| blob | ab0d78827286df7831e7351e369151ac486b82cd |
1 import ./make-test-python.nix (
2 { pkgs, ... }:
3 let
4 dependencyTrackPort = 8081;
5 in
6 {
7 name = "dependency-track";
8 meta = {
9 maintainers = pkgs.lib.teams.cyberus.members;
10 };
12 nodes = {
13 server =
14 { pkgs, ... }:
15 {
16 virtualisation = {
17 cores = 2;
18 diskSize = 4096;
19 };
21 environment.systemPackages = with pkgs; [ curl ];
22 systemd.services.dependency-track = {
23 # source: https://github.com/DependencyTrack/dependency-track/blob/37e0ba59e8057c18a87a7a76e247a8f75677a56c/dev/scripts/data-nist-generate-dummy.sh
24 preStart = ''
25 set -euo pipefail
27 NIST_DIR="$HOME/.dependency-track/nist"
29 rm -rf "$NIST_DIR"
30 mkdir -p "$NIST_DIR"
32 for feed in $(seq "2024" "2002"); do
33 touch "$NIST_DIR/nvdcve-1.1-$feed.json.gz"
34 echo "9999999999999" > "$NIST_DIR/nvdcve-1.1-$feed.json.gz.ts"
35 done
36 '';
37 };
38 services.dependency-track = {
39 enable = true;
40 port = dependencyTrackPort;
41 nginx.domain = "localhost";
42 database.passwordFile = "${pkgs.writeText "dbPassword" ''hunter2'THE'''H''''E''}";
43 };
44 };
45 };
47 testScript = ''
48 import json
50 start_all()
52 server.wait_for_unit("dependency-track.service")
53 server.wait_until_succeeds(
54 "journalctl -o cat -u dependency-track.service | grep 'Dependency-Track is ready'"
55 )
56 server.wait_for_open_port(${toString dependencyTrackPort})
58 with subtest("version api returns correct version"):
59 version = json.loads(
60 server.succeed("curl http://localhost/api/version")
61 )
62 assert version["version"] == "${pkgs.dependency-track.version}"
63 '';
64 }
65 )