Skip to content

Latest commit

 

History

History
67 lines (59 loc) · 1.72 KB

README.md

File metadata and controls

67 lines (59 loc) · 1.72 KB
Raw

Dependencytrack plugin

Thanks for using our plugin created for retrieving OWASP's Dependencytrack information in Backstage. This plugin is still in development.

Installation

Run this command from the app package directory:

yarn add @trimm/plugin-dependencytrack

Configuration

Configuring the service

Add config in app-config.yaml. Integration:

dependencytrack:
  baseUrl: ${DEPENDENCYTRACK_BASE_URL}

Proxy:

proxy:
  endpoints:
    '/dependencytrack':
      target: ${DEPENDENCYTRACK_BASE_URL}
      allowedMethods: [ 'GET' ]
      headers:
        X-Api-Key: ${DEPENDENCYTRACK_API_KEY}

Don't forget to replace the variables with the values for your specific environment.

Add cards to overview tab

// packages\app\src\components\catalog\EntityPage.tsx
import { EntityDependencytrackSummaryCard, EntityDependencytrackFindingCard, isDependencytrackAvailable } from '@trimm/plugin-dependencytrack';

// In the overviewContent. You can add one or both.

// Metrics card
<EntitySwitch>
    <EntitySwitch.Case if={isDependencytrackAvailable}>
    <Grid item md={6}>
        <EntityDependencytrackSummaryCard/>
    </Grid>
    </EntitySwitch.Case>
</EntitySwitch>

// Findings card
<EntitySwitch>
    <EntitySwitch.Case if={isDependencytrackAvailable}>
    <Grid item md={12}>
        <EntityDependencytrackFindingCard/>
    </Grid>
    </EntitySwitch.Case>
</EntitySwitch>

Add to catalog-info.yaml

Add dependencytrack/project-id to your catalog-info.yaml:

# Example catalog-info.yaml entity definition file
apiVersion: backstage.io/v1alpha1
kind: Component
metadata:
  # ...
  annotations:
    dependencytrack/project-id: <project-id> # e63d5397-5e9e-494a-4755-368c2b1dc446