graalvm/setup-graalvm
1
0
Fork 0
mirror of https://github.com/graalvm/setup-graalvm.git synced 2025-03-13 14:30:15 +08:00
Code Issues Packages Projects Releases Wiki Activity

SBOM: Ensure 'java-version' is persisted to post-run phase

Browse Source
This commit is contained in:
Joel Rudsberg 2025-03-03 11:00:17 +01:00 committed by Fabio Niephaus
parent 271a696e78
commit 3ca6fc3a8a
4 changed files with 50 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
__tests__/sbom.test.ts
View File

@ -145,6 +145,7 @@ describe('sbom feature', () => {
writeFileSync(sbomPath, JSON.stringify(sbom, null, 2)) writeFileSync(sbomPath, JSON.stringify(sbom, null, 2))
mockFindSBOM([sbomPath]) mockFindSBOM([sbomPath])
jest.spyOn(core, 'getState').mockReturnValue(javaVersion)
await processSBOM() await processSBOM()
} }
@ -190,6 +191,10 @@ describe('sbom feature', () => {
] ]
} }
it('should throw an error if setUpSBOMSupport was not called before processSBOM', async () => {
await expect(processSBOM()).rejects.toThrow('setUpSBOMSupport must be called before processSBOM')
})
it('should process SBOM and display components', async () => { it('should process SBOM and display components', async () => {
await setUpAndProcessSBOM(sampleSBOM) await setUpAndProcessSBOM(sampleSBOM)

29
dist/cleanup/index.js generated vendored
View File

@ -78738,36 +78738,37 @@ const utils_1 = __nccwpck_require__(1798);
const INPUT_NI_SBOM = 'native-image-enable-sbom'; const INPUT_NI_SBOM = 'native-image-enable-sbom';
const SBOM_FILE_SUFFIX = '.sbom.json'; const SBOM_FILE_SUFFIX = '.sbom.json';
const MIN_JAVA_VERSION = '24.0.0'; const MIN_JAVA_VERSION = '24.0.0';
let javaVersionOrLatestEA = null; const javaVersionKey = 'javaVersionKey';
function setUpSBOMSupport(javaVersionOrDev, distribution) { function setUpSBOMSupport(javaVersion, distribution) {
if (!isFeatureEnabled()) { if (!isFeatureEnabled()) {
return; return;
} }
validateJavaVersionAndDistribution(javaVersionOrDev, distribution); validateJavaVersionAndDistribution(javaVersion, distribution);
javaVersionOrLatestEA = javaVersionOrDev; core.saveState(javaVersionKey, javaVersion);
(0, utils_1.setNativeImageOption)(javaVersionOrLatestEA, '--enable-sbom=export'); (0, utils_1.setNativeImageOption)(javaVersion, '--enable-sbom=export');
core.info('Enabled SBOM generation for Native Image build'); core.info('Enabled SBOM generation for Native Image build');
} }
function validateJavaVersionAndDistribution(javaVersionOrDev, distribution) { function validateJavaVersionAndDistribution(javaVersion, distribution) {
if (distribution !== c.DISTRIBUTION_GRAALVM) { if (distribution !== c.DISTRIBUTION_GRAALVM) {
throw new Error(`The '${INPUT_NI_SBOM}' option is only supported for Oracle GraalVM (distribution '${c.DISTRIBUTION_GRAALVM}'), but found distribution '${distribution}'.`); throw new Error(`The '${INPUT_NI_SBOM}' option is only supported for Oracle GraalVM (distribution '${c.DISTRIBUTION_GRAALVM}'), but found distribution '${distribution}'.`);
