Added docker reference type component. Added check in the converter t…

…o filter out null values. (#98) * Added docker reference type component. Added check in the converter to filter out null values * Removed ws * Added copyright headers * Removed ws
microsoft · Aug 9, 2022 · 0524c0c · 0524c0c
1 parent b77c955
commit 0524c0c
Show file tree

Hide file tree

Showing 6 changed files with 62 additions and 3 deletions.
diff --git a/...Microsoft.Sbom.Adapters/Adapters/ComponentDetection/DockerReferenceComponentExtensions.cs b/...Microsoft.Sbom.Adapters/Adapters/ComponentDetection/DockerReferenceComponentExtensions.cs
@@ -0,0 +1,36 @@
+// Copyright (c) Microsoft. All rights reserved.
+// Licensed under the MIT license. See LICENSE file in the project root for full license information.
+
+using Microsoft.ComponentDetection.Contracts.TypedComponent;
+using Microsoft.Sbom.Contracts;
+using Microsoft.Sbom.Contracts.Enums;
+using System.Collections.Generic;
+
+namespace Microsoft.Sbom.Adapters.ComponentDetection
+{
+    /// <summary>
+    /// Extensions methods for <see cref="DockerReferenceComponent"/>.
+    /// </summary>
+    internal static class DockerReferenceComponentExtensions
+    {
+        /// <summary>
+        /// Converts a <see cref="DockerReferenceComponent"/> to an <see cref="SBOMPackage"/>.
+        /// </summary>
+        public static SBOMPackage? ToSbomPackage(this DockerReferenceComponent dockerReferenceComponent) => new SBOMPackage
+        {
+            Id = dockerReferenceComponent.Id,
+            PackageUrl = dockerReferenceComponent.PackageUrl?.ToString(),
+            PackageName = dockerReferenceComponent.Name,
+            Checksum = new List<Checksum>()
+                {
+                    new Checksum()
+                    {
+                        Algorithm = AlgorithmName.SHA256,
+                        ChecksumValue = dockerReferenceComponent.Digest
+                    },
+                },
+            FilesAnalyzed = false,
+            Type = "docker-reference"
+        };
+    }
+}
diff --git a/src/Microsoft.Sbom.Adapters/Adapters/ComponentDetection/ScannedComponentExtensions.cs b/src/Microsoft.Sbom.Adapters/Adapters/ComponentDetection/ScannedComponentExtensions.cs
@@ -35,6 +35,7 @@ public static class ScannedComponentExtensions
                 PipComponent pipComponent => pipComponent.ToSbomPackage(),
                 PodComponent podComponent => podComponent.ToSbomPackage(),
                 RubyGemsComponent rubyGemsComponent => rubyGemsComponent.ToSbomPackage(),
+                DockerReferenceComponent dockerReferenceComponent => dockerReferenceComponent.ToSbomPackage(),
                 null => Error(report => report.LogNullComponent(nameof(ToSbomPackage))),
                 _ => Error(report => report.LogNoConversionFound(component.Component.GetType(), component.Component))
             };

diff --git a/src/Microsoft.Sbom.Api/Executors/ComponentToPackageInfoConverter.cs b/src/Microsoft.Sbom.Api/Executors/ComponentToPackageInfoConverter.cs
@@ -52,7 +52,16 @@ async Task ConvertComponentToPackage(ScannedComponent scannedComponent, Channel<
                     try
                     {
                         var sbom = scannedComponent.ToSbomPackage(report);
-                        await output.Writer.WriteAsync(sbom);
+
+                        if (sbom == null)
+                        {
+                            log.Debug($"Unable to serialize component '{scannedComponent.Component.Id}' of type '{scannedComponent.DetectorId}'. " +
+                                $"This component won't be included in the generated SBOM.");
+                        }
+                        else
+                        {
+                            await output.Writer.WriteAsync(sbom);
+                        }
                     }
                     catch (Exception e)
                     {

diff --git a/src/Microsoft.Sbom.Common/Config/IConfiguration.cs b/src/Microsoft.Sbom.Common/Config/IConfiguration.cs
@@ -170,7 +170,6 @@ public interface IConfiguration
             Justification = "Code element in comment.")]
         ConfigurationSetting<string> GenerationTimestamp { get; set; }
 
-
         /// <summary>
         /// If set to false, we will not follow symlinks while traversing the build drop folder. Default is set to 'true'.
         /// </summary>

diff --git a/src/Microsoft.Sbom.Common/Microsoft.Sbom.Common.csproj b/src/Microsoft.Sbom.Common/Microsoft.Sbom.Common.csproj
@@ -17,5 +17,4 @@
     <ProjectReference Include="..\Microsoft.Sbom.Extensions\Microsoft.Sbom.Extensions.csproj" />
   </ItemGroup>
 
-
 </Project>
diff --git a/test/Microsoft.Sbom.Adapters.Tests/ComponentDetectionToSBOMPackageAdapterTests.cs b/test/Microsoft.Sbom.Adapters.Tests/ComponentDetectionToSBOMPackageAdapterTests.cs
@@ -219,6 +219,21 @@ public void NuGetComponent_ToSbomPackage_NoAuthor()
             Assert.IsNull(sbomPackage.Supplier);
         }
 
+        [TestMethod]
+        public void DockerReferenceComponent_ToSbomPackage()
+        {
+            var dockerRefComponent = new DockerReferenceComponent("hash", "name", "tag") { Digest = "digest" };
+            var scannedComponent = new ScannedComponent { Component = dockerRefComponent };
+
+            var sbomPackage = scannedComponent.ToSbomPackage(new AdapterReport());
+
+            Assert.AreEqual(dockerRefComponent.Id, sbomPackage.Id);
+            Assert.AreEqual(dockerRefComponent.Name, sbomPackage.PackageName);
+            Assert.AreEqual(dockerRefComponent.PackageUrl?.ToString(), sbomPackage.PackageUrl);
+            Assert.AreEqual(AlgorithmName.SHA256, sbomPackage.Checksum.First().Algorithm);
+            Assert.AreEqual(dockerRefComponent.Digest, sbomPackage.Checksum.First().ChecksumValue);
+        }
+
         private (AdapterReport report, List<SBOMPackage> packages) GenerateJsonFileForTestAndRun(string json)
         {
             var baseDirectory = Path.Combine(testContext.TestRunDirectory, Guid.NewGuid().ToString());