Add ClearlyDefined to e2e test (#2168)

Signed-off-by: robert-cronin <robert.owen.cronin@gmail.com>
guacsec · Oct 14, 2024 · 7ee10f0 · 7ee10f0
1 parent 9cfc2b7
commit 7ee10f0
Show file tree

Hide file tree

Showing 3 changed files with 78 additions and 2 deletions.
diff --git a/demo/graphql/queries.gql b/demo/graphql/queries.gql
@@ -251,3 +251,44 @@ query PkgQ9 {
     ...allPkgTree
   }
 }
+
+fragment allSourceTree on Source {
+  id
+  type
+  namespaces {
+    id
+    namespace
+    names {
+      id
+      name
+      tag
+      commit
+    }
+  }
+}
+
+fragment allCertifyLegalTree on CertifyLegal {
+  id
+  subject {
+    __typename
+    ... on Package {
+      ...allPkgTree
+    }
+    ... on Source {
+      ...allSourceTree
+    }
+  }
+  declaredLicense
+  discoveredLicense
+  attribution
+  justification
+  timeScanned
+  origin
+  collector
+}
+
+query CertifyLegalQ1 {
+    CertifyLegal(certifyLegalSpec: {subject: {package: {name: "log4j-core"} } }) @filter(keyName: "collector", operation: CONTAINS, value: "clearlydefined") {
+        ...allCertifyLegalTree
+    }
+}
diff --git a/internal/testing/e2e/e2e b/internal/testing/e2e/e2e
@@ -97,13 +97,13 @@ wipe_data() {
   fi
 }
 
-go run ${GUAC_DIR}"/cmd/guacingest" --add-vuln-on-ingest=true &
+go run ${GUAC_DIR}"/cmd/guacingest" --add-vuln-on-ingest=true --add-license-on-ingest &
 go run ${GUAC_DIR}"/cmd/guacone" collect deps_dev -p &
 go run ${GUAC_DIR}"/cmd/guaccsub" &
 
 # Define ingestion commands
 declare -a ingestion_commands=(
-  "go run ${GUAC_DIR}/cmd/guacone collect files ${GUAC_DIR}/guac-data/docs/ --add-vuln-on-ingest=true"
+  "go run ${GUAC_DIR}/cmd/guacone collect files ${GUAC_DIR}/guac-data/docs/ --add-vuln-on-ingest=true --add-license-on-ingest"
   "go run ${GUAC_DIR}/cmd/guaccollect files ${GUAC_DIR}/guac-data/docs/ --service-poll=false"
 )
 
@@ -120,6 +120,7 @@ queryValues["OSVQ1"]='del(.. | .id?)'
 queryValues["CertifyVulnQ1"]='del(.. | .id?) | del(.. | .timeScanned?)'
 queryValues["ArtifactsQ1"]='.artifacts |= sort'
 queryValues["PkgQ9"]='.packages[].namespaces |= sort_by(.namespace) | .packages[].namespaces[].names[].versions |= sort_by(.id) | .packages[].namespaces[].names[].versions[].qualifiers |= sort_by(.key) | del(.. | .id?)'
+queryValues["CertifyLegalQ1"]='del(.. | .id?) | del(.. | .timeScanned?) | del(.. | .origin?)'
 
 # Define an indexed array to maintain the order of the queries
 queryOrder=(
@@ -134,6 +135,7 @@ queryOrder=(
   "CertifyVulnQ1"
   "ArtifactsQ1"
   "PkgQ9"
+  "CertifyLegalQ1"
 )
 
 queries="${GUAC_DIR}/demo/graphql/queries.gql"

diff --git a/internal/testing/e2e/expectCertifyLegalQ1.json b/internal/testing/e2e/expectCertifyLegalQ1.json
@@ -0,0 +1,33 @@
+{
+  "CertifyLegal": [
+    {
+      "subject": {
+        "__typename": "Package",
+        "type": "maven",
+        "namespaces": [
+          {
+            "namespace": "org.apache.logging.log4j",
+            "names": [
+              {
+                "name": "log4j-core",
+                "versions": [
+                  {
+                    "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.8.1",
+                    "version": "2.8.1",
+                    "qualifiers": [],
+                    "subpath": ""
+                  }
+                ]
+              }
+            ]
+          }
+        ]
+      },
+      "declaredLicense": "Apache-2.0",
+      "discoveredLicense": "Apache-2.0",
+      "attribution": "",
+      "justification": "Retrieved from ClearlyDefined",
+      "collector": "clearlydefined"
+    }
+  ]
+}