fix: Take SPDX ID from GitHub API when searching for the license (#634)

Take SPDX ID from GitHub API when searching for the license Signed-off-by: Oleg Kopysov <[email protected]>
Samsung · Oct 7, 2024 · f8b7b1a · f8b7b1a
1 parent 31f6f4d
commit f8b7b1a
Show file tree

Hide file tree

Showing 4 changed files with 32 additions and 26 deletions.
diff --git a/src/main/java/com/lpvs/service/LPVSGitHubService.java b/src/main/java/com/lpvs/service/LPVSGitHubService.java
@@ -357,9 +357,9 @@ public void commentResults(
      * Retrieves the license of the GitHub repository associated with the pull request.
      *
      * @param webhookConfig LPVSQueue configuration for the pull request.
-     * @return License key of the GitHub repository or null if not available.
+     * @return License SPDX ID and name for the GitHub repository or null if not available.
      */
-    public String getRepositoryLicense(LPVSQueue webhookConfig) {
+    public String[] getRepositoryLicense(LPVSQueue webhookConfig) {
         try {
             String repositoryName = LPVSPayloadUtil.getRepositoryName(webhookConfig);
             String repositoryOrganization =
@@ -371,7 +371,7 @@ public String getRepositoryLicense(LPVSQueue webhookConfig) {
             if (license == null) {
                 return null;
             } else {
-                return license.getKey();
+                return new String[] {license.getSpdxId(), license.getName()};
             }
         } catch (IOException | IllegalArgumentException e) {
             log.error("Can't authorize getRepositoryLicense(): " + e.getMessage());

diff --git a/src/main/java/com/lpvs/service/webhook/LPVSWebhookServiceImpl.java b/src/main/java/com/lpvs/service/webhook/LPVSWebhookServiceImpl.java
@@ -146,12 +146,13 @@ public void processWebHook(LPVSQueue webhookConfig) {
                     filePath = filePath.split(":::::")[0];
                 }
                 // check repository license
-                String repositoryLicense = gitHubService.getRepositoryLicense(webhookConfig);
+                String[] repositoryLicense = gitHubService.getRepositoryLicense(webhookConfig);
 
                 if (repositoryLicense != null) {
                     LPVSLicense repoLicense =
                             licenseService.getLicenseBySpdxIdAndName(
-                                    repositoryLicense, Optional.empty());
+                                    repositoryLicense[0],
+                                    Optional.ofNullable(repositoryLicense[1]));
                     webhookConfig.setRepositoryLicense(repoLicense.getSpdxId());
                 } else {
                     webhookConfig.setRepositoryLicense(null);

diff --git a/src/test/java/com/lpvs/service/LPVSGitHubServiceTest.java b/src/test/java/com/lpvs/service/LPVSGitHubServiceTest.java
@@ -3829,7 +3829,8 @@ void setUp() {
             } catch (IOException e) {
                 log.error("mocked_repo.getLicense error " + e);
             }
-            when(mocked_license.getKey()).thenReturn(test_license_key);
+            when(mocked_license.getSpdxId()).thenReturn(test_license_key);
+            when(mocked_license.getName()).thenReturn(test_license_key);
         }
 
         @Test
@@ -3841,7 +3842,8 @@ public void testGetRepositoryLicense__ApiUrlAbsentLisencePresent() {
                         .thenReturn(mocked_instance_gh);
 
                 // main test
-                assertEquals(test_license_key, gh_service.getRepositoryLicense(webhookConfig));
+                assertEquals(
+                        2, Arrays.stream(gh_service.getRepositoryLicense(webhookConfig)).count());
 
                 // verification of calling methods on `Mock`s
                 // `mocked_static_gh` verify
@@ -3869,7 +3871,8 @@ public void testGetRepositoryLicense__ApiUrlAbsentLisencePresent() {
                 verifyNoMoreInteractions(mocked_repo);
 
