-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #54 from cabinetoffice/feature/ntrnl-84-add-kotlin…
…-doc Feature/ntrnl 84 add kotlin doc
- Loading branch information
Showing
1 changed file
with
85 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,85 @@ | ||
| # Kotlin | ||
|
|
||
| The Kotlin language dependency checks logic consists of two separate files, similar to other languages: a bash script and a Dockerfile. | ||
|
|
||
| The **bash script** performs dependency checking by fetching project details (such as folder path and file name) from the dependency state file. It then reports the check results to the reports folder. The tool used in this context is the OWASP Dependency Check Tool which scans the dependencies of the project and identifies known vulnerabilities. | ||
|
|
||
| ### Bash Script | ||
|
|
||
| 1. It sources the utility functions from `./utils/script.sh`: | ||
|
|
||
| - `source ./utils/script.sh` | ||
|
|
||
| 2. It sets up some variables for language name, file names and folder name: | ||
|
|
||
| - `LANG_NAME` is set to `kotlin`. | ||
| - `GRADLEW_FILE_NAME` is set to `gradlew`. | ||
| - `REPORTS_FOLDER_NAME` is set to `"${REPORTS_FOLDER}/${LANG_NAME}"`. | ||
|
|
||
| 3. It creates the necessary folder to store the reports: | ||
|
|
||
| - The `mkdir -p` command ensures that the folders are created if they don't already exist. | ||
| - `$REPORTS_FOLDER_NAME` variable is used to specify the folder path. | ||
|
|
||
| 4. It retrieves the kotlin dependencies from a JSON file named "state.json" using the `set_state_object ()` utility function: | ||
|
|
||
| - `dependencies=$(set_state_object "${LANG_NAME}")` | ||
|
|
||
| 5. It loops over each dependency retrieved from the previous step: | ||
|
|
||
| - The `for dependency in $dependencies` loop iterates over each item in the `$dependencies` variable. | ||
|
|
||
| 6. Inside the loop, it extracts the "file1", "file_name" and "repo_file_path" properties the dependency object using `fetch_arguments ()` utility function: | ||
|
|
||
| - `fetch_arguments "STATE" "${dependency}"` | ||
|
|
||
| 7. It creates a report file name using the `set_file_name ()` utility function: | ||
|
|
||
| - `report_file_name=$(set_file_name "${REPORTS_FOLDER_NAME}" "${LANG_NAME}")` | ||
|
|
||
| 8. The `if [[ "${file1##*/}" == "${GRADLEW_FILE_NAME}" ]]` expression executes and performs the following: | ||
| - `${file1##*/}` extracts the filename from the full path stored in the variable `$file1`, then checks if this filename is the equal to the `"gradlew"` value stored in `$GRADLEW_FILE_NAME` variable. | ||
|
|
||
| 9. It changes the current directory to the repository file path where the project is: | ||
|
|
||
| - The `cd "${WORKDIR}/${repo_file_path}" || continue` command changes the directory to the specified repository file path. | ||
|
|
||
| 10. It creates a clean build of the kotlin project: | ||
| - `./gradlew clean build` | ||
|
|
||
| 11. It runs the OWASP Dependency Check Tool and saves the report: | ||
| - `./gradlew dependencyCheckAnalyze > "${report_file_name}"` scans for vulnerabilities and outputs a report to `${report_file_name}` | ||
|
|
||
| 12. It removes the gradle build: | ||
| - `rm -rf .gradle` | ||
|
|
||
| 13. It prints a message indicating the location where the report file is saved. | ||
|
|
||
| ### Dockerfile | ||
|
|
||
| **Dockerfile** is used to build a Docker image for a Kotlin application. Here is a breakdown of what the code does: | ||
|
|
||
| 1. It sets the base image to `openjdk:11`: | ||
| - `FROM openjdk:11` - The image is based on OpenJDK which is an open-source implementation of the Java platform. | ||
|
|
||
| 2. It updates the package repository and installs `jq` using the `apt` package manager. | ||
| - `apt-get update` updates the package repository. | ||
| - `apt-get install -y jq git curl unzip` installs `jq`. | ||
|
|
||
| 3. It downloads and installs the AWS Command Line Interface. | ||
| - `RUN curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" \&& unzip awscliv2.zip \ && ./aws/install \ && rm awscliv2.zip` downloads and installs the AWS CLI for linux. | ||
|
|
||
| 4. It sets the working directory to "/idc". | ||
| - `WORKDIR /idc` sets the working directory for subsequent instructions. | ||
|
|
||
| 5. It copies the contents of the current directory to the Docker image. | ||
| - `COPY . /idc` copies the script file from the current directory to "/idc" in the image. | ||
|
|
||
| 6. It specifies the command to run when the container starts. | ||
| - `CMD ["./dep-checker.sh"]` executes the shell script "./dep-checker.sh" within the container. | ||
|
|
||
| The resulting Docker image will have the necessary dependencies installed and will execute the "dep-checker.sh" script when a container is started from the image. | ||
|
|
||
| ## Assumptions | ||
|
|
||
| - Version of openjdk is `11` |