mirror of
https://github.com/anchore/syft
synced 2024-11-15 00:27:07 +00:00
bb0f35bac4
* [wip] single sbom doc Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * fix tests Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * fix more tests Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * fix linting Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * update cli tests Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * remove scope in import path Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * swap SPDX tag-value formatter to single sbom document Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * bust CLI cache Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * update fixture to byte diff Signed-off-by: Christopher Angelo Phillips <christopher.phillips@anchore.com> * byte for byte Signed-off-by: Christopher Angelo Phillips <christopher.phillips@anchore.com> * bust the cache Signed-off-by: Christopher Angelo Phillips <christopher.phillips@anchore.com> * who needs cache Signed-off-by: Christopher Angelo Phillips <christopher.phillips@anchore.com> * add jar for testing Signed-off-by: Christopher Angelo Phillips <christopher.phillips@anchore.com> * no more bit flips Signed-off-by: Christopher Angelo Phillips <christopher.phillips@anchore.com> * update apk with the delta for image and directory cases Signed-off-by: Christopher Angelo Phillips <christopher.phillips@anchore.com> * restore cache workflow Signed-off-by: Christopher Angelo Phillips <christopher.phillips@anchore.com> Co-authored-by: Christopher Angelo Phillips <christopher.phillips@anchore.com>
58 lines
1.3 KiB
Go
58 lines
1.3 KiB
Go
package integration
|
|
|
|
import (
|
|
"bytes"
|
|
"encoding/json"
|
|
"testing"
|
|
|
|
"github.com/anchore/syft/internal/formats/syftjson"
|
|
syftjsonModel "github.com/anchore/syft/internal/formats/syftjson/model"
|
|
"github.com/anchore/syft/syft/sbom"
|
|
)
|
|
|
|
func TestPackageOwnershipRelationships(t *testing.T) {
|
|
|
|
// ensure that the json presenter is applying artifact ownership with an image that has expected ownership relationships
|
|
tests := []struct {
|
|
fixture string
|
|
}{
|
|
{
|
|
fixture: "image-owning-package",
|
|
},
|
|
}
|
|
|
|
for _, test := range tests {
|
|
t.Run(test.fixture, func(t *testing.T) {
|
|
catalog, d, src := catalogFixtureImage(t, test.fixture)
|
|
|
|
p := syftjson.Format().Presenter(sbom.SBOM{
|
|
Artifacts: sbom.Artifacts{
|
|
PackageCatalog: catalog,
|
|
Distro: d,
|
|
},
|
|
Source: src.Metadata,
|
|
})
|
|
if p == nil {
|
|
t.Fatal("unable to get presenter")
|
|
}
|
|
|
|
output := bytes.NewBufferString("")
|
|
err := p.Present(output)
|
|
if err != nil {
|
|
t.Fatalf("unable to present: %+v", err)
|
|
}
|
|
|
|
var doc syftjsonModel.Document
|
|
decoder := json.NewDecoder(output)
|
|
if err := decoder.Decode(&doc); err != nil {
|
|
t.Fatalf("unable to decode json doc: %+v", err)
|
|
}
|
|
|
|
if len(doc.ArtifactRelationships) == 0 {
|
|
t.Errorf("expected to find relationships between packages but found none")
|
|
}
|
|
|
|
})
|
|
}
|
|
|
|
}
|