KeyError: 'Metadata'

[KAWAHARA-souta]

libmpeg2-devel:
    version: 0.5.1
    epoch: 0
    release: 24.el9
    arch: i686
    pkgid(sha256?): 38f526b7a282413bc97f9d550ead8c80c4fb1fd3e99f64374fb5fd4a0c448bce
WARNING: All log messages before absl::InitializeLog() is called are written to STDERR
I0000 00:00:1721824824.999959 2582136 config.cc:230] gRPC experiments enabled: call_status_override_on_cancellation, event_engine_dns, event_engine_listener, http2_stats_fix, monitoring_experiment, pick_first_new, trace_record_callops, work_serializer_clears_time_cache
Traceback (most recent call last):
  File "/home/khwarizmi/test-sbommaking/alma_sbom.py", line 704, in <module>
    cli_main()
  File "/home/khwarizmi/test-sbommaking/alma_sbom.py", line 678, in cli_main
    sbom = get_info_about_package(
  File "/home/khwarizmi/test-sbommaking/alma_sbom.py", line 377, in get_info_about_package
    immudb_metadata = immudb_info_about_package['Metadata']
KeyError: 'Metadata'

[kawaharasouta]

上のパッケージに対するimmudbへのauthenticateやそのデータの結果

authenticateのコード

    print("*** authenticate ***")
    response = immudb_wrapper.authenticate("1bfcf5bf3187ff21db8109d48a0198b92341a9124f63db82cf501d1968ba1374")
    print(response)

結果

*** authenticate ***
{'error': 'Traceback (most recent call last):\n  File "/home/khwarizmi/git/alma-sbom/env/lib64/python3.9/site-packages/immudb_wrapper-0.1.1-py3.9.egg/immudb_wrapper.py", line 291, in verified_get\n    self.verifiedGet(\n  File "/home/khwarizmi/git/alma-sbom/env/lib64/python3.9/site-packages/immudb_py-1.4.0-py3.9.egg/immudb/client.py", line 667, in verifiedGet\n    return verifiedGet.call(self._stub, self._rs, key, verifying_key=self._vk, atRevision=atRevision)\n  File "/home/khwarizmi/git/alma-sbom/env/lib64/python3.9/site-packages/immudb_py-1.4.0-py3.9.egg/immudb/handler/verifiedGet.py", line 30, in call\n    ventry = service.VerifiableGet(req)\n  File "/home/khwarizmi/git/alma-sbom/env/lib64/python3.9/site-packages/grpcio-1.60.0-py3.9-linux-x86_64.egg/grpc/_interceptor.py", line 277, in __call__\n    response, ignored_call = self._with_call(\n  File "/home/khwarizmi/git/alma-sbom/env/lib64/python3.9/site-packages/grpcio-1.60.0-py3.9-linux-x86_64.egg/grpc/_interceptor.py", line 332, in _with_call\n    return call.result(), call\n  File "/home/khwarizmi/git/alma-sbom/env/lib64/python3.9/site-packages/grpcio-1.60.0-py3.9-linux-x86_64.egg/grpc/_channel.py", line 437, in result\n    raise self\n  File "/home/khwarizmi/git/alma-sbom/env/lib64/python3.9/site-packages/grpcio-1.60.0-py3.9-linux-x86_64.egg/grpc/_interceptor.py", line 315, in continuation\n    response, call = self._thunk(new_method).with_call(\n  File "/home/khwarizmi/git/alma-sbom/env/lib64/python3.9/site-packages/grpcio-1.60.0-py3.9-linux-x86_64.egg/grpc/_channel.py", line 1177, in with_call\n    return _end_unary_response_blocking(state, call, True, None)\n  File "/home/khwarizmi/git/alma-sbom/env/lib64/python3.9/site-packages/grpcio-1.60.0-py3.9-linux-x86_64.egg/grpc/_channel.py", line 1003, in _end_unary_response_blocking\n    raise _InactiveRpcError(state)  # pytype: disable=not-instantiable\ngrpc._channel._InactiveRpcError: <_InactiveRpcError of RPC that terminated with:\n\tstatus = StatusCode.UNKNOWN\n\tdetails = "tbtree: key not found"\n\tdebug_error_string = "UNKNOWN:Error received from peer ipv4:34.230.253.101:3322 {created_time:"2024-08-09T14:45:57.030814318+09:00", grpc_status:2, grpc_message:"tbtree: key not found"}"\n>\n'}

データ問い合わせのコード

    immudb_info_about_package = _extract_immudb_info_about_package(
        immudb_hash="38f526b7a282413bc97f9d550ead8c80c4fb1fd3e99f64374fb5fd4a0c448bce",
        immudb_wrapper=immudb_wrapper,
    )
    #source_rpm, package_nevra = _get_specific_info_about_package(
    #    immudb_info_about_package=immudb_info_about_package,
    #)
    print("hash: 38f526b7a282413bc97f9d550ead8c80c4fb1fd3e99f64374fb5fd4a0c448bce")
    print(immudb_info_about_package)

結果

hash: 38f526b7a282413bc97f9d550ead8c80c4fb1fd3e99f64374fb5fd4a0c448bce
{'timestamp': None}

[kawaharasouta]

上の結果から，なんらかの問題でimmudbに一切のデータが格納されていなかったものと思われる． この場合，パッケージの情報から最低限のSBOMを生成できるようにしたい．

[kawaharasouta]

参考として，本来のデータは以下のとおり

hash: 1beff4d72ade264196bc7467a505ca7a9a766163deb5d54409e7dcc622c3ad05
{'Name': 'nmstate-2.2.23-1.el9_3.src.rpm', 'Kind': 'file', 'Size': '8.75 MB', 'Hash': '1beff4d72ade264196bc7467a505ca7a9a766163deb5d54409e7dcc622c3ad05', 'Signer': 'sbom_signer_almalinux', 'Metadata': {'sbom_api_ver': '0.2', 'unsigned_hash': 'cc9d4c40630118ea7fbf478437c81f404a9dc3af15307b541e48160de53f0a3c', 'build_id': 8307, 'build_host': 'x64-builder01.almalinux.org', 'build_arch': 'i686', 'built_by': 'soksanichenko <soksanichenko@almalinux.org>', 'alma_commit_sbom_hash': '06fc0bc69cca4fade171342857caa30644d8f9fc', 'source_type': 'git', 'git_url': 'https://git.almalinux.org/rpms/nmstate.git', 'git_ref': 'imports/c9/nmstate-2.2.23-1.el9_3', 'git_commit': '06fc0bc69cca4fade171342857caa30644d8f9fc', 'name': 'nmstate', 'epoch': None, 'version': '2.2.23', 'release': '1.el9_3', 'arch': 'i686', 'sourcerpm': None}, 'timestamp': 1705994949}