From 0a1a2b390c4ce1c853179722ddba7e66a645a569 Mon Sep 17 00:00:00 2001 From: Chao Wang Date: Tue, 18 Nov 2025 16:05:26 +0800 Subject: [PATCH 1/2] chore: remove exhort_dev_mode and default endpoints and use value from environment variables --- CONTRIBUTING.md | 11 ++-- README.md | 20 ++++-- .../guacsec/trustifyda/impl/ExhortApi.java | 62 ++++--------------- src/main/resources/cli_help.txt | 11 ++-- src/main/resources/config.properties | 1 - .../guacsec/trustifyda/impl/ExhortApiIT.java | 2 +- .../trustifyda/impl/Exhort_Api_Test.java | 46 ++++---------- 7 files changed, 50 insertions(+), 103 deletions(-) delete mode 100644 src/main/resources/config.properties diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 15de1ed7..da1aefcb 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -37,13 +37,10 @@ ### Good to know -* You can override the default backend url by setting the `TRUSTIFY_DA_DEV_MODE` environment variable/system property to true: - * In case environment variable/System Property `TRUSTIFY_DA_DEV_MODE=true` - You can Override the default trustify-dependency-analytics backend by setting - `DEV_TRUSTIFY_DA_BACKEND_URL` env variable/system property to the desired trustify-dependency-analytics backend instance address ( useful for tests). - * In case `DEV_TRUSTIFY_DA_BACKEND_URL` is not set via environment variable/system property, then the default DEV trustify-dependency-analytics backend is picked. - * In case `TRUSTIFY_DA_DEV_MODE=false` or not set at all levels, then default backend url ( trustify-dependency-analytics prod) is picked, regardless of the value of `DEV_TRUSTIFY_DA_BACKEND_URL`. - * Environment variables takes precedence over System properties - for example, if System property `TRUSTIFY_DA_DEV_MODE=true` - but environment variable `TRUSTIFY_DA_DEV_MODE=false` , then default trustify-dependency-analytics prod will be used anyway. +* Backend URL Configuration: + * The client requires the backend URL to be configured through environment variable: `TRUSTIFY_DA_BACKEND_URL=https://backend.url` (required) + * The application will fail to start if this environment variable is not set + * For development scenarios, you may use: `https://exhort.stage.devshift.net` ### OpenAPI Specifications diff --git a/README.md b/README.md index c794da02..9c1b43bd 100644 --- a/README.md +++ b/README.md @@ -155,7 +155,7 @@ public class TrustifyExample { // - (json) deserialized Stack Analysis report // - (html) html Stack Analysis report CompletableFuture mixedStackReport = exhortApi.stackAnalysisMixed("/path/to/pom.xml"); - + // get a AnalysisReport future holding a deserialized Component Analysis report var manifestContent = Files.readAllBytes(Path.of("/path/to/pom.xml")); CompletableFuture componentReport = exhortApi.componentAnalysis("/path/to/pom.xml", manifestContent); @@ -609,23 +609,31 @@ Options: - `--summary` - Output summary in JSON format - (default) - Output full report in JSON format +#### Backend Configuration + +The client requires the backend URL to be configured through the environment variable: + +- **Environment variable**: `TRUSTIFY_DA_BACKEND_URL=https://backend.url` (required) + +The application will fail to start if this environment variable is not set. + #### Examples ```shell # Stack analysis with JSON output (default) -java -jar trustify-da-java-client-cli.jar stack /path/to/pom.xml +TRUSTIFY_DA_BACKEND_URL=https://backend.url java -jar trustify-da-java-client-cli.jar stack /path/to/pom.xml # Stack analysis with summary -java -jar trustify-da-java-client-cli.jar stack /path/to/package.json --summary +TRUSTIFY_DA_BACKEND_URL=https://backend.url java -jar trustify-da-java-client-cli.jar stack /path/to/package.json --summary # Stack analysis with HTML output -java -jar trustify-da-java-client-cli.jar stack /path/to/build.gradle --html +TRUSTIFY_DA_BACKEND_URL=https://backend.url java -jar trustify-da-java-client-cli.jar stack /path/to/build.gradle --html # Component analysis with JSON output (default) -java -jar trustify-da-java-client-cli.jar component /path/to/requirements.txt +TRUSTIFY_DA_BACKEND_URL=https://backend.url java -jar trustify-da-java-client-cli.jar component /path/to/requirements.txt # Component analysis with summary -java -jar trustify-da-java-client-cli.jar component /path/to/go.mod --summary +TRUSTIFY_DA_BACKEND_URL=https://backend.url java -jar trustify-da-java-client-cli.jar component /path/to/go.mod --summary # Show help java -jar trustify-da-java-client-cli.jar --help diff --git a/src/main/java/io/github/guacsec/trustifyda/impl/ExhortApi.java b/src/main/java/io/github/guacsec/trustifyda/impl/ExhortApi.java index 618bbc52..16ee6950 100644 --- a/src/main/java/io/github/guacsec/trustifyda/impl/ExhortApi.java +++ b/src/main/java/io/github/guacsec/trustifyda/impl/ExhortApi.java @@ -34,7 +34,6 @@ import jakarta.mail.internet.MimeMultipart; import jakarta.mail.util.ByteArrayDataSource; import java.io.IOException; -import java.io.InputStream; import java.net.InetSocketAddress; import java.net.ProxySelector; import java.net.URI; @@ -51,7 +50,6 @@ import java.util.Map; import java.util.Objects; import java.util.Optional; -import java.util.Properties; import java.util.Set; import java.util.UUID; import java.util.concurrent.CompletableFuture; @@ -64,18 +62,13 @@ /** Concrete implementation of the Exhort {@link Api} Service. */ public final class ExhortApi implements Api { - private static final String DEV_TRUSTIFY_DA_BACKEND_URL = "DEV_TRUSTIFY_DA_BACKEND_URL"; - - private static final String TRUSTIFY_DA_DEV_MODE = "TRUSTIFY_DA_DEV_MODE"; - private static final String HTTP_VERSION_TRUSTIFY_DA_CLIENT = "HTTP_VERSION_TRUSTIFY_DA_CLIENT"; private static final String TRUSTIFY_DA_PROXY_URL = "TRUSTIFY_DA_PROXY_URL"; private static final Logger LOG = LoggersFactory.getLogger(ExhortApi.class.getName()); - public static final String DEFAULT_ENDPOINT = "https://rhda.rhcloud.com"; - public static final String DEFAULT_ENDPOINT_DEV = "https://exhort.stage.devshift.net"; + private static final String TRUSTIFY_DA_BACKEND_URL = "TRUSTIFY_DA_BACKEND_URL"; public static final String TRUST_DA_TOKEN_HEADER = "trust-da-token"; public static final String TRUST_DA_SOURCE_HEADER = "trust-da-source"; public static final String TRUST_DA_OPERATION_TYPE_HEADER = "trust-da-operation-type"; @@ -114,38 +107,9 @@ static HttpClient.Version getHttpVersion() { } ExhortApi(final HttpClient client) { - // // temp system property - as long as prod exhort url not implemented the multi-source v4 - // endpoint, this - // property needs to be true - // System.setProperty("TRUSTIFY_DA_DEV_MODE","true"); commonHookBeginning(true); this.client = client; this.mapper = new ObjectMapper().disable(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES); - // Take default from config.properties in case client didn't override DEV MODE - if (Environment.get(TRUSTIFY_DA_DEV_MODE) == null) { - try { - InputStream exhortConfig = - this.getClass().getClassLoader().getResourceAsStream("config.properties"); - if (exhortConfig == null) { - LOG.info( - "config.properties not found on the class