} }
if (javaVersionOrDev === 'dev') { if (javaVersion === 'dev') {
throw new Error(`The '${INPUT_NI_SBOM}' option is not supported for java-version 'dev'.`); throw new Error(`The '${INPUT_NI_SBOM}' option is not supported for java-version 'dev'.`);
} }
if (javaVersionOrDev === 'latest-ea') { if (javaVersion === 'latest-ea') {
return; return;
} }
const coercedJavaVersion = semver.coerce(javaVersionOrDev); const coercedJavaVersion = semver.coerce(javaVersion);
if (!coercedJavaVersion || semver.gt(MIN_JAVA_VERSION, coercedJavaVersion)) { if (!coercedJavaVersion || semver.gt(MIN_JAVA_VERSION, coercedJavaVersion)) {
throw new Error(`The '${INPUT_NI_SBOM}' option is only supported for GraalVM for JDK ${MIN_JAVA_VERSION} or later, but found java-version '${javaVersionOrDev}'.`); throw new Error(`The '${INPUT_NI_SBOM}' option is only supported for GraalVM for JDK ${MIN_JAVA_VERSION} or later, but found java-version '${javaVersion}'.`);
} }
} }
async function processSBOM() { async function processSBOM() {
if (!isFeatureEnabled()) { if (!isFeatureEnabled()) {
return; return;
} }
if (javaVersionOrLatestEA === null) { const javaVersion = core.getState(javaVersionKey);
if (!javaVersion) {
throw new Error('setUpSBOMSupport must be called before processSBOM'); throw new Error('setUpSBOMSupport must be called before processSBOM');
} }
const sbomPath = await findSBOMFilePath(); const sbomPath = await findSBOMFilePath();
@ -78776,7 +78777,7 @@ async function processSBOM() {
const sbomData = parseSBOM(sbomContent); const sbomData = parseSBOM(sbomContent);
const components = mapToComponentsWithDependencies(sbomData); const components = mapToComponentsWithDependencies(sbomData);
printSBOMContent(components); printSBOMContent(components);
const snapshot = convertSBOMToSnapshot(sbomPath, components); const snapshot = convertSBOMToSnapshot(javaVersion, sbomPath, components);
await submitDependencySnapshot(snapshot); await submitDependencySnapshot(snapshot);
} }
catch (error) { catch (error) {
@ -78833,7 +78834,7 @@ function printSBOMContent(components) {
} }
core.info('=================='); core.info('==================');
} }
function convertSBOMToSnapshot(sbomPath, components) { function convertSBOMToSnapshot(javaVersion, sbomPath, components) {
const context = github.context; const context = github.context;
const sbomFileName = (0, path_1.basename)(sbomPath); const sbomFileName = (0, path_1.basename)(sbomPath);
if (!sbomFileName.endsWith(SBOM_FILE_SUFFIX)) { if (!sbomFileName.endsWith(SBOM_FILE_SUFFIX)) {
@ -78850,7 +78851,7 @@ function convertSBOMToSnapshot(sbomPath, components) {
}, },
detector: { detector: {
name: 'Oracle GraalVM', name: 'Oracle GraalVM',
version: javaVersionOrLatestEA ?? '', version: javaVersion,
url: 'https://www.graalvm.org/' url: 'https://www.graalvm.org/'
}, },
scanned: new Date().toISOString(), scanned: new Date().toISOString(),