                 // `mocked_license` verify
-                verify(mocked_license, times(1)).getKey();
+                verify(mocked_license, times(1)).getSpdxId();
+                verify(mocked_license, times(1)).getName();
                 verifyNoMoreInteractions(mocked_license);
             }
         }
@@ -4032,7 +4035,8 @@ public void testGetRepositoryLicense__ApiUrlPresentLisencePresent() {
                         .thenReturn(mocked_instance_gh);
 
                 // main test
-                assertEquals(test_license_key, gh_service.getRepositoryLicense(webhookConfig));
+                assertEquals(
+                        2, Arrays.stream(gh_service.getRepositoryLicense(webhookConfig)).count());
 
                 // verification of calling methods on `Mock`s
                 // `mocked_static_gh` verify
@@ -4064,7 +4068,8 @@ public void testGetRepositoryLicense__ApiUrlPresentLisencePresent() {
                 verifyNoMoreInteractions(mocked_repo);
 
                 // `mocked_license` verify
-                verify(mocked_license, times(1)).getKey();
+                verify(mocked_license, times(1)).getSpdxId();
+                verify(mocked_license, times(1)).getName();
                 verifyNoMoreInteractions(mocked_license);
             }
         }

diff --git a/src/test/java/com/lpvs/service/webhook/LPVSWebhookServiceImplTest.java b/src/test/java/com/lpvs/service/webhook/LPVSWebhookServiceImplTest.java
@@ -272,10 +272,11 @@ void setUp() {
             when(mockGitHubService.getPullRequestFiles(webhookConfigMain))
                     .thenReturn(filePathTestNoDeletion);
             when(mockGitHubService.getRepositoryLicense(webhookConfigMain))
-                    .thenReturn(licenseNameTest);
+                    .thenReturn(new String[] {spdxIdTest, licenseNameTest});
 
             mockLicenseService = mock(LPVSLicenseService.class);
-            when(mockLicenseService.getLicenseBySpdxIdAndName(licenseNameTest, Optional.empty()))
+            when(mockLicenseService.getLicenseBySpdxIdAndName(
+                            spdxIdTest, Optional.of(licenseNameTest)))
                     .thenReturn(lpvsLicenseTest);
 
             mockDetectService = mock(LPVSDetectService.class);
@@ -312,7 +313,7 @@ public void testProcessWebHook____DeletionAbsentLicensePresent() throws Exceptio
             verify(mockGitHubService, times(1)).getPullRequestFiles(webhookConfigMain);
             verify(mockGitHubService, times(1)).getRepositoryLicense(webhookConfigMain);
             verify(mockLicenseService, times(1))
-                    .getLicenseBySpdxIdAndName(licenseNameTest, Optional.empty());
+                    .getLicenseBySpdxIdAndName(spdxIdTest, Optional.of(licenseNameTest));
             try {
                 verify(mockDetectService, times(1))
                         .runScan(webhookConfigMain, filePathTestNoDeletion);
@@ -374,10 +375,11 @@ void setUp() {
             when(mockGitHubService.getPullRequestFiles(webhookConfigMain))
                     .thenReturn(filePathTestWithDeletion);
             when(mockGitHubService.getRepositoryLicense(webhookConfigMain))
-                    .thenReturn(licenseNameTest);
+                    .thenReturn(new String[] {spdxIdTest, licenseNameTest});
 
             mockLicenseService = mock(LPVSLicenseService.class);
-            when(mockLicenseService.getLicenseBySpdxIdAndName(licenseNameTest, Optional.empty()))
+            when(mockLicenseService.getLicenseBySpdxIdAndName(
+                            spdxIdTest, Optional.of(licenseNameTest)))
                     .thenReturn(lpvsLicenseTest);
 
