def test_to_json(mock_top_level_purl, app, package, subpath):
request = Request()
if package and subpath:
package["path"] = subpath
packages = _load_packages_from_json([package]) if package else []
cm = ContentManifest(request, packages)
image_contents = []
if package:
content = {
"purl": mock_top_level_purl.return_value,
"dependencies": [],
"sources": []
}
image_contents.append(content)
expected = {
"metadata": {
"icm_version": 1,
"icm_spec": JSON_SCHEMA_URL,
"image_layer_index": -1
},
"image_contents": image_contents,
}
assert cm.to_json() == expected
if package:
mock_top_level_purl.assert_called_once_with(request, subpath=subpath)
def test_to_json(mock_top_level_purl, app, package, subpath):
request = Request()
cm = ContentManifest(request)
image_contents = []
if package:
pkg = Package.from_json(package)
request_package = RequestPackage(package=pkg, subpath=subpath)
request.request_packages.append(request_package)
content = {
"purl": mock_top_level_purl.return_value,
"dependencies": [],
"sources": [],
}
image_contents.append(content)
expected = {
"metadata": {
"icm_version": 1,
"icm_spec": ContentManifest.json_schema_url,
"image_layer_index": -1,
},
"image_contents": image_contents,
}
assert cm.to_json() == expected
if package:
mock_top_level_purl.assert_called_once_with(request, subpath=subpath)
def test_process_pip(default_request, default_toplevel_purl):
pkg = Package.from_json({
"name": "requests",
"type": "pip",
"version": "2.24.0"
})
pkg.id = 1
expected_purl = default_toplevel_purl
dep_commit_id = "58c88e4952e95935c0dd72d4a24b0c44f2249f5b"
dep = Package.from_json({
"name":
"cnr-server",
"type":
"pip",
"version":
f"git+https://github.com/quay/appr@{dep_commit_id}",
})
dep.id = 2
expected_dep_purl = f"pkg:github/quay/appr@{dep_commit_id}"
src = Package.from_json({
"name": "setuptools",
"type": "pip",
"version": "49.1.1"
})
src.id = 3
src.dev = True
expected_src_purl = "pkg:pypi/[email protected]"
cm = ContentManifest(default_request)
# emulate to_json behavior to setup internal packages cache
cm._pip_data.setdefault(pkg.id, {
"purl": expected_purl,
"dependencies": [],
"sources": []
})
cm.process_pip_package(pkg, dep)
cm.process_pip_package(pkg, src)
expected_contents = {
pkg.id: {
"purl": expected_purl,
"dependencies": [{
"purl": expected_dep_purl
}],
"sources": [{
"purl": expected_dep_purl
}, {
"purl": expected_src_purl
}],
}
}
assert cm._pip_data
assert pkg.id in cm._pip_data
assert cm._pip_data == expected_contents
def test_process_npm(default_request, default_toplevel_purl):
pkg = Package.from_json({
"name": "grc-ui",
"type": "npm",
"version": "1.0.0"
})
pkg.id = 1
expected_purl = default_toplevel_purl
dep_commit_id = "7762177aacfb1ddf5ca45cebfe8de1da3b24f0ff"
dep = Package.from_json({
"name":
"security-middleware",
"type":
"npm",
"version":
f"github:open-cluster-management/security-middleware#{dep_commit_id}",
})
dep.id = 2
expected_dep_purl = f"pkg:github/open-cluster-management/security-middleware@{dep_commit_id}"
src = Package.from_json({
"name": "@types/events",
"type": "npm",
"version": "3.0.0"
})
src.id = 3
src.dev = True
expected_src_purl = "pkg:npm/%40types/[email protected]"
cm = ContentManifest(default_request)
# emulate to_json behavior to setup internal packages cache
cm._npm_data.setdefault(pkg.id, {
"purl": expected_purl,
"dependencies": [],
"sources": []
})
cm.process_npm_package(pkg, dep)
cm.process_npm_package(pkg, src)
expected_contents = {
