feat: Add support for JUnit XML material type (#135)

Signed-off-by: Daniel Liszka <[email protected]>

Author: danlishka

app/controlplane/api/gen/frontend/workflowcontract/v1/crafting_schema.ts

@@ -54,6 +54,7 @@ message CraftingSchema {
             ARTIFACT = 3;
             SBOM_CYCLONEDX_JSON = 4;
             SBOM_SPDX_JSON = 5;
+            JUNIT_XML = 6;
             // SARIF = 5;
         } 
     }

app/controlplane/api/workflowcontract/v1/crafting_schema.pb.go

@@ -38,6 +38,7 @@ require (
 	github.com/in-toto/in-toto-golang v0.8.0
 	github.com/jackc/pgx/v4 v4.18.1
 	github.com/jedib0t/go-pretty/v6 v6.4.6
+	github.com/joshdk/go-junit v1.0.0
 	github.com/lib/pq v1.10.7
 	github.com/moby/moby v23.0.1+incompatible
 	github.com/opencontainers/image-spec v1.1.0-rc2

app/controlplane/api/workflowcontract/v1/crafting_schema.proto

@@ -744,6 +744,8 @@ github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqx
 github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo=
 github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
 github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
+github.com/joshdk/go-junit v1.0.0 h1:S86cUKIdwBHWwA6xCmFlf3RTLfVXYQfvanM5Uh+K6GE=
+github.com/joshdk/go-junit v1.0.0/go.mod h1:TiiV0PqkaNfFXjEiyjWM3XXrhVyCa1K4Zfga6W52ung=
 github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4=
 github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
 github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=

go.mod

@@ -0,0 +1,77 @@
+//
+// Copyright 2023 The Chainloop Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package materials
+
+import (
+	"context"
+	"fmt"
+	"io"
+	"os"
+
+	"encoding/xml"
+
+	api "github.com/chainloop-dev/chainloop/app/cli/api/attestation/v1"
+	schemaapi "github.com/chainloop-dev/chainloop/app/controlplane/api/workflowcontract/v1"
+	"github.com/chainloop-dev/chainloop/internal/casclient"
+	junit "github.com/joshdk/go-junit"
+	"github.com/rs/zerolog"
+)
+
+type JUnitXMLCrafter struct {
+	*crafterCommon
+	uploader casclient.Uploader
+}
+
+func NewJUnitXMLCrafter(schema *schemaapi.CraftingSchema_Material, uploader casclient.Uploader, l *zerolog.Logger) (*JUnitXMLCrafter, error) {
+	if schema.Type != schemaapi.CraftingSchema_Material_JUNIT_XML {
+		return nil, fmt.Errorf("material type is not JUnit XML")
+	}
+	craftCommon := &crafterCommon{logger: l, input: schema}
+	return &JUnitXMLCrafter{uploader: uploader, crafterCommon: craftCommon}, nil
+}
+
+func (i *JUnitXMLCrafter) Craft(ctx context.Context, filePath string) (*api.Attestation_Material, error) {
+	if err := i.validate(filePath); err != nil {
+		return nil, err
+	}
+
+	return uploadAndCraft(ctx, i.input, i.uploader, filePath)
+}
+
+func (i *JUnitXMLCrafter) validate(filePath string) error {
+	f, err := os.Open(filePath)
+	if err != nil {
+		return fmt.Errorf("can't open the file: %w", err)
+	}
+	defer f.Close()
+
+	bytes, err := io.ReadAll(f)
+	if err != nil {
+		return fmt.Errorf("can't read the file: %w", err)
+	}
+
+	if err := xml.Unmarshal(bytes, &junit.Suite{}); err != nil {
+		return fmt.Errorf("invalid JUnit XML file: %w", ErrInvalidMaterialType)
+	}
+
+	_, err = junit.IngestReader(f)
+	if err != nil {
+		i.logger.Debug().Err(err).Msgf("error decoding file: %s", filePath)
+		return fmt.Errorf("invalid JUnit XML file: %w", ErrInvalidMaterialType)
+	}
+
+	return nil
+}

