2eb6852d34
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
- Implement `SbomIngestServiceCollectionExtensionsTests` to verify the SBOM ingestion pipeline exports snapshots correctly. - Create `SbomIngestTransformerTests` to ensure the transformation produces expected nodes and edges, including deduplication of license nodes and normalization of timestamps. - Add `SbomSnapshotExporterTests` to test the export functionality for manifest, adjacency, nodes, and edges. - Introduce `VexOverlayTransformerTests` to validate the transformation of VEX nodes and edges. - Set up project file for the test project with necessary dependencies and configurations. - Include JSON fixture files for testing purposes.
148 lines
6.8 KiB
C#
148 lines
6.8 KiB
C#
using System;
|
|
using System.Collections.Generic;
|
|
using System.Collections.Immutable;
|
|
using System.IO;
|
|
using System.Linq;
|
|
using System.Text.Json;
|
|
using System.Text.Json.Nodes;
|
|
using FluentAssertions;
|
|
using StellaOps.Graph.Indexer.Documents;
|
|
using StellaOps.Graph.Indexer.Ingestion.Advisory;
|
|
using StellaOps.Graph.Indexer.Ingestion.Policy;
|
|
using StellaOps.Graph.Indexer.Ingestion.Sbom;
|
|
using StellaOps.Graph.Indexer.Ingestion.Vex;
|
|
using StellaOps.Graph.Indexer.Schema;
|
|
using Xunit;
|
|
|
|
namespace StellaOps.Graph.Indexer.Tests;
|
|
|
|
public sealed class GraphSnapshotBuilderTests
|
|
{
|
|
private static readonly string FixturesRoot =
|
|
Path.Combine(AppContext.BaseDirectory, "Fixtures", "v1");
|
|
|
|
[Fact]
|
|
public void Build_creates_manifest_and_adjacency_with_lineage()
|
|
{
|
|
var sbomSnapshot = Load<SbomSnapshot>("sbom-snapshot.json");
|
|
var linksetSnapshot = Load<AdvisoryLinksetSnapshot>("concelier-linkset.json");
|
|
var vexSnapshot = Load<VexOverlaySnapshot>("excititor-vex.json");
|
|
var policySnapshot = Load<PolicyOverlaySnapshot>("policy-overlay.json");
|
|
|
|
var sbomBatch = new SbomIngestTransformer().Transform(sbomSnapshot);
|
|
var advisoryBatch = new AdvisoryLinksetTransformer().Transform(linksetSnapshot);
|
|
var vexBatch = new VexOverlayTransformer().Transform(vexSnapshot);
|
|
var policyBatch = new PolicyOverlayTransformer().Transform(policySnapshot);
|
|
|
|
var combinedBatch = MergeBatches(sbomBatch, advisoryBatch, vexBatch, policyBatch);
|
|
|
|
var builder = new GraphSnapshotBuilder();
|
|
var generatedAt = DateTimeOffset.Parse("2025-10-30T12:06:30Z");
|
|
|
|
var snapshot = builder.Build(sbomSnapshot, combinedBatch, generatedAt);
|
|
|
|
snapshot.Manifest.Tenant.Should().Be("tenant-alpha");
|
|
snapshot.Manifest.ArtifactDigest.Should().Be("sha256:aaa111");
|
|
snapshot.Manifest.SbomDigest.Should().Be("sha256:sbom111");
|
|
snapshot.Manifest.GeneratedAt.Should().Be(generatedAt);
|
|
snapshot.Manifest.NodeCount.Should().Be(combinedBatch.Nodes.Length);
|
|
snapshot.Manifest.EdgeCount.Should().Be(combinedBatch.Edges.Length);
|
|
snapshot.Manifest.Files.Nodes.Should().Be("nodes.jsonl");
|
|
snapshot.Manifest.Files.Edges.Should().Be("edges.jsonl");
|
|
snapshot.Manifest.Files.Adjacency.Should().Be("adjacency.json");
|
|
|
|
snapshot.Manifest.Lineage.DerivedFromSbomDigests.Should().BeEquivalentTo(new[] { "sha256:sbom-base" }, options => options.WithStrictOrdering());
|
|
snapshot.Manifest.Lineage.BaseArtifactDigests.Should().BeEquivalentTo(new[] { "sha256:base000" }, options => options.WithStrictOrdering());
|
|
snapshot.Manifest.Lineage.SourceSnapshotId.Should().BeNull();
|
|
|
|
var manifestJson = snapshot.Manifest.ToJson();
|
|
manifestJson.Should().NotBeNull();
|
|
manifestJson["hash"]!.GetValue<string>().Should().Be(snapshot.Manifest.Hash);
|
|
|
|
var manifestWithoutHash = (JsonObject)manifestJson.DeepClone();
