diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 0000000..a3ad0dc --- /dev/null +++ b/.editorconfig @@ -0,0 +1,9 @@ +root = true + +[*] +indent_style = space +indent_size = 2 +end_of_line = lf +charset = utf-8 +trim_trailing_whitespace = true +insert_final_newline = false \ No newline at end of file diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..f087b42 --- /dev/null +++ b/.gitattributes @@ -0,0 +1 @@ +*.tar.gz filter=lfs diff=lfs merge=lfs -text diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 0000000..d77cfc2 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1 @@ +* @MinBZK/mijn-bureau \ No newline at end of file diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..1c69666 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,15 @@ +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "monthly" + day: "monday" + time: "08:00" + timezone: "Europe/Amsterdam" + labels: + - "dependencies" + groups: + allgithubactions: + patterns: + - "*" \ No newline at end of file diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000..5affc06 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,78 @@ +name: build +on: + push: + branches: + - main + tags: + - "v*" + pull_request: + branches: + - "main" + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + +jobs: + sonarqube: + name: SonarQube + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis + + - name: SonarQube Scan + uses: SonarSource/sonarqube-scan-action@v4 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + build: + runs-on: ubuntu-latest + permissions: + packages: write + contents: read + actions: read + steps: + - uses: actions/checkout@v4 + with: + lfs: true + + - name: get lfs + run: git lfs pull + + - name: Log in to the Container registry + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Extract metadata for Docker + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + env: + DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index + + - name: Build and push Docker image + uses: docker/build-push-action@v6 + with: + context: . + file: ./Dockerfile + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + annotations: ${{ steps.meta.outputs.annotations }} + platforms: linux/amd64,darwin/amd64 \ No newline at end of file diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..6a3e68d --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +**/.DS_Store \ No newline at end of file diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 0000000..55ab792 --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,63 @@ +# Code of Conduct + +## Our Pledge + +In the interest of fostering an open and welcoming environment, we as +contributors and maintainers pledge to make participation in our project and +our community a harassment-free experience for everyone, regardless of age, body +size, disability, ethnicity, sex characteristics, gender identity and expression, +level of experience, education, socio-economic status, nationality, personal +appearance, race, religion, or sexual identity and orientation. + +## Our Standards + +Examples of behavior that contributes to a positive environment for our +community include: + +* Demonstrating empathy and kindness toward other people +* Being respectful of differing opinions, viewpoints, and experiences +* Giving and gracefully accepting constructive feedback +* Accepting responsibility and apologizing to those affected by our mistakes, +and learning from the experience +* Focusing on what is best not just for us as individuals, but for the +overall community + +Examples of unacceptable behavior include: + +* The use of sexualized language or imagery, and sexual attention or +advances +* Trolling, insulting or derogatory comments, and personal or political attacks +* Public or private harassment +* Publishing others' private information, such as a physical or email +address, without their explicit permission +* Other conduct which could reasonably be considered inappropriate in a +professional setting + +## Our Responsibilities + +Project maintainers are responsible for clarifying and enforcing our standards of +acceptable behavior and will take appropriate and fair corrective action in +response to any instances of unacceptable behavior. + +Project maintainers have the right and responsibility to remove, edit, or reject +comments, commits, code, wiki edits, issues, and other contributions that are +not aligned to this Code of Conduct, or to ban +temporarily or permanently any contributor for other behaviors that they deem +inappropriate, threatening, offensive, or harmful. + +## Scope + +This Code of Conduct applies within all community spaces, and also applies when +an individual is officially representing the community in public spaces. +Examples of representing our community include using an official e-mail address, +posting via an official social media account, or acting as an appointed +representative at an online or offline event. + +## Enforcement + +Instances of abusive, harassing, or otherwise unacceptable behavior may be +reported to the community leaders responsible for enforcement. +All complaints will be reviewed and investigated promptly and fairly. + +All community leaders are obligated to respect the privacy and security of the +reporter of any incident. diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..cdc266a --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,102 @@ +# Contributing + +First off, thanks for taking the time to contribute! ❤️ + +All types of contributions are encouraged and valued. See the [Table of Contents](#table-of-contents) for different ways +to help and details about how this project handles them. Please make sure to read the relevant section before making your +contribution. It will make it a lot easier for us maintainers and smooth out the experience for all involved. The +community looks forward to your contributions. 🎉 + +## Table of Contents + +- [Code of Conduct](#code-of-conduct) +- [I Have a Question](#i-have-a-question) +- [I Want To Contribute](#i-want-to-contribute) +- [Reporting Bugs](#reporting-bugs) +- [Suggesting Enhancements](#suggesting-enhancements) + +## Code of Conduct + +This project and everyone participating in it is governed by the +[Code of Conduct](CODE_OF_CONDUCT.md). +By participating, you are expected to uphold this code. Please report unacceptable behavior to the maintainers. + +## I Have a Question + +Before you ask a question, it is best to search for existing [Issues](../../issues/) +that might help you. In case you have found a suitable issue and still need clarification, you can write your question +in this issue. + +If you then still feel the need to ask a question and need clarification, we recommend the following: + +- Open an [Issue](../../issues/new). +- Provide as much context as you can about what you're running into. + +We will then take care of the issue as soon as possible. + +## I Want To Contribute + +### Reporting Bugs + +#### Before Submitting a Bug Report + +A good bug report shouldn't leave others needing to chase you up for more information. Therefore, we ask you to +investigate carefully, collect information and describe the issue in detail in your report. Please complete the +following steps in advance to help us fix any potential bug as fast as possible. + +- Make sure that you are using the latest version. +- To see if other users have experienced (and potentially already solved) the same issue you are having, check if there +is not already a bug report existing for your bug or error in the [bug tracker](../..//issues?q=label%3Abug). +- Collect information about the bug +- Possibly your input and the output + +#### How Do I Submit a Good Bug Report? + +> You must never report security related issues, vulnerabilities or bugs including sensitive information to the issue +tracker, or elsewhere in public. Instead sensitive bugs must be sent to NCSC. See [Security](SECURITY.md). + +We use GitHub issues to track bugs and errors. If you run into an issue with the project: + +- Open an [Issue](../../issues/new). (Since we can't be sure at this point whether it +is a bug or not, we ask you not to talk about a bug yet and not to label the issue.) +- Explain the behavior you would expect and the actual behavior. +- Please provide as much context as possible and describe the *reproduction steps* that someone else can follow to +recreate the issue on their own. This usually includes your code. +- Provide the information you collected in the previous section. + +Once it's filed: + +- The project team will label the issue accordingly. +- A team member will try to reproduce the issue with your provided steps. If there are no reproduction steps or no +obvious way to reproduce the issue, the team will ask you for those steps and mark the issue as `needs-repro`. Bugs with +the `needs-repro` tag will not be addressed until they are reproduced. +- If the team is able to reproduce the issue, it will be marked `needs-fix`, as well as possibly other tags (such as +`critical`), and the issue will be left to be implemented by someone. + +### Suggesting Enhancements + +This section guides you through submitting an enhancement suggestion for this project, **including completely new +features and minor improvements**. Following these guidelines will help maintainers and the +community to understand your suggestion and find related suggestions. + +#### Before Submitting an Enhancement + +- Make sure that you are using the latest version. +- Perform a [search](../../issues) to see if the enhancement has already been +suggested. If it has, add a comment to the existing issue instead of opening a new one. +- Find out whether your idea fits with the scope and aims of the project. It's up to you to make a strong case to +convince the project's developers