Merge branch 'main' into dependabot/maven/main/com.google.googlejavaf…

…ormat-google-java-format-1.24.0
IBM · Oct 16, 2024 · 3e965f1 · 3e965f1
2 parents 7bc5f0d + c459588
commit 3e965f1
Show file tree

Hide file tree

Showing 10 changed files with 105 additions and 63 deletions.
diff --git a/README.md b/README.md
@@ -25,12 +25,13 @@ make production
 > [!NOTE]
 > By default, the service can be accessed at http://localhost:8001
 
-Deploy using the helm chart to a kubernetes environment.
+Deploy using the helm chart to a kubernetes environment. Pass the domain suffix and the cbomkit database creds via helm parameters.
 ```shell
 # clone the repository 
 git clone https://github.com/IBM/cbomkit
 # deploy using helm
 helm install cbomkit 
+  --set common.clusterDomain={CLUSTER_DOMAIN}
   --set postgresql.auth.username={POSTGRES_USER} 
   --set postgresql.auth.password={POSTGRES_PASSWORD} 
   ./chart

diff --git a/chart/Chart.lock b/chart/Chart.lock
@@ -1,6 +1,6 @@
 dependencies:
 - name: postgresql
   repository: https://charts.bitnami.com/bitnami
-  version: 15.5.16
-digest: sha256:1af1ac920f4a095910961c40ce5045afd4fdc94aa0cc3b65593bffe31dadf6c5
-generated: "2024-07-12T00:09:22.986163523Z"
+  version: 15.5.38
+digest: sha256:40258817c36e0e257155ba3d6e620027f7b1eb2bad0ab083c9a20f9984fc4317
+generated: "2024-10-04T15:23:04.860835+02:00"
diff --git a/chart/Chart.yaml b/chart/Chart.yaml
@@ -25,5 +25,5 @@ appVersion: "1.16.0"
 
 dependencies:
   - name: postgresql
-    version: "16.4.0"
+    version: "15.5.38"
     repository: https://charts.bitnami.com/bitnami
diff --git a/chart/templates/cbomkit-deployment.yaml b/chart/templates/cbomkit-deployment.yaml
@@ -28,7 +28,7 @@ spec:
               value: jdbc:postgresql://{{ .Values.postgresql.fullnameOverride }}:5432/{{ .Values.postgresql.auth.database }}
             - name: CBOMKIT_PORT
               value: "8080"
-            - name: CBOMKITt_DB_USERNAME
+            - name: CBOMKIT_DB_USERNAME
               valueFrom:
                 secretKeyRef:
                   key: username
@@ -84,4 +84,4 @@ spec:
       terminationGracePeriodSeconds: 30
       volumes:
         - name: cbomkit-volume
-          emptyDir: {}
+          emptyDir: {}
diff --git a/chart/templates/cbomkit-frontend-route.yaml b/chart/templates/cbomkit-frontend-route.yaml
@@ -0,0 +1,18 @@
+apiVersion: route.openshift.io/v1
+kind: Route
+metadata:
+  annotations:
+    description: Route for cbomkit-frontend.
+  name: {{ .Values.frontend.name }}
+  labels:
+    app: {{ .Values.frontend.name }}
+    resource: {{ .Values.frontend.name }}
+spec:
+  port:
+    targetPort: 8000-tcp
+  tls:
+    termination: edge
+  to:
+    kind: Service
+    name: {{ .Values.frontend.name }}
+  wildcardPolicy: None
diff --git a/chart/templates/cbomkit-route.yaml b/chart/templates/cbomkit-route.yaml
@@ -0,0 +1,18 @@
+apiVersion: route.openshift.io/v1
+kind: Route
+metadata:
+  annotations:
+    description: Route for cbomkit backend.
