Skip to content

Commit 9070874

Browse files
committed
Merge branch 'develop' into main
2 parents 86c0176 + 296b5d1 commit 9070874

289 files changed

Lines changed: 27569 additions & 1 deletion

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

.github/workflows/build.yaml

Lines changed: 99 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,99 @@
1+
name: CI
2+
3+
on:
4+
push:
5+
branches:
6+
- develop
7+
pull_request:
8+
types: [labeled, opened, synchronize, repoened]
9+
branches:
10+
- develop
11+
- release
12+
- master
13+
14+
jobs:
15+
build:
16+
runs-on: ubuntu-latest
17+
18+
steps:
19+
- uses: actions/checkout@v2
20+
- name: Set working directory variable
21+
run: echo "dir=$(pwd)"
22+
- name: Set up JDK 1.8
23+
uses: actions/setup-java@v1
24+
with:
25+
java-version: 1.8
26+
- name: Cache Maven packages
27+
uses: actions/cache@v2
28+
with:
29+
path: ~/.m2
30+
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
31+
restore-keys: ${{ runner.os }}-m2
32+
- name: Checkout attackgraph project
33+
run: git clone https://git.cs.uni-paderborn.de/geismann/attackgraph.git ../attackgraph
34+
- name: Import GPG key
35+
id: import_gpg
36+
uses: crazy-max/ghaction-import-gpg@v3
37+
with:
38+
gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
39+
passphrase: ${{ secrets.GPG_PASSPHRASE }}
40+
- name: Decrypt Keystore
41+
run: gpg --passphrase "${{ secrets.GPG_PASSPHRASE }}" --output cards-keystore.jks --decrypt cards-keystore.jks.gpg
42+
- name: Replace keystore path in maven poms
43+
run: find . -type f -name "pom.xml" -exec sed -i 's#${keystore.path}#'"${GITHUB_WORKSPACE}"'/cards-keystore.jks#g' {} +
44+
- name: Replace keystore password in maven poms
45+
run: find . -type f -name "pom.xml" -exec sed -i 's/${keystore.store.password}/${{ secrets.KEYSTORE_PASSWORD }}/g' {} +
46+
- name: Replace key password in maven poms
47+
run: find . -type f -name "pom.xml" -exec sed -i 's/${keystore.key.password}/${{ secrets.KEY_PASSWORD }}/g' {} +
48+
- name: Build with Maven
49+
run: mvn -e -B package --file de.uni_paderborn.swt.cardsAttackgraphParent/pom.xml
50+
- name: Sign attackgraph artifacts
51+
run: find . -type f -name "de.uni_paderborn.se.attackgraph*" -exec jarsigner -keystore cards-keystore.jks -storepass "${{ secrets.KEYSTORE_PASSWORD }}" -keypass "${{ secrets.KEY_PASSWORD }}" -tsa http://timestamp.digicert.com {} cards-key \;
52+
- name: Bundle update page
53+
run: cp -r de.uni_paderborn.swt.cards.update/target/repository/* .
54+
- uses: actions/upload-artifact@v2
55+
with:
56+
name: Package
57+
path: |
58+
features/
59+
plugins/
60+
artifacts.jar
61+
artifacts.xml.xz
62+
content.jar
63+
content.xml.xz
64+
p2.index
65+
66+
67+
test:
68+
runs-on: ubuntu-latest
69+
70+
steps:
71+
- uses: actions/checkout@v2
72+
- name: Set up JDK 1.8
73+
uses: actions/setup-java@v1
74+
with:
75+
java-version: 1.8
76+
- name: Cache Maven packages
77+
uses: actions/cache@v2
78+
with:
79+
path: ~/.m2
80+
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
81+
restore-keys: ${{ runner.os }}-m2
82+
- name: Checkout attackgraph project
83+
run: git clone https://git.cs.uni-paderborn.de/geismann/attackgraph.git ../attackgraph
84+
- name: Import GPG key
85+
id: import_gpg
86+
uses: crazy-max/ghaction-import-gpg@v3
87+
with:
88+
gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
89+
passphrase: ${{ secrets.GPG_PASSPHRASE }}
90+
- name: Decrypt Keystore
91+
run: gpg --passphrase "${{ secrets.GPG_PASSPHRASE }}" --output cards-keystore.jks --decrypt cards-keystore.jks.gpg
92+
- name: Replace keystore path in maven poms
93+
run: find . -type f -name "pom.xml" -exec sed -i 's#${keystore.path}#'"${GITHUB_WORKSPACE}"'/cards-keystore.jks#g' {} +
94+
- name: Replace keystore password in maven poms
95+
run: find . -type f -name "pom.xml" -exec sed -i 's/${keystore.store.password}/${{ secrets.KEYSTORE_PASSWORD }}/g' {} +
96+
- name: Replace key password in maven poms
97+
run: find . -type f -name "pom.xml" -exec sed -i 's/${keystore.key.password}/${{ secrets.KEY_PASSWORD }}/g' {} +
98+
- name: Test with Maven
99+
run: mvn -B clean verify --file de.uni_paderborn.swt.cardsAttackgraphParent/pom.xml