of the merits of this feature. Keep in mind that we want features that will be useful +to the majority of our users and not just a small subset. + +#### How Do I Submit a Good Enhancement Suggestion? + +Enhancement suggestions are tracked as [GitHub issues](../../issues). + +- Use a **clear and descriptive title** for the issue to identify the suggestion. +- **Describe the current behavior** and **explain which behavior you expected to see instead** and why. At this point +you can also tell which alternatives do not work for you. +- You may want to **include screenshots and animated GIFs** which help you demonstrate the steps or point out the part +which the suggestion is related to. You can use [this tool](https://www.cockos.com/licecap/) to record GIFs on MacOS and + Windows, and [this tool](https://github.com/colinkeenan/silentcast) or [this tool](https://github.com/GNOME/byzanz) on Linux. +- **Explain why this enhancement would be useful** for the community. You may also want to point out the +other projects that solved it better and which could serve as inspiration. diff --git a/DCO.md b/DCO.md new file mode 100644 index 0000000..859fe69 --- /dev/null +++ b/DCO.md @@ -0,0 +1,35 @@ +# Developer Certificate of Origin + +Developer Certificate of Origin +Version 1.1 + +Copyright (C) 2004, 2006 The Linux Foundation and its contributors. + +Everyone is permitted to copy and distribute verbatim copies of this +license document, but changing it is not allowed. + +Developer's Certificate of Origin 1.1 + +By making a contribution to this project, I certify that: + +(a) The contribution was created in whole or in part by me and I + have the right to submit it under the open source license + indicated in the file; or + +(b) The contribution is based upon previous work that, to the best + of my knowledge, is covered under an appropriate open source + license and I have the right under that license to submit that + work with modifications, whether created in whole or in part + by me, under the same open source license (unless I am + permitted to submit under a different license), as indicated + in the file; or + +(c) The contribution was provided directly to me by some other + person who certified (a), (b) or (c) and I have not modified + it. + +(d) I understand and agree that this project and the contribution + are public and that a record of the contribution (including all + personal information I submit with it, including my sign-off) is + maintained indefinitely and may be redistributed consistent with + this project or the open source license(s) involved. diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..cd65fe7 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,36 @@ +# General note: for now, install everything in one container, this needs to be different containers per process +# We should make this a multistage build, but for now, this is fine. +FROM --platform=$BUILDPLATFORM ubuntu:24.04 + +ARG TARGETARCH +ARG LEOS_VERSION=5.1.3 +ARG ANNOTATED_VERSION=5.1.0 + +RUN apt-get update && apt-get install -y maven nodejs npm openjdk-8-jdk + +# todo: fix for amd64 +ENV JAVA_HOME=/usr/lib/jvm/java-8-openjdk-$TARGETARCH +ENV PATH=$JAVA_HOME/bin:$PATH + +ENV MAVEN_CLI_OPTS="--batch-mode --errors --fail-at-end --show-version" + +ADD assets/annotate-Annotate_${ANNOTATED_VERSION}.tar.gz /app +ADD assets/core-LEOS_${LEOS_VERSION}.tar.gz /app + +RUN ln -s /app/core-LEOS_${LEOS_VERSION}/ /app/leos +RUN ln -s /app/annotate-Annotate_${ANNOTATED_VERSION}/ /app/annotate + + +RUN cd /app/leos/tools/user-repo && mvn clean install -DskipTests -q +RUN cd /app/leos/tools/repository && mvn clean install -DskipTests -q +RUN cd /app/leos/ && mvn clean install -DskipTests -q +RUN cd /app/leos/tools/akn4euutil && mvn clean install -DskipTests -q + +# RUN cd /app/annotate && mvn clean install -Denv=local -q -DskipTests + +WORKDIR /app/leos + +COPY entrypoint.sh /app/entrypoint.sh +RUN chmod +x /app/entrypoint.sh + +# ENTRYPOINT [ "/app/entrypoint.sh" ] \ No newline at end of file diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..6d8cea4 --- /dev/null +++ b/LICENSE @@ -0,0 +1,190 @@ +EUROPEAN UNION PUBLIC LICENCE v. 1.2 +EUPL © the European Union 2007, 2016 + +This European Union Public Licence (the ‘EUPL’) applies to the Work (as defined below) which is provided under the +terms of this Licence. Any use of the Work, other than as authorised under this Licence is prohibited (to the extent such +use is covered by a right of the copyright holder of the Work). +The Work is provided under the terms of this Licence when the Licensor (as defined below) has placed the following +notice immediately following the copyright notice for the Work: + Licensed under the EUPL +or has expressed by any other means his willingness to license under the EUPL. + +1.Definitions +In this Licence, the following terms have the following meaning: +— ‘The Licence’:this