kusaridev · mlieberman85 · Apr 14, 2024 · Apr 13, 2024
diff --git a/skootrs-bin/src/helpers.rs b/skootrs-bin/src/helpers.rs
@@ -4,7 +4,7 @@ use serde::Serialize;
 use skootrs_lib::service::{project::ProjectService, source::LocalSourceService};
 use skootrs_model::skootrs::{
     facet::InitializedFacet, Config, EcosystemInitializeParams, FacetGetParams, FacetMapKey,
-    GithubRepoParams, GithubUser, GoParams, InitializedProject, MavenParams, ProjectArchiveParams,
+    GithubRepoParams, GithubUser, GoParams, InitializedProject, ProjectArchiveParams,
     ProjectCreateParams, ProjectGetParams, ProjectOutput, ProjectOutputGetParams,
     ProjectOutputReference, ProjectOutputType, ProjectOutputsListParams, ProjectReleaseParam,
     ProjectUpdateParams, RepoCreateParams, SkootError, SourceInitializeParams, SupportedEcosystems,
@@ -118,11 +118,12 @@ impl Project {
                 name: name.clone(),
                 host: format!("github.com/{organization}"),
             }),
+            // TODO: Re-add Maven support.
             // TODO: Unclear if this is the right way to handle Maven group and artifact.
-            SupportedEcosystems::Maven => EcosystemInitializeParams::Maven(MavenParams {
+            /*SupportedEcosystems::Maven => EcosystemInitializeParams::Maven(MavenParams {
                 group_id: format!("com.{organization}.{name}"),
                 artifact_id: name.clone(),
-            }),
+            }),*/
         };
 
         let repo_params = RepoCreateParams::Github(GithubRepoParams {

diff --git a/skootrs-lib/src/service/facet.rs b/skootrs-lib/src/service/facet.rs
@@ -46,9 +46,9 @@ use skootrs_model::{
         facet::{
             APIBundleFacet, APIBundleFacetParams, APIContent, CommonFacetCreateParams,
             FacetCreateParams, FacetSetCreateParams, InitializedFacet, SourceBundleFacet,
-            SourceBundleFacetCreateParams, SourceFile, SourceFileContent, SourceFileFacet,
-            SourceFileFacetParams, SupportedFacetType,
+            SourceBundleFacetCreateParams, SourceFile, SourceFileContent, SupportedFacetType,
         },
+        label::Label,
         InitializedEcosystem, InitializedGithubRepo, InitializedRepo, SkootError,
     },
 };
@@ -73,19 +73,6 @@ pub trait RootFacetService {
     ) -> impl std::future::Future<Output = Result<Vec<InitializedFacet>, SkootError>> + Send;
 }
 
-/// (DEPRECATED) The `SourceFileFacetService` trait provides an interface for initializing and managing a project's source
-/// file facets. This includes things like initializing and managing READMEs, licenses, and security policy
-/// files.
-///
-pub trait SourceFileFacetService {
-    /// Initializes a source file facet.
-    ///
-    /// # Errors
-    ///
-    /// Returns an error if the source file facet can't be initialized.
-    fn initialize(&self, params: SourceFileFacetParams) -> Result<SourceFileFacet, SkootError>;
-}
-
 /// The `SourceBundleFacetService` trait provides an interface for initializing and managing a project's source
 /// bundle facets. This includes things like initializing and managing set of files.
 ///
@@ -191,6 +178,7 @@ impl SourceBundleFacetService for LocalFacetService {
             source_files: Some(source_files),
             facet_type: params.facet_type,
             source_files_content: None,
+            labels: params.labels,
         };
 
         Ok(source_bundle_facet)
@@ -233,11 +221,6 @@ pub struct SourceBundleContent {
 impl RootFacetService for LocalFacetService {
     async fn initialize(&self, params: FacetCreateParams) -> Result<InitializedFacet, SkootError> {
         match params {
-            FacetCreateParams::SourceFile(_params) => {
-                todo!("This has been removed in favor of SourceBundle")
-                /*let source_file_facet = SourceFileFacetService::initialize(self, params)?;
-                Ok(InitializedFacet::SourceFile(source_file_facet))*/
-            }
             FacetCreateParams::SourceBundle(params) => {
                 let source_bundle_facet = SourceBundleFacetService::initialize(self, params)?;
                 Ok(InitializedFacet::SourceBundle(source_bundle_facet))
@@ -336,6 +319,7 @@ impl GithubAPIBundleHandler {
         Ok(APIBundleFacet {
             facet_type: SupportedFacetType::BranchProtection,
             apis,
+            labels: vec![],
         })
     }
 
