github

package
v0.0.8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 4, 2025 License: Apache-2.0 Imports: 27 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	CACHE_PATH = ".sbommv/cache.db"
)

Variables

View Source 
var SupportedTools = map[string]string{
	"syft":    "https://github.com/anchore/syft.git",
	"spdxgen": "https://github.com/spdx/spdx-sbom-generator.git",
}

SupportedTools maps tool names to their GitHub repositories

Functions

func CachePath added in v0.0.6 

func CachePath(outputAdapter, method string) string

CachePath generates a daemon-specific cache file path

func CloneRepoWithGit 

func CloneRepoWithGit(ctx tcontext.TransferMetadata, repoURL, branch, targetDir string) error

CloneRepoWithGit clones a GitHub repository using the Git command-line tool.

func GenerateSBOM 

func GenerateSBOM(ctx tcontext.TransferMetadata, repoDir, binaryPath string) ([]byte, error)

func GetAllOrgRepositories added in v0.0.6 

func GetAllOrgRepositories(ctx tcontext.TransferMetadata, client *githublib.Client, org string) ([]string, error)

Types

type AdapterCache added in v0.0.6 

type AdapterCache map[string]GitHubDaemonCache

type Asset 

type Asset struct {
	Name        string `json:"name"`
	DownloadURL string `json:"browser_download_url"`
	Size        int    `json:"size"`
}

Asset represents a GitHub release asset (e.g., SBOM files)

type Cache added in v0.0.6 

type Cache struct {
	Data map[string]AdapterCache

	sync.RWMutex
	// contains filtered or unexported fields
}

Cache holds in-memory cache data (JSON-like maps) to reduce SQLite queries, synced to cache.db.

func NewCache added in v0.0.6 

func NewCache() *Cache

NewCache initializes a cache.

func (*Cache) EnsureCachePath added in v0.0.6 

func (c *Cache) EnsureCachePath(ctx tcontext.TransferMetadata, outputAdapter, inputAdapter string)

func (*Cache) InitCache added in v0.0.6 

func (c *Cache) InitCache(ctx tcontext.TransferMetadata, outputAdapter, method string) error

InitCache initializes SQLite database with repos and sboms tables.

func (*Cache) IsSBOMProcessed added in v0.0.6 

func (c *Cache) IsSBOMProcessed(ctx tcontext.TransferMetadata, outputAdapter, inputAdapter, method, sbomCacheKey, repo string) bool

IsSBOMProcessed checks if an SBOM is processed in the cache or not

func (*Cache) LoadCache added in v0.0.6 

func (c *Cache) LoadCache(ctx tcontext.TransferMetadata, adapter, method string) error

LoadCache populates in-memory cache (cache-aside pattern) from SQLite to reduce query frequency.

func (*Cache) MarkSBOMProcessed added in v0.0.6 

func (c *Cache) MarkSBOMProcessed(ctx tcontext.TransferMetadata, outputAdapter, inputAdapter, method, sbomCacheKey, repo string) error

MarkSBOMProcessed marks an SBOM as processed in the cache (write-through).

func (*Cache) PruneSBOMs added in v0.0.6 

func (c *Cache) PruneSBOMs(ctx tcontext.TransferMetadata, outputAdapter, inputAdapter, method, repo string) error

PruneSBOMs clears SBOMs for a specific adapter, input adapter, method, and repo.

func (*Cache) SaveCache added in v0.0.6 

func (c *Cache) SaveCache(ctx tcontext.TransferMetadata, adapter, method string) error

SaveCache updates SQLite with in-memory cache changes (write-through caching).

type Client 

type Client struct {
	BaseURL      string
	RepoURL      string
	Organization string
	Owner        string
	Repo         string
	Version      string
	Method       string
	Branch       string
	Token        string
	// contains filtered or unexported fields
}

Client interacts with the GitHub API

func NewClient 

func NewClient(g *GithubConfig) *Client

NewClient initializes a GitHub client

func (*Client) DownloadAsset 

func (c *Client) DownloadAsset(ctx tcontext.TransferMetadata, downloadURL string) (io.ReadCloser, error)

DownloadAsset downloads a release asset from download url of SBOM

func (*Client) FetchSBOMFromAPI 

func (c *Client) FetchSBOMFromAPI(ctx tcontext.TransferMetadata) ([]byte, error)

func (*Client) FetchSBOMFromReleases added in v0.0.3 

func (c *Client) FetchSBOMFromReleases(ctx tcontext.TransferMetadata) (VersionedSBOMs, error)

