feat(spec1-5): add support for lifecycles

nscuro · nscuro · commit d7e68f35acc4 · 2023-06-17T21:37:06.000+02:00
Signed-off-by: nscuro &lt;nscuro@protonmail.com&gt;
diff --git a/convert.go b/convert.go
@@ -58,6 +58,10 @@ func (b *BOM) convert(specVersion SpecVersion) {
 			b.Metadata.Properties = nil
 		}
 
+		if specVersion < SpecVersion1_5 {
+			b.Metadata.Lifecycles = nil
+		}
+
 		recurseComponent(b.Metadata.Component, componentConverter(specVersion))
 		convertLicenses(b.Metadata.Licenses, specVersion)
 		if b.Metadata.Tools != nil {
diff --git a/cyclonedx.go b/cyclonedx.go
@@ -394,6 +394,24 @@ type Licensing struct {
 	Expiration    string                         `json:"expiration,omitempty" xml:"expiration,omitempty"`
 }
 
+type Lifecycle struct {
+	Name        string         `json:"name,omitempty" xml:"name,omitempty"`
+	Phase       LifecyclePhase `json:"phase,omitempty" xml:"phase,omitempty"`
+	Description string         `json:"description,omitempty" xml:"description,omitempty"`
+}
+
+type LifecyclePhase string
+
+const (
+	LifecyclePhaseBuild        LifecyclePhase = "build"
+	LifecyclePhaseDecommission LifecyclePhase = "decommission"
+	LifecyclePhaseDesign       LifecyclePhase = "design"
+	LifecyclePhaseDiscovery    LifecyclePhase = "discovery"
+	LifecyclePhaseOperations   LifecyclePhase = "operations"
+	LifecyclePhasePostBuild    LifecyclePhase = "post-build"
+	LifecyclePhasePreBuild     LifecyclePhase = "pre-build"
+)
+
 // MediaType defines the official media types for CycloneDX BOMs.
 // See https://cyclonedx.org/specification/overview/#registered-media-types
 type MediaType int
@@ -414,6 +432,7 @@ func (mt MediaType) WithVersion(specVersion SpecVersion) (string, error) {
 
 type Metadata struct {
 	Timestamp   string                   `json:"timestamp,omitempty" xml:"timestamp,omitempty"`
+	Lifecycles  *[]Lifecycle             `json:"lifecycles,omitempty" xml:"lifecycles>lifecycle,omitempty"`
 	Tools       *[]Tool                  `json:"tools,omitempty" xml:"tools>tool,omitempty"`
 	Authors     *[]OrganizationalContact `json:"authors,omitempty" xml:"authors>author,omitempty"`
 	Component   *Component               `json:"component,omitempty" xml:"component,omitempty"`
diff --git a/testdata/snapshots/cyclonedx-go-TestRoundTripJSON-func1-valid-lifecycle.json b/testdata/snapshots/cyclonedx-go-TestRoundTripJSON-func1-valid-lifecycle.json
@@ -0,0 +1,22 @@
+{
+  "bomFormat": "CycloneDX",
+  "specVersion": "1.5",
+  "serialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79",
+  "version": 1,
+  "metadata": {
+    "lifecycles": [
+      {
+        "phase": "build"
+      },
+      {
+        "phase": "post-build"
+      },
+      {
+        "name": "platform-integration-testing",
+        "description": "Integration testing specific to the runtime platform"
+      }
+    ]
+  },
+  "components": []
+}
+
diff --git a/testdata/snapshots/cyclonedx-go-TestRoundTripXML-func1-valid-lifecycle.xml b/testdata/snapshots/cyclonedx-go-TestRoundTripXML-func1-valid-lifecycle.xml
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<bom xmlns="http://cyclonedx.org/schema/bom/1.5" serialNumber="urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79" version="1">
+  <metadata>
+    <lifecycles>
+      <lifecycle>
+        <phase>build</phase>
+      </lifecycle>
+      <lifecycle>
+        <phase>post-build</phase>
+      </lifecycle>
+      <lifecycle>
+        <name>platform-integration-testing</name>
+        <description>Integration testing specific to the runtime platform</description>
+      </lifecycle>
+    </lifecycles>
+  </metadata>
+</bom>
diff --git a/testdata/valid-lifecycle.json b/testdata/valid-lifecycle.json
@@ -0,0 +1,21 @@
+{
+  "bomFormat": "CycloneDX",
+  "specVersion": "1.5",
+  "serialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79",
+  "version": 1,
+  "metadata": {
+    "lifecycles": [
+      {
+        "phase": "build"
+      },
+      {
+        "phase": "post-build"
+      },
+      {
+        "name": "platform-integration-testing",
+        "description": "Integration testing specific to the runtime platform"
+      }
+    ]
+  },
+  "components": []
+}
diff --git a/testdata/valid-lifecycle.xml b/testdata/valid-lifecycle.xml
@@ -0,0 +1,18 @@
+<?xml version="1.0"?>
+<bom serialNumber="urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79" version="1" xmlns="http://cyclonedx.org/schema/bom/1.5">
+    <metadata>
+        <lifecycles>
+            <lifecycle>
+                <phase>build</phase>
+            </lifecycle>
+            <lifecycle>
+                <phase>post-build</phase>
+            </lifecycle>
+            <lifecycle>
+                <name>platform-integration-testing</name>
+                <description>Integration testing specific to the runtime platform</description>
+            </lifecycle>
+        </lifecycles>
+    </metadata>
+    <components />
+</bom>
