chore: Docker files for debugging, add snyk scanning script

Change-Id: I5501e745a7ddaef612f63894d740e7ce7e9cfb16
sassoftware · Nov 1, 2023 · bb88da6 · bb88da6
1 parent 2475ae5
commit bb88da6
Show file tree

Hide file tree

Showing 10 changed files with 164 additions and 0 deletions.
diff --git a/.gitignore b/.gitignore
@@ -26,3 +26,5 @@
 !/sage
 !/ci
 !/install
+!/docker
+!/snyk
diff --git a/docker/dev/Dockerfile b/docker/dev/Dockerfile
@@ -0,0 +1,28 @@
+FROM grafana/grafana:10.0.4-ubuntu
+
+USER root
+WORKDIR /root
+
+RUN apt-get -y update
+RUN apt-get -y install git build-essential
+
+RUN curl -L https://golang.org/dl/go1.18.linux-amd64.tar.gz > go1.18.linux-amd64.tar.gz
+
+RUN rm -rf /usr/local/go && \
+    tar -C /usr/local -xzf go1.18.linux-amd64.tar.gz
+
+RUN touch README; printf "~~~~~~ START THE DLV SERVER WITH THIS COMMAND BEFORE RUNNING IDE DEBUGGER ~~~~~~ \r\ndlv attach --headless --api-version 2 --accept-multiclient --listen=:3222 \$(pgrep -f sasesp-plugin)\r\n\r\n" >> README
+
+RUN echo "export PATH=$PATH:/usr/local/go/bin:~/go/bin" >> ~/.bashrc
+RUN echo "cat ~/README" >> ~/.bashrc
+
+RUN /usr/local/go/bin/go install github.com/go-delve/delve/cmd/dlv@latest
+RUN git clone https://github.com/magefile/mage; \
+    cd mage; \
+    export PATH=$PATH:/usr/local/go/bin; \
+    go run bootstrap.go
+
+CMD cd /var/lib/grafana/plugins/sasesp-plugin; \
+    mage build:debug; \
+	mage reloadPlugin; \
+	dlv attach --headless --api-version 2 --accept-multiclient --listen=:3222 $(pgrep -f sasesp-plugin)
diff --git a/docker/dev/config/config.ini b/docker/dev/config/config.ini
@@ -0,0 +1,17 @@
+app_mode = development
+instance_name = grafana-oss
+
+[plugins]
+enable_alpha = true
+app_tls_skip_verify_insecure = false
+allow_loading_unsigned_plugins = sasesp-plugin
+
+[auth]
+login_cookie_name = grafana_oss_session
+
+[panels]
+disable_sanitize_html = false
+
+[log]
+level = warn
+filters = plugin.sasesp-plugin:debug
diff --git a/docker/dev/docker-compose.yaml b/docker/dev/docker-compose.yaml
@@ -0,0 +1,26 @@
+version: '3'
+
+networks:
+  grafana:
+
+services:
+  grafana-plugin-dev:
+    build: .
+    cap_add:
+      - SYS_PTRACE
+    security_opt:
+      - seccomp:unconfined
+      - apparmor:unconfined
+    extra_hosts:
+      - 'host.docker.internal:host-gateway'
+    ports:
+      - 3000:3000
+      - 3222:3222
+    networks:
+      - grafana
+    container_name: grafana-plugin-dev
+    command: --config /var/lib/grafana/config.ini
+    volumes:
+      - ./data/grafana-oss:/var/lib/grafana
+      - ./config/config.ini:/var/lib/grafana/config.ini
+      - ../../:/var/lib/grafana/plugins/sasesp-plugin
diff --git a/docker/dev/start-debug.sh b/docker/dev/start-debug.sh
@@ -0,0 +1,2 @@
+#!/bin/bash
+cd /var/lib/grafana/plugins/sasesp-plugin && mage build:debug && mage reloadPlugin && dlv attach --headless --api-version 2 --accept-multiclient --listen=:3222 $(pgrep -f sasesp-plugin)
diff --git a/docker/test/Dockerfile b/docker/test/Dockerfile
@@ -0,0 +1,7 @@
+FROM grafana/grafana:9.5.2-ubuntu
+
+USER root
+WORKDIR /root
+