29
dist/main/index.js generated vendored
View File

@ -78852,36 +78852,37 @@ const utils_1 = __nccwpck_require__(1798);
const INPUT_NI_SBOM = 'native-image-enable-sbom'; const INPUT_NI_SBOM = 'native-image-enable-sbom';
const SBOM_FILE_SUFFIX = '.sbom.json'; const SBOM_FILE_SUFFIX = '.sbom.json';
const MIN_JAVA_VERSION = '24.0.0'; const MIN_JAVA_VERSION = '24.0.0';
let javaVersionOrLatestEA = null; const javaVersionKey = 'javaVersionKey';
function setUpSBOMSupport(javaVersionOrDev, distribution) { function setUpSBOMSupport(javaVersion, distribution) {
if (!isFeatureEnabled()) { if (!isFeatureEnabled()) {
return; return;
} }
validateJavaVersionAndDistribution(javaVersionOrDev, distribution); validateJavaVersionAndDistribution(javaVersion, distribution);
javaVersionOrLatestEA = javaVersionOrDev; core.saveState(javaVersionKey, javaVersion);
(0, utils_1.setNativeImageOption)(javaVersionOrLatestEA, '--enable-sbom=export'); (0, utils_1.setNativeImageOption)(javaVersion, '--enable-sbom=export');
core.info('Enabled SBOM generation for Native Image build'); core.info('Enabled SBOM generation for Native Image build');
} }
function validateJavaVersionAndDistribution(javaVersionOrDev, distribution) { function validateJavaVersionAndDistribution(javaVersion, distribution) {
if (distribution !== c.DISTRIBUTION_GRAALVM) { if (distribution !== c.DISTRIBUTION_GRAALVM) {
throw new Error(`The '${INPUT_NI_SBOM}' option is only supported for Oracle GraalVM (distribution '${c.DISTRIBUTION_GRAALVM}'), but found distribution '${distribution}'.`); throw new Error(`The '${INPUT_NI_SBOM}' option is only supported for Oracle GraalVM (distribution '${c.DISTRIBUTION_GRAALVM}'), but found distribution '${distribution}'.`);
} }
if (javaVersionOrDev === 'dev') { if (javaVersion === 'dev') {
throw new Error(`The '${INPUT_NI_SBOM}' option is not supported for java-version 'dev'.`); throw new Error(`The '${INPUT_NI_SBOM}' option is not supported for java-version 'dev'.`);
} }
if (javaVersionOrDev === 'latest-ea') { if (javaVersion === 'latest-ea') {
return; return;
} }
const coercedJavaVersion = semver.coerce(javaVersionOrDev); const coercedJavaVersion = semver.coerce(javaVersion);
if (!coercedJavaVersion || semver.gt(MIN_JAVA_VERSION, coercedJavaVersion)) { if (!coercedJavaVersion || semver.gt(MIN_JAVA_VERSION, coercedJavaVersion)) {
throw new Error(`The '${INPUT_NI_SBOM}' option is only supported for GraalVM for JDK ${MIN_JAVA_VERSION} or later, but found java-version '${javaVersionOrDev}'.`); throw new Error(`The '${INPUT_NI_SBOM}' option is only supported for GraalVM for JDK ${MIN_JAVA_VERSION} or later, but found java-version '${javaVersion}'.`);
} }
} }
async function processSBOM() { async function processSBOM() {
if (!isFeatureEnabled()) { if (!isFeatureEnabled()) {
return; return;
} }
if (javaVersionOrLatestEA === null) { const javaVersion = core.getState(javaVersionKey);
if (!javaVersion) {
throw new Error('setUpSBOMSupport must be called before processSBOM'); throw new Error('setUpSBOMSupport must be called before processSBOM');
} }
const sbomPath = await findSBOMFilePath(); const sbomPath = await findSBOMFilePath();
@ -78890,7 +78891,7 @@ async function processSBOM() {
const sbomData = parseSBOM(sbomContent); const sbomData = parseSBOM(sbomContent);
const components = mapToComponentsWithDependencies(sbomData); const components = mapToComponentsWithDependencies(sbomData);
printSBOMContent(components); printSBOMContent(components);
const snapshot = convertSBOMToSnapshot(sbomPath, components); const snapshot = convertSBOMToSnapshot(javaVersion, sbomPath, components);
await submitDependencySnapshot(snapshot); await submitDependencySnapshot(snapshot);
} }
catch (error) { catch (error) {
@ -78947,7 +78948,7 @@ function printSBOMContent(components) {
} }
core.info('=================='); core.info('==================');
} }
function convertSBOMToSnapshot(sbomPath, components) { function convertSBOMToSnapshot(javaVersion, sbomPath, components) {
const context = github.context; const context = github.context;
const sbomFileName = (0, path_1.basename)(sbomPath); const sbomFileName = (0, path_1.basename)(sbomPath);
if (!sbomFileName.endsWith(SBOM_FILE_SUFFIX)) { if (!sbomFileName.endsWith(SBOM_FILE_SUFFIX)) {
@ -78964,7 +78965,7 @@ function convertSBOMToSnapshot(sbomPath, components) {
}, },
detector: { detector: {
name: 'Oracle GraalVM', name: 'Oracle GraalVM',
version: javaVersionOrLatestEA ?? '', version: javaVersion,
url: 'https://www.graalvm.org/' url: 'https://www.graalvm.org/'
}, },
scanned: new Date().toISOString(), scanned: new Date().toISOString(),

