Merge branch 'fix_missing_package_manager_poetry' into 'master'

Add missing package manager `poetry` See merge request !134799 Merged-by: Vitali Tatarintev <vtatarintev@gitlab.com> Approved-by: Javiera Tapia <jtapia@gitlab.com> Approved-by: Vitali Tatarintev <vtatarintev@gitlab.com> Reviewed-by: Olivier Gonzalez <52092-gonzoyumo@users.noreply.gitlab.com> Co-authored-by: Olivier Gonzalez <ogonzalez@gitlab.com>

Merge branch 'fix_missing_package_manager_poetry' into 'master'
623f626c · Vitali Tatarintev · 53dcaa73 · 93653b90 · 623f626c · 623f626c
Commit 623f626c authored 1 year ago by Vitali Tatarintev
--- a/doc/api/graphql/reference/index.md
+++ b/doc/api/graphql/reference/index.md
@@ -29244,6 +29244,7 @@ Values for package manager.
 | <a id="packagemanagerpip"></a>`PIP` | Package manager: pip. |
 | <a id="packagemanagerpipenv"></a>`PIPENV` | Package manager: pipenv. |
 | <a id="packagemanagerpnpm"></a>`PNPM` | Package manager: pnpm. |
+| <a id="packagemanagerpoetry"></a>`POETRY` | Package manager: poetry. |
 | <a id="packagemanagersbt"></a>`SBT` | Package manager: sbt. |
 | <a id="packagemanagersetuptools"></a>`SETUPTOOLS` | Package manager: setuptools. |
 | <a id="packagemanageryarn"></a>`YARN` | Package manager: yarn. |
--- a/ee/app/services/security/dependency_list_service.rb
+++ b/ee/app/services/security/dependency_list_service.rb
@@ -4,14 +4,14 @@ module Security
  class DependencyListService
    SORT_BY_VALUES = %w[name packager severity].freeze
    SORT_VALUES = %w[asc desc].freeze
-    FILTER_PACKAGE_MANAGERS_VALUES = %w[bundler yarn npm pnpm maven composer pip conan go nuget sbt gradle pipenv setuptools].freeze
+    FILTER_PACKAGE_MANAGERS_VALUES = %w[bundler yarn npm pnpm maven composer pip conan go nuget sbt gradle pipenv poetry setuptools].freeze
    FILTER_VALUES = %w[all vulnerable].freeze

    # @param pipeline [Ci::Pipeline]
    # @param [Hash] params to sort and filter dependencies
    # @option params ['asc', 'desc'] :sort ('asc') Order
    # @option params ['name', 'packager', 'severity'] :sort_by ('name') Field to sort
-    # @option params ['bundler', 'yarn', 'npm', 'maven', 'composer', 'pip', 'conan', 'go', 'nuget', 'sbt', 'gradle', 'pipenv', 'setuptools'] :package_manager ('bundler') Field to filter
+    # @option params ['bundler', 'yarn', 'npm', `pnpm`, 'maven', 'composer', 'pip', 'conan', 'go', 'nuget', 'sbt', 'gradle', 'pipenv', 'poetry', 'setuptools'] :package_manager ('bundler') Field to filter
    # @option params ['all', 'vulnerable'] :filter ('all') Field to filter
    def initialize(pipeline:, params: {})
      @pipeline = pipeline

--- a/lib/sbom/purl_type/converter.rb
+++ b/lib/sbom/purl_type/converter.rb
@@ -18,6 +18,7 @@ class Converter
        'nuget' => 'nuget',
        'pip' => 'pypi',
        'pipenv' => 'pypi',
+        'poetry' => 'pypi',
        'setuptools' => 'pypi',
        'python-pkg' => 'pypi'  # this package manager is generated by trivy
      }.with_indifferent_access.freeze

--- a/spec/lib/sbom/purl_type/converter_spec.rb
+++ b/spec/lib/sbom/purl_type/converter_spec.rb
@@ -22,6 +22,7 @@
      'nuget'               | 'nuget'
      'pip'                 | 'pypi'
      'pipenv'              | 'pypi'
+      'poetry'              | 'pypi'
      'setuptools'          | 'pypi'
      'Python (python-pkg)' | 'pypi'
      'analyzer (gobinary)' | 'golang'