diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile deleted file mode 100644 index a965b53..0000000 --- a/.devcontainer/Dockerfile +++ /dev/null @@ -1,14 +0,0 @@ -FROM mcr.microsoft.com/devcontainers/dotnet:0-7.0 - -WORKDIR /src -# Install Prerrequisites -RUN apt-get update && \ - apt-get install build-essential procps curl file git --no-install-recommends -y && \ - rm -rf /var/lib/apt/lists/* -USER vscode -RUN sh -c "$(curl -fsSL https://raw.githubusercontent.com/Linuxbrew/install/master/install.sh)" && \ - sudo chown -R vscode /home/linuxbrew/.linuxbrew/Cellar -# USER vscode -ENV PATH="/home/linuxbrew/.linuxbrew/bin:${PATH}" -# Install tools -RUN brew install spdx-sbom-generator \ No newline at end of file diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index c0300ab..0fb9e3f 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -8,7 +8,8 @@ "service": "app", "workspaceFolder": "/workspaces/${localWorkspaceFolderBasename}", "features": { - "ghcr.io/devcontainers-contrib/features/snyk-cli:1": {} + "ghcr.io/devcontainers-contrib/features/snyk-cli:1": {}, + "ghcr.io/devcontainers-contrib/features/node-asdf:0": {} }, // Features to add to the dev container. More info: https://containers.dev/features. @@ -25,10 +26,10 @@ "GitHub.copilot" ] } - } + }, // Use 'postCreateCommand' to run commands after the container is created. - // "postCreateCommand": "uname -a", + "postCreateCommand": "npm install -g @cyclonedx/cdxgen" // Configure tool-specific properties. // "customizations": {}, diff --git a/.devcontainer/docker-compose.yml b/.devcontainer/docker-compose.yml index 1bce85d..ddcd893 100644 --- a/.devcontainer/docker-compose.yml +++ b/.devcontainer/docker-compose.yml @@ -11,15 +11,16 @@ volumes: services: app: - build: - context: . - dockerfile: Dockerfile + # build: + # context: . + # dockerfile: Dockerfile + image: mcr.microsoft.com/devcontainers/dotnet:0-7.0 volumes: - ../..:/workspaces:cached # Overrides default command so things don't shut down after the process ends. command: sleep infinity # Runs app on the same network as the database container, allows "forwardPorts" in devcontainer.json function. - # network_mode: service:dtrack-apiserver + network_mode: service:dtrack-apiserver # Use "forwardPorts" in **devcontainer.json** to forward an app port locally. # (Adding the "ports" property to this file will not forward from a Codespace.) @@ -121,7 +122,6 @@ services: volumes: - 'dependency-track:/data' restart: unless-stopped - dtrack-frontend: image: dependencytrack/frontend depends_on: @@ -142,4 +142,4 @@ services: # - "/host/path/to/config.json:/app/static/config.json" ports: - "8080:8080" - restart: unless-stopped \ No newline at end of file + restart: unless-stopped diff --git a/steps.sh b/steps.sh index 92475c6..3e44214 100644 --- a/steps.sh +++ b/steps.sh @@ -8,26 +8,26 @@ snyk auth git clone https://github.com/0GiS0/tour-of-heroes-angular.git && cd tour-of-heroes-angular npm install -cdxgen -o bom.json +cdxgen -o bom.1.4.json --spec-version 1.4 # Trying API REST -curl https://reimagined-xylophone-vp9qqwj64fx67w-8080.app.github.dev/api/version -w '%{response_code}' +curl http://localhost:8080/api/version -w '%{response_code}' -curl -X "PUT" "https://reimagined-xylophone-vp9qqwj64fx67w-8080.app.github.dev/api/v1/bom" \ +curl -X "PUT" "http://localhost:8080/api/v1/bom" \ -H 'Content-Type: multipart/form-data' \ -H 'X-Api-Key: BgCIvb2ZuIEiuaZBiOZ5JhmQdD8I4Iop' \ -F 'project=00ca1b30-3746-4da1-abae-f0b45a6d9906' \ -F 'bom=@bom.json' \ -w '%{response_code}' -curl -X "POST" "https://reimagined-xylophone-vp9qqwj64fx67w-8080.app.github.dev/api/v1/bom" \ + + +curl -X "PUT" "http://localhost:8080/api/v1/bom" \ -H 'Content-Type: multipart/form-data' \ - -H "X-Api-Key: BgCIvb2ZuIEiuaZBiOZ5JhmQdD8I4Iop" \ - -F "autoCreate=true" \ - -F "projectName=tour-of-heroes-test" \ - -F "projectVersion=1.0.0" \ - -F "bom=@bom.json" \ + -H 'X-Api-Key: BgCIvb2ZuIEiuaZBiOZ5JhmQdD8I4Iop' \ + -F 'project=81d1c70e-5527-4d1d-bdd0-15d6120badcb' \ + -F 'bom=@bom-nuget.json' \ -w '%{response_code}' @@ -36,11 +36,36 @@ curl -X "POST" "https://reimagined-xylophone-vp9qqwj64fx67w-8080.app.github.dev/ git clone https://github.com/0GiS0/tour-of-heroes-dotnet-api.git && cd tour-of-heroes-dotnet-api dotnet build -spdx-sbom-generator --format json +# npm install -g @cyclonedx/cdxgen +export FETCH_LICENSE=true +cdxgen -o bom-with-license.json --spec-version 1.4 -curl -X "PUT" "https://reimagined-xylophone-vp9qqwj64fx67w-8081.app.github.dev/api/v1/bom" \ +curl -X "POST" "http://localhost:8080/api/v1/bom" \ -H 'Content-Type: multipart/form-data' \ - -H 'X-Api-Key: BgCIvb2ZuIEiuaZBiOZ5JhmQdD8I4Iop' \ - -F 'project=81d1c70e-5527-4d1d-bdd0-15d6120badcb' \ - -F 'bom=@bom-nuget.json' \ - -w '%{response_code}' \ No newline at end of file + -H "X-Api-Key: QN0pNzIFxraSqO4U97kvLsFoCv8zfHR8" \ + -F "autoCreate=true" \ + -F "projectName=tour-of-heroes-test" \ + -F "projectVersion=1.0.0" \ + -F "bom=@bom.1.4.json" \ + -w '%{response_code}' + +# Test license +git clone https://github.com/dephell/dephell.git && cd dephell +cdxgen -o bom.1.4.json --spec-version 1.4 + +curl -X "POST" "http://localhost:8080/api/v1/bom" \ + -H 'Content-Type: multipart/form-data' \ + -H "X-Api-Key: QN0pNzIFxraSqO4U97kvLsFoCv8zfHR8" \ + -F "autoCreate=true" \ + -F "projectName=dephell-test" \ + -F "projectVersion=1.0.0" \ + -F "bom=@bom.1.4.json" \ + -w '%{response_code}' + + +# FOSSA +# Install fossa-cli +curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install-latest.sh | bash +export FOSSA_API_KEY='YOUR_API_KEY' +# Run an analysis +fossa analyze \ No newline at end of file diff --git a/tour-of-heroes-angular b/tour-of-heroes-angular deleted file mode 160000 index 58aa380..0000000 --- a/tour-of-heroes-angular +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 58aa3804744fc38085b4cde4bea004c4b1376dd1 diff --git a/tour-of-heroes-dotnet-api b/tour-of-heroes-dotnet-api deleted file mode 160000 index 9b8a5e9..0000000 --- a/tour-of-heroes-dotnet-api +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 9b8a5e91eb51e04b6cc33e537805172782ba7f01