Open wake-0 opened 6 years ago
I want to run SW360 together with Fossology and CVE search is this possible with the existing docker image? Where should the Fossology configuration be done?
--cve-search
to the perl wrapper, e.g. always call ./sw360chores.pl --cve-search ....
. This will create the servers and add the necessary configuration.FOSSOLOGY_KEY_PRIV
and FOSSOLOGY_KEY_PUB
in configuration.yml. The commented out values currently contain the public unsafe keypair from fossology. You also have to set
FOSSOLOGY_HOSTand
FOSSOLOGY_PORTas well. On docker startup we use the values from
configuration.ymlto generate the
fossology.properties`. After startup one has to follow the instructions of the wiki for FOSSology connection.Furthermore, my SW360 portal tabs (Components, Licences, ECC, etc.) are empty - should they all be empty as long as no connection with Fossology is established?
Yes, you start with an empty DB. But even with a fossology connection you will not get data. We use that connection only to send artifacts from SW360 to FOSSology to initiate a scan. We do not fetch data from FOSSology.
But since we have a REST interface, one could use that to write data from other services to SW360
- Fossology running in an own docker container
I think that the docker containers of FOSSology by default have no SSH installed and thus can not be connected to SW360
Thanks for the quick response! For the ssh connection with the FOSSology container i use docker-ssh.
I have watched the talk from Mr. Kristan on youtube. The SW360 demo within the talk contains a lot of functionality like adding a new project to SW360, managing licences, etc., is this part of this docker image or is this added by the REST interface?
I cloned this repository and called the perl script with the following parameters ./sw360chores.pl --build -- up
. Afterwards I followed the Deploy Liferay wiki entry and added frontend/configuration/public_pages.lar
and frontend/configuration/private_pages.lar
. The result of this procedure is the following:
[...] is this part of this docker image or is this added by the REST interface?
sure, this is part of the SW360 application, REST is only an addition if one wants to import lots of data from another system.
I cloned this repository and called the perl script with [...]
It looks like that you have not yet deployed SW360 itself. Between the ... -- up
command and the next steps you should place the compiled wars of SW360 in the _deploy
folder. They will be fetched and extracted by the Tomcat.
To get the wars, compile [1]. You can compile and move the war files by maven itself via the following commands:
$ cd sw360
$ mvn install -P deploy -Ddeploy.dir=/ABSOLUTE/PATH/TO/sw360chores/_deploy -DskipTests
I have created https://github.com/sw360/sw360chores/pull/50 which will hopefully clearify that part.
Thanks for creating the new commit, this will improve the documentation a lot.
Actually I have deployed the SW360 war files and the Liferay infrastructure has changed the design. Furthermore, some functionality was added.
I tried to import users of the /sw360chores/miscellaneous/test_users_with_passwords_12345.csv
but I have not found the explained task 11. If this was successful we can go to: Private Pages -> users
of the wiki.
You need to import the lar files again (e.g. they have to be imported after the war's are deployed). You might have to start from scratch.
The lar files were imported before the .war
files were deployed and afterwards I reimported the .lar
files. Do you mean I should create a complete new docker container, because I imported the lar
files before the war
files once?
Yes, it might help
I created a completely new docker container and did the whole Liferay-Deploy wiki. In the end I found the import users button inside the public pages
. Now I will try to connect to a FOSSology docker container.
[...] inside the
public pages
. [...]
you might have imported the private pages as public pages?
yeah you were right, I imported the private pages into the public pages ...
I tried running SW360 and FOSSology together but an exception appears.
General Structure:
I use the FOSSology docker container and the docker container from jeroenpeeters to enable ssh access to the docker container. For test purpose I used the following command and it worked: ssh -p 2222 sw360@localhost -i id_rsa
. Unfortunately it does not work, when I use the same configuration with sw360. Furthermore, I set the JSch.setConfig("StrictHostKeyChecking", "no");
in the JSchSessionProvider.java
class and build the war files afterwards.
The appeared exception message is not very detailed, do you have any hints?
Exception:
2018-04-30 18:22:34 ERROR JSchSessionProvider:118 - cannot connect to fossology server: sw360@[localhost]:[2222] com.jcraft.jsch.JSchException: java.net.ConnectException: Connection refused (Connection refused) at com.jcraft.jsch.Session.connect(Session.java:215) at org.eclipse.sw360.fossology.ssh.JSchSessionProvider.doGetSession(JSchSessionProvider.java:114) at org.eclipse.sw360.fossology.ssh.JSchSessionProvider.getSession(JSchSessionProvider.java:92) at org.eclipse.sw360.fossology.ssh.FossologySshConnector.runInFossologyViaSsh(FossologySshConnector.java:80) at org.eclipse.sw360.fossology.ssh.FossologyUploader.copyToFossology(FossologyUploader.java:156) at org.eclipse.sw360.fossology.handler.FossologyScriptsHandler.deployScripts(FossologyScriptsHandler.java:59)
I think that the hostname localhost
is wrong. From the viewpoint of the sw360 container the ssh is on another server. Maybe add the hostname of the ssh container there.
Hello all,
I want to run SW360 together with Fossology and CVE search is this possible with the existing docker image? Where should the Fossology configuration be done? - I assume in the configuration.yml but in the wiki entry the /backend/src/src-fossology/src/main/resources/fossology.properties file is referenced. Furthermore, my SW360 portal tabs (Components, Licences, ECC, etc.) are empty - should they all be empty as long as no connection with Fossology is established?
What I have already done:
Thanks in advance!