github

package

v0.0.1 Latest Latest Go to latest Published: Feb 13, 2025 License: Apache-2.0 Imports: 21 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/interlynk-io/sbommv

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func CloneRepoWithGit(ctx *tcontext.TransferMetadata, repoURL, branch, targetDir string) error
func GenerateSBOM(ctx *tcontext.TransferMetadata, repoDir, binaryPath string) (string, error)
func ParseGitHubURL(url string) (owner, repo string, err error)
type Asset
type Client
- func NewClient(g *GitHubAdapter) *Client
- func (c *Client) DownloadAsset(ctx *tcontext.TransferMetadata, downloadURL string) (io.ReadCloser, error)
- func (c *Client) DownloadSBOM(ctx *tcontext.TransferMetadata, asset SBOMAsset) ([]byte, error)
- func (c *Client) FetchSBOMFromAPI(ctx *tcontext.TransferMetadata) ([]byte, error)
- func (c *Client) FindSBOMs(ctx *tcontext.TransferMetadata) ([]SBOMAsset, error)
- func (c *Client) GetAllRepositories(ctx *tcontext.TransferMetadata) ([]string, error)
- func (c *Client) GetReleases(ctx *tcontext.TransferMetadata, owner, repo string) ([]Release, error)
- func (c *Client) GetSBOMs(ctx *tcontext.TransferMetadata) (VersionedSBOMs, error)
type GitHubAdapter
- func (g *GitHubAdapter) AddCommandParams(cmd *cobra.Command)
- func (g *GitHubAdapter) DryRun(ctx *tcontext.TransferMetadata, iterator iterator.SBOMIterator) error
- func (g *GitHubAdapter) FetchSBOMs(ctx *tcontext.TransferMetadata) (iterator.SBOMIterator, error)
- func (g *GitHubAdapter) ParseAndValidateParams(cmd *cobra.Command) error
- func (g *GitHubAdapter) UploadSBOMs(ctx *tcontext.TransferMetadata, iterator iterator.SBOMIterator) error
type GitHubIterator
- func NewGitHubIterator(ctx *tcontext.TransferMetadata, g *GitHubAdapter, repo string) (*GitHubIterator, error)
- func (it *GitHubIterator) Next(ctx context.Context) (*iterator.SBOM, error)
type GitHubMethod
type GitHubSBOMResponse
type ProcessingMode
type Release
type SBOMAsset
type SBOMData
type VersionedSBOMs

Constants ¶

This section is empty.

Variables ¶

View Source

var SupportedTools = map[string]string{
	"syft":    "https://github.com/anchore/syft.git",
	"spdxgen": "https://github.com/spdx/spdx-sbom-generator.git",
}

SupportedTools maps tool names to their GitHub repositories

Functions ¶

func CloneRepoWithGit ¶

func CloneRepoWithGit(ctx *tcontext.TransferMetadata, repoURL, branch, targetDir string) error

CloneRepoWithGit clones a GitHub repository using the Git command-line tool.

func GenerateSBOM ¶

func GenerateSBOM(ctx *tcontext.TransferMetadata, repoDir, binaryPath string) (string, error)

func ParseGitHubURL ¶

func ParseGitHubURL(url string) (owner, repo string, err error)

ParseGitHubURL parses a GitHub URL into owner and repository

Types ¶

type Asset ¶

type Asset struct {
	Name        string `json:"name"`
	DownloadURL string `json:"browser_download_url"`
	Size        int    `json:"size"`
}

Asset represents a GitHub release asset (e.g., SBOM files)

type Client ¶

type Client struct {
	BaseURL      string
	RepoURL      string
	Organization string
	Owner        string
	Repo         string
	Version      string
	Method       string
	Branch       string
	Token        string
	// contains filtered or unexported fields
}

Client interacts with the GitHub API

func NewClient ¶

func NewClient(g *GitHubAdapter) *Client

NewClient initializes a GitHub client

func (*Client) DownloadAsset ¶

func (c *Client) DownloadAsset(ctx *tcontext.TransferMetadata, downloadURL string) (io.ReadCloser, error)

DownloadAsset downloads a release asset from download url of SBOM

func (*Client) DownloadSBOM ¶

func (c *Client) DownloadSBOM(ctx *tcontext.TransferMetadata, asset SBOMAsset) ([]byte, error)

DownloadSBOM fetches an SBOM from its download URL

func (*Client) FetchSBOMFromAPI ¶

func (c *Client) FetchSBOMFromAPI(ctx *tcontext.TransferMetadata) ([]byte, error)

func (*Client) FindSBOMs ¶

func (c *Client) FindSBOMs(ctx *tcontext.TransferMetadata) ([]SBOMAsset, error)

