Dockerfile update and resourse change

18f401aa · Olga O · 5497b519 · 18f401aa · 5497b519 · 18f401aa
Commit 18f401aa authored May 04, 2021 by Olga O
6 changed files
--- a/Dockerfile
+++ b/Dockerfile
-ARG BASE_REGISTRY=registry1.dso.mil/ironbank
+ARG BASE_REGISTRY=registry1.dso.mil
-ARG BASE_IMAGE=redhat/openjdk/openjdk8
+ARG BASE_IMAGE=ironbank/redhat/openjdk/openjdk8
-ARG BASE_TAG=latest
+ARG BASE_TAG=1.8.0
-FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG}
+FROM hygieiadoc/githubscmcollector:v3.2.0 as builder
-USER 0
-RUN dnf upgrade -y && \
+FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG}
-    dnf clean all && \
-    rm -rf /var/cache/dnf
-RUN mkdir -p /app/logs \
+EXPOSE 8080
-    mkdir -p /app/config
-RUN chown -R 1001:1001 /app
+ENV PROP_FILE /hygieia/config/application.properties
-RUN chmod 755 /app
-WORKDIR /app
+WORKDIR /hygieia
+COPY scripts/properties-builder.sh /hygieia/
+COPY --from=builder /hygieia/ /hygieia/
 USER 1001
-COPY ./gitlab-scm-collector.jar .
-COPY ./scripts/collector-launch.sh ./scripts/collector-launch.sh
-CMD ./scripts/collector-launch.sh
+CMD ./properties-builder.sh &&\
+  java -Djava.security.egd=file:/dev/./urandom -jar *.jar --spring.config.location=$PROP_FILE
 HEALTHCHECK NONE
--- a/config/boiler.application.properties
+++ b/config/boiler.application.properties
-	# Database Name
-		dbname=dashboarddb
-		# Database HostName - default is localhost
-		dbhost=localhost
-		# Database Port - default is 27017
-		dbport=27017
-		# MongoDB replicaset
-		dbreplicaset=[false if you are not using MongoDB replicaset]
-		dbhostport=[host1:port1,host2:port2,host3:port3]
-		# Database Username - default is blank
-		dbusername=
-		# Database Password - default is blank
-		dbpassword=
-		# Logging File location
-		logging.file=./logs/gitlab.log
-		#Collector schedule (required)
-		gitlab.cron=0 0/1 * * * *
-		#Gitlab host (optional, defaults to 'gitlab.com')
-		gitlab.host=gitlab.company.com
-		#Gitlab protocol (optional, defaults to 'http')
-		gitlab.protocol=http
-        #If enabled, dashboard URL configured in UI follows this example <gitlab.protocol>://<gitlab.host>/<gitlab_project_id>
-		#gitlab.useProjectId (optional, defaults to false)
-		#Gitlab port (optional, defaults to protocol default port)
-		gitlab.port=80
-		#Gitlab path (optional, if your instance of gitlab requires a path)
-		gitlab.path=/gitlab/resides/here
-		#If your instance of Gitlab is using a self-signed certificate, set to true, default is false
-		gitlab.selfSignedCertificate=false
-		#Gitlab API Token (required, user token the collector will use by default, can be overridden on a per repo basis from the UI. API token provided by Gitlab)
-		gitlab.apiToken=
-		#Maximum number of previous days from current date, when fetching commits
-		gitlab.commitThresholdDays=15
-		# Gitlab key for private repos
-		gitlab.key=<your-generated-key>
--- a/hardening_manifest.yaml
+++ b/hardening_manifest.yaml
@@ -8,7 +8,7 @@ name: "opensource/hygieia/hygieia-scm-gitlab-collector"
 # The most specific version should be the first tag and will be shown
 # on ironbank.dsop.io
 tags:
- "v3.1.0"
+- "v3.2.0"
 - "latest"
 # Build args passed to Dockerfile ARGs
@@ -27,7 +27,7 @@ labels:
  org.opencontainers.image.url: "https://github.com/bitnami/bitnami-docker-elasticsearch-exporter"
  ## Name of the distributing entity, organization or individual
  org.opencontainers.image.vendor: "hygieia"
-  org.opencontainers.image.version: "v3.1.0"
