Continuous Clearing Tool Version 7.0.0 release

.github/workflows/compile.yml

@@ -66,13 +66,13 @@ jobs:
       run: |
        dotnet build src\LicenseClearingTool.sln
         Write-Host "Files in directory:"
-        dir  $env:GITHUB_WORKSPACE\out\net6.0
+        dir  $env:GITHUB_WORKSPACE\out\net8.0
 
     - name: Upload artifact
       uses: actions/upload-artifact@v2
       with:
          name: buildoutput
-         path: ${{ github.workspace }}/out/net6.0
+         path: ${{ github.workspace }}/out/net8.0
 
     - name: Archive Build Log
       uses: actions/upload-artifact@v2
@@ -96,7 +96,7 @@ jobs:
         $sourceFolder = Join-Path $env:GITHUB_WORKSPACE "out" | Join-Path -ChildPath "*"
         $outFolder = Join-Path $env:GITHUB_WORKSPACE "out" | Join-Path -ChildPath "continuous-clearing" 
         New-Item -ItemType Directory -Force -Path $outFolder
-        $fileName = "continuous-clearing-v6.2.1.zip"
+        $fileName = "continuous-clearing-v7.0.0.zip"
         Write-Host "Filename: '$fileName'"
         Write-Host "sourceFolder: '$sourceFolder'"
         Write-Host "Outfolder: '$outFolder'"
@@ -129,8 +129,8 @@ jobs:
     - name: Create Nuget Packages 
       id: createNupkg
       run: |
-        nuget pack CA.nuspec -Version 6.2.1
-        Write-Host "::set-output name=nupkg-LicenseClearingTool::continuous-clearing.6.2.1.nupkg"
+        nuget pack CA.nuspec -Version 7.0.0
+        Write-Host "::set-output name=nupkg-LicenseClearingTool::continuous-clearing.7.0.0.nupkg"
 
     - name: Archive NuGet Packages
       uses: actions/upload-artifact@v2
@@ -164,9 +164,9 @@ jobs:
       #if: ${{ false }}  # disable for now
       run: |
         echo "Files in directory:"
-        docker build . --file Dockerfile --tag ${{ github.repository }}:continuous-clearing-v6.2.1
-        docker save ${{ github.repository }}:continuous-clearing-v6.2.1 -o continuous-clearing-v6.2.1.tar
-        echo "::set-output name=docker-LicenseClearingTool::continuous-clearing-v6.2.1.tar"
+        docker build . --file Dockerfile --tag ${{ github.repository }}:continuous-clearing-v7.0.0
+        docker save ${{ github.repository }}:continuous-clearing-v7.0.0 -o continuous-clearing-v7.0.0.tar
+        echo "::set-output name=docker-LicenseClearingTool::continuous-clearing-v7.0.0.tar"
 
     - name: Archive docker image      
       #if: ${{ false }}  # disable for now
@@ -214,8 +214,8 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 
         with:
-          tag_name: v6.2.1
-          release_name: Release v6.2.1
+          tag_name: v7.0.0
+          release_name: Release v7.0.0
           body: |
             ${{ github.event.head_commit.message }}
           draft: true

.gitignore

@@ -334,4 +334,4 @@ ASALocalRun/
 /Build/runtime/nuget.exe
 /Build/runtime/tempNuGet.config
 /src/out/netcoreapp3.1
-/src/.sonarlint
+/src/.sonarlint

CONTRIBUTING.md

@@ -18,7 +18,7 @@ We welcome contributions in several forms, e.g.
       Clone the repository from <CA_Project_RepoLink>
 
 2. Software dependencies -
-     Visual Studio 2022, .NET Core 6
+     Visual Studio 2022, .NET 8
 
 ## Pull Request Process
 

DemoProject/DemoProject__azure-pipelines-support-npm&nuget.yml

@@ -2,7 +2,7 @@
 # Build and test ASP.NET Core projects targeting the full .NET Framework.
 # Add steps that publish symbols, save build artifacts, and more:
 # https://docs.microsoft.com/azure/devops/pipelines/languages/dotnet-core
-# SPDX-FileCopyrightText: 2023 Siemens AG
+# SPDX-FileCopyrightText: 2024 Siemens AG
 # SPDX-License-Identifier: MIT
 
 resources:

