Error when previous bom is specified on buildpack API 0.7 (#764)

* Error when previous bom is specified on buildpack API 0.7 instead of warning Signed-off-by: Anthony Emengo <aemengo@vmware.com> * Warn when new sbom is specified on buildpack API <0.7 Signed-off-by: Anthony Emengo <aemengo@vmware.com>
buildpacks · Nov 17, 2021 · 880a801 · 880a801
1 parent 196f637
commit 880a801
Show file tree

Hide file tree

Showing 4 changed files with 28 additions and 29 deletions.
diff --git a/buildpack/bom.go b/buildpack/bom.go
@@ -35,7 +35,7 @@ func (v *defaultBOMValidator) ValidateBOM(bp GroupBuildpack, bom []BOMEntry) ([]
 
 func (v *defaultBOMValidator) validateBOM(bom []BOMEntry) error {
 	if len(bom) > 0 {
-		v.logger.Warn("BOM table isn't supported in this buildpack api version. The BOM should be written to <layer>.sbom.<ext>, launch.sbom.<ext>, or build.sbom.<ext>.")
+		return errors.New("bom table isn't supported in this buildpack api version. The BOM should be written to <layer>.sbom.<ext>, launch.sbom.<ext>, or build.sbom.<ext>")
 	}
 	return nil
 }

diff --git a/buildpack/bomfile.go b/buildpack/bomfile.go
@@ -6,6 +6,7 @@ import (
 
 	"github.com/pkg/errors"
 
+	"github.com/buildpacks/lifecycle/api"
 	"github.com/buildpacks/lifecycle/buildpack/layertypes"
 )
 
@@ -90,7 +91,7 @@ func validateMediaTypes(bp GroupBuildpack, bomfiles []BOMFile, sbomMediaTypes []
 	return nil
 }
 
-func processBOMFiles(layersDir string, bp GroupBuildpack, pathToLayerMetadataFile map[string]layertypes.LayerMetadataFile, sbomMediaTypes []string) ([]BOMFile, error) {
+func (b *Descriptor) processBOMFiles(layersDir string, bp GroupBuildpack, pathToLayerMetadataFile map[string]layertypes.LayerMetadataFile, logger Logger) ([]BOMFile, error) {
 	var (
 		layerGlob = filepath.Join(layersDir, "*.sbom.*.json")
 		files     []BOMFile
@@ -101,6 +102,14 @@ func processBOMFiles(layersDir string, bp GroupBuildpack, pathToLayerMetadataFil
 		return nil, err
 	}
 
+	if api.MustParse(b.API).LessThan("0.7") {
+		if len(matches) != 0 {
+			logger.Warnf("the following SBoM files will be ignored for buildpack api version < 0.7 [%s]", strings.Join(matches, ", "))
+		}
+
+		return nil, nil
+	}
+
 	for _, m := range matches {
 		layerDir, file := filepath.Split(m)
 		layerName := strings.SplitN(file, ".", 2)[0]
@@ -156,5 +165,5 @@ func processBOMFiles(layersDir string, bp GroupBuildpack, pathToLayerMetadataFil
 		}
 	}
 
-	return files, validateMediaTypes(bp, files, sbomMediaTypes)
+	return files, validateMediaTypes(bp, files, b.Buildpack.SBOM)
 }
diff --git a/buildpack/build.go b/buildpack/build.go
@@ -267,6 +267,12 @@ func (b *Descriptor) readOutputFiles(bpLayersDir, bpPlanPath string, bpPlanIn Pl
 		}
 		br.MetRequires = names(bpPlanOut.Entries)
 
