Update ValidateAsync & throw exception if SBOM not found (#425)

* update ValidateAsync to return errors & throw exception if SBOM not found

* small fix to return type

* address some PR feedback

* restructure SBOMValidationResult

* small fix to constructor

* add new constructor

* remove ConfigSanitizer

---------

Co-authored-by: Sebastian Gomez <69322674+sebasgomez238@users.noreply.github.com>

src/Microsoft.Sbom.Api/SBOMValidator.cs

@@ -4,16 +4,19 @@
 using System;
 using System.Collections.Generic;
 using System.ComponentModel;
+using System.IO;
 using System.Linq;
 using System.Threading.Tasks;
 using Microsoft.Sbom.Api.Config;
 using Microsoft.Sbom.Api.Config.Extensions;
 using Microsoft.Sbom.Api.Output.Telemetry;
 using Microsoft.Sbom.Api.Workflows;
+using Microsoft.Sbom.Common;
 using Microsoft.Sbom.Common.Config;
 using Microsoft.Sbom.Common.Config.Validators;
 using Microsoft.Sbom.Contracts;
 using Microsoft.Sbom.Contracts.Enums;
+using Microsoft.Sbom.Extensions;
 using PowerArgs;
 
 namespace Microsoft.Sbom.Api;
@@ -23,18 +26,34 @@ public class SbomValidator : ISBOMValidator
     private readonly IWorkflow<SbomParserBasedValidationWorkflow> sbomParserBasedValidationWorkflow;
     private readonly IRecorder recorder;
     private readonly IEnumerable<ConfigValidator> configValidators;
+    private readonly IConfiguration configuration;
+    private readonly ISbomConfigProvider sbomConfigs;
+    private readonly IFileSystemUtils fileSystemUtils;
 
     public SbomValidator(
         IWorkflow<SbomParserBasedValidationWorkflow> sbomParserBasedValidationWorkflow,
         IRecorder recorder,
-        IEnumerable<ConfigValidator> configValidators,
-        ConfigSanitizer configSanitizer)
+        IEnumerable<ConfigValidator> configValidators)
     {
         this.sbomParserBasedValidationWorkflow = sbomParserBasedValidationWorkflow ?? throw new ArgumentNullException(nameof(sbomParserBasedValidationWorkflow));
         this.recorder = recorder ?? throw new ArgumentNullException(nameof(recorder));
         this.configValidators = configValidators;
     }
 
+    public SbomValidator(
+        IWorkflow<SbomParserBasedValidationWorkflow> sbomParserBasedValidationWorkflow,
+        IRecorder recorder,
+        IEnumerable<ConfigValidator> configValidators,
+        IConfiguration configuration,
+        ISbomConfigProvider sbomConfigs,
+        IFileSystemUtils fileSystemUtils)
+        : this(sbomParserBasedValidationWorkflow, recorder, configValidators)
+    {
+        this.configuration = configuration;
+        this.sbomConfigs = sbomConfigs;
+        this.fileSystemUtils = fileSystemUtils;
+    }
+
     public async Task<bool> ValidateSbomAsync()
     {
         var isSuccess = await sbomParserBasedValidationWorkflow.RunAsync();
@@ -45,7 +64,7 @@ public async Task<bool> ValidateSbomAsync()
         return isSuccess;
     }
 
-    public async Task<bool> ValidateSbomAsync(
+    public async Task<SBOMValidationResult> ValidateSbomAsync(
         string buildDropPath,
         string outputPath,
         IList<SbomSpecification> specifications,
@@ -77,12 +96,18 @@ public async Task<bool> ValidateSbomAsync(
 
         inputConfig.ToConfiguration();
 
+        var sbomConfig = sbomConfigs.Get(configuration.ManifestInfo.Value.FirstOrDefault());
+        var path = sbomConfig.ManifestJsonFilePath;
+        if (!fileSystemUtils.FileExists(sbomConfig.ManifestJsonFilePath))
+        {
+            throw new FileNotFoundException($"Manifest not found in specified location: {sbomConfig.ManifestJsonFilePath}");
+        }
+
         var isSuccess = await sbomParserBasedValidationWorkflow.RunAsync();
         await recorder.FinalizeAndLogTelemetryAsync();
 
-        var entityErrors = recorder.Errors.Select(error => error.ToEntityError()).ToList();
-
-        return isSuccess;
+        var errors = recorder.Errors.Select(error => error.ToEntityError()).ToList();
+        return new SBOMValidationResult(errors.Any(), errors);
     }
 
     private InputConfiguration ValidateConfig(InputConfiguration config)

src/Microsoft.Sbom.Api/Workflows/SBOMParserBasedValidationWorkflow.cs

@@ -1,4 +1,4 @@
-// Copyright (c) Microsoft. All rights reserved.
+// Copyright (c) Microsoft. All rights reserved.
 // Licensed under the MIT license. See LICENSE file in the project root for full license information.
 
 using System;
@@ -69,7 +69,6 @@ public async Task<bool> RunAsync()
             {
                 var sw = Stopwatch.StartNew();
                 var sbomConfig = sbomConfigs.Get(configuration.ManifestInfo.Value.FirstOrDefault());
-
                 using var stream = fileSystemUtils.OpenRead(sbomConfig.ManifestJsonFilePath);
                 var manifestInterface = manifestParserProvider.Get(sbomConfig.ManifestInfo);
                 var sbomParser = manifestInterface.CreateParser(stream);

src/Microsoft.Sbom.Contracts/Contracts/SBOMValidationResult.cs

@@ -1,11 +1,22 @@
-// Copyright (c) Microsoft. All rights reserved.
+// Copyright (c) Microsoft. All rights reserved.
 // Licensed under the MIT license. See LICENSE file in the project root for full license information.
 
 namespace Microsoft.Sbom.Contracts;
 
+using System.Collections.Generic;
+
 /// <summary>
 /// Represents the result of a SBOM validation action.
 /// </summary>
-public abstract class SBOMValidationResult
+public class SBOMValidationResult
 {
+    public bool IsSuccess { get; private set; }
+
+    public IList<EntityError> Errors { get; private set; }
+
+    public SBOMValidationResult(bool isSuccess, IList<EntityError> errors)
+    {
+        this.IsSuccess = isSuccess;
+        this.Errors = errors;
+    }
 }

src/Microsoft.Sbom.Contracts/ISBOMValidator.cs

@@ -30,7 +30,7 @@ public interface ISBOMValidator
     /// <param name="runtimeConfiguration">The runtime configuration to use for validation.</param>
     /// <param name="algorithmName">The algorithm to use for hashing.</param>
     /// </summary>
-    Task<bool> ValidateSbomAsync(
+    Task<SBOMValidationResult> ValidateSbomAsync(
         string buildDropPath,
         string outputPath,
         IList<SbomSpecification> specifications,