Added functionality to handle private gits

8ed4966c · Jan-Niclas Strüwer · 9573e29e · 8ed4966c · 8ed4966c · 8ed4966c
Verified Commit 8ed4966c authored 1 year ago by Jan-Niclas Strüwer
--- a/kubernetes/deployment.yaml
+++ b/kubernetes/deployment.yaml
@@ -55,6 +55,11 @@ spec:
                            secretKeyRef:
                                name: backendapisecrets
                                key: oc_api_key
+                      -   name: OC_USER
+                          valueFrom:
+                              secretKeyRef:
+                                  name: backendapisecrets
+                                  key: oc_user
                      - name: API_KEY
                        valueFrom:
                            secretKeyRef:

--- a/src/main/kotlin/de/fraunhofer/iem/dataprovider/configuration/OpenCodeGitlabApiProperties.kt
+++ b/src/main/kotlin/de/fraunhofer/iem/dataprovider/configuration/OpenCodeGitlabApiProperties.kt
@@ -12,12 +12,19 @@ data class OpenCodeGitlabApiProperties(
    @field:NotBlank
    val host: String,
    @field:NotBlank
-    val accessToken: String
+    val accessToken: String,
+    val analyzePrivateRepos: Boolean = false,
+    val userName: String?
 ) {
    @PostConstruct
    fun postConstruct() {
        // There is no try catch block around the operations on purpose!
        // We want to throw here if this operations fail.
        URL(host).toURI()
+        if (analyzePrivateRepos && userName.isNullOrEmpty()) {
+            throw Exception("To analyze private repositories a username must be set")
+        }
    }
 }
--- a/src/main/kotlin/de/fraunhofer/iem/dataprovider/tools/occmd/service/OccmdService.kt
+++ b/src/main/kotlin/de/fraunhofer/iem/dataprovider/tools/occmd/service/OccmdService.kt
@@ -15,6 +15,7 @@ import kotlinx.coroutines.future.await
 import kotlinx.coroutines.withContext
 import kotlinx.serialization.json.Json
 import org.eclipse.jgit.api.Git
+import org.eclipse.jgit.transport.UsernamePasswordCredentialsProvider
 import org.springframework.stereotype.Service
 import java.io.File
 import java.nio.file.Files.isExecutable
@@ -128,10 +129,17 @@ class OccmdService(
    }
    private suspend fun cloneGit(repoUrl: String, outDir: File) {
-        val git: Git = Git.cloneRepository()
+        val gitRequest = Git.cloneRepository()
+            .setCloneSubmodules(true)
            .setURI(repoUrl)
            .setDirectory(outDir)
-            .call()
+        if (gitlabApiProperties.analyzePrivateRepos) {
+            gitRequest.setCredentialsProvider(
+                UsernamePasswordCredentialsProvider(gitlabApiProperties.userName, gitlabApiProperties.accessToken)
+            )
+        }
+        val git = gitRequest.call()
        git.close()
    }
 }
--- a/src/main/resources/application-local.properties
+++ b/src/main/resources/application-local.properties
 spring.config.import=optional:classpath:.env[.properties]
 # Config for the OpencoDE platform
 # Token can be an empty string to access public repositories only
-opencode.host=https://gitlab.opencode.de/
+opencode.host=https://gitlab.dev.o4oe.de/
 opencode.access-token=${OC_GL_APIKEY:}
+opencode.analyze-private-repos=true
+opencode.user-name=${OC_USER:}
 # Tool APIs
 opencode.api.base-path=https://sl.dev.o4oe.de/api/v1/project/
 opencode.api.ort=/cve-result
@@ -41,5 +43,5 @@ spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.CockroachDialect
 spring.datasource.url=${DB_URL:}
 spring.datasource.username=${DB_USER:}
 spring.datasource.password=${DB_PW:}
-projects.project-ids=1108
+projects.project-ids=159
 #, 888, 438, 1189, 820, 788, 400, 1052