Skip to content

Commit

Permalink
Merge pull request #114 from siemens/development
Browse files Browse the repository at this point in the history
Continuous Clearing Release V6.0.1 +semver: patch
  • Loading branch information
karthika-g authored Jan 25, 2024
2 parents 9d4af5b + 31d37e3 commit 51eaa76
Show file tree
Hide file tree
Showing 15 changed files with 110 additions and 30 deletions.
18 changes: 9 additions & 9 deletions .github/workflows/compile.yml
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ jobs:
id: gitversion
run: |
echo "SemVer: v$($env:GitVersion_SemVer)"
Write-Host "::set-output name=semver::v$($env:GitVersion_SemVer)"
Write-Host "::set-output name=semver::$($env:GitVersion_MajorMinorPatch)"
$fileName = "dummy-v$($env:GitVersion_SemVer)"
echo "SemVerMMP: v$($env:GitVersion_MajorMinorPatch)"
Write-Host "Filename: '$fileName'"
Expand Down Expand Up @@ -94,7 +94,7 @@ jobs:
$sourceFolder = Join-Path $env:GITHUB_WORKSPACE "out" | Join-Path -ChildPath "*"
$outFolder = Join-Path $env:GITHUB_WORKSPACE "out" | Join-Path -ChildPath "continuous-clearing"
New-Item -ItemType Directory -Force -Path $outFolder
$fileName = "continuous-clearing-6.0.0.zip"
$fileName = "continuous-clearing-v$($env:GitVersion_MajorMinorPatch).zip"
Write-Host "Filename: '$fileName'"
Write-Host "sourceFolder: '$sourceFolder'"
Write-Host "Outfolder: '$outFolder'"
Expand Down Expand Up @@ -138,8 +138,8 @@ jobs:
- name: Create Nuget Packages
id: createNupkg
run: |
nuget pack CA.nuspec -Version 6.0.0
Write-Host "::set-output name=nupkg-LicenseClearingTool::continuous-clearing.6.0.0.nupkg"
nuget pack CA.nuspec -Version $($env:GitVersion_MajorMinorPatch)
Write-Host "::set-output name=nupkg-LicenseClearingTool::continuous-clearing$($env:GitVersion_MajorMinorPatch).nupkg"
- name: Archive NuGet Packages
uses: actions/upload-artifact@v2
Expand All @@ -152,9 +152,9 @@ jobs:
id: builddocker
#if: ${{ false }} # disable for now
run: |
docker build . --file Dockerfile --tag ${{ github.repository }}:continuous-clearing-v6.0.0
docker save ${{ github.repository }}:continuous-clearing-v6.0.0 -o continuous-clearing-v6.0.0.tar
Write-Host "::set-output name=docker-LicenseClearingTool::continuous-clearing-v6.0.0.tar"
docker build . --file Dockerfile --tag ${{ github.repository }}:continuous-clearing-v$($env:GitVersion_MajorMinorPatch)
docker save ${{ github.repository }}:continuous-clearing-v$($env:GitVersion_MajorMinorPatch) -o continuous-clearing-v$($env:GitVersion_MajorMinorPatch).tar
Write-Host "::set-output name=docker-LicenseClearingTool::continuous-clearing-v$($env:GitVersion_MajorMinorPatch).tar"
- name: Archive docker image
#if: ${{ false }} # disable for now
Expand Down Expand Up @@ -195,9 +195,9 @@ jobs:
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: v6.0.0
tag_name: v$($env:GitVersion_MajorMinorPatch)
#tag_name: ${{ needs.build.outputs.semver }}
release_name: Release v6.0.0
release_name: Release v$($env:GitVersion_MajorMinorPatch)
body: |
${{ github.event.head_commit.message }}
draft: true
Expand Down
4 changes: 2 additions & 2 deletions CA.nuspec
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
<?xml version="1.0"?>
<!--SPDX-FileCopyrightText: 2023 Siemens AG
<!--SPDX-FileCopyrightText: 2024 Siemens AG
SPDX-License-Identifier: MIT-->
<package >
<metadata>
<id>continuous-clearing</id>
<version>6.0.0</version>
<version>6.0.1</version>
<authors>Siemens AG</authors>
<owners>continuous-clearing contributors</owners>
<projectUrl>https://github.com/siemens/continuous-clearing</projectUrl>
Expand Down
2 changes: 1 addition & 1 deletion Dockerfile
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# SPDX-FileCopyrightText: 2023 Siemens AG
# SPDX-FileCopyrightText: 2024 Siemens AG
# SPDX-License-Identifier: MIT

