Skip to content

Commit 9b2d47a

Browse files
jshartleyj-hartley
jshartley
authored and
j-hartley
committed
Allow running sbom scraper from other directories
Problem: The sbom scraper script only works if run in current working directory Solution: cd to SCRIPTDIR to run git commands and refer to all files by full path Signed-off-by: John Hartley
1 parent 4d54c39 commit 9b2d47a

File tree

2 files changed

+7
-5
lines changed

2 files changed

+7
-5
lines changed

scripts/.gitignore

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,2 @@
11
cyclonedx.xsd
22
spdx.xsd
3-
credentials

scripts/sbom_scraper.sh

Lines changed: 7 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@
1818
# Use the CLIENT_ID as the first fixed argument to this script.
1919
#
2020

21+
SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
2122
SCRIPTNAME=$(basename "$0")
2223

2324
for TOOL in syft jq xq xmllint python3 openssl curl shasum
@@ -42,6 +43,7 @@ log() {
4243
# ----------------------------------------------------------------------------
4344

4445
# Prepare defaults
46+
pushd "$SCRIPTDIR" > /dev/null
4547
if type git > /dev/null 2>&1 && git rev-parse --git-dir > /dev/null 2>&1
4648
then
4749
# we are in a git repo so set defaults using git
@@ -57,6 +59,7 @@ else
5759
TOOL_NAME="$SCRIPTNAME"
5860
TOOL_VERSION="unknown"
5961
fi
62+
popd > /dev/null
6063

6164
FORMAT=cyclonedx
6265
COMPONENT_AUTHOR_NAME="$AUTHOR_NAME"
@@ -67,7 +70,7 @@ TOOL_HASH_ALG=SHA-256
6770
# shellcheck disable=SC2002
6871
TOOL_HASH_CONTENT=$(shasum -a 256 "$0" | cut -d' ' -f1)
6972
# credentials directory should have 0700 permissions
70-
CLIENTSECRET_FILE=credentials/client_secret
73+
CLIENTSECRET_FILE=$SCRIPTDIR/../credentials/client_secret
7174
SBOM=false
7275
PRIVACY=PUBLIC
7376

@@ -323,13 +326,13 @@ END
323326
# ----------------------------------------------------------------------------
324327
# Check that the patched SBOM is valid against the cyclonedx schema
325328
# ----------------------------------------------------------------------------
326-
[ -f spdx.xsd ] || curl -fsS -o spdx.xsd https://cyclonedx.org/schema/spdx
327-
[ -f cyclonedx.xsd ] || curl -fsS -o cyclonedx.xsd https://cyclonedx.org/schema/bom/1.2
329+
[ -f "$SCRIPTDIR"/spdx.xsd ] || curl -fsS -o "$SCRIPTDIR"/spdx.xsd https://cyclonedx.org/schema/spdx
330+
[ -f "$SCRIPTDIR"/cyclonedx.xsd ] || curl -fsS -o "$SCRIPTDIR"/cyclonedx.xsd https://cyclonedx.org/schema/bom/1.2
328331

329332
# xmllint complains about a double import of the spdx schema, but we have to import via
330333
# the wrapper to set the schema location to a local file, as xmllint fails to download
331334
# them from the internet as they are https
332-
xmllint "$PATCHED_OUTPUT" --schema cyclonedx-wrapper.xsd --noout 2>&1 | grep -Fv "Skipping import of schema located at 'http://cyclonedx.org/schema/spdx' for the namespace 'http://cyclonedx.org/schema/spdx'"
335+
xmllint "$PATCHED_OUTPUT" --schema "$SCRIPTDIR"/cyclonedx-wrapper.xsd --noout 2>&1 | grep -Fv "Skipping import of schema located at 'http://cyclonedx.org/schema/spdx' for the namespace 'http://cyclonedx.org/schema/spdx'"
333336
[ "${PIPESTATUS[0]}" -ne 0 ] && exit "${PIPESTATUS[0]}"
334337

335338
# ----------------------------------------------------------------------------

0 commit comments

Comments
 (0)