Draft ishare client code from dil-demo

Basic-Data-Infrastructure · Aug 14, 2024 · 3461f94 · 3461f94
commit 3461f94
Show file tree

Hide file tree

Showing 11 changed files with 1,182 additions and 0 deletions.
diff --git a/.github/workflows/dependency-vulnerabilities.yml b/.github/workflows/dependency-vulnerabilities.yml
@@ -0,0 +1,55 @@
+# SPDX-FileCopyrightText: 2024 Topsector Logistiek
+# SPDX-FileContributor: Joost Diepenmaat <joost@jomco.nl>
+# SPDX-FileContributor: Remco van 't Veer <remco@jomco.nl>
+#
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
+name: Check dependency vulnerabilities
+
+on:
+  push:
+  schedule:
+    - cron: '0 1 * * 1,2,3,4,5' # every workday
+
+jobs:
+  "NVD-check":
+    runs-on: ubuntu-latest
+
+    steps:
+
+    # NVD data can change every day, so we use a cache key based on today's date
+    - name: Get current date
+      id: date
+      run: echo "date=$(date '+%Y-%m-%d')" >> $GITHUB_OUTPUT
+
+    - uses: actions/checkout@v4
+    - uses: actions/cache@v4
+      with:
+        path: |
+          ./.m2
+          ./bin
+          ./lib
+          
+        # store as today's cache
+        key: "nvd-clojure-${{ steps.date.outputs.date }}"
+        # if today's cache does not yet exist, fetch from whatever iss
+        # the most recent cache for nvd-clojure
+        # and update that
+        restore-keys: "nvd-clojure-"
+
+    - name: Install clj runtime
+      run: .github/workflows/install-binaries.sh
+
+    - name: Install NVD clojure
+      run: bin/clojure -Ttools install nvd-clojure/nvd-clojure '{:mvn/version "RELEASE"}' :as nvd;
+
+    - name: Check that NVD Secret is set
+      env:
+        NVD_API_TOKEN: ${{ secrets.NVD_API_TOKEN }}
+      if: ${{ env.NVD_API_TOKEN == '' }}
+      run: echo "NVD_API_TOKEN secret is empty"; exit 1
+
+    - name: Check clojure dependencies with NVD
+      env:
+        NVD_API_TOKEN: ${{ secrets.NVD_API_TOKEN }}
+      run: bin/clojure -J-Dclojure.main.report=stderr -Tnvd nvd.task/check :config-filename '".nvd-config.edn"' :classpath "\"$(../bin/clojure -Spath)\""
diff --git a/.github/workflows/install-binaries.sh b/.github/workflows/install-binaries.sh
@@ -0,0 +1,16 @@
+#!/usr/bin/env bash
+
+# SPDX-FileCopyrightText: 2024 Topsector Logistiek
+# SPDX-FileContributor: Joost Diepenmaat <joost@jomco.nl>
+# SPDX-FileContributor: Remco van 't Veer <remco@jomco.nl>
+#
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
+set -ex
+
+CLOJURE_VERSION="1.11.1.1273"
+
+if [ ! -x "bin/clojure" ]; then
+    curl -O "https://download.clojure.org/install/linux-install-${CLOJURE_VERSION}.sh"
+    bash "linux-install-${CLOJURE_VERSION}.sh" -p "$(pwd)"
+fi
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -0,0 +1,38 @@
+# SPDX-FileCopyrightText: 2024 Jomco B.V.
+# SPDX-FileCopyrightText: 2024 Topsector Logistiek
+# SPDX-FileContributor: Joost Diepenmaat <joost@jomco.nl
+# SPDX-FileContributor: Remco van 't Veer <remco@jomco.nl>
+#
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
+name: Test
+
+on: push
+
+jobs:
+  check:
+    name: Check
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - uses: actions/cache@v4
+      with:
+        path: "~/.m2"
+        key: "deps-${{ hashFiles('deps.edn') }}"
+
+    - name: Install packages
+      run: |
+        sudo apt-get install -y reuse
+
+    - name: Install clj runtime
+      run: |
+        cd "$HOME"
+        curl -L -O https://github.com/clojure/brew-install/releases/latest/download/linux-install.sh
+        bash linux-install.sh -p "$HOME"
+
+    - name: Run make check
+      run: |
+        PATH="$PATH:$HOME/bin"
+        make check
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,12 @@
+# SPDX-FileCopyrightText: 2024 Jomco B.V.
+# SPDX-FileCopyrightText: 2024 Topsector Logistiek
+# SPDX-FileContributor: Joost Diepenmaat <joost@jomco.nl
+# SPDX-FileContributor: Remco van 't Veer <remco@jomco.nl>
+#
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
+.cpcache
+.nrepl-port
+*.pem
+/ishare-jwt/target/
+/target/
diff --git a/LICENSES/AGPL-3.0-or-later.txt b/LICENSES/AGPL-3.0-or-later.txt
diff --git a/Makefile b/Makefile
@@ -0,0 +1,67 @@
+# SPDX-FileCopyrightText: 2024 Jomco B.V.
+# SPDX-FileCopyrightText: 2024 Topsector Logistiek
+# SPDX-FileContributor: Joost Diepenmaat <joost@jomco.nl
+# SPDX-FileContributor: Remco van 't Veer <remco@jomco.nl>
+#
