1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
|
package gitlab
import (
"bytes"
"fmt"
"io"
"net/http"
)
type DependencyListExportService struct {
client *Client
}
// CreateDependencyListExportOptions represents the available CreateDependencyListExport()
// options.
//
// GitLab API docs:
// https://docs.gitlab.com/ee/api/dependency_list_export.html#create-a-pipeline-level-dependency-list-export
type CreateDependencyListExportOptions struct {
ExportType *string `url:"export_type" json:"export_type"`
}
// DependencyListExport represents a request for a GitLab project's dependency list.
//
// GitLab API docs:
// https://docs.gitlab.com/ee/api/dependency_list_export.html#create-a-pipeline-level-dependency-list-export
type DependencyListExport struct {
ID int `json:"id"`
HasFinished bool `json:"has_finished"`
Self string `json:"self"`
Download string `json:"download"`
}
const defaultExportType = "sbom"
// CreateDependencyListExport creates a new CycloneDX JSON export for all the project dependencies
// detected in a pipeline.
//
// If an authenticated user does not have permission to read_dependency, this request returns a 403
// Forbidden status code.
//
// SBOM exports can be only accessed by the export’s author.
//
// GitLab docs:
// https://docs.gitlab.com/ee/api/dependency_list_export.html#create-a-pipeline-level-dependency-list-export
func (s *DependencyListExportService) CreateDependencyListExport(pipelineID int, opt *CreateDependencyListExportOptions, options ...RequestOptionFunc) (*DependencyListExport, *Response, error) {
// POST /pipelines/:id/dependency_list_exports
createExportPath := fmt.Sprintf("pipelines/%d/dependency_list_exports", pipelineID)
if opt == nil {
opt = &CreateDependencyListExportOptions{}
}
if opt.ExportType == nil {
opt.ExportType = Ptr(defaultExportType)
}
req, err := s.client.NewRequest(http.MethodPost, createExportPath, opt, options)
if err != nil {
return nil, nil, err
}
export := new(DependencyListExport)
resp, err := s.client.Do(req, &export)
if err != nil {
return nil, resp, err
}
return export, resp, nil
}
// GetDependencyListExport gets metadata about a single dependency list export.
//
// GitLab docs:
// https://docs.gitlab.com/ee/api/dependency_list_export.html#get-single-dependency-list-export
func (s *DependencyListExportService) GetDependencyListExport(id int, options ...RequestOptionFunc) (*DependencyListExport, *Response, error) {
// GET /dependency_list_exports/:id
getExportPath := fmt.Sprintf("dependency_list_exports/%d", id)
req, err := s.client.NewRequest(http.MethodGet, getExportPath, nil, options)
if err != nil {
return nil, nil, err
}
export := new(DependencyListExport)
resp, err := s.client.Do(req, &export)
if err != nil {
return nil, resp, err
}
return export, resp, nil
}
// DownloadDependencyListExport downloads a single dependency list export.
//
// The github.com/CycloneDX/cyclonedx-go package can be used to parse the data from the returned io.Reader.
//
// sbom := new(cdx.BOM)
// decoder := cdx.NewBOMDecoder(reader, cdx.BOMFileFormatJSON)
//
// if err = decoder.Decode(sbom); err != nil {
// panic(err)
// }
//
// GitLab docs:
// https://docs.gitlab.com/ee/api/dependency_list_export.html#download-dependency-list-export
func (s *DependencyListExportService) DownloadDependencyListExport(id int, options ...RequestOptionFunc) (io.Reader, *Response, error) {
// GET /dependency_list_exports/:id/download
downloadExportPath := fmt.Sprintf("dependency_list_exports/%d/download", id)
req, err := s.client.NewRequest(http.MethodGet, downloadExportPath, nil, options)
if err != nil {
return nil, nil, err
}
var sbomBuffer bytes.Buffer
resp, err := s.client.Do(req, &sbomBuffer)
if err != nil {
return nil, resp, err
}
return &sbomBuffer, resp, nil
}
|