FindSBOMs gets all releases assets from github release page filter out the particular provided release asset and extract SBOMs from that

func (*Client) GetAllRepositories ¶

func (c *Client) GetAllRepositories(ctx *tcontext.TransferMetadata) ([]string, error)

func (*Client) GetReleases ¶

func (c *Client) GetReleases(ctx *tcontext.TransferMetadata, owner, repo string) ([]Release, error)

GetReleases fetches all releases for a repository

func (*Client) GetSBOMs ¶

func (c *Client) GetSBOMs(ctx *tcontext.TransferMetadata) (VersionedSBOMs, error)

GetSBOMs downloads and saves all SBOM files found in the repository

type GitHubAdapter ¶

type GitHubAdapter struct {
	URL        string
	Repo       string
	Owner      string
	Version    string
	Branch     string
	Method     string
	BinaryPath string

	GithubToken string
	Role        types.AdapterRole

	// Comma-separated list (e.g., "repo1,repo2")
	IncludeRepos []string
	ExcludeRepos []string
	// contains filtered or unexported fields
}

GitHubAdapter handles fetching SBOMs from GitHub releases

func (*GitHubAdapter) AddCommandParams ¶

func (g *GitHubAdapter) AddCommandParams(cmd *cobra.Command)

AddCommandParams adds GitHub-specific CLI flags

func (*GitHubAdapter) DryRun ¶

func (g *GitHubAdapter) DryRun(ctx *tcontext.TransferMetadata, iterator iterator.SBOMIterator) error

DryRun for Input Adapter: Displays all fetched SBOMs from input adapter

func (*GitHubAdapter) FetchSBOMs ¶

func (g *GitHubAdapter) FetchSBOMs(ctx *tcontext.TransferMetadata) (iterator.SBOMIterator, error)

FetchSBOMs initializes the GitHub SBOM iterator using the unified method

func (*GitHubAdapter) ParseAndValidateParams ¶

func (g *GitHubAdapter) ParseAndValidateParams(cmd *cobra.Command) error

ParseAndValidateParams validates the GitHub adapter params

func (*GitHubAdapter) UploadSBOMs ¶

func (g *GitHubAdapter) UploadSBOMs(ctx *tcontext.TransferMetadata, iterator iterator.SBOMIterator) error

OutputSBOMs should return an error since GitHub does not support SBOM uploads

type GitHubIterator ¶

type GitHubIterator struct {
	// contains filtered or unexported fields
}

// GitHubIterator iterates over SBOMs fetched from GitHub (API, Release, Tool)

func NewGitHubIterator ¶

func NewGitHubIterator(ctx *tcontext.TransferMetadata, g *GitHubAdapter, repo string) (*GitHubIterator, error)

NewGitHubIterator initializes the iterator based on the GitHub method

func (*GitHubIterator) Next ¶

func (it *GitHubIterator) Next(ctx context.Context) (*iterator.SBOM, error)

Next returns the next SBOM from the stored list

type GitHubMethod ¶

type GitHubMethod string

const (
	// MethodReleases searches for SBOMs in GitHub releases
	MethodReleases GitHubMethod = "release"

	// // MethodReleases searches for SBOMs in GitHub releases
	MethodAPI GitHubMethod = "api"

	// MethodGenerate clones the repo and generates SBOMs using external Tools
	MethodTool GitHubMethod = "tool"
)

type GitHubSBOMResponse ¶

type GitHubSBOMResponse struct {
	SBOM json.RawMessage `json:"sbom"` // Extract SBOM as raw JSON
}

GitHubSBOMResponse holds the JSON structure returned by GitHub API

type ProcessingMode ¶

type ProcessingMode string

const (
	FetchParallel   ProcessingMode = "parallel"
	FetchSequential ProcessingMode = "sequential"
)

type Release ¶

type Release struct {
	TagName string  `json:"tag_name"`
	Assets  []Asset `json:"assets"`
}

Release represents a GitHub release containing assets

type SBOMAsset ¶

type SBOMAsset struct {
	Release     string
	Name        string
	DownloadURL string
	Size        int
}

SBOMAsset represents an SBOM file found in a GitHub release

type SBOMData ¶

type SBOMData struct {
	Content  []byte
	Filename string
}

type VersionedSBOMs ¶

type VersionedSBOMs map[string][]SBOMData

VersionedSBOMs maps versions to their respective SBOMs in that version type VersionedSBOMs map[string][]string

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL