diff --git a/src/Microsoft.Sbom.Api/SBOMValidator.cs b/src/Microsoft.Sbom.Api/SBOMValidator.cs index 7184e219a..0ba92b3d6 100644 --- a/src/Microsoft.Sbom.Api/SBOMValidator.cs +++ b/src/Microsoft.Sbom.Api/SBOMValidator.cs @@ -4,16 +4,19 @@ using System; using System.Collections.Generic; using System.ComponentModel; +using System.IO; using System.Linq; using System.Threading.Tasks; using Microsoft.Sbom.Api.Config; using Microsoft.Sbom.Api.Config.Extensions; using Microsoft.Sbom.Api.Output.Telemetry; using Microsoft.Sbom.Api.Workflows; +using Microsoft.Sbom.Common; using Microsoft.Sbom.Common.Config; using Microsoft.Sbom.Common.Config.Validators; using Microsoft.Sbom.Contracts; using Microsoft.Sbom.Contracts.Enums; +using Microsoft.Sbom.Extensions; using PowerArgs; namespace Microsoft.Sbom.Api; @@ -23,18 +26,34 @@ public class SbomValidator : ISBOMValidator private readonly IWorkflow sbomParserBasedValidationWorkflow; private readonly IRecorder recorder; private readonly IEnumerable configValidators; + private readonly IConfiguration configuration; + private readonly ISbomConfigProvider sbomConfigs; + private readonly IFileSystemUtils fileSystemUtils; public SbomValidator( IWorkflow sbomParserBasedValidationWorkflow, IRecorder recorder, - IEnumerable configValidators, - ConfigSanitizer configSanitizer) + IEnumerable configValidators) { this.sbomParserBasedValidationWorkflow = sbomParserBasedValidationWorkflow ?? throw new ArgumentNullException(nameof(sbomParserBasedValidationWorkflow)); this.recorder = recorder ?? throw new ArgumentNullException(nameof(recorder)); this.configValidators = configValidators; } + public SbomValidator( + IWorkflow sbomParserBasedValidationWorkflow, + IRecorder recorder, + IEnumerable configValidators, + IConfiguration configuration, + ISbomConfigProvider sbomConfigs, + IFileSystemUtils fileSystemUtils) + : this(sbomParserBasedValidationWorkflow, recorder, configValidators) + { + this.configuration = configuration; + this.sbomConfigs = sbomConfigs; + this.fileSystemUtils = fileSystemUtils; + } + public async Task ValidateSbomAsync() { var isSuccess = await sbomParserBasedValidationWorkflow.RunAsync(); @@ -45,7 +64,7 @@ public async Task ValidateSbomAsync() return isSuccess; } - public async Task ValidateSbomAsync( + public async Task ValidateSbomAsync( string buildDropPath, string outputPath, IList specifications, @@ -77,12 +96,18 @@ public async Task ValidateSbomAsync( inputConfig.ToConfiguration(); + var sbomConfig = sbomConfigs.Get(configuration.ManifestInfo.Value.FirstOrDefault()); + var path = sbomConfig.ManifestJsonFilePath; + if (!fileSystemUtils.FileExists(sbomConfig.ManifestJsonFilePath)) + { + throw new FileNotFoundException($"Manifest not found in specified location: {sbomConfig.ManifestJsonFilePath}"); + } + var isSuccess = await sbomParserBasedValidationWorkflow.RunAsync(); await recorder.FinalizeAndLogTelemetryAsync(); - var entityErrors = recorder.Errors.Select(error => error.ToEntityError()).ToList(); - - return isSuccess; + var errors = recorder.Errors.Select(error => error.ToEntityError()).ToList(); + return new SBOMValidationResult(errors.Any(), errors); } private InputConfiguration ValidateConfig(InputConfiguration config) diff --git a/src/Microsoft.Sbom.Api/Workflows/SBOMParserBasedValidationWorkflow.cs b/src/Microsoft.Sbom.Api/Workflows/SBOMParserBasedValidationWorkflow.cs index f85e3388b..34769116e 100644 --- a/src/Microsoft.Sbom.Api/Workflows/SBOMParserBasedValidationWorkflow.cs +++ b/src/Microsoft.Sbom.Api/Workflows/SBOMParserBasedValidationWorkflow.cs @@ -1,4 +1,4 @@ -// Copyright (c) Microsoft. All rights reserved. +// Copyright (c) Microsoft. All rights reserved. // Licensed under the MIT license. See LICENSE file in the project root for full license information. using System; @@ -69,7 +69,6 @@ public async Task RunAsync() { var sw = Stopwatch.StartNew(); var sbomConfig = sbomConfigs.Get(configuration.ManifestInfo.Value.FirstOrDefault()); - using var stream = fileSystemUtils.OpenRead(sbomConfig.ManifestJsonFilePath); var manifestInterface = manifestParserProvider.Get(sbomConfig.ManifestInfo); var sbomParser = manifestInterface.CreateParser(stream); diff --git a/src/Microsoft.Sbom.Contracts/Contracts/SBOMValidationFailure.cs b/src/Microsoft.Sbom.Contracts/Contracts/SBOMValidationFailure.cs deleted file mode 100644 index 321a301a4..000000000 --- a/src/Microsoft.Sbom.Contracts/Contracts/SBOMValidationFailure.cs +++ /dev/null @@ -1,22 +0,0 @@ -// Copyright (c) Microsoft. All rights reserved. -// Licensed under the MIT license. See LICENSE file in the project root for full license information. - -using System.Collections.Generic; - -namespace Microsoft.Sbom.Contracts; - -/// -/// Represents a failure result for SBOM validation. -/// -public class SBOMValidationFailure : SBOMValidationResult -{ - /// - /// Gets a list of errors that were encountered during the SBOM validation. - /// - public IList Errors { get; private set; } - - public SBOMValidationFailure(IList errors) - { - Errors = errors; - } -} diff --git a/src/Microsoft.Sbom.Contracts/Contracts/SBOMValidationResult.cs b/src/Microsoft.Sbom.Contracts/Contracts/SBOMValidationResult.cs index b1d806be1..b292c5012 100644 --- a/src/Microsoft.Sbom.Contracts/Contracts/SBOMValidationResult.cs +++ b/src/Microsoft.Sbom.Contracts/Contracts/SBOMValidationResult.cs @@ -1,11 +1,22 @@ -// Copyright (c) Microsoft. All rights reserved. +// Copyright (c) Microsoft. All rights reserved. // Licensed under the MIT license. See LICENSE file in the project root for full license information. namespace Microsoft.Sbom.Contracts; +using System.Collections.Generic; + /// /// Represents the result of a SBOM validation action. /// -public abstract class SBOMValidationResult +public class SBOMValidationResult { + public bool IsSuccess { get; private set; } + + public IList Errors { get; private set; } + + public SBOMValidationResult(bool isSuccess, IList errors) + { + this.IsSuccess = isSuccess; + this.Errors = errors; + } } diff --git a/src/Microsoft.Sbom.Contracts/Contracts/SBOMValidationSuccess.cs b/src/Microsoft.Sbom.Contracts/Contracts/SBOMValidationSuccess.cs deleted file mode 100644 index f8440c384..000000000 --- a/src/Microsoft.Sbom.Contracts/Contracts/SBOMValidationSuccess.cs +++ /dev/null @@ -1,11 +0,0 @@ -// Copyright (c) Microsoft. All rights reserved. -// Licensed under the MIT license. See LICENSE file in the project root for full license information. - -namespace Microsoft.Sbom.Contracts; - -/// -/// Represents a successful SBOM validation result. -/// -public class SbomValidationSuccess : SBOMValidationResult -{ -} diff --git a/src/Microsoft.Sbom.Contracts/ISBOMValidator.cs b/src/Microsoft.Sbom.Contracts/ISBOMValidator.cs index 8130054db..2ee498ce4 100644 --- a/src/Microsoft.Sbom.Contracts/ISBOMValidator.cs +++ b/src/Microsoft.Sbom.Contracts/ISBOMValidator.cs @@ -30,7 +30,7 @@ public interface ISBOMValidator /// The runtime configuration to use for validation. /// The algorithm to use for hashing. /// - Task ValidateSbomAsync( + Task ValidateSbomAsync( string buildDropPath, string outputPath, IList specifications,