Merge pull request #1001 from lcarva/EC-615

Remove requirement for in-image SBOM
enterprise-contract · May 15, 2024 · b559d39 · b559d39
2 parents 7058844 + 8f22774
commit b559d39
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 22 deletions.
diff --git a/Makefile b/Makefile
@@ -160,7 +160,7 @@ annotations-opa:
 
 SHORT_SHA=$(shell git rev-parse --short HEAD)
 
-generate-docs:
+generate-docs:  ## Generate static docs
 	@cd docs && go run github.com/enterprise-contract/ec-policies/docs -adoc ../antora/docs/modules/ROOT -rego .. -rego "$$(go list -modfile ../go.mod -f '{{.Dir}}' github.com/enterprise-contract/ec-cli)/docs/policy/release"
 
 ##@ CI

diff --git a/policy/release/redhat_manifests.rego b/policy/release/redhat_manifests.rego
@@ -21,12 +21,10 @@ import data.lib
 #   - redhat
 #
 deny contains result if {
-	wanted := {_sbom_purl_path, _sbom_cyclonedx_path}
+	wanted := {_sbom_purl_path}
 	found := {name | some name, content in input.image.files}
 	some missing in (wanted - found)
 	result := lib.result_helper_with_term(rego.metadata.chain(), [missing], missing)
 }
 
 _sbom_purl_path := "root/buildinfo/content_manifests/sbom-purl.json"
-
-_sbom_cyclonedx_path := "root/buildinfo/content_manifests/sbom-cyclonedx.json"
diff --git a/policy/release/redhat_manifests_test.rego b/policy/release/redhat_manifests_test.rego
@@ -6,31 +6,16 @@ import data.lib
 import data.policy.release.redhat_manifests
 
 test_success if {
-	lib.assert_empty(redhat_manifests.deny) with input.image.files as {
-		redhat_manifests._sbom_purl_path: {},
-		redhat_manifests._sbom_cyclonedx_path: {},
-	}
+	lib.assert_empty(redhat_manifests.deny) with input.image.files as {redhat_manifests._sbom_purl_path: {}}
 }
 
 test_missing_manifests if {
-	cyclonedx_violation := {
-		"code": "redhat_manifests.redhat_manifests_missing",
-		"msg": sprintf("Missing Red Hat manifest \"%s\"", [redhat_manifests._sbom_cyclonedx_path]),
-		"term": redhat_manifests._sbom_cyclonedx_path,
-	}
 	purl_violation := {
 		"code": "redhat_manifests.redhat_manifests_missing",
 		"msg": sprintf("Missing Red Hat manifest \"%s\"", [redhat_manifests._sbom_purl_path]),
 		"term": redhat_manifests._sbom_purl_path,
 	}
 
-	lib.assert_equal_results({cyclonedx_violation, purl_violation}, redhat_manifests.deny) with input.image as {}
-	lib.assert_equal_results({purl_violation}, redhat_manifests.deny) with input.image.files as {
-		redhat_manifests._sbom_cyclonedx_path: {},
-		"something/else": {},
-	}
-	lib.assert_equal_results({cyclonedx_violation}, redhat_manifests.deny) with input.image.files as {
-		redhat_manifests._sbom_purl_path: {},
-		"something/else": {},
-	}
+	lib.assert_equal_results({purl_violation}, redhat_manifests.deny) with input.image as {}
+	lib.assert_equal_results({purl_violation}, redhat_manifests.deny) with input.image.files as {"something/else": {}}
 }