+		// set BOM files
+		br.BOMFiles, err = b.processBOMFiles(bpLayersDir, bpFromBpInfo, pathToLayerMetadataFile, logger)
+		if err != nil {
+			return BuildResult{}, err
+		}
+
 		// read launch.toml, return if not exists
 		if _, err := toml.DecodeFile(launchPath, &launchTOML); os.IsNotExist(err) {
 			return br, nil
@@ -291,11 +297,9 @@ func (b *Descriptor) readOutputFiles(bpLayersDir, bpPlanPath string, bpPlanIn Pl
 		br.MetRequires = names(bpPlanIn.filter(bpBuild.Unmet).Entries)
 
 		// set BOM files
-		if api.MustParse(b.API).AtLeast("0.7") {
-			br.BOMFiles, err = processBOMFiles(bpLayersDir, bpFromBpInfo, pathToLayerMetadataFile, b.Buildpack.SBOM)
-			if err != nil {
-				return BuildResult{}, err
-			}
+		br.BOMFiles, err = b.processBOMFiles(bpLayersDir, bpFromBpInfo, pathToLayerMetadataFile, logger)
+		if err != nil {
+			return BuildResult{}, err
 		}
 
 		// read launch.toml, return if not exists

diff --git a/buildpack/build_test.go b/buildpack/build_test.go
@@ -206,7 +206,7 @@ func testBuild(t *testing.T, when spec.G, it spec.S) {
 				})
 
 				when("there is a bom in launch.toml", func() {
-					it("should warn", func() {
+					it("should return error", func() {
 						h.Mkfile(t,
 							"[[bom]]\n"+
 								`name = "some-dep"`+"\n"+
@@ -215,20 +215,8 @@ func testBuild(t *testing.T, when spec.G, it spec.S) {
 							filepath.Join(appDir, "launch-A-v1.toml"),
 						)
 
-						br, err := bpTOML.Build(buildpack.Plan{}, config, mockEnv)
-						if err != nil {
-							t.Fatalf("Unexpected error:\n%s\n", err)
-						}
-
-						if s := cmp.Diff(br, buildpack.BuildResult{
-							BOM:       []buildpack.BOMEntry{},
-							Labels:    []buildpack.Label{},
-							Processes: []launch.Process{},
-							Slices:    []layers.Slice{},
-						}); s != "" {
-							t.Fatalf("Unexpected:\n%s\n", s)
-						}
-						assertLogEntry(t, logHandler, "BOM table isn't supported in this buildpack api version. The BOM should be written to <layer>.sbom.<ext>, launch.sbom.<ext>, or build.sbom.<ext>.")
+						_, err := bpTOML.Build(buildpack.Plan{}, config, mockEnv)
+						h.AssertError(t, err, "bom table isn't supported in this buildpack api version. The BOM should be written to <layer>.sbom.<ext>, launch.sbom.<ext>, or build.sbom.<ext>")
 					})
 				})
 
@@ -250,9 +238,7 @@ func testBuild(t *testing.T, when spec.G, it spec.S) {
 						filepath.Join(layersDir, buildpackID, fmt.Sprintf("%s.toml", layerName)))
 
 					br, err := bpTOML.Build(buildpack.Plan{}, config, mockEnv)
-					if err != nil {
-						t.Fatalf("Unexpected error:\n%s\n", err)
-					}
+					h.AssertNil(t, err)
 
 					h.AssertEq(t, buildpack.BuildResult{
 						BOMFiles: []buildpack.BOMFile{
@@ -332,11 +318,11 @@ func testBuild(t *testing.T, when spec.G, it spec.S) {
 						filepath.Join(layersDir, buildpackID, fmt.Sprintf("%s.toml", layerName)))
 
 					br, err := bpTOML.Build(buildpack.Plan{}, config, mockEnv)
-					if err != nil {
-						t.Fatalf("Unexpected error:\n%s\n", err)
-					}
+					h.AssertNil(t, err)
 
 					h.AssertEq(t, len(br.BOMFiles), 0)
+					expected := "the following SBoM files will be ignored for buildpack api version < 0.7"
+					assertLogEntry(t, logHandler, expected)
 				})
 
 				it("should include labels", func() {