30
src/features/sbom.ts
View File

@ -10,8 +10,7 @@ import { setNativeImageOption } from '../utils'
const INPUT_NI_SBOM = 'native-image-enable-sbom' const INPUT_NI_SBOM = 'native-image-enable-sbom'
const SBOM_FILE_SUFFIX = '.sbom.json' const SBOM_FILE_SUFFIX = '.sbom.json'
const MIN_JAVA_VERSION = '24.0.0' const MIN_JAVA_VERSION = '24.0.0'
const javaVersionKey = 'javaVersionKey'
let javaVersionOrLatestEA: string | null = null
interface SBOM { interface SBOM {
components: Component[] components: Component[]
@ -67,36 +66,36 @@ interface DependencySnapshot {
> >
} }
export function setUpSBOMSupport(javaVersionOrDev: string, distribution: string): void { export function setUpSBOMSupport(javaVersion: string, distribution: string): void {
if (!isFeatureEnabled()) { if (!isFeatureEnabled()) {
return return
} }
validateJavaVersionAndDistribution(javaVersionOrDev, distribution) validateJavaVersionAndDistribution(javaVersion, distribution)
javaVersionOrLatestEA = javaVersionOrDev core.saveState(javaVersionKey, javaVersion)
setNativeImageOption(javaVersionOrLatestEA, '--enable-sbom=export') setNativeImageOption(javaVersion, '--enable-sbom=export')
core.info('Enabled SBOM generation for Native Image build') core.info('Enabled SBOM generation for Native Image build')
} }
function validateJavaVersionAndDistribution(javaVersionOrDev: string, distribution: string): void { function validateJavaVersionAndDistribution(javaVersion: string, distribution: string): void {
if (distribution !== c.DISTRIBUTION_GRAALVM) { if (distribution !== c.DISTRIBUTION_GRAALVM) {
throw new Error( throw new Error(
`The '${INPUT_NI_SBOM}' option is only supported for Oracle GraalVM (distribution '${c.DISTRIBUTION_GRAALVM}'), but found distribution '${distribution}'.` `The '${INPUT_NI_SBOM}' option is only supported for Oracle GraalVM (distribution '${c.DISTRIBUTION_GRAALVM}'), but found distribution '${distribution}'.`
) )
} }
if (javaVersionOrDev === 'dev') { if (javaVersion === 'dev') {
throw new Error(`The '${INPUT_NI_SBOM}' option is not supported for java-version 'dev'.`) throw new Error(`The '${INPUT_NI_SBOM}' option is not supported for java-version 'dev'.`)
} }
if (javaVersionOrDev === 'latest-ea') { if (javaVersion === 'latest-ea') {
return return
} }
const coercedJavaVersion = semver.coerce(javaVersionOrDev) const coercedJavaVersion = semver.coerce(javaVersion)
if (!coercedJavaVersion || semver.gt(MIN_JAVA_VERSION, coercedJavaVersion)) { if (!coercedJavaVersion || semver.gt(MIN_JAVA_VERSION, coercedJavaVersion)) {
throw new Error( throw new Error(
`The '${INPUT_NI_SBOM}' option is only supported for GraalVM for JDK ${MIN_JAVA_VERSION} or later, but found java-version '${javaVersionOrDev}'.` `The '${INPUT_NI_SBOM}' option is only supported for GraalVM for JDK ${MIN_JAVA_VERSION} or later, but found java-version '${javaVersion}'.`
) )
} }
} }
@ -106,7 +105,8 @@ export async function processSBOM(): Promise<void> {
return return
} }
if (javaVersionOrLatestEA === null) { const javaVersion = core.getState(javaVersionKey)
if (!javaVersion) {
throw new Error('setUpSBOMSupport must be called before processSBOM') throw new Error('setUpSBOMSupport must be called before processSBOM')
} }
@ -116,7 +116,7 @@ export async function processSBOM(): Promise<void> {
const sbomData = parseSBOM(sbomContent) const sbomData = parseSBOM(sbomContent)
const components = mapToComponentsWithDependencies(sbomData) const components = mapToComponentsWithDependencies(sbomData)
printSBOMContent(components) printSBOMContent(components)
const snapshot = convertSBOMToSnapshot(sbomPath, components) const snapshot = convertSBOMToSnapshot(javaVersion, sbomPath, components)
await submitDependencySnapshot(snapshot) await submitDependencySnapshot(snapshot)
} catch (error) { } catch (error) {
throw new Error( throw new Error(
@ -184,7 +184,7 @@ function printSBOMContent(components: Component[]): void {
core.info('==================') core.info('==================')
} }
function convertSBOMToSnapshot(sbomPath: string, components: Component[]): DependencySnapshot { function convertSBOMToSnapshot(javaVersion: string, sbomPath: string, components: Component[]): DependencySnapshot {
const context = github.context const context = github.context
const sbomFileName = basename(sbomPath) const sbomFileName = basename(sbomPath)
@ -203,7 +203,7 @@ function convertSBOMToSnapshot(sbomPath: string, components: Component[]): Depen
}, },
detector: { detector: {
name: 'Oracle GraalVM', name: 'Oracle GraalVM',
version: javaVersionOrLatestEA ?? '', version: javaVersion,
url: 'https://www.graalvm.org/' url: 'https://www.graalvm.org/'
}, },
scanned: new Date().toISOString(), scanned: new Date().toISOString(),