Merge pull request #85 from LaurentGoderre/jq-template-functions

Added shared module for jq template with SBOM generator

Author: LaurentGoderre

scripts/template-helper-functions.jq

@@ -0,0 +1,36 @@
+#input package 
+# {
+#     name: "packageName",
+#     version: "packageVersion",
+#     params: {
+#         "foo": "bar"
+#     }
+#     licenses: ["packageLicense" ... ]
+# }
+#output: object
+def sbom:
+    {
+		spdxVersion: "SPDX-2.3",
+		SPDXID: "SPDXRef-DOCUMENT",
+		name: (.name + "-sbom"),
+		packages: [
+			{
+				name: .name,
+				versionInfo: .version,
+				SPDXID: ("SPDXRef-Package--" + .name),
+				externalRefs: [
+					{
+						referenceCategory: "PACKAGE-MANAGER",
+						referenceType: "purl",
+						referenceLocator: ("pkg:generic/" + .name + "@" + .version + "?" + (.params | [to_entries[] | .key + "=" + .value] | join("\u0026")))
+					}
+				],
+				licenseDeclared: (if .licenses | length > 0 then
+					(.licenses | join(" AND "))
+				else
+					"NOASSERTION"
+				end)
+			}
+		]
+	}
+;