Skip to content

Add E2E tests for aggregation, fix race condition #1141

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
DaveTryon merged 7 commits into from
Jul 17, 2025
Merged

Add E2E tests for aggregation, fix race condition #1141

DaveTryon merged 7 commits into from
Jul 17, 2025

Conversation

@DaveTryon
Copy link
Contributor

@DaveTryon DaveTryon commented Jul 17, 2025
edited
Loading

The bulk of this change is adding an E2E test to exercise aggregation. It aggregates only 1 source SBOM, with the hope that we can later add a second case with more than 1 source SBOM. While adding this, a race condition was discovered--the call to ISbomConfigProvider.ClearCache was sometimes being called before the Task.Run calls in FileHasher.Run had completed, leading to an Exception being thrown. Shout-out to @sfoslund for providing a fix that was tightly scoped and didn't involve extensive plumbing changes to make FileHasher.Run--and it entire calling stack--fully async.

Some changes were needed to the FileHasher unit tests, since the test now needs to include execution of the code inside the Task.Run block. These changes fell into 2 categories:

  1. Populate the files object before calling the FileHasher.Run (I put this into a helper method since needed this in multiple places).
  2. Use deconstruction because the analyzer was complaining without it.

@DaveTryon DaveTryon requested a review from a team as a code owner July 17, 2025 15:53
@DaveTryon
Copy link
Contributor Author

DaveTryon commented Jul 17, 2025

/azp run

@DaveTryon DaveTryon force-pushed the DaveTryon/add-e2e-aggregation-tests branch from 92aaa6c to f78dafa Compare July 17, 2025 16:53
@github-actions
Copy link

github-actions bot commented Jul 17, 2025

This PR changes files in the API project. Does it change any of the API interfaces in any way? Please note that this includes the following types of changes:

  • Changing the signature of an existing interface method
  • Adding a new method to an existing interface
  • Adding a required data member to a class that an existing interface method consumes

Because any of these changes can potentially break a downstream consumer with customized interface implementations, these changes need to be treated as breaking changes. Please do one of the following:

Option 1 - Publish this as a breaking change

  1. Update the documentation to show the new functionality
  2. Bump the major version in the next release
  3. Be sure to highlight the breaking changes in the release notes

Option 2 - Refactor the changes to be non-breaking

  1. Review this commit, which adds a new interface in a backward-compatible way
  2. Refactor the change to follow this pattern so that existing interfaces are left completely intact
  3. Bump the minor version in the next release

@microsoft microsoft deleted a comment from github-actions bot Jul 17, 2025
@microsoft microsoft deleted a comment from github-actions bot Jul 17, 2025
@DaveTryon
Copy link
Contributor Author

DaveTryon commented Jul 17, 2025

/azp run

@DaveTryon DaveTryon merged commit da26327 into main Jul 17, 2025
5 checks passed
@DaveTryon DaveTryon deleted the DaveTryon/add-e2e-aggregation-tests branch July 17, 2025 17:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sfoslund sfoslund sfoslund approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@DaveTryon @sfoslund