tests fixes and sprints work
This commit is contained in:
master
@@ -5,6 +5,9 @@ using System.Linq;
|
||||
using StellaOps.Policy;
|
||||
using StellaOps.Policy.Confidence.Models;
|
||||
using StellaOps.Policy.Exceptions.Models;
|
||||
using StellaOps.Policy.Licensing;
|
||||
using StellaOps.Policy.NtiaCompliance;
|
||||
using StellaOps.Concelier.SbomIntegration.Models;
|
||||
using StellaOps.Policy.Unknowns.Models;
|
||||
using StellaOps.PolicyDsl;
|
||||
using StellaOps.Signals.EvidenceWeightedScore;
|
||||
@@ -96,16 +99,21 @@ internal sealed record PolicyEvaluationVexStatement(
|
||||
|
||||
internal sealed record PolicyEvaluationSbom(
|
||||
ImmutableHashSet<string> Tags,
|
||||
ImmutableArray<PolicyEvaluationComponent> Components)
|
||||
ImmutableArray<PolicyEvaluationComponent> Components,
|
||||
LicenseComplianceReport? LicenseReport = null)
|
||||
{
|
||||
public ParsedSbom? Parsed { get; init; }
|
||||
public NtiaComplianceReport? NtiaReport { get; init; }
|
||||
|
||||
public PolicyEvaluationSbom(ImmutableHashSet<string> Tags)
|
||||
: this(Tags, ImmutableArray<PolicyEvaluationComponent>.Empty)
|
||||
: this(Tags, ImmutableArray<PolicyEvaluationComponent>.Empty, null)
|
||||
{
|
||||
}
|
||||
|
||||
public static readonly PolicyEvaluationSbom Empty = new(
|
||||
ImmutableHashSet<string>.Empty.WithComparer(StringComparer.OrdinalIgnoreCase),
|
||||
ImmutableArray<PolicyEvaluationComponent>.Empty);
|
||||
ImmutableArray<PolicyEvaluationComponent>.Empty,
|
||||
null);
|
||||
|
||||
public bool HasTag(string tag) => Tags.Contains(tag);
|
||||
}
|
||||
|
||||
@@ -4,6 +4,8 @@ using System.Collections.Immutable;
|
||||
using System.Globalization;
|
||||
using System.Linq;
|
||||
using StellaOps.PolicyDsl;
|
||||
using StellaOps.Policy.Licensing;
|
||||
using StellaOps.Policy.NtiaCompliance;
|
||||
using StellaOps.Signals.EvidenceWeightedScore;
|
||||
|
||||
namespace StellaOps.Policy.Engine.Evaluation;
|
||||
@@ -109,6 +111,31 @@ internal sealed class PolicyExpressionEvaluator
|
||||
return sbom.Get(member.Member);
|
||||
}
|
||||
|
||||
if (raw is LicenseScope licenseScope)
|
||||
{
|
||||
return licenseScope.Get(member.Member);
|
||||
}
|
||||
|
||||
if (raw is NtiaScope ntiaScope)
|
||||
{
|
||||
return ntiaScope.Get(member.Member);
|
||||
}
|
||||
|
||||
if (raw is LicenseFindingScope findingScope)
|
||||
{
|
||||
return findingScope.Get(member.Member);
|
||||
}
|
||||
|
||||
if (raw is LicenseUsageScope usageScope)
|
||||
{
|
||||
return usageScope.Get(member.Member);
|
||||
}
|
||||
|
||||
if (raw is LicenseConflictScope conflictScope)
|
||||
{
|
||||
return conflictScope.Get(member.Member);
|
||||
}
|
||||
|
||||
if (raw is ReachabilityScope reachability)
|
||||
{
|
||||
return reachability.Get(member.Member);
|
||||
@@ -541,6 +568,33 @@ internal sealed class PolicyExpressionEvaluator
|
||||
.ToImmutableArray());
|
||||
}
|
||||
|
||||
if (member.Equals("license", StringComparison.OrdinalIgnoreCase))
|
||||
{
|
||||
return new EvaluationValue(new LicenseScope(sbom.LicenseReport));
|
||||
}
|
||||
|
||||
if (member.Equals("license_status", StringComparison.OrdinalIgnoreCase))
|
||||
{
|
||||
var status = sbom.LicenseReport?.OverallStatus.ToString().ToLowerInvariant() ?? "unknown";
|
||||
return new EvaluationValue(status);
|
||||
}
|
||||
|
||||
if (member.Equals("ntia", StringComparison.OrdinalIgnoreCase))
|
||||
{
|
||||
