Skip to content
/ verinice-veo Public
forked from SerNet/verinice-veo

verinice.veo is a cloud-native application for managing information security and data protection

verinice.com/en/veo

License

AGPL-3.0 license
0 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Agh42/verinice-veo

BranchesTags

Repository files navigation

verinice veo

A prototype of a new verinice version.

Build

Prerequisite:

  • Install Java 8.

Clone project:

git clone ssh://[email protected]:7999/rd/v2020.git
cd v2020

Build project:

export JAVA_HOME=/path/to/jdk-8
./gradlew build [-x test]

Run

Prerequisite:

  • Install Java 8.
  • Install MySQL, MariaDB or PostgreSQL
  • Create an empty database v2020

Run VNA Import

Set your database properties in file veo-vna-import/src/main/resources/application.properties and rebuild the application.

./gradlew veo-vna-import:bootJar
java -jar veo-vna-import/build/libs/veo-vna-import-0.1.0-SNAPSHOT.jar \
-f /path/to/verinice-archive-file.vna

Run REST Service

Set your database properties in file veo-rest/src/main/resources/application.properties and rebuild the application.

./gradlew veo-rest:bootRun

or

./gradlew veo-rest:jar
java -jar veo-rest/build/libs/veo-rest-0.1.0-SNAPSHOT.jar

Deploy to Cloud Foundry

Check and set your Cloud Foundry parameters in file veo-rest/build.gradle in section cfConfig. After that export user name and password as environment variables:

export CF_CCUSER=NAME
export CF_CCPASSWORD=PASSWORD

You can not push your the REST service to a Cloud Foundry instance:

./gradlew cf-push

Modules

veo-core

This module contains the core components of the application. This module can be used in any other module of the application.

veo-data-xml

This module contains the JAXB class files for accessing SNCA.xml from verinice.

veo-rest

This module contains the implementation of the REST services of the REST API.

The JSON schemas accepted by the API can be found in ${veo.basedir}/schemas/. If this directory does not exist, built-in schema files will be served as default.

veo.basedir can be set in application.properties and is /var/lib/veo by default. The gradle task bootRun sets veo.basedir to $HOME/.local/share/veo.

veo-vna-import

This module contains an importer for verinice archives (VNAs).

veo-json-validation

This module provides functionality to validate JSON used throughout the API.

Each JSON has to be valid against a JSON schema, possibly defined by clients, in particular unknown to the developer. To define a common base for all such veo JSON schemas a meta schema is defined, see META-SCHEMA.md

Database

Entity–relationship model of the database:

ERM of the the database

Authentication and Authorization

veo-rest uses JWT to authorize users. Tokens can be obtained by a POST on /login, e.g.

curl -i -H "Content-Type: application/json" -X POST -d '{
		"username": "user",
		"password": "password"
}' http://localhost:8070/login

On success the response will contain a header

Authorization: Bearer <token>

This header has to be part of every further request

Code Styles

Code styles are enforced using the gradle plugins pmd and spotless.

To verify your code run

./gradlew pmdMain
./gradlew spotlessCheck

or just

./gradlew check

A sample git hook is provided, which checks the code style on each commit. To install, copy the file to .git/hooks/pre-commit.

About

verinice.veo is a cloud-native application for managing information security and data protection

verinice.com/en/veo

Resources

Readme

License

AGPL-3.0 license

Security policy

Security policy
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Java 53.9%
  • Groovy 45.3%
  • JavaScript 0.6%
  • Shell 0.2%
  • Dockerfile 0.0%
  • Perl 0.0%