public void WriteBdio(BdioContent bdio, TextWriter textWriter)
{
BdioWriter writer = new BdioWriter(textWriter);
writer.WriteBdioNode(bdio.BillOfMaterials);
writer.WriteBdioNode(bdio.Project);
writer.WriteBdioNodes(bdio.Components);
writer.Dispose();
}
public HttpResponseMessage Deploy(BdioContent bdioContent)
{
HubRequest request = new HubRequest(RestConnection);
request.Path = $"api/{ApiLinks.BOM_IMPORTS_LINK}";
HttpResponseMessage response = request.ExecuteJsonLDPost(bdioContent.ToString());
return(response);
}
public void ExecuteTask()
{
if (IsExcluded())
{
Log.LogMessage("Project {0} excluded from task", HubProjectName);
}
else
{
// Creates output directory if it doesn't already exist
Directory.CreateDirectory(OutputDirectory);
// Define output files
string bdioFilePath = $"{OutputDirectory}/{HubProjectName}.jsonld";
string flatListFilePath = $"{OutputDirectory}/{HubProjectName}_flat.txt";
// Execute task functionality
if (CreateFlatDependencyList)
{
string[] externalIds = CreateFlatList().ToArray();
File.WriteAllLines(flatListFilePath, externalIds, Encoding.UTF8);
}
if (CreateHubBdio)
{
BdioContent bdioContent = BuildBOM();
File.WriteAllText(bdioFilePath, bdioContent.ToString());
}
if (DeployHubBdio)
{
string bdio = File.ReadAllText(bdioFilePath);
BdioContent bdioContent = BdioContent.Parse(bdio);
DeployBdioDataService.Deploy(bdioContent);
}
// Only wait for scan if we have to
if (DeployHubBdio && (CheckPolicies || CreateHubBdio || WaitForDeployment))
{
WaitForHub();
}
if (CreateHubReport)
{
ProjectView projectView = ProjectDataService.GetProjectView(HubProjectName);
ProjectVersionView projectVersionView = ProjectDataService.GetMostRecentVersion(projectView);
ReportData reportData = RiskReportDataService.GetReportData(projectView, projectVersionView);
RiskReportDataService.WriteToRiskReport(reportData, OutputDirectory);
}
if (CheckPolicies)
{
PolicyStatus policyStatus = new PolicyStatus(GetPolicies());
LogPolicyViolations(policyStatus);
}
}
}
public BdioContent BuildBOMFromMetadata(List <NuGet.PackageReference> packages, PackageMetadataResource metadataResource)
{
BdioPropertyHelper bdioPropertyHelper = new BdioPropertyHelper();
BdioNodeFactory bdioNodeFactory = new BdioNodeFactory(bdioPropertyHelper);
BdioContent bdio = new BdioContent();
// Create bdio bill of materials node
BdioBillOfMaterials bdioBillOfMaterials = bdioNodeFactory.CreateBillOfMaterials(HubCodeLocationName, HubProjectName, HubVersionName);
// Create bdio project node
string projectBdioId = bdioPropertyHelper.CreateBdioId(HubProjectName, HubVersionName);
BdioExternalIdentifier projectExternalIdentifier = bdioPropertyHelper.CreateNugetExternalIdentifier(HubProjectName, HubVersionName); // Note: Could be different. Look at config file
BdioProject bdioProject = bdioNodeFactory.CreateProject(HubProjectName, HubVersionName, projectBdioId, projectExternalIdentifier);
// Create relationships for every bdio node
List <BdioNode> bdioComponents = new List <BdioNode>();
