Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

JfrogPythonDestRepoName field added #96

Merged
merged 3 commits into from
Oct 13, 2023
Merged

JfrogPythonDestRepoName field added #96

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
ced3945
JfrogPythonDestRepoName field added
Oct 10, 2023
b84ff57
Merge branch 'development' into Python_forSw360CompCreator
karthika-g Oct 10, 2023
b255468
UsageDoc/CA_UsageDocument.md Updated
karthika-g Oct 10, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 14 additions & 8 deletions doc/UsageDoc/CA_UsageDocument.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@
<!--te-->
# Introduction

The Continuous Clearing Tool helps the Project Manager/Developer to automate the sw360 clearing process of 3rd party components. This tool scans and identifies the third-party components used in a NPM, NUGET, MAVEN and Debian projects and makes an entry in SW360, if it is not present. Continuous Clearing Tool links the components to the respective project and creates job for code scan in FOSSology.The output is an SBOM file which has a nested description of software artifact components and metadata.
The Continuous Clearing Tool helps the Project Manager/Developer to automate the sw360 clearing process of 3rd party components. This tool scans and identifies the third-party components used in a NPM, NUGET, MAVEN,PYTHON and Debian projects and makes an entry in SW360, if it is not present. Continuous Clearing Tool links the components to the respective project and creates job for code scan in FOSSology.The output is an SBOM file which has a nested description of software artifact components and metadata.

Continuous Clearing Tool reduces the effort in creating components in SW360 and identifying the matching source codes from the public repository. Tool eliminates the manual error while creating component and identifying correct version of source code from public repository. Continuous Clearing Tool harmonize the creation of 3P components in SW360 by filling necessary information.

Expand Down Expand Up @@ -161,9 +161,7 @@ Continuous Clearing Tool reduces the effort in creating components in SW360 and
- **Project Type :** **Python**

* Input file repository should contain **poetry.lock** file.

`Note : Python package support in clearing tool is currently only for SBOM discovery and classification.Component Creation and Source code identification is not supported currently`


- **Project Type :** **Debian**

**Note** : below steps is required only if you have `tar` file to process , otherwise you can keep `CycloneDx.json` file in the InputDirectory.
Expand Down Expand Up @@ -208,6 +206,7 @@ Continuous Clearing Tool reduces the effort in creating components in SW360 and
"JfrogNugetDestRepoName": "JfrogNugetDestRepo Name",
"JfrogNpmDestRepoName": "JfrogNpmDestRepo Name",
"JfrogMavenDestRepoName": "JfrogMavenDestRepo Name",
"JfrogPythonDestRepoName": "JfrogPythonDestRepo Name",
"PackageFilePath": "/mnt/Input",
"BomFolderPath": "/mnt/Output",
"BomFilePath":"/mnt/Output/<SW360 Project Name>_Bom.cdx.json",
Expand All @@ -222,9 +221,11 @@ Continuous Clearing Tool reduces the effort in creating components in SW360 and
"InternalRepoList": [
"<Npm Internal Repo Names>", //This should be the internal repo names in JFrog for NPM
"<Nuget Internal Repo Names>",//This should be the internal repo names in JFrog for Nuget
"<Maven Internal Repo Names>",//This should be the internal repo names in JFrog for Maven
"<Python Internal Repo Names>",//This should be the internal repo names in JFrog for Python
],
"Npm": {
"Include": [ "p*-lock.json" ],
"Include": [ "p*-lock.json" ,"*.cdx.json"],
"Exclude": [ "node_modules" ],
"JfrogNpmRepoList": [
"<Npm Remote Cache Repo Name>",//This is a mirror repo for npm registry in JFrog
Expand All @@ -233,7 +234,7 @@ Continuous Clearing Tool reduces the effort in creating components in SW360 and
"ExcludedComponents": []
},
"Nuget": {
"Include": [ "pack*.config", "p*.lock.json" ],
"Include": [ "pack*.config", "p*.assets.json", "*.cdx.json" ],
"Exclude": [],
"JfrogNugetRepoList": [
"<Nuget Remote Cache Repo Name>",//This is a mirror repo for nuget.org in JFrog
Expand All @@ -242,7 +243,7 @@ Continuous Clearing Tool reduces the effort in creating components in SW360 and
"ExcludedComponents": []
},
"Maven": {
"Include": [ "pom.xml" ],
"Include": [ "*.cdx.json" ],
"Exclude": [],
"JfrogMavenRepoList": [
"<Maven Remote Cache Repo Name>",//This is a mirror repo for repo.maven in JFrog
Expand All @@ -258,6 +259,10 @@ Continuous Clearing Tool reduces the effort in creating components in SW360 and
"Python": {
"Include": [ "poetry.lock", "*.cdx.json" ],
"Exclude": [],
"JfrogPythonRepoList": [
<Python Remote Cache Repo Name>, //This is a mirror repo for pypi in JFrog
"<Python Release Repo Name>" //This should be the release pypi in JFrog
],
"ExcludedComponents": []
}
}
Expand Down Expand Up @@ -286,7 +291,8 @@ Description for the settings in `appSettings.json` file
| 17 | --jfrognpmdestreponame | The destination folder name for the NPM package to be copied to | Yes |
| 18 | --jfrognugetdestreponame | The destination folder name for the Nuget package to be copied to | Yes |
| 19 | --jfrogmavendestreponame | The destination folder name for the Maven package to be copied to | Yes | |
| 20 | --timeout | SW360 response timeout value | No | |
| 20 | --jfrogpythondestreponame | The destination folder name for the Python package to be copied to | Yes | |
| 21 | --timeout | SW360 response timeout value | No | |


#### **Method 2**
Expand Down
1 change: 1 addition & 0 deletions src/LCT.Common/appSettings.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@
"JfrogNugetDestRepoName": "<Insert NugetDestRepoName>",
"JfrogNpmDestRepoName": "<Insert NpmDestRepoName>",
"JfrogMavenDestRepoName": "<Insert MavenDestRepoName>",
"JfrogPythonDestRepoName": "<Insert PythonDestRepoName>",
"PackageFilePath": "/PathToInputDirectory", //For Docker run set as /mnt/Input
"BomFolderPath": "/PathToOutputDirectory", //For Docker run set as /mnt/Output
"BomFilePath": "/PathToOutputDirectory/<SW360 Project Name>_Bom.cdx.json",
Expand Down
Loading