Skip to content
This repository was archived by the owner on Sep 11, 2025. It is now read-only.

Commit 71b62d3

Browse files
vobratilvobratil
authored
CAMP / Atlas API tests (#35)
1 parent 503a2f7 commit 71b62d3

22 files changed

+648
-4
lines changed

tests/api/features/alias.ts

Lines changed: 90 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,90 @@
1+
import { PurlService } from "../client";
2+
import { expect, test } from "../fixtures";
3+
4+
const opensslPurl = ["pkg:rpm/redhat/openssl@3.0.7-18.el9_2?arch=src"];
5+
6+
const opensslPurlAliases = [
7+
"pkg:rpm/redhat/openssl@3.0.7-18.el9_2?arch=src&repository_id=rhel-9-for-aarch64-baseos-aus-source-rpms",
8+
"pkg:rpm/redhat/openssl@3.0.7-18.el9_2?arch=src&repository_id=rhel-9-for-i686-baseos-aus-source-rpms",
9+
"pkg:rpm/redhat/openssl@3.0.7-18.el9_2?arch=src&repository_id=rhel-9-for-aarch64-baseos-e4s-source-rpms",
10+
"pkg:rpm/redhat/openssl@3.0.7-18.el9_2?arch=src&repository_id=rhel-9-for-s390x-baseos-eus-source-rpms",
11+
"pkg:rpm/redhat/openssl@3.0.7-18.el9_2?arch=src&repository_id=rhel-9-for-s390x-baseos-aus-source-rpms",
12+
"pkg:rpm/redhat/openssl@3.0.7-18.el9_2?arch=src&repository_id=rhel-9-for-i686-baseos-e4s-source-rpms",
13+
"pkg:rpm/redhat/openssl@3.0.7-18.el9_2?arch=src&repository_id=rhel-9-for-ppc64le-baseos-eus-source-rpms",
14+
"pkg:rpm/redhat/openssl@3.0.7-18.el9_2?arch=src&repository_id=rhel-9-for-x86_64-baseos-eus-source-rpms",
15+
"pkg:rpm/redhat/openssl@3.0.7-18.el9_2?arch=src&repository_id=rhel-9-for-ppc64le-baseos-aus-source-rpms",
16+
"pkg:rpm/redhat/openssl@3.0.7-18.el9_2?arch=src&repository_id=rhel-9-for-s390x-baseos-e4s-source-rpms",
17+
"pkg:rpm/redhat/openssl@3.0.7-18.el9_2?arch=src&repository_id=rhel-9-for-x86_64-baseos-e4s-source-rpms",
18+
"pkg:rpm/redhat/openssl@3.0.7-18.el9_2?arch=src&repository_id=rhel-9-for-ppc64le-baseos-e4s-source-rpms",
19+
"pkg:rpm/redhat/openssl@3.0.7-18.el9_2?arch=src&repository_id=rhel-9-for-i686-baseos-eus-source-rpms",
20+
"pkg:rpm/redhat/openssl@3.0.7-18.el9_2?arch=src&repository_id=rhel-9-for-aarch64-baseos-eus-source-rpms",
21+
"pkg:rpm/redhat/openssl@3.0.7-18.el9_2?arch=src&repository_id=rhel-9-for-x86_64-baseos-aus-source-rpms",
22+
];
23+
24+
// TODO: Rename when we get an appropriate SBOM with CPE aliases.
25+
const componentCpe = ["cpe:/a:redhat:quarkus:2.13:*:el8:*"];
26+
27+
const componentCpeAliases = [];
28+
29+
test("Alias / Get aliases by pURL", async ({ axios }) => {
30+
var urlEncodedPurl = encodeURIComponent(opensslPurl[0]);
31+
32+
const response = await axios.get(
33+
`/api/v2/analysis/component/${urlEncodedPurl}`
34+
);
35+
36+
expect(response.data.items).toEqual(
37+
expect.arrayContaining([
38+
expect.objectContaining({
39+
purl: expect.arrayContaining(opensslPurl.concat(opensslPurlAliases)),
40+
}),
41+
])
42+
);
43+
});
44+
45+
test("Alias / Get aliases by pURL alias", async ({ axios }) => {
46+
var urlEncodedPurlAlias = encodeURIComponent(opensslPurlAliases[0]);
47+
48+
const response = await axios.get(
49+
`/api/v2/analysis/component/${urlEncodedPurlAlias}`
50+
);
51+
52+
expect(response.data.items).toEqual(
53+
expect.arrayContaining([
54+
expect.objectContaining({
55+
purl: expect.arrayContaining(opensslPurl.concat(opensslPurlAliases)),
56+
}),
57+
])
58+
);
59+
});
60+
61+
test("Alias / Get aliases by CPE", async ({ axios }) => {
62+
// We currently don't have a suitable SBOM for this. At most we can verify that the CPE field is an array, which wasn't the case before this feature was implemented.
63+
var urlEncodedCpe = encodeURIComponent("cpe:/a:redhat:quarkus:2.13::el8");
64+
65+
const response = await axios.get(
66+
`/api/v2/analysis/component/${urlEncodedCpe}`
67+
);
68+
69+
expect(response.data.items).toEqual(
70+
expect.arrayContaining([
71+
expect.objectContaining({
72+
cpe: expect.arrayContaining(componentCpe.concat(componentCpeAliases)),
73+
}),
74+
])
75+
);
76+
});
77+
78+
// TODO: test.skip("Alias / Get aliases by CPE alias", async ({ axios }) => {});
79+
80+
test.skip("Alias / Get aliases by query", async ({ axios }) => {
81+
const response = await axios.get(`/api/v2/analysis/component?q=rhel`);
82+
83+
expect(response.data.items).toEqual(
84+
expect.arrayContaining([
85+
expect.objectContaining({
86+
purl: expect.arrayContaining(opensslPurlAliases),
87+
}),
88+
])
89+
);
90+
});

