Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8ea2ffc8 authored by Wei Li's avatar Wei Li
Browse files

Add integration test for verifying package verification code in SBOM. 

The test case calculates package verification code of package product according to the SPDX spec and compare it to the one in SBOM file which should have the same SHA1 hash value. This helps verify the python logic of generating it in SBOM files.

Bug: 293304694
Test: build/soong/tests/sbom_test.sh
Change-Id: I37c96d90a1990fbeb786f1bd4e8dc87102e0f0cd
parent 2d8b555f

tests/sbom_test.sh

+35 −0
Original line number Diff line number Diff line
@@ -238,10 +238,45 @@ function test_sbom_aosp_cf_x86_64_phone { 
    diff_files "$file_list_file" "$files_in_spdx_file" "$partition_name"

  done



  verify_package_verification_code "$product_out/sbom.spdx"



  # Teardown

  cleanup "${out_dir}"

}



function verify_package_verification_code {

  local sbom_file="$1"; shift



  local -a file_checksums

  local package_product_found=

  while read -r line;

  do

    if grep -q 'PackageVerificationCode' <<<"$line"

    then

      package_product_found=true

    fi

    if [ -n "$package_product_found" ]

    then

      if grep -q 'FileChecksum' <<< "$line"

      then

        checksum=$(echo $line | sed 's/^.*: //')

        file_checksums+=("$checksum")

      fi

    fi

  done <<< "$(grep -E 'PackageVerificationCode|FileChecksum' $sbom_file)"

  IFS=$'\n' file_checksums=($(sort <<<"${file_checksums[*]}")); unset IFS

  IFS= expected_package_verification_code=$(printf "${file_checksums[*]}" | sha1sum | sed 's/[[:space:]]*-//'); unset IFS



  actual_package_verification_code=$(grep PackageVerificationCode $sbom_file | sed 's/PackageVerificationCode: //g')

  if [ $actual_package_verification_code = $expected_package_verification_code ]

  then

    echo "Package verification code is correct."

  else

    echo "Unexpected package verification code."

    exit 1

  fi

}



function test_sbom_unbundled_apex {

  # Setup

  out_dir="$(setup)"