Skip to content

Latest commit

 

History

History
112 lines (73 loc) · 4.22 KB

README.md

File metadata and controls

112 lines (73 loc) · 4.22 KB

BSI Secvisogram CSAF Validator Service

About the project

This is a service to validate documents against the CSAF standard. It uses the csaf-validator-lib under the hood which is included as a git subtree module.

(back to top)

Getting started

To run the validator service you basically need the same as for developing.

  • install Node.js 16
  • install production dependencies and copy all relevant files to the dist folder by running npm run dist
  • copy the content of the dist folder to your working directory
  • Make sure to set the environment variable NODE_ENV to production
  • Configure the service using a local-production.json file in backend/config. All available parameters are outlined in backend/config/development.json. See https://www.npmjs.com/package/config for more information on how to configure using different techniques such as environment variables.
  • test 6.3.8 requires an installation of hunspell.
  • start the service with node backend/server.js

To manage the process you can use Docker or an init system of your choice.

You most likely also want to run this behind a reverse proxy to handle TLS termination or CORS headers if the service is accessed from other domains. See https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS for more information.

Documentation

The documentation is available as a swagger resource provided by the service itself under /docs. So once the server is running, visit http://localhost:<config port>/docs in your browser. The default port of the application 3000. See configuration to learn about ways to change it.

(back to top)

Configuration

The project uses the config npm package for configuration. It provides a variety of possibilities to inject configuration values e.g. environment variables or environment specific files.

(back to top)

Developing

Prerequisites

You need at least Node.js version 16 or higher. Nodesource provides binary distributions for various Linux distributions.

(back to top)

Installation

  • Install server and csaf-validator-lib dependencies
    npm ci

(back to top)

Run server

  • Start the server

    npm run dev

(back to top)

Testing

Many tests are integration tests which need a running server. So make sure to start it before running the tests:

npm run dev

Tests are implemented using mocha. They can be run using the following command:

npm test

(back to top)

Contributing

You can find our guidelines here CONTRIBUTING.md

(back to top)

Dependencies

For the complete list of dependencies please take a look at package.json

(back to top)