-
Notifications
You must be signed in to change notification settings - Fork 127
Initial implementation of VcpkgDetector and VcpkgComponent #52
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Changes from all commits
Commits
Show all changes
16 commits
Select commit
Hold shift + click to select a range
0b4d540
Initial implementation of VcpkgDetector and VcpkgComponent
ras0219-msft 6a369d1
Merge branch 'main' into dev/roschuma/vcpkg
JamieMagee 394cca5
Merge branch 'main' into dev/roschuma/vcpkg
JamieMagee da1f283
Fix warnings
ras0219-msft f323923
Merge branch 'dev/roschuma/vcpkg' of https://github.com/ras0219-msft/…
ras0219-msft 0e48dbe
Initial implementation of VcpkgDetector and VcpkgComponent
ras0219-msft b770382
Fix warnings
ras0219-msft 243a8f4
Update src/Microsoft.ComponentDetection.Detectors/vcpkg/VcpkgComponen…
ras0219-msft 4788209
Merge branch 'dev/roschuma/vcpkg' of https://github.com/ras0219-msft/…
ras0219-msft dbd4ad2
Address PR comments. Add parsing for Annotations.
ras0219-msft 428d23f
Merge branch 'main' into dev/roschuma/vcpkg
grvillic 0d7a37b
Use DateTime property for annotation object
grvillic 3b988b3
Merge branch 'main' of https://github.com/microsoft/component-detecti…
ras0219-msft 40e62a5
Add tests for VcpkgComponentDetector
ras0219-msft 037d2c6
Satisfy format detector
ras0219-msft a2cc24a
Update src/Microsoft.ComponentDetection.Detectors/vcpkg/VcpkgComponen…
ras0219-msft File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -44,8 +44,11 @@ public enum ComponentType : byte | |
|
|
||
| [EnumMember] | ||
| Conda = 13, | ||
|
|
||
| [EnumMember] | ||
| Spdx = 14, | ||
|
|
||
| [EnumMember] | ||
| Vcpkg = 15, | ||
| } | ||
| } | ||
73 changes: 73 additions & 0 deletions
73
src/Microsoft.ComponentDetection.Contracts/TypedComponent/VcpkgComponent.cs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,73 @@ | ||
| using PackageUrl; | ||
|
|
||
| namespace Microsoft.ComponentDetection.Contracts.TypedComponent | ||
| { | ||
| public class VcpkgComponent : TypedComponent | ||
| { | ||
| private VcpkgComponent() | ||
| { | ||
| /* Reserved for deserialization */ | ||
| } | ||
|
|
||
| public VcpkgComponent(string spdxid, string name, string version, string triplet = null, string portVersion = null, string description = null, string downloadLocation = null) | ||
| { | ||
| SPDXID = ValidateRequiredInput(spdxid, nameof(SPDXID), nameof(ComponentType.Vcpkg)); | ||
| Name = ValidateRequiredInput(name, nameof(Name), nameof(ComponentType.Vcpkg)); | ||
| Version = version; | ||
| PortVersion = portVersion; | ||
| Triplet = triplet; | ||
| Description = description; | ||
| DownloadLocation = downloadLocation; | ||
| } | ||
|
|
||
| public string SPDXID { get; set; } | ||
|
|
||
| public string Name { get; set; } | ||
|
|
||
| public string DownloadLocation { get; set; } | ||
|
|
||
| public string Triplet { get; set; } | ||
|
|
||
| public string Version { get; set; } | ||
|
|
||
| public string Description { get; set; } | ||
|
|
||
| public string PortVersion { get; set; } | ||
|
|
||
| public override ComponentType Type => ComponentType.Vcpkg; | ||
|
|
||
| public override string Id | ||
| { | ||
| get | ||
| { | ||
| if (PortVersion != null) | ||
| { | ||
| return $"{Name} {Version}#{PortVersion} - {Type}"; | ||
| } | ||
| else | ||
| { | ||
| return $"{Name} {Version} - {Type}"; | ||
| } | ||
| } | ||
| } | ||
|
|
||
| public override PackageURL PackageUrl | ||
| { | ||
| get | ||