return new EvaluationValue(new NtiaScope(sbom.NtiaReport));
|
||||
}
|
||||
|
||||
if (member.Equals("ntia_status", StringComparison.OrdinalIgnoreCase))
|
||||
{
|
||||
var status = sbom.NtiaReport?.OverallStatus.ToString().ToLowerInvariant() ?? "unknown";
|
||||
return new EvaluationValue(status);
|
||||
}
|
||||
|
||||
if (member.Equals("ntia_score", StringComparison.OrdinalIgnoreCase))
|
||||
{
|
||||
return new EvaluationValue(sbom.NtiaReport?.ComplianceScore);
|
||||
}
|
||||
|
||||
return EvaluationValue.Null;
|
||||
}
|
||||
|
||||
@@ -594,6 +648,187 @@ internal sealed class PolicyExpressionEvaluator
|
||||
}
|
||||
}
|
||||
|
||||
private sealed class LicenseScope
|
||||
{
|
||||
private readonly LicenseComplianceReport? report;
|
||||
|
||||
public LicenseScope(LicenseComplianceReport? report)
|
||||
{
|
||||
this.report = report;
|
||||
}
|
||||
|
||||
public EvaluationValue Get(string member)
|
||||
{
|
||||
if (report is null)
|
||||
{
|
||||
return EvaluationValue.Null;
|
||||
}
|
||||
|
||||
return member.ToLowerInvariant() switch
|
||||
{
|
||||
"status" => new EvaluationValue(report.OverallStatus.ToString().ToLowerInvariant()),
|
||||
"findings" => new EvaluationValue(report.Findings
|
||||
.Select(finding => (object?)new LicenseFindingScope(finding))
|
||||
.ToImmutableArray()),
|
||||
"conflicts" => new EvaluationValue(report.Conflicts
|
||||
.Select(conflict => (object?)new LicenseConflictScope(conflict))
|
||||
.ToImmutableArray()),
|
||||
"inventory" => new EvaluationValue(report.Inventory.Licenses
|
||||
.Select(usage => (object?)new LicenseUsageScope(usage))
|
||||
.ToImmutableArray()),
|
||||
_ => EvaluationValue.Null
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
private sealed class NtiaScope
|
||||
{
|
||||
private readonly NtiaComplianceReport? report;
|
||||
|
||||
public NtiaScope(NtiaComplianceReport? report)
|
||||
{
|
||||
this.report = report;
|
||||
}
|
||||
|
||||
public EvaluationValue Get(string member)
|
||||
{
|
||||
if (report is null)
|
||||
{
|
||||
return EvaluationValue.Null;
|
||||
}
|
||||
|
||||
return member.ToLowerInvariant() switch
|
||||
{
|
||||
"status" => new EvaluationValue(report.OverallStatus.ToString().ToLowerInvariant()),
|
||||
"score" => new EvaluationValue(report.ComplianceScore),
|
||||
"supplier_status" or "supplierstatus" => new EvaluationValue(report.SupplierStatus.ToString().ToLowerInvariant()),
|
||||
"elements" => new EvaluationValue(report.ElementStatuses
|
||||
.Select(status => (object?)new NtiaElementStatusScope(status))
|
||||
.ToImmutableArray()),
|
||||
"findings" => new EvaluationValue(report.Findings
|
||||
.Select(finding => (object?)new NtiaFindingScope(finding))
|
||||
.ToImmutableArray()),
|
||||
_ => EvaluationValue.Null
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
private sealed class NtiaElementStatusScope
|
||||
{
|
||||
private readonly NtiaElementStatus status;
|
||||
|
||||
public NtiaElementStatusScope(NtiaElementStatus status)
|
||||
{
|
||||
this.status = status;
|
||||
}
|
||||
|
||||
public EvaluationValue Get(string member)
|
||||
{
|
||||
return member.ToLowerInvariant() switch
|
||||
{
|
||||
"element" => new EvaluationValue(status.Element.ToString().ToLowerInvariant()),
|
||||
"present" => new EvaluationValue(status.Present),
|
||||
"valid" => new EvaluationValue(status.Valid),
|
||||
"covered" => new EvaluationValue(status.ComponentsCovered),
|
||||
