feat(dig) relationship detailed ship view

dira271641 · dira271641 · commit b2e8f20c26b8 · 2023-02-18T00:14:33.000+01:00
diff --git a/README.md b/README.md
@@ -19,6 +19,9 @@ By default uses _$HOME/sbom.spdx.json_ file to load the data. (you can pass cust
 with --config option
 ![Sample](https://github.com/dineshr93/sq/blob/main/sample2.png?raw=true)
 
+with relation dig option
+![Sample](https://github.com/dineshr93/sq/blob/main/dig.png?raw=true)
+
 ## Getting Started
 
 Contains following commands
@@ -70,8 +73,22 @@ Flags:
   -t, --toggle          Help message for toggle
 
 Use "sq [command] --help" for more information about a command.
+================================================================
+>sq rels dig -h
+dig the relationship and show actual packages and files
+
+For Ex:
+To list all relationship: ./sq rels dig
 
+Usage:
+  sq rels dig [flags]
+
+Flags:
+  -h, --help   help for dig
 
+Global Flags:
+      --config string   YOUR SBOM JSON FILE (default is $CURRENT_DIR/sbom.spdx.json)
+=================================================================
 Alternatively if UI is small to fit every thing, you can save the output to the file
 
 sq meta > sbom-meta.txt
diff --git a/cmd/dig.go b/cmd/dig.go
@@ -0,0 +1,64 @@
+/*
+Copyright © 2023 NAME HERE <EMAIL ADDRESS>
+*/
+package cmd
+
+import (
+	"fmt"
+	"os"
+
+	"github.com/dineshr93/sq/model"
+	"github.com/spf13/cobra"
+	"github.com/spf13/viper"
+)
+
+// digCmd represents the dig command
+var digCmd = &cobra.Command{
+	Use:   "dig",
+	Short: "dig the relationship and show actual packages and files",
+	Long: `dig the relationship and show actual packages and files
+	
+For Ex: 
+To list all relationship: ./sq rels dig`,
+	Run: func(cmd *cobra.Command, args []string) {
+		// fmt.Println("digging")
+		dataFile := string(viper.ConfigFileUsed())
+		s := &model.SPDX{}
+		if err := s.Load(dataFile); err != nil {
+			fmt.Fprintln(os.Stderr, err.Error())
+			os.Exit(1)
+		}
+
+		rels := s.Relationships
+		lenRels := len(rels)
+
+		if len(args) > 0 {
+			// fmt.Sprintln(len(args))
+			// i, err := strconv.Atoi(args[0])
+			// if err != nil {
+			// 	panic(err)
+			// }
+			// s.PrintDigRels(i)
+			s.PrintDigRels()
+		} else {
+			// fmt.Sprintln(lenRels)
+			if lenRels > 0 {
+				s.PrintDigRels()
+			}
+		}
+	},
+}
+
+func init() {
+	relsCmd.AddCommand(digCmd)
+
+	// Here you will define your flags and configuration settings.
+
+	// Cobra supports Persistent Flags which will work for this command
+	// and all subcommands, e.g.:
+	// digCmd.PersistentFlags().String("foo", "", "A help for foo")
+
+	// Cobra supports local flags which will only run when this command
+	// is called directly, e.g.:
+	// digCmd.Flags().BoolP("toggle", "t", false, "Help message for toggle")
+}
diff --git a/cmd/root.go b/cmd/root.go
@@ -47,7 +47,7 @@ func init() {
 	// Cobra supports persistent flags, which, if defined here,
 	// will be global for your application.
 
-	rootCmd.PersistentFlags().StringVar(&cfgFile, "config", "", "config file (default is $HOME/.sq.yaml)")
+	rootCmd.PersistentFlags().StringVar(&cfgFile, "config", "", "YOUR SBOM JSON FILE (default is $CURRENT_DIR/sbom.spdx.json)")
 
 	// Cobra also supports local flags, which will only run
 	// when this action is called directly.
diff --git a/dig.png b/dig.png
diff --git a/model/spdx.go b/model/spdx.go
@@ -382,3 +382,119 @@ func (s *SPDX) PrintRels(np int) {
 	table.Println()
 
