diff --git a/README.md b/README.md
index 8730d286679300ce2d9225c75f319c7a94f18fa9..bfdfeaec0ed787d554eac03fa1d871db3d2e2834 100644
--- a/README.md
+++ b/README.md
@@ -4,23 +4,38 @@
1. Start the database docker service in `tools/db`.
2. Install [OCCMD](https://gitlab.opencode.de/opencode-analyzer/occmd-public.git) and edit the
- script `resources/scripts/occmd.sh` to point at the installation directory
+ script `resources/scripts/occmd.sh` to point at the executable.
+ The default implementation of the script expects a docker container with the name occmd to be present. A Dockerfile
+ is contained in this repository in `tools/occmd`.
3. Set the necessary environment variables, which are used in the application.properties:
```
-opencode.access-token=${OC_GL_APIKEY}
+opencode.access-token=${OC_GL_APIKEY} // this is the api key for opencode
# DB Login data
-spring.datasource.url=${DB_URL}
-#spring.datasource.url=jdbc:postgresql://${host}:26257/${DB_USER}?sslmode=${ssl_mode}&sslrootcert=${ca_crt}&sslcert=${ssl_cert}&sslkey=${ssl_key}
+// either connect to a local postgresql db or the deployed test db
+// the test db is a cockroach db and the expected url schema looks as follows:
+// #spring.datasource.url=jdbc:postgresql://${host}:26257/${DB_USER}?sslmode=${ssl_mode}&sslrootcert=${ca_crt}&sslcert=${ssl_cert}&sslkey=${ssl_key}
+spring.datasource.url=${DB_URL}
spring.datasource.username=${DB_USER}
spring.datasource.password=${DB_PW}
+# OCCMD specific settings
+// path to the occmd tool executable
+// this can e.g, be the occmd.sh script in this project
+occmd.occmd-path=${OCCMD_PATH}
+
# API key to access this server's API
+// The api key is needed for all routes.
+// the admin password is needed for the repo changed route.
+// It is expected as basic auth with the admin username
+// details can be found in configuration/security/WebSecurityConfiguration.kt
security.api-key=${API_KEY}
+security.admin-username=${ADMIN_PASSWORD}
security.admin-password=${ADMIN_PASSWORD}
+// a local repository to which the git repositories are temporarily cloned.
+// they are automatically deleted after every tool run.
directories.git-clone-target-directory=${GIT_CLONE_TARGET_DIRECTORY}
-directories.tool-results-target-directory=${TOOL_RESULTS_TARGET_DIRECTORY}
server.port=${PORT}
```
@@ -32,6 +47,7 @@ This file is automatically loaded by the IDE.
4. Import the project into your IDE or use the commandline to build the application and run the server. For details on
how to run the program manually consider the spring boot documentation.
-## Tests
+### Important Note for the dev deployment and testing.
-To run the e2e tests make sure to install the git submodules in the test directory.
\ No newline at end of file
+The dev ORT API doesn't have results for all projects. Thus make sure to edit the `MetricsService.kt` to
+point to the repository with id 106 for testing purposes.
\ No newline at end of file
diff --git a/src/main/kotlin/de/fraunhofer/iem/dataprovider/configuration/security/SecurityProperties.kt b/src/main/kotlin/de/fraunhofer/iem/dataprovider/configuration/security/SecurityProperties.kt
index 56c94d256b7922a111f091a49e268b9e0b7ee48d..b30a287730d03ad50e12fe07e2aa3371720b417f 100644
--- a/src/main/kotlin/de/fraunhofer/iem/dataprovider/configuration/security/SecurityProperties.kt
+++ b/src/main/kotlin/de/fraunhofer/iem/dataprovider/configuration/security/SecurityProperties.kt
@@ -13,6 +13,9 @@ data class SecurityProperties(
@Length(min = 20)
val adminPassword: String,
@NotBlank
+ @Length(min = 5)
+ val adminUsername: String,
+ @NotBlank
@Length(min = 30)
val apiKey: String
)
diff --git a/src/main/kotlin/de/fraunhofer/iem/dataprovider/configuration/security/WebSecurityConfiguration.kt b/src/main/kotlin/de/fraunhofer/iem/dataprovider/configuration/security/WebSecurityConfiguration.kt
index 53343b74eb977b98782bea0cd0131a92af071d04..297bfc9a3e5b44c3fdb8695f85dfcfa59b0ff49c 100644
--- a/src/main/kotlin/de/fraunhofer/iem/dataprovider/configuration/security/WebSecurityConfiguration.kt
+++ b/src/main/kotlin/de/fraunhofer/iem/dataprovider/configuration/security/WebSecurityConfiguration.kt
@@ -15,7 +15,6 @@ import org.springframework.security.crypto.password.PasswordEncoder
import org.springframework.security.web.server.SecurityWebFilterChain
-const val ADMIN_USERNAME: String = "admin"
const val ADMIN_ROLE: String = "ADMIN"
@Configuration
@@ -26,7 +25,7 @@ class SecurityConfiguration(val apiKeyFilter: ApiKeyFilter, private val security
@Bean
fun userDetailsService(): MapReactiveUserDetailsService {
val user: UserDetails = User
- .withUsername(ADMIN_USERNAME)
+ .withUsername(securityProperties.adminUsername)
.password(passwordEncoder().encode(securityProperties.adminPassword))
.roles(ADMIN_ROLE)
.build()
@@ -51,7 +50,6 @@ class SecurityConfiguration(val apiKeyFilter: ApiKeyFilter, private val security
authorize(ApiPaths.REPOSITORY, permitAll)
authorize(ApiPaths.REPOSITORY_ID, permitAll)
authorize(ApiPaths.OPENCODE_REPO_CHANGED, hasRole(ADMIN_ROLE))
- authorize("${ApiPaths.DEBUG}/**", hasRole(ADMIN_ROLE))
authorize(anyExchange, denyAll)
}
httpBasic { }
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index d31e4dbc6a3e4dcdd11482865267456ed0ccd01b..0fd9cc3e542ee5f30d8d7d56e56c5c130b4d49dc 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -9,8 +9,16 @@ opencode.api.base-path=https://sl.dev.o4oe.de/api/v1/project/
opencode.api.ort=/cve-result
# API key to access this server's API
+# The api key is needed for all routes.
+# the admin password is needed for the repo changed route.
+# It is expected as basic auth with the admin username
+# details can be found in configuration/security/WebSecurityConfiguration.kt
security.api-key=${API_KEY}
security.admin-password=${ADMIN_PASSWORD}
+security.admin-username=${ADMIN_USERNAME}
+# OCCMD specific settings
+# path to the occmd tool executable
+# this can e.g, be the occmd.sh script in this project
occmd.git-clone-target-directory=${GIT_CLONE_TARGET_DIRECTORY}
occmd.occmd-path=${OCCMD_PATH}