foreach (NuGet.PackageReference packageRef in packages)
{
// Create component node
string componentName = packageRef.Id;
string componentVersion = packageRef.Version.ToString();
string componentBdioId = bdioPropertyHelper.CreateBdioId(componentName, componentVersion);
BdioExternalIdentifier componentExternalIdentifier = bdioPropertyHelper.CreateNugetExternalIdentifier(componentName, componentVersion);
BdioComponent component = bdioNodeFactory.CreateComponent(componentName, componentVersion, componentBdioId, componentExternalIdentifier);
// Add references
List <PackageDependency> packageDependencies = GetPackageDependencies(packageRef, metadataResource);
foreach (PackageDependency packageDependency in packageDependencies)
{
// Create node from dependency info
string dependencyName = packageDependency.Id;
string dependencyVersion = GetDependencyVersion(packageDependency, packages);
string dependencyBdioId = bdioPropertyHelper.CreateBdioId(dependencyName, dependencyVersion);
BdioExternalIdentifier dependencyExternalIdentifier = bdioPropertyHelper.CreateNugetExternalIdentifier(dependencyName, dependencyVersion);
BdioComponent dependency = bdioNodeFactory.CreateComponent(dependencyName, dependencyVersion, dependencyBdioId, dependencyExternalIdentifier);
// Add relationship
bdioPropertyHelper.AddRelationship(component, dependency);
}
bdioComponents.Add(component);
}
bdio.BillOfMaterials = bdioBillOfMaterials;
bdio.Project = bdioProject;
bdio.Components = bdioComponents;
return(bdio);
}
public BdioContent BuildBOM()
{
// Load the packages.config file into a list of Packages
NuGet.PackageReferenceFile configFile = new NuGet.PackageReferenceFile(PackagesConfigPath);
// Setup NuGet API
// Snippets taken from https://daveaglick.com/posts/exploring-the-nuget-v3-libraries-part-2 with modifications
List <Lazy <INuGetResourceProvider> > providers = new List <Lazy <INuGetResourceProvider> >();
providers.AddRange(Repository.Provider.GetCoreV3()); // Add v3 API support
providers.AddRange(Repository.Provider.GetCoreV2()); // Add v2 API support
List <PackageMetadataResource> metadataResourceList = CreateMetaDataResourceList(providers);
// Create BDIO
BdioContent bdioContent = BuildBOMFromMetadata(new List <NuGet.PackageReference>(configFile.GetPackageReferences()), metadataResourceList);
return(bdioContent);
}
public BdioContent BuildBOM()
{
// Load the packages.config file into a list of Packages
NuGet.PackageReferenceFile configFile = new NuGet.PackageReferenceFile(PackagesConfigPath);
// Setup NuGet API
// Snippets taken from https://daveaglick.com/posts/exploring-the-nuget-v3-libraries-part-2 with modifications
List <Lazy <INuGetResourceProvider> > providers = new List <Lazy <INuGetResourceProvider> >();
providers.AddRange(Repository.Provider.GetCoreV3()); // Add v3 API support
providers.AddRange(Repository.Provider.GetCoreV2()); // Add v2 API support
// we may need more code here around handling package sources.