.github/workflows/release.yaml

Lines changed: 71 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,71 @@
1+
name: Publish Artifact to Release
2+
3+
on:
4+
# on push tag
5+
push:
6+
tags: ['v*']
7+
8+
jobs:
9+
Release:
10+
11+
runs-on: ubuntu-latest
12+
13+
steps:
14+
- uses: actions/checkout@v2
15+
- name: Set working directory variable
16+
run: echo "dir=$(pwd)"
17+
- name: Set up JDK 1.8
18+
uses: actions/setup-java@v1
19+
with:
20+
java-version: 1.8
21+
- name: Cache Maven packages
22+
uses: actions/cache@v2
23+
with:
24+
path: ~/.m2
25+
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
26+
restore-keys: ${{ runner.os }}-m2
27+
- name: Checkout attackgraph project
28+
run: git clone https://git.cs.uni-paderborn.de/geismann/attackgraph.git ../attackgraph
29+
- name: Import GPG key
30+
id: import_gpg
31+
uses: crazy-max/ghaction-import-gpg@v3
32+
with:
33+
gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
34+
passphrase: ${{ secrets.GPG_PASSPHRASE }}
35+
- name: Decrypt Keystore
36+
run: gpg --passphrase "${{ secrets.GPG_PASSPHRASE }}" --output cards-keystore.jks --decrypt cards-keystore.jks.gpg
37+
- name: Replace keystore path in maven poms
38+
run: find . -type f -name "pom.xml" -exec sed -i 's#${keystore.path}#'"${GITHUB_WORKSPACE}"'/cards-keystore.jks#g' {} +
39+
- name: Replace keystore password in maven poms
40+
run: find . -type f -name "pom.xml" -exec sed -i 's/${keystore.store.password}/${{ secrets.KEYSTORE_PASSWORD }}/g' {} +
41+
- name: Replace key password in maven poms
42+
run: find . -type f -name "pom.xml" -exec sed -i 's/${keystore.key.password}/${{ secrets.KEY_PASSWORD }}/g' {} +
43+
- name: Build with Maven
44+
run: mvn -e -B package --file de.uni_paderborn.swt.cardsAttackgraphParent/pom.xml
45+
- name: Sign attackgraph artifacts
46+
run: find . -type f -name "de.uni_paderborn.se.attackgraph*" -exec jarsigner -keystore cards-keystore.jks -storepass "${{ secrets.KEYSTORE_PASSWORD }}" -keypass "${{ secrets.KEY_PASSWORD }}" -tsa http://timestamp.digicert.com {} cards-key \;
47+
48+
- name: Bundle update page
49+
run: pushd de.uni_paderborn.swt.cards.update/target/repository/ && zip -r updatesite.zip . && popd
50+
51+
- name: Create Release
52+
id: create_release
53+
uses: actions/create-release@v1
54+
env:
55+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
56+
with:
57+
tag_name: ${{ github.ref }}
58+
release_name: Release ${{ github.ref }}
59+
body: Please refer to the [CHANGELOG](./CHANGELOG.md) for more information.
60+
draft: false
61+
prerelease: false
62+
- name: Upload Release Asset
63+
id: upload-release-asset
64+
uses: actions/upload-release-asset@v1
65+
env:
66+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
67+
with:
68+
upload_url: ${{ steps.create_release.outputs.upload_url }} # This pulls from the CREATE RELEASE step above, referencing it's ID to get its outputs object, which include a `upload_url`. See this blog post for more info: https://jasonet.co/posts/new-features-of-github-actions/#passing-data-to-future-steps
69+
asset_path: ./de.uni_paderborn.swt.cards.update/target/repository/updatesite.zip
70+
asset_name: updatesite.zip
71+
asset_content_type: application/zip

