Dev

.dockerignore

@@ -2,4 +2,12 @@
 */*/.idea*
 */*/venv*
 */*/node_modules*
-*/*/.next*
+*/*/.next*
+.gitignore
+README.md
+.dockerignore
+.git
+
+/backend/data/setup_key
+/backend/data/keys*
+/backend/data/sboms*

.github/workflows/docker-build.yml

@@ -0,0 +1,49 @@
+name: Docker Build
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+      - name: Update and upgrade packages
+        run: |
+          sudo apt-get update
+          sudo apt-get upgrade -y
+
+
+      - name: Remove conflicting packages
+        run: |
+          sudo apt-get remove -y moby-containerd containerd moby-runc runc
+
+      - name: Install Docker
+        run: |
+          curl -fsSL https://get.docker.com -o get-docker.sh
+          sudo sh get-docker.sh
+          sudo usermod -aG docker $USER
+          sudo systemctl enable docker
+          sudo systemctl start docker
+
+
+      - name: Build and push Docker image
+        env:
+          VERSION_FILE_PATH: 'version.txt' # Update with your version file path
+          DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
+          DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
+        run: |
+          VERSION=$(cat $VERSION_FILE_PATH)
+          TAG=latest
+
+          if [[ $VERSION != $TAG ]]; then
+            TAG=$VERSION
+          fi
+
+          docker build -t the0danktor/dependify:$TAG .
+          docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD
+          docker push the0danktor/dependify:$TAG

.gitignore

@@ -1,7 +1,5 @@
 
-*.pyc
-*.pyc
 *.pyc
 backend/.idea
-*.pyc
-*.pyc
+backend/data/sboms
+backend/data/keys 

.vscode/settings.json

@@ -0,0 +1,11 @@
+{
+    "sqltools.connections": [
+        {
+            "previewLimit": 50,
+            "driver": "SQLite",
+            "name": "db",
+            "database": "${workspaceFolder:dependify}/backend/data/db.sqlite3"
+        }
+    ],
+    "sqltools.useNodeRuntime": true
+}

Dockerfile

@@ -1,62 +1,74 @@
-# Stage 1: Node.js base image for Next.js
-FROM node as nextjs
+FROM node:18-alpine AS base
 
-# Set the working directory
+# Install dependencies only when needed
+FROM base AS deps
+# Check https://github.com/nodejs/docker-node/tree/b4117f9333da4138b03a546ec926ef50a31506c3#nodealpine to understand why libc6-compat might be needed.
+RUN apk add --no-cache libc6-compat
 WORKDIR /app
 
-# Copy package.json and package-lock.json
-COPY ./ui/package*.json ./
+# Install dependencies based on the preferred package manager
+COPY ui/package.json ui/yarn.lock* ui/package-lock.json* ui/pnpm-lock.yaml* ./
+RUN \
+  if [ -f yarn.lock ]; then yarn --frozen-lockfile; \
+  elif [ -f package-lock.json ]; then npm ci; \
+  elif [ -f pnpm-lock.yaml ]; then yarn global add pnpm && pnpm i --frozen-lockfile; \
+  else echo "Lockfile not found." && exit 1; \
+  fi
 
-# Install dependencies
-RUN npm ci
 
-# Copy the Next.js source code
+# Rebuild the source code only when needed
+FROM base AS builder
+WORKDIR /app
+COPY --from=deps /app/node_modules ./node_modules
 COPY ui/. .
 
-# Build the Next.js application
+# Next.js collects completely anonymous telemetry data about general usage.
+# Learn more here: https://nextjs.org/telemetry
+# Uncomment the following line in case you want to disable telemetry during the build.
+ENV NEXT_TELEMETRY_DISABLED 1
 RUN npm run build
 
-# Stage 2: Python base image for Django
-FROM python as django
-
-# Set the working directory
+# Production image, copy all the files and run next
+FROM nikolaik/python-nodejs:python3.8-nodejs18-slim AS runner
 WORKDIR /app
 
+ENV NODE_ENV production
+# Uncomment the following line in case you want to disable telemetry during runtime.
+ENV NEXT_TELEMETRY_DISABLED 1
+
+RUN addgroup --system --gid 1001 nodejs
+RUN adduser --system --uid 1001 nextjs
+
+COPY --from=builder /app/public ./public
+
+# Automatically leverage output traces to reduce image size
+# https://nextjs.org/docs/advanced-features/output-file-tracing
+COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./
+COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static
+
 # Copy requirements.txt
 COPY ./backend/requirements.txt ./
 
 # Copy the Django source code
 COPY ./backend .
 
+RUN apt-get update && apt-get install -y openssh-client && apt-get install -y git
+
+RUN pip3 install -r requirements.txt
 
