Skip to content

Commit

Permalink
Add purl information to SPDX
Browse files Browse the repository at this point in the history 
This change adds purl data to all packages listed

Addresses #1206

Signed-off-by: Ivana Atanasova <iyovcheva@vmware.com>
  • Loading branch information
@ivanayov
ivanayov committed Jan 13, 2023
1 parent cbea6d7 commit e079d75
Show file tree
Hide file tree
Showing 5 changed files with 46 additions and 4 deletions.
5 changes: 4 additions & 1 deletion tern/classes/image_layer.py
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# -*- coding: utf-8 -*-
#
# Copyright (c) 2017-2021 VMware, Inc. All Rights Reserved.
# Copyright (c) 2017-2022 VMware, Inc. All Rights Reserved.
# SPDX-License-Identifier: BSD-2-Clause
import os
import re
Expand All @@ -11,6 +11,7 @@
from tern.utils import rootfs
from tern.utils import constants
from tern.utils.general import prop_names
from tern.utils.externals import add_purl


class ImageLayer:
Expand Down Expand Up @@ -221,6 +222,8 @@ def add_checksums(self, checksums):
def add_package(self, package):
if isinstance(package, Package):
if package.name not in self.get_package_names():
purl = add_purl(package.name, package.version)
package.external_refs.append(purl)
self.__packages.append(package)
else:
raise TypeError('Object type is {0}, should be Package'.format(
Expand Down
10 changes: 10 additions & 0 deletions tern/classes/package.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ class Package:
pkg_licenses: all licenses found within a package
src_name: the source package associated with the binary package
src_version: the source package version
external_refs: a list of external references
methods:
to_dict: returns a dict representation of the instance
Expand All @@ -47,6 +48,7 @@ def __init__(self, name):
self.__pkg_format = ''
self.__src_name = ''
self.__src_version = ''
self.__external_refs = []

@property
def name(self):
Expand Down Expand Up @@ -144,6 +146,14 @@ def src_version(self):
def src_version(self, src_version):
self.__src_version = src_version

@property
def external_refs(self):
return self.__external_refs

@external_refs.setter
def external_refs(self, external_refs):
self.__external_refs = external_refs

def get_file_paths(self):
"""Return a list of paths of all the files in a package"""
return [f.path for f in self.__files]
Expand Down
5 changes: 4 additions & 1 deletion tern/extensions/scancode/executor.py
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# -*- coding: utf-8 -*-
#
# Copyright (c) 2019-2021 VMware, Inc. All Rights Reserved.
# Copyright (c) 2019-2022 VMware, Inc. All Rights Reserved.
# SPDX-License-Identifier: BSD-2-Clause

"""
Expand All @@ -26,6 +26,7 @@
from tern.extensions.executor import Executor
from tern.utils import constants
from tern.utils import rootfs
from tern.utils.externals import add_purl


logger = logging.getLogger(constants.logger_name)
Expand Down Expand Up @@ -118,6 +119,8 @@ def get_scancode_package(package_dict):
package.download_url = package_dict['download_url']
package.licenses = [package_dict['declared_license'],
package_dict['license_expression']]
purl = add_purl(package_dict['name'], package_dict['version'])
package.external_refs.append(purl)
return package


Expand Down
25 changes: 25 additions & 0 deletions tern/utils/externals.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
# -*- coding: utf-8 -*-
#
# Copyright (c) 2017-2022 VMware, Inc. All Rights Reserved.
# SPDX-License-Identifier: BSD-2-Clause

import logging
from packageurl import PackageURL

from tern.utils import constants

# global logger
logger = logging.getLogger(constants.logger_name)

def generate_purl_package_reference(package_name, package_version):
return "pkg:" + package_name + "@" + package_version

def add_purl(package_name, package_version):
purl_package_reference = generate_purl_package_reference(package_name, package_version)
purl = 'not_found'
try:
purl = PackageURL.from_string(purl_package_reference)
except (ValueError):
logger.debug("purl is missing required component for package %s",
purl_package_reference)
return purl
5 changes: 3 additions & 2 deletions tests/test_class_package.py
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# -*- coding: utf-8 -*-
#
# Copyright (c) 2017-2019 VMware, Inc. All Rights Reserved.
# Copyright (c) 2017-2022 VMware, Inc. All Rights Reserved.
# SPDX-License-Identifier: BSD-2-Clause

import unittest
Expand Down Expand Up @@ -175,7 +175,8 @@ def testFill(self):
{'name': 'b.txt', 'path': '/lib/b.txt'}],
'pkg_format': 'rpm',
'src_name': 'p1src',
'src_version': '1.0'
'src_version': '1.0',
'external_refs': []
}
p = Package('p1')
p.fill(p_dict)
Expand Down

0 comments on commit e079d75

Please sign in to comment.