Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add subject info the sbom #3529

Merged
merged 11 commits into from
Dec 5, 2023
Merged

Add subject info the sbom #3529

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
f0bccef
Add generated components to the sbom, add a hash of each component.
netomi Nov 13, 2023
8f07f71
Store fullVer as PRODUCT_HOME is not available anymore after the arch…
netomi Nov 13, 2023
3a46e7a
Cleanup.
netomi Nov 23, 2023
3d880bc
Rebase
netomi Nov 23, 2023
4717e71
Address linter comments.
netomi Nov 23, 2023
bda0f3c
Fix joinPath when leading slashes are in a part.
netomi Nov 23, 2023
6a5a1c9
Determine the sbom target file name more robust.
netomi Nov 23, 2023
a374308
Use sha function from prepareWorkspace.sh.
netomi Nov 23, 2023
ceecdfe
Add a joinPathOS method that converts paths to OS specific ones and u…
netomi Nov 23, 2023
16981fb
Add fail-safe method to get the target file name for any component.
netomi Nov 23, 2023
a4bd036
Make linter happy.
netomi Nov 23, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
97 changes: 66 additions & 31 deletions cyclonedx-lib/src/temurin/sbom/TemurinGenSBOM.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,18 +41,18 @@ public final class TemurinGenSBOM {

private TemurinGenSBOM() {
}

/**
* Main entry.
* @param args Arguments for sbom operation.
*/

public static void main(final String[] args) {
String cmd = null;
String comment = null;
String compName = null;
String description = null;
String fileName = null;
String hashes = null;
String hash = null;
String name = null;
String tool = null;
String type = null;
Expand All @@ -73,8 +73,8 @@ public static void main(final String[] args) {
url = args[++i];
} else if (args[i].equals("--comment")) {
comment = args[++i];
} else if (args[i].equals("--hashes")) {
hashes = args[++i];
} else if (args[i].equals("--hash")) {
hash = args[++i];
} else if (args[i].equals("--compName")) {
compName = args[++i];
} else if (args[i].equals("--description")) {
Expand All @@ -85,15 +85,17 @@ public static void main(final String[] args) {
tool = args[++i];
} else if (args[i].equals("--createNewSBOM")) {
cmd = "createNewSBOM";
} else if (args[i].equals("--addMetadata")) { // Metadata Component. We can set "name" for Metadata.
} else if (args[i].equals("--addMetadata")) { // Metadata Component. We can set "name" for Metadata.
cmd = "addMetadata";
} else if (args[i].equals("--addMetadataComponent")) { // Metadata Component. We can set "name" for Metadata->Component.
} else if (args[i].equals("--addMetadataComponent")) { // Metadata Component. We can set "name" for Metadata->Component.
cmd = "addMetadataComponent";
} else if (args[i].equals("--addMetadataProp")) { // MetaData Component --> Property -> name-value
} else if (args[i].equals("--addMetadataProp")) { // MetaData Component --> Property -> name-value
cmd = "addMetadataProperty";
} else if (args[i].equals("--addComponent")) { // Components->Property: will add name-value.
} else if (args[i].equals("--addComponent")) {
cmd = "addComponent";
} else if (args[i].equals("--addComponentProp")) { // Components->Property: will add name-value.
} else if (args[i].equals("--addComponentHash")) {
cmd = "addComponentHash";
} else if (args[i].equals("--addComponentProp")) { // Components --> Property: will add name-value.
cmd = "addComponentProp";
} else if (args[i].equals("--addExternalReference")) {
cmd = "addExternalReference";
Expand All @@ -106,22 +108,22 @@ public static void main(final String[] args) {
}
}
switch (cmd) {
case "createNewSBOM": // Creates JSON file
case "createNewSBOM": // Creates JSON file
Bom bom = createBom();
writeJSONfile(bom, fileName);
break;

case "addMetadata": // Adds Metadata --> name
case "addMetadata": // Adds Metadata --> name
bom = addMetadata(fileName);
writeJSONfile(bom, fileName);
break;

case "addMetadataComponent": // Adds Metadata --> Component--> name
case "addMetadataComponent": // Adds Metadata --> Component --> name
bom = addMetadataComponent(fileName, name, type, version, description);
writeJSONfile(bom, fileName);
break;

case "addMetadataProperty": // Adds MetaData--> Property --> name-value:
case "addMetadataProperty": // Adds MetaData --> Property --> name-value:
bom = addMetadataProperty(fileName, name, value);
writeJSONfile(bom, fileName);
break;
Expand All @@ -131,23 +133,28 @@ public static void main(final String[] args) {
writeJSONfile(bom, fileName);
break;

case "addComponent": // Adds Component
case "addComponent": // Adds Components --> Component --> name
bom = addComponent(fileName, compName, version, description);
writeJSONfile(bom, fileName);
break;

case "addComponentProp": // Adds Components --> name-value pairs
case "addComponentHash": // Adds Components --> Component --> hash
bom = addComponentHash(fileName, compName, hash);
writeJSONfile(bom, fileName);
break;

case "addComponentProp": // Adds Components --> Component --> name-value pairs
bom = addComponentProperty(fileName, compName, name, value);
writeJSONfile(bom, fileName);
break;

case "addExternalReference": // Adds external Reference
bom = addExternalReference(fileName, hashes, url, comment);
case "addExternalReference": // Adds external Reference
bom = addExternalReference(fileName, hash, url, comment);
writeJSONfile(bom, fileName);
break;

case "addComponentExternalReference": // Adds external Reference to component
bom = addComponentExternalReference(fileName, hashes, url, comment);
case "addComponentExternalReference": // Adds external Reference to component
bom = addComponentExternalReference(fileName, hash, url, comment);
writeJSONfile(bom, fileName);
break;
default:
Expand All @@ -163,7 +170,9 @@ static Bom createBom() {
Bom bom = new Bom();
return bom;
}
static Bom addMetadata(final String fileName) { // Method to store metadata --> name

