private List <BdioNode> GetBdioNodes()
{
BdioPropertyHelper bdioPropertyHelper = new BdioPropertyHelper();
BdioNodeFactory bdioNodeFactory = new BdioNodeFactory(bdioPropertyHelper);
string projectGroup = "com.blackducksoftware.gradle.test";
string projectName = "gradleTestProject";
string projectVersion = "99.5-SNAPSHOT";
string projectExternalId = bdioPropertyHelper.CreateMavenExternalId(projectGroup, projectName, projectVersion);
string projectBdioId = bdioPropertyHelper.CreateBdioId(projectGroup, projectName, projectVersion);
BdioBillOfMaterials bdioBillOfMaterials = bdioNodeFactory.CreateBillOfMaterials("", projectName, projectVersion);
// we are overriding the default value of a new uuid just to pass the json comparison
bdioBillOfMaterials.Id = "uuid:45772d33-5353-44f1-8681-3d8a15540646";
BdioProject bdioProject = bdioNodeFactory.CreateProject(projectName, projectVersion, projectBdioId, "maven", projectExternalId);
BdioComponent cxfBundle = bdioNodeFactory.CreateComponent("cxf-bundle", "2.7.7",
bdioPropertyHelper.CreateBdioId("org.apache.cxf", "cxf-bundle", "2.7.7"),
"maven", bdioPropertyHelper.CreateMavenExternalId("org.apache.cxf", "cxf-bundle", "2.7.7"));
BdioComponent velocity = bdioNodeFactory.CreateComponent("velocity", "1.7",
bdioPropertyHelper.CreateBdioId("org.apache.velocity", "velocity", "1.7"),
"maven", bdioPropertyHelper.CreateMavenExternalId("org.apache.velocity", "velocity", "1.7"));
BdioComponent commonsCollections = bdioNodeFactory.CreateComponent("commons-collections", "3.2.1",
bdioPropertyHelper.CreateBdioId("commons-collections", "commons-collections", "3.2.1"),
"maven", bdioPropertyHelper.CreateMavenExternalId("commons-collections", "commons-collections", "3.2.1"));
BdioComponent commonsLang = bdioNodeFactory.CreateComponent("commons-lang", "2.6",
bdioPropertyHelper.CreateBdioId("commons-lang", "commons-lang", "2.6"),
"maven", bdioPropertyHelper.CreateMavenExternalId("commons-lang", "commons-lang", "2.6"));
// we will now relate the constructed bdio nodes
// first, add the cxfBundle component as a child of the project - this project has a single direct dependency
bdioPropertyHelper.AddRelationship(bdioProject, cxfBundle);
// now, the cxfBundle component itself has two dependencies, which will appear in the final BOM as they are
// transitive dependencies of the project
bdioPropertyHelper.AddRelationships(cxfBundle, new List <BdioNode> {
velocity, commonsLang
});
// and the velocity component also has two dependencies - it will only add one additional entry to our final BOM
// as the commonsLang component was already included from the cxfBundle component above
bdioPropertyHelper.AddRelationships(velocity, new List <BdioNode> {
commonsCollections, commonsLang
});
List <BdioNode> bdioNodes = new List <BdioNode>
{
bdioBillOfMaterials,
bdioProject,
cxfBundle,
velocity,
commonsCollections,
commonsLang
};
return(bdioNodes);
}
public void TestCodeLocationOverride()
{
BdioPropertyHelper bdioPropertyHelper = new BdioPropertyHelper();
BdioNodeFactory bdioNodeFactory = new BdioNodeFactory(bdioPropertyHelper);
BdioBillOfMaterials bdioBillOfMaterials = bdioNodeFactory.CreateBillOfMaterials("", "name", "version");
Assert.AreEqual("name/version Black Duck I/O Export", bdioBillOfMaterials.SpdxName);
bdioBillOfMaterials = bdioNodeFactory.CreateBillOfMaterials("override", "name", "version");
Assert.AreEqual("override", bdioBillOfMaterials.SpdxName);
}
public BdioContent BuildBOMFromMetadata(List <NuGet.PackageReference> packages, PackageMetadataResource metadataResource)
{
BdioPropertyHelper bdioPropertyHelper = new BdioPropertyHelper();
BdioNodeFactory bdioNodeFactory = new BdioNodeFactory(bdioPropertyHelper);
BdioContent bdio = new BdioContent();
// Create bdio bill of materials node
BdioBillOfMaterials bdioBillOfMaterials = bdioNodeFactory.CreateBillOfMaterials(HubCodeLocationName, HubProjectName, HubVersionName);
// Create bdio project node
