It appears we should be passing like we do in the debian case but for the others.
The goal of this issue is
Make sure that is how we should do it?? Maybe do a little code spelunking to determine if we did it for a reason or not.
Make all the things more consistent.
To help move this forward, I've decoupled the purl format updates. Maybe we can tackle that as a separate PR. Since we're not passing os anymore, apt.go has to hard code Debian while both Alpine and Fedora don't include OS at all. It feels like we should be consistent one way or the other, but that doesn't need decided here.
To avoid strewing os references all over, I just updated the switch to support either --os or --package-manager strings. Seems to work locally, and also updated tests to cover both until the deprecated bits can be fully removed.
When building purls to be sent over we currently use different formats for debian, alpine, fedora, etc.
From the docs here https://ossindex.sonatype.org/doc/coordinates
It appears we should be passing like we do in the debian case but for the others.
The goal of this issue is
To help move this forward, I've decoupled the purl format updates. Maybe we can tackle that as a separate PR. Since we're not passing os anymore, apt.go has to hard code Debian while both Alpine and Fedora don't include OS at all. It feels like we should be consistent one way or the other, but that doesn't need decided here.
To avoid strewing os references all over, I just updated the switch to support either --os or --package-manager strings. Seems to work locally, and also updated tests to cover both until the deprecated bits can be fully removed.
Originally posted by @deadlysyn in https://github.com/sonatype-nexus-community/ahab/pull/42#issuecomment-703291731