// Method to store Metadata --> name.
static Bom addMetadata(final String fileName) {
Bom bom = readJSONfile(fileName);
Metadata meta = new Metadata();
OrganizationalEntity org = new OrganizationalEntity();
Expand All @@ -176,6 +185,7 @@ static Bom addMetadata(final String fileName) { // Method to store meta
bom.setMetadata(meta);
return bom;
}

static Bom addMetadataComponent(final String fileName, final String name, final String type, final String version, final String description) {
Bom bom = readJSONfile(fileName);
Metadata meta = new Metadata();
Expand All @@ -196,7 +206,9 @@ static Bom addMetadataComponent(final String fileName, final String name, final
bom.setMetadata(meta);
return bom;
}
static Bom addMetadataProperty(final String fileName, final String name, final String value) { // Method to store metadata --> Properties List --> name-values

// Method to store Metadata --> Properties List --> name-values.
static Bom addMetadataProperty(final String fileName, final String name, final String value) {
Bom bom = readJSONfile(fileName);
Metadata meta = new Metadata();
Property prop1 = new Property();
Expand All @@ -207,6 +219,7 @@ static Bom addMetadataProperty(final String fileName, final String name, final S
bom.setMetadata(meta);
return bom;
}

static Bom addMetadataTools(final String fileName, final String toolName, final String version) {
Bom bom = readJSONfile(fileName);
Metadata meta = new Metadata();
Expand All @@ -218,20 +231,36 @@ static Bom addMetadataTools(final String fileName, final String toolName, final
bom.setMetadata(meta);
return bom;
}
static Bom addComponent(final String fileName, final String compName, final String version, final String description) { // Method to store Component --> name & single name-value pair

// Method to store Component --> name & single name-value pair.
static Bom addComponent(final String fileName, final String compName, final String version, final String description) {
Bom bom = readJSONfile(fileName);
Component comp = new Component();
comp.setName(compName);
comp.setVersion(version);
comp.setType(Component.Type.FRAMEWORK);
comp.setDescription(description);
comp.setGroup("adoptium.net");
comp.setAuthor("Adoptium Temurin");
comp.setAuthor("Eclipse Temurin");
comp.setPublisher("Eclipse Temurin");
bom.addComponent(comp);
return bom;
}
static Bom addComponentProperty(final String fileName, final String compName, final String name, final String value) { // Method to add Component --> Property --> name-value pairs

static Bom addComponentHash(final String fileName, final String compName, final String hash) {
Bom bom = readJSONfile(fileName);
List<Component> componentArrayList = bom.getComponents();
for (Component item : componentArrayList) {
if (item.getName().equals(compName)) {
Hash hash1 = new Hash(Hash.Algorithm.SHA_256, hash);
item.addHash(hash1);
}
}
return bom;
}

// Method to add Component --> Property --> name-value pairs.
static Bom addComponentProperty(final String fileName, final String compName, final String name, final String value) {
Bom bom = readJSONfile(fileName);
List<Component> componentArrayList = bom.getComponents();
for (Component item : componentArrayList) {
Expand All @@ -244,21 +273,25 @@ static Bom addComponentProperty(final String fileName, final String compName, fi
}
return bom;
}
static Bom addExternalReference(final String fileName, final String hashes, final String url, final String comment) { // Method to store externalReferences: dependency_version_alsa

// Method to store externalReferences: dependency_version_alsa.
static Bom addExternalReference(final String fileName, final String hash, final String url, final String comment) {
Bom bom = readJSONfile(fileName);
ExternalReference extRef = new ExternalReference();
Hash hash1 = new Hash(Hash.Algorithm.SHA3_256, hashes);
Hash hash1 = new Hash(Hash.Algorithm.SHA3_256, hash);
extRef.setType(ExternalReference.Type.BUILD_SYSTEM); //required
extRef.setUrl(url); // required must be a valid URL with protocal
extRef.setUrl(url); // required must be a valid URL with protocol
extRef.setComment(comment);
extRef.addHash(hash1);
bom.addExternalReference(extRef);
return bom;
}
static Bom addComponentExternalReference(final String fileName, final String hashes, final String url, final String comment) { // Method to store externalReferences to store: openjdk_source

// Method to store externalReferences to store: openjdk_source.
static Bom addComponentExternalReference(final String fileName, final String hash, final String url, final String comment) {
Bom bom = readJSONfile(fileName);
ExternalReference extRef = new ExternalReference();
Hash hash1 = new Hash(Hash.Algorithm.SHA3_256, hashes);
Hash hash1 = new Hash(Hash.Algorithm.SHA3_256, hash);
Component comp = new Component();
extRef.addHash(hash1);
extRef.setUrl(url);
Expand All @@ -276,7 +309,8 @@ static String generateBomJson(final Bom bom) {
return json;
}

static void writeJSONfile(final Bom bom, final String fileName) { // Creates testJson.json file
// Writes the BOM object to the specified file.
static void writeJSONfile(final Bom bom, final String fileName) {
FileWriter file;
String json = generateBomJson(bom);
try {
Expand All @@ -288,7 +322,8 @@ static void writeJSONfile(final Bom bom, final String fileName) { // Cr
}
}

static Bom readJSONfile(final String fileName) { // Returns parse bom
// Returns a parsed BOM object from the specified file.
static Bom readJSONfile(final String fileName) {
Bom bom = null;
try {
FileReader reader = new FileReader(fileName);
Expand Down
Loading
Loading