From 847a89944628d048600f1cff04d2ea0b1150d1bd Mon Sep 17 00:00:00 2001 From: Will Dollman Date: Mon, 14 Oct 2024 11:30:03 +0100 Subject: [PATCH] sboms: Update changelog and improve error message (#1116) * Update changelog + improve error message * Remove newline --- CHANGELOG.md | 4 ++++ cmd/src/sbom_fetch.go | 6 ++++++ 2 files changed, 10 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index c3e791393d..52962df8bf 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -13,6 +13,10 @@ All notable changes to `src-cli` are documented in this file. ## 5.8.0 +### Added + +- SBOM support: Software Bill of Materials (SBOMs) can now be fetched for Sourcegraph releases after 5.8.0 using `src sbom fetch -v `. [#1115](https://github.com/sourcegraph/src-cli/pull/1115) + ### Changed - Update Go to 1.22.8 diff --git a/cmd/src/sbom_fetch.go b/cmd/src/sbom_fetch.go index 71ae2808e3..6cee467780 100644 --- a/cmd/src/sbom_fetch.go +++ b/cmd/src/sbom_fetch.go @@ -14,6 +14,7 @@ import ( "strings" "unicode" + "github.com/grafana/regexp" "github.com/sourcegraph/sourcegraph/lib/errors" "github.com/sourcegraph/sourcegraph/lib/output" @@ -186,6 +187,11 @@ func (c sbomConfig) getImageList() ([]string, error) { defer resp.Body.Close() if resp.StatusCode != http.StatusOK { + // Compare version number against a regex that matches versions up to and including 5.8.0 + versionRegex := regexp.MustCompile(`^v?[0-5]\.([0-7]\.[0-9]+|8\.0)$`) + if versionRegex.MatchString(c.version) { + return nil, fmt.Errorf("unsupported version %s: SBOMs are only available for Sourcegraph releases after 5.8.0", c.version) + } return nil, fmt.Errorf("failed to fetch list of images - check that %s is a valid Sourcegraph release: HTTP status %d", c.version, resp.StatusCode) }