Merge branch 'update-scripts' into 'development'

Update scripts and dependencies.

See merge request !7

.gitignore

@@ -12,4 +12,5 @@ gradle
 build_dependencies
 libs
 jars.tar.gz
-redis-cli.tar.gz
+redis-cli.tar.gz
\ No newline at end of file
+libs.tar.gz
\ No newline at end of file

Dockerfile

@@ -6,12 +6,14 @@ FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG}
 USER 0
 
 # Make sure we are up to date.
-RUN dnf update -y && dnf clean all
+RUN dnf update -y && \
+    dnf clean all && \
+    rm -rf /var/cache/dnf
 
 # Copy in the project files.
 COPY ./scripts \
     redis-cli.tar.gz \
-    jars.tar.gz /app/
+    libs.tar.gz /app/
 
 # Set workdir.
 WORKDIR /app
@@ -20,11 +22,7 @@ WORKDIR /app
 RUN tar xzf redis-cli.tar.gz \
     && rm redis-cli.tar.gz \
     && mv redis-cli /usr/local/bin/redis-cli \
-    && tar xzf jars.tar.gz && rm jars.tar.gz \
-    && mkdir libs && mv jars/main/* libs/ \
-    && mkdir process_job/libs && mv jars/process_job/* process_job/libs/ \
-    && mkdir send_results/libs && mv jars/send_results/* send_results/libs/ \
-    && rm -rf jars \
+    && tar xzf libs.tar.gz && rm libs.tar.gz \
     && chown -R 1000 /app \
     && chmod 0555 /app/get-job.sh
 

hardening_manifest.yaml

@@ -8,7 +8,7 @@ name: "galvanize/galvanize/java-code-evaluator"
 # The most specific version should be the first tag and will be shown
 # on ironbank.dsop.io
 tags:
-- "0.1.0"
+- "0.1.1"
 - "latest"
 
 # Build args passed to Dockerfile ARGs
@@ -23,7 +23,7 @@ labels:
   org.opencontainers.image.licenses: "proprietary"
   org.opencontainers.image.url: "https://www.galvanize.com"
   org.opencontainers.image.vendor: "Galvanize"
-  org.opencontainers.image.version: "0.1.0"
+  org.opencontainers.image.version: "0.1.1"
   mil.dso.ironbank.image.keywords: "lms,learn,galvanize,online,classes,remote,learning"
   mil.dso.ironbank.image.type: "commercial"
   mil.dso.ironbank.product.name: "Learn"
@@ -34,20 +34,20 @@ resources:
       type: s3
       id: galvanize
       region: us-gov-west-1
-    url: s3://learn-dependencies/java-evaluator/redis-cli.tar.gz
+    url: s3://learn-dependencies/java-evaluator/redis-cli-0.1.1.tar.gz
     filename: redis-cli.tar.gz
     validation:
       type: sha256
-      value: 656bf2fc3f4e63bb4ee96744a550a875b316e3f99da241a378a63db47b91e1ee
+      value: af6c9ab5bb1c0b4999cac6f079e8094b84bd9565da8d56b012a3c7b7c60b8fef
   - auth:
       type: s3
       id: galvanize
       region: us-gov-west-1
-    url: s3://learn-dependencies/java-evaluator/jars.tar.gz
-    filename: jars.tar.gz
+    url: s3://learn-dependencies/java-evaluator/libs-0.1.1.tar.gz
+    filename: libs.tar.gz
     validation:
       type: sha256
-      value: 179f64dd1799517dbec988e8f54be50496bc7dc093dadcd43ce758d103644357
+      value: d57179d55593c3768c8d0f73c80a2c69fb77f061d9baece467ecc2f961caa458
 
