From 9ebc25d88bc4df62e50a1b8bef203625902d2879 Mon Sep 17 00:00:00 2001 From: Nikita Pivkin Date: Thu, 14 Sep 2023 13:10:09 +0700 Subject: [PATCH] test: validate SPDX with the JSON schema (#5124) * test: validate SPDX with the JSON schema * use the SPDX schema version based on the document version * additionally validate the document using spdx --- integration/integration_test.go | 31 +++++++++++++++++++++++-------- integration/repo_test.go | 2 +- 2 files changed, 24 insertions(+), 9 deletions(-) diff --git a/integration/integration_test.go b/integration/integration_test.go index 11e5a431d977..8f4ca3bc3dd2 100644 --- a/integration/integration_test.go +++ b/integration/integration_test.go @@ -6,6 +6,7 @@ import ( "context" "encoding/json" "flag" + "fmt" "io" "net" "os" @@ -19,6 +20,7 @@ import ( "github.com/samber/lo" spdxjson "github.com/spdx/tools-golang/json" "github.com/spdx/tools-golang/spdx" + "github.com/spdx/tools-golang/spdxlib" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "github.com/xeipuuv/gojsonschema" @@ -34,6 +36,8 @@ import ( var update = flag.Bool("update", false, "update golden files") +const SPDXSchema = "https://raw.githubusercontent.com/spdx/spdx-spec/development/v%s/schemas/spdx-schema.json" + func initDB(t *testing.T) string { fixtureDir := filepath.Join("testdata", "fixtures", "db") entries, err := os.ReadDir(fixtureDir) @@ -210,9 +214,26 @@ func compareCycloneDX(t *testing.T, wantFile, gotFile string) { assert.Equal(t, want, got) // Validate CycloneDX output against the JSON schema - schemaLoader := gojsonschema.NewReferenceLoader(got.JSONSchema) - documentLoader := gojsonschema.NewGoLoader(got) + validateReport(t, got.JSONSchema, got) +} + +func compareSPDXJson(t *testing.T, wantFile, gotFile string) { + want := readSpdxJson(t, wantFile) + got := readSpdxJson(t, gotFile) + assert.Equal(t, want, got) + + SPDXVersion, ok := strings.CutPrefix(want.SPDXVersion, "SPDX-") + assert.True(t, ok) + + assert.NoError(t, spdxlib.ValidateDocument(got)) + // Validate SPDX output against the JSON schema + validateReport(t, fmt.Sprintf(SPDXSchema, SPDXVersion), got) +} + +func validateReport(t *testing.T, schema string, report any) { + schemaLoader := gojsonschema.NewReferenceLoader(schema) + documentLoader := gojsonschema.NewGoLoader(report) result, err := gojsonschema.Validate(schemaLoader, documentLoader) require.NoError(t, err) @@ -223,9 +244,3 @@ func compareCycloneDX(t *testing.T, wantFile, gotFile string) { assert.True(t, valid, strings.Join(errs, "\n")) } } - -func compareSpdxJson(t *testing.T, wantFile, gotFile string) { - want := readSpdxJson(t, wantFile) - got := readSpdxJson(t, gotFile) - assert.Equal(t, want, got) -} diff --git a/integration/repo_test.go b/integration/repo_test.go index c554881e3101..d0921cdd6740 100644 --- a/integration/repo_test.go +++ b/integration/repo_test.go @@ -492,7 +492,7 @@ func TestRepository(t *testing.T) { case types.FormatCycloneDX: compareCycloneDX(t, tt.golden, outputFile) case types.FormatSPDXJSON: - compareSpdxJson(t, tt.golden, outputFile) + compareSPDXJson(t, tt.golden, outputFile) case types.FormatJSON: compareReports(t, tt.golden, outputFile, tt.override) default: