diff --git a/src/main/kotlin/de/fraunhofer/iem/dataprovider/taskManager/TaskManager.kt b/src/main/kotlin/de/fraunhofer/iem/dataprovider/taskManager/TaskManager.kt
index 0e00bb464bec6d04c8a6c96eaa57d08ea580f338..698c7f0d1699ae81acdaa73a59184e27880fad9c 100644
--- a/src/main/kotlin/de/fraunhofer/iem/dataprovider/taskManager/TaskManager.kt
+++ b/src/main/kotlin/de/fraunhofer/iem/dataprovider/taskManager/TaskManager.kt
@@ -16,6 +16,7 @@ import de.fraunhofer.iem.dataprovider.taskManager.tasks.tools.occmd.OccmdTask
import de.fraunhofer.iem.dataprovider.taskManager.tasks.tools.ort.OrtAdvisorTask
import de.fraunhofer.iem.dataprovider.taskManager.tasks.tools.ort.OrtAnalyzerTask
import de.fraunhofer.iem.dataprovider.taskManager.tasks.tools.qodana.QodanaTask
+import de.fraunhofer.iem.dataprovider.tool.service.ToolService
import de.fraunhofer.iem.dataprovider.toolRun.service.ToolRunService
import jakarta.annotation.PreDestroy
import kotlinx.coroutines.CoroutineScope
@@ -39,7 +40,7 @@ class TaskManager(
private val repositoryService: RepositoryService,
private val kpiService: KPIService,
private val dependencyService: DependencyService,
-// private val toolService: ToolService
+ private val toolService: ToolService
) {
// The used default dispatcher is ok for CPU-bound workloads. However,
@@ -156,15 +157,15 @@ class TaskManager(
)
groupTaskManager.addTaskToGroup(groupId, ortAnalyzerTask.taskID)
-// groupTaskManager.addTaskToGroup(groupId, detektTask.taskID)
-// groupTaskManager.addTaskToGroup(groupId, qodanaTask.taskID)
-// groupTaskManager.addTaskToGroup(groupId, occmdTask.taskID)
+ groupTaskManager.addTaskToGroup(groupId, detektTask.taskID)
+ groupTaskManager.addTaskToGroup(groupId, qodanaTask.taskID)
+ groupTaskManager.addTaskToGroup(groupId, occmdTask.taskID)
worker.addTask(ortAnalyzerTask)
-// worker.addTask(detektTask)
-// worker.addTask(qodanaTask)
-// worker.addTask(occmdTask)
+ worker.addTask(detektTask)
+ worker.addTask(qodanaTask)
+ worker.addTask(occmdTask)
}
is OrtAnalyzerDoneEvent -> {
@@ -176,8 +177,8 @@ class TaskManager(
event.repoId,
event.groupID,
dependencyService,
- event.taskId
-// toolService
+ event.taskId,
+ toolService
)
worker.addTask(ortAdvisorTask)
}
diff --git a/src/main/kotlin/de/fraunhofer/iem/dataprovider/taskManager/events/OrtAnalyzerDoneEvent.kt b/src/main/kotlin/de/fraunhofer/iem/dataprovider/taskManager/events/OrtAnalyzerDoneEvent.kt
index a2c39978a9ee432185499158d4f78a46d4e548b5..8a900b2cc574c1f4d9043489400bc363b3f0b1fd 100644
--- a/src/main/kotlin/de/fraunhofer/iem/dataprovider/taskManager/events/OrtAnalyzerDoneEvent.kt
+++ b/src/main/kotlin/de/fraunhofer/iem/dataprovider/taskManager/events/OrtAnalyzerDoneEvent.kt
@@ -4,5 +4,5 @@ import java.util.*
class OrtAnalyzerDoneEvent(
val resultFileOutputDirectoryPath: String,
- val repoId: UUID, val taskId: UUID, val groupID: UUID
+ val repoId: UUID, val taskId: UUID, val groupID: UUID?