PackageSource packageSource = new PackageSource(PackagesRepoUrl);
SourceRepository sourceRepository = new SourceRepository(packageSource, providers);
PackageMetadataResource packageMetadataResource = sourceRepository.GetResource <PackageMetadataResource>();
// Create BDIO
BdioContent bdioContent = BuildBOMFromMetadata(new List <NuGet.PackageReference>(configFile.GetPackageReferences()), packageMetadataResource);
return(bdioContent);
}
private void GenerateMergedFile(List <BdioNode> components)
{
BdioPropertyHelper bdioPropertyHelper = new BdioPropertyHelper();
BdioNodeFactory bdioNodeFactory = new BdioNodeFactory(bdioPropertyHelper);
BdioContent bdio = new BdioContent();
// solutions do not have project names or versions by default
string projectName = HubProjectName;
string versionName = HubVersionName;
if (String.IsNullOrWhiteSpace(projectName))
{
projectName = Path.GetFileNameWithoutExtension(SolutionPath);
}
if (String.IsNullOrWhiteSpace(versionName))
{
versionName = DateTime.UtcNow.ToString(ProjectGenerator.DEFAULT_DATETIME_FORMAT);
}
// Create bdio bill of materials node
BdioBillOfMaterials bdioBillOfMaterials = bdioNodeFactory.CreateBillOfMaterials(HubCodeLocationName, projectName, versionName);
// Create bdio project node
string projectBdioId = bdioPropertyHelper.CreateBdioId(projectName, versionName);
BdioExternalIdentifier projectExternalIdentifier = bdioPropertyHelper.CreateNugetExternalIdentifier(projectName, versionName); // Note: Could be different. Look at config file
BdioProject bdioProject = bdioNodeFactory.CreateProject(projectName, versionName, projectBdioId, projectExternalIdentifier);
bdio.BillOfMaterials = bdioBillOfMaterials;
bdio.Project = bdioProject;
bdio.Components = components;
string bdioFilePath = Path.Combine(OutputDirectory, $"{projectName}.jsonld");
File.WriteAllText(bdioFilePath, bdio.ToString());
}
public override bool Execute()
{
bool result = true;
string originalOutputDirectory = OutputDirectory;
string originalHubProjectName = HubProjectName;
string originalHubVersionName = HubVersionName;
List <string> alreadyMergedComponents = new List <string>();
List <BdioNode> mergedComponentList = new List <BdioNode>();
try
{
// TODO: clean up this code to generate the BDIO first then perform the deploy and checks for each project
// Also aggregate the results of the check policies.
Dictionary <string, string> projectData = ParseSolutionFile(SolutionPath);
Console.WriteLine("Parsed Solution File");
if (projectData.Count > 0)
{
string solutionDirectory = Path.GetDirectoryName(SolutionPath);
Console.WriteLine("Solution directory: {0}", solutionDirectory);
foreach (string key in projectData.Keys)
{
if (String.IsNullOrWhiteSpace(originalOutputDirectory))
{
OutputDirectory = $"{Directory.GetCurrentDirectory()}{Path.DirectorySeparatorChar}{key}";
}
else
{
OutputDirectory = $"{originalOutputDirectory}{Path.DirectorySeparatorChar}{key}";
}
string projectRelativePath = projectData[key];
List <string> projectPathSegments = new List <string>();
projectPathSegments.Add(solutionDirectory);
projectPathSegments.Add(projectRelativePath);
ProjectPath = CreatePath(projectPathSegments);
if (String.IsNullOrWhiteSpace(originalHubProjectName))
{
HubProjectName = key;
}
if (String.IsNullOrWhiteSpace(originalHubVersionName))
{
HubVersionName = originalHubVersionName;
}
bool projectResult = base.Execute();
PackagesConfigPath = ""; // reset to use the project packages file.
result = result && projectResult;
if (projectResult && GenerateMergedBdio)
{
string bdioFilePath = $"{OutputDirectory}{Path.DirectorySeparatorChar}{HubProjectName}.jsonld";
string bdio = File.ReadAllText(bdioFilePath);
BdioContent bdioContent = BdioContent.Parse(bdio);
foreach (BdioComponent component in bdioContent.Components)
{
if (!alreadyMergedComponents.Contains(component.BdioExternalIdentifier.ExternalId))
{
mergedComponentList.Add(component);
alreadyMergedComponents.Add(component.BdioExternalIdentifier.ExternalId);
}
}
}
}
}
else
{
Console.WriteLine("No project data found for solution {0}", SolutionPath);
}
}
catch (Exception ex)
{
if (HubIgnoreFailure)
{
result = true;
Console.WriteLine("Error executing Build BOM task. Cause: {0}", ex);
}
else
{
throw ex;
}
}
finally
{
OutputDirectory = originalOutputDirectory; // reset the settings to original, for use by merge operations
HubProjectName = originalHubProjectName;
HubVersionName = originalHubVersionName;
}
//Generate after so the "output directory" is the one for the solution, not just the last project processed
if (GenerateMergedBdio)
{
GenerateMergedFile(mergedComponentList);
}
return(result);
}