"missing" => new EvaluationValue(status.ComponentsMissing),
|
||||
"notes" => new EvaluationValue(status.Notes),
|
||||
_ => EvaluationValue.Null
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
private sealed class NtiaFindingScope
|
||||
{
|
||||
private readonly NtiaFinding finding;
|
||||
|
||||
public NtiaFindingScope(NtiaFinding finding)
|
||||
{
|
||||
this.finding = finding;
|
||||
}
|
||||
|
||||
public EvaluationValue Get(string member)
|
||||
{
|
||||
return member.ToLowerInvariant() switch
|
||||
{
|
||||
"type" => new EvaluationValue(finding.Type.ToString().ToLowerInvariant()),
|
||||
"element" => new EvaluationValue(finding.Element?.ToString().ToLowerInvariant()),
|
||||
"component" => new EvaluationValue(finding.Component),
|
||||
"supplier" => new EvaluationValue(finding.Supplier),
|
||||
"count" => new EvaluationValue(finding.Count),
|
||||
"message" => new EvaluationValue(finding.Message),
|
||||
_ => EvaluationValue.Null
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
private sealed class LicenseFindingScope
|
||||
{
|
||||
private readonly LicenseFinding finding;
|
||||
|
||||
public LicenseFindingScope(LicenseFinding finding)
|
||||
{
|
||||
this.finding = finding;
|
||||
}
|
||||
|
||||
public EvaluationValue Get(string member)
|
||||
{
|
||||
return member.ToLowerInvariant() switch
|
||||
{
|
||||
"type" => new EvaluationValue(finding.Type.ToString().ToLowerInvariant()),
|
||||
"license" => new EvaluationValue(finding.LicenseId),
|
||||
"component" => new EvaluationValue(finding.ComponentName),
|
||||
"purl" => new EvaluationValue(finding.ComponentPurl),
|
||||
"category" => new EvaluationValue(finding.Category.ToString().ToLowerInvariant()),
|
||||
"message" => new EvaluationValue(finding.Message),
|
||||
_ => EvaluationValue.Null
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
private sealed class LicenseUsageScope
|
||||
{
|
||||
private readonly LicenseUsage usage;
|
||||
|
||||
public LicenseUsageScope(LicenseUsage usage)
|
||||
{
|
||||
this.usage = usage;
|
||||
}
|
||||
|
||||
public EvaluationValue Get(string member)
|
||||
{
|
||||
return member.ToLowerInvariant() switch
|
||||
{
|
||||
"license" => new EvaluationValue(usage.LicenseId),
|
||||
"category" => new EvaluationValue(usage.Category.ToString().ToLowerInvariant()),
|
||||
"count" => new EvaluationValue(usage.Count),
|
||||
"components" => new EvaluationValue(usage.Components.Select(value => (object?)value).ToImmutableArray()),
|
||||
_ => EvaluationValue.Null
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
private sealed class LicenseConflictScope
|
||||
{
|
||||
private readonly LicenseConflict conflict;
|
||||
|
||||
public LicenseConflictScope(LicenseConflict conflict)
|
||||
{
|
||||
this.conflict = conflict;
|
||||
}
|
||||
|
||||
public EvaluationValue Get(string member)
|
||||
{
|
||||
return member.ToLowerInvariant() switch
|
||||
{
|
||||
"component" => new EvaluationValue(conflict.ComponentName),
|
||||
"purl" => new EvaluationValue(conflict.ComponentPurl),
|
||||
"licenses" => new EvaluationValue(conflict.LicenseIds.Select(value => (object?)value).ToImmutableArray()),
|
||||
"reason" => new EvaluationValue(conflict.Reason),
|
||||
_ => EvaluationValue.Null
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
private sealed class ComponentScope
|
||||
{
|
||||
private readonly PolicyEvaluationComponent component;
|
||||
|
||||
Reference in New Issue
Block a user