Skip to content

Commit

Permalink
Add test for resolver and fix implementation
Browse files Browse the repository at this point in the history
  • Loading branch information
marcofranssen committed Mar 23, 2022
1 parent 78c478f commit 1fb2510
Show file tree
Hide file tree
Showing 2 changed files with 55 additions and 1 deletion.
18 changes: 17 additions & 1 deletion pkg/attestation/resolvers/txt/resolver.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ package txt
import (
"bufio"
"io"
"strings"

"github.com/package-url/packageurl-go"

Expand All @@ -26,9 +27,24 @@ func (r *Resolver) Resolve(rc io.Reader) ([]attestation.Attestation, error) {
}
atts = append(atts, attestation.Attestation{
PURL: purl,
Type: attestation.SBOM,
Type: getType(purl),
})
}

return atts, nil
}

func getType(p packageurl.PackageURL) attestation.Type {
if attType, ok := p.Qualifiers.Map()["attestation_type"]; ok {
switch strings.ToLower(attType) {
case "provenance":
return attestation.Provenance
case "sbom":
return attestation.SBOM
default:
return attestation.Unknown
}
}

return attestation.Unknown
}
38 changes: 38 additions & 0 deletions pkg/attestation/resolvers/txt/resolver_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
package txt_test

import (
"strings"
"testing"

"github.com/stretchr/testify/assert"

"github.com/philips-labs/fatt/pkg/attestation/resolvers/txt"
)

func TestResolve(t *testing.T) {
assert := assert.New(t)

purlsFile := `pkg:docker/philips-labs/fatt@sha256:6cc65b2c82c2baa3391890abb8ab741efbcbc87baff3b06d5797afacb314ddd9?repository_url=ghcr.io&attestation_type=sbom
pkg:docker/philips-labs/fatt@sha256:6cc65b2c82c2baa3391890abb8ab741efbcbc87baff3b06d5797afacb314ddd9?repository_url=ghcr.io&attestation_type=provenance
pkg:docker/philips-labs/fatt@sha256:6cc65b2c82c2baa3391890abb8ab741efbcbc87baff3b06d5797afacb314ddd9?repository_url=ghcr.io
pkg:nuget/philips-labs/fatt@sha256:6cc65b2c82c2baa3391890abb8ab741efbcbc87baff3b06d5797afacb314ddd9?repository_url=nuget.org&attestation_type=provenance
pkg:nuget/philips-labs/fatt@sha256:823413cc65b2c82c2baa3391890abb8ab741e87baff3b06d5797afacb314ddd9?repository_url=nuget.org&attestation_type=sbom`

r := &txt.Resolver{}
atts, err := r.Resolve(strings.NewReader(purlsFile))
assert.NoError(err)
assert.Len(atts, 5)

assert.Equal("SBOM", atts[0].Type.String())
assert.Equal("Provenance", atts[1].Type.String())
assert.Equal("Unknown", atts[2].Type.String())
assert.Equal("Provenance", atts[3].Type.String())
assert.Equal("SBOM", atts[4].Type.String())

purlsFile = `pkg:docker/philips-labs/fatt@sha256:6cc65b2c82c2baa3391890abb8ab741efbcbc87baff3b06d5797afacb314ddd9?repository_url=ghcr.io&attestation_type=sbom
ghcr.io/philips-labs/fatt@sha256:6cc65b2c82c2baa3391890abb8ab741efbcbc87baff3b06d5797afacb314ddd9`
atts, err = r.Resolve(strings.NewReader(purlsFile))
assert.Error(err)
assert.EqualError(err, "scheme is missing")
assert.Len(atts, 0)
}

0 comments on commit 1fb2510

Please sign in to comment.