• Description: This repository implements a service that orchestrates and aggregates distributed analysis jobs on the CODA platform. It receives requests from the dashboard API and communicates with the site APIs conformant to the CODA API specification.
• Primary author(s): Kevin Arsenault [@arsenaultk9], Xuefei Shi [@xuefeishi], Jeffrey Li [@JeffreyLi16], Maxime Lavigne [@malavv].
• Contributors: Louis Mullie [@louism], Pascal St-Onge [@stongepa].
• License: The code in this repository is released under the GNU General Public License, V3.

• Overview
• Installation
• Usage
• Deployment
• Security
• Want to contribute?

Supply the following environment variables via a .env file:

CODA_HUB_API_PORT=
CODA_AUTH_SERVICE_URL=
CODA_HUB_API_AUTH_REALM=
CODA_HUB_API_AUTH_CLIENT_SECRET=
CODA_HUB_API_AUTH_SESSION_MEMORY_SECRET=
CODA_HUB_CACHE_DB_PORT=
CODA_HUB_CACHE_DB_HOST=

#CODA_HUB_API_EMAIL_HOST=
#CODA_HUB_API_EMAIL_PORT=
#CODA_HUB_API_ERROR_EMAIL_RECIPIENTS=

Start Redis instance (looks for it on 7777 by default).

$ docker run --name some-redis -p 7777:7777 -d redis

Run the hub server (runs on 5427 by default).

$ npm start

$ docker login -u ${USER} -p ${USER}
$ ./publish.sh

Ask a VALERIA team member to update the image in OpenShift.

Use the following commands to check for security threats.

Uses Trivy to scan for security issues.

docker run --rm -v C:\dev\trivy:/root/.cache/ -v //var/run/docker.sock:/var/run/docker.sock  aquasec/trivy image coda-hub-api:latest --security-checks vuln > report.txt

Submits a description of the NPM dependencies of the project to your default registry and asks for a report of known vulnerabilities.

npm audit

Check out CONTRIBUTING.md.