Updated based on code review

Signed-off-by: nathannaveen <[email protected]>
guacsec · May 10, 2024 · b5bec6a · b5bec6a
1 parent 15ebaae
commit b5bec6a
Show file tree

Hide file tree

Showing 4 changed files with 21 additions and 137 deletions.
diff --git a/pkg/assembler/clients/generated/operations.go b/pkg/assembler/clients/generated/operations.go
diff --git a/pkg/assembler/clients/operations/trees.graphql b/pkg/assembler/clients/operations/trees.graphql
@@ -30,6 +30,7 @@ fragment AllPkgTree on Package {
       name
       versions {
         id
+        purl
         version
         qualifiers {
           key

diff --git a/pkg/ingestor/parser/cyclonedx/parser_cyclonedx.go b/pkg/ingestor/parser/cyclonedx/parser_cyclonedx.go
@@ -527,8 +527,9 @@ func (c *cyclonedxParser) findCDXPkgVersionIDs(ctx context.Context, pkgIdentifie
 	var pkgVersions []string
 	for _, depPkgVersion := range pkgResponse.Packages[0].Namespaces[0].Names[0].Versions {
 		pkgVersions = append(pkgVersions, depPkgVersion.Version)
-		// TODO (nathannaveen): use depPkgVersion.Purl instead of creating a new purl.
-		pkgVersionsMap[depPkgVersion.Version] = guacCDXPkgPurl(typeGUAC, depPkgVersion.Version, "", false)
+		//TODO (nathannaveen): use depPkgVersion.Purl instead of creating a new purl.
+		//pkgVersionsMap[depPkgVersion.Version] = guacCDXPkgPurl(typeGUAC, depPkgVersion.Version, "", false)
+		pkgVersionsMap[depPkgVersion.Version] = depPkgVersion.Purl
 	}
 
 	matchingDepPkgVersions, err := WhichVersionMatches(pkgVersions, versionRange)

diff --git a/pkg/ingestor/parser/cyclonedx/parser_cyclonedx_test.go b/pkg/ingestor/parser/cyclonedx/parser_cyclonedx_test.go
@@ -17,7 +17,6 @@ package cyclonedx
 
 import (
 	"context"
-	"github.com/Khan/genqlient/graphql"
 	"reflect"
 	"testing"
 	"time"
@@ -563,140 +562,6 @@ func noAnalysisVexPredicates() *assembler.IngestPredicates {
 	}
 }
 
-func Test_findCDXPkgVersionIDs(t *testing.T) {
-	testPypiPackage := model.PackagesPackagesPackage{}
-
-	testPypiPackage.Type = "type"
-	testPypiPackage.Namespaces = append(testPypiPackage.Namespaces, model.AllPkgTreeNamespacesPackageNamespace{
-		Id:        "",
-		Namespace: "namespace",
-		Names: []model.AllPkgTreeNamespacesPackageNamespaceNamesPackageName{
-			{
-				Name: "name",
-				Versions: []model.AllPkgTreeNamespacesPackageNamespaceNamesPackageNameVersionsPackageVersion{
-					{
-						Version: "1.11.1",
-					},
-					{
-						Version: "1.11.2",
-					},
-					{
-						Version: "2.33.1",
-					},
-					{
-						Version: "0.1.2",
-					},
-				},
-			},
-		},
-	})
-
-	type args struct {
-		ctx           context.Context
-		pkgIdentifier string
-		versionRange  string
-	}
-	tests := []struct {
-		name        string
-		args        args
-		getPackages func(ctx context.Context, client graphql.Client, filter model.PkgSpec) (*model.PackagesResponse, error)
-		want        []string
-		wantErr     bool
-	}{
-		{
-			name: "Default",
-			args: args{
-				ctx:           context.Background(),
-				pkgIdentifier: "identifier",
-				versionRange:  ">=1.0.0 <2.0.0",
-			},
-			getPackages: func(ctx context.Context, client graphql.Client, filter model.PkgSpec) (*model.PackagesResponse, error) {
-				return &model.PackagesResponse{
-					Packages: []model.PackagesPackagesPackage{testPypiPackage},
-				}, nil
-			},
-			want:    []string{"pkg:guac/pkg/[email protected]", "pkg:guac/pkg/[email protected]"},
-			wantErr: false,
-		},
-		{
-			name: "Multiple Ranges",
-			args: args{
-				ctx:           context.Background(),
-				pkgIdentifier: "identifier",
-				versionRange:  ">=1.0.0 <2.0.0 | >=0.0.0 <0.5.0",
-			},
-			getPackages: func(ctx context.Context, client graphql.Client, filter model.PkgSpec) (*model.PackagesResponse, error) {
-				return &model.PackagesResponse{
-					Packages: []model.PackagesPackagesPackage{testPypiPackage},
-				}, nil
-			},
-			want:    []string{"pkg:guac/pkg/[email protected]", "pkg:guac/pkg/[email protected]", "pkg:guac/pkg/[email protected]"},
-			wantErr: false,
-		},
-		{
-			name: "Explicit Equals",
-			args: args{
-				ctx:           context.Background(),
-				pkgIdentifier: "identifier",
-				versionRange:  "=2.33.1",
-			},
-			getPackages: func(ctx context.Context, client graphql.Client, filter model.PkgSpec) (*model.PackagesResponse, error) {
-				return &model.PackagesResponse{
-					Packages: []model.PackagesPackagesPackage{testPypiPackage},
-				}, nil
-			},
-			want:    []string{"pkg:guac/pkg/[email protected]"},
-			wantErr: false,
-		},
-		{
-			name: "Implicit Equals",
-			args: args{
-				ctx:           context.Background(),
-				pkgIdentifier: "identifier",
-				versionRange:  "2.33.1",
-			},
-			getPackages: func(ctx context.Context, client graphql.Client, filter model.PkgSpec) (*model.PackagesResponse, error) {
-				return &model.PackagesResponse{
-					Packages: []model.PackagesPackagesPackage{testPypiPackage},
-				}, nil
-			},
-			want:    []string{"pkg:guac/pkg/[email protected]"},
-			wantErr: false,
-		},
-	}
-	for _, test := range tests {
-		t.Run(test.name, func(t *testing.T) {
-			getPackages = test.getPackages
-
-			c := cyclonedxParser{
-				gqlClient: nil,
-			}
-
-			got, err := c.findCDXPkgVersionIDs(test.args.ctx, test.args.pkgIdentifier, test.args.versionRange)
-			if (err != nil) != test.wantErr {
-				t.Errorf("findCDXPkgVersionIDs() error = %v, wantErr %v", err, test.wantErr)
-				return
-			}
-			if len(got) != len(test.want) {
-				t.Errorf("findCDXPkgVersionIDs() got = %v, want = %v", got, test.want)
-				return
-			}
-			wantValues := map[string]bool{}
-			for _, val := range test.want {
-				wantValues[val] = true
-			}
-			for _, val := range got {
-				if wantValues[val] {
-					delete(wantValues, val)
-				} else {
-					t.Errorf("findCDXPkgVersionIDs() got = %v, want = %v", got, test.want)
-					return
-				}
-			}
-		})
-	}
-}
-
 func Test_parseVersionRange(t *testing.T) {
 	type args struct {
 		rangeStr string