Skip to content

Commit

Permalink
Add additional link for sboms
Browse files Browse the repository at this point in the history 
  fixes goharbor#20346

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
  • Loading branch information
@stonezdj
stonezdj committed May 13, 2024
1 parent 232f9ba commit 88204cb
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 0 deletions.
13 changes: 13 additions & 0 deletions src/controller/artifact/model.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -80,6 +80,19 @@ func (artifact *Artifact) SetAdditionLink(addition, version string) {
artifact.AdditionLinks[addition] = &AdditionLink{HREF: href, Absolute: false}
}

func (artifact *Artifact) SetSBOMAdditionLink(sbomDgst string, version string) {
if artifact.AdditionLinks == nil {
artifact.AdditionLinks = make(map[string]*AdditionLink)
}
addition := "sboms"
projectName, repo := utils.ParseRepository(artifact.RepositoryName)
// encode slash as %252F
repo = repository.Encode(repo)
href := fmt.Sprintf("/api/%s/projects/%s/repositories/%s/artifacts/%s/additions/%s", version, projectName, repo, sbomDgst, addition)

artifact.AdditionLinks[addition] = &AdditionLink{HREF: href, Absolute: false}
}

// AdditionLink is a link via that the addition can be fetched
type AdditionLink struct {
HREF string `json:"href"`
Expand Down
9 changes: 9 additions & 0 deletions src/server/v2.0/handler/assembler/report.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ import (

const (
vulnerabilitiesAddition = "vulnerabilities"
sbomAddition = "sbom"
)

// NewScanReportAssembler returns vul assembler
Expand Down Expand Up @@ -84,6 +85,9 @@ func (assembler *ScanReportAssembler) Assemble(ctx context.Context) error {
}
}
}

// set sbom additional link if it is supported, use the empty digest
artifact.SetSBOMAdditionLink("", version)
if assembler.overviewOption.WithSBOM {
overview, err := assembler.scanCtl.GetSummary(ctx, &artifact.Artifact, []string{v1.MimeTypeSBOMReport})
if err != nil {
Expand All @@ -99,6 +103,11 @@ func (assembler *ScanReportAssembler) Assemble(ctx context.Context) error {
sbomModel.ReportID: overview[sbomModel.ReportID],
sbomModel.Scanner: overview[sbomModel.Scanner],
}

if sbomDgst, ok := overview[sbomModel.SBOMDigest].(string); ok {
// set additional link for sbom digest
artifact.SetSBOMAdditionLink(sbomDgst, version)
}
}
}
}
Expand Down

0 comments on commit 88204cb

Please sign in to comment.