+ADD data/grafana-oss/plugins/sasesp-plugin /var/lib/grafana/plugins/sasesp-plugin
+COPY config/config.ini /etc/grafana/grafana.ini
diff --git a/docker/test/build.sh b/docker/test/build.sh
@@ -0,0 +1,7 @@
+mkdir -p data/grafana-oss/plugins/
+rm -rf data/grafana-oss/plugins/sasesp-plugin/dist
+ln -srf ../../dist data/grafana-oss/plugins/sasesp-plugin
+
+mkdir -p data/grafana-oss/public/maps/
+
+docker build .
diff --git a/docker/test/config/config.ini b/docker/test/config/config.ini
@@ -0,0 +1,13 @@
+app_mode = development
+instance_name = grafana-oss
+
+[plugins]
+enable_alpha = true
+app_tls_skip_verify_insecure = false
+allow_loading_unsigned_plugins = sasesp-plugin
+
+[auth]
+login_cookie_name = grafana_oss_session
+
+[panels]
+disable_sanitize_html = false
diff --git a/docker/test/docker-compose.yaml b/docker/test/docker-compose.yaml
@@ -0,0 +1,23 @@
+version: '3'
+
+networks:
+  grafana:
+
+services:
+  grafana-plugin-test:
+    build: .
+    cap_add:
+      - SYS_PTRACE
+    security_opt:
+      - seccomp:unconfined
+      - apparmor:unconfined
+    extra_hosts:
+      - 'host.docker.internal:host-gateway'
+    ports:
+      - 3000:3000
+      - 3222:3222
+    networks:
+      - grafana
+    container_name: grafana-plugin-test
+    command: --config /var/lib/grafana/config.ini
+
diff --git a/snyk/generate-report.sh b/snyk/generate-report.sh
@@ -0,0 +1,39 @@
+#/bin/bash
+# This script is a workaround for Snyk's broken directory exclusion feature.
+# The Snyk CLI requires initial authenticaiton. See: https://docs.snyk.io/snyk-cli/authenticate-the-cli-with-your-account
+set -e
+
+npx snyk auth ${SNYK_API_KEY}
+
+declare -a directoriesToScan=(
+	src
+    pkg
+    internal
+)
+
+rm -rf ./include/
+
+for includedDir in ${directoriesToScan[*]}
+do
+	mkdir -p $(dirname ./include/$includedDir)
+	target=$(realpath ../$includedDir)
+	ln -s $target ./include/$includedDir
+done
+
+cd ./include/ # Snyk can't handle scanning properly unless scanning inside the current directory.
+npx snyk code test --json | npx snyk-to-html -o ../report.html
+cd ../
+
+rm -rf ./include
+
+
+cd ..
+
+#This script is used to run blackduck scans, a valid URL and API key are required
+bash <(curl -s https://detect.synopsys.com/detect9.sh) \
+                                --detect.project.name=${PROJECT_NAME} \
+                                --detect.yarn.dependency.types.excluded=NON_PRODUCTION \
+                                --detect.project.version.name=${PROJECT_VERSION} \
+                                --detect.project.codelocation.unmap=true \
+                                --blackduck.api.token=$BD_API_KEY \
+                                --blackduck.url=$BD_URL
-Original file line number
+Diff line change
@@ Expand Up / @@ -26,3 +26,5 @@ @@
     !/sage
     !/ci
     !/install
+    !/docker
+    !/snyk
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		#!/bin/bash
		cd /var/lib/grafana/plugins/sasesp-plugin && mage build:debug && mage reloadPlugin && dlv attach --headless --api-version 2 --accept-multiclient --listen=:3222 $(pgrep -f sasesp-plugin)