depot/third_party/nixpkgs/pkgs/by-name/de/dependency-track/package.nix

114 lines
2.9 KiB
Nix
Raw Normal View History

{
lib,
buildNpmPackage,
fetchFromGitHub,
jre_headless,
cyclonedx-cli,
makeWrapper,
maven,
nix-update-script,
nixosTests,
}:
let
version = "4.11.7";
frontend = buildNpmPackage {
pname = "dependency-track-frontend";
inherit version;
src = fetchFromGitHub {
owner = "DependencyTrack";
repo = "frontend";
rev = version;
hash = "sha256-hgBDzzG90gunnlZeektzdBIdatNjbkDVmNLbxjyxAXE=";
};
npmDepsHash = "sha256-veyt7fn4g/eh/+2CapQxlEssZP8cQXONpI6sSW299tk=";
forceGitDeps = true;
makeCacheWritable = true;
# The prepack script runs the build script, which we'd rather do in the build phase.
npmPackFlags = [ "--ignore-scripts" ];
};
in
maven.buildMavenPackage rec {
inherit version;
pname = "dependency-track";
src = fetchFromGitHub {
owner = "DependencyTrack";
repo = "dependency-track";
rev = version;
hash = "sha256-BMkn9WnUGs4RxH5I1QQ2UDrlo32JcbfjfFcOG5YogLI=";
};
patches = [
./0000-remove-frontend-download.patch
./0001-add-junixsocket.patch
];
mvnJdk = jre_headless;
mvnHash = "sha256-c/JwBiKsXuWbCm1dTCrVc+V/1G7Eii1mUW8xDyewyLs=";
manualMvnArtifacts = [ "com.coderplus.maven.plugins:copy-rename-maven-plugin:1.0.1" ];
buildOffline = true;
mvnDepsParameters = lib.escapeShellArgs [
"-Dmaven.test.skip=true"
"-P enhance"
"-P embedded-jetty"
];
mvnParameters = lib.escapeShellArgs [
"-Dmaven.test.skip=true"
"-P enhance"
"-P embedded-jetty"
"-P bundle-ui"
"-Dservices.bom.merge.skip=false"
"-Dlogback.configuration.file=${src}/src/main/docker/logback.xml"
"-Dcyclonedx-cli.path=${lib.getExe cyclonedx-cli}"
];
preBuild = ''
mkdir -p frontend
cp -r ${frontend}/lib/node_modules/@dependencytrack/frontend/dist frontend/
'';
afterDepsSetup = ''
mvn cyclonedx:makeBom -Dmaven.repo.local=$mvnDeps/.m2 \
org.codehaus.mojo:exec-maven-plugin:exec@merge-services-bom
'';
doCheck = false;
nativeBuildInputs = [ makeWrapper ];
installPhase = ''
runHook preInstall
install -Dm644 target/dependency-track-*.jar $out/share/dependency-track/dependency-track.jar
makeWrapper ${jre_headless}/bin/java $out/bin/dependency-track \
--add-flags "-jar $out/share/dependency-track/dependency-track.jar"
runHook postInstall
'';
passthru = {
# passthru for nix-update
inherit (frontend) npmDeps;
tests = {
inherit (nixosTests) dependency-track;
};
updateScript = nix-update-script { };
};
meta = {
description = "Intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain";
homepage = "https://github.com/DependencyTrack/dependency-track";
license = lib.licenses.asl20;
maintainers = lib.teams.cyberus.members;
mainProgram = "dependency-track";
inherit (jre_headless.meta) platforms;
};
}