pkg.id: {
"purl": expected_purl,
"dependencies": [{
"purl": expected_dep_purl
}],
"sources": [{
"purl": expected_dep_purl
}, {
"purl": expected_src_purl
}],
}
}
assert cm._npm_data
assert pkg.id in cm._npm_data
assert cm._npm_data == expected_contents
def test_process_yarn(default_request, default_toplevel_purl):
dep_commit_id = "7762177aacfb1ddf5ca45cebfe8de1da3b24f0ff"
packages_json = [
{
"name":
"grc-ui",
"type":
"yarn",
"version":
"1.0.0",
"dependencies": [
{
"name":
"security-middleware",
"type":
"yarn",
"version":
f"github:open-cluster-management/security-middleware"
f"#{dep_commit_id}",
},
{
"name": "@types/events",
"type": "yarn",
"version": "3.0.0",
"dev": True
},
],
},
]
packages = _load_packages_from_json(packages_json)
package = packages[0]
expected_purl = default_toplevel_purl
expected_dep_purl = f"pkg:github/open-cluster-management/security-middleware@{dep_commit_id}"
expected_src_purl = "pkg:npm/%40types/[email protected]"
cm = ContentManifest(default_request, packages)
cm.to_json()
expected_contents = {
package: {
"purl": expected_purl,
"dependencies": [{
"purl": expected_dep_purl
}],
"sources": [{
"purl": expected_dep_purl
}, {
"purl": expected_src_purl
}],
},
}
assert cm._yarn_data
assert package in cm._yarn_data
assert cm._yarn_data == expected_contents
def test_process_pip(default_request, default_toplevel_purl):
dep_commit_id = "58c88e4952e95935c0dd72d4a24b0c44f2249f5b"
packages_json = [
{
"name":
"requests",
"type":
"pip",
"version":
"2.24.0",
"dependencies": [
{
"name": "cnr-server",
"type": "pip",
"version":
f"git+https://github.com/quay/appr@{dep_commit_id}",
},
{
"name": "setuptools",
"type": "pip",
"version": "49.1.1",
"dev": True
},
],
},
]
packages = _load_packages_from_json(packages_json)
package = packages[0]
expected_purl = default_toplevel_purl
expected_dep_purl = f"pkg:github/quay/appr@{dep_commit_id}"
expected_src_purl = "pkg:pypi/[email protected]"
cm = ContentManifest(default_request, packages)
cm.to_json()
expected_contents = {
package: {
"purl": expected_purl,
"dependencies": [{
"purl": expected_dep_purl
}],
"sources": [{
"purl": expected_dep_purl
}, {
"purl": expected_src_purl
}],
},
}
assert cm._pip_data
assert package in cm._pip_data
assert cm._pip_data == expected_contents
def test_generate_icm(contents, default_request):
cm = ContentManifest(default_request)
expected = OrderedDict({
"image_contents":
contents or [],
"metadata":
OrderedDict({
"icm_spec": ContentManifest.json_schema_url,
"icm_version": 1,
"image_layer_index": -1,
}),
})
assert cm.generate_icm(contents) == expected
def test_generate_icm(contents, default_request):
cm = ContentManifest(default_request, [])
expected = OrderedDict({
"image_contents":
contents or [],
"metadata":
OrderedDict({
"icm_spec": JSON_SCHEMA_URL,
"icm_version": 1,
"image_layer_index": -1
}),
})
assert cm.generate_icm(contents) == expected
def test_to_json_with_multiple_packages(mock_generate_icm, app, packages):
request = Request()
cm = ContentManifest(request)
image_contents = []
for package in packages:
pkg = Package.from_json(package)
request_package = RequestPackage(package=pkg)
request.request_packages.append(request_package)
content = {"purl": pkg.to_purl(), "dependencies": [], "sources": []}
image_contents.append(content)
res = cm.to_json()
mock_generate_icm.assert_called_once_with(image_contents)
assert res == mock_generate_icm.return_value
def test_process_go(default_request):