) : Event()
diff --git a/src/main/kotlin/de/fraunhofer/iem/dataprovider/taskManager/tasks/tools/ort/OrtAdvisorTask.kt b/src/main/kotlin/de/fraunhofer/iem/dataprovider/taskManager/tasks/tools/ort/OrtAdvisorTask.kt
index 79142343f32c9d568d7518905c8f4e3a6f32d963..ac23e1d3e0624ce25839d8b5c500b2d6ea34e80c 100644
--- a/src/main/kotlin/de/fraunhofer/iem/dataprovider/taskManager/tasks/tools/ort/OrtAdvisorTask.kt
+++ b/src/main/kotlin/de/fraunhofer/iem/dataprovider/taskManager/tasks/tools/ort/OrtAdvisorTask.kt
@@ -10,6 +10,8 @@ import de.fraunhofer.iem.dataprovider.taskManager.tasks.tools.ToolProcessTask
import de.fraunhofer.iem.dataprovider.taskManager.tasks.tools.ort.dto.OrtResultDto
import de.fraunhofer.iem.dataprovider.taskManager.tasks.tools.ort.json.AdvisorResultJson
import de.fraunhofer.iem.dataprovider.taskManager.tasks.tools.ort.json.OrtJson
+import de.fraunhofer.iem.dataprovider.tool.dto.CreateToolDto
+import de.fraunhofer.iem.dataprovider.tool.service.ToolService
import kotlinx.serialization.json.*
import org.springframework.core.io.ClassPathResource
import org.springframework.core.io.Resource
@@ -23,10 +25,10 @@ class OrtAdvisorTask(
outputDirectoryPath: String,
override val responseChannel: suspend (event: Event) -> Unit,
override val repoId: UUID,
- override val groupID: UUID,
+ override val groupID: UUID?,
private val dependencyService: DependencyService,
- override val taskID: UUID
-// private val toolService: ToolService
+ override val taskID: UUID,
+ private val toolService: ToolService
) : ToolProcessTask<List<DependencyCreateDto>>() {
private val resource: Resource = ClassPathResource("scripts/ort/ort_advisor.sh")
@@ -79,10 +81,7 @@ class OrtAdvisorTask(
result.forEach { dependency ->
dependencyService.save(dependency.toDbObject())
}
-// val ortTool = ToolEntity()
-// ortTool.name = "ORT"
-// ortTool.fullName = "oss-review-toolkit"
-// toolService.save(ortTool)
+ toolService.findOrCreateTool(CreateToolDto("ORT", "ORT", "docker-snapshot"))
}
}
diff --git a/src/main/kotlin/de/fraunhofer/iem/dataprovider/taskManager/tasks/tools/ort/OrtAnalyzerTask.kt b/src/main/kotlin/de/fraunhofer/iem/dataprovider/taskManager/tasks/tools/ort/OrtAnalyzerTask.kt
index 8cad3ef7d2ef2028c1e89f86db2692e1757e27dd..80a9ccf56bb157fca44127e752ba173ee1797a75 100644
--- a/src/main/kotlin/de/fraunhofer/iem/dataprovider/taskManager/tasks/tools/ort/OrtAnalyzerTask.kt
+++ b/src/main/kotlin/de/fraunhofer/iem/dataprovider/taskManager/tasks/tools/ort/OrtAnalyzerTask.kt
@@ -15,7 +15,7 @@ class OrtAnalyzerTask(
outputDirectoryPath: String,
override val responseChannel: suspend (event: Event) -> Unit,
override val repoId: UUID,
- override val groupID: UUID
+ override val groupID: UUID? = null
) : ToolProcessTask<List<DependencyCreateDto>>() {
private val resource: Resource = ClassPathResource("scripts/ort/ort_analyzer.sh")
diff --git a/src/main/kotlin/de/fraunhofer/iem/dataprovider/tool/dto/CreateToolDto.kt b/src/main/kotlin/de/fraunhofer/iem/dataprovider/tool/dto/CreateToolDto.kt
new file mode 100644
index 0000000000000000000000000000000000000000..378e7d88a49c530533ccb96744b7741028cfaf34
--- /dev/null
+++ b/src/main/kotlin/de/fraunhofer/iem/dataprovider/tool/dto/CreateToolDto.kt
