Add unit tests for SBOM ingestion and transformation
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
- Implement `SbomIngestServiceCollectionExtensionsTests` to verify the SBOM ingestion pipeline exports snapshots correctly. - Create `SbomIngestTransformerTests` to ensure the transformation produces expected nodes and edges, including deduplication of license nodes and normalization of timestamps. - Add `SbomSnapshotExporterTests` to test the export functionality for manifest, adjacency, nodes, and edges. - Introduce `VexOverlayTransformerTests` to validate the transformation of VEX nodes and edges. - Set up project file for the test project with necessary dependencies and configurations. - Include JSON fixture files for testing purposes.
This commit is contained in:
master
@@ -0,0 +1,72 @@
|
||||
using System.Text.Json.Nodes;
|
||||
using StellaOps.Findings.Ledger.Domain;
|
||||
using StellaOps.Findings.Ledger.WebService.Contracts;
|
||||
|
||||
namespace StellaOps.Findings.Ledger.WebService.Mappings;
|
||||
|
||||
public static class LedgerEventMapping
|
||||
{
|
||||
public static LedgerEventDraft ToDraft(this LedgerEventRequest request)
|
||||
{
|
||||
ArgumentNullException.ThrowIfNull(request);
|
||||
|
||||
var recordedAt = (request.RecordedAt ?? DateTimeOffset.UtcNow).ToUniversalTime();
|
||||
var payload = request.Payload is null ? new JsonObject() : (JsonObject)request.Payload.DeepClone();
|
||||
|
||||
var eventObject = new JsonObject
|
||||
{
|
||||
["id"] = request.EventId.ToString(),
|
||||
["type"] = request.EventType,
|
||||
["tenant"] = request.TenantId,
|
||||
["chainId"] = request.ChainId.ToString(),
|
||||
["sequence"] = request.Sequence,
|
||||
["policyVersion"] = request.PolicyVersion,
|
||||
["artifactId"] = request.ArtifactId,
|
||||
["finding"] = new JsonObject
|
||||
{
|
||||
["id"] = request.Finding.Id,
|
||||
["artifactId"] = request.Finding.ArtifactId ?? request.ArtifactId,
|
||||
["vulnId"] = request.Finding.VulnId
|
||||
},
|
||||
["actor"] = new JsonObject
|
||||
{
|
||||
["id"] = request.Actor.Id,
|
||||
["type"] = request.Actor.Type
|
||||
},
|
||||
["occurredAt"] = FormatTimestamp(request.OccurredAt),
|
||||
["recordedAt"] = FormatTimestamp(recordedAt),
|
||||
["payload"] = payload
|
||||
};
|
||||
|
||||
if (request.SourceRunId is Guid sourceRunId && sourceRunId != Guid.Empty)
|
||||
{
|
||||
eventObject["sourceRunId"] = sourceRunId.ToString();
|
||||
}
|
||||
|
||||
var envelope = new JsonObject
|
||||
{
|
||||
["event"] = eventObject
|
||||
};
|
||||
|
||||
return new LedgerEventDraft(
|
||||
request.TenantId,
|
||||
request.ChainId,
|
||||
request.Sequence,
|
||||
request.EventId,
|
||||
request.EventType,
|
||||
request.PolicyVersion,
|
||||
request.Finding.Id,
|
||||
request.ArtifactId,
|
||||
request.SourceRunId,
|
||||
request.Actor.Id,
|
||||
request.Actor.Type,
|
||||
request.OccurredAt.ToUniversalTime(),
|
||||
recordedAt,
|
||||
payload,
|
||||
envelope,
|
||||
request.PreviousHash);
|
||||
}
|
||||
|
||||
private static string FormatTimestamp(DateTimeOffset value)
|
||||
=> value.ToUniversalTime().ToString("yyyy-MM-dd'T'HH:mm:ss.fff'Z'");
|
||||
}
|
||||
Reference in New Issue
Block a user