| { | ||
| if (PortVersion != null) | ||
| { | ||
| return new PackageURL($"pkg:vcpkg/{Name}@{Version}?port_version={PortVersion}"); | ||
| } | ||
| else if (Version != null) | ||
| { | ||
| return new PackageURL($"pkg:vcpkg/{Name}@{Version}"); | ||
| } | ||
| else | ||
| { | ||
| return new PackageURL($"pkg:vcpkg/{Name}"); | ||
| } | ||
| } | ||
| } | ||
| } | ||
| } | ||
15 changes: 15 additions & 0 deletions
15
src/Microsoft.ComponentDetection.Detectors/vcpkg/Contracts/Annotation.cs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,15 @@ | ||
| using System; | ||
|
|
||
| namespace Microsoft.ComponentDetection.Detectors.Vcpkg.Contracts | ||
| { | ||
| public class Annotation | ||
| { | ||
| public DateTime Date { get; set; } | ||
|
|
||
| public string Comment { get; set; } | ||
|
|
||
| public string Type { get; set; } | ||
|
|
||
| public string Annotator { get; set; } | ||
| } | ||
| } |
21 changes: 21 additions & 0 deletions
21
src/Microsoft.ComponentDetection.Detectors/vcpkg/Contracts/Package.cs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| namespace Microsoft.ComponentDetection.Detectors.Vcpkg.Contracts | ||
| { | ||
| public class Package | ||
| { | ||
| public string SPDXID { get; set; } | ||
|
|
||
| public string VersionInfo { get; set; } | ||
|
|
||
| public string DownloadLocation { get; set; } | ||
|
|
||
| public string Filename { get; set; } | ||
|
|
||
| public string Homepage { get; set; } | ||
|
|
||
| public string Description { get; set; } | ||
|
|
||
| public string Name { get; set; } | ||
|
|
||
| public Annotation[] Annotations { get; set; } | ||
| } | ||
| } |
12 changes: 12 additions & 0 deletions
12
src/Microsoft.ComponentDetection.Detectors/vcpkg/Contracts/VcpkgSBOM.cs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| namespace Microsoft.ComponentDetection.Detectors.Vcpkg.Contracts | ||
| { | ||
| /// <summary> | ||
| /// Matches a subset of https://raw.githubusercontent.com/spdx/spdx-spec/v2.2.1/schemas/spdx-schema.json. | ||
| /// </summary> | ||
| public class VcpkgSBOM | ||
| { | ||
| public Package[] Packages { get; set; } | ||
|
|
||
| public string Name { get; set; } | ||
| } | ||
| } |
118 changes: 118 additions & 0 deletions
118
src/Microsoft.ComponentDetection.Detectors/vcpkg/VcpkgComponentDetector.cs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,118 @@ | ||
| using System; | ||
| using System.Collections.Generic; | ||
| using System.Composition; | ||
| using System.IO; | ||
| using System.Linq; | ||
| using System.Text.RegularExpressions; | ||
| using System.Threading.Tasks; | ||
| using Microsoft.ComponentDetection.Common; | ||
| using Microsoft.ComponentDetection.Common.Telemetry.Records; | ||
| using Microsoft.ComponentDetection.Contracts; | ||
| using Microsoft.ComponentDetection.Contracts.Internal; | ||
| using Microsoft.ComponentDetection.Contracts.TypedComponent; | ||
| using Microsoft.ComponentDetection.Detectors.Vcpkg.Contracts; | ||
| using Newtonsoft.Json; | ||
|
|
||
| namespace Microsoft.ComponentDetection.Detectors.Vcpkg | ||
| { | ||
| [Export(typeof(IComponentDetector))] | ||
| public class VcpkgComponentDetector : FileComponentDetector, IDefaultOffComponentDetector | ||
| { | ||
| [Import] | ||
| public ICommandLineInvocationService CommandLineInvocationService { get; set; } | ||
|
|
||
| [Import] | ||
| public IEnvironmentVariableService EnvVarService { get; set; } | ||
|
|
||
| public override string Id { get; } = "Vcpkg"; | ||