 # List of project maintainers
 maintainers:

scripts/Dockerfile.packages

@@ -16,18 +16,15 @@ RUN dnf update -y \
 # Setup our environment
 WORKDIR /app
 
-# Redis
+# Download Redis.
 RUN curl -L http://download.redis.io/redis-stable.tar.gz -o redis-stable.tar.gz \
-    && tar xzf redis-stable.tar.gz
-
-WORKDIR /app/redis-stable
-RUN make redis-cli
-
-WORKDIR /app/redis-stable/src
-RUN tar czf redis-cli.tar.gz redis-cli \
-    && mv redis-cli.tar.gz /app/
-
-WORKDIR /app
+    && tar xzf redis-stable.tar.gz \
+    && cd /app/redis-stable \
+    && make redis-cli \
+    && cd /app/redis-stable/src \
+    && tar czf redis-cli.tar.gz redis-cli \
+    && mv redis-cli.tar.gz /app/ \
+    && cd /app
 
 # Add write permissions.
 RUN chown -R 1000 .

scripts/build.gradle

@@ -4,15 +4,15 @@ apply plugin: 'java'
 
 dependencies {
     testImplementation files(
-            'libs/apiguardian-api-1.1.0.jar',
-            'libs/hamcrest-all-1.3.jar',
-            'libs/junit-jupiter-api-5.7.0.jar',
-            'libs/junit-jupiter-engine-5.7.0.jar',
-            'libs/junit-platform-commons-1.7.0.jar',
-            'libs/junit-platform-engine-1.7.0.jar',
-            'libs/opentest4j-1.2.0.jar',
-            'libs/commons-codec-1.15.jar',
-            'libs/commons-logging-1.1.2.jar'
+            'libs/apiguardian-api.jar',
+            'libs/hamcrest-all.jar',
+            'libs/junit-jupiter-api.jar',
+            'libs/junit-jupiter-engine.jar',
+            'libs/junit-platform-commons.jar',
+            'libs/junit-platform-engine.jar',
+            'libs/opentest4j.jar',
+            'libs/commons-codec.jar',
+            'libs/commons-logging.jar'
     )
 }
 

scripts/local-install.sh

+#!/usr/bin/env bash
+
+# Load Version Numbers.
+API_GUARDIAN_VERSION=1.1.1
+COMMONS_CODEC_VERSION=1.15
+COMMONS_LOGGING_VERSION=1.2
+HAMCREST_VERSION=1.3
+HTTP_CLIENT_VERSION=4.5.13
+HTTP_CORE_VERSION=4.4.14
+JSON_VERSION=20210307
+JUNIT_JUPITER_API_VERSION=5.7.1
+JUNIT_JUPITER_ENGINE_VERSION=5.7.1
+JUNIT_PLATFORM_COMMONS_VERSION=1.7.1
+JUNIT_PLATFORM_ENGINE_VERSION=1.7.1
+OPENTEST4J_VERSION=1.2.0
+
+# Deps Directory.
+LIB_DIR="./libs"
+
+# Cleanup Old Directory.
+if [ -d ${LIB_DIR} ]; then
+  echo "Deleting old local dependency directory."
+  rm -rf ${LIB_DIR}
+fi
+
+echo "Creating local dependency directory and changing directory."
+mkdir ${LIB_DIR}
+cd "${LIB_DIR}" || exit
+
+echo "Downloading all libs."
+curl -L https://repo1.maven.org/maven2/org/apiguardian/apiguardian-api/${API_GUARDIAN_VERSION}/apiguardian-api-${API_GUARDIAN_VERSION}.jar -o apiguardian-api.jar
+curl -L https://repo1.maven.org/maven2/commons-codec/commons-codec/${COMMONS_CODEC_VERSION}/commons-codec-${COMMONS_CODEC_VERSION}.jar -o commons-codec.jar
+curl -L https://repo1.maven.org/maven2/commons-logging/commons-logging/${COMMONS_LOGGING_VERSION}/commons-logging-${COMMONS_LOGGING_VERSION}.jar -o commons-logging.jar
+curl -L https://repo1.maven.org/maven2/org/hamcrest/hamcrest-all/${HAMCREST_VERSION}/hamcrest-all-${HAMCREST_VERSION}.jar -o hamcrest-all.jar
+curl -L https://repo1.maven.org/maven2/org/apache/httpcomponents/httpclient/${HTTP_CLIENT_VERSION}/httpclient-${HTTP_CLIENT_VERSION}.jar -o httpclient.jar
+curl -L https://repo1.maven.org/maven2/org/apache/httpcomponents/httpcore/${HTTP_CORE_VERSION}/httpcore-${HTTP_CORE_VERSION}.jar -o httpcore.jar
+curl -L https://repo1.maven.org/maven2/org/json/json/${JSON_VERSION}/json-${JSON_VERSION}.jar -o json.jar
+curl -L https://repo1.maven.org/maven2/org/junit/jupiter/junit-jupiter-api/${JUNIT_JUPITER_API_VERSION}/junit-jupiter-api-${JUNIT_JUPITER_API_VERSION}.jar -o junit-jupiter-api.jar
+curl -L https://repo1.maven.org/maven2/org/junit/jupiter/junit-jupiter-engine/${JUNIT_JUPITER_ENGINE_VERSION}/junit-jupiter-engine-${JUNIT_JUPITER_ENGINE_VERSION}.jar -o junit-jupiter-engine.jar
+curl -L https://repo1.maven.org/maven2/org/junit/platform/junit-platform-commons/${JUNIT_PLATFORM_COMMONS_VERSION}/junit-platform-commons-${JUNIT_PLATFORM_COMMONS_VERSION}.jar -o junit-platform-commons.jar
+curl -L https://repo1.maven.org/maven2/org/junit/platform/junit-platform-engine/${JUNIT_PLATFORM_ENGINE_VERSION}/junit-platform-engine-${JUNIT_PLATFORM_ENGINE_VERSION}.jar -o junit-platform-engine.jar
+curl -L https://repo1.maven.org/maven2/org/opentest4j/opentest4j/${OPENTEST4J_VERSION}/opentest4j-${OPENTEST4J_VERSION}.jar -o opentest4j.jar
\ No newline at end of file

