form for upload, fix

.gitlab-ci.yml

@@ -79,6 +79,7 @@ generate-defectdojo-api:
   rules:
     - if: '$CI_COMMIT_BRANCH == "main" || $CI_COMMIT_BRANCH == "production_deployment"'
   script:
+    - IMAGE_NAME=$IMAGE_NAME_PREFIX"-"$IMAGE_NAME_SUFFIX
     - docker build --build-arg ADDITIONAL_CA_URL="$KROHNE_CA_URL"
                    --build-arg ADDITIONAL_CA_CHECKSUM=$KROHNE_CA_CHECKSUM
                    --tag $IMAGE_NAME:latest-$CI_COMMIT_BRANCH

src/entrypoint-server.sh

@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/sh
 
 source /opt/app/.venv/bin/activate
 

src/requirements.txt

@@ -5,3 +5,4 @@ cyclonedx-python-lib==10.4.1
 fastapi==0.116.1
 gunicorn==23.0.0
 uvicorn==0.35.0
+python-multipart==0.0.20

src/sbom_dt_dd.py

@@ -17,12 +17,13 @@ import dependencytrack_api
 from dependencytrack_api.rest import ApiException as DependencyTrackApiException
 
 class ApiException(Exception):
-    def __init__(self, status, reason, body, data, headers):
+    def __init__(self, cause):
-        self.status = status
+        self.cause = cause
-        self.reason = reason
+        self.status = cause.status
-        self.body = body
+        self.reason = cause.reason
-        self.data = data
+        self.body = cause.body
-        self.headers = None
+        self.data = cause.data
+        self.headers = cause.headers
 
 class ApiCallExecutor:
     def __init__(self, verbose):
@@ -50,7 +51,7 @@ class DefectDojoApiClient(defectdojo_api.ApiClient, ApiCallExecutor):
         try:
             return self.innerExecuteApiCall(ApiClass, EndpointMethod, RequestClass, requestParams, additionalParams)
         except defectdojo_api.exceptions.ApiException as e:
-            raise ApiException(e.status, e.reason, e.body, e.data, e.headers)
+            raise ApiException(e)
 
 class DependencyTrackApiClient(dependencytrack_api.ApiClient, ApiCallExecutor):
     def __init__(self, config, verbose):
@@ -61,7 +62,7 @@ class DependencyTrackApiClient(dependencytrack_api.ApiClient, ApiCallExecutor):
         try:
             return self.innerExecuteApiCall(ApiClass, EndpointMethod, RequestClass, requestParams, additionalParams)
         except dependencytrack_api.exceptions.ApiException as e:
-            raise ApiException(e.status, e.reason, e.body, e.data, e.headers)
+            raise ApiException(e)
 
 
 

src/sbom_dt_dd_api.py

@@ -2,15 +2,17 @@ import os
 import json
 import yaml
 from loguru import logger
-from fastapi import FastAPI, UploadFile, File, Form, HTTPException
+from fastapi import FastAPI, UploadFile, File, Form, HTTPException, Request
-from fastapi.responses import JSONResponse
+from fastapi.responses import JSONResponse, HTMLResponse
+from fastapi.templating import Jinja2Templates
 from converter import minimalSbomFormatConverter
 from sbom_dt_dd import generateSBOM, loadToDTrackAndDefectDojo, ApiException
 
 app = FastAPI(
     title="SBOM DTrack DefectDojo Synchronization API",
     version="0.0.1",
-    description=""
+    description="",
+    root_path="/sbom-integrator/v1"
 )
 
 config = {}
@@ -26,31 +28,103 @@ except KeyError as e:
 app.state.config = config
 
 
-@app.get("/hello")
+@app.get("/upload-form", response_class=HTMLResponse)
-async def say_hello(name: str):
+async def upload_form(request: Request):
     """
-    Returns a friendly greeting.
+    Route serving an HTML page with the upload form
-    ---
-    parameters:
-      - name: name
-        in: query
-        required: true
-        schema:
-          type: string
-    responses:
-      200:
-        description: Successful Response
-        content:
-          application/json:
-            schema:
-              type: object
-              properties:
-                message:
-                  type: string
     """
-    return JSONResponse(content={"message": f"Hello, {name}!"})
+    # BY AWARE OF THE HARDCODED ROOT_PATH BELOW
+    html_content = """
+        <!DOCTYPE html>
+    <html lang="en">
+    <head>
+        <meta charset="UTF-8">
+        <title>Upload Minimal SBOM</title>
+    </head>
+    <body>
+        <h1>Upload Minimal SBOM</h1>
+        <form id="sbomForm">
+            <label for="file">Select SBOM file:</label><br>
+            <input type="file" id="file" name="file" required><br><br>
+            
+            <label for="reimport">Reimport:</label>
+            <select name="reimport" id="reimport">
+                <option value="true">true</option>
+                <option value="false" selected>false</option>
+            </select><br><br>
+            
+            <button type="submit">Upload SBOM</button>
+        </form>
+        
+        <div id="result"></div>
 