@@ -0,0 +1,13 @@
+package de.fraunhofer.iem.dataprovider.tool.dto
+
+import de.fraunhofer.iem.dataprovider.tool.entity.ToolEntity
+
+data class CreateToolDto(val name: String, val fullName: String, val version: String) {
+ fun asDbObject(): ToolEntity {
+ val toolEntity = ToolEntity()
+ toolEntity.name = this.name
+ toolEntity.fullName = this.fullName
+ toolEntity.version = this.version
+ return toolEntity
+ }
+}
diff --git a/src/main/kotlin/de/fraunhofer/iem/dataprovider/tool/service/ToolService.kt b/src/main/kotlin/de/fraunhofer/iem/dataprovider/tool/service/ToolService.kt
index cc76be211059f14afd6600c149938b5abf4cc4aa..61264fe50eb35efa3b061207497639c43ef71667 100644
--- a/src/main/kotlin/de/fraunhofer/iem/dataprovider/tool/service/ToolService.kt
+++ b/src/main/kotlin/de/fraunhofer/iem/dataprovider/tool/service/ToolService.kt
@@ -2,6 +2,7 @@ package de.fraunhofer.iem.dataprovider.tool.service
import de.fraunhofer.iem.dataprovider.taskManager.tasks.tools.sarif.json.SarifToolJson
import de.fraunhofer.iem.dataprovider.taskManager.tasks.tools.sarif.json.asDbObject
+import de.fraunhofer.iem.dataprovider.tool.dto.CreateToolDto
import de.fraunhofer.iem.dataprovider.tool.entity.ToolEntity
import de.fraunhofer.iem.dataprovider.tool.repository.ToolRepository
import org.springframework.stereotype.Service
@@ -22,4 +23,13 @@ class ToolService(
fun save(tool: ToolEntity) {
toolRepository.save(tool)
}
+
+ fun findOrCreateTool(tool: CreateToolDto): ToolEntity {
+ return toolRepository.findByFullNameIgnoreCaseAndNameIgnoreCaseAndVersionIgnoreCase(
+ tool.fullName,
+ tool.name,
+ tool.version
+ )
+ ?: toolRepository.save(tool.asDbObject())
+ }
}
\ No newline at end of file
diff --git a/src/main/resources/scripts/ort/ort_advisor.sh b/src/main/resources/scripts/ort/ort_advisor.sh
new file mode 100755
index 0000000000000000000000000000000000000000..60a5ac32e7e31d5f1b29e687124eab273e7e8b58
--- /dev/null
+++ b/src/main/resources/scripts/ort/ort_advisor.sh
@@ -0,0 +1,17 @@
+#!/bin/sh
+
+PROJECT_DIRECTORY=${1}
+OUTPUT_DIRECTORY=${2}
+echo Advisor Started
+echo Input directory: "${PROJECT_DIRECTORY}" Output directory: "${OUTPUT_DIRECTORY}"
+
+script_dir="$(dirname "$0")"
+
+ #add --network vulnerablecode_mynetwork when running together with a custom vulnerable code instance
+docker run --rm\
+--network vulnerablecode_mynetwork \
+-v "${script_dir}":/config \
+-v "${PROJECT_DIRECTORY}":/project \
+-v "${OUTPUT_DIRECTORY}":/result \
+ort --config /config/config.yml --info advise -f JSON -i /project/analyzer-result.json --output-dir /result -a VulnerableCode
+exit 0
\ No newline at end of file
diff --git a/src/main/resources/scripts/ort/ort_analyzer.sh b/src/main/resources/scripts/ort/ort_analyzer.sh
index ee1ccbf94dff52914dcecd86b4d8ab722fd40ce3..c2a5d8600be2cb7e3858149dd37a6c191764b215 100755
--- a/src/main/resources/scripts/ort/ort_analyzer.sh
+++ b/src/main/resources/scripts/ort/ort_analyzer.sh
@@ -7,7 +7,7 @@ echo Input directory: "${PROJECT_DIRECTORY}" Output directory: "${OUTPUT_DIRECTO
script_dir="$(dirname "$0")"
-docker run \
+docker run --rm \
-v "${script_dir}":/config \
-v "${PROJECT_DIRECTORY}":/project \
-v "${OUTPUT_DIRECTORY}":/result \