scripts/process_job/build.gradle

@@ -3,7 +3,7 @@ apply plugin: 'java'
 mainClassName = 'com.galvanize.processjob.ProcessJob'
 
 dependencies {
-    implementation files('libs/org.json-2.0.jar')
+    implementation files('../libs/json.jar')
 }
 
 jar {

scripts/repackage.sh

@@ -7,40 +7,64 @@ BASE_TAG=6.8.3
 
 # This is the profile name in your aws credentials file.
 DEPENDENCY_FOLDER=build_dependencies
-AWS_PROFILE_NAME=revacomm
-AWS_BUCKET_NAME=learn-dependencies/java-evaluator
+AWS_PROFILE_NAME=rc-govcloud
+AWS_BUCKET_URL=s3://learn-dependencies/java-evaluator
 AWS_REGION=us-gov-west-1
+VERSION_NUMBER=$(yq e '.tags[0]' ../hardening_manifest.yaml)
+IMAGE_TAG=java-evaluator-tag
 
 echo "Clearing dependency folder."
 rm -rf $DEPENDENCY_FOLDER
 mkdir $DEPENDENCY_FOLDER
 
-echo "Building docker image."
-IMAGE_ID=$(docker build --file Dockerfile.packages . -q \
+echo "Building docker image with tag: $IMAGE_TAG"
+docker build -t $IMAGE_TAG \
+  --file Dockerfile.packages . -q \
   --build-arg BASE_REGISTRY=$BASE_REGISTRY \
   --build-arg BASE_IMAGE=$BASE_IMAGE \
-  --build-arg BASE_TAG=$BASE_TAG)
-echo "Image ID: ${IMAGE_ID}"
+  --build-arg BASE_TAG=$BASE_TAG
 
 echo "Starting docker container."
-CONTAINER_ID=$(docker run -d $IMAGE_ID)
-echo "Container ID: ${CONTAINER_ID}"
+CONTAINER_ID=$(docker run -d $IMAGE_TAG)
 
