github

package
v0.0.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 21, 2025 License: Apache-2.0 Imports: 21 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var SupportedTools = map[string]string{
	"syft":    "https://github.com/anchore/syft.git",
	"spdxgen": "https://github.com/spdx/spdx-sbom-generator.git",
}

SupportedTools maps tool names to their GitHub repositories

Functions

func CloneRepoWithGit 

func CloneRepoWithGit(ctx *tcontext.TransferMetadata, repoURL, branch, targetDir string) error

CloneRepoWithGit clones a GitHub repository using the Git command-line tool.

func GenerateSBOM 

func GenerateSBOM(ctx *tcontext.TransferMetadata, repoDir, binaryPath string) (string, error)

Types

type Asset 

type Asset struct {
	Name        string `json:"name"`
	DownloadURL string `json:"browser_download_url"`
	Size        int    `json:"size"`
}

Asset represents a GitHub release asset (e.g., SBOM files)

type Client 

type Client struct {
	BaseURL      string
	RepoURL      string
	Organization string
	Owner        string
	Repo         string
	Version      string
	Method       string
	Branch       string
	Token        string
	// contains filtered or unexported fields
}

Client interacts with the GitHub API

func NewClient 

func NewClient(g *GitHubAdapter) *Client

NewClient initializes a GitHub client

func (*Client) DownloadAsset 

func (c *Client) DownloadAsset(ctx *tcontext.TransferMetadata, downloadURL string) (io.ReadCloser, error)

DownloadAsset downloads a release asset from download url of SBOM

func (*Client) FetchSBOMFromAPI 

func (c *Client) FetchSBOMFromAPI(ctx *tcontext.TransferMetadata) ([]byte, error)

func (*Client) FindSBOMs 

func (c *Client) FindSBOMs(ctx *tcontext.TransferMetadata) ([]SBOMAsset, error)

FindSBOMs gets all releases assets from github release page filter out the particular provided release asset and extract SBOMs from that

func (*Client) GetAllRepositories 

func (c *Client) GetAllRepositories(ctx *tcontext.TransferMetadata) ([]string, error)

func (*Client) GetReleases 

func (c *Client) GetReleases(ctx *tcontext.TransferMetadata, owner, repo string) ([]Release, error)

GetReleases fetches all releases for a repository

func (*Client) GetSBOMs 

func (c *Client) GetSBOMs(ctx *tcontext.TransferMetadata) (VersionedSBOMs, error)

GetSBOMs downloads and saves all SBOM files found in the repository

type GitHubAdapter 

type GitHubAdapter struct {
	URL        string
	Repo       string
	Owner      string
	Version    string
	Branch     string
	Method     string
	BinaryPath string

	GithubToken string
	Role        types.AdapterRole

	// Comma-separated list (e.g., "repo1,repo2")
	IncludeRepos []string
	ExcludeRepos []string
	// contains filtered or unexported fields
}

GitHubAdapter handles fetching SBOMs from GitHub releases

func (*GitHubAdapter) AddCommandParams 

func (g *GitHubAdapter) AddCommandParams(cmd *cobra.Command)

AddCommandParams adds GitHub-specific CLI flags

func (*GitHubAdapter) DryRun 

func (g *GitHubAdapter) DryRun(ctx *tcontext.TransferMetadata, iterator iterator.SBOMIterator) error

DryRun for Input Adapter: Displays all fetched SBOMs from input adapter

func (*GitHubAdapter) FetchSBOMs 

func (g *GitHubAdapter) FetchSBOMs(ctx *tcontext.TransferMetadata) (iterator.SBOMIterator, error)

FetchSBOMs initializes the GitHub SBOM iterator using the unified method

func (*GitHubAdapter) ParseAndValidateParams 

func (g *GitHubAdapter) ParseAndValidateParams(cmd *cobra.Command) error

ParseAndValidateParams validates the GitHub adapter params

func (*GitHubAdapter) UploadSBOMs 

func (g *GitHubAdapter) UploadSBOMs(ctx *tcontext.TransferMetadata, iterator iterator.SBOMIterator) error

OutputSBOMs should return an error since GitHub does not support SBOM uploads

type GitHubIterator 

type GitHubIterator struct {
	// contains filtered or unexported fields
}

// GitHubIterator iterates over SBOMs fetched from GitHub (API, Release, Tool)

func NewGitHubIterator 

func NewGitHubIterator(ctx *tcontext.TransferMetadata, g *GitHubAdapter, repo string) *GitHubIterator

NewGitHubIterator initializes and returns a new GitHubIterator instance

func (*GitHubIterator) HandleSBOMFetchingViaIterator added in v0.0.2 

func (it *GitHubIterator) HandleSBOMFetchingViaIterator(ctx *tcontext.TransferMetadata, method GitHubMethod) error

FetchSBOMs fetches SBOMs for the given GitHubIterator instance

func (*GitHubIterator) Next 

func (it *GitHubIterator) Next(ctx context.Context) (*iterator.SBOM, error)

Next returns the next SBOM from the stored list

type GitHubMethod 

type GitHubMethod string
const (
	// MethodReleases searches for SBOMs in GitHub releases
	MethodReleases GitHubMethod = "release"

	// // MethodReleases searches for SBOMs in GitHub releases
	MethodAPI GitHubMethod = "api"

	// MethodGenerate clones the repo and generates SBOMs using external Tools
	MethodTool GitHubMethod = "tool"
)

type GitHubSBOMResponse 

type GitHubSBOMResponse struct {
	SBOM json.RawMessage `json:"sbom"` // Extract SBOM as raw JSON
}

GitHubSBOMResponse holds the JSON structure returned by GitHub API

type Release 

type Release struct {
	TagName string  `json:"tag_name"`
	Assets  []Asset `json:"assets"`
}

Release represents a GitHub release containing assets

type SBOMAsset 

type SBOMAsset struct {
	Release     string
	Name        string
	DownloadURL string
	Size        int
}

SBOMAsset represents an SBOM file found in a GitHub release

type SBOMData 

type SBOMData struct {
	Content  []byte
	Filename string
}

type VersionedSBOMs 

type VersionedSBOMs map[string][]SBOMData

VersionedSBOMs maps versions to their respective SBOMs in that version type VersionedSBOMs map[string][]string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.