wn/dtrack-defectdojo-automation
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

prepare second dockerfile
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details

Browse Source
This commit is contained in:
Wolfgang Hottgenroth
2025-07-15 14:33:07 +02:00
parent b21bd408f7
commit b2db5b35ad
3 changed files with 28 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
.gitlab-ci.yml
View File

@@ -68,7 +68,7 @@ generate-defectdojo-api:
-o defectdojo-client \ -o defectdojo-client \
--package-name defectdojo_api --package-name defectdojo_api
dockerize: .dockerize:
stage: build stage: build
image: devnexus.krohne.com:18079/repository/docker-krohne/krohnedockerbash:0.5 image: devnexus.krohne.com:18079/repository/docker-krohne/krohnedockerbash:0.5
tags: tags:
@@ -83,44 +83,16 @@ dockerize:
--tag $IMAGE_NAME:latest --tag $IMAGE_NAME:latest
--tag $IMAGE_NAME:$CI_COMMIT_SHA --tag $IMAGE_NAME:$CI_COMMIT_SHA
--tag $IMAGE_NAME:$CI_COMMIT_TAG --tag $IMAGE_NAME:$CI_COMMIT_TAG
-f $DOCKERFILE
. .
- docker login -u $NEXUS_USER -p $NEXUS_PASSWORD $REGISTRY - docker login -u $NEXUS_USER -p $NEXUS_PASSWORD $REGISTRY
- docker push $IMAGE_NAME:latest - docker push $IMAGE_NAME:latest
- docker push $IMAGE_NAME:$CI_COMMIT_SHA - docker push $IMAGE_NAME:$CI_COMMIT_SHA
- docker push $IMAGE_NAME:$CI_COMMIT_TAG - docker push $IMAGE_NAME:$CI_COMMIT_TAG
build-windows-binary: dockerize-cli:
stage: build extends: .dockerize
tags: variables:
- windows DOCKERFILE: dockerize-cli
- pwsh
- python3.13
rules:
- if: '$CI_COMMIT_TAG'
artifacts:
paths:
- sbom-dt-dd.exe
script:
- |
cd src
mv ..\dependencytrack-client .
mv ..\defectdojo-client .
& 'C:\Program Files\Python313\python.exe' -m venv venv
.\venv\Scripts\pip.exe install --upgrade pip
.\venv\Scripts\pip.exe install -r requirements.txt
.\venv\Scripts\pip.exe install -r dependencytrack-client\requirements.txt
.\venv\Scripts\pip.exe install -r defectdojo-client\requirements.txt
.\venv\Scripts\pip.exe install pyinstaller
.\venv\Scripts\pyinstaller.exe --onefile `
--add-data "dependencytrack-client;dependencytrack-client" `
--add-data "defectdojo-client;defectdojo-client" `
--hidden-import pydantic `
--hidden-import dateutil.parser `
--hidden-import urllib3 `
--hidden-import regex `
--collect-data cyclonedx `
--collect-data license_experssion `
sbom-dt-dd.py
mv dist\sbom-dt-dd.exe ..

0
Dockerfile → Dockerfile.cli
View File

25
src/sbom_dt_dd_api.py
View File

@@ -1,4 +1,6 @@
import os import os
import json
import yaml
from loguru import logger from loguru import logger
from fastapi import FastAPI, UploadFile, File, Form, HTTPException from fastapi import FastAPI, UploadFile, File, Form, HTTPException
from fastapi.responses import JSONResponse from fastapi.responses import JSONResponse
@@ -56,17 +58,24 @@ async def uploadMinimalSBOM(
""" """
Endpoint to upload a minimal SBOM definition Endpoint to upload a minimal SBOM definition
""" """
sbom = await file.read()
try: try:
sbom = await file.read()
logger.info("Start converting from minimal format into cyclonedx") logger.info("Start converting from minimal format into cyclonedx")
(sbom, projectName, projectVersion, projectClassifier, projectDescription) = minimalSbomFormatConverter(sbom) (sbom, projectName, projectVersion, projectClassifier, projectDescription) = minimalSbomFormatConverter(sbom)
logger.info("Converted") logger.info("Converted")
loadToDTrackAndDefectDojo(app.state.config, projectName, projectVersion, projectClassifier, projectDescription, 1, sbom, reimport) loadToDTrackAndDefectDojo(app.state.config, projectName, projectVersion, projectClassifier, projectDescription, 1, sbom, reimport)
logger.info("Done.") logger.info("Done.")
except yaml.scanner.ScannerError as e:
logger.warning(f"uploadMinimalSBOM, yaml ScannerError: {e.context=}, {e.context_mark=}, {e.problem=}, {e.problem_mark=}, {e.note=}")
raise HTTPException(status_code=400, detail=f"yaml ScannerError: {e.context=}, {e.context_mark=}, {e.problem=}, {e.problem_mark=}, {e.note=}")
except ApiException as e: except ApiException as e:
logger.warning(f"uploadMinimalSBOM, ApiException: {e.status=}, {e.reason=}, {e.body=}")
raise HTTPException(status_code=e.status, detail=f"{e.reason=}, {e.body=}, {e.data=}") raise HTTPException(status_code=e.status, detail=f"{e.reason=}, {e.body=}, {e.data=}")
except Exception as e:
logger.warning(f"uploadMinimalSBOM, Exception: {type(e)=}, {str(e)=}, {e.msg=}")
raise HTTPException(status_code=500, detail=f"Exception: {type(e)=}, {str(e)=}, {e.msg=}")
return JSONResponse(content={ return JSONResponse(content={
"message": "Upload successful!" "message": "Upload successful!"
@@ -87,10 +96,20 @@ async def uploadSBOM(
sbom = await file.read() sbom = await file.read()
try: try:
loadToDTrackAndDefectDojo(app.state.config, projectName, projectVersion, projectClassifier, projectDescription, 1, sbom, reimport) sbomJson = json.loads(sbom)
sbom = json.dumps(sbomJson)
loadToDTrackAndDefectDojo(app.state.config, projectName, projectVersion, projectClassifier, projectDescription, 1, str(sbom), reimport)
logger.info("Done.") logger.info("Done.")
except json.decoder.JSONDecodeError as e:
logger.warning(f"uploadSBOM, JSONDecodeError: {e.msg=}")
raise HTTPException(status_code=400, detail=f"JSON decoding error: {e.msg=}, {e.doc=}, {e.pos=}, {e.lineno=}, {e.colno=}")
except ApiException as e: except ApiException as e:
logger.warning(f"uploadSBOM, ApiException: {e.status=}, {e.reason=}, {e.body=}")
raise HTTPException(status_code=e.status, detail=f"{e.reason=}, {e.body=}, {e.data=}") raise HTTPException(status_code=e.status, detail=f"{e.reason=}, {e.body=}, {e.data=}")
except Exception as e:
logger.warning(f"uploadSBOM, Exception: {type(e)=}, {str(e)=}, {e.msg=}")
raise HTTPException(status_code=500, detail=f"Exception: {type(e)=}, {str(e)=}, {e.msg=}")
return JSONResponse(content={ return JSONResponse(content={
"message": "Upload successful!" "message": "Upload successful!"