Licence. +— ‘The Original Work’:the work or software distributed or communicated by the Licensor under this Licence, available +as Source Code and also as Executable Code as the case may be. +— ‘Derivative Works’:the works or software that could be created by the Licensee, based upon the Original Work or +modifications thereof. This Licence does not define the extent of modification or dependence on the Original Work +required in order to classify a work as a Derivative Work; this extent is determined by copyright law applicable in +the country mentioned in Article 15. +— ‘The Work’:the Original Work or its Derivative Works. +— ‘The Source Code’:the human-readable form of the Work which is the most convenient for people to study and +modify. +— ‘The Executable Code’:any code which has generally been compiled and which is meant to be interpreted by +a computer as a program. +— ‘The Licensor’:the natural or legal person that distributes or communicates the Work under the Licence. +— ‘Contributor(s)’:any natural or legal person who modifies the Work under the Licence, or otherwise contributes to +the creation of a Derivative Work. +— ‘The Licensee’ or ‘You’:any natural or legal person who makes any usage of the Work under the terms of the +Licence. +— ‘Distribution’ or ‘Communication’:any act of selling, giving, lending, renting, distributing, communicating, +transmitting, or otherwise making available, online or offline, copies of the Work or providing access to its essential +functionalities at the disposal of any other natural or legal person. + +2.Scope of the rights granted by the Licence +The Licensor hereby grants You a worldwide, royalty-free, non-exclusive, sublicensable licence to do the following, for +the duration of copyright vested in the Original Work: +— use the Work in any circumstance and for all usage, +— reproduce the Work, +— modify the Work, and make Derivative Works based upon the Work, +— communicate to the public, including the right to make available or display the Work or copies thereof to the public +and perform publicly, as the case may be, the Work, +— distribute the Work or copies thereof, +— lend and rent the Work or copies thereof, +— sublicense rights in the Work or copies thereof. +Those rights can be exercised on any media, supports and formats, whether now known or later invented, as far as the +applicable law permits so. +In the countries where moral rights apply, the Licensor waives his right to exercise his moral right to the extent allowed +by law in order to make effective the licence of the economic rights here above listed. +The Licensor grants to the Licensee royalty-free, non-exclusive usage rights to any patents held by the Licensor, to the +extent necessary to make use of the rights granted on the Work under this Licence. + +3.Communication of the Source Code +The Licensor may provide the Work either in its Source Code form, or as Executable Code. If the Work is provided as +Executable Code, the Licensor provides in addition a machine-readable copy of the Source Code of the Work along with +each copy of the Work that the Licensor distributes or indicates, in a notice following the copyright notice attached to +the Work, a repository where the Source Code is easily and freely accessible for as long as the Licensor continues to +distribute or communicate the Work. + +4.Limitations on copyright +Nothing in this Licence is intended to deprive the Licensee of the benefits from any exception or limitation to the +exclusive rights of the rights owners in the Work, of the exhaustion of those rights or of other applicable limitations +thereto. + +5.Obligations of the Licensee +The grant of the rights mentioned above is subject to some restrictions and obligations imposed on the Licensee. Those +obligations are the following: + +Attribution right: The Licensee shall keep intact all copyright, patent or trademarks notices and all notices that refer to +the Licence and to the disclaimer of warranties. The Licensee must include a copy of such notices and a copy of the +Licence with every copy of the Work he/she distributes or communicates. The Licensee must cause any Derivative Work +to carry prominent notices stating that the Work has been modified and the date of modification. + +Copyleft clause: If the Licensee distributes or communicates copies of the Original Works or Derivative Works, this +Distribution or Communication will be done under the terms of this Licence or of a later version of this Licence unless +the Original Work is expressly distributed only under this version of the Licence — for example by communicating +‘EUPL v. 1.2 only’. The Licensee (becoming Licensor) cannot offer or impose any additional terms or conditions on the +Work or Derivative Work that alter or restrict the terms of the Licence. + +Compatibility clause: If the Licensee Distributes or Communicates Derivative Works or