pkgs/by-name/de/dependency-track/package.nix

   1 {
   2   lib,
   3   buildNpmPackage,
   4   fetchFromGitHub,
   5   nodejs_20,
   6   jre_headless,
   7   protobuf,
   8   cyclonedx-cli,
   9   makeWrapper,
  10   maven,
  11   nix-update-script,
  12   nixosTests,
  13 }:
  14 let
  15   version = "4.12.2";
  16
  17   frontend = buildNpmPackage {
  18     pname = "dependency-track-frontend";
  19     inherit version;
  20
  21     # TODO: pinned due to build error on node 22
  22     nodejs = nodejs_20;
  23
  24     src = fetchFromGitHub {
  25       owner = "DependencyTrack";
  26       repo = "frontend";
  27       rev = version;
  28       hash = "sha256-M7UtyhIuEi6ebkjO8OM0VVi8LQ+VqeVIzBgQwIzSAzg=";
  29     };
  30
  31     npmDepsHash = "sha256-ZU5D3ZXLaZ1m2YP6uZmpzahP2JQPL9tdOHOyN9fp/XA=";
  32     forceGitDeps = true;
  33     makeCacheWritable = true;
  34
  35     # The prepack script runs the build script, which we'd rather do in the build phase.
  36     npmPackFlags = [ "--ignore-scripts" ];
  37   };
  38 in
  39
  40 maven.buildMavenPackage rec {
  41   inherit version;
  42   pname = "dependency-track";
  43
  44   src = fetchFromGitHub {
  45     owner = "DependencyTrack";
  46     repo = "dependency-track";
  47     rev = version;
  48     hash = "sha256-wn4HnOFhV02oq66LwBIOVzU+ehXemCuzOWcDASG/47c=";
  49   };
  50
  51   patches = [
  52     ./0000-remove-frontend-download.patch
  53     ./0001-add-junixsocket.patch
  54   ];
  55
  56   postPatch = ''
  57     substituteInPlace pom.xml \
  58       --replace-fail '<protocArtifact>''${tool.protoc.version}</protocArtifact>' \
  59       "<protocCommand>${protobuf}/bin/protoc</protocCommand>"
  60   '';
  61
  62   mvnJdk = jre_headless;
  63   mvnHash = "sha256-x1/b8LoXyGxCQiu7QB60XSpiufTk/y4492mOraFnRKY=";
  64   manualMvnArtifacts = [ "com.coderplus.maven.plugins:copy-rename-maven-plugin:1.0.1" ];
  65   buildOffline = true;
  66
  67   mvnDepsParameters = lib.escapeShellArgs [
  68     "-Dmaven.test.skip=true"
  69     "-P enhance"
  70     "-P embedded-jetty"
  71   ];
  72
  73   mvnParameters = lib.escapeShellArgs [
  74     "-Dmaven.test.skip=true"
  75     "-P enhance"
  76     "-P embedded-jetty"
  77     "-P bundle-ui"
  78     "-Dservices.bom.merge.skip=false"
  79     "-Dlogback.configuration.file=${src}/src/main/docker/logback.xml"
  80     "-Dcyclonedx-cli.path=${lib.getExe cyclonedx-cli}"
  81   ];
  82
  83   preBuild = ''
  84     mkdir -p frontend
  85     cp -r ${frontend}/lib/node_modules/@dependencytrack/frontend/dist frontend/
  86   '';
  87
  88   afterDepsSetup = ''
  89     mvn cyclonedx:makeBom -Dmaven.repo.local=$mvnDeps/.m2 \
  90       org.codehaus.mojo:exec-maven-plugin:exec@merge-services-bom
  91   '';
  92
  93   doCheck = false;
  94
  95   nativeBuildInputs = [ makeWrapper ];
  96
  97   installPhase = ''
  98     runHook preInstall
  99
 100     install -Dm644 target/dependency-track-*.jar $out/share/dependency-track/dependency-track.jar
 101     makeWrapper ${jre_headless}/bin/java $out/bin/dependency-track \
 102       --add-flags "-jar $out/share/dependency-track/dependency-track.jar"
 103
 104     runHook postInstall
 105   '';
 106
 107   passthru = {
 108     # passthru for nix-update
 109     inherit (frontend) npmDeps;
 110     tests = {
 111       inherit (nixosTests) dependency-track;
 112     };
 113     updateScript = nix-update-script { };
 114   };
 115
 116   meta = {
 117     description = "Intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain";
 118     homepage = "https://github.com/DependencyTrack/dependency-track";
 119     license = lib.licenses.asl20;
 120     maintainers = lib.teams.cyberus.members;
 121     mainProgram = "dependency-track";
 122     inherit (jre_headless.meta) platforms;
 123   };
 124 }