pkg = Package.from_json({
"name": "example.com/org/project",
"type": "go-package",
"version": "1.1.1"
})
pkg.id = 1
expected_purl = "pkg:golang/example.com%2Forg%[email protected]"
dep = Package.from_json({
"name": "example.com/org/project/lib",
"type": "go-package",
"version": "2.2.2"
})
dep.id = 2
expected_dep_purl = "pkg:golang/example.com%2Forg%2Fproject%[email protected]"
src = Package.from_json({
"name": "example.com/anotherorg/project",
"type": "gomod",
"version": "3.3.3"
})
src.id = 3
expected_src_purl = "pkg:golang/example.com%2Fanotherorg%[email protected]"
cm = ContentManifest(default_request)
# emulate to_json behavior to setup internal packages cache
cm._gomod_data.setdefault(pkg.name, {
"purl": "not-important",
"dependencies": []
})
cm._gopkg_data.setdefault(pkg.id, {
"name": pkg.name,
"purl": expected_purl,
"dependencies": [],
"sources": []
})
cm.process_go_package(pkg, dep)
cm.process_gomod(pkg, src)
cm.set_go_package_sources()
expected_contents = {
pkg.id: {
"purl": expected_purl,
"dependencies": [{
"purl": expected_dep_purl
}],
"sources": [{
"purl": expected_src_purl
}],
}
}
assert cm._gopkg_data
assert pkg.id in cm._gopkg_data
assert cm._gopkg_data == expected_contents
def test_to_json_with_multiple_packages(mock_generate_icm, app, packages_json):
request = Request()
packages = _load_packages_from_json(packages_json)
cm = ContentManifest(request, packages)
image_contents = []
for package_json in packages_json:
package = Package.from_json(package_json)
content = {
"purl": package.to_purl(),
"dependencies": [],
"sources": []
}
image_contents.append(content)
res = cm.to_json()
mock_generate_icm.assert_called_once_with(image_contents)
assert res == mock_generate_icm.return_value
def test_to_json_properly_sets_internal_data(mock_set_go_sources,
mock_top_level_purl, app, package,
internal_attr, internal_data):
# Half the unit tests "emulate to_json() behaviour" so we should probably test that behaviour
request = Request()
pkg = Package.from_json(package)
pkg.id = 1
request_package = RequestPackage(package=pkg)
request.request_packages.append(request_package)
mock_top_level_purl.return_value = "mock-package-purl"
cm = ContentManifest(request)
cm.to_json()
# Here we are only interested in the setup part of to_json()
# (sidenote: we really need to refactor to_json())
assert getattr(cm, internal_attr) == internal_data
def test_process_gomod_replace_parent_purl(default_request):
module = Package.from_json({
"name": "example.com/org/project",
"type": "gomod",
"version": "1.1.1"
})
module.id = 1
expected_module_purl = "pkg:golang/example.com%2Forg%[email protected]"
module_dep = Package.from_json({
"name":
"example.com/anotherorg/project",
"type":
"gomod",
"version":
"./staging/src/anotherorg/project",
})
module_dep.id = 2
expected_dependency_purl = f"{expected_module_purl}#staging/src/anotherorg/project"
cm = ContentManifest(default_request)
# emulate to_json behavior to setup internal packages cache
cm._gomod_data.setdefault(module.name, {
"purl": expected_module_purl,
"dependencies": []
})
cm.process_gomod(module, module_dep)
assert cm._gomod_data == {
module.name: {
"purl": expected_module_purl,
"dependencies": [{
"purl": expected_dependency_purl
}],
},
}
def test_process_gomod_replace_parent_purl(default_request):
packages_json = [
{
"name":
"example.com/org/project",
"type":
"gomod",
"version":
"1.1.1",
"dependencies": [
{
"name": "example.com/anotherorg/project",