copies thereof based upon both +the Work and another work licensed under a Compatible Licence, this Distribution or Communication can be done +under the terms of this Compatible Licence. For the sake of this clause, ‘Compatible Licence’ refers to the licences listed +in the appendix attached to this Licence. Should the Licensee's obligations under the Compatible Licence conflict with +his/her obligations under this Licence, the obligations of the Compatible Licence shall prevail. + +Provision of Source Code: When distributing or communicating copies of the Work, the Licensee will provide +a machine-readable copy of the Source Code or indicate a repository where this Source will be easily and freely available +for as long as the Licensee continues to distribute or communicate the Work. +Legal Protection: This Licence does not grant permission to use the trade names, trademarks, service marks, or names +of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and +reproducing the content of the copyright notice. + +6.Chain of Authorship +The original Licensor warrants that the copyright in the Original Work granted hereunder is owned by him/her or +licensed to him/her and that he/she has the power and authority to grant the Licence. +Each Contributor warrants that the copyright in the modifications he/she brings to the Work are owned by him/her or +licensed to him/her and that he/she has the power and authority to grant the Licence. +Each time You accept the Licence, the original Licensor and subsequent Contributors grant You a licence to their contributions +to the Work, under the terms of this Licence. + +7.Disclaimer of Warranty +The Work is a work in progress, which is continuously improved by numerous Contributors. It is not a finished work +and may therefore contain defects or ‘bugs’ inherent to this type of development. +For the above reason, the Work is provided under the Licence on an ‘as is’ basis and without warranties of any kind +concerning the Work, including without limitation merchantability, fitness for a particular purpose, absence of defects or +errors, accuracy, non-infringement of intellectual property rights other than copyright as stated in Article 6 of this +Licence. +This disclaimer of warranty is an essential part of the Licence and a condition for the grant of any rights to the Work. + +8.Disclaimer of Liability +Except in the cases of wilful misconduct or damages directly caused to natural persons, the Licensor will in no event be +liable for any direct or indirect, material or moral, damages of any kind, arising out of the Licence or of the use of the +Work, including without limitation, damages for loss of goodwill, work stoppage, computer failure or malfunction, loss +of data or any commercial damage, even if the Licensor has been advised of the possibility of such damage. However, +the Licensor will be liable under statutory product liability laws as far such laws apply to the Work. + +9.Additional agreements +While distributing the Work, You may choose to conclude an additional agreement, defining obligations or services +consistent with this Licence. However, if accepting obligations, You may act only on your own behalf and on your sole +responsibility, not on behalf of the original Licensor or any other Contributor, and only if You agree to indemnify, +defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against such Contributor by +the fact You have accepted any warranty or additional liability. + +10.Acceptance of the Licence +The provisions of this Licence can be accepted by clicking on an icon ‘I agree’ placed under the bottom of a window +displaying the text of this Licence or by affirming consent in any other similar way, in accordance with the rules of +applicable law. Clicking on that icon indicates your clear and irrevocable acceptance of this Licence and all of its terms +and conditions. +Similarly, you irrevocably accept this Licence and all of its terms and conditions by exercising any rights granted to You +by Article 2 of this Licence, such as the use of the Work, the creation by You of a Derivative Work or the Distribution +or Communication by You of the Work or copies thereof. + +11.Information to the public +In case of any Distribution or Communication of the Work by means of electronic communication by You (for example, +by offering to download the Work from a remote location) the distribution channel or media (for example, a website) +must at least provide to the public the information requested by the applicable law regarding the Licensor, the Licence +and the way it may be accessible, concluded, stored and reproduced by the Licensee. + +12.Termination of the Licence +The Licence and the rights granted hereunder will terminate automatically upon any breach by the Licensee of the terms +of the Licence. +Such a termination will not terminate the licences of any person who has