8000 bug: Fix spdx Metadata Equality issue seen in e2e tests · Issue #178 · bomctl/bomctl · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

bug: Fix spdx Metadata Equality issue seen in e2e tests #178

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
ashearin opened this issue Oct 2, 2024 · 1 comment · Fixed by #202
Closed

bug: Fix spdx Metadata Equality issue seen in e2e tests #178

ashearin opened this issue Oct 2, 2024 · 1 comment · Fixed by #202
Assignees
@ashearin
Labels
bug Something isn't working
Milestone
v0.4.2

Comments

@ashearin
Copy link
Member
ashearin commented Oct 2, 2024

Export e2e tests uncovered a weird behavior in the testing environment, the spdx bom used in the export test is added to the cache via db.AddDocument and exported (to spdx format) to a file. the two files are then compared for equality, but fail on Meta data being different.

Some things are expected, like date will always be different, which easily handled, but the ID, tools and author being different needs more investigation.

Exported Document
# id:"https://spdx.org/spdxdocs/#DOCUMENT" version:"0" name:"bomctl_0.3.0_linux_amd64.tar.gz" date:{seconds:1727723887} tools:{name:"protobom-devel"} tools:{name:"syft-1.9.0"}
Original Document
# id:"https://anchore.com/syft/file/bomctl_0.3.0_linux_amd64.tar.gz-1b838d44-9d3c-47d0-9f7f-846397e701fa#DOCUMENT" version:"0" name:"bomctl_0.3.0_linux_amd64.tar.gz" date:{seconds:1723065476} tools:{name:"syft-1.9.0"} authors:{name:"Anchore, Inc" is_org:true}

The task here is to investigate and fix issue if it resides in bomctl, otherwise create an issue with supporting documentation and evidence in protobom to have it investigated there.

Also update the compare_documents to compare each field individually, and ignore expected differences , like date. If resolved within bomctl, uncomment e2e test checks for document equality.
@ashearin ashearin added the bug Something isn't working label Oct 2, 2024
@ashearin ashearin mentioned this issue Oct 2, 2024
Merged
@ashearin ashearin self-assigned this Oct 7, 2024
@ashearin ashearin linked a pull request Oct 7, 2024 that will close this issue
fix: 178 bug fix spdx metadata equality issue seen in e2e tests ashearin/bomctl#2
Closed
15 tasks
@idunbarh
Copy link
Member

Fixed upstream in protobom, pending on testing of new release and then this can be closed.

@idunbarh idunbarh added this to the v0.5 milestone Oct 16, 2024
@ashearin ashearin mentioned this issue Nov 5, 2024
Merged
12 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ashearin ashearin

Labels
bug Something isn't working
Projects
None yet
Milestone
v0.4.2
2 participants
@ashearin @idunbarh
0