tests/api/features/purl.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
import { expect, test } from "../fixtures";
22

3-
test("Purl by alias - vanilla", async ({ axios }) => {
3+
test.skip("Purl by alias - vanilla", async ({ axios }) => {
44
const vanillaResponse = await axios.get(
55
"/api/v2/purl?offset=0&limit=10&q=openssl"
66
);

tests/api/features/relationship-ancestor-of.ts

Lines changed: 200 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,200 @@
1+
import { PurlService } from "../client";
2+
import { expect, test } from "../fixtures";
3+
4+
// Effectively tests TC-2054 / TC-2055 - Denote upstream relationship.
5+
6+
const cdxUpstreamPurl =
7+
"pkg:generic/openssl@3.0.7?checksum=SHA-512:1aea183b0b6650d9d5e7ba87b613bb1692c71720b0e75377b40db336b40bad780f7e8ae8dfb9f60841eeb4381f4b79c4c5043210c96e7cb51f90791b80c8285e&download_url=https://pkgs.devel.redhat.com/repo/openssl/openssl-3.0.7-hobbled.tar.gz/sha512/1aea183b0b6650d9d5e7ba87b613bb1692c71720b0e75377b40db336b40bad780f7e8ae8dfb9f60841eeb4381f4b79c4c5043210c96e7cb51f90791b80c8285e/openssl-3.0.7-hobbled.tar.gz";
8+
const cdxDownstreamPurl = "pkg:rpm/redhat/openssl@3.0.7-18.el9_2?arch=src";
9+
const spdxUpstreamPurl = "pkg:generic/upstream-component@0.0.0?arch=src";
10+
const spdxDownstreamPurl = "pkg:rpm/redhat/B@0.0.0";
11+
12+
const query = "openssl";
13+
14+
test("Ancestor of / CDX / Upstream component has descendants that include downstream component / Get with pURL", async ({
15+
axios,
16+
}) => {
17+
const urlEncodedUpstreamPurl = encodeURIComponent(cdxUpstreamPurl);
18+
19+
const response = await axios.get(
20+
`/api/v2/analysis/component/${urlEncodedUpstreamPurl}?descendants=10`
21+
);
22+
23+
expect(response.data.items).toEqual(
24+
expect.arrayContaining([
25+
expect.objectContaining({
26+
purl: expect.arrayContaining([cdxUpstreamPurl]),
27+
descendants: expect.arrayContaining([
28+
expect.objectContaining({
29+
relationship: "ancestor_of",
30+
purl: expect.arrayContaining([cdxDownstreamPurl]),
31+
}),
32+
]),
33+
}),
34+
])
35+
);
36+
});
37+
38+
// This should theoretically be possible, too, but I didn't manage to get it to work.
39+
test.skip("Ancestor of / CDX / Upstream component has descendants that include downstream component / Get with query", async ({
40+
axios,
41+
}) => {
42+
const response = await axios.get(
43+
`/api/v2/analysis/component?q=${query}?descendants=10`
44+
);
45+
46+
expect(response.data.items).toEqual(
47+
expect.arrayContaining([
48+
expect.objectContaining({
49+
purl: expect.arrayContaining([cdxUpstreamPurl]),
50+
descendants: expect.arrayContaining([
51+
expect.objectContaining({
52+
relationship: "ancestor_of",
53+
purl: expect.arrayContaining([cdxDownstreamPurl]),
54+
}),
55+
]),
56+
}),
57+
])
58+
);
59+
});
60+
61+
test("Ancestor of / CDX / Downstream component has ancestors that include upstream component / Get with pURL", async ({
62+
axios,
63+
}) => {
64+
const urlEncodedDownstreamPurl = encodeURIComponent(cdxDownstreamPurl);
65+
66+
const response = await axios.get(
67+
`/api/v2/analysis/component/${urlEncodedDownstreamPurl}?ancestors=10`
68+
);
69+
70+
expect(response.data.items).toEqual(
71+
expect.arrayContaining([
72+
expect.objectContaining({
73+
purl: expect.arrayContaining([cdxDownstreamPurl]),
74+
ancestors: expect.arrayContaining([
75+
expect.objectContaining({
76+
relationship: "ancestor_of",
77+
purl: expect.arrayContaining([cdxUpstreamPurl]),
78+
}),
79+
]),
80+
}),
81+
])
82+
);
83+
});
84+
85+
// This should theoretically be possible, too, but I didn't manage to get it to work.
86+