received the Work from the Licensee under +the Licence, provided such persons remain in full compliance with the Licence. + +13.Miscellaneous +Without prejudice of Article 9 above, the Licence represents the complete agreement between the Parties as to the +Work. +If any provision of the Licence is invalid or unenforceable under applicable law, this will not affect the validity or +enforceability of the Licence as a whole. Such provision will be construed or reformed so as necessary to make it valid +and enforceable. +The European Commission may publish other linguistic versions or new versions of this Licence or updated versions of +the Appendix, so far this is required and reasonable, without reducing the scope of the rights granted by the Licence. +New versions of the Licence will be published with a unique version number. +All linguistic versions of this Licence, approved by the European Commission, have identical value. Parties can take +advantage of the linguistic version of their choice. + +14.Jurisdiction +Without prejudice to specific agreement between parties, +— any litigation resulting from the interpretation of this License, arising between the European Union institutions, +bodies, offices or agencies, as a Licensor, and any Licensee, will be subject to the jurisdiction of the Court of Justice +of the European Union, as laid down in article 272 of the Treaty on the Functioning of the European Union, +— any litigation arising between other parties and resulting from the interpretation of this License, will be subject to +the exclusive jurisdiction of the competent court where the Licensor resides or conducts its primary business. + +15.Applicable Law +Without prejudice to specific agreement between parties, +— this Licence shall be governed by the law of the European Union Member State where the Licensor has his seat, +resides or has his registered office, +— this licence shall be governed by Belgian law if the Licensor has no seat, residence or registered office inside +a European Union Member State. + + + Appendix + +‘Compatible Licences’ according to Article 5 EUPL are: +— GNU General Public License (GPL) v. 2, v. 3 +— GNU Affero General Public License (AGPL) v. 3 +— Open Software License (OSL) v. 2.1, v. 3.0 +— Eclipse Public License (EPL) v. 1.0 +— CeCILL v. 2.0, v. 2.1 +— Mozilla Public Licence (MPL) v. 2 +— GNU Lesser General Public Licence (LGPL) v. 2.1, v. 3 +— Creative Commons Attribution-ShareAlike v. 3.0 Unported (CC BY-SA 3.0) for works other than software +— European Union Public Licence (EUPL) v. 1.1, v. 1.2 +— Québec Free and Open-Source Licence — Reciprocity (LiLiQ-R) or Strong Reciprocity (LiLiQ-R+). + +The European Commission may update this Appendix to later versions of the above licences without producing +a new version of the EUPL, as long as they provide the rights granted in Article 2 of this Licence and protect the +covered Source Code from exclusive appropriation. +All other changes or additions to this Appendix require the production of a new EUPL version. diff --git a/README.md b/README.md new file mode 100644 index 0000000..98aa074 --- /dev/null +++ b/README.md @@ -0,0 +1,10 @@ +# LEOS (Legislation Editing Open Software) + +This repo builds an Proof of concept version of [LEOS](https://code.europa.eu/leos/core) in docker so it can be easily deployed to kubernetes. This version is not mean for production. + +LEOS is a web tool to support the legislative drafting in the EU with online collaboration, version control, and co-editing. It utilises Akoma Ntoso XML schema. It is an EC solution. + + +## How to contribute + +See [contributing docs](CONTRIBUTING.md) diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..8773b5a --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,18 @@ +# Security Policy + +## Supported Versions + +We release patches for security vulnerabilities. Which versions are eligible for receiving such patches depends on the +CVSS (Common Vulnerability Scoring System) v4.0 Rating: + +| CVSS v4.0 | Supported Versions | +| --------- | ----------------------------------------- | +| 9.0-10.0 | Releases within the previous months | +| 4.0-8.9 | Most recent release | + +## Reporting a Vulnerability + +Please report (suspected) security vulnerabilities to NCSC: + +* Nederlands: **[NCSC Kwetsbaarheid melden](https://www.ncsc.nl/contact/kwetsbaarheid-melden)** +* English: **[NCSC report vulnerability](https://english.ncsc.nl/contact/reporting-a-vulnerability-cvd)** diff --git a/assets/annotate-Annotate_5.1.0.tar.gz b/assets/annotate-Annotate_5.1.0.tar.gz new file mode 100644 index 0000000..cd8ba50 --- /dev/null +++ b/assets/annotate-Annotate_5.1.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:b652948ea75584cb29a49d3e39f8ca73c3bf1b14cc4ea67486da0d72f6e3bdb4 +size 3668251 diff --git a/assets/core-LEOS_5.1.3.tar.gz b/assets/core-LEOS_5.1.3.tar.gz new file mode 100644 index 0000000..1a86ce5 --- /dev/null +++ b/assets/core-LEOS_5.1.3.