             mockDetectService = mock(LPVSDetectService.class);
@@ -415,7 +417,7 @@ public void testProcessWebHook____DeletionPresentLicensePresent() throws Excepti
             verify(mockGitHubService, times(1)).getPullRequestFiles(webhookConfigMain);
             verify(mockGitHubService, times(1)).getRepositoryLicense(webhookConfigMain);
             verify(mockLicenseService, times(1))
-                    .getLicenseBySpdxIdAndName(licenseNameTest, Optional.empty());
+                    .getLicenseBySpdxIdAndName(spdxIdTest, Optional.of(licenseNameTest));
             try {
                 verify(mockDetectService, times(1))
                         .runScan(webhookConfigMain, filePathTestWithDeletionTruncated);
@@ -474,10 +476,11 @@ void setUp() {
             when(mockGitHubService.getPullRequestFiles(webhookConfigMain))
                     .thenReturn(filePathTestNoDeletion);
             when(mockGitHubService.getRepositoryLicense(webhookConfigMain))
-                    .thenReturn(licenseNameTest);
+                    .thenReturn(new String[] {spdxIdTest, licenseNameTest});
 
             mockLicenseService = mock(LPVSLicenseService.class);
-            when(mockLicenseService.getLicenseBySpdxIdAndName(licenseNameTest, Optional.empty()))
+            when(mockLicenseService.getLicenseBySpdxIdAndName(
+                            spdxIdTest, Optional.of(licenseNameTest)))
                     .thenReturn(lpvsLicenseTest);
 
             mockDetectService = mock(LPVSDetectService.class);
@@ -519,9 +522,7 @@ public void testProcessWebHook__DeletionAbsentLicenseFound() throws Exception {
             verify(mockGitHubService, times(1)).getPullRequestFiles(webhookConfigMain);
             verify(mockGitHubService, times(1)).getRepositoryLicense(webhookConfigMain);
             verify(mockLicenseService, times(1))
-                    .getLicenseBySpdxIdAndName(licenseNameTest, Optional.empty());
-            verify(mockLicenseService, times(1))
-                    .getLicenseBySpdxIdAndName(licenseNameTest, Optional.empty());
+                    .getLicenseBySpdxIdAndName(spdxIdTest, Optional.of(licenseNameTest));
             try {
                 verify(mockDetectService, times(1))
                         .runScan(webhookConfigMain, filePathTestNoDeletion);
@@ -583,10 +584,11 @@ void setUp() {
             when(mockGitHubService.getPullRequestFiles(webhookConfigMain))
                     .thenReturn(filePathTestWithDeletion);
             when(mockGitHubService.getRepositoryLicense(webhookConfigMain))
-                    .thenReturn(licenseNameTest);
+                    .thenReturn(new String[] {spdxIdTest, licenseNameTest});
 
             mockLicenseService = mock(LPVSLicenseService.class);
-            when(mockLicenseService.getLicenseBySpdxIdAndName(licenseNameTest, Optional.empty()))
+            when(mockLicenseService.getLicenseBySpdxIdAndName(
+                            spdxIdTest, Optional.of(licenseNameTest)))
                     .thenReturn(lpvsLicenseTest);
 
             mockDetectService = mock(LPVSDetectService.class);
@@ -624,9 +626,7 @@ public void testProcessWebHook__DeletionPresentLicenseFound() throws Exception {
             verify(mockGitHubService, times(1)).getPullRequestFiles(webhookConfigMain);
             verify(mockGitHubService, times(1)).getRepositoryLicense(webhookConfigMain);
             verify(mockLicenseService, times(1))
-                    .getLicenseBySpdxIdAndName(licenseNameTest, Optional.empty());
-            verify(mockLicenseService, times(1))
-                    .getLicenseBySpdxIdAndName(licenseNameTest, Optional.empty());
+                    .getLicenseBySpdxIdAndName(spdxIdTest, Optional.of(licenseNameTest));
             try {
                 verify(mockDetectService, times(1))
                         .runScan(webhookConfigMain, filePathTestWithDeletionTruncated);