Skip to content

Commit

Permalink
Merge release/0.13.5 into main (#833)
Browse files Browse the repository at this point in the history 
* Specify windows-2019 since windows-2022 is the default runner now (#816)

Signed-off-by: Natalie Arellano <narellano@vmware.com>

* Bump containerd to v1.5.10 (#822)

- Removes CVEs (CVE-2022-23648 & CVE-2021-43816) reported in containerd 1.5.8 & 1.5.9

Signed-off-by: matthewmcnew <mmcnew@pivotal.io>

* When restoring sbom files, silently ignore if the bp layers directory does not exist (#832)

This can happen when there are sbom files for launch but the cache is empty

Signed-off-by: Natalie Arellano <narellano@vmware.com>

Co-authored-by: Matthew McNew <mmcnew@pivotal.io>
  • Loading branch information
@natalieparellano @matthewmcnew
natalieparellano and matthewmcnew authored Mar 21, 2022
1 parent 828906b commit a820b84
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 2 deletions.
10 changes: 8 additions & 2 deletions internal/layer/sbom_restorer.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -125,14 +125,20 @@ func (r *DefaultSBOMRestorer) restoreSBOMFunc(detectedBps []buildpack.GroupBuild
bpID = matches[1]
layerName = matches[2]
fileName = matches[3]
dest = filepath.Join(r.layersDir, bpID, fmt.Sprintf("%s.%s", layerName, fileName))
destDir = filepath.Join(r.layersDir, bpID)
)

// don't try to restore sbom files when the bp layers directory doesn't exist
// this can happen when there are sbom files for launch but the cache is empty
if _, err := os.Stat(destDir); os.IsNotExist(err) {
return nil
}

if !r.contains(detectedBps, bpID) {
return nil
}

return io2.Copy(path, dest)
return io2.Copy(path, filepath.Join(destDir, fmt.Sprintf("%s.%s", layerName, fileName)))
}
}

Expand Down
11 changes: 11 additions & 0 deletions internal/layer/sbom_restorer_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -234,5 +234,16 @@ func testSBOMRestorer(t *testing.T, when spec.G, it spec.S) {
h.AssertNil(t, sbomRestorer.RestoreToBuildpackLayers(detectedBps))
h.AssertPathDoesNotExist(t, filepath.Join(layersDir, "buildpack.id", "launch.sbom.cdx.json"))
})

when("the bp layers directory doesn't exist", func() {
it.Before(func() {
os.RemoveAll(filepath.Join(layersDir, "buildpack.id"))
os.RemoveAll(filepath.Join(layersDir, "escaped_buildpack_id"))
})

it("does not error", func() {
h.AssertNil(t, sbomRestorer.RestoreToBuildpackLayers(detectedBps))
})
})
})
}

0 comments on commit a820b84

Please sign in to comment.