Skip to content

Commit

Permalink
Encode download_url in oci-copy purl spec
Browse files Browse the repository at this point in the history
  • Loading branch information
@ralphbean
ralphbean committed Jun 18, 2024
1 parent 292588f commit 69cd1b4
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 2 deletions.
3 changes: 2 additions & 1 deletion task/oci-copy-oci-ta/0.1/oci-copy-oci-ta.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -132,7 +132,8 @@ spec:
echo "Reading $varfile"
source $varfile
purl="pkg:generic/${OCI_FILENAME}?download_url=${OCI_SOURCE}&checksum=sha256:${OCI_ARTIFACT_DIGEST}"
ENCODED_URL=$(echo "${OCI_SOURCE}" | python3 -c 'import sys; import urllib.parse; print(urllib.parse.quote(sys.stdin.read().strip(), safe=":/"))')
purl="pkg:generic/${OCI_FILENAME}?download_url=${ENCODED_URL}&checksum=sha256:${OCI_ARTIFACT_DIGEST}"
echo "Recording purl $purl"
yq -oj -i '.components += [ {"purl": "'$purl'", "type": "file", "name": "'$OCI_FILENAME'", "hashes": [{"alg": "SHA-256", "content": "'$OCI_ARTIFACT_DIGEST'"}], "externalReferences": [{"type": "distribution", "url": "'$OCI_SOURCE'"}]} ]' sbom-cyclonedx.json
Expand Down
3 changes: 2 additions & 1 deletion task/oci-copy/0.1/oci-copy.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -123,7 +123,8 @@ spec:
echo "Reading $varfile"
source $varfile
purl="pkg:generic/${OCI_FILENAME}?download_url=${OCI_SOURCE}&checksum=sha256:${OCI_ARTIFACT_DIGEST}"
ENCODED_URL=$(echo "${OCI_SOURCE}" | python3 -c 'import sys; import urllib.parse; print(urllib.parse.quote(sys.stdin.read().strip(), safe=":/"))')
purl="pkg:generic/${OCI_FILENAME}?download_url=${ENCODED_URL}&checksum=sha256:${OCI_ARTIFACT_DIGEST}"
echo "Recording purl $purl"
yq -oj -i '.components += [ {"purl": "'$purl'", "type": "file", "name": "'$OCI_FILENAME'", "hashes": [{"alg": "SHA-256", "content": "'$OCI_ARTIFACT_DIGEST'"}], "externalReferences": [{"type": "distribution", "url": "'$OCI_SOURCE'"}]} ]' sbom-cyclonedx.json
Expand Down

0 comments on commit 69cd1b4

Please sign in to comment.