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
+.PHONY: all lint test check clean test-certs jar
+
+test/pem/ca.cert.pem:
+	mkdir -p test/pem
+	openssl req \
+		-x509 -newkey rsa:4096 -sha256 -days 365 -noenc \
+		-subj "/CN=TEST-CA" \
+		-keyout test/pem/ca.key.pem \
+		-out test/pem/ca.cert.pem
+
+test/pem/aa.cert.pem: test/pem/ca.cert.pem
+	openssl req \
+		-x509 -newkey rsa:4096 -sha256 -days 365 -noenc \
+		-subj "/CN=Satellite/serialNumber=EU.EORI.AA" \
+		-keyout test/pem/aa.key.pem \
+		-out test/pem/aa.cert.pem \
+		-CA test/pem/ca.cert.pem \
+		-CAkey test/pem/ca.key.pem
+
+test/pem/ar.cert.pem: test/pem/ca.cert.pem
+	openssl req \
+		-x509 -newkey rsa:4096 -sha256 -days 365 -noenc \
+		-subj "/CN=Satellite/serialNumber=EU.EORI.AR" \
+		-keyout test/pem/ar.key.pem \
+		-out test/pem/ar.cert.pem \
+		-CA test/pem/ca.cert.pem \
+		-CAkey test/pem/ca.key.pem
+
+test/pem/client.cert.pem: test/pem/ca.cert.pem
+	openssl req \
+		-x509 -newkey rsa:4096 -sha256 -days 365 -noenc \
+		-keyout test/pem/client.key.pem \
+		-out test/pem/client.cert.pem \
+		-subj "/CN=Satellite/serialNumber=EU.EORI.CLIENT" \
+		-CA test/pem/ca.cert.pem \
+		-CAkey test/pem/ca.key.pem
+
+test/pem/client.x5c.pem: test/pem/client.cert.pem test/pem/ca.cert.pem
+	cat $^ >$@
+
+test-certs: test/pem/ca.cert.pem test/pem/aa.cert.pem test/pem/client.cert.pem test/pem/client.x5c.pem test/pem/ar.cert.pem
+
+lint:
+	reuse lint
+	clojure -M:lint
+
+test: test-certs
+	clojure -M:test
+
+clean:
+	rm -rf classes target test/pem
+
+jar: clean
+	clj -T:build jar
+
+
+check: test lint outdated
+
+outdated:
+	clojure -M:outdated
diff --git a/build.clj b/build.clj
@@ -0,0 +1,39 @@
+;;; SPDX-FileCopyrightText: 2024 Jomco B.V.
+;;; SPDX-FileCopyrightText: 2024 Topsector Logistiek
+;;; SPDX-FileContributor: Joost Diepenmaat <joost@jomco.nl
+;;; SPDX-FileContributor: Remco van 't Veer <remco@jomco.nl>
+;;;
+;;; SPDX-License-Identifier: AGPL-3.0-or-later
+
+(ns build
+  (:require [clojure.tools.build.api :as b]))
+
+(def lib 'org.bdinetwork/ishare-client)
+(def version (format "0.1.%s" (b/git-count-revs nil)))
+
+(def jar-file (format "target/%s-%s.jar" (name lib) version))
+(def class-dir "target/classes")
+
+;; delay to defer side effects (artifact downloads)
+(def basis (delay (b/create-basis {:project "deps.edn"})))
+
+(defn clean [_]
+  (b/delete {:path "target"}))
+
+(defn jar [_]
+  (b/write-pom {:class-dir class-dir
+                :lib       lib
+                :version   version
+                :basis     @basis
+                :src-dirs  ["src"]
+                :pom-data  [[:organization
+                             [:name "BDI Network"]
+                             [:url "https://bdinetwork.org"]]
+                            [:licenses
+                             [:license
+                              [:name "AGPL-3.0-or-later"]
+                              [:url "https://www.gnu.org/licenses/agpl-3.0.en.html"]]]]})
+  (b/copy-dir {:src-dirs   ["src" "resources"]
+               :target-dir class-dir})
+  (b/jar {:class-dir class-dir
+          :jar-file  jar-file}))
diff --git a/deps.edn b/deps.edn
@@ -0,0 +1,23 @@
+;;; SPDX-FileCopyrightText: 2024 Jomco B.V.
+;;; SPDX-FileCopyrightText: 2024 Topsector Logistiek
+;;; SPDX-FileContributor: Joost Diepenmaat <joost@jomco.nl
+;;; SPDX-FileContributor: Remco van 't Veer <remco@jomco.nl>
+;;;
+;;; SPDX-License-Identifier: AGPL-3.0-or-later
+
+{:deps  {org.bdinetwork/ishare-jwt {:git/url "https://github.com/Basic-Data-Infrastructure/clj-ishare-jwt.git"
+                                    :git/sha "3b22e4f7a89ef9a8e520283a57db49153a9ba8c7"}
+         org.babashka/http-client  {:mvn/version "0.4.20"}
+         org.babashka/json         {:mvn/version "0.1.6"}}
+ :paths ["src" "test"]
+
+ :aliases
+ {:test     {:extra-deps {lambdaisland/kaocha    {:mvn/version "RELEASE"}
+                          org.clojure/core.async {:mvn/version "1.6.673"}}
+             :main-opts  ["-m" "kaocha.runner"]}
+  :lint     {:extra-deps {clj-kondo/clj-kondo {:mvn/version "RELEASE"}}
+             :main-opts  ["-m" "clj-kondo.main" "--lint" "src" "test"]}
+  :build    {:deps       {io.github.clojure/tools.build {:mvn/version "0.10.5"}}
+             :ns-default build}
+  :outdated {:replace-deps {com.github.liquidz/antq {:mvn/version "RELEASE"}}
+             :main-opts    ["-m" "antq.core"]}}}