string projectBdioId = bdioPropertyHelper.CreateBdioId(HubProjectName, HubVersionName);
BdioExternalIdentifier projectExternalIdentifier = bdioPropertyHelper.CreateNugetExternalIdentifier(HubProjectName, HubVersionName); // Note: Could be different. Look at config file
BdioProject bdioProject = bdioNodeFactory.CreateProject(HubProjectName, HubVersionName, projectBdioId, projectExternalIdentifier);
// Create relationships for every bdio node
List <BdioNode> bdioComponents = new List <BdioNode>();
foreach (NuGet.PackageReference packageRef in packages)
{
// Create component node
string componentName = packageRef.Id;
string componentVersion = packageRef.Version.ToString();
string componentBdioId = bdioPropertyHelper.CreateBdioId(componentName, componentVersion);
BdioExternalIdentifier componentExternalIdentifier = bdioPropertyHelper.CreateNugetExternalIdentifier(componentName, componentVersion);
BdioComponent component = bdioNodeFactory.CreateComponent(componentName, componentVersion, componentBdioId, componentExternalIdentifier);
// Add references
List <PackageDependency> packageDependencies = GetPackageDependencies(packageRef, metadataResource);
foreach (PackageDependency packageDependency in packageDependencies)
{
// Create node from dependency info
string dependencyName = packageDependency.Id;
string dependencyVersion = GetDependencyVersion(packageDependency, packages);
string dependencyBdioId = bdioPropertyHelper.CreateBdioId(dependencyName, dependencyVersion);
BdioExternalIdentifier dependencyExternalIdentifier = bdioPropertyHelper.CreateNugetExternalIdentifier(dependencyName, dependencyVersion);
BdioComponent dependency = bdioNodeFactory.CreateComponent(dependencyName, dependencyVersion, dependencyBdioId, dependencyExternalIdentifier);
// Add relationship
bdioPropertyHelper.AddRelationship(component, dependency);
}
bdioComponents.Add(component);
}
bdio.BillOfMaterials = bdioBillOfMaterials;
bdio.Project = bdioProject;
bdio.Components = bdioComponents;
return(bdio);
}
public BdioBillOfMaterials CreateBillOfMaterials(string codeLocationName, string projectName, string projectVersion)
{
BdioBillOfMaterials billOfMaterials = new BdioBillOfMaterials();
billOfMaterials.Id = string.Format("uuid:{0}", Guid.NewGuid().ToString());
if (!String.IsNullOrWhiteSpace(codeLocationName))
{
billOfMaterials.SpdxName = codeLocationName;
}
else
{
billOfMaterials.SpdxName = string.Format("{0}/{1} Black Duck I/O Export", projectName, projectVersion);
}
billOfMaterials.BdioSpecificationVersion = "1.1.0";
return(billOfMaterials);
}
private void GenerateMergedFile(List <BdioNode> components)
{
BdioPropertyHelper bdioPropertyHelper = new BdioPropertyHelper();
BdioNodeFactory bdioNodeFactory = new BdioNodeFactory(bdioPropertyHelper);
BdioContent bdio = new BdioContent();
// solutions do not have project names or versions by default
string projectName = HubProjectName;
string versionName = HubVersionName;
if (String.IsNullOrWhiteSpace(projectName))
{
projectName = Path.GetFileNameWithoutExtension(SolutionPath);
}
if (String.IsNullOrWhiteSpace(versionName))
{
versionName = DateTime.UtcNow.ToString(ProjectGenerator.DEFAULT_DATETIME_FORMAT);
}
// Create bdio bill of materials node
BdioBillOfMaterials bdioBillOfMaterials = bdioNodeFactory.CreateBillOfMaterials(HubCodeLocationName, projectName, versionName);
// Create bdio project node
string projectBdioId = bdioPropertyHelper.CreateBdioId(projectName, versionName);
BdioExternalIdentifier projectExternalIdentifier = bdioPropertyHelper.CreateNugetExternalIdentifier(projectName, versionName); // Note: Could be different. Look at config file
BdioProject bdioProject = bdioNodeFactory.CreateProject(projectName, versionName, projectBdioId, projectExternalIdentifier);
bdio.BillOfMaterials = bdioBillOfMaterials;
bdio.Project = bdioProject;
bdio.Components = components;
string bdioFilePath = Path.Combine(OutputDirectory, $"{projectName}.jsonld");
File.WriteAllText(bdioFilePath, bdio.ToString());
}