GetSBOMs downloads and saves all SBOM files found in the repository

func (*Client) FindSBOMs 

func (c *Client) FindSBOMs(ctx tcontext.TransferMetadata) ([]SBOMAsset, error)

FindSBOMs gets all releases assets from github release page filter out the particular provided release asset and extract SBOMs from that

func (*Client) GetAllRepositories 

func (c *Client) GetAllRepositories(ctx tcontext.TransferMetadata) ([]string, error)

GetAllRepositories fetches all repositories for the organization specified in c.Owner. It also handles pagination to ensure all repositories are retrieved.

func (*Client) GetReleases 

func (c *Client) GetReleases(ctx tcontext.TransferMetadata, owner, repo string) ([]Release, error)

GetReleases fetches all releases for a repository

type GitHubAdapter 

type GitHubAdapter struct {
	Config  *GithubConfig
	Role    types.AdapterRole
	Fetcher SBOMFetcher
}

GitHubAdapter handles fetching SBOMs from GitHub releases

func (*GitHubAdapter) AddCommandParams 

func (g *GitHubAdapter) AddCommandParams(cmd *cobra.Command)

AddCommandParams adds GitHub-specific CLI flags

func (*GitHubAdapter) DryRun 

func (g *GitHubAdapter) DryRun(ctx tcontext.TransferMetadata, iterator iterator.SBOMIterator) error

DryRun for Input Adapter: Displays all fetched SBOMs from input adapter

func (*GitHubAdapter) FetchSBOMs 

func (g *GitHubAdapter) FetchSBOMs(ctx tcontext.TransferMetadata) (iterator.SBOMIterator, error)

FetchSBOMs initializes the GitHub SBOM iterator using the unified method

func (*GitHubAdapter) Monitor added in v0.0.3 

func (g *GitHubAdapter) Monitor(ctx tcontext.TransferMetadata) (iterator.SBOMIterator, error)

func (*GitHubAdapter) ParseAndValidateParams 

func (g *GitHubAdapter) ParseAndValidateParams(cmd *cobra.Command) error

ParseAndValidateParams validates the GitHub adapter params

func (*GitHubAdapter) UploadSBOMs 

func (g *GitHubAdapter) UploadSBOMs(ctx tcontext.TransferMetadata, iterator iterator.SBOMIterator) error

OutputSBOMs should return an error since GitHub does not support SBOM uploads

type GitHubDaemonCache added in v0.0.6 

type GitHubDaemonCache map[string]MethodCache

type GitHubIterator 

type GitHubIterator struct {
	// contains filtered or unexported fields
}

// GitHubIterator iterates over SBOMs fetched from GitHub (API, Release, Tool)

func NewGitHubIterator 

func NewGitHubIterator(ctx tcontext.TransferMetadata, g *GithubConfig, repo string) *GitHubIterator

NewGitHubIterator initializes and returns a new GitHubIterator instance

func (*GitHubIterator) Next 

func (it *GitHubIterator) Next(ctx tcontext.TransferMetadata) (*iterator.SBOM, error)

Next returns the next SBOM from the stored list

type GitHubMethod 

type GitHubMethod string
const (
	// MethodReleases searches for SBOMs in GitHub releases
	MethodReleases GitHubMethod = "release"

	// // MethodReleases searches for SBOMs in GitHub releases
	MethodAPI GitHubMethod = "api"

	// MethodGenerate clones the repo and generates SBOMs using external Tools
	MethodTool GitHubMethod = "tool"
)

type GitHubSBOMResponse 

type GitHubSBOMResponse struct {
	SBOM json.RawMessage `json:"sbom"` // Extract SBOM as raw JSON
}

GitHubSBOMResponse holds the JSON structure returned by GitHub API

type GithubConfig added in v0.0.6 

type GithubConfig struct {
	URL        string
	Repo       string
	Owner      string
	Version    string
	Branch     string
	Method     string
	BinaryPath string

	Token          string
	IncludeRepos   []string
	ExcludeRepos   []string
	ProcessingMode types.ProcessingMode
	Daemon         bool
	Poll           int64
	AssetWaitDelay int64
	// contains filtered or unexported fields
}

func NewGithubConfig added in v0.0.6 

func NewGithubConfig() *GithubConfig

func (*GithubConfig) GetGitHubClient added in v0.0.6 

func (c *GithubConfig) GetGitHubClient(ctx tcontext.TransferMetadata) (*githublib.Client, error)

GetGitHubClient initializes and returns a GitHub API client.

