Coverage for /home/benjarobin/Bootlin/projects/Schneider-Electric-Senux/sbom-cve-check/src/sbom_cve_check/export/export_base.py: 97%

29 statements  

« prev     ^ index     » next       coverage.py v7.11.1, created at 2025-11-28 15:37 +0100

1# -*- coding: utf-8 -*- 

2# SPDX-License-Identifier: GPL-2.0-only 

3 

4import abc 

5import pathlib 

6from collections.abc import Generator, Iterable 

7 

8from ..cve_db.annot_aggregate import AggregateAnnotEntry 

9from ..sbom.component import CompBuild, CompId, Component 

10from ..sbom.sbom_base import Sbom 

11 

12_LINUX_KERNEL_COMP_IDS = ( 

13 CompId(name="linux_kernel"), 

14 CompId(vendor="linux", name="linux"), 

15) 

16 

17 

18class BaseExport(abc.ABC): 

19 def __init__(self, sbom: Sbom, out_path: pathlib.Path) -> None: 

20 self._sbom = sbom 

21 self._out_path = out_path 

22 self._add_kernel_modules: bool = False 

23 

24 @property 

25 def output_path(self) -> pathlib.Path: 

26 return self._out_path 

27 

28 @abc.abstractmethod 

29 def start_export(self) -> Generator[None, None, None]: 

30 """ 

31 Initialize the export. Call before exporting each component builds. 

32 

33 This function must yield once, which allow to finalize the export after that. 

34 This also allow to use a context manager. 

35 """ 

36 

37 @abc.abstractmethod 

38 def export_comp_info( 

39 self, comp_build: CompBuild 

40 ) -> Generator[None, tuple[bool, AggregateAnnotEntry], None]: 

41 """ 

42 Export information about one component build (a "recipe"). 

43 

44 This object has associated components: Created packages from this "recipe". 

45 The build has associated CVE annotations provided by the aggregate annotation 

46 entries. 

47 """ 

48 

49 def cfg_add_kernel_modules(self, enable: bool) -> None: 

50 """If enable is true, add CVE annotations to all kernel modules""" 

51 self._add_kernel_modules = enable 

52 

53 def _filter_components(self, comp_build: CompBuild) -> Iterable[Component]: 

54 """ 

55 Filter the list of components from a component build object. 

56 

57 Typically used to exclude kernel modules packages in the exported file. 

58 :return: The filtered list 

59 """ 

60 if self._add_kernel_modules: 

61 return comp_build.components 

62 

63 if not comp_build.is_matching_one_of(_LINUX_KERNEL_COMP_IDS): 

64 return comp_build.components 

65 

66 fil_comps: list[Component] = [ 

67 comp for comp in comp_build.components if "-module-" not in comp.name 

68 ] 

69 

70 fil2_comps: list[Component] = [ 

71 comp for comp in fil_comps if not comp.name.endswith("-modules") 

72 ] 

73 

74 return fil2_comps or fil_comps or comp_build.components