pkgs/by-name/de/dependency-track/package.nix

   1 {
   2   lib,
   3   buildNpmPackage,
   4   fetchFromGitHub,
   5   jre_headless,
   6   protobuf,
   7   cyclonedx-cli,
   8   makeWrapper,
   9   maven,
  10   nix-update-script,
  11   nixosTests,
  12 }:
  13 let
  14   version = "4.12.1";
  15
  16   frontend = buildNpmPackage {
  17     pname = "dependency-track-frontend";
  18     inherit version;
  19
  20     src = fetchFromGitHub {
  21       owner = "DependencyTrack";
  22       repo = "frontend";
  23       rev = version;
  24       hash = "sha256-M7UtyhIuEi6ebkjO8OM0VVi8LQ+VqeVIzBgQwIzSAzg=";
  25     };
  26
  27     npmDepsHash = "sha256-ZU5D3ZXLaZ1m2YP6uZmpzahP2JQPL9tdOHOyN9fp/XA=";
  28     forceGitDeps = true;
  29     makeCacheWritable = true;
  30
  31     # The prepack script runs the build script, which we'd rather do in the build phase.
  32     npmPackFlags = [ "--ignore-scripts" ];
  33   };
  34 in
  35
  36 maven.buildMavenPackage rec {
  37   inherit version;
  38   pname = "dependency-track";
  39
  40   src = fetchFromGitHub {
  41     owner = "DependencyTrack";
  42     repo = "dependency-track";
  43     rev = version;
  44     hash = "sha256-Gx7tGkibSu+v4gGKC61EFwUsdruMh0t2gTnnNazjqco=";
  45   };
  46
  47   patches = [
  48     ./0000-remove-frontend-download.patch
  49     ./0001-add-junixsocket.patch
  50   ];
  51
  52   postPatch = ''
  53     substituteInPlace pom.xml \
  54       --replace-fail '<protocArtifact>''${tool.protoc.version}</protocArtifact>' \
  55       "<protocCommand>${protobuf}/bin/protoc</protocCommand>"
  56   '';
  57
  58   mvnJdk = jre_headless;
  59   mvnHash = "sha256-4QtWvsIFiS4d55y45tj3RLE4YYdXLrqpzqS7mOqRWYw=";
  60   manualMvnArtifacts = [ "com.coderplus.maven.plugins:copy-rename-maven-plugin:1.0.1" ];
  61   buildOffline = true;
  62
  63   mvnDepsParameters = lib.escapeShellArgs [
  64     "-Dmaven.test.skip=true"
  65     "-P enhance"
  66     "-P embedded-jetty"
  67   ];
  68
  69   mvnParameters = lib.escapeShellArgs [
  70     "-Dmaven.test.skip=true"
  71     "-P enhance"
  72     "-P embedded-jetty"
  73     "-P bundle-ui"
  74     "-Dservices.bom.merge.skip=false"
  75     "-Dlogback.configuration.file=${src}/src/main/docker/logback.xml"
  76     "-Dcyclonedx-cli.path=${lib.getExe cyclonedx-cli}"
  77   ];
  78
  79   preBuild = ''
  80     mkdir -p frontend
  81     cp -r ${frontend}/lib/node_modules/@dependencytrack/frontend/dist frontend/
  82   '';
  83
  84   afterDepsSetup = ''
  85     mvn cyclonedx:makeBom -Dmaven.repo.local=$mvnDeps/.m2 \
  86       org.codehaus.mojo:exec-maven-plugin:exec@merge-services-bom
  87   '';
  88
  89   doCheck = false;
  90
  91   nativeBuildInputs = [ makeWrapper ];
  92
  93   installPhase = ''
  94     runHook preInstall
  95
  96     install -Dm644 target/dependency-track-*.jar $out/share/dependency-track/dependency-track.jar
  97     makeWrapper ${jre_headless}/bin/java $out/bin/dependency-track \
  98       --add-flags "-jar $out/share/dependency-track/dependency-track.jar"
  99
 100     runHook postInstall
 101   '';
 102
 103   passthru = {
 104     # passthru for nix-update
 105     inherit (frontend) npmDeps;
 106     tests = {
 107       inherit (nixosTests) dependency-track;
 108     };
 109     updateScript = nix-update-script { };
 110   };
 111
 112   meta = {
 113     description = "Intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain";
 114     homepage = "https://github.com/DependencyTrack/dependency-track";
 115     license = lib.licenses.asl20;
 116     maintainers = lib.teams.cyberus.members;
 117     mainProgram = "dependency-track";
 118     inherit (jre_headless.meta) platforms;
 119   };
 120 }