+  org.opencontainers.image.version: "v3.2.0"
  ## Keywords to help with search (ex. "cicd,gitops,golang")
  mil.dso.ironbank.image.keywords: "configmap,hygieia,gitlab,collector"
  ## This value can be "opensource" or "commercial"
@@ -37,17 +37,12 @@ labels:
 # List of resources to make available to the offline build context
 resources:
+- url: docker://docker.io/hygieiadoc/githubscmcollector@sha256:eed4624f71d52dc5fc9c4ff98bf48e10c54f647710a86629164f148e7427a0b5
- filename: gitlab-scm-collector.jar
+  tag: hygieiadoc/githubscmcollector:v3.2.0
-  url: https://repo.maven.apache.org/maven2/com/capitalone/dashboard/gitlab-scm-collector/3.1.0/gitlab-scm-collector-3.1.0.jar
-  validation:
-    type: sha256
-    value: 57f53acb6edaae368291050af44f1662b1ba80a891b58780535291c36f5eadbc
 # List of project maintainers
 maintainers:
- name: "Chris Byrd"
+- name: "Olga Ojjeh"
-  username: "crbcos"
+  username: "olga"
-  email: "chris.byrd@parsons.com"
+  email: "olga@alphabravo.io"
  cht_member: true
--- a/renovate.json
+++ b/renovate.json
 {
-    "assignees": [
+  "assignees": [
-      "@chris.byrd"
+    "@olga"
-    ],
+  ],
-    "baseBranches": [
+  "baseBranches": [
-      "development"
+    "development"
-    ],
+  ],
-    "regexManagers": [
+  "regexManagers": [
-      {
+    {
-        "matchStrings": [
+      "fileMatch": [
-          "version=\"(?<currentValue>.*?)\""
+        "^hardening_manifest.yaml$"
-        ],
+      ],
-        "depNameTemplate": "hygieia/hygieia-scm-gitlab-collector",
+      "matchStrings": [
-        "datasourceTemplate": "docker"
+        "org\\.opencontainers\\.image\\.version:\\s+\"(?<currentValue>.+?)\""
-      },
+      ],
-      {
+      "depNameTemplate": "hygieiadoc/githubscmcollector",
-        "fileMatch": [
+      "datasourceTemplate": "docker"
-          "^hardening_manifest.yaml$"
+    },
-        ],
+    {
-        "matchStrings": [
+      "fileMatch": [
-          "org\\.opencontainers\\.image\\.version:\\s+\"(?<currentValue>.+?)\""
+        "^hardening_manifest.yaml$"
-        ],
+      ],
-        "depNameTemplate": "hygieia/hygieia-scm-gitlab-collector:v3.1.0",
+      "matchStrings": [
-        "datasourceTemplate": "docker"
+        "tags:\\s+-\\s+\"(?<currentValue>.+?)\""
-      },
+      ],
-      {
+      "depNameTemplate": "hygieiadoc/githubscmcollector",
-        "fileMatch": [
+      "datasourceTemplate": "docker"
-          "^hardening_manifest.yaml$"
+    }
-        ],
+  ]
-        "matchStrings": [
+}
-          "tags:\\s+-\\s+\"(?<currentValue>.+?)\""
-        ],
-        "depNameTemplate": "hygieia/hygieia-scm-gitlab-collector:v3.1.0",
-        "datasourceTemplate": "docker"
-      }
-    ]
-  }
--- a/scripts/collector-launch.sh
+++ b/scripts/collector-launch.sh
-#!/bin/bash
-if [ "$SKIP_PROPERTIES_BUILDER" = true ]; then
-  echo "Skipping properties builder"
-  java -jar gitlab-scm-collector.jar --spring.config.name=gitlab --spring.config.location=${PROP_FILE}
-  exit 0
-fi
-if ! [ "$PROP_FILE" ]; then
-  echo "PROP_FILE not set.  Defaulting to /app/config/application.properties"
-  export PROP_FILE=/app/config/application.properties
-  sudo touch $PROP_FILE
-fi
-if [ "$GITLAB_USE_PROJECT_ID" ]; then
-  echo "GITLAB_USE_PROJECT_ID set."
-  export GITLAB_USE_PROJECT_ID_TITLE=gitlab.useProjectId
-else
-  echo "GITLAB_USE_PROJECT_ID not set. Skipping."
-  export GITLAB_USE_PROJECT_ID_TITLE=\#gitlab.useProjectId
-fi
-if ! [ "DB_NAME" ]; then
-  echo "DB_NAME not set.  Defaulting to empty string."