|
|
||
| public override IEnumerable<string> Categories => new[] { Enum.GetName(typeof(DetectorClass), DetectorClass.Vcpkg) }; | ||
|
|
||
| public override IList<string> SearchPatterns { get; } = new List<string> { "vcpkg.spdx.json" }; | ||
|
|
||
| public override IEnumerable<ComponentType> SupportedComponentTypes { get; } = new[] { ComponentType.Vcpkg }; | ||
|
|
||
| public override int Version => 1; | ||
|
|
||
| private HashSet<string> projectRoots = new HashSet<string>(); | ||
|
|
||
| protected override async Task OnFileFound(ProcessRequest processRequest, IDictionary<string, string> detectorArgs) | ||
| { | ||
| var singleFileComponentRecorder = processRequest.SingleFileComponentRecorder; | ||
| var file = processRequest.ComponentStream; | ||
|
|
||
| Logger.LogWarning($"vcpkg detector found {file}"); | ||
|
|
||
| var projectRootDirectory = Directory.GetParent(file.Location); | ||
| if (projectRoots.Any(path => projectRootDirectory.FullName.StartsWith(path))) | ||
| { | ||
| return; | ||
| } | ||
|
|
||
| await ParseSpdxFile(singleFileComponentRecorder, file); | ||
| } | ||
|
|
||
| private async Task ParseSpdxFile( | ||
| ISingleFileComponentRecorder singleFileComponentRecorder, | ||
| IComponentStream file) | ||
| { | ||
| using var reader = new StreamReader(file.Stream); | ||
| VcpkgSBOM sbom; | ||
| try | ||
| { | ||
| sbom = JsonConvert.DeserializeObject<VcpkgSBOM>(await reader.ReadToEndAsync()); | ||
| } | ||
| catch (Exception) | ||
| { | ||
| return; | ||
| } | ||
|
|
||
| if (sbom?.Packages == null) | ||
| { | ||
| return; | ||
| } | ||
|
|
||
| foreach (var item in sbom.Packages) | ||
| { | ||
| try | ||
| { | ||
| if (string.IsNullOrEmpty(item.Name)) | ||
| { | ||
| continue; | ||
| } | ||
|
|
||
| Logger.LogWarning($"parsed package {item.Name}"); | ||
| if (item.SPDXID == "SPDXRef-port") | ||
|
grvillic marked this conversation as resolved.
|
||
| { | ||
| var split = item.VersionInfo.Split('#'); | ||
| var component = new VcpkgComponent(item.SPDXID, item.Name, split[0], portVersion: split.Length >= 2 ? split[1] : "0", downloadLocation: item.DownloadLocation); | ||
| singleFileComponentRecorder.RegisterUsage(new DetectedComponent(component)); | ||
| } | ||
| else if (item.SPDXID == "SPDXRef-binary") | ||
| { | ||
| var split = item.Name.Split(':'); | ||
| var component = new VcpkgComponent(item.SPDXID, item.Name, item.VersionInfo, triplet: split[1], downloadLocation: item.DownloadLocation); | ||
| singleFileComponentRecorder.RegisterUsage(new DetectedComponent(component)); | ||
| } | ||
| else if (item.SPDXID.StartsWith("SPDXRef-resource-")) | ||
| { | ||
| var dl = item.DownloadLocation; | ||
| var split = dl.Split("#"); | ||
| var subpath = split.Length > 1 ? split[1] : null; | ||
| dl = split.Length > 1 ? split[0] : dl; | ||
| split = dl.Split("@"); | ||
| var version = split.Length > 1 ? split[1] : null; | ||
| dl = split.Length > 1 ? split[0] : dl; | ||
|
|
||
| var component = new VcpkgComponent(item.SPDXID, item.Name, version, downloadLocation: dl); | ||
| singleFileComponentRecorder.RegisterUsage(new DetectedComponent(component)); | ||
| } | ||
| } | ||
| catch (Exception) | ||
| { | ||
| Logger.LogWarning($"failed while handling {item.Name}"); | ||
| } | ||
| } | ||
| } | ||
| } | ||
| } | ||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we add tests for this new detector? See other detector test samples in Microsoft.ComponentDetection.Detectors.Tests.