# Get parent image as latest debian patch of bullseye
Expand Down
2 changes: 1 addition & 1 deletion LICENSE
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
MIT LICENSE

Copyright (c) Siemens AG 2023
Copyright (c) Siemens AG 2024

Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the "Software"),
Expand Down
2 changes: 1 addition & 1 deletion MAINTAINERS
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# SPDX-FileCopyrightText: 2023 Siemens AG
# SPDX-FileCopyrightText: 2024 Siemens AG
# SPDX-License-Identifier: MIT

Vijayalakshmi027<[email protected]>
Expand Down
31 changes: 31 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,38 @@ To ensure such practises are in place, we need to provide software bill of mater
This tool has been logically split into 3 different executables that enable it to be used as separate modules as per the user's requirement.

**_Note: Continuous Clearing Tool internally uses [Syft](https://github.com/anchore/syft) for component detection for debian type projects._**

# SEPP Integration with Continuous Clearing Tool

The Continuous Clearing Tool incorporates SEPP tool functionalities, seamlessly integrated into the [Artifactory uploader](https://github.com/siemens/continuous-clearing/blob/main/doc/usagedocimg/artifactoryuploader.PNG).
This integration ensures
- Software License Clearing is done.
- No pre-release versions of re-use components are used.
- Trace-ability is guaranteed

### What is SEPP tool performing currently ?

* Check for third-party packages in artifactory
* Move internal packages from energy-dev- to energy-release- repos/
* Clone Git repositories.
* Export JSON file for Long term Archiving (LTA-Export)

### What are the existing functionalities of Continuous Clearing Tool ?

* Check for third party packages
* Identification of correct source code from github
* Creating third party components in SW360
* Triggering source code scan in FOSSology
* Copy cleared third party components from remote repo to SIPARTY release repo.

### Which functionality of SEPP did Continuous Clearing adapt newly ?

* Move internal packages from energy-dev-* to energy-release-* repos
* Copy development dependency packages to siparty-devdep-* repos

### What happens to SEPP now ?

Currently LTA support is not provided for SBOM, hence until that is implemented SEPP will coexist with continuous clearing tool .Once the implementation is done SEPP will eventually phase out.
# Package Installation

### Install from GitHub Release (Official)
Expand Down
32 changes: 32 additions & 0 deletions doc/UsageDoc/CA_UsageDocument.md
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,38 @@ The Continuous Clearing Tool helps the Project Manager/Developer to automate the

Continuous Clearing Tool reduces the effort in creating components in SW360 and identifying the matching source codes from the public repository. Tool eliminates the manual error while creating component and identifying correct version of source code from public repository. Continuous Clearing Tool harmonize the creation of 3P components in SW360 by filling necessary information.

# SEPP Integration with Continuous Clearing Tool

The Continuous Clearing Tool incorporates SEPP tool functionalities, seamlessly integrated into the [Artifactory uploader](../usagedocimg/artifactoryuploader.PNG).
This integration ensures
- Software License Clearing is done.
- No pre-release versions of re-use components are used.
- Trace-ability is guaranteed

### What is SEPP tool performing currently ?

* Check for third-party packages in artifactory
* Move internal packages from energy-dev- to energy-release- repos/
* Clone Git repositories.
* Export JSON file for Long term Archiving (LTA-Export)

### What are the existing functionalities of Continuous Clearing Tool ?

* Check for third party packages
* Identification of correct source code from github
* Creating third party components in SW360
* Triggering source code scan in FOSSology
* Copy cleared third party components from remote repo to SIPARTY release repo.

### Which functionality of SEPP did Continuous Clearing adapt newly ?

* Move internal packages from energy-dev-* to energy-release-* repos
* Copy development dependency packages to siparty-devdep-* repos

### What happens to SEPP now ?

Currently LTA support is not provided for SBOM, hence until that is implemented SEPP will coexist with continuous clearing tool .Once the implementation is done SEPP will eventually phase out.

