antenna
antenna copied to clipboard
Published
20 hours ago •
eclipse-archived
eclipse-archived
Supported Antenna Use Cases
Summary of the Feature
The first comment below contains the use cases that should be supported within Antenna over time. The idea of this issue is to start the discussion on these use cases so that we can derive the right tasks for proceeding on this topic.
Use Case: Coordinate based identification with lazy component approval
Execution sequence:
- ORT Analyzer - Identification of the dependencies
- SW360 Enricher - Get known metadata on dependencies
- Antenna Conf Handler - Read in Antenna configuration and adapt model to local changes
- Clearly Defined Enricher - Get publicly available metadata on unknown components - identify mismatches
- Other Enrichers - E.g., commercial information, Dependency Track for vulnerabilities, ...
- Local Downloader - Download all existing sources from a local repository
- ORT Downloader - Download missing source information
- Policy Engine - Evaluate the existing model towards consistency with company policies
- SW360 Updater - Update SW360 project trace information, add new components and releases, potentially add facts on existing components
- FOSS Bundle Generation - Create the FOSS Compliance Bundle
- ORT Reporter - Create an summary of the antenna run
Use Case: Hash based identification with lazy component approval
Execution sequence:
- Antenna Hash Analyzer - Gather dependencies and build hashes of the identified file system objects
- SW360 Enricher - Identify components and return known metadata based on these hashes
- Antenna Conf Handler - Read in Antenna configuration and adapt model to local changes
- Local Downloader - Download all existing sources from a local repository
- Policy Engine - Evaluate the existing model towards consistency with company policies
- SW360 Updater - Update SW360 project trace information, add new components and releases based on file system information of the new hashes
- FOSS Bundle Generation - Create the FOSS Compliance Bundle
- ORT Reporter - Create an summary of the antenna run
Use Case: Coordinate based identification with pre planned dependencies
Execution sequence:
- ORT Analyzer - Identification of the dependencies
- SW360 Enricher - Get known metadata on dependencies and valid trace information for project
- Antenna Conf Handler - Read in Antenna configuration and adapt model to local changes
- Clearly Defined Enricher - Get publicly available metadata on unknown components - identify mismatches
- Other Enrichers - E.g., commercial information, Dependency Track for vulnerabilities, ...
- Local Downloader - Download all existing sources from a local repository
- ORT Downloader - Download missing source information
- Policy Engine - Evaluate the existing model towards consistency with company policies, check for unallowed components due to SW360 trace information
- SW360 Updater - Add new components and releases, potentially add facts on existing components
- FOSS Bundle Generation - Create the FOSS Compliance Bundle
- ORT Reporter - Create an summary of the antenna run
Use Case: Hash based identification with pre planned dependencies
Execution sequence:
- Antenna Hash Analyzer - Gather dependencies and build hashes of the identified file system objects
- SW360 Enricher - Identify components and return known metadata based on these hashes
- Antenna Conf Handler - Read in Antenna configuration and adapt model to local changes
- Local Downloader - Download all existing sources from a local repository
- Policy Engine - Evaluate the existing model towards consistency with company policies, check for unallowed components due to SW360 trace information
- SW360 Updater - Add new components and releases, potentially add facts on existing components
- FOSS Bundle Generation - Create the FOSS Compliance Bundle
- ORT Reporter - Create an summary of the antenna run
Use Case: Compliance Office handling of new data
Execution sequence:
- CSV Analyzer - Gather the components to be added to SW360
- SW360 Enricher - Identify components and return known metadata based on these hashes
- Clearly Defined Enricher - Get publicly available metadata on unknown components - identify mismatches
- Other Enrichers - E.g., commercial information, Dependency Track for vulnerabilities, ...
- Local Downloader - Download all existing sources from a local repository
- ORT Downloader - Download missing source information
- SW360 Updater - Add new components and releases, add facts on existing components
- ORT Reporter - Create an summary of the antenna run