path, fallback to default DEV MODE =" - + " false"); - System.setProperty(TRUSTIFY_DA_DEV_MODE, "false"); - } else { - Properties properties = new Properties(); - properties.load(exhortConfig); - System.setProperty(TRUSTIFY_DA_DEV_MODE, (String) properties.get(TRUSTIFY_DA_DEV_MODE)); - } - } catch (IOException e) { - LOG.info( - String.format( - "Error loading config.properties , fallback to set default property DEV MODE =" - + " false, Error message = %s", - e.getMessage())); - System.setProperty(TRUSTIFY_DA_DEV_MODE, "false"); - } - } - this.endpoint = getExhortUrl(); } @@ -192,24 +156,20 @@ private static String getClientRequestId() { return RequestManager.getInstance().getTraceIdOfRequest(); } - public String getExhortUrl() { - String endpoint; - if (Environment.getBoolean(TRUSTIFY_DA_DEV_MODE, false)) { - endpoint = Environment.get(DEV_TRUSTIFY_DA_BACKEND_URL, DEFAULT_ENDPOINT_DEV); - - } else { - endpoint = DEFAULT_ENDPOINT; + private String getExhortUrl() { + String endpoint = Environment.get(TRUSTIFY_DA_BACKEND_URL); + if (endpoint == null || endpoint.trim().isEmpty()) { + throw new IllegalStateException( + "Backend URL not configured. Please set the TRUSTIFY_DA_BACKEND_URL environment" + + " variable."); } + endpoint = endpoint.trim(); + if (debugLoggingIsNeeded()) { LOG.info( String.format( - "TRUSTIFY_DA_DEV_MODE=%s,DEV_TRUSTIFY_DA_BACKEND_URL=%s, Chosen Backend URL=%s ," - + " DEFAULT_ENDPOINT_DEV=%s , DEFAULT_ENDPOINT=%s", - Environment.getBoolean(TRUSTIFY_DA_DEV_MODE, false), - Environment.get(DEV_TRUSTIFY_DA_BACKEND_URL, DEFAULT_ENDPOINT_DEV), - endpoint, - DEFAULT_ENDPOINT_DEV, - DEFAULT_ENDPOINT)); + "Backend URL configured - TRUSTIFY_DA_BACKEND_URL=%s", + Environment.get(TRUSTIFY_DA_BACKEND_URL))); } return endpoint; } diff --git a/src/main/resources/cli_help.txt b/src/main/resources/cli_help.txt index dd5b6b21..0fef3c8b 100644 --- a/src/main/resources/cli_help.txt +++ b/src/main/resources/cli_help.txt @@ -20,8 +20,11 @@ COMMANDS: OPTIONS: -h, --help Show this help message +ENVIRONMENT VARIABLES: + TRUSTIFY_DA_BACKEND_URL Backend URL for the Trustify Dependency Analytics service (required) + EXAMPLES: - java -jar trustify-da-java-client-cli.jar stack /path/to/pom.xml - java -jar trustify-da-java-client-cli.jar stack /path/to/package.json --summary - java -jar trustify-da-java-client-cli.jar stack /path/to/build.gradle --html - java -jar trustify-da-java-client-cli.jar component /path/to/requirements.txt + TRUSTIFY_DA_BACKEND_URL=https://backend.url java -jar trustify-da-java-client-cli.jar stack /path/to/pom.xml + TRUSTIFY_DA_BACKEND_URL=https://backend.url java -jar trustify-da-java-client-cli.jar stack /path/to/package.json --summary + TRUSTIFY_DA_BACKEND_URL=https://backend.url java -jar trustify-da-java-client-cli.jar stack /path/to/build.gradle --html + TRUSTIFY_DA_BACKEND_URL=https://backend.url java -jar trustify-da-java-client-cli.jar component /path/to/requirements.txt diff --git a/src/main/resources/config.properties b/src/main/resources/config.properties deleted file mode 100644 index 66bae57e..00000000 --- a/src/main/resources/config.properties +++ /dev/null @@ -1 +0,0 @@ -TRUSTIFY_DA_DEV_MODE=false diff --git a/src/test/java/io/github/guacsec/trustifyda/impl/ExhortApiIT.java b/src/test/java/io/github/guacsec/trustifyda/impl/ExhortApiIT.java index fa7dfe10..5dc9060a 100644 --- a/src/test/java/io/github/guacsec/trustifyda/impl/ExhortApiIT.java +++ b/src/test/java/io/github/guacsec/trustifyda/impl/ExhortApiIT.java @@ -79,8 +79,8 @@ @Tag("IntegrationTest") @ExtendWith(HelperExtension.class) @ExtendWith(MockitoExtension.class) +@SetSystemProperty(key = "TRUSTIFY_DA_BACKEND_URL", value = "https://rhda.rhcloud.com") @SetSystemProperty(key = "TRUST_DA_SOURCE", value = "trustify-da-java-client-it") -@SetSystemProperty(key = "TRUSTIFY_DA_DEV_MODE", value = "false") @RestoreSystemProperties // TODO: Re-enable this integration test when https://issues.redhat.com/browse/TC-3192 is resolved // The test is currently disabled due to backend service changes that prevent successful connections diff --git a/src/test/java/io/github/guacsec/trustifyda/impl/Exhort_Api_Test.java b/src/test/java/io/github/guacsec/trustifyda/impl/Exhort_Api_Test.java index 0c8eba4e..9a6bf4ae 100644 --- a/src/test/java/io/github/guacsec/trustifyda/impl/Exhort_Api_Test.java +++ b/src/test/java/io/github/guacsec/trustifyda/impl/Exhort_Api_Test.java @@ -79,9 +79,8 @@ import org.mockito.junit.jupiter.MockitoExtension; @ExtendWith(MockitoExtension.class) -@ClearSystemProperty(key = "TRUSTIFY_DA_DEV_MODE") @ClearSystemProperty(key = "TRUSTIFY_DA_PROXY_URL") -@ClearSystemProperty(key = "DEV_TRUSTIFY_DA_BACKEND_URL") +@SetSystemProperty(key = "TRUSTIFY_DA_BACKEND_URL", value = "https://test.backend.url") @ClearSystemProperty(key = "TRUST_DA_TOKEN") @ClearSystemProperty(key = "TRUST_DA_SOURCE") @SuppressWarnings("unchecked") @@ -412,41 +411,22 @@ void componentAnalysis_with_pom_xml_as_path_should_return_json_object_from_the_b } @Test - @SetSystemProperty(key = "TRUSTIFY_DA_DEV_MODE", value = "true") - @ClearSystemProperty(key = "DEV_TRUSTIFY_DA_BACKEND_URL") - @RestoreSystemProperties - void check_TRUSTIFY_DA_Url_When_DEV_Mode_true_And_DEV_TRUSTIFY_DA_Url_Set() { - String dummyUrl = "http://dummy-url"; - System.setProperty("DEV_TRUSTIFY_DA_BACKEND_URL", dummyUrl); - ExhortApi exhortApi = new ExhortApi(); - then(exhortApi.getEndpoint()).isEqualTo(dummyUrl); - } - - @Test - @SetSystemProperty(key = "TRUSTIFY_DA_DEV_MODE", value = "false") - void check_TRUSTIFY_DA_Url_When_DEV_Mode_false_And_DEV_TRUSTIFY_DA_Url_Set() { - ExhortApi exhortApi = new ExhortApi(); - then(exhortApi.getEndpoint()).isEqualTo(ExhortApi.DEFAULT_ENDPOINT); - } - - @Test - @SetSystemProperty(key = "TRUSTIFY_DA_DEV_MODE", value = "true") - void check_TRUSTIFY_DA_Url_When_DEV_Mode_true_Dev_TRUSTIFY_DA_URL_Selected() { - ExhortApi exhortApi = new ExhortApi(); - then(exhortApi.getEndpoint()).isEqualTo(ExhortApi.DEFAULT_ENDPOINT_DEV); - } - - @Test - @SetSystemProperty(key = "TRUSTIFY_DA_DEV_MODE", value = "false") - void check_TRUSTIFY_DA_Url_When_DEV_Mode_not_set_Then_Default_TRUSTIFY_DA_URL_Selected() { - ExhortApi exhortApi = new ExhortApi(); - then(exhortApi.getEndpoint()).isEqualTo(ExhortApi.DEFAULT_ENDPOINT); + @ClearSystemProperty(key = "TRUSTIFY_DA_BACKEND_URL") + void check_TRUSTIFY_DA_Url_Throws_Exception_When_Not_Set() { + IllegalStateException exception = + org.junit.jupiter.api.Assertions.assertThrows( + IllegalStateException.class, () -> new ExhortApi()); + then(exception.getMessage()) + .isEqualTo( + "Backend URL not configured. Please set the TRUSTIFY_DA_BACKEND_URL environment" + + " variable."); } @Test - void check_TRUSTIFY_DA_Url_When_Nothing_Set_Then_Default_TRUSTIFY_DA_URL_Selected() { + @SetSystemProperty(key = "TRUSTIFY_DA_BACKEND_URL", value = "https://custom.test.url") + void check_TRUSTIFY_DA_Url_When_Environment_Variable_Set() { ExhortApi exhortApi = new ExhortApi(); - then(exhortApi.getEndpoint()).isEqualTo(ExhortApi.DEFAULT_ENDPOINT); + then(exhortApi.getEndpoint()).isEqualTo("https://custom.test.url"); } @Test