-  export DB_NAME=""
-fi
-if ! [ "$DB_HOST" ]; then
-  echo "DB_HOST not set.  Defaulting to localhost"
-  export DB_HOST=localhost
-fi
-if ! [ "$DB_PORT" ]; then
-  echo "DB_PORT not set.  Defaulting to 27017"
-  export DB_PORT=27017
-fi
-if ! [ "$DB_REPLICA_SET" ]; then
-  echo "DB_REPLICA_SET not set.  Defaulting to false."
-  export DB_REPLICA_SET=false
-fi
-if ! [ "$DB_HOST_PORT" ]; then
-  echo "DB_HOST_PORT not set.  Defaulting to empty string."
-  export DB_HOST_PORT=""
-fi
-if ! [ "$DB_USERNAME" ]; then
-  echo "DB_USERNAME not set.  Defaulting to empty string."
-  export DB_USER_NAME=""
-fi
-if ! [ "$DB_PASSWORD" ]; then
-  echo "DB_PASSWORD not set.  Defaulting to empty string."
-  export DB_PASSWORD=""
-fi
-if ! [ "$LOGS_PATH" ]; then
-  echo "LOGS_PATH not set.  Defaulting to /app/logs/gitlab.log."
-  export LOGS_PATH="/app/logs"
-fi
-if ! [ "$COLLECTOR_CRON" ]; then
-  echo "COLLECTOR_CRON not set. Defaulting to 0 0/1 * * * *"
-  export COLLECTOR_CRON="0 0/1 * * * *"
-fi
-if ! [ "$GITLAB_HOST" ]; then
-  echo "GITLAB_HOST not set.  Defaulting to gitlab.company.com"
-  export GITLAB_HOST=gitlab.company.com
-fi
-if ! [ "$GITLAB_PROTOCOL" ]; then
-  echo "GITLAB_PROTOCOL not set.  Defaulting to http"
-  export GITLAB_PROTOCOL=http
-fi
-if ! [ "$GITLAB_PORT" ]; then
-  echo "GITLAB_PORT not set.  Defaulting to 80"
-  export GITLAB_PORT=80
-fi
-if ! [ "$GITLAB_PATH" ]; then
-  echo "GITLAB_PATH not set.  Defaulting to empty string"
-  export GITLAB_PATH=""
-fi
-if ! [ "$GITLAB_SELF_SIGNED_CERT" ]; then
-  echo "GITLAB_SELF_SIGNED_CERT not set.  Defaulting to false"
-  export GITLAB_SELF_SIGNED_CERT=false
-fi
-if ! [ "$GITLAB_API_TOKEN" ]; then
-  echo "GITLAB_API_TOKEN not set.  Value is required."
-  exit 0
-fi
-if ! [ "$GITLAB_COMMIT_THREASHOLD_DAYS" ]; then
-  echo "GITLAB_COMMIT_THREASHOLD_DAYS not set.  Defaulting to 15 days."
-  export GITLAB_COMMIT_THREASHOLD_DAYS=15
-fi
-if ! [ "$GITLAB_KEY" ]; then
-  echo "GITLAB_KEY not set.  Defaulting to empty string"
-  export GITLAB_KEY=""
-fi
-cat > $PROP_FILE <<EOF
-# Database Name
-dbname=$DB_NAME
-# Database HostName - default is localhost
-dbhost=$DB_HOST
-# Database Port - default is 27017
-dbport=$DB_PORT
-# MongoDB replicaset
-dbreplicaset=$DB_REPLICA_SET
-dbhostport=$DB_HOST_PORT
-# Database Username - default is blank
-dbusername=$DB_USERNAME
-# Database Password - default is blank
-dbpassword=$DB_PASSWORD
-# Logging File location - ./logs/gitlab.log
-logging.file=$LOGS_PATH
-#Collector schedule (required) - 0 0/1 * * * *
-gitlab.cron=$COLLECTOR_CRON
-#Gitlab host (optional, defaults to 'gitlab.com') - gitlab.company.com
-gitlab.host=$GITLAB_HOST
-#Gitlab protocol (optional, defaults to 'http') - http
-gitlab.protocol=$GITLAB_PROTOCOL
-#If enabled, dashboard URL configured in UI follows this example <gitlab.protocol>://<gitlab.host>/<gitlab_project_id> - (optional, defaults to false)
-$GITLAB_USE_PROJECT_ID_TITLE=$GITLAB_USE_PROJECT_ID
-#Gitlab port (optional, defaults to protocol default port) - 80
-gitlab.port=$GITLAB_PORT
-#Gitlab path (optional, if your instance of gitlab requires a path) - /gitlab/resides/here
-gitlab.path=$GITLAB_PATH
-#If your instance of Gitlab is using a self-signed certificate, set to true, default is false - false
-gitlab.selfSignedCertificate=$GITLAB_SELF_SIGNED_CERT
-#Gitlab API Token (required, user token the collector will use by default, can be overridden on a per repo basis from the UI. API token provided by Gitlab)
-gitlab.apiToken=$GITLAB_API_TOKEN
-#Maximum number of previous days from current date, when fetching commits - 15
