Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ci: setup yaml linting of SBOM Catalog #73

Closed
wants to merge 3 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .github/requirements.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
yamale==5.2.1
15 changes: 15 additions & 0 deletions .github/workflows/build-pull-request.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,21 @@ jobs:
uses: actions/setup-node@v4
with:
node-version: 'lts/*'

- uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
with:
python-version: '3.10'
cache: 'pip' # caching pip dependencies
- run: pip install -r .github/requirements.txt

- name: Lint Catalog Data
run: yamllint -d relaxed SBOM-Catalog

- name: Schema Check Catalog Data
run: yamale -s SBOM-Catalog/schemas/data.yaml SBOM-Catalog/public/data.yaml

- name: Schema Check Catalog Filters
run: yamale -s SBOM-Catalog/schemas/filters.yaml SBOM-Catalog/public/filters.yaml

- name: Install dependencies
run: cd SBOM-Catalog && npm install
Expand Down
5 changes: 3 additions & 2 deletions SBOM-Catalog/public/data.yaml
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
---
- Name: Syft
Link: https://github.com/anchore/syft
Publisher: Anchore
Expand Down Expand Up @@ -589,9 +590,9 @@
Abilities:
- Consume
- Compare
Type:
Type:
- Source
- Build
- Analyzed
Language:
- Generic
- Generic
3 changes: 2 additions & 1 deletion SBOM-Catalog/public/filters.yaml
Original file line number Diff line number Diff line change
@@ -1,18 +1,19 @@
---
- name: Standards
enabled: true
description: Filter to distinguish between SBOM standards like SPDX and CycloneDx

Check warning on line 4 in SBOM-Catalog/public/filters.yaml

View workflow job for this annotation

GitHub Actions / build-catalog

4:81 [line-length] line too long (83 > 80 characters)

- name: License
enabled: false
description: Filter to distinguish between different license types like OpenSource or Proprietary

Check warning on line 8 in SBOM-Catalog/public/filters.yaml

View workflow job for this annotation

GitHub Actions / build-catalog

8:81 [line-length] line too long (99 > 80 characters)

- name: Abilities
enabled: true
description: Filter to distinguish between different abilities like SBOM creation, conversion or consumption

Check warning on line 12 in SBOM-Catalog/public/filters.yaml

View workflow job for this annotation

GitHub Actions / build-catalog

12:81 [line-length] line too long (110 > 80 characters)

- name: Type
enabled: false
description: Filter to distinguish between different phases where SBOMs are created like sources, build or analysed

Check warning on line 16 in SBOM-Catalog/public/filters.yaml

View workflow job for this annotation

GitHub Actions / build-catalog

16:81 [line-length] line too long (117 > 80 characters)

- name: Publisher
enabled: false
Expand All @@ -24,4 +25,4 @@

- name: Language
enabled: false
description: Filter to distinguish between different programming languages, build tools or operating systems
description: Filter to distinguish between different programming languages, build tools or operating systems

Check warning on line 28 in SBOM-Catalog/public/filters.yaml

View workflow job for this annotation

GitHub Actions / build-catalog

28:81 [line-length] line too long (110 > 80 characters)
13 changes: 13 additions & 0 deletions SBOM-Catalog/schemas/data.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
# Yamale schema file for SBOM-Catalog/public/data.yaml

list(include('data_item'))
---
data_item:
Name: str()
Link: str()
Publisher: str()
License: enum('OpenSource', 'Proprietary')
Standards: list(enum('CycloneDX', 'SPDX', 'SWID'))
Abilities: list(enum('Compare', 'Consume', 'Convert', 'Edit', 'Generate', 'Merge', 'Validate'))

Check warning on line 11 in SBOM-Catalog/schemas/data.yaml

View workflow job for this annotation

GitHub Actions / build-catalog

11:81 [line-length] line too long (97 > 80 characters)
Type: subset(enum('Design', 'Source', 'Build', 'Analyzed', 'Deployed', 'Runtime', 'Container'), allow_empty=True)

Check warning on line 12 in SBOM-Catalog/schemas/data.yaml

View workflow job for this annotation

GitHub Actions / build-catalog

12:81 [line-length] line too long (115 > 80 characters)
Language: subset(str(), allow_empty=True)
7 changes: 7 additions & 0 deletions SBOM-Catalog/schemas/filters.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
list(include('filter_item'))

---
filter_item:
name: str()
enabled: bool()
description: str()
Loading