From 03bf32b38598c309fadcab8550dbc82dd0d7a5bc Mon Sep 17 00:00:00 2001 From: Chao Wang Date: Tue, 18 Nov 2025 19:45:11 +0800 Subject: [PATCH 2/2] fix: remove RHT url and simplify env var definition in examples --- CONTRIBUTING.md | 1 - README.md | 12 +++++++----- src/main/resources/cli_help.txt | 10 ++++++---- 3 files changed, 13 insertions(+), 10 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index da1aefcb..c7d6ca95 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -40,7 +40,6 @@ * Backend URL Configuration: * The client requires the backend URL to be configured through environment variable: `TRUSTIFY_DA_BACKEND_URL=https://backend.url` (required) * The application will fail to start if this environment variable is not set - * For development scenarios, you may use: `https://exhort.stage.devshift.net` ### OpenAPI Specifications diff --git a/README.md b/README.md index 9c1b43bd..8a526c32 100644 --- a/README.md +++ b/README.md @@ -620,20 +620,22 @@ The application will fail to start if this environment variable is not set. #### Examples ```shell +export TRUSTIFY_DA_BACKEND_URL=https://your-backend.url + # Stack analysis with JSON output (default) -TRUSTIFY_DA_BACKEND_URL=https://backend.url java -jar trustify-da-java-client-cli.jar stack /path/to/pom.xml +java -jar trustify-da-java-client-cli.jar stack /path/to/pom.xml # Stack analysis with summary -TRUSTIFY_DA_BACKEND_URL=https://backend.url java -jar trustify-da-java-client-cli.jar stack /path/to/package.json --summary +java -jar trustify-da-java-client-cli.jar stack /path/to/package.json --summary # Stack analysis with HTML output -TRUSTIFY_DA_BACKEND_URL=https://backend.url java -jar trustify-da-java-client-cli.jar stack /path/to/build.gradle --html +java -jar trustify-da-java-client-cli.jar stack /path/to/build.gradle --html # Component analysis with JSON output (default) -TRUSTIFY_DA_BACKEND_URL=https://backend.url java -jar trustify-da-java-client-cli.jar component /path/to/requirements.txt +java -jar trustify-da-java-client-cli.jar component /path/to/requirements.txt # Component analysis with summary -TRUSTIFY_DA_BACKEND_URL=https://backend.url java -jar trustify-da-java-client-cli.jar component /path/to/go.mod --summary +java -jar trustify-da-java-client-cli.jar component /path/to/go.mod --summary # Show help java -jar trustify-da-java-client-cli.jar --help diff --git a/src/main/resources/cli_help.txt b/src/main/resources/cli_help.txt index 0fef3c8b..88dee6a8 100644 --- a/src/main/resources/cli_help.txt +++ b/src/main/resources/cli_help.txt @@ -24,7 +24,9 @@ ENVIRONMENT VARIABLES: TRUSTIFY_DA_BACKEND_URL Backend URL for the Trustify Dependency Analytics service (required) EXAMPLES: - TRUSTIFY_DA_BACKEND_URL=https://backend.url java -jar trustify-da-java-client-cli.jar stack /path/to/pom.xml - TRUSTIFY_DA_BACKEND_URL=https://backend.url java -jar trustify-da-java-client-cli.jar stack /path/to/package.json --summary - TRUSTIFY_DA_BACKEND_URL=https://backend.url java -jar trustify-da-java-client-cli.jar stack /path/to/build.gradle --html - TRUSTIFY_DA_BACKEND_URL=https://backend.url java -jar trustify-da-java-client-cli.jar component /path/to/requirements.txt + export TRUSTIFY_DA_BACKEND_URL=https://your-backend.url + + java -jar trustify-da-java-client-cli.jar stack /path/to/pom.xml + java -jar trustify-da-java-client-cli.jar stack /path/to/package.json --summary + java -jar trustify-da-java-client-cli.jar stack /path/to/build.gradle --html + java -jar trustify-da-java-client-cli.jar component /path/to/requirements.txt