diff --git a/etc/test-data/cyclonedx/rh/latest_filters/TC-2719/firefox.json b/etc/test-data/cyclonedx/rh/latest_filters/TC-2719/firefox.json new file mode 100644 index 000000000..c9ca5e6a2 --- /dev/null +++ b/etc/test-data/cyclonedx/rh/latest_filters/TC-2719/firefox.json @@ -0,0 +1 @@ +{"bomFormat":"CycloneDX","specVersion":"1.6","serialNumber":"urn:uuid:b7ee7d76-e59d-3ec7-8ff0-82230d0ad57b","version":1,"metadata":{"timestamp":"2025-07-01T12:07:53Z","tools":{"components":[{"type":"application","author":"Red Hat","name":"SBOMer","version":"44d356cd"}]},"component":{"type":"operating-system","bom-ref":"RHEL-8.10.0.Z.MAIN+EUS","supplier":{"name":"Red Hat","url":["https://www.redhat.com"]},"name":"Red Hat Enterprise Linux 8","version":"RHEL-8.10.0.Z.MAIN+EUS","evidence":{"identity":[{"field":"cpe","concludedValue":"cpe:/a:redhat:enterprise_linux:8.10::appstream"},{"field":"cpe","concludedValue":"cpe:/a:redhat:enterprise_linux:8::appstream"}]}},"supplier":{"name":"Red Hat","url":["https://www.redhat.com"]},"properties":[{"name":"redhat:advisory_id","value":"151443"}]},"components":[{"type":"library","bom-ref":"pkg:rpm/redhat/firefox@128.12.0-1.el8_10?arch=src","supplier":{"name":"Red Hat","url":["https://www.redhat.com"]},"name":"firefox","version":"128.12.0-1.el8_10","hashes":[{"alg":"SHA-256","content":"39f3e620147a28a63c0023be5d0ddc80d7a8a1a7ba6dc533909acc602163198b"}],"licenses":[{"expression":"NOASSERTION"}],"purl":"pkg:rpm/redhat/firefox@128.12.0-1.el8_10?arch=src","evidence":{"identity":[{"field":"purl","concludedValue":"pkg:rpm/redhat/firefox@128.12.0-1.el8_10?arch=src&repository_id=rhel-8-for-aarch64-appstream-source-rpms__8"},{"field":"purl","concludedValue":"pkg:rpm/redhat/firefox@128.12.0-1.el8_10?arch=src&repository_id=rhel-8-for-x86_64-appstream-source-rpms__8_DOT_10"},{"field":"purl","concludedValue":"pkg:rpm/redhat/firefox@128.12.0-1.el8_10?arch=src&repository_id=rhel-8-for-ppc64le-appstream-source-rpms__8"},{"field":"purl","concludedValue":"pkg:rpm/redhat/firefox@128.12.0-1.el8_10?arch=src&repository_id=rhel-8-for-x86_64-appstream-source-rpms__8"},{"field":"purl","concludedValue":"pkg:rpm/redhat/firefox@128.12.0-1.el8_10?arch=src&repository_id=rhel-8-for-s390x-appstream-source-rpms__8_DOT_10"},{"field":"purl","concludedValue":"pkg:rpm/redhat/firefox@128.12.0-1.el8_10?arch=src&repository_id=rhel-8-for-s390x-appstream-source-rpms__8"},{"field":"purl","concludedValue":"pkg:rpm/redhat/firefox@128.12.0-1.el8_10?arch=src&repository_id=rhel-8-for-aarch64-appstream-source-rpms__8_DOT_10"},{"field":"purl","concludedValue":"pkg:rpm/redhat/firefox@128.12.0-1.el8_10?arch=src&repository_id=rhel-8-for-ppc64le-appstream-source-rpms__8_DOT_10"}]}}],"dependencies":[{"ref":"RHEL-8.10.0.Z.MAIN+EUS","dependsOn":[],"provides":["pkg:rpm/redhat/firefox@128.12.0-1.el8_10?arch=src"]}]} \ No newline at end of file diff --git a/etc/test-data/spdx/rh/latest/TC-2719/mariadb-9.7-1763396552-binary.json b/etc/test-data/spdx/rh/latest/TC-2719/mariadb-9.7-1763396552-binary.json new file mode 100644 index 000000000..0b364d76a --- /dev/null +++ b/etc/test-data/spdx/rh/latest/TC-2719/mariadb-9.7-1763396552-binary.json @@ -0,0 +1,263 @@ +{ + "SPDXID": "SPDXRef-DOCUMENT", + "creationInfo": { + "created": "2025-11-17T16:38:55Z", + "creators": [ + "Organization: Red Hat", + "Tool: Konflux CI", + "Tool: Mobster-1.1.0", + "Tool: Mobster-1.0.0" + ] + }, + "dataLicense": "CC0-1.0", + "name": "registry.redhat.io/rhel9/mariadb-1011@sha256:0600038402b995e2a189c6c60f6482fd29bc7d4618333d940fa28f6c9bbec547", + "spdxVersion": "SPDX-2.3", + "documentNamespace": "https://konflux-ci.dev/spdxdocs/quay.io/redhat-user-workloads/osci-rhel-containers-tenant/rhel-9-7/mariadb-1011-9-7@sha256:0600038402b995e2a189c6c60f6482fd29bc7d4618333d940fa28f6c9bbec547-d164c023-3587-4340-9ff2-5f1ac3c8a131", + "packages": [ + { + "SPDXID": "SPDXRef-image-index", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "0600038402b995e2a189c6c60f6482fd29bc7d4618333d940fa28f6c9bbec547" + } + ], + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:0600038402b995e2a189c6c60f6482fd29bc7d4618333d940fa28f6c9bbec547?repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=9.7" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:0600038402b995e2a189c6c60f6482fd29bc7d4618333d940fa28f6c9bbec547?repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=9.7-1763396552" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:0600038402b995e2a189c6c60f6482fd29bc7d4618333d940fa28f6c9bbec547?repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=latest" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:0600038402b995e2a189c6c60f6482fd29bc7d4618333d940fa28f6c9bbec547?repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=1" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:0600038402b995e2a189c6c60f6482fd29bc7d4618333d940fa28f6c9bbec547?repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=1-1763396552" + } + ], + "filesAnalyzed": false, + "licenseDeclared": "NOASSERTION", + "name": "mariadb-1011-9-7", + "supplier": "Organization: Red Hat", + "versionInfo": "256d5aef63bf8cec8fa93e100f526697b76f9c20" + }, + { + "SPDXID": "SPDXRef-image-mariadb-1011-9-7-025d33c9c9abf156e737a771da95ab6f1543126004b6190e4623f74f5e1208f2", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "a60c2ab360f480c6963fbef0c1d4262c9b0e55aa9c8a5917d800e11fce840355" + } + ], + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:a60c2ab360f480c6963fbef0c1d4262c9b0e55aa9c8a5917d800e11fce840355?arch=amd64&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=9.7" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:a60c2ab360f480c6963fbef0c1d4262c9b0e55aa9c8a5917d800e11fce840355?arch=amd64&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=9.7-1763396552" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:a60c2ab360f480c6963fbef0c1d4262c9b0e55aa9c8a5917d800e11fce840355?arch=amd64&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=latest" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:a60c2ab360f480c6963fbef0c1d4262c9b0e55aa9c8a5917d800e11fce840355?arch=amd64&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=1" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:a60c2ab360f480c6963fbef0c1d4262c9b0e55aa9c8a5917d800e11fce840355?arch=amd64&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=1-1763396552" + } + ], + "filesAnalyzed": false, + "licenseDeclared": "NOASSERTION", + "name": "mariadb-1011-9-7_amd64", + "supplier": "Organization: Red Hat", + "versionInfo": "256d5aef63bf8cec8fa93e100f526697b76f9c20" + }, + { + "SPDXID": "SPDXRef-image-mariadb-1011-9-7-4fe65f11867119c46de3b76d0e3eea77e91ba962d27c0b0a22ed801d8db1d2f5", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "2281b94f0874c8aea88e22a46b632452ddcbcfa42d165d4d55fdccf21d9e1b0e" + } + ], + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:2281b94f0874c8aea88e22a46b632452ddcbcfa42d165d4d55fdccf21d9e1b0e?arch=arm64&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=9.7" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:2281b94f0874c8aea88e22a46b632452ddcbcfa42d165d4d55fdccf21d9e1b0e?arch=arm64&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=9.7-1763396552" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:2281b94f0874c8aea88e22a46b632452ddcbcfa42d165d4d55fdccf21d9e1b0e?arch=arm64&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=latest" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:2281b94f0874c8aea88e22a46b632452ddcbcfa42d165d4d55fdccf21d9e1b0e?arch=arm64&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=1" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:2281b94f0874c8aea88e22a46b632452ddcbcfa42d165d4d55fdccf21d9e1b0e?arch=arm64&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=1-1763396552" + } + ], + "filesAnalyzed": false, + "licenseDeclared": "NOASSERTION", + "name": "mariadb-1011-9-7_arm64", + "supplier": "Organization: Red Hat", + "versionInfo": "256d5aef63bf8cec8fa93e100f526697b76f9c20" + }, + { + "SPDXID": "SPDXRef-image-mariadb-1011-9-7-fd7687d90b93f9cbe457254af0f29f45942984ef0157fe4f842b369160a9069d", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "dc3b882972536888e5c27bbc5d8dc3586d8a1fb2182dde3890fb662ea69f9d39" + } + ], + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:dc3b882972536888e5c27bbc5d8dc3586d8a1fb2182dde3890fb662ea69f9d39?arch=s390x&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=9.7" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:dc3b882972536888e5c27bbc5d8dc3586d8a1fb2182dde3890fb662ea69f9d39?arch=s390x&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=9.7-1763396552" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:dc3b882972536888e5c27bbc5d8dc3586d8a1fb2182dde3890fb662ea69f9d39?arch=s390x&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=latest" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:dc3b882972536888e5c27bbc5d8dc3586d8a1fb2182dde3890fb662ea69f9d39?arch=s390x&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=1" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:dc3b882972536888e5c27bbc5d8dc3586d8a1fb2182dde3890fb662ea69f9d39?arch=s390x&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=1-1763396552" + } + ], + "filesAnalyzed": false, + "licenseDeclared": "NOASSERTION", + "name": "mariadb-1011-9-7_s390x", + "supplier": "Organization: Red Hat", + "versionInfo": "256d5aef63bf8cec8fa93e100f526697b76f9c20" + }, + { + "SPDXID": "SPDXRef-image-mariadb-1011-9-7-28e9718623f661f7c511cd59907e16e50f12947be39968ee1106072b12bfef40", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "32259f85fc3ceba94ae0ac85862240b0b6a1cdf0fe944dce7c48a2b4a8dc7eb9" + } + ], + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:32259f85fc3ceba94ae0ac85862240b0b6a1cdf0fe944dce7c48a2b4a8dc7eb9?arch=ppc64le&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=9.7" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:32259f85fc3ceba94ae0ac85862240b0b6a1cdf0fe944dce7c48a2b4a8dc7eb9?arch=ppc64le&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=9.7-1763396552" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:32259f85fc3ceba94ae0ac85862240b0b6a1cdf0fe944dce7c48a2b4a8dc7eb9?arch=ppc64le&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=latest" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:32259f85fc3ceba94ae0ac85862240b0b6a1cdf0fe944dce7c48a2b4a8dc7eb9?arch=ppc64le&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=1" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:32259f85fc3ceba94ae0ac85862240b0b6a1cdf0fe944dce7c48a2b4a8dc7eb9?arch=ppc64le&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=1-1763396552" + } + ], + "filesAnalyzed": false, + "licenseDeclared": "NOASSERTION", + "name": "mariadb-1011-9-7_ppc64le", + "supplier": "Organization: Red Hat", + "versionInfo": "256d5aef63bf8cec8fa93e100f526697b76f9c20" + } + ], + "relationships": [ + { + "spdxElementId": "SPDXRef-DOCUMENT", + "relatedSpdxElement": "SPDXRef-image-index", + "relationshipType": "DESCRIBES" + }, + { + "spdxElementId": "SPDXRef-image-mariadb-1011-9-7-025d33c9c9abf156e737a771da95ab6f1543126004b6190e4623f74f5e1208f2", + "relatedSpdxElement": "SPDXRef-image-index", + "relationshipType": "VARIANT_OF" + }, + { + "spdxElementId": "SPDXRef-image-mariadb-1011-9-7-4fe65f11867119c46de3b76d0e3eea77e91ba962d27c0b0a22ed801d8db1d2f5", + "relatedSpdxElement": "SPDXRef-image-index", + "relationshipType": "VARIANT_OF" + }, + { + "spdxElementId": "SPDXRef-image-mariadb-1011-9-7-fd7687d90b93f9cbe457254af0f29f45942984ef0157fe4f842b369160a9069d", + "relatedSpdxElement": "SPDXRef-image-index", + "relationshipType": "VARIANT_OF" + }, + { + "spdxElementId": "SPDXRef-image-mariadb-1011-9-7-28e9718623f661f7c511cd59907e16e50f12947be39968ee1106072b12bfef40", + "relatedSpdxElement": "SPDXRef-image-index", + "relationshipType": "VARIANT_OF" + } + ], + "annotations": [ + { + "annotationDate": "2025-11-17T17:22:08Z", + "annotationType": "OTHER", + "annotator": "Tool: Mobster-1.0.0", + "comment": "release_id=23f0a400-7969-41eb-b97b-f6df70339ba9" + } + ] +} \ No newline at end of file diff --git a/etc/test-data/spdx/rh/latest/TC-2719/mariadb-9.7-1763396552-products.json b/etc/test-data/spdx/rh/latest/TC-2719/mariadb-9.7-1763396552-products.json new file mode 100644 index 000000000..6f695c13a --- /dev/null +++ b/etc/test-data/spdx/rh/latest/TC-2719/mariadb-9.7-1763396552-products.json @@ -0,0 +1,94 @@ +{ + "SPDXID": "SPDXRef-DOCUMENT", + "annotations": [ + { + "annotationDate": "2025-11-17T17:22:07Z", + "annotationType": "OTHER", + "annotator": "Tool: Mobster-1.0.0", + "comment": "release_id=23f0a400-7969-41eb-b97b-f6df70339ba9" + } + ], + "creationInfo": { + "created": "2025-11-17T17:22:07Z", + "creators": [ + "Organization: Red Hat", + "Tool: Konflux CI", + "Tool: Mobster-1.0.0" + ] + }, + "dataLicense": "CC0-1.0", + "name": "Red Hat Enterprise Linux 9.7", + "spdxVersion": "SPDX-2.3", + "documentNamespace": "https://konflux-ci.dev/spdxdocs/Red Hat Enterprise Linux 9.7-08521e6a-84df-4631-915f-899c074e010e", + "packages": [ + { + "SPDXID": "SPDXRef-product", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:/a:redhat:enterprise_linux:9::appstream", + "referenceType": "cpe22Type" + } + ], + "filesAnalyzed": false, + "licenseDeclared": "NOASSERTION", + "name": "Red Hat Enterprise Linux", + "supplier": "Organization: Red Hat", + "versionInfo": "9.7" + }, + { + "SPDXID": "SPDXRef-component-mariadb-1011-9-7", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "0600038402b995e2a189c6c60f6482fd29bc7d4618333d940fa28f6c9bbec547" + } + ], + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "PACKAGE_MANAGER", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:0600038402b995e2a189c6c60f6482fd29bc7d4618333d940fa28f6c9bbec547?repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=9.7", + "referenceType": "purl" + }, + { + "referenceCategory": "PACKAGE_MANAGER", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:0600038402b995e2a189c6c60f6482fd29bc7d4618333d940fa28f6c9bbec547?repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=9.7-1763396552", + "referenceType": "purl" + }, + { + "referenceCategory": "PACKAGE_MANAGER", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:0600038402b995e2a189c6c60f6482fd29bc7d4618333d940fa28f6c9bbec547?repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=latest", + "referenceType": "purl" + }, + { + "referenceCategory": "PACKAGE_MANAGER", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:0600038402b995e2a189c6c60f6482fd29bc7d4618333d940fa28f6c9bbec547?repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=1", + "referenceType": "purl" + }, + { + "referenceCategory": "PACKAGE_MANAGER", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:0600038402b995e2a189c6c60f6482fd29bc7d4618333d940fa28f6c9bbec547?repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=1-1763396552", + "referenceType": "purl" + } + ], + "filesAnalyzed": false, + "licenseDeclared": "NOASSERTION", + "name": "mariadb-1011-9-7", + "supplier": "Organization: Red Hat" + } + ], + "relationships": [ + { + "spdxElementId": "SPDXRef-DOCUMENT", + "relatedSpdxElement": "SPDXRef-product", + "relationshipType": "DESCRIBES" + }, + { + "spdxElementId": "SPDXRef-component-mariadb-1011-9-7", + "relatedSpdxElement": "SPDXRef-product", + "relationshipType": "PACKAGE_OF" + } + ] +} \ No newline at end of file diff --git a/etc/test-data/spdx/rh/latest/TC-2719/mariadb-binary.json b/etc/test-data/spdx/rh/latest/TC-2719/mariadb-binary.json new file mode 100644 index 000000000..31174ce12 --- /dev/null +++ b/etc/test-data/spdx/rh/latest/TC-2719/mariadb-binary.json @@ -0,0 +1,262 @@ +{ + "SPDXID": "SPDXRef-DOCUMENT", + "creationInfo": { + "created": "2025-12-22T17:21:45Z", + "creators": [ + "Organization: Red Hat", + "Tool: Konflux CI", + "Tool: Mobster-1.1.0" + ] + }, + "dataLicense": "CC0-1.0", + "name": "registry.redhat.io/rhel9/mariadb-1011@sha256:74f9ea6f46866bbcaeef62d7f65d09ff5b9a23be5c6b01aafd23995880cc7f7c", + "spdxVersion": "SPDX-2.3", + "documentNamespace": "https://konflux-ci.dev/spdxdocs/quay.io/redhat-user-workloads/osci-rhel-containers-tenant/rhel-9-7/mariadb-1011-9-7@sha256:74f9ea6f46866bbcaeef62d7f65d09ff5b9a23be5c6b01aafd23995880cc7f7c-8407928e-b995-4dca-aaff-bad70cc6c1fa", + "packages": [ + { + "SPDXID": "SPDXRef-image-index", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "74f9ea6f46866bbcaeef62d7f65d09ff5b9a23be5c6b01aafd23995880cc7f7c" + } + ], + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:74f9ea6f46866bbcaeef62d7f65d09ff5b9a23be5c6b01aafd23995880cc7f7c?repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=9.7" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:74f9ea6f46866bbcaeef62d7f65d09ff5b9a23be5c6b01aafd23995880cc7f7c?repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=9.7-1766423591" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:74f9ea6f46866bbcaeef62d7f65d09ff5b9a23be5c6b01aafd23995880cc7f7c?repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=latest" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:74f9ea6f46866bbcaeef62d7f65d09ff5b9a23be5c6b01aafd23995880cc7f7c?repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=1" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:74f9ea6f46866bbcaeef62d7f65d09ff5b9a23be5c6b01aafd23995880cc7f7c?repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=1-1766423591" + } + ], + "filesAnalyzed": false, + "licenseDeclared": "NOASSERTION", + "name": "mariadb-1011-9-7", + "supplier": "Organization: Red Hat", + "versionInfo": "827143220e27fe65b8e9671bc7f4fbab9977bba6" + }, + { + "SPDXID": "SPDXRef-image-mariadb-1011-9-7-7a0afa4bb498912cd10ae8476de585d6b1e9e92b8f44d20caf842d429fc919e8", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "0aa058979036c8e1c92e7fb0016d044870fb7b5547778763cd44d14235239e56" + } + ], + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:0aa058979036c8e1c92e7fb0016d044870fb7b5547778763cd44d14235239e56?arch=amd64&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=9.7" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:0aa058979036c8e1c92e7fb0016d044870fb7b5547778763cd44d14235239e56?arch=amd64&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=9.7-1766423591" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:0aa058979036c8e1c92e7fb0016d044870fb7b5547778763cd44d14235239e56?arch=amd64&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=latest" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:0aa058979036c8e1c92e7fb0016d044870fb7b5547778763cd44d14235239e56?arch=amd64&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=1" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:0aa058979036c8e1c92e7fb0016d044870fb7b5547778763cd44d14235239e56?arch=amd64&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=1-1766423591" + } + ], + "filesAnalyzed": false, + "licenseDeclared": "NOASSERTION", + "name": "mariadb-1011-9-7_amd64", + "supplier": "Organization: Red Hat", + "versionInfo": "827143220e27fe65b8e9671bc7f4fbab9977bba6" + }, + { + "SPDXID": "SPDXRef-image-mariadb-1011-9-7-486e1aed002efc7d6b36b12088acec3b95eebd67be16c4e49a5d9f9796ed1607", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "df124743703236990cbc8513774b2470cd4766aa82f5e51045e177e2e92e3a19" + } + ], + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:df124743703236990cbc8513774b2470cd4766aa82f5e51045e177e2e92e3a19?arch=arm64&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=9.7" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:df124743703236990cbc8513774b2470cd4766aa82f5e51045e177e2e92e3a19?arch=arm64&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=9.7-1766423591" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:df124743703236990cbc8513774b2470cd4766