Skip to content

Commit 5b55f43

Browse files
tamilariUrist-McGit
tamilari
authored and
Urist-McGit
committed
test(generation): add test for vcs informaiton
Signed-off-by: Tamino Larisch <[email protected]>
1 parent 5bfad87 commit 5b55f43

File tree

1 file changed

+18
-0
lines changed

1 file changed

+18
-0
lines changed

tests/test_generation.py

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -192,6 +192,14 @@ def test_apt_source_pkg(tmpdir, sbom_generator):
192192
"algorithm": "SHA256",
193193
"checksumValue": "cd75da7829d819189ba6154d408666373b307e222b393223804c4c4a7156f421",
194194
} in pkg["checksums"]
195+
externalRefs = pkg["externalRefs"]
196+
assert len(externalRefs) == 2
197+
for ref in externalRefs:
198+
if ref["referenceType"] == "vcs":
199+
assert (
200+
ref["referenceLocator"]
201+
== "https://salsa.debian.org/toolchain-team/binutils.git"
202+
)
195203
if pkg["SPDXID"].endswith("binutils-arm-none-eabi-amd64"):
196204
assert {
197205
"algorithm": "MD5",
@@ -201,6 +209,16 @@ def test_apt_source_pkg(tmpdir, sbom_generator):
201209
"algorithm": "SHA256",
202210
"checksumValue": "c8f9da2a434366bfe5a66a8267cb3b1df028f1d95278715050c222b43e1c221c",
203211
}
212+
with open(outdir / "sbom.cdx.json") as file:
213+
spdx_json = json.loads(file.read())
214+
packages = spdx_json["components"]
215+
for pkg in packages:
216+
if pkg["bom-ref"].endswith("[email protected]?arch=source"):
217+
externalRefs = pkg["externalReferences"]
218+
assert len(externalRefs) == 2
219+
for ref in externalRefs:
220+
if ref["type"] == "vcs":
221+
assert ref["url"] == "https://salsa.debian.org/toolchain-team/binutils.git"
204222

205223

206224
def test_apt_pkgs_stream(tmpdir, sbom_generator):

0 commit comments

Comments
 (0)