DemoProject/DemoProject__azure-pipelines.yml

@@ -2,7 +2,7 @@
 # Build and test ASP.NET Core projects targeting the full .NET Framework.
 # Add steps that publish symbols, save build artifacts, and more:
 # https://docs.microsoft.com/azure/devops/pipelines/languages/dotnet-core
-# SPDX-FileCopyrightText: 2023 Siemens AG
+# SPDX-FileCopyrightText: 2024 Siemens AG
 # SPDX-License-Identifier: MIT
 
 resources:
@@ -23,15 +23,15 @@ jobs:
     displayName: 'Clearing-Package Identifier'
     inputs:
       script: |
-        $(Build.SourcesDirectory)\Continuous-Clearing\out\net6.0\PackageIdentifier.exe --packageFilePath "$(Build.SourcesDirectory)\DemoProject\NPMProject" --bomFolderPath "$(Build.SourcesDirectory)\DemoProject\NPMProject" --sw360Token <SW360AUTHTOKEN)>  --projectType <ProjectType> --sw360Url <sw360Url> --sW360AuthTokenType Bearer --artifactoryuploadApiKey <JFROGARTIFACTORYTOKEN>) --JfrogApi <JfrogUrl>
+        $(Build.SourcesDirectory)\Continuous-Clearing\out\net8.0\PackageIdentifier.exe --packageFilePath "$(Build.SourcesDirectory)\DemoProject\NPMProject" --bomFolderPath "$(Build.SourcesDirectory)\DemoProject\NPMProject" --sw360Token <SW360AUTHTOKEN)>  --projectType <ProjectType> --sw360Url <sw360Url> --sW360AuthTokenType Bearer --artifactoryuploadApiKey <JFROGARTIFACTORYTOKEN>) --JfrogApi <JfrogUrl>
       workingDirectory: 'DemoProject\NPMProject'
       failOnStderr: true
 
   - task: CmdLine@2
     displayName: 'Clearing-SW360 Package Creator'
     inputs:
       script: |
-        $(Build.SourcesDirectory)\Continuous-Clearing\out\net6.0\SW360PackageCreator.exe  --bomFilePath "$(Build.SourcesDirectory)\DemoProject\NPMProject\$(SW360PROJNAME)_Bom.cdx.json"  --sw360Token <sw360token> --sW360ProjectID <ProjectId> --sW360AuthTokenType Bearer --fossologyUrl <FossURL>
+        $(Build.SourcesDirectory)\Continuous-Clearing\out\net8.0\SW360PackageCreator.exe  --bomFilePath "$(Build.SourcesDirectory)\DemoProject\NPMProject\$(SW360PROJNAME)_Bom.cdx.json"  --sw360Token <sw360token> --sW360ProjectID <ProjectId> --sW360AuthTokenType Bearer --fossologyUrl <FossURL>
       workingDirectory: 'DemoProject\NPMProject'
       failOnStderr: true
 

DemoProject/DemoProject__azure-pipelines_Debian.yml

@@ -2,7 +2,7 @@
 # Build and test ASP.NET Core projects targeting the full .NET Framework.
 # Add steps that publish symbols, save build artifacts, and more:
 # https://docs.microsoft.com/azure/devops/pipelines/languages/dotnet-core
-# SPDX-FileCopyrightText: 2023 Siemens AG
+# SPDX-FileCopyrightText: 2024 Siemens AG
 # SPDX-License-Identifier: MIT
 
 resources:
@@ -55,23 +55,23 @@ stages:
       inputs:
         SourceFolder: '$(Build.SourcesDirectory)'
         Contents: 'appSettings*.json'
-        TargetFolder: '$(Build.SourcesDirectory)\Continuous-Clearing\out\net6.0'
+        TargetFolder: '$(Build.SourcesDirectory)\Continuous-Clearing\out\net8.0'
         OverWrite: true
 