aa82f5e51045e177e2e92e3a19?arch=arm64&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=latest" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:df124743703236990cbc8513774b2470cd4766aa82f5e51045e177e2e92e3a19?arch=arm64&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=1" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:df124743703236990cbc8513774b2470cd4766aa82f5e51045e177e2e92e3a19?arch=arm64&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=1-1766423591" + } + ], + "filesAnalyzed": false, + "licenseDeclared": "NOASSERTION", + "name": "mariadb-1011-9-7_arm64", + "supplier": "Organization: Red Hat", + "versionInfo": "827143220e27fe65b8e9671bc7f4fbab9977bba6" + }, + { + "SPDXID": "SPDXRef-image-mariadb-1011-9-7-88c6e7aefb21b1edbe304f32cfb73659ea069dbc7cba6ac3325d30566ba57566", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "f36ad765cc8977447ed9d4b1338b27e5d24531772f3aed3f9e6a484f155a6473" + } + ], + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:f36ad765cc8977447ed9d4b1338b27e5d24531772f3aed3f9e6a484f155a6473?arch=s390x&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=9.7" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:f36ad765cc8977447ed9d4b1338b27e5d24531772f3aed3f9e6a484f155a6473?arch=s390x&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=9.7-1766423591" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:f36ad765cc8977447ed9d4b1338b27e5d24531772f3aed3f9e6a484f155a6473?arch=s390x&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=latest" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:f36ad765cc8977447ed9d4b1338b27e5d24531772f3aed3f9e6a484f155a6473?arch=s390x&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=1" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:f36ad765cc8977447ed9d4b1338b27e5d24531772f3aed3f9e6a484f155a6473?arch=s390x&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=1-1766423591" + } + ], + "filesAnalyzed": false, + "licenseDeclared": "NOASSERTION", + "name": "mariadb-1011-9-7_s390x", + "supplier": "Organization: Red Hat", + "versionInfo": "827143220e27fe65b8e9671bc7f4fbab9977bba6" + }, + { + "SPDXID": "SPDXRef-image-mariadb-1011-9-7-5c88ce5b090a887bd138b13b97641bbcfb3423ccfb0fb4ca5bd4f418aa1a4176", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "c1ff2f885c6982ac4fcd8a3e65f888659eae8747574ff80968035423a0fde7c2" + } + ], + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:c1ff2f885c6982ac4fcd8a3e65f888659eae8747574ff80968035423a0fde7c2?arch=ppc64le&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=9.7" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:c1ff2f885c6982ac4fcd8a3e65f888659eae8747574ff80968035423a0fde7c2?arch=ppc64le&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=9.7-1766423591" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:c1ff2f885c6982ac4fcd8a3e65f888659eae8747574ff80968035423a0fde7c2?arch=ppc64le&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=latest" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:c1ff2f885c6982ac4fcd8a3e65f888659eae8747574ff80968035423a0fde7c2?arch=ppc64le&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=1" + }, + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:c1ff2f885c6982ac4fcd8a3e65f888659eae8747574ff80968035423a0fde7c2?arch=ppc64le&repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=1-1766423591" + } + ], + "filesAnalyzed": false, + "licenseDeclared": "NOASSERTION", + "name": "mariadb-1011-9-7_ppc64le", + "supplier": "Organization: Red Hat", + "versionInfo": "827143220e27fe65b8e9671bc7f4fbab9977bba6" + } + ], + "relationships": [ + { + "spdxElementId": "SPDXRef-DOCUMENT", + "relatedSpdxElement": "SPDXRef-image-index", + "relationshipType": "DESCRIBES" + }, + { + "spdxElementId": "SPDXRef-image-mariadb-1011-9-7-7a0afa4bb498912cd10ae8476de585d6b1e9e92b8f44d20caf842d429fc919e8", + "relatedSpdxElement": "SPDXRef-image-index", + "relationshipType": "VARIANT_OF" + }, + { + "spdxElementId": "SPDXRef-image-mariadb-1011-9-7-486e1aed002efc7d6b36b12088acec3b95eebd67be16c4e49a5d9f9796ed1607", + "relatedSpdxElement": "SPDXRef-image-index", + "relationshipType": "VARIANT_OF" + }, + { + "spdxElementId": "SPDXRef-image-mariadb-1011-9-7-88c6e7aefb21b1edbe304f32cfb73659ea069dbc7cba6ac3325d30566ba57566", + "relatedSpdxElement": "SPDXRef-image-index", + "relationshipType": "VARIANT_OF" + }, + { + "spdxElementId": "SPDXRef-image-mariadb-1011-9-7-5c88ce5b090a887bd138b13b97641bbcfb3423ccfb0fb4ca5bd4f418aa1a4176", + "relatedSpdxElement": "SPDXRef-image-index", + "relationshipType": "VARIANT_OF" + } + ], + "annotations": [ + { + "annotationDate": "2025-12-22T17:55:59Z", + "annotationType": "OTHER", + "annotator": "Tool: Mobster-1.1.0", + "comment": "release_id=96dd58d8-65f0-4659-940d-df47f6733a05" + } + ] +} \ No newline at end of file diff --git a/etc/test-data/spdx/rh/latest/TC-2719/mariadb-product.json b/etc/test-data/spdx/rh/latest/TC-2719/mariadb-product.json new file mode 100644 index 000000000..bee6dab25 --- /dev/null +++ b/etc/test-data/spdx/rh/latest/TC-2719/mariadb-product.json @@ -0,0 +1,94 @@ +{ + "SPDXID": "SPDXRef-DOCUMENT", + "annotations": [ + { + "annotationDate": "2025-12-22T17:55:59Z", + "annotationType": "OTHER", + "annotator": "Tool: Mobster-1.1.0", + "comment": "release_id=96dd58d8-65f0-4659-940d-df47f6733a05" + } + ], + "creationInfo": { + "created": "2025-12-22T17:55:59Z", + "creators": [ + "Organization: Red Hat", + "Tool: Konflux CI", + "Tool: Mobster-1.1.0" + ] + }, + "dataLicense": "CC0-1.0", + "name": "Red Hat Enterprise Linux 9.7", + "spdxVersion": "SPDX-2.3", + "documentNamespace": "https://konflux-ci.dev/spdxdocs/Red Hat Enterprise Linux 9.7-0797cc7a-cd03-494b-bd89-56c47871c10b", + "packages": [ + { + "SPDXID": "SPDXRef-product", + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "SECURITY", + "referenceLocator": "cpe:/a:redhat:enterprise_linux:9::appstream", + "referenceType": "cpe22Type" + } + ], + "filesAnalyzed": false, + "licenseDeclared": "NOASSERTION", + "name": "Red Hat Enterprise Linux", + "supplier": "Organization: Red Hat", + "versionInfo": "9.7" + }, + { + "SPDXID": "SPDXRef-component-mariadb-1011-9-7", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "74f9ea6f46866bbcaeef62d7f65d09ff5b9a23be5c6b01aafd23995880cc7f7c" + } + ], + "downloadLocation": "NOASSERTION", + "externalRefs": [ + { + "referenceCategory": "PACKAGE_MANAGER", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:74f9ea6f46866bbcaeef62d7f65d09ff5b9a23be5c6b01aafd23995880cc7f7c?repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=9.7", + "referenceType": "purl" + }, + { + "referenceCategory": "PACKAGE_MANAGER", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:74f9ea6f46866bbcaeef62d7f65d09ff5b9a23be5c6b01aafd23995880cc7f7c?repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=9.7-1766423591", + "referenceType": "purl" + }, + { + "referenceCategory": "PACKAGE_MANAGER", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:74f9ea6f46866bbcaeef62d7f65d09ff5b9a23be5c6b01aafd23995880cc7f7c?repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=latest", + "referenceType": "purl" + }, + { + "referenceCategory": "PACKAGE_MANAGER", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:74f9ea6f46866bbcaeef62d7f65d09ff5b9a23be5c6b01aafd23995880cc7f7c?repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=1", + "referenceType": "purl" + }, + { + "referenceCategory": "PACKAGE_MANAGER", + "referenceLocator": "pkg:oci/mariadb-1011@sha256:74f9ea6f46866bbcaeef62d7f65d09ff5b9a23be5c6b01aafd23995880cc7f7c?repository_url=registry.redhat.io/rhel9/mariadb-1011&tag=1-1766423591", + "referenceType": "purl" + } + ], + "filesAnalyzed": false, + "licenseDeclared": "NOASSERTION", + "name": "mariadb-1011-9-7", + "supplier": "Organization: Red Hat" + } + ], + "relationships": [ + { + "spdxElementId": "SPDXRef-DOCUMENT", + "relatedSpdxElement": "SPDXRef-product", + "relationshipType": "DESCRIBES" + }, + { + "spdxElementId": "SPDXRef-component-mariadb-1011-9-7", + "relatedSpdxElement": "SPDXRef-product", + "relationshipType": "PACKAGE_OF" + } + ] +} \ No newline at end of file diff --git a/modules/analysis/src/endpoints/tests/latest_filters.rs b/modules/analysis/src/endpoints/tests/latest_filters.rs index edee9b8c7..8194a82dd 100644 --- a/modules/analysis/src/endpoints/tests/latest_filters.rs +++ b/modules/analysis/src/endpoints/tests/latest_filters.rs @@ -795,3 +795,95 @@ async fn resolve_rh_variant_latest_filter_tc_3278( Ok(()) } + +#[test_context(TrustifyContext)] +#[rstest] +#[case( // purl partial search + Req { what: What::Q("purl~pkg:rpm/redhat/firefox"), ancestors: Some(10), ..Req::default() }, + 1, + vec!["cyclonedx/rh/latest_filters/TC-2719/firefox.json"] +)] +#[case( // purl partial search + Req { what: What::Q("purl~pkg:rpm/redhat/firefox"), latest: true, ancestors: Some(10), ..Req::default() }, + 1, + vec!["cyclonedx/rh/latest_filters/TC-2719/firefox.json"] +)] +#[case( // spdx cpe search + Req { what: What::Id("cpe:/a:redhat:enterprise_linux:9::appstream"), ancestors: Some(10), ..Req::default() }, + 2, + vec![ + "spdx/rh/latest/TC-2719/mariadb-9.7-1763396552-binary.json", + "spdx/rh/latest/TC-2719/mariadb-9.7-1763396552-products.json", + "spdx/rh/latest/TC-2719/mariadb-binary.json", + "spdx/rh/latest/TC-2719/mariadb-product.json" + ])] +#[case( // spdx cpe latest search + Req { what: What::Id("cpe:/a:redhat:enterprise_linux:9::appstream"), latest:true, ancestors: Some(10), ..Req::default() }, + 1, + vec![ + "spdx/rh/latest/TC-2719/mariadb-9.7-1763396552-binary.json", + "spdx/rh/latest/TC-2719/mariadb-9.7-1763396552-products.json", + "spdx/rh/latest/TC-2719/mariadb-binary.json", + "spdx/rh/latest/TC-2719/mariadb-product.json" + ])] +#[case( // spdx q name search + Req { what: What::Q("name=mariadb-1011-9-7_arm64"), ancestors: Some(10), ..Req::default() }, + 2, + vec![ + "spdx/rh/latest/TC-2719/mariadb-9.7-1763396552-binary.json", + "spdx/rh/latest/TC-2719/mariadb-9.7-1763396552-products.json", + "spdx/rh/latest/TC-2719/mariadb-binary.json", + "spdx/rh/latest/TC-2719/mariadb-product.json" + ])] +#[case( // spdx latest q name search + Req { what: What::Q("name=mariadb-1011-9-7_arm64"), latest:true, ancestors: Some(10), ..Req::default() }, + 1, + vec![ + "spdx/rh/latest/TC-2719/mariadb-9.7-1763396552-binary.json", + "spdx/rh/latest/TC-2719/mariadb-9.7-1763396552-products.json", + "spdx/rh/latest/TC-2719/mariadb-binary.json", + "spdx/rh/latest/TC-2719/mariadb-product.json" + ])] +#[case( // spdx q partial purl search + Req { what: What::Q("purl~pkg:oci/mariadb-1011@"), ancestors: Some(10), ..Req::default() }, + 12, + vec![ + "spdx/rh/latest/TC-2719/mariadb-9.7-1763396552-binary.json", + "spdx/rh/latest/TC-2719/mariadb-9.7-1763396552-products.json", + "spdx/rh/latest/TC-2719/mariadb-binary.json", + "spdx/rh/latest/TC-2719/mariadb-product.json" + ])] +#[case( // spdx latest q partial purl search + Req { what: What::Q("purl~pkg:oci/mariadb-1011@"), latest:true, ancestors: Some(10), ..Req::default() }, + 6, + vec![ + "spdx/rh/latest/TC-2719/mariadb-9.7-1763396552-binary.json", + "spdx/rh/latest/TC-2719/mariadb-9.7-1763396552-products.json", + "spdx/rh/latest/TC-2719/mariadb-binary.json", + "spdx/rh/latest/TC-2719/mariadb-product.json" + ])] +#[test_log::test(actix_web::test)] +async fn resolve_rh_variant_latest_filter_tc_2719( + ctx: &TrustifyContext, + #[case] req: Req<'_>, + #[case] total: usize, + #[case] sbom_data: Vec<&str>, + #[values(false, true)] prime_cache: bool, +) -> Result<(), anyhow::Error> { + let app = caller(ctx).await?; + + ctx.ingest_documents(sbom_data).await?; + + if prime_cache { + let _response = app.req(Req::default()).await?; + } + + let mut response = app.req(req).await?; + + sort(&mut response["items"]); + + log::info!("{response:#?}"); + assert_eq!(total, response["total"]); + + Ok(()) +}