chore: test example

Author: ctron

.dockerignore

@@ -0,0 +1,7 @@
+.idea
+.DS_Store
+/data
+.trustify
+/target
+/.dockerignore
+/Containerfile

Cargo.lock

@@ -76,6 +76,7 @@ http = "1"
 human-date-parser = "0.3"
 humantime = "2"
 humantime-serde = "1"
+indicatif = "0.18.0"
 itertools = "0.14"
 jsn = "0.14"
 json-merge-patch = "0.0.1"

Cargo.toml

@@ -0,0 +1,20 @@
+FROM registry.access.redhat.com/ubi9/ubi:latest AS builder
+
+RUN dnf install --setop install_weak_deps=false --nodocs -y git python gcc g++ cmake rust cargo ninja-build openssl-devel xz
+
+RUN curl https://sh.rustup.rs -sSf | bash -s -- -y
+ENV PATH="/root/.cargo/bin:${PATH}"
+
+RUN mkdir /build
+
+COPY . /build
+
+WORKDIR /build
+
+RUN ls
+
+RUN cargo build --release
+
+FROM registry.access.redhat.com/ubi9/ubi-minimal:latest
+
+COPY --from=builder /build/target/release/trustd /usr/local/bin/

Containerfile

@@ -17,6 +17,7 @@ deepsize = { workspace = true }
 hex = { workspace = true }
 hide = { workspace = true }
 human-date-parser = { workspace = true }
+humantime = { workspace = true }
 itertools = { workspace = true }
 lenient_semver = { workspace = true }
 log = { workspace = true }
@@ -32,6 +33,7 @@ sea-orm = { workspace = true, features = ["sea-query-binder", "sqlx-postgres", "
 sea-orm-migration = { workspace = true }
 sea-query = { workspace = true }
 serde = { workspace = true, features = ["derive"] }
+serde-cyclonedx = { workspace = true }
 serde_json = { workspace = true }
 spdx-expression = { workspace = true }
 spdx-rs = { workspace = true }
@@ -45,7 +47,6 @@ urlencoding = { workspace = true }
 utoipa = { workspace = true, features = ["url"] }
 uuid = { workspace = true, features = ["v5", "serde"] }
 walker-common = { workspace = true, features = ["bzip2", "liblzma", "flate2"] }
-humantime = { workspace = true }
 
 [dev-dependencies]
 chrono = { workspace = true }

common/Cargo.toml

@@ -0,0 +1,27 @@
+use serde_cyclonedx::cyclonedx::v_1_6::CycloneDx;
+use std::collections::HashMap;
+
+/// extract CycloneDX SBOM general purpose properties
+pub fn extract_properties(sbom: &CycloneDx) -> HashMap<String, Option<String>> {
+    sbom.properties
+        .iter()
+        .flatten()
+        .map(|e| (e.name.clone(), e.value.clone()))
+        .collect()
+}
+
+/// extract CycloneDX SBOM general purpose properties, convert into [`serde_json::Value`]
+pub fn extract_properties_json(sbom: &CycloneDx) -> serde_json::Value {
+    serde_json::Value::Object(
+        extract_properties(sbom)
+            .into_iter()
+            .map(|(k, v)| {
+                (
+                    k,
+                    v.map(serde_json::Value::String)
+                        .unwrap_or(serde_json::Value::Null),
+                )
+            })
+            .collect(),
+    )
+}

common/src/advisory/cyclonedx.rs

@@ -1,3 +1,5 @@
+pub mod cyclonedx;
+
 use serde::{Deserialize, Serialize};
 use std::collections::HashMap;
 use utoipa::ToSchema;

common/src/advisory/mod.rs

@@ -0,0 +1,79 @@
+kind: Job
+apiVersion: batch/v1
+metadata:
+  name: data-migration-test
+spec:
+  completions: 4
+  completionMode: Indexed
+  parallelism: 4 # same as completions
+  template:
+    spec:
+      restartPolicy: OnFailure
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+              - matchExpressions:
+                - key: "kubernetes.io/arch"
+                  operator: In
+                  values: ["amd64"]
+      containers:
+        - name: run
+          image: quay.io/ctrontesting/trustd:latest
+          imagePullPolicy: Always
+          command:
+            - /usr/local/bin/trustd
+            - db
+            - data
+            - m0002000_example_data_migration # name of the migration
+          env:
+            - name: MIGRATION_DATA_CONCURRENT
+              value: "5" # in-process parallelism
+            - name: MIGRATION_DATA_TOTAL_RUNNER
+              value: "4" # same as completions
+            - name: MIGRATION_DATA_CURRENT_RUNNER
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.annotations['batch.kubernetes.io/job-completion-index']
+
+            - name: TRUSTD_STORAGE_STRATEGY
+              value: s3
+            - name: TRUSTD_S3_ACCESS_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: storage-credentials
+                  key: aws_access_key_id
+            - name: TRUSTD_S3_SECRET_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: storage-credentials
+                  key: aws_secret_access_key
+            - name: TRUSTD_S3_REGION
+              valueFrom:
+                configMapKeyRef:
+                  name: aws-storage
+                  key: region
+            - name: TRUSTD_S3_BUCKET
+              value: trustify-default
+
+            - name: TRUSTD_DB_URL
+              value: postgresql://postgres:yhEA9G7kzw1lrsxlSezCQlPqN3JYRH1W@jreimann-test.cf4uparthbgf.eu-west-1.rds.amazonaws.com:5432/trustify_default?sslmode=require
+
+            - name: RUST_LOG
+              value: info
+---
+kind: Secret
+apiVersion: v1
+metadata:
+  name: storage-credentials
+data:
+  aws_access_key_id: QUtJQVcyVFAzUU1PSllCWFhPQ0c=
+  aws_secret_access_key: WXQvZDhBNktLVHhETGYzamV4K3kzVC91bEZmYjdPTUhnRTJSZlpCeQ==
+type: Opaque
+---
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: aws-storage
+data:
+  region: "eu-west-1"

data-migration.yaml

@@ -26,6 +26,9 @@ pub struct Model {
         graphql(derived(owned, into = "HashMap<String,String>", with = "Labels::from"))
     )]
     pub labels: Labels,
+
+    /// properties from the SBOM document
+    pub properties: serde_json::Value,
 }
 
 #[derive(Copy, Clone, Debug, EnumIter, DeriveRelation)]

entity/src/sbom.rs

@@ -19,6 +19,7 @@ bytes = { workspace = true }
 clap = { workspace = true, features = ["derive", "env"] }
 futures = { workspace = true }
 futures-util = { workspace = true }
+indicatif = { workspace = true, features = ["tokio", "futures"] }
 sea-orm = { workspace = true }
 sea-orm-migration = { workspace = true, features = ["runtime-tokio-rustls", "sqlx-postgres", "with-uuid"] }
 serde-cyclonedx = { workspace = true }
@@ -28,6 +29,7 @@ tokio = { workspace = true, features = ["full"] }
 tracing = { workspace = true }
 tracing-subscriber = { workspace = true }
 uuid = { workspace = true, features = ["v5"] }
+humantime = { workspace = true }
 
 [dev-dependencies]
 trustify-common = { workspace = true }