 }
+
+func removeDuplicateStr(strSlice []string) []string {
+	allKeys := make(map[string]bool)
+	list := []string{}
+	for _, item := range strSlice {
+		if _, value := allKeys[item]; !value {
+			allKeys[item] = true
+			list = append(list, item)
+		}
+	}
+	return list
+}
+
+//	func (s *SPDX) getrelspdxelem(spdxID string) (string, Relationships) {
+//		rels := s.Relationships
+//		for _, rel := range rels {
+//			if rel.SpdxElementID == spdxID {
+//				return rel.RelatedSpdxElement, rel
+//			}
+//		}
+//		return "", Relationships{}
+//	}
+func (s *SPDX) getdependson(d int, rel1 Relationships) {
+	pkgs := s.Packages
+	var nextSPDXidDetail string
+	var SPDXidDetail string
+	// fmt.Println("===================DEPENDS_ON======================")
+	for _, pkg := range pkgs {
+		if pkg.Spdxid == rel1.SpdxElementID {
+			SPDXidDetail = fmt.Sprintf("%v %v version: %v", blue(pkg.Name), yellow("|"), blue(pkg.VersionInfo))
+		}
+		if pkg.Spdxid == rel1.RelatedSpdxElement {
+			nextSPDXidDetail = fmt.Sprintf("%v %v version: %v", blue(pkg.Name), yellow("|"), blue(pkg.VersionInfo))
+		}
+
+	}
+
+	fmt.Println(fmt.Sprintf("%v =====> %v Pkg %v =====> %v", SPDXidDetail, green("DEPENDS_ON"), blue(fmt.Sprintf("%d", d)), nextSPDXidDetail))
+}
+func (s *SPDX) getspdxpkg(d int, spdxID string, rel1 Relationships) {
+	pkgs := s.Packages
+	var filespdxids []string
+	var SPDXidDetail string
+	// var nextSPDXid string
+	// var rel Relationships
+	for _, pkg := range pkgs {
+		if pkg.Spdxid == spdxID {
+			SPDXidDetail = fmt.Sprintf("%v | version: %v", yellow(pkg.Name), yellow(pkg.VersionInfo))
+			if len(pkg.HasFiles) > 0 {
+
+				filespdxids = pkg.HasFiles
+				for i, filespdx := range filespdxids {
+					s.getspdxfile(i, filespdx, SPDXidDetail)
+				}
+			}
+			// d++
+			// nextSPDXid, rel = s.getrelspdxelem(spdxID)
+			// if nextSPDXid != "" {
+			// 	s.getspdxpkg(d, nextSPDXid, rel)
+			// }
+		}
+	}
+}
+func (s *SPDX) getspdxfile(i int, spdxID string, SPDXidDetail string) {
+	files := s.Files
+	for _, file := range files {
+		if file.Spdxid == spdxID {
+			i++
+			fmt.Println(green(fmt.Sprintf("%v %v %v File %v %v %v", SPDXidDetail, yellow("---->"), red("CONTAINS"), blue(fmt.Sprintf("%d", i)), yellow("---->"), red(file.FileName))))
+		}
+
+	}
+	// n = 0
+	// return ""
+}
+
+func (s *SPDX) PrintDigRels() {
+	rels := s.Relationships
+	var rel Relationships
+	var n int
+	_ = n
+	lenrels := len(rels)
+	var spdxids []string = make([]string, lenrels)
+	// var licenseinfo string
+	//
+	for id := 0; id < lenrels; id++ {
+		rel = rels[id]
+		spdxids = append(spdxids, rel.SpdxElementID)
+	}
+	unique_spdxIDs := removeDuplicateStr(spdxids)
+	len_unique_spdxIDs := len(unique_spdxIDs)
+	fmt.Println("No. of unique spdxID :", len_unique_spdxIDs)
+	// _ = len_unique_spdxIDs
+	var d int
+
+	fmt.Println(red("===================DESCRIBES======================"))
+	for _, rel1 := range rels {
+		switch rt := rel1.RelationshipType; rt {
+		case "DESCRIBES":
+			d++
+			s.getspdxpkg(d, rel1.RelatedSpdxElement, rel1)
+		}
+
+	}
+	d = 0
+	fmt.Println(red("===================DEPENDS_ON======================"))
+	for _, rel1 := range rels {
+		switch rt := rel1.RelationshipType; rt {
+		case "DEPENDS_ON":
+			d++
+			s.getdependson(d, rel1)
+			s.getspdxpkg(d, rel1.RelatedSpdxElement, rel1)
+		}
+	}
+
+}