"type": "gomod",
"version": "./staging/src/anotherorg/project",
},
],
},
]
packages = _load_packages_from_json(packages_json)
package = packages[0]
expected_module_purl = "pkg:golang/example.com%2Forg%[email protected]"
expected_dependency_purl = f"{expected_module_purl}#staging/src/anotherorg/project"
cm = ContentManifest(default_request, packages)
cm.to_json()
assert cm._gomod_data == {
package.name: {
"purl": expected_module_purl,
"dependencies": [{
"purl": expected_dependency_purl
}],
},
}
def test_set_go_package_sources_replace_parent_purl(gopkg_name, gomod_data,
expected_parent_purl,
default_request):
pre_replaced_dependencies = [
{
"purl": f"{PARENT_PURL_PLACEHOLDER}#staging/src/k8s.io/foo"
},
{
"purl": f"{PARENT_PURL_PLACEHOLDER}#staging/src/k8s.io/bar"
},
{
"purl": "pkg:golang/example.com/[email protected]"
},
]
post_replaced_dependencies = [
{
"purl": f"{expected_parent_purl}#staging/src/k8s.io/foo"
},
{
"purl": f"{expected_parent_purl}#staging/src/k8s.io/bar"
},
{
"purl": "pkg:golang/example.com/[email protected]"
},
]
cm = ContentManifest(default_request, [])
cm._gomod_data = gomod_data
cm._gopkg_data = {
1: {
"name": gopkg_name,
"purl": "not-important",
"dependencies": pre_replaced_dependencies,
"sources": [],
},
}
cm.set_go_package_sources()
assert cm._gopkg_data == {
1: {
# name is popped by set_go_package_sources()
"purl": "not-important",
"dependencies": post_replaced_dependencies,
"sources": [],
},
}
def test_set_go_package_sources(mock_warning, app, pkg_name, gomod_data, warn,
default_request):
cm = ContentManifest(default_request)
main_purl = "pkg:golang/a-package"
main_package_id = 1
cm._gopkg_data = {
main_package_id: {
"name": pkg_name,
"purl": main_purl,
"sources": [],
"dependencies": []
}
}
cm._gomod_data = gomod_data
cm.set_go_package_sources()
sources = []
for v in gomod_data.values():
if any(k in pkg_name for k in gomod_data.keys()):
sources += v
expected = {
main_package_id: {
"purl": main_purl,
"dependencies": [],
"sources": sources
}
}
assert cm._gopkg_data == expected
if warn:
mock_warning.assert_called_once_with(
"Could not find a Go module for %s", main_purl)
else:
mock_warning.assert_not_called()
def test_process_go(app, default_request):
packages_json = [
{
"name":
"example.com/org/project",
"type":
"go-package",
"version":
"1.1.1",
"dependencies": [{
"name": "example.com/org/project/lib",
"type": "go-package",
"version": "2.2.2"
}],
},
{
"name":
"example.com/org/project",
"type":
"gomod",
"version":
"1.1.1",
"dependencies": [{
"name": "example.com/anotherorg/project/lib",
"type": "gomod",
"version": "3.3.3"
}],
},
]
expected_purl = "pkg:golang/example.com%2Forg%[email protected]"
expected_dep_purl = "pkg:golang/example.com%2Forg%2Fproject%[email protected]"
expected_src_purl = "pkg:golang/example.com%2Fanotherorg%2Fproject%[email protected]"
packages = _load_packages_from_json(packages_json)
package = packages[0]
cm = ContentManifest(default_request, packages)
cm.to_json()
expected_gopkg_contents = {
package: {
"purl": expected_purl,
"dependencies": [{
"purl": expected_dep_purl
}],
"sources": [{
"purl": expected_src_purl
}],
},
}
expected_gomod_contents = {
package.name: {
"purl": expected_purl,
"dependencies": [{
"purl": expected_src_purl
}]
}
}
assert cm._gopkg_data
assert package in cm._gopkg_data
assert package.name in cm._gomod_data
assert cm._gopkg_data == expected_gopkg_contents
assert cm._gomod_data == expected_gomod_contents