Skip to content

feat: add dependency resolution for Python #748

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 8 commits into from
Jun 18, 2024
Merged

feat: add dependency resolution for Python #748

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
2f4e726
feat: add dependency resolution for Python
behnazh-w May 17, 2024
59af6dc
chore: address review comments
behnazh-w Jun 12, 2024
d6f7e49
test: fix target component in deps integration tests
behnazh-w Jun 12, 2024
797a213
test: remove the unnecessary multibuild_test.json file
behnazh-w Jun 14, 2024
f2c34d4
chore(deps): add the extra validation dep for cyclonedx-python-lib
behnazh-w Jun 14, 2024
6393f32
test: fix tutorial examples and add them as tests
behnazh-w Jun 14, 2024
a468221
test: fix the datalog policies and clarify cyclonedx deserialization …
behnazh-w Jun 14, 2024
a300d7d
chore: add a check for remove_sboms function and fix tests and docs
behnazh-w Jun 18, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 7 additions & 1 deletion .github/workflows/_build_docker.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Copyright (c) 2023 - 2023, Oracle and/or its affiliates. All rights reserved.
# Copyright (c) 2023 - 2024, Oracle and/or its affiliates. All rights reserved.
# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/.

# This is a reuseable workflow to build and test the Docker image. Note that this workflow does not
Expand Down Expand Up @@ -31,6 +31,12 @@ jobs:
with:
fetch-depth: 0

# The Docker integration tests require Python 3.11.
- name: Set up Python
uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
with:
python-version: '3.11'

- name: Download artifact
uses: actions/download-artifact@7a1cd3216ca9260cd8022db641d960b1db4d1be4 # v4.0.0
with:
Expand Down
28 changes: 27 additions & 1 deletion docker/user.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#!/bin/bash

# Copyright (c) 2022 - 2023, Oracle and/or its affiliates. All rights reserved.
# Copyright (c) 2022 - 2024, Oracle and/or its affiliates. All rights reserved.
# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/.

# We update the GID and UID of the existing macaron user in the container
Expand Down Expand Up @@ -52,6 +52,32 @@ then
mkdir --parents "$HOME"/output
fi

# Prepare the python virtual environment for the target software component if provided as input.
# We copy the mounted directory if it exists to `analyze_python_venv_editable` to fix the symbolic
# links to the Python interpreter in the container without affecting the files on host.
# That's because cylonedx-py needs to access Python in the virtual environment where it generates
# the SBOM from and the original files will be symbolic links to Python on the host system that
# are not reachable from the container.
if [[ -d "$HOME/analyze_python_venv_readonly" ]];
then
cp -r "$HOME/analyze_python_venv_readonly" "$HOME/analyze_python_venv_editable"
fi

if [[ -d "$HOME/analyze_python_venv_editable/bin" ]];
then
python_binaries=(
"python"
"python3"
"python3.11"
)
for p in "${python_binaries[@]}"; do
if [[ -f "$HOME/.venv/bin/${p}" ]];
then
ln -sf "$HOME/.venv/bin/${p}" "$HOME/analyze_python_venv_editable/bin/${p}"
fi
done
fi

# The directory that could be mounted to the host machine file systems should
# have the owner as the current user in the host machine.
chown --recursive macaron:macaron "$HOME"/.m2
Expand Down
Loading