Name:  "Query on URI",
+			InPkg: []*model.PkgInputSpec{p1},
+			Calls: []call{
+				{
+					Sub: model.PackageOrArtifactInputs{
+						Packages: []*model.PkgInputSpec{p1, p1},
+					},
+					HS: []*model.HasSBOMInputSpec{
+						{
+							URI: "test uri one",
+						},
+						{
+							URI: "test uri two",
+						},
+					},
+				},
+			},
+			Query: &model.HasSBOMSpec{
+				URI: ptrfrom.String("test uri one"),
+			},
+			ExpHS: []*model.HasSbom{
+				{
+					Subject: p1out,
+					URI:     "test uri one",
+				},
+			},
+		},
+		{
+			Name:  "Query on Package",
+			InPkg: []*model.PkgInputSpec{p1, p2},
+			InArt: []*model.ArtifactInputSpec{a1},
+			Calls: []call{
+				{
+					Sub: model.PackageOrArtifactInputs{
+						Packages: []*model.PkgInputSpec{p1, p2},
+					},
+					HS: []*model.HasSBOMInputSpec{
+						{
+							URI: "test uri",
+						},
+						{
+							URI: "test uri",
+						},
+					},
+				},
+				{
+					Sub: model.PackageOrArtifactInputs{
+						Artifacts: []*model.ArtifactInputSpec{a1},
+					},
+					HS: []*model.HasSBOMInputSpec{
+						{
+							URI: "test uri",
+						},
+					},
+				},
+			},
+			Query: &model.HasSBOMSpec{
+				Subject: &model.PackageOrArtifactSpec{
+					Package: &model.PkgSpec{
+						Version: ptrfrom.String("2.11.1"),
+					},
+				},
+			},
+			ExpHS: []*model.HasSbom{
+				{
+					Subject: p2out,
+					URI:     "test uri",
+				},
+			},
+		},
+		{
+			Name:  "Query on Artifact",
+			InPkg: []*model.PkgInputSpec{p1},
+			InArt: []*model.ArtifactInputSpec{a1, a2},
+			Calls: []call{
+				{
+					Sub: model.PackageOrArtifactInputs{
+						Packages: []*model.PkgInputSpec{p1},
+					},
+					HS: []*model.HasSBOMInputSpec{
+						{
+							URI: "test uri",
+						},
+					},
+				},
+				{
+					Sub: model.PackageOrArtifactInputs{
+						Artifacts: []*model.ArtifactInputSpec{a1, a2},
+					},
+					HS: []*model.HasSBOMInputSpec{
+						{
+							URI: "test uri",
+						},
+						{
+							URI: "test uri",
+						},
+					},
+				},
+			},
+			Query: &model.HasSBOMSpec{
+				Subject: &model.PackageOrArtifactSpec{
+					Artifact: &model.ArtifactSpec{
+						Algorithm: ptrfrom.String("sha1"),
+					},
+				},
+			},
+			ExpHS: []*model.HasSbom{
+				{
+					Subject: a2out,
+					URI:     "test uri",
+				},
+			},
+		},
+	}
+	ctx := s.Ctx
+	for _, test := range tests {
+		s.Run(test.Name, func() {
+			t := s.T()
+			b, err := GetBackend(s.Client)
+			if err != nil {
+				s.T().Fatalf("Could not instantiate testing backend: %v", err)
+			}
+			for _, p := range test.InPkg {
+				if _, err := b.IngestPackage(ctx, *p); err != nil {
+					t.Fatalf("Could not ingest package: %v", err)
+				}
+			}
+			for _, a := range test.InArt {
+				if _, err := b.IngestArtifact(ctx, a); err != nil {
+					t.Fatalf("Could not ingest artifact: %v", err)
+				}
+			}
+			for _, o := range test.Calls {
+				_, err := b.IngestHasSBOMs(ctx, o.Sub, o.HS)
+				if (err != nil) != test.ExpIngestErr {
+					t.Fatalf("did not get expected ingest error, want: %v, got: %v", test.ExpIngestErr, err)
+				}
+				if err != nil {
+					return
+				}
+			}
+			got, err := b.HasSBOM(ctx, test.Query)
+			if (err != nil) != test.ExpQueryErr {
+				t.Fatalf("did not get expected query error, want: %v, got: %v", test.ExpQueryErr, err)
+			}
+			if err != nil {
+				return
+			}
+			if diff := cmp.Diff(test.ExpHS, got, ignoreID); diff != "" {
+				t.Errorf("Unexpected results. (-want +got):\n%s", diff)
+			}
+		})
+	}
+}