From 08c926140ad0af22de58c2a2656afda58082ba3e Mon Sep 17 00:00:00 2001
From: Laurent Goderre <laurent.goderre@docker.com>
Date: Mon, 2 Oct 2023 11:36:18 -0400
Subject: [PATCH] Added shared module for jq template with SBOM generator

---
 scripts/template-helper-functions.jq | 36 ++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)
 create mode 100644 scripts/template-helper-functions.jq

diff --git a/scripts/template-helper-functions.jq b/scripts/template-helper-functions.jq
new file mode 100644
index 00000000..2eb903e7
--- /dev/null
+++ b/scripts/template-helper-functions.jq
@@ -0,0 +1,36 @@
+#input package 
+# {
+#     name: "packageName",
+#     version: "packageVersion",
+#     params: {
+#         "foo": "bar"
+#     }
+#     licenses: ["packageLicense" ... ]
+# }
+#output: object
+def sbom:
+    {
+		spdxVersion: "SPDX-2.3",
+		SPDXID: "SPDXRef-DOCUMENT",
+		name: (.name + "-sbom"),
+		packages: [
+			{
+				name: .name,
+				versionInfo: .version,
+				SPDXID: ("SPDXRef-Package--" + .name),
+				externalRefs: [
+					{
+						referenceCategory: "PACKAGE-MANAGER",
+						referenceType: "purl",
+						referenceLocator: ("pkg:generic/" + .name + "@" + .version + "?" + (.params | [to_entries[] | .key + "=" + .value] | join("\u0026")))
+					}
+				],
+				licenseDeclared: (if .licenses | length > 0 then
+					(.licenses | join(" AND "))
+				else
+					"NOASSERTION"
+				end)
+			}
+		]
+	}
+;