Skip to content
Snippets Groups Projects
Verified Commit 0eb650cc authored by Jan-Niclas Strüwer's avatar Jan-Niclas Strüwer
Browse files

Updated Readme

parent 38d59c89
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
README.md
+ 23
7
View file @ 0eb650cc
......@@ -4,23 +4,38 @@
1. Start the database docker service in `tools/db`.
2. Install [OCCMD](https://gitlab.opencode.de/opencode-analyzer/occmd-public.git) and edit the
script `resources/scripts/occmd.sh` to point at the installation directory
script `resources/scripts/occmd.sh` to point at the executable.
The default implementation of the script expects a docker container with the name occmd to be present. A Dockerfile
is contained in this repository in `tools/occmd`.
3. Set the necessary environment variables, which are used in the application.properties:
```
opencode.access-token=${OC_GL_APIKEY}
opencode.access-token=${OC_GL_APIKEY} // this is the api key for opencode
# DB Login data
spring.datasource.url=${DB_URL}
#spring.datasource.url=jdbc:postgresql://${host}:26257/${DB_USER}?sslmode=${ssl_mode}&sslrootcert=${ca_crt}&sslcert=${ssl_cert}&sslkey=${ssl_key}
// either connect to a local postgresql db or the deployed test db
// the test db is a cockroach db and the expected url schema looks as follows:
// #spring.datasource.url=jdbc:postgresql://${host}:26257/${DB_USER}?sslmode=${ssl_mode}&sslrootcert=${ca_crt}&sslcert=${ssl_cert}&sslkey=${ssl_key}
spring.datasource.url=${DB_URL}
spring.datasource.username=${DB_USER}
spring.datasource.password=${DB_PW}
# OCCMD specific settings
// path to the occmd tool executable
// this can e.g, be the occmd.sh script in this project
occmd.occmd-path=${OCCMD_PATH}
# API key to access this server's API
// The api key is needed for all routes.
// the admin password is needed for the repo changed route.
// It is expected as basic auth with the admin username
// details can be found in configuration/security/WebSecurityConfiguration.kt
security.api-key=${API_KEY}
security.admin-username=${ADMIN_PASSWORD}
security.admin-password=${ADMIN_PASSWORD}
// a local repository to which the git repositories are temporarily cloned.
// they are automatically deleted after every tool run.
directories.git-clone-target-directory=${GIT_CLONE_TARGET_DIRECTORY}
directories.tool-results-target-directory=${TOOL_RESULTS_TARGET_DIRECTORY}
server.port=${PORT}
```
......@@ -32,6 +47,7 @@ This file is automatically loaded by the IDE.
4. Import the project into your IDE or use the commandline to build the application and run the server. For details on
how to run the program manually consider the spring boot documentation.
## Tests
### Important Note for the dev deployment and testing.
To run the e2e tests make sure to install the git submodules in the test directory.
\ No newline at end of file
The dev ORT API doesn't have results for all projects. Thus make sure to edit the `MetricsService.kt` to
point to the repository with id 106 for testing purposes.
\ No newline at end of file
src/main/kotlin/de/fraunhofer/iem/dataprovider/configuration/security/SecurityProperties.kt
+ 3
0
View file @ 0eb650cc
......@@ -13,6 +13,9 @@ data class SecurityProperties(
@Length(min = 20)
val adminPassword: String,
@NotBlank
@Length(min = 5)
val adminUsername: String,
@NotBlank
@Length(min = 30)
val apiKey: String
)
src/main/kotlin/de/fraunhofer/iem/dataprovider/configuration/security/WebSecurityConfiguration.kt
+ 1
3
View file @ 0eb650cc
......@@ -15,7 +15,6 @@ import org.springframework.security.crypto.password.PasswordEncoder
import org.springframework.security.web.server.SecurityWebFilterChain
const val ADMIN_USERNAME: String = "admin"
const val ADMIN_ROLE: String = "ADMIN"
@Configuration
......@@ -26,7 +25,7 @@ class SecurityConfiguration(val apiKeyFilter: ApiKeyFilter, private val security
@Bean
fun userDetailsService(): MapReactiveUserDetailsService {
val user: UserDetails = User
.withUsername(ADMIN_USERNAME)
.withUsername(securityProperties.adminUsername)
.password(passwordEncoder().encode(securityProperties.adminPassword))
.roles(ADMIN_ROLE)
.build()
......@@ -51,7 +50,6 @@ class SecurityConfiguration(val apiKeyFilter: ApiKeyFilter, private val security
authorize(ApiPaths.REPOSITORY, permitAll)
authorize(ApiPaths.REPOSITORY_ID, permitAll)
authorize(ApiPaths.OPENCODE_REPO_CHANGED, hasRole(ADMIN_ROLE))
authorize("${ApiPaths.DEBUG}/**", hasRole(ADMIN_ROLE))
authorize(anyExchange, denyAll)
}
httpBasic { }
......
src/main/resources/application.properties
+ 8
0
View file @ 0eb650cc
......@@ -9,8 +9,16 @@ opencode.api.base-path=https://sl.dev.o4oe.de/api/v1/project/
opencode.api.ort=/cve-result
# API key to access this server's API
# The api key is needed for all routes.
# the admin password is needed for the repo changed route.
# It is expected as basic auth with the admin username
# details can be found in configuration/security/WebSecurityConfiguration.kt
security.api-key=${API_KEY}
security.admin-password=${ADMIN_PASSWORD}
security.admin-username=${ADMIN_USERNAME}
# OCCMD specific settings
# path to the occmd tool executable
# this can e.g, be the occmd.sh script in this project
occmd.git-clone-target-directory=${GIT_CLONE_TARGET_DIRECTORY}
occmd.occmd-path=${OCCMD_PATH}
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Consent

On this website, we use the web analytics service Matomo to analyze and review the use of our website. Through the collected statistics, we can improve our offerings and make them more appealing for you. Here, you can decide whether to allow us to process your data and set corresponding cookies for these purposes, in addition to technically necessary cookies. Further information on data protection—especially regarding "cookies" and "Matomo"—can be found in our privacy policy. You can withdraw your consent at any time.