-gitlab.commitThresholdDays=$GITLAB_COMMIT_THREASHOLD_DAYS
-# Gitlab key for private repos
-gitlab.key=$GITLAB_KEY
-EOF
-echo "
-===========================================
-Properties file created:  $PROP_FILE
-Note: passwords hidden
-===========================================
-`cat $PROP_FILE |egrep -vi 'password|Credentials'`
-" 
-java -jar gitlab-scm-collector.jar --spring.config.name=gitlab --spring.config.location=${PROP_FILE}
\ No newline at end of file
--- a/scripts/properties-builder.sh
+++ b/scripts/properties-builder.sh
+#!/bin/bash
+if [ "$SKIP_PROPERTIES_BUILDER" = true ]; then
+  echo "Skipping properties builder"
+  exit 0
+fi
+if [ "$MONGO_PORT" != "" ]; then
+	# Sample: MONGO_PORT=tcp://172.17.0.20:27017
+	MONGODB_HOST=`echo $MONGO_PORT|sed 's;.*://\([^:]*\):\(.*\);\1;'`
+	MONGODB_PORT=`echo $MONGO_PORT|sed 's;.*://\([^:]*\):\(.*\);\2;'`
+else
+	env 
+	echo "ERROR: MONGO_PORT not defined"
+	exit 1
+fi
+echo "MONGODB_HOST: $MONGODB_HOST"
+echo "MONGODB_PORT: $MONGODB_PORT"
+cat > $PROP_FILE <<EOF
+#Database Name
+dbname=${HYGIEIA_API_ENV_SPRING_DATA_MONGODB_DATABASE:-dashboarddb}
+#Database HostName - default is localhost
+dbhost=${MONGODB_HOST:-10.0.1.1}
+#Database Port - default is 27017
+dbport=${MONGODB_PORT:-27017}
+#Database Username - default is blank
+dbusername=${HYGIEIA_API_ENV_SPRING_DATA_MONGODB_USERNAME:-dashboarduser}
+#Database Password - default is blank
+dbpassword=${HYGIEIA_API_ENV_SPRING_DATA_MONGODB_PASSWORD:-dbpassword}
+#Collector schedule (required)
+feature.cron=${JIRA_CRON:-0 * * * * *}
+#Page size for data calls (Jira maxes at 1000)
+feature.pageSize=${JIRA_PAGE_SIZE:-1000}
+#In-built folder housing prepared REST queries (required)
+feature.queryFolder=jiraapi-queries
+#Jira API Query file names (String template requires the files to have .st extension) (required)
+feature.storyQuery=story
+feature.epicQuery=epic
+feature.projectQuery=projectinfo
+feature.memberQuery=memberinfo
+feature.sprintQuery=sprintinfo
+feature.teamQuery=teaminfo
+feature.trendingQuery=trendinginfo
+#Jira Connection Details
+feature.jiraProxyUrl=${JIRA_PROXY_URL}
+feature.jiraProxyPort=${JIRA_PROXY_PORT}
+# Trending Query:  Number of days in a sprint (not-required)
+feature.sprintDays=${JIRA_SPRINT_DAYS:-60}
+# Trending Query:  Length of sprint week (not-required)
+feature.sprintEndPrior=${JIRA_SPRINT_END_PRIOR:-7}
+#Scheduled Job prior minutes to recover data created during execution time (usually, 2 minutes is enough)
+feature.scheduledPriorMin=${JIRA_SCHEDULED_PRIOR_MIN:-2}
+#Delta change date that modulates the collector item task - should be about as far back as possible, in ISO format (required)
+feature.deltaCollectorItemStartDate=${JIRA_DELTA_COLLECTOR_ITEM_START_DATE:-2008-01-01T00:00:00.000000}
+#Jira Connection Details
+feature.jiraBaseUrl=${JIRA_BASE_URL:-https://jira.atlassian.com}
+feature.jiraQueryEndpoint=${JIRA_QUERY_ENDPOINT:-rest/api/2/}
+#64-bit encoded credentials with the pattern username:password 
+#on a mac you con create them with : echo -n 'username:password' | base64
+#reference:  https://www.base64decode.org/ 
+feature.jiraCredentials=${JIRA_CREDENTIALS}
+#OAuth2.0 token credentials (currently not supported in this version)
+feature.jiraOauthAuthtoken=${JIRA_OAUTH_AUTH_TOKEN:-sdfghjkl==}
+feature.jiraOauthRefreshtoken=${JIRA_OAUTH_REFRESH_TOKEN:-sdfagheh==}
+feature.jiraOauthRedirecturi=${JIRA_OAUTH_REDIRECT_URL:-uri.this.is.test:uri}
+feature.jiraOauthExpiretime=${JIRA_OAUTH_EXPIRE_TIME:-234567890987}
