Class: Sbom::Spdx::Generator

Inherits:

Object

• Object
• Sbom::Spdx::Generator

Defined in:

lib/sbom/spdx/generator.rb

Constant Summary

SPDX_VERSION =

"SPDX-2.3"

SPDX_NAMESPACE =

"http://spdx.org/spdxdocs/"

FORMAT_TAG =

:tag

FORMAT_JSON =

:json

FORMAT_YAML =

:yaml

LIFECYCLE_MAP =

{
  "design" => "Design",
  "pre-build" => "Source",
  "build" => "Build",
  "post-build" => "Analyzed",
  "operations" => "Deployed",
  "discovery" => "Runtime"
}.freeze

Instance Method Summary

• #generate(project_name, sbom_data) ⇒ Object
• #initialize(format: FORMAT_TAG, application: "sbom", version: Sbom::VERSION) ⇒ Generator constructor

  A new instance of Generator.

• #output ⇒ Object
• #to_h ⇒ Object

Constructor Details

#initialize(format: FORMAT_TAG, application: "sbom", version: Sbom::VERSION) ⇒ Generator

Returns a new instance of Generator.

# File 'lib/sbom/spdx/generator.rb', line 27

def initialize(format: FORMAT_TAG, application: "sbom", version: Sbom::VERSION)
  @format = validate_format(format)
  @application = application
  @version = version
  @spec_version = ENV.fetch("SBOM_SPDX_VERSION", SPDX_VERSION)
  @organization = ENV["SBOM_ORGANIZATION"]

  @tag_output = []
  @json_output = {}
  @packages = []
  @files = []
  @relationships = []
  @licenses = []
  @elements = {}
end

Instance Method Details

#generate(project_name, sbom_data) ⇒ Object

# File 'lib/sbom/spdx/generator.rb', line 43

def generate(project_name, sbom_data)
  return if sbom_data.nil? || (sbom_data.respond_to?(:empty?) && sbom_data.empty?)

  data = sbom_data.is_a?(Hash) ? sbom_data : sbom_data.to_h

  @spec_version = data[:version] if data[:version]&.start_with?("SPDX")
  uuid = data[:uuid]

  doc_name = extract_document_name(data, project_name)
  organization = extract_organization(data)
  lifecycle = extract_lifecycle(data)

  generate_document_header(doc_name, uuid, lifecycle, organization)
  generate_packages(data[:packages])
  generate_files(data[:files])
  generate_relationships(data[:relationships])
  generate_license_info(data[:licenses])

  finalize_output
end

#output ⇒ Object

# File 'lib/sbom/spdx/generator.rb', line 64

def output
  case @format
  when FORMAT_JSON
    JSON.pretty_generate(@json_output)
  when FORMAT_YAML
    @json_output.to_yaml
  else
    @tag_output.join("\n")
  end
end

#to_h ⇒ Object

# File 'lib/sbom/spdx/generator.rb', line 75

def to_h
  @json_output
end