Class: Gitlab::Ci::Parsers::Sbom::CyclonedxProperties
- Inherits:
-
Object
- Object
- Gitlab::Ci::Parsers::Sbom::CyclonedxProperties
- Defined in:
- lib/gitlab/ci/parsers/sbom/cyclonedx_properties.rb
Overview
Parses GitLab CycloneDX metadata properties which are defined by the taxonomy at docs.gitlab.com/ee/development/sec/cyclonedx_property_taxonomy.html
This parser knows how to process schema version 1 and will not attempt to parse later versions. Each source type has it’s own namespace in the property schema, and is also given its own parser. Properties are filtered by namespace, and then passed to each source parser for processing.
Constant Summary collapse
- SUPPORTED_SCHEMA_VERSION =
'1'
- GITLAB_PREFIX =
'gitlab:'
- AQUASECURITY_PREFIX =
'aquasecurity:'
- SOURCE_PARSERS =
{ 'dependency_scanning' => ::Gitlab::Ci::Parsers::Sbom::Source::DependencyScanning, 'dependency_scanning_component' => ::Gitlab::Ci::Parsers::Sbom::Source::DependencyScanningComponent, 'container_scanning' => ::Gitlab::Ci::Parsers::Sbom::Source::ContainerScanning, 'container_scanning_for_registry' => ::Gitlab::Ci::Parsers::Sbom::Source::ContainerScanningForRegistry, 'trivy' => ::Gitlab::Ci::Parsers::Sbom::Source::Trivy }.freeze
- SUPPORTED_PROPERTIES =
%w[ meta:schema_version dependency_scanning:category dependency_scanning:input_file:path dependency_scanning:source_file:path dependency_scanning:package_manager:name dependency_scanning:language:name dependency_scanning_component:reachability container_scanning:image:name container_scanning:image:tag container_scanning:operating_system:name container_scanning:operating_system:version container_scanning_for_registry:image:name container_scanning_for_registry:image:tag container_scanning_for_registry:operating_system:name container_scanning_for_registry:operating_system:version trivy:PkgID trivy:PkgType trivy:SrcName trivy:SrcVersion trivy:SrcRelease trivy:SrcEpoch trivy:Modularitylabel trivy:FilePath trivy:LayerDigest trivy:LayerDiffID ].freeze
Class Method Summary collapse
Instance Method Summary collapse
-
#initialize(properties) ⇒ CyclonedxProperties
constructor
A new instance of CyclonedxProperties.
- #parse_component_source ⇒ Object
- #parse_source ⇒ Object
Constructor Details
#initialize(properties) ⇒ CyclonedxProperties
Returns a new instance of CyclonedxProperties.
62 63 64 |
# File 'lib/gitlab/ci/parsers/sbom/cyclonedx_properties.rb', line 62 def initialize(properties) @properties = properties end |
Class Method Details
.parse_component_source ⇒ Object
58 59 60 |
# File 'lib/gitlab/ci/parsers/sbom/cyclonedx_properties.rb', line 58 def self.parse_component_source(...) new(...).parse_component_source end |
.parse_source ⇒ Object
54 55 56 |
# File 'lib/gitlab/ci/parsers/sbom/cyclonedx_properties.rb', line 54 def self.parse_source(...) new(...).parse_source end |
Instance Method Details
#parse_component_source ⇒ Object
73 74 75 76 77 |
# File 'lib/gitlab/ci/parsers/sbom/cyclonedx_properties.rb', line 73 def parse_component_source return unless properties.present? source end |
#parse_source ⇒ Object
66 67 68 69 70 71 |
# File 'lib/gitlab/ci/parsers/sbom/cyclonedx_properties.rb', line 66 def parse_source return unless properties.present? return unless supported_schema_version? source end |