-@app.post("/uploadMinimalSBOM/")
+        <script>
+        document.getElementById("sbomForm").addEventListener("submit", async function(event) {
+            event.preventDefault();
+
+            let form = document.getElementById("sbomForm");
+            let formData = new FormData(form);
+
+            try {
+                let response = await fetch("/sbom-integrator/v1/upload-minimal-sbom/", {
+                    method: "POST",
+                    body: formData
+                });
+
+                let resultDiv = document.getElementById("result");
+
+                if (response.ok) {
+                    let data = await response.json();
+                    resultDiv.innerHTML = "<p style='color:green;'>Upload successful</p>";
+                } else {
+                    let errorData = await response.json();
+                    let detail = errorData.detail;
+
+                    // Dynamisch HTML generieren
+                    let html = "<p style='color:red;'>Upload failed:</p><ul>";
+
+                    for (const [key, value] of Object.entries(detail)) {
+                        html += "<li style='color:red'><strong>" + key + ":</strong> " + formatValue(value) + "</li>";
+                    }
+
+                    html += "</ul>";
+                    resultDiv.innerHTML = html;
+                }
+            } catch (error) {
+                console.log(error);
+                document.getElementById("result").innerHTML = "<p style='color:red;'>Error: " + error + "</p>";
+            }
+        });
+
+        // Hilfsfunktion für verschachtelte Objekte
+        function formatValue(value) {
+            if (typeof value === 'object' && value !== null) {
+                return "<pre>" + escapeHtml(JSON.stringify(value, null, 2)) + "</pre>";
+            } else {
+                return escapeHtml(value);
+            }
+        }
+        function escapeHtml(unsafe) {
+            if (unsafe === null || unsafe === undefined) {
+                return '';
+            }
+            return String(unsafe)
+                .replace(/&/g, "&amp;")
+                .replace(/</g, "&lt;")
+                .replace(/>/g, "&gt;")
+                .replace(/"/g, "&quot;")
+                .replace(/'/g, "&#39;");
+        }
+
+        </script>
+    </body>
+    </html>
+
+    """
+    return HTMLResponse(content=html_content)
+
+
+@app.post("/upload-minimal-sbom/")
 async def uploadMinimalSBOM(
     file: UploadFile = File(...),
     reimport: bool = Form(...)
@@ -69,19 +143,44 @@ async def uploadMinimalSBOM(
         logger.info("Done.")
     except yaml.scanner.ScannerError as e:
         logger.warning(f"uploadMinimalSBOM, yaml ScannerError: {e.context=}, {e.context_mark=}, {e.problem=}, {e.problem_mark=}, {e.note=}")
-        raise HTTPException(status_code=400, detail=f"yaml ScannerError: {e.context=}, {e.context_mark=}, {e.problem=}, {e.problem_mark=}, {e.note=}")
+        raise HTTPException(
+            status_code=400,
+            detail={
+                "error": "yaml ScannerError",
+                "context": e.context,
+                "context_mark": str(e.context_mark),
+                "problem": e.problem,
+                "problem_mark": str(e.problem_mark),
+                "note": e.note
+            }
+        )
     except ApiException as e:
-        logger.warning(f"uploadMinimalSBOM, ApiException: {e.status=}, {e.reason=}, {e.body=}")
+        logger.warning(f"uploadMinimalSBOM, ApiException: {type(e.cause)=}, {e.status=}, {e.reason=}, {e.body=}")
-        raise HTTPException(status_code=e.status, detail=f"{e.reason=}, {e.body=}, {e.data=}")
+        raise HTTPException(
+            status_code=e.status,
+            detail={
+                "type": str(type(e.cause)),
+                "reason": e.reason,
+                "body": e.body,
+                "data": e.data
+            }
+        )
     except Exception as e:
-        logger.warning(f"uploadMinimalSBOM, Exception: {type(e)=}, {str(e)=}, {e.msg=}")
+        logger.warning(f"uploadMinimalSBOM, Exception: {type(e)=}, {str(e)=}")
-        raise HTTPException(status_code=500, detail=f"Exception: {type(e)=}, {str(e)=}, {e.msg=}")
+        raise HTTPException(
+            status_code=500,
+            detail={
+                "error": "Exception occurred",
+                "type": str(type(e)),
+                "message": str(e)
+            }
+        )
 
     return JSONResponse(content={
         "message": "Upload successful!"
     })
 
-@app.post("/uploadSBOM/")
+@app.post("/upload-sbom/")
 async def uploadSBOM(
     file: UploadFile = File(...),
     projectName: str = Form(...),
@@ -103,13 +202,38 @@ async def uploadSBOM(
         logger.info("Done.")
     except json.decoder.JSONDecodeError as e:
         logger.warning(f"uploadSBOM, JSONDecodeError: {e.msg=}")
-        raise HTTPException(status_code=400, detail=f"JSON decoding error: {e.msg=}, {e.doc=}, {e.pos=}, {e.lineno=}, {e.colno=}")
+        raise HTTPException(
+            status_code=400,
+            detail={
+                "error": "JSON decoding error",
+                "msg": e.msg,
+                "doc": e.doc,
+                "pos": e.pos,
+                "lineno": e.lineno,
+                "colno": e.colno
+            }
+        )
     except ApiException as e:
-        logger.warning(f"uploadSBOM, ApiException: {e.status=}, {e.reason=}, {e.body=}")
+        logger.warning(f"uploadSBOM, ApiException: {type(e.cause)=}, {e.status=}, {e.reason=}, {e.body=}")
-        raise HTTPException(status_code=e.status, detail=f"{e.reason=}, {e.body=}, {e.data=}")
+        raise HTTPException(
+            status_code=e.status,
+            detail={
+                "type": str(type(e.cause)),
+                "reason": e.reason,
+                "body": e.body,
+                "data": e.data
+            }
+        )
     except Exception as e:
-        logger.warning(f"uploadSBOM, Exception: {type(e)=}, {str(e)=}, {e.msg=}")
+        logger.warning(f"uploadSBOM, Exception: {type(e)=}, {str(e)=}")
-        raise HTTPException(status_code=500, detail=f"Exception: {type(e)=}, {str(e)=}, {e.msg=}")
+        raise HTTPException(
+            status_code=500,
+            detail={
+                "error": "Exception occurred",
+                "type": str(type(e)),
+                "message": str(e)
+            }
+        )
 
     return JSONResponse(content={
         "message": "Upload successful!"