-echo "Copying node modules and gems to the bundles directory."
-docker cp $CONTAINER_ID:/app/redis-cli.tar.gz $DEPENDENCY_FOLDER/redis-cli.tar.gz
+if [ -z "$CONTAINER_ID" ]; then
+  echo "[ERROR] - Failed to start the docker container. Exiting.."
+  exit
+else
+  echo "Container ID: ${CONTAINER_ID}"
+fi
+
+echo "Copying redis cli to the dependency directory."
+docker cp "$CONTAINER_ID:/app/redis-cli.tar.gz" "$DEPENDENCY_FOLDER/redis-cli-${VERSION_NUMBER}.tar.gz" || exit
 
 echo "Stopping the docker container."
-docker stop "$CONTAINER_ID"
+docker kill "$CONTAINER_ID"
+
+echo "Installing all jar files."
+./local-install.sh || exit
+tar czf libs.tar.gz libs
+mv libs.tar.gz "$DEPENDENCY_FOLDER/libs-${VERSION_NUMBER}.tar.gz" || exit
 
 echo "Uploading all the build dependencies to AWS."
-aws s3 sync $DEPENDENCY_FOLDER s3://$AWS_BUCKET_NAME --delete --profile $AWS_PROFILE_NAME --region $AWS_REGION
+aws s3 sync $DEPENDENCY_FOLDER $AWS_BUCKET_URL --profile $AWS_PROFILE_NAME --region $AWS_REGION || exit
+
+echo " Getting Checksums."
+REDIS_CHECKSUM=$(sha256sum "$DEPENDENCY_FOLDER/redis-cli-${VERSION_NUMBER}.tar.gz" | awk '{ print $1 }')
+LIBS_CHECKSUM=$(sha256sum "$DEPENDENCY_FOLDER/libs-${VERSION_NUMBER}.tar.gz" | awk '{ print $1 }')
+echo "Redis CLI Checksum: ${REDIS_CHECKSUM}"
+echo "Libs Checksum: ${LIBS_CHECKSUM}"
 
-echo "Checksums:"
-cd $DEPENDENCY_FOLDER
-sha256sum redis-cli.tar.gz
-cd ..
+echo "Updating the hardening_manifest.yaml file."
+REDIS_PREV_SHA=$(yq eval '.resources[] | select(.filename == "redis-cli.tar.gz").validation.value' ../hardening_manifest.yaml)
+REDIS_PREV_URL=$(yq eval '.resources[] | select(.filename == "redis-cli.tar.gz").url' ../hardening_manifest.yaml)
+sed -i '' -e "s|$REDIS_PREV_SHA|$REDIS_CHECKSUM|g" ../hardening_manifest.yaml
+sed -i '' -e "s|$REDIS_PREV_URL|${AWS_BUCKET_URL}/redis-cli-${VERSION_NUMBER}.tar.gz|g" ../hardening_manifest.yaml
+LIBS_PREV_SHA=$(yq eval '.resources[] | select(.filename == "libs.tar.gz").validation.value' ../hardening_manifest.yaml)
+LIBS_PREV_URL=$(yq eval '.resources[] | select(.filename == "libs.tar.gz").url' ../hardening_manifest.yaml)
+sed -i '' -e "s|$LIBS_PREV_SHA|$LIBS_CHECKSUM|g" ../hardening_manifest.yaml
+sed -i '' -e "s|$LIBS_PREV_URL|${AWS_BUCKET_URL}/libs-${VERSION_NUMBER}.tar.gz|g" ../hardening_manifest.yaml
 
 echo "Removing dependency folder."
 rm -rf $DEPENDENCY_FOLDER
 
-echo "Done!"
+echo "Done!"
\ No newline at end of file

scripts/send_results/build.gradle

@@ -4,11 +4,11 @@ mainClassName = 'com.galvanize.sendresults.SendResults'
 
 dependencies {
     implementation files(
-            'libs/org.json-2.0.jar',
-            'libs/httpcore-4.4.13.jar',
-            'libs/httpclient-4.5.13.jar',
-            'libs/commons-logging-1.1.2.jar',
-            'libs/commons-codec-1.15.jar'
+            '../libs/json.jar',
+            '../libs/httpcore.jar',
+            '../libs/httpclient.jar',
+            '../libs/commons-logging.jar',
+            '../libs/commons-codec.jar'
     )
 }