# Continuous Clearing Tool workflow diagram

- Package Identifier
Expand Down
2 changes: 1 addition & 1 deletion src/ArtifactoryUploader/ArtifactoryUploader.cs
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ public static class ArtfactoryUploader
public static async Task<HttpResponseMessage> UploadPackageToRepo(ComponentsToArtifactory component, int timeout)
{
Logger.Debug("Starting UploadPackageToArtifactory method");
string operationType = component.PackageType == PackageType.ClearedThirdParty ? "copy" : "move";
string operationType = component.PackageType == PackageType.ClearedThirdParty || component.PackageType == PackageType.Development ? "copy" : "move";
string dryRunSuffix = component.DryRun ? " dry-run" : "";
HttpResponseMessage responsemessage = new HttpResponseMessage();
try
Expand Down
6 changes: 3 additions & 3 deletions src/ArtifactoryUploader/Model/UploaderKpiData.cs
Original file line number Diff line number Diff line change
Expand Up @@ -39,13 +39,13 @@ public class UploaderKpiData
[DisplayName(@"Time taken by ComponentCreator")]
public double TimeTakenByComponentCreator { get; set; }

[DisplayName(@"Development Packages to be Moved to Siparty DevDep Repo")]
[DisplayName(@"Development Packages to be Copied to Siparty DevDep Repo")]
public int DevPackagesToBeUploaded { get; set; }

[DisplayName(@"Development Packages Moved to Siparty DevDep Repo")]
[DisplayName(@"Development Packages Copied to Siparty DevDep Repo")]
public int DevPackagesUploaded { get; set; }

[DisplayName(@"Development Packages Not Moved to Siparty DevDep Repo")]
[DisplayName(@"Development Packages Not Copied to Siparty DevDep Repo")]
public int DevPackagesNotUploadedToJfrog { get; set; }

[DisplayName(@"Internal Packages to be Moved")]
Expand Down
8 changes: 5 additions & 3 deletions src/ArtifactoryUploader/PackageUploadHelper.cs
Original file line number Diff line number Diff line change
Expand Up @@ -392,7 +392,7 @@ private static async Task PackageUploadToArtifactory(UploaderKpiData uploaderKpi
{
if (!(item.SrcRepoName.Contains("Not Found in JFrog")))
{
string operationType = item.PackageType == PackageType.ClearedThirdParty ? "copy" : "move";
string operationType = item.PackageType == PackageType.ClearedThirdParty || item.PackageType == PackageType.Development ? "copy" : "move";
ArtfactoryUploader.jFrogService = jFrogService;
HttpResponseMessage responseMessage = await ArtfactoryUploader.UploadPackageToRepo(item, timeout);

Expand All @@ -402,16 +402,18 @@ private static async Task PackageUploadToArtifactory(UploaderKpiData uploaderKpi
}
else if (responseMessage.ReasonPhrase == ApiConstant.PackageNotFound)
{
Logger.Error($"Package {item.Name}-{item.Version} not found in remote cache, Upload Failed!!");
Logger.Error($"Package {item.Name}-{item.Version} not found in {item.SrcRepoName}, Upload Failed!!");
IncrementCountersBasedOnPackageType(uploaderKpiData, packageType, false);
item.DestRepoName = null;
SetWarningCode = true;
}
else if (responseMessage.ReasonPhrase == ApiConstant.ErrorInUpload)
{
Logger.Error($"Package {item.Name}-{item.Version} {operationType} Failed!!");
Logger.Error($"Package {item.Name}-{item.Version} {operationType} Failed!! {item.SrcRepoName} ---> {item.DestRepoName}");
IncrementCountersBasedOnPackageType(uploaderKpiData, packageType, false);
item.DestRepoName = null;
var responseContent = await responseMessage.Content.ReadAsStringAsync();
Logger.Debug($"JFrog Response - {responseContent}");
}
else
{
Expand Down
7 changes: 7 additions & 0 deletions src/ArtifactoryUploader/PackageUploader.cs
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,13 @@ public static async Task UploadPackageToArtifactory(CommonAppSettings appSetting
uploaderKpiData.TimeTakenByComponentCreator =
TimeSpan.FromMilliseconds(Program.UploaderStopWatch.ElapsedMilliseconds).TotalSeconds;
Logger.Debug($"UploadPackageToArtifactory():End");

// set the error code
if(uploaderKpiData.PackagesNotUploadedDueToError > 0 || uploaderKpiData.PackagesNotExistingInRemoteCache > 0)
{
Environment.ExitCode = 2;
Logger.Debug("Setting ExitCode to 2");
}
}
}
}
2 changes: 1 addition & 1 deletion src/LCT.Common/appSettings.json
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
// --------------------------------------------------------------------------------------------------------------------

