Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
fdff8f17
Commit
fdff8f17
authored
Aug 13, 2020
by
Tetiana Chupryna
Committed by
Markus Koller
Aug 13, 2020
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Offline copy of SPDX catalogue
parent
34d48f3b
Changes
6
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
73 additions
and
19 deletions
+73
-19
ee/changelogs/unreleased/212388-offline-spdx-copy.yml
ee/changelogs/unreleased/212388-offline-spdx-copy.yml
+5
-0
ee/config/feature_flags/development/offline_spdx_catalogue.yml
...nfig/feature_flags/development/offline_spdx_catalogue.yml
+7
-0
ee/lib/gitlab/spdx/catalogue_gateway.rb
ee/lib/gitlab/spdx/catalogue_gateway.rb
+8
-1
ee/lib/tasks/gitlab/spdx.rake
ee/lib/tasks/gitlab/spdx.rake
+22
-0
ee/spec/lib/gitlab/spdx/catalogue_gateway_spec.rb
ee/spec/lib/gitlab/spdx/catalogue_gateway_spec.rb
+30
-18
vendor/spdx.json
vendor/spdx.json
+1
-0
No files found.
ee/changelogs/unreleased/212388-offline-spdx-copy.yml
0 → 100644
View file @
fdff8f17
---
title
:
Offline copy of SPDX catalogue
merge_request
:
38691
author
:
type
:
added
ee/config/feature_flags/development/offline_spdx_catalogue.yml
0 → 100644
View file @
fdff8f17
---
name
:
offline_spdx_catalogue
introduced_by_url
:
https://gitlab.com/gitlab-org/gitlab/-/merge_requests/38691
rollout_issue_url
:
https://gitlab.com/gitlab-org/gitlab/-/issues/212388
group
:
group::composition analysis
type
:
development
default_enabled
:
false
ee/lib/gitlab/spdx/catalogue_gateway.rb
View file @
fdff8f17
...
@@ -3,9 +3,12 @@
...
@@ -3,9 +3,12 @@
module
Gitlab
module
Gitlab
module
SPDX
module
SPDX
class
CatalogueGateway
class
CatalogueGateway
URL
=
'https://spdx.org/licenses/licenses.json'
URL
=
'https://spdx.org/licenses/licenses.json'
.
freeze
OFFLINE_CATALOGUE
=
Rails
.
root
.
join
(
'vendor/spdx.json'
).
freeze
def
fetch
def
fetch
return
offline_catalogue
if
Feature
.
enabled?
(
:offline_spdx_catalogue
)
response
=
::
Gitlab
::
HTTP
.
get
(
URL
)
response
=
::
Gitlab
::
HTTP
.
get
(
URL
)
if
response
.
success?
if
response
.
success?
...
@@ -33,6 +36,10 @@ module Gitlab
...
@@ -33,6 +36,10 @@ module Gitlab
build_catalogue
(
licenses:
[])
build_catalogue
(
licenses:
[])
end
end
def
offline_catalogue
parse
(
File
.
read
(
OFFLINE_CATALOGUE
))
end
def
build_catalogue
(
hash
)
def
build_catalogue
(
hash
)
::
Gitlab
::
SPDX
::
Catalogue
.
new
(
hash
)
::
Gitlab
::
SPDX
::
Catalogue
.
new
(
hash
)
end
end
...
...
ee/lib/tasks/gitlab/spdx.rake
0 → 100644
View file @
fdff8f17
# frozen_string_literal: true
require
'net/http'
require
'gitlab/json'
namespace
:gitlab
do
namespace
:spdx
do
desc
'GitLab | SPDX | Import copy of the catalogue to store it offline'
task
:import
do
spdx_url
=
Gitlab
::
SPDX
::
CatalogueGateway
::
URL
resp
=
Net
::
HTTP
.
get_response
(
URI
.
parse
(
spdx_url
))
data
=
Gitlab
::
Json
.
parse
(
resp
.
body
)
path
=
Gitlab
::
SPDX
::
CatalogueGateway
::
OFFLINE_CATALOGUE
IO
.
write
(
path
,
data
.
to_json
,
mode:
'w'
)
puts
"Local copy of SPDX catalogue is saved to
#{
path
}
"
rescue
=>
e
puts
"Import of SPDX catalogue failed:
#{
e
}
"
end
end
end
ee/spec/lib/gitlab/spdx/catalogue_gateway_spec.rb
View file @
fdff8f17
...
