diff --git a/integration/testdata/fixtures/sbom/minikube-kbom.json b/integration/testdata/fixtures/sbom/minikube-kbom.json index c1ee53d6c9c8..a6e9bc7550aa 100644 --- a/integration/testdata/fixtures/sbom/minikube-kbom.json +++ b/integration/testdata/fixtures/sbom/minikube-kbom.json @@ -48,6 +48,22 @@ } ] }, + { + "bom-ref": "b6f66546-5a5c-4fe8-a30f-acb04013c151", + "type": "operating-system", + "name": "ubuntu", + "version": "22.04.2", + "properties": [ + { + "name": "aquasecurity:trivy:Class", + "value": "os-pkgs" + }, + { + "name": "aquasecurity:trivy:Type", + "value": "ubuntu" + } + ] + }, { "bom-ref": "a62abb1f-cb38-4fde-90f3-2bda3b87ddb2", "type": "application", @@ -325,6 +341,10 @@ "ref": "5262e708-f1a3-4fca-a1c3-0a8384f7f4a5", "dependsOn": [] }, + { + "ref": "b6f66546-5a5c-4fe8-a30f-acb04013c151", + "dependsOn": [] + }, { "ref": "a62abb1f-cb38-4fde-90f3-2bda3b87ddb2", "dependsOn": [ @@ -336,6 +356,7 @@ "ref": "a6350ac3-52f6-4c5f-a3e3-184b9a634bef", "dependsOn": [ "5262e708-f1a3-4fca-a1c3-0a8384f7f4a5", + "b6f66546-5a5c-4fe8-a30f-acb04013c151", "a62abb1f-cb38-4fde-90f3-2bda3b87ddb2" ] }, diff --git a/pkg/sbom/io/decode.go b/pkg/sbom/io/decode.go index af61f41b5a8c..fad29622e9a3 100644 --- a/pkg/sbom/io/decode.go +++ b/pkg/sbom/io/decode.go @@ -5,6 +5,7 @@ import ( "slices" "sort" "strconv" + "sync" debver "github.com/knqyf263/go-deb-version" rpmver "github.com/knqyf263/go-rpm-version" @@ -107,11 +108,16 @@ func (m *Decoder) decodeRoot(s *types.SBOM) error { } func (m *Decoder) decodeComponents(sbom *types.SBOM) error { + onceMultiOSWarn := sync.OnceFunc(func() { + log.Logger.Warn("Multiple OS components are not supported, taking the first one and ignoring the rest") + }) + for id, c := range m.bom.Components() { switch c.Type { case core.TypeOS: if m.osID != uuid.Nil { - return xerrors.New("multiple OS components are not supported") + onceMultiOSWarn() + continue } m.osID = id sbom.Metadata.OS = &ftypes.OS{