go.sum

@@ -0,0 +1,130 @@
+//
+// Copyright 2023 The Chainloop Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package materials_test
+
+import (
+	"context"
+	"testing"
+	"time"
+
+	attestationApi "github.com/chainloop-dev/chainloop/app/cli/api/attestation/v1"
+	contractAPI "github.com/chainloop-dev/chainloop/app/controlplane/api/workflowcontract/v1"
+	"github.com/chainloop-dev/chainloop/internal/attestation/crafter/materials"
+	"github.com/chainloop-dev/chainloop/internal/casclient"
+	mUploader "github.com/chainloop-dev/chainloop/internal/casclient/mocks"
+	"github.com/rs/zerolog"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func TestNewJUnitXMLCrafter(t *testing.T) {
+	testCases := []struct {
+		name    string
+		input   *contractAPI.CraftingSchema_Material
+		wantErr bool
+	}{
+		{
+			name: "happy path",
+			input: &contractAPI.CraftingSchema_Material{
+				Type: contractAPI.CraftingSchema_Material_JUNIT_XML,
+			},
+		},
+		{
+			name: "wrong type",
+			input: &contractAPI.CraftingSchema_Material{
+				Type: contractAPI.CraftingSchema_Material_CONTAINER_IMAGE,
+			},
+			wantErr: true,
+		},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			_, err := materials.NewJUnitXMLCrafter(tc.input, nil, nil)
+			if tc.wantErr {
+				assert.Error(t, err)
+				return
+			}
+
+			assert.NoError(t, err)
+		})
+	}
+}
+func TestJUnitXMLCraft(t *testing.T) {
+	testCases := []struct {
+		name     string
+		filePath string
+		wantErr  string
+	}{
+		{
+			name:     "invalid path",
+			filePath: "./testdata/non-existing.json",
+			wantErr:  "no such file or directory",
+		},
+		{
+			name:     "invalid artifact type",
+			filePath: "./testdata/simple.txt",
+			wantErr:  "unexpected material type",
+		},
+		{
+			name:     "invalid artifact type",
+			filePath: "./testdata/junit-invalid.xml",
+			wantErr:  "unexpected material type",
+		},
+		{
+			name:     "valid artifact type",
+			filePath: "./testdata/junit.xml",
+		},
+	}
+
+	assert := assert.New(t)
+	schema := &contractAPI.CraftingSchema_Material{
+		Name: "test",
+		Type: contractAPI.CraftingSchema_Material_JUNIT_XML,
+	}
+	l := zerolog.Nop()
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			// Mock uploader
+			uploader := mUploader.NewUploader(t)
+			if tc.wantErr == "" {
+				uploader.On("UploadFile", context.TODO(), tc.filePath).
+					Return(&casclient.UpDownStatus{
+						Digest:   "deadbeef",
+						Filename: "test.xml",
+					}, nil)
+			}
+
+			crafter, err := materials.NewJUnitXMLCrafter(schema, uploader, &l)
+			require.NoError(t, err)
+
+			got, err := crafter.Craft(context.TODO(), tc.filePath)
+			if tc.wantErr != "" {
+				assert.ErrorContains(err, tc.wantErr)
+				return
+			}
+
+			require.NoError(t, err)
+			assert.Equal(contractAPI.CraftingSchema_Material_JUNIT_XML.String(), got.MaterialType.String())
+			assert.WithinDuration(time.Now(), got.AddedAt.AsTime(), 5*time.Second)
+
+			// The result includes the digest reference
+			assert.Equal(got.GetArtifact(), &attestationApi.Attestation_Material_Artifact{
+				Id: "test", Digest: "deadbeef", Name: "test.xml",
+			})
+		})
+	}
+}

internal/attestation/crafter/materials/junit_xml.go

@@ -18,11 +18,13 @@ package materials
 import (
 	"context"
 	"fmt"
+	"time"
 
 	api "github.com/chainloop-dev/chainloop/app/cli/api/attestation/v1"
 	schemaapi "github.com/chainloop-dev/chainloop/app/controlplane/api/workflowcontract/v1"
 	"github.com/chainloop-dev/chainloop/internal/casclient"
 	"github.com/rs/zerolog"
+	"google.golang.org/protobuf/types/known/timestamppb"
 )
 
 // ErrInvalidMaterialType is returned when the provided material type
@@ -34,6 +36,30 @@ type crafterCommon struct {
 	input  *schemaapi.CraftingSchema_Material
 }
 
+// uploadAndCraft uploads the artifact to CAS and crafts the material
+// this function is used by all the uploadable artifacts crafters (SBOMs, JUnit, and more in the future)
+func uploadAndCraft(ctx context.Context, input *schemaapi.CraftingSchema_Material, uploader casclient.Uploader, artifactPath string) (*api.Attestation_Material, error) {
+	result, err := uploader.UploadFile(ctx, artifactPath)
+	if err != nil {
+		return nil, fmt.Errorf("uploading material: %w", err)
+	}
+
+	res := &api.Attestation_Material{
+		AddedAt:      timestamppb.New(time.Now()),
+		MaterialType: input.Type,
+		M: &api.Attestation_Material_Artifact_{
+			Artifact: &api.Attestation_Material_Artifact{
+				Id:        input.Name,
+				Name:      result.Filename,
+				Digest:    result.Digest,
+				IsSubject: input.Output,
+			},
+		},
+	}
+
+	return res, nil
+}
+
 type Craftable interface {
 	Craft(ctx context.Context, value string) (*api.Attestation_Material, error)
 }
@@ -53,6 +79,8 @@ func Craft(ctx context.Context, materialSchema *schemaapi.CraftingSchema_Materia
 		crafter, err = NewCyclonedxJSONCrafter(materialSchema, uploader, logger)
 	case schemaapi.CraftingSchema_Material_SBOM_SPDX_JSON:
 		crafter, err = NewSPDXJSONCrafter(materialSchema, uploader, logger)
+	case schemaapi.CraftingSchema_Material_JUNIT_XML:
+		crafter, err = NewJUnitXMLCrafter(materialSchema, uploader, logger)
 	default:
 		return nil, fmt.Errorf("material of type %q not supported yet", materialSchema.Type)
 	}