test.skip("Ancestor of / CDX / Downstream component has ancestors that include upstream component / Get with query", async ({
87+
axios,
88+
}) => {
89+
const response = await axios.get(
90+
`/api/v2/analysis/component?q=${query}?descendants=10`
91+
);
92+
93+
expect(response.data.items).toEqual(
94+
expect.arrayContaining([
95+
expect.objectContaining({
96+
purl: expect.arrayContaining([cdxDownstreamPurl]),
97+
ancestors: expect.arrayContaining([
98+
expect.objectContaining({
99+
relationship: "ancestor_of",
100+
purl: expect.arrayContaining([cdxUpstreamPurl]),
101+
}),
102+
]),
103+
}),
104+
])
105+
);
106+
});
107+
108+
test("Ancestor of / SPDX / Upstream component has descendants that include downstream component / Get with pURL", async ({
109+
axios,
110+
}) => {
111+
const urlEncodedUpstreamPurl = encodeURIComponent(spdxUpstreamPurl);
112+
113+
const response = await axios.get(
114+
`/api/v2/analysis/component/${urlEncodedUpstreamPurl}?descendants=10`
115+
);
116+
117+
expect(response.data.items).toEqual(
118+
expect.arrayContaining([
119+
expect.objectContaining({
120+
purl: expect.arrayContaining([spdxUpstreamPurl]),
121+
descendants: expect.arrayContaining([
122+
expect.objectContaining({
123+
relationship: "ancestor_of",
124+
purl: expect.arrayContaining([spdxDownstreamPurl]),
125+
}),
126+
]),
127+
}),
128+
])
129+
);
130+
});
131+
132+
// This should theoretically be possible, too, but I didn't manage to get it to work.
133+
test.skip("Ancestor of / SPDX / Upstream component has descendants that include downstream component / Get with query", async ({
134+
axios,
135+
}) => {
136+
const response = await axios.get(
137+
`/api/v2/analysis/component?q=${query}?descendants=10`
138+
);
139+
140+
expect(response.data.items).toEqual(
141+
expect.arrayContaining([
142+
expect.objectContaining({
143+
purl: expect.arrayContaining([spdxUpstreamPurl]),
144+
descendants: expect.arrayContaining([
145+
expect.objectContaining({
146+
relationship: "ancestor_of",
147+
purl: expect.arrayContaining([spdxDownstreamPurl]),
148+
}),
149+
]),
150+
}),
151+
])
152+
);
153+
});
154+
155+
test("Ancestor of / SPDX / Downstream component has ancestors that include upstream component / Get with pURL", async ({
156+
axios,
157+
}) => {
158+
const urlEncodedDownstreamPurl = encodeURIComponent(spdxDownstreamPurl);
159+
160+
const response = await axios.get(
161+
`/api/v2/analysis/component/${urlEncodedDownstreamPurl}?ancestors=10`
162+
);
163+
164+
expect(response.data.items).toEqual(
165+
expect.arrayContaining([
166+
expect.objectContaining({
167+
purl: expect.arrayContaining([spdxDownstreamPurl]),
168+
ancestors: expect.arrayContaining([
169+
expect.objectContaining({
170+
relationship: "ancestor_of",
171+
purl: expect.arrayContaining([spdxUpstreamPurl]),
172+
}),
173+
]),
174+
}),
175+
])
176+
);
177+
});
178+
179+
// This should theoretically be possible, too, but I didn't manage to get it to work.
180+
test.skip("Ancestor of / SPDX / Downstream component has ancestors that include upstream component / Get with query", async ({
181+
axios,
182+
}) => {
183+
const response = await axios.get(
184+
`/api/v2/analysis/component?q=${query}?descendants=10`
185+
);
186+
187+
expect(response.data.items).toEqual(
188+
expect.arrayContaining([
189+
expect.objectContaining({
190+
purl: expect.arrayContaining([spdxDownstreamPurl]),
191+
ancestors: expect.arrayContaining([
192+
expect.objectContaining({
193+
relationship: "ancestor_of",
194+
purl: expect.arrayContaining([spdxUpstreamPurl]),
195+
}),
196+
]),
197+
}),
198+
])
199+
);
200+
});

0 commit comments

Comments
 (0)