@@ -370,6 +354,7 @@ impl GithubAPIBundleHandler {
         Ok(APIBundleFacet {
             facet_type: SupportedFacetType::VulnerabilityReporting,
             apis,
+            labels: vec![],
         })
     }
 }
@@ -894,40 +879,76 @@ impl FacetSetParamsGenerator {
             Scorecard, SecurityInsights, SecurityPolicy, SAST,
         };
         let supported_facets = [
-            Readme,
-            License,
-            Gitignore,
-            SecurityPolicy,
-            SecurityInsights,
-            SLSABuild,
+            FacetTypeLabels {
+                supported_facet_type: Readme,
+                labels: vec![],
+            },
+            FacetTypeLabels {
+                supported_facet_type: License,
+                labels: vec![],
+            },
+            FacetTypeLabels {
+                supported_facet_type: Gitignore,
+                labels: vec![],
+            },
+            FacetTypeLabels {
+                supported_facet_type: SecurityPolicy,
+                labels: vec![],
+            },
+            FacetTypeLabels {
+                supported_facet_type: SecurityInsights,
+                labels: vec![],
+            },
+            FacetTypeLabels {
+                supported_facet_type: SLSABuild,
+                labels: vec![Label::SLSABuildLevel3, Label::S2C2FAUD1],
+            },
             // SBOMGenerator, // Handled by the SLSABuild facet
             // StaticCodeAnalysis,
-            DependencyUpdateTool,
+            FacetTypeLabels {
+                supported_facet_type: DependencyUpdateTool,
+                labels: vec![Label::S2C2FUPD2],
+            },
             // TODO: Fuzzing right now requires a bunch of resources that are unavailable to most projects without
             // some sort of manual intervention. This is disabled until some option becomes available.
             // Fuzzing,
-            Scorecard,
+            FacetTypeLabels {
+                supported_facet_type: Scorecard,
+                labels: vec![],
+            },
             // PublishPackages,
             // PinnedDependencies,
-            SAST,
+            FacetTypeLabels {
+                supported_facet_type: SAST,
+                labels: vec![Label::S2C2FSCA1],
+            },
             // VulnerabilityScanner,
             // GUACForwardingConfig,
             // These are at the end to allow Skootrs to push initial commits without needing
             // code review or branches.
             // CodeReview, // TODO: Implement this
             //BranchProtection, //TODO: Implement this
-            DefaultSourceCode,
+            FacetTypeLabels {
+                supported_facet_type: DefaultSourceCode,
+                labels: vec![],
+            },
         ];
         let facets_params = supported_facets
             .iter()
-            .map(|facet_type| {
+            .map(|facet_type_labels| {
                 FacetCreateParams::SourceBundle(SourceBundleFacetCreateParams {
                     common: common_params.clone(),
-                    facet_type: facet_type.clone(),
+                    facet_type: facet_type_labels.supported_facet_type.clone(),
+                    labels: facet_type_labels.labels.clone(),
                 })
             })
             .collect::<Vec<FacetCreateParams>>();
 
         Ok(FacetSetCreateParams { facets_params })
     }
 }
+
+struct FacetTypeLabels {
+    supported_facet_type: SupportedFacetType,
+    labels: Vec<Label>,
+}
diff --git a/skootrs-lib/src/service/output.rs b/skootrs-lib/src/service/output.rs
@@ -17,7 +17,7 @@
 
 use octocrab::models::repos::{Asset, Release};
 use skootrs_model::skootrs::{
-    ProjectOutput, ProjectOutputGetParams, ProjectOutputReference, ProjectOutputType,
+    label::Label, ProjectOutput, ProjectOutputGetParams, ProjectOutputReference, ProjectOutputType,
     ProjectOutputsListParams, SkootError,
 };
 pub trait OutputService {
@@ -83,6 +83,7 @@ impl GithubReleaseHandler {
             .map(|asset| ProjectOutputReference {
                 name: asset.name.clone(),
                 output_type: Self::get_type(asset),
+                labels: Self::get_labels(asset),
             })
             .collect();
 