+  name: {{ .Values.backend.name }}
+  labels:
+    app: {{ .Values.backend.name }}
+    resource: {{ .Values.backend.name }}
+spec:
+  port:
+    targetPort: 8080-tcp
+  tls:
+    termination: edge
+  to:
+    kind: Service
+    name: {{ .Values.backend.name }}
+  wildcardPolicy: None
diff --git a/pom.xml b/pom.xml
@@ -23,15 +23,15 @@
     <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
     <skipITs>true</skipITs>
 
-    <surefire-plugin.version>3.5.0</surefire-plugin.version>
+    <surefire-plugin.version>3.5.1</surefire-plugin.version>
     <google-java-format.version>1.24.0</google-java-format.version>
 
     <quarkus.platform.artifact-id>quarkus-bom</quarkus.platform.artifact-id>
     <quarkus.platform.group-id>io.quarkus.platform</quarkus.platform.group-id>
     <quarkus.platform.version>3.15.1</quarkus.platform.version>
 
     <jackson.version>2.18.0</jackson.version>
-    <cyclonedx-maven-plugin.version>2.8.2</cyclonedx-maven-plugin.version>
+    <cyclonedx-maven-plugin.version>2.9.0</cyclonedx-maven-plugin.version>
 
     <sonar.crypto.plugin.version>1.3.0</sonar.crypto.plugin.version>
     <sonar.plugin.api.version>10.11.0.2468</sonar.plugin.api.version>

diff --git a/src/main/java/com/ibm/resources/v1/ScannerResource.java b/src/main/java/com/ibm/resources/v1/ScannerResource.java
@@ -19,9 +19,10 @@
  */
 package com.ibm.resources.v1;
 
+import static com.ibm.Utils.addProperties;
+
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
-import com.ibm.Utils;
 import com.ibm.configuration.IConfiguration;
 import com.ibm.git.GitService;
 import com.ibm.message.IMessageDispatcher;
@@ -181,18 +182,16 @@ public void onMessage(String requestJSON, @PathParam("clientId") String clientId
                 cbom = runScan(webSocketMessageDispatcher, clonedProject.get(), scanRequest);
                 // try to store
                 if (possibleIdentifiers.isPresent() && cbom.isPresent()) {
-                    List<IdentifiableScan> identifiableScans =
-                            storeCBOM(
-                                    cbom.get(),
-                                    possibleIdentifiers.get(),
-                                    scanRequest.gitUrl(),
-                                    scanRequest.branch());
-                    Utils.addProperties(
+                    storeCBOM(
                             cbom.get(),
+                            possibleIdentifiers.get(),
                             scanRequest,
-                            clonedProject.get().commitHash,
-                            identifiableScans);
-                    LOG.info("Scan related data persisted");
+                            clonedProject.get().commitHash);
+                    LOG.info(
+                            "CBOM persisted for "
+                                    + scanRequest.gitUrl()
+                                    + ", branch "
+                                    + scanRequest.branch());
                     webSocketMessageDispatcher.sendCBOMMessage(cbom.get().toString());
                 }
             }
@@ -290,37 +289,34 @@ public Optional<IdentifiersInternal> getIdentifier(@Nonnull String gitUrl) {
     }
 
     @Transactional
-    public List<IdentifiableScan> storeCBOM(
+    public void storeCBOM(
             @Nonnull JsonNode cbom,
             @Nonnull IdentifiersInternal identifiers,
-            @Nonnull String gitUrl,
-            @Nonnull String branch) {
+            @Nonnull ScanRequest scanRequest,
+            @Nonnull String commitHash) {
         final PanacheQuery<Scan> findCbomForGitAndBranch =
-                Scan.find("gitUrl = ?1 and branch = ?2", gitUrl, branch);
+                Scan.find(
+                        "gitUrl = ?1 and branch = ?2", scanRequest.gitUrl(), scanRequest.branch());
         final Optional<Scan> possibleCbom = findCbomForGitAndBranch.firstResultOptional();
 
         Scan entity = new Scan();
         if (possibleCbom.isPresent()) {
-            LOG.info(
-                    "CBOM-Entity with giturl "
-                            + possibleCbom.get().getGitUrl()
-                            + " already present. Will be overwritten.");
             entity = possibleCbom.get();
+            LOG.info(
+                    "Scan from giturl "
+                            + entity.getGitUrl()
+                            + " (branch: "
+                            + entity.getBranch()
+                            + ") already present. Will be overwritten.");
         }
         entity.setBom(cbom);
-        entity.setGitUrl(gitUrl);
-        entity.setBranch(branch);
+        entity.setGitUrl(scanRequest.gitUrl());
+        entity.setBranch(scanRequest.branch());
         entity.setCbomSpecVersion(Version.VERSION_16.getVersionString());
         entity.setCreatedAt(new Timestamp(System.currentTimeMillis()));
-        entity.persist();
-        if (entity.isPersistent()) {
-            LOG.info("CBOM-Entity object with gitUrl " + entity.getGitUrl() + " persisted");
-        } else {
-            LOG.error("An error occurred while persisting the CBOM-Entity.");
