Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

document query improvements #291

Merged
merged 15 commits into from
May 19, 2023
Merged

document query improvements #291

merged 15 commits into from
May 19, 2023

Conversation

puerco
Copy link
Member

@puerco puerco commented May 19, 2023

What type of PR is this?

/kind feature

What this PR does / why we need it:

This PR greatly improves the document query subcommand of bom to make it more versatile and useful. These are the new features:

  • New flag --purl to output purls instead of names
  • The name matching filter now supports full regexes and not just substring matching
  • New pluggable printer interface to output in more formats
  • bom document query now can output in JSON and CSV in addition to the usual line printer using --format
  • New --fields flag controls which fields of the sbom will be printed on the query output
  • Piped data on STDIN is now autodetected, you can now pipe an SBOM to bom document query and skip the filename

Here is an example showcasing the new features:

image

Which issue(s) this PR fixes:

NONE

Special notes for your reviewer:

/cc @cpanato

Does this PR introduce a user-facing change?

* Improved the query help output, most importantly there is now help for the purl matcher 
* New flag `--purl` to output purls instead of names
* The name matching filter now supports full regexes and not just substring matching
* New pluggable printer interface to output in more formats
* bom document query now can output in JSON and CSV in addition to the usual line printer using  `--format`
* New `--fields` flag controls which fields of the sbom will be printed on the query output
* Piped data on STDIN is now autodetected, you can now pipe an SBOM to `bom document query` and skip the filename

puerco added 12 commits May 19, 2023 12:47
@puerco
Query: Support purl as in outline subcmd
552f456 
This commit adds a --purl flag to document query to match the same one found in the outline subcommand

Signed-off-by: Adolfo García Veytia (Puerco) <puerco@chainguard.dev>
@puerco
Query: Remove SPDX from output
21a5013 
As the output from the query subcommand is mostly data, we remove the SPDX banner
to make the output pipeable to other tools.

Signed-off-by: Adolfo García Veytia (Puerco) <puerco@chainguard.dev>
@puerco
Remove dead code from cmd/document.go
73bfdda 
Signed-off-by: Adolfo García Veytia (Puerco) <puerco@chainguard.dev>
@puerco
Query: Support full regex in name filter
54c5103 
This commmit modifies the name filter to support full
regular expressions insteand of just plain string matching.

Signed-off-by: Adolfo García Veytia (Puerco) <puerco@chainguard.dev>
@puerco
Query: Improve command help, add missing purl entry
760b573 
Signed-off-by: Adolfo García Veytia (Puerco) <puerco@chainguard.dev>
@puerco
Query: Implement Printer interface
6104187 
Signed-off-by: Adolfo García Veytia (Puerco) <puerco@chainguard.dev>
@puerco
Query: Add CSV printer
c792e4b 
This commit adds a new CSV printer to output query results to comma separated values

Signed-off-by: Adolfo García Veytia (Puerco) <puerco@chainguard.dev>
@puerco
Query: Add JSON printer
2d4e79a 
This commit adds a json printer to output data in structure format

Signed-off-by: Adolfo García Veytia (Puerco) <puerco@chainguard.dev>
@puerco
Query: Add error return to printer interface
61f9636 
Signed-off-by: Adolfo García Veytia (Puerco) <puerco@chainguard.dev>
@puerco
Query: Add --format flag
ec8538d 
This commit adds a new --format flag to select the retults printer to use

Signed-off-by: Adolfo García Veytia (Puerco) <puerco@chainguard.dev>
@puerco
Query: Split printers to own file
8fa9ddf 
Signed-off-by: Adolfo García Veytia (Puerco) <puerco@chainguard.dev>
@puerco
Improve document subcmd file naming
6820ce8 
Signed-off-by: Adolfo García Veytia (Puerco) <puerco@chainguard.dev>
@k8s-ci-robot k8s-ci-robot requested a review from cpanato May 19, 2023 21:33
@k8s-ci-robot k8s-ci-robot added kind/feature Categorizes issue or PR as related to a new feature. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. approved Indicates a PR has been approved by an approver from all required OWNERS files. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. labels May 19, 2023
@puerco puerco changed the title Query improvements document query improvements May 19, 2023
@puerco
Copy link
Member Author

puerco commented May 19, 2023

/test pull-bom-verify

@puerco
Query: Add --fields flag
7c43808 
This commit adds a new --fields flag to document query. This flag takes a
list of fields to print out from elements matched by the query

Signed-off-by: Adolfo García Veytia (Puerco) <puerco@chainguard.dev>
@puerco
Query: Detect input on STDIN
e0828ca 
This commmit modifies document query to detect data just as document
outline, so now you can pipe an SBOM and just specify the query:

  cat sbom.spdx.json | bom document query name:log4j

Signed-off-by: Adolfo García Veytia (Puerco) <puerco@chainguard.dev>
@puerco
Outline: Don't print SPDXID on files
e21a0d0 
Signed-off-by: Adolfo García Veytia (Puerco) <puerco@chainguard.dev>
@puerco
Copy link
Member Author

puerco commented May 19, 2023

After this one we should cut another release.

cpanato
cpanato approved these changes May 19, 2023
View reviewed changes
Copy link
Member

@cpanato cpanato left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: cpanato, puerco

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label May 19, 2023
@k8s-ci-robot k8s-ci-robot merged commit 1ebaa9c into kubernetes-sigs:main May 19, 2023
6 of 7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cpanato cpanato cpanato approved these changes

Assignees

@cpanato cpanato

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/feature Categorizes issue or PR as related to a new feature. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@puerco @k8s-ci-robot @cpanato