From 7ee10f064c0a3c8198517602e8e2322fd1289ce7 Mon Sep 17 00:00:00 2001 From: Robbie Cronin Date: Tue, 15 Oct 2024 03:20:56 +1100 Subject: [PATCH] Add ClearlyDefined to e2e test (#2168) Signed-off-by: robert-cronin --- demo/graphql/queries.gql | 41 +++++++++++++++++++ internal/testing/e2e/e2e | 6 ++- .../testing/e2e/expectCertifyLegalQ1.json | 33 +++++++++++++++ 3 files changed, 78 insertions(+), 2 deletions(-) create mode 100644 internal/testing/e2e/expectCertifyLegalQ1.json diff --git a/demo/graphql/queries.gql b/demo/graphql/queries.gql index 11cf9a7424..03b75e2a0c 100644 --- a/demo/graphql/queries.gql +++ b/demo/graphql/queries.gql @@ -251,3 +251,44 @@ query PkgQ9 { ...allPkgTree } } + +fragment allSourceTree on Source { + id + type + namespaces { + id + namespace + names { + id + name + tag + commit + } + } +} + +fragment allCertifyLegalTree on CertifyLegal { + id + subject { + __typename + ... on Package { + ...allPkgTree + } + ... on Source { + ...allSourceTree + } + } + declaredLicense + discoveredLicense + attribution + justification + timeScanned + origin + collector +} + +query CertifyLegalQ1 { + CertifyLegal(certifyLegalSpec: {subject: {package: {name: "log4j-core"} } }) @filter(keyName: "collector", operation: CONTAINS, value: "clearlydefined") { + ...allCertifyLegalTree + } +} \ No newline at end of file diff --git a/internal/testing/e2e/e2e b/internal/testing/e2e/e2e index 4c05af026e..fd4c44ce14 100755 --- a/internal/testing/e2e/e2e +++ b/internal/testing/e2e/e2e @@ -97,13 +97,13 @@ wipe_data() { fi } -go run ${GUAC_DIR}"/cmd/guacingest" --add-vuln-on-ingest=true & +go run ${GUAC_DIR}"/cmd/guacingest" --add-vuln-on-ingest=true --add-license-on-ingest & go run ${GUAC_DIR}"/cmd/guacone" collect deps_dev -p & go run ${GUAC_DIR}"/cmd/guaccsub" & # Define ingestion commands declare -a ingestion_commands=( - "go run ${GUAC_DIR}/cmd/guacone collect files ${GUAC_DIR}/guac-data/docs/ --add-vuln-on-ingest=true" + "go run ${GUAC_DIR}/cmd/guacone collect files ${GUAC_DIR}/guac-data/docs/ --add-vuln-on-ingest=true --add-license-on-ingest" "go run ${GUAC_DIR}/cmd/guaccollect files ${GUAC_DIR}/guac-data/docs/ --service-poll=false" ) @@ -120,6 +120,7 @@ queryValues["OSVQ1"]='del(.. | .id?)' queryValues["CertifyVulnQ1"]='del(.. | .id?) | del(.. | .timeScanned?)' queryValues["ArtifactsQ1"]='.artifacts |= sort' queryValues["PkgQ9"]='.packages[].namespaces |= sort_by(.namespace) | .packages[].namespaces[].names[].versions |= sort_by(.id) | .packages[].namespaces[].names[].versions[].qualifiers |= sort_by(.key) | del(.. | .id?)' +queryValues["CertifyLegalQ1"]='del(.. | .id?) | del(.. | .timeScanned?) | del(.. | .origin?)' # Define an indexed array to maintain the order of the queries queryOrder=( @@ -134,6 +135,7 @@ queryOrder=( "CertifyVulnQ1" "ArtifactsQ1" "PkgQ9" + "CertifyLegalQ1" ) queries="${GUAC_DIR}/demo/graphql/queries.gql" diff --git a/internal/testing/e2e/expectCertifyLegalQ1.json b/internal/testing/e2e/expectCertifyLegalQ1.json new file mode 100644 index 0000000000..588fe49793 --- /dev/null +++ b/internal/testing/e2e/expectCertifyLegalQ1.json @@ -0,0 +1,33 @@ +{ + "CertifyLegal": [ + { + "subject": { + "__typename": "Package", + "type": "maven", + "namespaces": [ + { + "namespace": "org.apache.logging.log4j", + "names": [ + { + "name": "log4j-core", + "versions": [ + { + "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.8.1", + "version": "2.8.1", + "qualifiers": [], + "subpath": "" + } + ] + } + ] + } + ] + }, + "declaredLicense": "Apache-2.0", + "discoveredLicense": "Apache-2.0", + "attribution": "", + "justification": "Retrieved from ClearlyDefined", + "collector": "clearlydefined" + } + ] +}