{
"CaVersion": "6.0.0",
"CaVersion": "6.0.1",
"TimeOut": 200,
"ProjectType": "<Insert ProjectType>",
"SW360ProjectName": "<Insert SW360 Project Name>",
Expand Down
7 changes: 5 additions & 2 deletions src/SW360IntegrationTest/Conan/ArtifactoryUploaderConan.cs
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ public void TestArtifactoryUploaderexe()
string comparisonBOMPath = OutFolder + @"\..\..\TestFiles\IntegrationTestFiles\ArtifactoryUploaderTestData\ConanComparisonBOM.json";

// Test BOM Creator ran with exit code 0
Assert.AreEqual(0, TestHelper.RunArtifactoryUploaderExe(new string[]{
int result = TestHelper.RunArtifactoryUploaderExe(new string[]{
TestConstant.BomFilePath, comparisonBOMPath,
TestConstant.SW360ProjectName, testParameters.SW360ProjectName,
TestConstant.ArtifactoryUser, testParameters.ArtifactoryUploadUser,
Expand All @@ -29,7 +29,10 @@ public void TestArtifactoryUploaderexe()
TestConstant.JfrogConanInternalDestRepoName,testParameters.InternalDestinationRepoName,
TestConstant.JFrogApiURL,testParameters.JfrogApi,
TestConstant.Release, false.ToString()
}),
});

// Test BOM Creator ran with exit code 0 or 2 (Warning)
Assert.IsTrue(result == 0 || result == 2,
"Test to run Artifactory Uploader EXE execution");
}

Expand Down
8 changes: 5 additions & 3 deletions src/SW360IntegrationTest/Maven/ArtifactoryUploaderMaven.cs
Original file line number Diff line number Diff line change
Expand Up @@ -24,8 +24,7 @@ public void TestArtifactoryUploaderexe()
OutFolder = TestHelper.OutFolder;
string comparisonBOMPath = OutFolder + @"\..\..\TestFiles\MavenTestFile\ArtifactoryUploaderTestData\MavenComparisonBOM.json";

// Test BOM Creator ran with exit code 0
Assert.AreEqual(0, TestHelper.RunArtifactoryUploaderExe(new string[]{
int result = TestHelper.RunArtifactoryUploaderExe(new string[]{
TestConstant.BomFilePath, comparisonBOMPath,
TestConstant.SW360ProjectName, testParameters.SW360ProjectName,
TestConstant.ArtifactoryUser, testParameters.ArtifactoryUploadUser,
Expand All @@ -35,7 +34,10 @@ public void TestArtifactoryUploaderexe()
TestConstant.JfrogMavenInternalDestRepoName,testParameters.InternalDestinationRepoName,
TestConstant.JFrogApiURL,testParameters.JfrogApi,
TestConstant.Release, false.ToString()
}),
});

// Test BOM Creator ran with exit code 0 or 2 (Warning)
Assert.IsTrue(result == 0 || result == 2,
"Test to run Artifactory Uploader EXE execution");
}
[Test, Order(2)]
Expand Down
9 changes: 6 additions & 3 deletions src/SW360IntegrationTest/NPM/ArtifactoryUploaderNpm.cs
Original file line number Diff line number Diff line change
Expand Up @@ -24,8 +24,8 @@ public void TestArtifactoryUploaderexe()
OutFolder = TestHelper.OutFolder;
string comparisonBOMPath = OutFolder + @"\..\..\TestFiles\IntegrationTestFiles\ArtifactoryUploaderTestData\NPMComparisonBOM.json";

// Test BOM Creator ran with exit code 0
Assert.AreEqual(0, TestHelper.RunArtifactoryUploaderExe(new string[]{

int result = TestHelper.RunArtifactoryUploaderExe(new string[]{
TestConstant.BomFilePath, comparisonBOMPath,
TestConstant.SW360ProjectName, testParameters.SW360ProjectName,
TestConstant.ArtifactoryUser, testParameters.ArtifactoryUploadUser,
Expand All @@ -35,7 +35,10 @@ public void TestArtifactoryUploaderexe()
TestConstant.JfrogNpmInternalDestRepoName,testParameters.InternalDestinationRepoName,
TestConstant.JFrogApiURL,testParameters.JfrogApi,
TestConstant.Release, false.ToString()
}),
});

// Test BOM Creator ran with exit code 0 or 2 (Warning)
Assert.IsTrue(result == 0 || result == 2,
"Test to run Artifactory Uploader EXE execution");
}

Expand Down

0 comments on commit 51eaa76

Please sign in to comment.