chore: add integration test for provenance extractor; add json_tools script.

benmss · benmss · commit 1ccaefc069cc · 2024-03-22T09:14:17.000+10:00
Signed-off-by: Ben Selwyn-Smith &lt;benselwynsmith@googlemail.com&gt;
diff --git a/scripts/dev_scripts/integration_tests.sh b/scripts/dev_scripts/integration_tests.sh
@@ -98,6 +98,15 @@ if [[ -z "$NO_NPM_TEST" ]]; then
     $RUN_MACARON analyze -purl pkg:npm/@sigstore/mock@0.1.0 -rp https://github.com/sigstore/sigstore-js -b main -d ebdcfdfbdfeb9c9aeee6df53674ef230613629f5 --skip-deps || log_fail
 
     check_or_update_expected_output $COMPARE_JSON_OUT $JSON_RESULT $JSON_EXPECTED || log_fail
+
+    echo -e "\n----------------------------------------------------------------------------------"
+    echo "semver@7.6.0: Extracting repository URL and commit from provenance while Repo Finder is disabled."
+    echo -e "----------------------------------------------------------------------------------\n"
+    JSON_EXPECTED=$WORKSPACE/tests/e2e/expected_results/purl/npm/semver/semver.json
+    JSON_RESULT=$WORKSPACE/output/reports/npm/semver/semver.json
+    $RUN_MACARON -dp tests/e2e/defaults/disable_repo_finder.ini analyze -purl pkg:npm/semver@7.6.0 || log_fail
+
+    check_or_update_expected_output $COMPARE_JSON_OUT $JSON_RESULT $JSON_EXPECTED || log_fail
 fi
 
 echo -e "\n----------------------------------------------------------------------------------"
diff --git a/src/macaron/json_tools.py b/src/macaron/json_tools.py
@@ -0,0 +1,50 @@
+# Copyright (c) 2024 - 2024, Oracle and/or its affiliates. All rights reserved.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/.
+
+"""This module provides utility functions for JSON data."""
+
+from typing import TypeVar
+
+from macaron.errors import JsonError
+from macaron.util import JsonType
+
+T = TypeVar("T", bound=JsonType)
+
+
+def json_extract(entry: JsonType, keys: list[str], type_: type[T]) -> T:
+    """Return the value found by following the list of depth-sequential keys inside the passed JSON dictionary.
+
+    The value must be of the passed type.
+
+    Parameters
+    ----------
+    entry: JsonType
+        An entry point into a JSON structure.
+    keys: list[str]
+        The list of depth-sequential keys within the JSON.
+    type: type[T]
+        The type to check the value against and return it as.
+
+    Returns
+    -------
+    T:
+        The found value as the type of the type parameter.
+
+    Raises
+    ------
+    JsonError
+        Raised if an error occurs while searching for or validating the value.
+    """
+    target = entry
+
+    for index, key in enumerate(keys):
+        if not isinstance(target, dict):
+            raise JsonError(f"Expect the value .{'.'.join(keys[:index])} to be a dict.")
+        if key not in target:
+            raise JsonError(f"JSON key '{key}' not found in .{'.'.join(keys[:index])}.")
+        target = target[key]
+
+    if isinstance(target, type_):
+        return target
+
+    raise JsonError(f"Expect the value .{'.'.join(keys)} to be of type '{type_}'.")
diff --git a/tests/e2e/defaults/disable_repo_finder.ini b/tests/e2e/defaults/disable_repo_finder.ini
@@ -0,0 +1,5 @@
+# Copyright (c) 2024 - 2024, Oracle and/or its affiliates. All rights reserved.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/.
+
+[repofinder]
+find_repos = False