func (*GithubConfig) GetRepo added in v0.0.6 

func (c *GithubConfig) GetRepo() string

func (*GithubConfig) SetBranch added in v0.0.6 

func (c *GithubConfig) SetBranch(branch string)

func (*GithubConfig) SetExcludeRepos added in v0.0.6 

func (c *GithubConfig) SetExcludeRepos(repos []string)

SetExcludePattern sets the exclude pattern for repository filtering.

func (*GithubConfig) SetIncludeRepos added in v0.0.6 

func (c *GithubConfig) SetIncludeRepos(repos []string)

SetIncludePattern sets the include pattern for repository filtering.

func (*GithubConfig) SetMethod added in v0.0.6 

func (c *GithubConfig) SetMethod(method string)

func (*GithubConfig) SetOwner added in v0.0.6 

func (c *GithubConfig) SetOwner(org string)

SetOrg sets the organization name.

func (*GithubConfig) SetPollInterval added in v0.0.6 

func (c *GithubConfig) SetPollInterval(interval int64)

SetPollInterval sets the polling interval in seconds.

func (*GithubConfig) SetProcessingMode added in v0.0.6 

func (c *GithubConfig) SetProcessingMode(mode types.ProcessingMode)

SetProcessingMode sets the processing mode (Sequential, Parallel, Watcher).

func (*GithubConfig) SetRepo added in v0.0.6 

func (c *GithubConfig) SetRepo(repo string)

SetRepos sets the list of repositories.

func (*GithubConfig) SetToken added in v0.0.6 

func (c *GithubConfig) SetToken(token string)

SetToken sets the GitHub token.

func (*GithubConfig) SetVersion added in v0.0.6 

func (c *GithubConfig) SetVersion(version string)

type GithubReporter added in v0.0.6 

type GithubReporter struct {
	// contains filtered or unexported fields
}

func NewGithubReporter added in v0.0.6 

func NewGithubReporter(verbose bool, inputDir string) *GithubReporter

func (*GithubReporter) DryRun added in v0.0.6 

func (r *GithubReporter) DryRun(ctx tcontext.TransferMetadata, iter iterator.SBOMIterator) error

type GithubWatcherFetcher added in v0.0.6 

type GithubWatcherFetcher struct{}

func NewWatcherFetcher added in v0.0.6 

func NewWatcherFetcher() *GithubWatcherFetcher

func (*GithubWatcherFetcher) Fetch added in v0.0.6 

func (f *GithubWatcherFetcher) Fetch(ctx tcontext.TransferMetadata, config *GithubConfig) (iterator.SBOMIterator, error)

type GithubWatcherIterator added in v0.0.6 

type GithubWatcherIterator struct {
	// contains filtered or unexported fields
}

func (*GithubWatcherIterator) Next added in v0.0.6 

func (it *GithubWatcherIterator) Next(ctx tcontext.TransferMetadata) (*iterator.SBOM, error)

type MethodCache added in v0.0.6 

type MethodCache struct {
	Repos map[string]RepoState `json:"repos"`
	SBOMs map[string]bool      `json:"sboms"`
}

type ParallelFetcher added in v0.0.6 

type ParallelFetcher struct{}

func (*ParallelFetcher) Fetch added in v0.0.6 

func (f *ParallelFetcher) Fetch(ctx tcontext.TransferMetadata, config *GithubConfig) (iterator.SBOMIterator, error)

type Release 

type Release struct {
	TagName string  `json:"tag_name"`
	Assets  []Asset `json:"assets"`
}

Release represents a GitHub release containing assets

type RepoState added in v0.0.6 

type RepoState struct {
	PublishedAt string `json:"published_at"`
	ReleaseID   string `json:"release_id"`
}

RepoState stores release information.

type SBOMAsset 

type SBOMAsset struct {
	Release     string
	Name        string
	DownloadURL string
	Size        int
}

SBOMAsset represents an SBOM file found in a GitHub release

type SBOMData 

type SBOMData struct {
	Content  []byte
	Filename string
}

type SBOMFetcher added in v0.0.6 

type SBOMFetcher interface {
	Fetch(ctx tcontext.TransferMetadata, config *GithubConfig) (iterator.SBOMIterator, error)
}

type SequentialFetcher added in v0.0.6 

type SequentialFetcher struct{}

func (*SequentialFetcher) Fetch added in v0.0.6 

func (f *SequentialFetcher) Fetch(ctx tcontext.TransferMetadata, config *GithubConfig) (iterator.SBOMIterator, error)

type VersionedSBOMs 

type VersionedSBOMs map[string][]SBOMData

VersionedSBOMs maps versions to their respective SBOMs in that version type VersionedSBOMs map[string][]string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.