|
|
manifestWithoutHash.Remove("hash");
|
|
var expectedManifestHash = GraphIdentity.ComputeDocumentHash(manifestWithoutHash);
|
|
snapshot.Manifest.Hash.Should().Be(expectedManifestHash);
|
|
|
|
var adjacency = snapshot.Adjacency;
|
|
adjacency.Tenant.Should().Be("tenant-alpha");
|
|
adjacency.SnapshotId.Should().Be(snapshot.Manifest.SnapshotId);
|
|
adjacency.GeneratedAt.Should().Be(generatedAt);
|
|
|
|
var adjacencyNodes = adjacency.Nodes.ToDictionary(node => node.NodeId, StringComparer.Ordinal);
|
|
adjacencyNodes.Should().ContainKey("gn:tenant-alpha:artifact:RX033HH7S6JXMY66QM51S89SX76B3JXJHWHPXPPBJCD05BR3GVXG");
|
|
|
|
var artifactAdjacency = adjacencyNodes["gn:tenant-alpha:artifact:RX033HH7S6JXMY66QM51S89SX76B3JXJHWHPXPPBJCD05BR3GVXG"];
|
|
artifactAdjacency.OutgoingEdges.Should().BeEquivalentTo(new[]
|
|
{
|
|
"ge:tenant-alpha:BUILT_FROM:HJNKVFSDSA44HRY0XAJ0GBEVPD2S82JFF58BZVRT9QF6HB2EGPJG",
|
|
"ge:tenant-alpha:CONTAINS:EVA5N7P029VYV9W8Q7XJC0JFTEQYFSAQ6381SNVM3T1G5290XHTG"
|
|
}, options => options.WithStrictOrdering());
|
|
artifactAdjacency.IncomingEdges.Should().BeEmpty();
|
|
|
|
var componentAdjacency = adjacencyNodes["gn:tenant-alpha:component:BQSZFXSPNGS6M8XEQZ6XX3E7775XZQABM301GFPFXCQSQSA1WHZ0"];
|
|
componentAdjacency.IncomingEdges.Should().BeEquivalentTo(new[]
|
|
{
|
|
"ge:tenant-alpha:CONTAINS:EVA5N7P029VYV9W8Q7XJC0JFTEQYFSAQ6381SNVM3T1G5290XHTG",
|
|
"ge:tenant-alpha:GOVERNS_WITH:XG3KQTYT8D4NY0BTFXWGBQY6TXR2MRYDWZBQT07T0200NQ72AFG0"
|
|
});
|
|
componentAdjacency.OutgoingEdges.Should().BeEquivalentTo(new[]
|
|
{
|
|
"ge:tenant-alpha:DEPENDS_ON:FJ7GZ9RHPKPR30XVKECD702QG20PGT3V75DY1GST8AAW9SR8TBB0",
|
|
"ge:tenant-alpha:DECLARED_IN:T7E8NQEMKXPZ3T1SWT8HXKWAHJVS9QKD87XBKAQAAQ29CDHEA47G",
|
|
"ge:tenant-alpha:AFFECTED_BY:1V3NRKAR6KMXAWZ89R69G8JAY3HV7DXNB16YY9X25X1TAFW9VGYG",
|
|
"ge:tenant-alpha:VEX_EXEMPTS:DT0BBCM9S0KJVF61KVR7D2W8DVFTKK03F3TFD4DR9DRS0T5CWZM0"
|
|
});
|
|
|
|
var dependencyComponent = adjacencyNodes["gn:tenant-alpha:component:FZ9EHXFFGPDQAEKAPWZ4JX5X6KYS467PJ5D1Y4T9NFFQG2SG0DV0"];
|
|
dependencyComponent.IncomingEdges.Should().BeEquivalentTo(new[]
|
|
{
|
|
"ge:tenant-alpha:DEPENDS_ON:FJ7GZ9RHPKPR30XVKECD702QG20PGT3V75DY1GST8AAW9SR8TBB0"
|
|
});
|
|
dependencyComponent.OutgoingEdges.Should().BeEmpty();
|
|
|
|
adjacency.Nodes.Length.Should().Be(combinedBatch.Nodes.Length);
|
|
}
|
|
|
|
private static GraphBuildBatch MergeBatches(params GraphBuildBatch[] batches)
|
|
{
|
|
var nodes = new Dictionary<string, JsonObject>(StringComparer.Ordinal);
|
|
var edges = new Dictionary<string, JsonObject>(StringComparer.Ordinal);
|
|
|
|
foreach (var batch in batches)
|
|
{
|
|
foreach (var node in batch.Nodes)
|
|
{
|
|
nodes[node["id"]!.GetValue<string>()] = node;
|
|
}
|
|
|
|
foreach (var edge in batch.Edges)
|
|
{
|
|
edges[edge["id"]!.GetValue<string>()] = edge;
|
|
}
|
|
}
|
|
|
|
var orderedNodes = nodes.Values
|
|
.OrderBy(node => node["kind"]!.GetValue<string>(), StringComparer.Ordinal)
|
|
.ThenBy(node => node["id"]!.GetValue<string>(), StringComparer.Ordinal)
|
|
.ToImmutableArray();
|
|
|
|
var orderedEdges = edges.Values
|
|
.OrderBy(edge => edge["kind"]!.GetValue<string>(), StringComparer.Ordinal)
|
|
.ThenBy(edge => edge["id"]!.GetValue<string>(), StringComparer.Ordinal)
|
|
.ToImmutableArray();
|
|
|
|
return new GraphBuildBatch(orderedNodes, orderedEdges);
|
|
}
|
|
|
|
private static T Load<T>(string fixtureFile)
|
|
{
|
|
var path = Path.Combine(FixturesRoot, fixtureFile);
|
|
var json = File.ReadAllText(path);
|
|
return JsonSerializer.Deserialize<T>(json, new JsonSerializerOptions
|
|
{
|
|
PropertyNameCaseInsensitive = true
|
|
})!;
|
|
}
|
|
}
|