+#Start dates from which to begin collector data, if no other data is present - usually, a month back is appropriate (required)
+feature.deltaStartDate=${JIRA_DELTA_START_DATE:-2015-03-01T00:00:00.000000}
+feature.masterStartDate=${JIRA_MASTER_START_DATE:-2008-01-01T00:00:00.000000}
+# In Jira, general IssueType IDs are associated to various "issue"
+# attributes. However, there is one attribute which this collector's
+# queries rely on that change between different instantiations of Jira.
+# Please provide a String Name reference to your instance's IssueType for
+# the lowest level of Issues (e.g., "user story") specific to your Jira
+# instance.  Note:  You can retrieve your instance's IssueType Name
+# listings via the following URI:  https://[your-jira-domain-name]/rest/api/2/issuetype/
+# Multiple comma-separated values can be specified.
+feature.jiraIssueTypeNames=${JIRA_ISSUE_TYPE_NAMES:-Story,Epic,Bug,Task,Sub-task}
+# In Jira, your instance will have its own custom field created for "sprint" or "timebox" details,
+# which includes a list of information.  This field allows you to specify that data field for your
+# instance of Jira. Note: You can retrieve your instance's sprint data field name
+# via the following URI, and look for a package name com.atlassian.greenhopper.service.sprint.Sprint;
+# your custom field name describes the values in this field:
+# https://[your-jira-domain-name]/rest/api/2/issue/[some-issue-name]
+feature.jiraSprintDataFieldName=${JIRA_SPRINT_DATA_FIELD_NAME:-customfield_10007}
+# In Jira, your instance will have its own custom field created for "super story" or "epic" back-end ID,
+# which includes a list of information.  This field allows you to specify that data field for your instance
+# of Jira.  Note:  You can retrieve your instance's epic ID field name via the following URI where your
+# queried user story issue has a super issue (e.g., epic) tied to it; your custom field name describes the
+# epic value you expect to see, and is the only field that does this for a given issue:
+# https://[your-jira-domain-name]/rest/api/2/issue/[some-issue-name]
+feature.jiraEpicIdFieldName=${JIRA_EPIC_FIELD_NAME:-customfield_10400}
+# In Jira, your instance will have its own custom field created for "story points"
+# This field allows you to specify that data field for your instance
+# of Jira.  Note:  You can retrieve your instance's storypoints ID field name via the following URI where your
+# queried user story issue has story points set on it; your custom field name describes the
+# story points value you expect to see:
+# https://[your-jira-domain-name]/rest/api/2/issue/[some-issue-name]
+feature.jiraStoryPointsFieldName=${JIRA_STORY_POINTS_FIELD_NAME:-customfield_10002}
+# In Jira, your instance will have its own custom field created for "team"
+# This field allows you to specify that data field for your instance
+# of Jira.  Note:  You can retrieve your instance's team ID field name via the following URI where your
+# queried user story issue has team set on it; your custom field name describes the
+# team value you expect to see:
+# https://[your-jira-domain-name]/rest/api/2/issue/[some-issue-name]
+feature.jiraTeamFieldName=${JIRA_TEAM_FIELD_NAME}
+# Set this to true if you use boards as team
+feature.jiraBoardAsTeam=${JIRA_BOARD_AS_TEAM:-false}
+EOF
+echo "
+===========================================
+Properties file created:  $PROP_FILE
+Note: passwords hidden
+===========================================
+`cat $PROP_FILE |egrep -vi 'password|Credentials'`
+"