.gitignore

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
**/*.class
2+
**/src-gen/*
3+
**/xtend-gen/*
4+
**/target/*
5+
de.uni_paderborn.swt.cards.htmlExport/*
6+
de.uni_paderborn.swt.cards.dsl/model/generated/TMDsl.ecore
7+
8+
de.uni_paderborn.swt.cards.dsl/model/generated/TMDsl.genmodel
9+
10+
de.uni_paderborn.swt.cards.update/plugins/
11+
12+
de.uni_paderborn.swt.cards.update/artifacts.jar
13+
14+
de.uni_paderborn.swt.cards.update/content.jar
15+
16+
de.uni_paderborn.swt.cards.update/features/de.uni_paderborn.swt.cards.feature_1.0.0.jar

.mvn/extensions.xml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
<extensions>
2+
<extension>
3+
<groupId>org.eclipse.tycho.extras</groupId>
4+
<artifactId>tycho-pomless</artifactId>
5+
<version>1.7.0</version>
6+
</extension>
7+
</extensions>

CHANGELOG.md

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
# [v1.0.0] (2021-02-10)
2+
## Feature
3+
- First release!

README.md

Lines changed: 29 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,30 @@
1-
# cards
1+
# CARDS
22
Component-based Assumptions and Restrictions for Dataflow Specifications
3+
4+
We offer a domain specific language (DSL) for describing the system under investigation as well as all threat modeling relevant parts. We provide both a textual and a graphical editor for our DSL.
5+
The system is described by a generic component-based system model consisting of components and their connections.
6+
In addition, the security analyst can define security related restrictions and assumptions.
7+
Restrictions express which components might be allowed to know which data.
8+
Assumptions describe assumptions regarding the implementation of the components made during the design phase, e.g., that a specific component will never leak data containing a password in cleartext.
9+
We also provide a static analysis that checks of the system meets all specified restriction with respect to the specified assumptions.
10+
11+
# Using Our Tools
12+
13+
As our tool suite is implemented as an eclipse plugin, it obviously relies on the eclipse IDE.
14+
All plugins are developed and tested using eclipse 2020-03, support for other versions is not guranteed.
15+
16+
## Using pre-built binaries
17+
18+
You can use artifacts of our CI as a update site for eclipse plugins or have a look at our releases for more stable versions.
19+
You can use `https://github.com/secure-software-engineering/cards/releases/latest/download/updatesite.zip` as an update site link to stay up to date.
20+
21+
## Building The Artifacts Yourself
22+
23+
Checkout this repository and checkout `https://git.cs.uni-paderborn.de/geismann/attackgraph.git` under `../attackgraph`.
24+
25+
Make sure you have Maven installed, then inside the directory `de.uni_paderborn.swt.cardsAttackgraphParent`, run `mvn clean verify` to build.
26+
The update site will be available inside `de.uni_paderborn.swt.cards.update/target/repository/`.
27+
28+
# Documentation
29+
30+
Learn more about our concepts and tools in our [documentation section](https://github.com/secure-software-engineering/cards/blob/develop/docs/README.md)!

cards-keystore.jks.gpg

4.81 KB
Binary file not shown.
Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<classpath>
3+
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-14"/>
4+
<classpathentry kind="con" path="org.eclipse.pde.core.requiredPlugins"/>
5+
<classpathentry kind="src" path="src"/>
6+
<classpathentry kind="src" path="xtend-gen"/>
7+
<classpathentry kind="output" path="bin"/>
8+
</classpath>
Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
/bin/
2+
xtend-gen/
3+
.settings/
Lines changed: 34 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,34 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<projectDescription>
3+
<name>de.uni_paderborn.swt.cards.analysisGen</name>
4+
<comment></comment>
5+
<projects>
6+
</projects>
7+
<buildSpec>
8+
<buildCommand>
9+
<name>org.eclipse.xtext.ui.shared.xtextBuilder</name>
10+
<arguments>
11+
</arguments>
12+
</buildCommand>
13+
<buildCommand>
14+
<name>org.eclipse.jdt.core.javabuilder</name>
15+
<arguments>
16+
</arguments>
17+
</buildCommand>
18+
<buildCommand>
19+
<name>org.eclipse.pde.ManifestBuilder</name>
20+
<arguments>
21+
</arguments>
22+
</buildCommand>
23+
<buildCommand>
24+
<name>org.eclipse.pde.SchemaBuilder</name>
25+
<arguments>
26+
</arguments>
27+
</buildCommand>
28+
</buildSpec>
29+
<natures>
30+
<nature>org.eclipse.pde.PluginNature</nature>
31+
<nature>org.eclipse.jdt.core.javanature</nature>
32+
<nature>org.eclipse.xtext.ui.shared.xtextNature</nature>
33+
</natures>
34+
</projectDescription>

0 commit comments

Comments
 (0)