-        }
 
         final Pattern versionPattern = Pattern.compile("(\\d+\\.\\d+\\.?\\d*)");
-        final Matcher versionMatcher = versionPattern.matcher(branch);
+        final Matcher versionMatcher = versionPattern.matcher(scanRequest.branch());
         String version = null;
         if (versionMatcher.find()) {
             version = versionMatcher.group(1);
@@ -346,7 +342,8 @@ public List<IdentifiableScan> storeCBOM(
         }
         IdentifiableScan.persist(identifiableScans);
 
-        return identifiableScans;
+        addProperties(entity.getBom(), scanRequest, commitHash, identifiableScans);
+        entity.persist();
     }
 
     public static class CancelScanException extends Exception {

diff --git a/src/test/java/com/ibm/DefaultTestConfiguration.java b/src/test/java/com/ibm/DefaultTestConfiguration.java
@@ -37,24 +37,27 @@
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
+import javax.annotation.Nonnull;
+import javax.annotation.Nullable;
 import org.eclipse.microprofile.config.ConfigProvider;
-import org.jetbrains.annotations.NotNull;
-import org.jetbrains.annotations.Nullable;
 
 @Mock
 @ApplicationScoped
 public class DefaultTestConfiguration implements ITestConfiguration {
-    @NotNull @Override
+    @Nonnull
+    @Override
     public String exampleCbomVersion() {
         return "1.6";
     }
 
-    @NotNull @Override
+    @Nonnull
+    @Override
     public String exampleCbomString() {
         return "{\"cbom\":\"The cbom\"}";
     }
 
-    @NotNull @Override
+    @Nonnull
+    @Override
     public Scan exampleCbom() {
         try {
             Scan scan = new Scan();
@@ -70,17 +73,20 @@ public Scan exampleCbom() {
         }
     }
 
-    @NotNull @Override
+    @Nonnull
+    @Override
     public String exampleGitUrl() {
         return "https://github.com/apache/commons-io";
     }
 
-    @NotNull @Override
+    @Nonnull
+    @Override
     public String exampleGitBranch() {
         return "master";
     }
 
-    @NotNull @Override
+    @Nonnull
+    @Override
     public String examplePURL() {
         return "pkg:github/apache/commons-io";
     }
@@ -90,12 +96,14 @@ public IComplianceService getComplianceService() {
         throw new UnsupportedOperationException("Override this function in your test class");
     }
 
-    @NotNull @Override
+    @Nonnull
+    @Override
     public IScanRepository getCBOMRepository() {
         return new ScanRepository();
     }
 
-    @NotNull @Override
+    @Nonnull
+    @Override
     public IScannerManager getScannerManager() {
         // register scanners
         final List<IScanner> registry = new ArrayList<>();
@@ -105,7 +113,7 @@ public IScannerManager getScannerManager() {
     }
 
     @Override
-    public @NotNull List<File> getJavaDependencyJARS() {
+    public @Nonnull List<File> getJavaDependencyJARS() {
         return ConfigProvider.getConfig()
                 .getOptionalValue("service.scanning.java-jar-dir", String.class)
                 .flatMap(Utils::getJarFiles)

diff --git a/src/test/java/com/ibm/resources/v1/ScannerResourceTest.java b/src/test/java/com/ibm/resources/v1/ScannerResourceTest.java
@@ -129,25 +129,25 @@ void testGetIdentifier() {
     void testStoreCbom() throws JsonProcessingException {
         ObjectMapper mapper = new ObjectMapper();
         JsonNode cbomJson = mapper.readTree(this.testConfiguration.exampleCbomString());
-        final IdentifiersInternal ii =
+        final IdentifiersInternal identifiers =
                 new IdentifiersInternal(
                         this.testConfiguration.exampleGitUrl(),
                         List.of(this.testConfiguration.examplePURL()));
 
-        ScannerResource sr = new ScannerResource(this.testConfiguration);
-        sr.storeCBOM(
-                cbomJson,
-                ii,
-                this.testConfiguration.exampleGitUrl(),
-                this.testConfiguration.exampleGitBranch());
+        ScanRequest request =
+                new ScanRequest(
+                        this.testConfiguration.exampleGitUrl(),
+                        this.testConfiguration.exampleGitBranch(),
+                        null);
+        ScannerResource resource = new ScannerResource(this.testConfiguration);
+        resource.storeCBOM(cbomJson, identifiers, request, "01abcdef");
 
         PanacheQuery<Scan> query =
-                Scan.find(
-                        "gitUrl = ?1 and branch = ?2",
-                        this.testConfiguration.exampleGitUrl(),
-                        this.testConfiguration.exampleGitBranch());
-        Scan cb = query.firstResult();
-        Assertions.assertNotNull(cb);
-        Assertions.assertEquals(cbomJson, cb.getBom());
+                Scan.find("gitUrl = ?1 and branch = ?2", request.gitUrl(), request.branch());
+        Scan scan = query.firstResult();
+        Assertions.assertNotNull(scan);
+        Assertions.assertEquals(request.gitUrl(), scan.getGitUrl());
+        Assertions.assertEquals(request.branch(), scan.getBranch());
+        Assertions.assertEquals(cbomJson, scan.getBom());
     }
 }