feat: introduce a new data model and software components based on PURL

Signed-off-by: behnazh-w <[email protected]>

Author: behnazh-w

docs/source/_static/examples/oracle-quickstart/oci-micronaut/policies/oci-micronaut.dl

@@ -46,4 +46,4 @@ verify_provenance(repo_num, repo_name) :-
     check_passed(repo_num, "mcn_provenance_expectation_1").
 
 // Apply the policy.
-apply_policy_to("oci_micronaut_dependencies", repo) :- is_repo(repo, "oracle-quickstart/oci-micronaut").
+apply_policy_to("oci_micronaut_dependencies", repo) :- is_repo(repo_id, "oracle-quickstart/oci-micronaut").

pyproject.toml

@@ -29,6 +29,7 @@ dependencies = [
     "jinja2 >=3.1.2,<4.0.0",
     "SQLAlchemy >=2.0.0,<3.0.0",
     "defusedxml >=0.7.1,<1.0.0",
+    "packageurl-python >= 0.11.1,<1.0.0",
 ]
 keywords = []
 # https://pypi.org/classifiers/
@@ -208,6 +209,7 @@ disable = [
     "too-many-public-methods",
     "too-many-return-statements",
     "too-many-statements",
+    "too-many-function-args",
     "duplicate-code",
 ]
 

scripts/dev_scripts/integration_tests.sh

@@ -453,7 +453,7 @@ $RUN_MACARON analyze -pe $EXPECTATION_FILE -rp https://github.com/slsa-framework
 python $COMPARE_JSON_OUT $JSON_RESULT $JSON_EXPECTED || log_fail
 
 echo -e "\n----------------------------------------------------------------------------------"
-echo "slsa-framework/slsa-verifier: Analyzing the repo path when automatic dependency resolution is skipped"
+echo "urllib3/urllib3: Analyzing the repo path when automatic dependency resolution is skipped"
 echo "and CUE file is provided as expectation."
 echo -e "----------------------------------------------------------------------------------\n"
 JSON_EXPECTED=$WORKSPACE/tests/e2e/expected_results/urllib3/urllib3_cue_invalid.json

src/macaron/database/database_manager.py

@@ -3,12 +3,10 @@
 
 """This DatabaseManager module handles the sqlite database connection."""
 import logging
-from types import TracebackType
-from typing import Any, Optional
 
 import sqlalchemy.exc
-from sqlalchemy import Table, create_engine, insert, select
-from sqlalchemy.orm import DeclarativeBase, Session
+from sqlalchemy import create_engine, select
+from sqlalchemy.orm import DeclarativeBase
 
 from macaron.database.views import create_view
 
@@ -20,13 +18,7 @@ class ORMBase(DeclarativeBase):
 
 
 class DatabaseManager:
-    """
-    This class handles and manages the connection to sqlite database during the session.
-
-    Note that since SQLAlchemy lazy-loads the fields of mapped ORM objects, if the database connection is closed any
-    orm-mapped objects will become invalid. As such the lifetime of the database manager must be longer than any of the
-    objects added to the database (using add() or add_and_commit()).
-    """
+    """This class handles and manages the connection to sqlite database during the session."""
 
     def __init__(self, db_path: str, base: type[DeclarativeBase] = ORMBase):
         """Initialize instance.
@@ -36,88 +28,10 @@ def __init__(self, db_path: str, base: type[DeclarativeBase] = ORMBase):
         db_path : str
             The path to the target database.
         """
-        self.engine = create_engine(f"sqlite+pysqlite:///{db_path}", echo=False, future=True)
+        self.engine = create_engine(f"sqlite+pysqlite:///{db_path}", echo=False)
         self.db_name = db_path
-        self.session = Session(self.engine)
         self._base = base
 
-    def terminate(self) -> None:
-        """Terminate the connection to the database, discarding any transaction in progress."""
-        self.session.close()
-
-    def __enter__(self) -> "DatabaseManager":
-        return self
-
-    def __exit__(
-        self, exc_type: Optional[type[BaseException]], exc_val: Optional[BaseException], exc_tb: Optional[TracebackType]
-    ) -> None:
-        self.terminate()
-
-    def add_and_commit(self, item) -> None:  # type: ignore
-        """Add an ORM object to the session and commit it.
-
-        Following commit any auto-updated primary key values in the object will be populated and readable.
-        The object can still be modified and read after being committed.
-
-        Parameters
-        ----------
-        item: the orm-mapped object to add to the database.
-        """
-        try:
-            self.session.add(item)
-            self.session.commit()
-        except sqlalchemy.exc.SQLAlchemyError as error:
-            logger.error("Database error %s", error)
-            self.session.rollback()
-
-    def add(self, item) -> None:  # type: ignore
-        """Add an item to the database and flush it.
-
-        Once added the row remains accessible and modifiable, and the primary key field is populated to reflect its
-        record in the database.
-
-        If terminate is called before commit the object will be lost.
-
-        Parameters
-        ----------
-        item:
-            the orm-mapped object to add to the database.
-        """
-        try:
-            self.session.add(item)
-            self.session.flush()
-        except sqlalchemy.exc.SQLAlchemyError as error:
-            logger.error("Database error %s", error)
-            self.session.rollback()
-
-    def insert(self, table: Table, values: dict) -> None:
-        """Populate the table with provided values and add it to the database using the core api.
-
-        Parameters
-        ----------
-        table: Table
-            The Table to insert to
-        values: dict
-            The mapping from column names to values to insert into the Table
-        """
-        try:
-            self.execute(insert(table).values(**values))
-        except sqlalchemy.exc.SQLAlchemyError as error:
-            logger.error("Database error %s", error)
-
-    def execute(self, query: Any) -> None:
-        """
-        Execute a SQLAlchemy core api query using a short-lived engine connection.
-
-        Parameters
-        ----------
-        query: Any
-            The SQLalchemy query to execute
-        """
-        with self.engine.connect() as conn:
-            conn.execute(query)
-            conn.commit()
-
     def create_tables(self) -> None:
         """
         Automatically create views for all tables known to _base.metadata.