@@ -116,7 +117,16 @@ impl GithubReleaseHandler {
             _ if asset.name.contains(".cdx.") => ProjectOutputType::SBOM,
             _ if asset.name.contains(".intoto.") => ProjectOutputType::InToto,
             // TODO: Add more types
-            _ => ProjectOutputType::Custom("Unknown".to_string()),
+            _ => ProjectOutputType::Unknown("Unknown".to_string()),
+        }
+    }
+
+    fn get_labels(asset: &Asset) -> Vec<Label> {
+        match asset.url {
+            _ if asset.name.contains(".spdx.") => vec![Label::S2C2FAUD4],
+            _ if asset.name.contains(".cdx.") => vec![Label::S2C2FAUD4],
+            _ if asset.name.contains(".intoto.") => vec![Label::SLSABuildLevel3],
+            _ => vec![],
         }
     }
 
@@ -139,6 +149,7 @@ impl GithubReleaseHandler {
             reference: ProjectOutputReference {
                 name: asset.name.clone(),
                 output_type: Self::get_type(asset),
+                labels: Self::get_labels(asset),
             },
             output: serde_json::to_string_pretty(&content)?,
         })

diff --git a/skootrs-lib/src/service/project.rs b/skootrs-lib/src/service/project.rs
@@ -251,14 +251,14 @@ where
                             facet_type: s.facet_type.clone(),
                             source_files: None,
                             source_files_content: Some(source_files_content_map),
+                            labels: s.labels.clone(),
                         },
                     ))
                 } else {
                     Err(SkootError::from("No source files found"))
                 }
             }
             InitializedFacet::APIBundle(a) => Ok(InitializedFacet::APIBundle(a.clone())),
-            InitializedFacet::SourceFile(_) => Err(SkootError::from("Facet type not supported")),
         }
     }
 
@@ -346,6 +346,7 @@ mod tests {
             APIBundleFacet, APIContent, FacetCreateParams, FacetSetCreateParams, SourceBundleFacet,
             SupportedFacetType,
         },
+        label::Label,
         EcosystemInitializeParams, GithubRepoParams, GithubUser, GoParams, InitializedEcosystem,
         InitializedGithubRepo, InitializedGo, InitializedMaven, InitializedRepo, ProjectOutputType,
         RepoCreateParams, SourceInitializeParams,
@@ -557,7 +558,6 @@ mod tests {
             params: FacetCreateParams,
         ) -> Result<InitializedFacet, SkootError> {
             match params {
-                FacetCreateParams::SourceFile(_) => Err("Error".into()),
                 FacetCreateParams::SourceBundle(s) => {
                     if s.common.project_name == "error" {
                         return Err("Error".into());
@@ -570,6 +570,7 @@ mod tests {
                         }]),
                         facet_type: SupportedFacetType::Readme,
                         source_files_content: None,
+                        labels: vec![Label::Custom("test".to_string())],
                     };
 
                     Ok(InitializedFacet::SourceBundle(source_bundle_facet))
@@ -585,6 +586,7 @@ mod tests {
                             response: "worked".to_string(),
                         }],
                         facet_type: SupportedFacetType::BranchProtection,
+                        labels: vec![Label::Custom("test".to_string())],
                     };
 
                     Ok(InitializedFacet::APIBundle(api_bundle_facet))
@@ -614,6 +616,7 @@ mod tests {
             Ok(vec![ProjectOutputReference {
                 name: "test".into(),
                 output_type: ProjectOutputType::SBOM,
+                labels: vec![Label::Custom("test".to_string())],
             }])
         }
 
@@ -625,6 +628,7 @@ mod tests {
                 reference: ProjectOutputReference {
                     name: "test".into(),
                     output_type: ProjectOutputType::SBOM,
+                    labels: vec![Label::Custom("test".to_string())],
                 },
                 output: "test".into(),
             })