metadata-service[orchestrator]: set SBOM url in registry (#44381)

airbytehq · Aug 20, 2024 · 8b6a91a · 8b6a91a
1 parent 7db4145
commit 8b6a91a
Show file tree

Hide file tree

Showing 4 changed files with 38 additions and 3 deletions.
diff --git a/airbyte-ci/connectors/metadata_service/lib/metadata_service/gcs_upload.py b/airbyte-ci/connectors/metadata_service/lib/metadata_service/gcs_upload.py
@@ -14,6 +14,7 @@
 from typing import List, Optional, Tuple
 
 import git
+import requests
 import yaml
 from google.cloud import storage
 from google.oauth2 import service_account
@@ -237,6 +238,18 @@ def _apply_author_info_to_metadata_file(metadata_dict: dict, original_metadata_f
     return metadata_dict
 
 
+def _apply_sbom_url_to_metadata_file(metadata_dict: dict) -> dict:
+    """Apply sbom url to the metadata file before uploading it to GCS."""
+    try:
+        sbom_url = f"https://connectors.airbyte.com/files/sbom/{metadata_dict['data']['dockerRepository']}/{metadata_dict['data']['dockerImageTag']}.spdx.json"
+    except KeyError:
+        return metadata_dict
+    response = requests.head(sbom_url)
+    if response.ok:
+        metadata_dict = set_(metadata_dict, "data.generated.sbomUrl", sbom_url)
+    return metadata_dict
+
+
 def _write_metadata_to_tmp_file(metadata_dict: dict) -> Path:
     """Write the metadata to a temporary file."""
     with tempfile.NamedTemporaryFile(mode="w", suffix=".yaml", delete=False) as tmp_file:
@@ -263,7 +276,7 @@ def _apply_modifications_to_metadata_file(original_metadata_file_path: Path, val
     metadata = _safe_load_metadata_file(original_metadata_file_path)
     metadata = _apply_prerelease_overrides(metadata, validator_opts)
     metadata = _apply_author_info_to_metadata_file(metadata, original_metadata_file_path)
-
+    metadata = _apply_sbom_url_to_metadata_file(metadata)
     return _write_metadata_to_tmp_file(metadata)
 
 

diff --git a/airbyte-ci/connectors/metadata_service/lib/pyproject.toml b/airbyte-ci/connectors/metadata_service/lib/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "metadata-service"
-version = "0.10.2"
+version = "0.10.3"
 description = ""
 authors = ["Ben Church <ben@airbyte.io>"]
 readme = "README.md"

diff --git a/airbyte-ci/connectors/metadata_service/orchestrator/pyproject.toml b/airbyte-ci/connectors/metadata_service/orchestrator/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "orchestrator"
-version = "0.2.4"
+version = "0.3.0"
 description = ""
 authors = ["Ben Church <ben@airbyte.io>"]
 readme = "README.md"

diff --git a/airbyte-ci/connectors/metadata_service/orchestrator/tests/test_registry.py b/airbyte-ci/connectors/metadata_service/orchestrator/tests/test_registry.py
@@ -339,6 +339,28 @@ def test_erd_url():
     assert result["erdUrl"] == "https://an-erd.com"
 
 
+def test_sbom_url():
+    """
+    Test that if when defined in the metadata, the sbom url will be populated in the registry
+    """
+    mock_metadata_entry = mock.Mock()
+    mock_metadata_entry.metadata_definition.dict.return_value = {
+        "data": {
+            "connectorType": "source",
+            "definitionId": "test-id",
+            "registryOverrides": {"oss": {"enabled": True}},
+            "dockerRepository": "test-connector",
+            "dockerImageTag": "test-tag",
+            "generated": {"sbomUrl": "test-sbom-url"},
+        }
+    }
+    mock_metadata_entry.icon_url = "test-icon-url"
+    mock_metadata_entry.dependency_file_url = "test-dependency-file-url"
+
+    result = metadata_to_registry_entry(mock_metadata_entry, "oss")
+    assert result["generated"]["sbomUrl"] == "test-sbom-url"
+
+
 def test_support_level_default():
     """
     Test if supportLevel is defaulted to alpha in the registry entry.