dependencytrack

package

v0.134.0 Latest Latest Go to latest Published: Nov 29, 2024 License: Apache-2.0 Imports: 11 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/chainloop-dev/chainloop

Links

Open Source Insights

README ¶

Dependency-Track fan-out Plugin

This plugin implements sending cycloneDX Software Bill of Materials (SBOM) to Dependency-Track.

See https://docs.chainloop.dev/guides/dependency-track/

Registration Input Schema

Field	Type	Required	Description
allowAutoCreate	boolean	no	Support of creating projects on demand
apiKey	string	yes	The API key to use for authentication
instanceURI	string (uri)	yes	The URL of the Dependency-Track instance

{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "https://github.com/chainloop-dev/chainloop/app/controlplane/plugins/core/dependency-track/v1/registration-request",
  "properties": {
    "instanceURI": {
      "type": "string",
      "format": "uri",
      "description": "The URL of the Dependency-Track instance"
    },
    "apiKey": {
      "type": "string",
      "description": "The API key to use for authentication"
    },
    "allowAutoCreate": {
      "type": "boolean",
      "description": "Support of creating projects on demand"
    }
  },
  "additionalProperties": false,
  "type": "object",
  "required": [
    "instanceURI",
    "apiKey"
  ]
}

Attachment Input Schema

Field	Type	Required	Description
parentID	string	no	ID of parent project to create a new project under
projectID	string	no	The ID of the existing project to send the SBOMs to
projectName	string	no	The name of the project to create and send the SBOMs to

{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "https://github.com/chainloop-dev/chainloop/app/controlplane/plugins/core/dependency-track/v1/attachment-request",
  "oneOf": [
    {
      "required": [
        "projectID"
      ],
      "title": "projectID"
    },
    {
      "required": [
        "projectName"
      ],
      "title": "projectName"
    }
  ],
  "properties": {
    "projectID": {
      "type": "string",
      "minLength": 1,
      "description": "The ID of the existing project to send the SBOMs to"
    },
    "projectName": {
      "type": "string",
      "minLength": 1,
      "description": "The name of the project to create and send the SBOMs to"
    },
    "parentID": {
      "type": "string",
      "minLength": 1,
      "description": "ID of parent project to create a new project under"
    }
  },
  "additionalProperties": false,
  "type": "object",
  "dependentRequired": {
    "parentID": [
      "projectName"
    ]
  }
}

Documentation ¶

Index ¶

func New(l log.Logger) (sdk.FanOut, error)
type DependencyTrack

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func New ¶

func New(l log.Logger) (sdk.FanOut, error)

Types ¶

type DependencyTrack ¶

type DependencyTrack struct {
	*sdk.FanOutIntegration
}

func (*DependencyTrack) Attach ¶

func (i *DependencyTrack) Attach(ctx context.Context, req *sdk.AttachmentRequest) (*sdk.AttachmentResponse, error)

Validate and return what configuration attachment to persist

func (*DependencyTrack) Execute ¶

func (i *DependencyTrack) Execute(ctx context.Context, req *sdk.ExecutionRequest) error

Send the SBOMs to the configured Dependency Track instance

func (*DependencyTrack) Register ¶

func (i *DependencyTrack) Register(ctx context.Context, req *sdk.RegistrationRequest) (*sdk.RegistrationResponse, error)

Source Files ¶

View all Source files

extension.go

Directories ¶

Path	Synopsis
client
cmd

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL