From ff539396a31e044471b405e98e6bd2e8fcaeb94c Mon Sep 17 00:00:00 2001 From: "John M. Horan" Date: Thu, 4 Jan 2024 10:18:02 -0800 Subject: [PATCH] Refactor purlcli.py validate, create tests #247 Reference: https://github.com/nexB/purldb/issues/247 Signed-off-by: John M. Horan --- packagedb/tests/test_purlcli.py | 94 +++++++++++++++++++++++++++++++++ purlcli.py | 13 +++-- 2 files changed, 104 insertions(+), 3 deletions(-) create mode 100644 packagedb/tests/test_purlcli.py diff --git a/packagedb/tests/test_purlcli.py b/packagedb/tests/test_purlcli.py new file mode 100644 index 00000000..cd3c7c83 --- /dev/null +++ b/packagedb/tests/test_purlcli.py @@ -0,0 +1,94 @@ +import os + +from click.testing import CliRunner +from commoncode.testcase import FileBasedTesting + +import purlcli + + +class TestPURLCLI(FileBasedTesting): + test_data_dir = os.path.join(os.path.dirname(__file__), "data") + + def test_validate_purl(self): + test_purls = [ + "pkg:nginx/nginx@0.8.9?os=windows", + "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.14.0-rc1", + ] + + validated_purls = purlcli.validate_purls(test_purls) + + expected_results = [ + { + "valid": True, + "exists": None, + "message": "The provided PackageURL is valid, but `check_existence` is not supported for this package type.", + "purl": "pkg:nginx/nginx@0.8.9?os=windows", + }, + { + "valid": True, + "exists": True, + "message": "The provided Package URL is valid, and the package exists in the upstream repo.", + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.14.0-rc1", + }, + ] + + self.assertEqual(validated_purls, expected_results) + + def test_validate_purl_empty(self): + test_purls = [] + + validated_purls = purlcli.validate_purls(test_purls) + + expected_results = [] + + self.assertEqual(validated_purls, expected_results) + + def test_validate_purl_invalid(self): + test_purls = [ + "foo", + ] + + validated_purls = purlcli.validate_purls(test_purls) + + expected_results = [ + { + "valid": False, + "exists": None, + "message": "The provided PackageURL is not valid.", + "purl": "foo", + } + ] + + self.assertEqual(validated_purls, expected_results) + + def test_validate_purl_strip(self): + test_purls = [ + "pkg:nginx/nginx@0.8.9?os=windows", + " pkg:nginx/nginx@0.8.9?os=windows", + "pkg:nginx/nginx@0.8.9?os=windows ", + ] + + validated_purls = purlcli.validate_purls(test_purls) + + expected_results = [ + { + "valid": True, + "exists": None, + "message": "The provided PackageURL is valid, but `check_existence` is not supported for this package type.", + "purl": "pkg:nginx/nginx@0.8.9?os=windows", + }, + { + "valid": True, + "exists": None, + "message": "The provided PackageURL is valid, but `check_existence` is not supported for this package type.", + "purl": "pkg:nginx/nginx@0.8.9?os=windows", + }, + { + "valid": True, + "exists": None, + "message": "The provided PackageURL is valid, but `check_existence` is not supported for this package type.", + "purl": "pkg:nginx/nginx@0.8.9?os=windows", + }, + ] + + self.assertEqual(validated_purls, expected_results) diff --git a/purlcli.py b/purlcli.py index 550f0e53..013170df 100644 --- a/purlcli.py +++ b/purlcli.py @@ -38,11 +38,18 @@ def validate(purls, output, file): """ if (purls and file) or not (purls or file): raise click.UsageError("Use either purls or file but not both.") - api_query = "https://public.purldb.io/api/validate/" - validated_purls = [] + if file: purls = file.read().splitlines(False) + validated_purls = validate_purls(purls) + + json.dump(validated_purls, output, indent=4) + + +def validate_purls(purls): + api_query = "https://public.purldb.io/api/validate/" + validated_purls = [] for purl in purls: purl = purl.strip() if not purl: @@ -52,7 +59,7 @@ def validate(purls, output, file): results = response.json() validated_purls.append(results) - json.dump(validated_purls, output, indent=4) + return validated_purls if __name__ == "__main__":