Feature/path (#4)

* Temp commit

* Readme update

* Readme update

contrib/helm/threat-db/Chart.yaml

@@ -4,6 +4,6 @@ description: A graphql server for vulnerabilities powered by dgraph
 
 type: application
 
-version: 0.6.1
+version: 0.6.2
 
-appVersion: "0.6.1"
+appVersion: "0.6.2"

contrib/microk8s/INSTALL.md

@@ -200,8 +200,10 @@ dev-db-dgraph-zero             ClusterIP   10.152.183.112   <none>        5080/T
 
 ```
 # microk8s helm uninstall threat-db-api
-microk8s helm install threat-db-api oci://ghcr.io/ngcloudsec/charts/threat-db --version 0.5.0 --set persistence.storageClass="ssd-hostpath" --set persistence.size="1Gi"
+microk8s helm install threat-db-api oci://ghcr.io/ngcloudsec/charts/threat-db --version 0.6.2 --set persistence.storageClass="ssd-hostpath" --set persistence.size="1Gi"
 microk8s kubectl get pods
+
+microk8s kubectl logs --tail=10 threat-db-api-0
 ```
 
 ## Create Kubernetes Ingress

pyproject.toml

@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "threat-db"
-version = "0.6.1"
+version = "0.6.2"
 description = "A graphql server for vulnerabilities powered by dgraph"
 authors = ["Team ngcloudsec <cloud@ngcloud.io>"]
 license = "Apache-2.0"

threat_db/admincli.py

@@ -131,8 +131,12 @@ def main():
                         f"An administrator user was created with the id {user_id} and password {password}"
                     )
                     LOG.info(
-                        """Use this credential for development purposes only and ensure this account is removed in production.\nTo generate access token for this user, make a POST request to the /login endpoint\n\nexport ACCESS_TOKEN=$(curl -q -X POST http://0.0.0.0:9000/login -d '{"username":"%(user_id)s","password":"%(password)s"}' -H "Content-Type: application/json" | jq -r '.access_token')"""
-                        % dict(user_id=user_id, password=password)
+                        """Use this credential for development purposes only and ensure this account is removed in production.\nTo generate access token for this user, make a POST request to the /login endpoint\n\nexport ACCESS_TOKEN=$(curl -q -X POST %(graphql_host)s/login -d '{"username":"%(user_id)s","password":"%(password)s"}' -H "Content-Type: application/json" | jq -r '.access_token')"""
+                        % dict(
+                            user_id=user_id,
+                            password=password,
+                            graphql_host=args.graphql_host,
+                        )
                     )
                 else:
                     LOG.info(f"Unable to authenticate as the new user {user_id}")

threat_db/loader.py

@@ -161,8 +161,11 @@ def process_vex_file(client, jsonf):
     serial_number = parsed_obj.get("serial_number")
     components = parsed_obj.get("components")
     metadata = parsed_obj.get("metadata")
+    services = parsed_obj.get("services")
     if serial_number and components:
-        LOG.info(f"Creating Bom with {len(components)} components from {jsonf}")
+        LOG.info(
+            f"Creating Bom with {len(components)} components and {len(services)} services from {jsonf}"
+        )
         root_component = metadata.get("component", None)
         if root_component and root_component.get("purl"):
             root_component["isRoot"] = True
@@ -179,7 +182,7 @@ def process_vex_file(client, jsonf):
                         "component": root_component,
                     },
                     "components": components,
-                    "services": parsed_obj.get("services"),
+                    "services": services,
                     "vulnerabilities": parsed_obj.get("vulnerabilities"),
                 }
             ],