This directory contains the test Docker setup for testing OSV-Scalibr's opam extractor plugin. opam is the package manager for OCaml and stores installed package entries in a default switch install file generated by opam itself.

The opam extractor enumerates installed OCaml packages by reading the default switch install file at:

~/.opam/default/.opam-switch/install

Each entry is in the format package-name.version (one per line).

The Docker build runs testdata/install-opam.sh, which uses opam to install the following packages in the default switch (versions are resolved by opam at build time):

• dune
• ocamlfind
• core_kernel
• cohttp-lwt
• ppx_deriving

cd security-testbeds/opam
docker build -t opam-test .

The build runs testdata/install-opam.sh, which initializes opam and installs packages to generate the default switch install file.

docker run -it --rm -v $(pwd):/app opam-test

This will:

• Start an interactive bash session
• Mount the current directory as /app inside the container
• Allow you to place the scalibr binary in /app and run tests

1. Build or copy the scalibr binary to the current directory
2. Inside the container, run:

./scalibr --extractors=ocaml/opam --result=opam_output.textproto --root=/ home/test/.opam/default/.opam-switch/install

If you want to run the extractor outside the container:

docker run --rm -v $(pwd)/extracted_testdata:/output opam-test cp -r /home/test/.opam /output/

Then on your host:

./scalibr --extractors=ocaml/opam --result=opam_output.textproto --root=$(pwd)/extracted_testdata .opam/default/.opam-switch/install