-# Finally, combine the Next.js and Django stages
-FROM node
+VOLUME /app/data
 
-# Expose the required ports (e.g., 3000 for Next.js, 8000 for Django)
 EXPOSE 3000
 EXPOSE 8000
-# Set the working directory
-WORKDIR /app
-
-RUN apt-get update && apt-get install -y python3-pip
-
-# Copy the built Next.js files from the "nextjs" stage
-COPY --from=nextjs /app ./ui
 
-# Copy the Django files from the "django" stage
-COPY --from=django /app .
-
-VOLUME /app/data
-
-RUN pip3 install -r requirements.txt
+ENV PORT 3000
 
 COPY start_up.sh ./start_up.sh
 
 RUN chmod +x ./start_up.sh
 
+RUN python manage.py flush --no-input
 
 # Start the Django server
 #CMD ["python3", "manage.py", "runserver", "0.0.0.0:8000" ,";","npm", "run", "start"]
-CMD ./start_up.sh
-
-
+CMD ./start_up.sh

backend/backend/settings.py

@@ -31,7 +31,7 @@
 # Application definition
 
 INSTALLED_APPS = [
-    'django.contrib.admin',
+    #'django.contrib.admin',
     'django.contrib.auth',
     'django.contrib.contenttypes',
     'django.contrib.sessions',
@@ -43,9 +43,9 @@
 ]
 
 MIDDLEWARE = [
+    'corsheaders.middleware.CorsMiddleware',
     'django.middleware.security.SecurityMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',
-    'corsheaders.middleware.CorsMiddleware',
     'django.middleware.common.CommonMiddleware',
     'django.middleware.csrf.CsrfViewMiddleware',
     'django.contrib.auth.middleware.AuthenticationMiddleware',
@@ -85,6 +85,9 @@
     }
 }
 
+# Authentication
+
+AUTH_USER_MODEL = 'playground.CustomUser'
 
 # Password validation
 # https://docs.djangoproject.com/en/4.2/ref/settings/#auth-password-validators
@@ -127,6 +130,26 @@
 
 DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
 
-CORS_ALLOWED_ORIGINS = [
+# CORS
+
+# CORS_ALLOWED_ORIGINS = [
+#     'http://localhost:3000',
+#     'http://127.0.0.1:3000',
+#     'https://localhost:3000',
+#     'https://127.0.0.1:3000',
+# ]
+
+CSRF_TRUSTED_ORIGINS = [
     'http://localhost:3000',
+    'http://127.0.0.1:3000',
+    'https://localhost:3000',
+    'https://127.0.0.1:3000',
 ]
+
+CORS_ALLOW_ALL_ORIGINS = True
+CORS_ALLOW_CREDENTIALS = True
+
+# Same site none
+SESSION_COOKIE_SAMESITE = "Lax"
+
+SESSION_COOKIE_SECURE = False

backend/backend/urls.py

@@ -18,9 +18,30 @@
 from django.urls import path, include
 from playground.views import Scan
 from playground.views import Setup
+from playground.views import SetupUserRegistration
+from playground.views import UserRegistration
+from playground.views import Login
+from playground.views import Logout
+from playground.views import User
+from playground.views import IsSetup
+from playground.views import Generate_datasource
+from playground.views import Confirm_datasource
+from playground.views import Get_datasource
+from playground.views import Del_datasource
 
 urlpatterns = [
-    path('admin/', admin.site.urls),
+    #path('admin/', admin.site.urls),
     path ('api/scan/', Scan.as_view()),
-    path ('api/setup', Setup.as_view()),
+    path ('api/setup/', Setup.as_view()),
+    path ('api/setup_registration/', SetupUserRegistration.as_view()),
+    path ('api/registration/',UserRegistration.as_view()),
+    path ('api/login/',Login.as_view()),
+    path ('api/logout/',Logout.as_view()),
+    path ('api/user/',User.as_view()),
+    path ('api/is_setup/',IsSetup.as_view()),
+    path ('api/generate_datasource/',Generate_datasource.as_view()),
+    path ('api/confirm_datasource/',Confirm_datasource.as_view()),
+    path ('api/get_datasource/',Get_datasource.as_view()),
+    path ('api/del_datasource/',Del_datasource.as_view()),
+
 ]

backend/data/setup_key

@@ -0,0 +1 @@
+lucaslucaslucas

backend/functions/datasource.py

@@ -0,0 +1,22 @@
+from git import Repo
+import paramiko
+from playground.models import newDataSource as DataSource
+from django.apps import AppConfig
+
+class FunctionsConfig(AppConfig):
+    default_auto_field = 'django.db.models.BigAutoField'
+    name = 'functions'
+
+    def ready(self):
+        clone_datasource('pw-demo-sboms')
+def clone_datasource(name):
+    repo_path = '/data/sboms/'
+    datasource = DataSource.objects.get(name=name)
+    repo_url = datasource.url
+    key = datasource.key
+    repo = Repo.clone_from(repo_url, repo_path, key=key)
+
+
+def fetch_datasource():
+    pass
+