114 lines
2.9 KiB
Nix
114 lines
2.9 KiB
Nix
|
{
|
||
|
lib,
|
||
|
buildNpmPackage,
|
||
|
fetchFromGitHub,
|
||
|
jre_headless,
|
||
|
cyclonedx-cli,
|
||
|
makeWrapper,
|
||
|
maven,
|
||
|
nix-update-script,
|
||
|
nixosTests,
|
||
|
}:
|
||
|
let
|
||
|
version = "4.11.7";
|
||
|
|
||
|
frontend = buildNpmPackage {
|
||
|
pname = "dependency-track-frontend";
|
||
|
inherit version;
|
||
|
|
||
|
src = fetchFromGitHub {
|
||
|
owner = "DependencyTrack";
|
||
|
repo = "frontend";
|
||
|
rev = version;
|
||
|
hash = "sha256-hgBDzzG90gunnlZeektzdBIdatNjbkDVmNLbxjyxAXE=";
|
||
|
};
|
||
|
|
||
|
npmDepsHash = "sha256-veyt7fn4g/eh/+2CapQxlEssZP8cQXONpI6sSW299tk=";
|
||
|
forceGitDeps = true;
|
||
|
makeCacheWritable = true;
|
||
|
|
||
|
# The prepack script runs the build script, which we'd rather do in the build phase.
|
||
|
npmPackFlags = [ "--ignore-scripts" ];
|
||
|
};
|
||
|
in
|
||
|
|
||
|
maven.buildMavenPackage rec {
|
||
|
inherit version;
|
||
|
pname = "dependency-track";
|
||
|
|
||
|
src = fetchFromGitHub {
|
||
|
owner = "DependencyTrack";
|
||
|
repo = "dependency-track";
|
||
|
rev = version;
|
||
|
hash = "sha256-BMkn9WnUGs4RxH5I1QQ2UDrlo32JcbfjfFcOG5YogLI=";
|
||
|
};
|
||
|
|
||
|
patches = [
|
||
|
./0000-remove-frontend-download.patch
|
||
|
./0001-add-junixsocket.patch
|
||
|
];
|
||
|
|
||
|
mvnJdk = jre_headless;
|
||
|
mvnHash = "sha256-c/JwBiKsXuWbCm1dTCrVc+V/1G7Eii1mUW8xDyewyLs=";
|
||
|
manualMvnArtifacts = [ "com.coderplus.maven.plugins:copy-rename-maven-plugin:1.0.1" ];
|
||
|
buildOffline = true;
|
||
|
|
||
|
mvnDepsParameters = lib.escapeShellArgs [
|
||
|
"-Dmaven.test.skip=true"
|
||
|
"-P enhance"
|
||
|
"-P embedded-jetty"
|
||
|
];
|
||
|
|
||
|
mvnParameters = lib.escapeShellArgs [
|
||
|
"-Dmaven.test.skip=true"
|
||
|
"-P enhance"
|
||
|
"-P embedded-jetty"
|
||
|
"-P bundle-ui"
|
||
|
"-Dservices.bom.merge.skip=false"
|
||
|
"-Dlogback.configuration.file=${src}/src/main/docker/logback.xml"
|
||
|
"-Dcyclonedx-cli.path=${lib.getExe cyclonedx-cli}"
|
||
|
];
|
||
|
|
||
|
preBuild = ''
|
||
|
mkdir -p frontend
|
||
|
cp -r ${frontend}/lib/node_modules/@dependencytrack/frontend/dist frontend/
|
||
|
'';
|
||
|
|
||
|
afterDepsSetup = ''
|
||
|
mvn cyclonedx:makeBom -Dmaven.repo.local=$mvnDeps/.m2 \
|
||
|
org.codehaus.mojo:exec-maven-plugin:exec@merge-services-bom
|
||
|
'';
|
||
|
|
||
|
doCheck = false;
|
||
|
|
||
|
nativeBuildInputs = [ makeWrapper ];
|
||
|
|
||
|
installPhase = ''
|
||
|
runHook preInstall
|
||
|
|
||
|
install -Dm644 target/dependency-track-*.jar $out/share/dependency-track/dependency-track.jar
|
||
|
makeWrapper ${jre_headless}/bin/java $out/bin/dependency-track \
|
||
|
--add-flags "-jar $out/share/dependency-track/dependency-track.jar"
|
||
|
|
||
|
runHook postInstall
|
||
|
'';
|
||
|
|
||
|
passthru = {
|
||
|
# passthru for nix-update
|
||
|
inherit (frontend) npmDeps;
|
||
|
tests = {
|
||
|
inherit (nixosTests) dependency-track;
|
||
|
};
|
||
|
updateScript = nix-update-script { };
|
||
|
};
|
||
|
|
||
|
meta = {
|
||
|
description = "Intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain";
|
||
|
homepage = "https://github.com/DependencyTrack/dependency-track";
|
||
|
license = lib.licenses.asl20;
|
||
|
maintainers = lib.teams.cyberus.members;
|
||
|
mainProgram = "dependency-track";
|
||
|
inherit (jre_headless.meta) platforms;
|
||
|
};
|
||
|
}
|