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:cfd449e9596e0b18655d7051d1d5ab9f22b8fbc7d598d9896b2e40bce3bd9fd5 +size 38217264 diff --git a/compose.yaml b/compose.yaml new file mode 100644 index 0000000..5e48a02 --- /dev/null +++ b/compose.yaml @@ -0,0 +1,18 @@ +services: + leos: + image: ghcr.io/minbzk/leos:dev + build: + context: . + dockerfile: Dockerfile + command: ["/app/entrypoint.sh"] + ports: + - 9095:9095 # user-repo /ud-repo + - 9096:9096 # akn4euutil /akn4euutil + - 8080:8080 # leos + - 9097:9097 # repository /repository' + - 9099:9099 # annotate /annotate + + + +# http://localhost:8080/leos-pilot/ui +# http://localhost:9099/annotate/app.html \ No newline at end of file diff --git a/entrypoint.sh b/entrypoint.sh new file mode 100644 index 0000000..ab952a3 --- /dev/null +++ b/entrypoint.sh @@ -0,0 +1,16 @@ +#!/usr/bin/env bash + +cd /app/leos/tools/user-repo/web +mvn spring-boot:run & + +cd /app/leos/tools/repository/web +mvn spring-boot:run -Dspring-boot.run.directories=/app/leos/tools/repository/config/target/generated-config & + +cd /app/leos/modules/web +mvn jetty:run-war & + +cd /app/leos/tools/akn4euutil/web +mvn spring-boot:run -Dspring-boot.run.directories=/app/leos/tools/akn4euutil/config/target/generated-config + +# cd /app/annotate/web +# mvn spring-boot:run -Dspring-boot.run.profiles=h2 -Dspring-boot.run.directories=/app/annotate/config/target/generated-config \ No newline at end of file diff --git a/kustomization.yaml b/kustomization.yaml new file mode 100644 index 0000000..42148b8 --- /dev/null +++ b/kustomization.yaml @@ -0,0 +1,17 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: tn-openbsw-leos + +namePrefix: leos- + +commonLabels: + minbzk.github.io/name: leos + +buildMetadata: [originAnnotations] + + +resources: + - manifests/deployment.yaml + - manifests/service.yaml + - manifests/ingress.yaml diff --git a/manifests/deployment.yaml b/manifests/deployment.yaml new file mode 100644 index 0000000..6956374 --- /dev/null +++ b/manifests/deployment.yaml @@ -0,0 +1,46 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: dpl +spec: + replicas: 1 + selector: + matchLabels: + app: leos + template: + metadata: + labels: + app: leos + spec: + automountServiceAccountToken: false + containers: + - name: leos + image: ghcr.io/minbzk/leos:main + imagePullPolicy: Always + command: ["/app/entrypoint.sh"] + livenessProbe: + httpGet: + path: / + port: 8080 + readinessProbe: + httpGet: + path: / + port: 8080 + initialDelaySeconds: 300 + periodSeconds: 20 + failureThreshold: 6 + + ports: + - containerPort: 8080 + - containerPort: 9095 + - containerPort: 9096 + - containerPort: 9097 + resources: + limits: + cpu: 500m + memory: 4Gi + ephemeral-storage: "2Gi" + requests: + cpu: 200m + memory: 2Gi + ephemeral-storage: "2Gi" \ No newline at end of file diff --git a/manifests/ingress.yaml b/manifests/ingress.yaml new file mode 100644 index 0000000..155b928 --- /dev/null +++ b/manifests/ingress.yaml @@ -0,0 +1,23 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: ing + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + nginx.ingress.kubernetes.io/app-root: /leos-pilot/ui +spec: + rules: + - host: leos.apps.digilab.network + http: + paths: + - backend: + service: + name: svc + port: + number: 8080 + path: / + pathType: Prefix + tls: + - hosts: + - leos.apps.digilab.network + secretName: leos-tls diff --git a/manifests/service.yaml b/manifests/service.yaml new file mode 100644 index 0000000..c5a07e7 --- /dev/null +++ b/manifests/service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: svc +spec: + ports: + - port: 8080 + protocol: TCP + targetPort: 8080 + selector: + app: leos + type: ClusterIP diff --git a/publiccode.yml b/publiccode.yml new file mode 100644 index 0000000..a0b34fc --- /dev/null +++ b/publiccode.yml @@ -0,0 +1,34 @@ +publiccodeYmlVersion: "0.2" +categories: + - it-development +description: + en: + features: + - Open Source + - Government + genericName: leos + longDescription: | + Leos stands for Legislation Editing Open Software. + + LEOS is a web tool to support the legislative drafting in the EU with online collaboration, + + shortDescription: WLEOS is a web tool to support the legislative drafting in the EU with online collaboration, +developmentStatus: concept +legal: + license: EUPL-1.2 +localisation: + availableLanguages: + - en + - nl + localisationReady: false +maintenance: + contacts: + - name: Mijn Bureau + email: opensource@minbzk.nl + type: community +name: leos +platforms: + - docs +releaseDate: "2024-12-15" +softwareType: standalone/web +url: "https://github.com/MinBZK/leos" diff --git a/sonar-project.properties b/sonar-project.properties new file mode 100644 index 0000000..71c2c75 --- /dev/null +++ b/sonar-project.properties @@ -0,0 +1,2 @@ +sonar.projectKey=MinBZK_leos +sonar.organization=minbzk \ No newline at end of file