     - task: CmdLine@2
       enabled: true
       displayName: 'PackageIdentifier'
       inputs:
         script: |
-          $(Build.SourcesDirectory)\Continuous-Clearing\out\net6.0\PackageIdentifier.exe  --packageFilePath "<debpackageOutfilepath>" --bomFolderPath "$(Build.SourcesDirectory)\GridEdge" --sw360Token <SW360AUTHTOKEN> --sW360ProjectID <projectid> --sW360AuthTokenType Bearer --artifactoryuploadApiKey <JFRogApitoken> --projectType DEBIAN
+          $(Build.SourcesDirectory)\Continuous-Clearing\out\net8.0\PackageIdentifier.exe  --packageFilePath "<debpackageOutfilepath>" --bomFolderPath "$(Build.SourcesDirectory)\GridEdge" --sw360Token <SW360AUTHTOKEN> --sW360ProjectID <projectid> --sW360AuthTokenType Bearer --artifactoryuploadApiKey <JFRogApitoken> --projectType DEBIAN
         workingDirectory: $(Build.SourcesDirectory)
       continueOnError: true
     - task: CmdLine@2
       enabled: true
       displayName: 'component creator'
       inputs:
         script: |
-          $(Build.SourcesDirectory)\Continuous-Clearing\out\net6.0\SW360PackageCreator.exe  --bomFilePath "$(Build.SourcesDirectory)\GridEdge\$(SW360PROJNAME)_Bom.cdx.json" --sw360Token <SW360AUTHTOKEN> --sW360ProjectID <ProjectId> --sW360AuthTokenType Bearer --fossologyUrl <FossURL>
+          $(Build.SourcesDirectory)\Continuous-Clearing\out\net8.0\SW360PackageCreator.exe  --bomFilePath "$(Build.SourcesDirectory)\GridEdge\$(SW360PROJNAME)_Bom.cdx.json" --sw360Token <SW360AUTHTOKEN> --sW360ProjectID <ProjectId> --sW360AuthTokenType Bearer --fossologyUrl <FossURL>
         workingDirectory: $(Build.SourcesDirectory)
       continueOnError: true
 

DemoProject/LicenseClearingTool.bat

@@ -1,8 +1,8 @@
-REM SPDX-FileCopyrightText: 2023 Siemens AG
+REM SPDX-FileCopyrightText: 2024 Siemens AG
 REM SPDX-License-Identifier: MIT
 
 @ECHO OFF
-pushd %~dp0\LicenseClearingTool.3.0.0
+pushd %~dp0\LicenseClearingTool.7.0.0
 echo "Starting Package Identifier"
 cmd.exe /c Package Identifier.exe --packageFilePath ..\NPMProject --bomFolderPath ..\BOM --sw360Token <sw360token> --sW360ProjectID <ProjectId> --sW360AuthTokenType Bearer --artifactoryuploadApiKey <artifactoryuploadApiKey> --projectType <ProjectType> --JfrogApi <JfrogUrl> --sw360Url <sw360Url>
 

Dockerfile

@@ -1,30 +1,43 @@
 # SPDX-FileCopyrightText: 2024 Siemens AG
 # SPDX-License-Identifier: MIT
-
+ 
 # Get parent image as latest debian patch of bullseye
-FROM mcr.microsoft.com/dotnet/sdk:6.0-bullseye-slim-amd64
+FROM mcr.microsoft.com/dotnet/sdk:8.0-bookworm-slim
 WORKDIR /app/out
-
+ 
 # Creating required directories
 RUN mkdir /opt/DebianImageClearing && \
     mkdir /mnt/Input && \
     mkdir /mnt/Output && \
     mkdir /etc/CATool && \
     mkdir /app/out/PatchedFiles
-
+ 
 # Installing required packages
 # Installing syft:v0.90.0
+# Installing specific version of openjdk
 RUN apt-get update && \
     apt-get -y install --no-install-recommends nodejs npm && \
     apt-get -y install --no-install-recommends git && \
     apt-get -y install --no-install-recommends maven && \
     apt-get -y install --no-install-recommends curl && \
-    apt-get -y install --no-install-recommends dpkg-dev && \   
-    curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /opt/DebianImageClearing v0.90.0 && \
+    apt-get -y install --no-install-recommends dpkg-dev && \
+    dpkg -r --force-depends python3-minimal && \    
+    dpkg -r --force-depends libpython3.11-minimal:amd64 && \
+    dpkg -r --force-depends libpython3.11-stdlib:amd64 && \     
+    dpkg -r --force-depends python3.11 && \
+    dpkg -r --force-depends python3.11-minimal && \
+    dpkg --purge libpython3.11-minimal:amd64 && \
+    dpkg --purge python3.11-minimal && \
+    curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /opt/DebianImageClearing v0.90.0
+
+RUN apt-get update && \
+    curl -L -o openjdk-17-jre-headless_17.0.9+9-1~deb12u1_amd64.deb https://snapshot.debian.org/archive/debian-security/20231105T195436Z/pool/updates/main/o/openjdk-17/openjdk-17-jre-headless_17.0.9+9-1~deb12u1_amd64.deb && \
+    dpkg -i openjdk-17-jre-headless_17.0.9+9-1~deb12u1_amd64.deb && \    
     rm -rf /var/lib/apt/lists/* && \
     rm -rf archive.tar.gz
-
+ 
 ENV PATH="/root/.local/bin:$PATH"
-
+ 
 # Copying files from host to current working directory
+# COPY /out/net8.0 /app/out
 COPY /buildoutput/ /app/out