func newSBOMDetector()

in command-runner/pkg/features/sbom_detector.go [33:74]

• 40 lines of code
• 10 McCabe index (conditional complexity)

func newSBOMDetector(reportDir string, sbom *SBOM) common.Executor {
	return func(ctx context.Context) error {
		return filepath.WalkDir(reportDir, func(path string, d fs.DirEntry, err error) error {
			if err != nil {
				return err
			}
			if d.IsDir() {
				return nil
			}
			info, err := d.Info()
			if err != nil {
				return err
			}
			if info.Size() > maxSBOMSize {
				log.Ctx(ctx).Debug().Msgf("Skipping potential SBOM '%s'- too large. %d > %d, path", path, info.Size(), maxSBOMSize)
				return nil
			}

			content, err := os.ReadFile(path)
			if err != nil {
				log.Ctx(ctx).Warn().Msgf("Unable to read potential SBOM '%s': %s", path, err.Error())
				return nil
			}

			data := make(map[string]interface{})
			err = json.Unmarshal(content, &data)
			if err != nil {
				log.Ctx(ctx).Debug().Msgf("Unable to unmarshal potential SBOM '%s': %s", path, err.Error())
				return nil
			}
			for key := range data {
				if strings.EqualFold(key, "spdxVersion") || strings.EqualFold(key, "SPDXID") {
					log.Ctx(ctx).Debug().Msgf("Found SBOM '%s' with type %s", path, sbom.Type)
					sbom.Content = content
					sbom.Type = SBOMTypeSPDX
					break
				}
			}
			return nil
		})
	}
}