@@ -8,39 +8,51 @@ RSpec.describe Gitlab::SPDX::CatalogueGateway do
...
@@ -8,39 +8,51 @@ RSpec.describe Gitlab::SPDX::CatalogueGateway do
describe
"#fetch"
do
describe
"#fetch"
do
let
(
:result
)
{
subject
.
fetch
}
let
(
:result
)
{
subject
.
fetch
}
let
(
:url
)
{
described_class
::
URL
}
let
(
:url
)
{
described_class
::
URL
}
let
(
:catalogue_hash
)
{
Gitlab
::
Json
.
parse
(
spdx_json
,
symbolize_names:
true
)
}
context
"when the licenses.json endpoint is healthy"
do
context
'when feature flag is enabled'
do
let
(
:spdx_json
)
{
IO
.
read
(
Rails
.
root
.
join
(
"spec"
,
"fixtures"
,
"spdx.json"
))
}
let
(
:spdx_json
)
{
described_class
::
OFFLINE_CATALOGUE
.
read
}
let
(
:catalogue_hash
)
{
Gitlab
::
Json
.
parse
(
spdx_json
,
symbolize_names:
true
)
}
before
do
stub_full_request
(
url
,
method: :get
).
to_return
(
status:
200
,
body:
spdx_json
)
end
it
{
expect
(
result
.
count
).
to
be
(
catalogue_hash
[
:licenses
].
count
)
}
it
{
expect
(
result
.
count
).
to
be
(
catalogue_hash
[
:licenses
].
count
)
}
end
end
context
"when the licenses.json endpoint is not reachable"
do
context
'when feature flag is disabled'
do
before
do
before
do
allow
(
Gitlab
::
Metrics
).
to
receive
(
:add_event
)
stub_feature_flags
(
offline_spdx_catalogue:
false
)
stub_full_request
(
url
,
method: :get
).
to_return
(
status:
404
)
result
end
end
it
{
expect
(
result
.
count
).
to
be_zero
}
context
'when endpoint is healthy'
do
it
{
expect
(
Gitlab
::
Metrics
).
to
have_received
(
:add_event
).
with
(
:spdx_fetch_failed
,
http_status_code:
404
)
}
let
(
:spdx_json
)
{
Rails
.
root
.
join
(
"spec"
,
"fixtures"
,
"spdx.json"
).
read
}
end
Gitlab
::
HTTP
::
HTTP_ERRORS
.
each
do
|
error
|
before
do
context
"when an `
#{
error
}
` is raised while trying to connect to the endpoint"
do
stub_full_request
(
url
,
method: :get
).
to_return
(
status:
200
,
body:
spdx_json
)
end
it
{
expect
(
result
.
count
).
to
be
(
catalogue_hash
[
:licenses
].
count
)
}
end
context
'when the licenses.json endpoint is not reachable'
do
before
do
before
do
allow
(
Gitlab
::
Metrics
).
to
receive
(
:add_event
)
allow
(
Gitlab
::
Metrics
).
to
receive
(
:add_event
)
stub_full_request
(
url
,
method: :get
).
and_raise
(
error
)
stub_full_request
(
url
,
method: :get
).
to_return
(
status:
404
)
result
result
end
end
it
{
expect
(
result
.
count
).
to
be_zero
}
it
{
expect
(
result
.
count
).
to
be_zero
}
it
{
expect
(
Gitlab
::
Metrics
).
to
have_received
(
:add_event
).
with
(
:spdx_fetch_failed
,
anything
)
}
it
{
expect
(
Gitlab
::
Metrics
).
to
have_received
(
:add_event
).
with
(
:spdx_fetch_failed
,
http_status_code:
404
)
}
end
Gitlab
::
HTTP
::
HTTP_ERRORS
.
each
do
|
error
|
context
"when an `
#{
error
}
` is raised while trying to connect to the endpoint"
do
before
do
allow
(
Gitlab
::
Metrics
).
to
receive
(
:add_event
)
stub_full_request
(
url
,
method: :get
).
and_raise
(
error
)
result
end
it
{
expect
(
result
.
count
).
to
be_zero
}
it
{
expect
(
Gitlab
::
Metrics
).
to
have_received
(
:add_event
).
with
(
:spdx_fetch_failed
,
anything
)
}
end
end
end
end
end
end
end
...
...
vendor/spdx.json
0 → 100644
View file @
fdff8f17
This source diff could not be displayed because it is too large. You can
view the blob
instead.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment