Skip to content
Snippets Groups Projects
Commit 7050cb16 authored by Rawel's avatar Rawel
Browse files

Updated README.md

parent 492b24c0
No related branches found
No related tags found
No related merge requests found
# Docker
This directory contains the docker containers for easy setup of the project.
## Structure
Every container has its own directory along with a `Dockerfile` if necessary and a `data/` directory which is mounted to the container. It persists the data even if the container is removed.
The directory contains the following containers (folders):
### `mongo/`
This container is used to run the MongoDB database. It is used to store the CVE-Search database.
### `mysql/`
This container is used to run the MySQL database. It is used to store the mapping database.
### `python/`
This container is used along the MongoDB container. It is used to run the CVE-Search tool to populate the MongoDB database.
### `redis/`
The redis container is used along the MongoDB container. It is used as a cache for the CVE-Search tool.
### `commit-analysis/`
This is the main container. It includes an `init_scripts` folder which is run when the container is started.
#### The init_scripts
The init_scripts are run when the container is started.
It includes the following scripts:
- `clone_repos.sh`: This script clones the repositories from GitHub which are used in the project.
- `get_linux_full.sh`: Usually, the GitHub repository is used to get the Linux kernel. However, the repository does not
include the full history. This script clones the full history of the Linux kernel.
- `get_mappings_all.sh`: Runs all mapping scripts to populate the MySQL database.
- `run_heuristic_all_parallel.sh`: Runs the heuristic on all the entries in the MySQL database. It runs the script in
parallel to speed up the process.
- `run_all.sh`: This script runs all the other scripts in the correct order.
- `repo_urls.txt`: This file contains the URLs to the repositories which are used in the project. It is used by the
`clone_repos.sh` script.
> **_NOTE:_** Make sure to look into the `run_all.sh` script if you do not want to run all scripts.
> You can comment out the scripts you do not want to run.
\ No newline at end of file
# Commit-based static analysis for Vulnerability Detection # Studying the Effect of Data in Commit-Based Static Analysis
## Introduction ## Introduction
...@@ -21,7 +21,7 @@ developing more effective methods for identifying and addressing vulnerabilities ...@@ -21,7 +21,7 @@ developing more effective methods for identifying and addressing vulnerabilities
## Contents ## Contents
- `Data/`: contains the vulnerable code commit dataset used in the thesis and the methods for generating the dataset. - `Data/`: contains the datasets used in the project and the scripts to process them.
- `Docker/`: contains the docker containers for easy setup of the project. - `Docker/`: contains the docker containers for easy setup of the project.
- `README.md`: this file provides an overview of the repository. - `README.md`: this file provides an overview of the repository.
...@@ -32,7 +32,28 @@ developing more effective methods for identifying and addressing vulnerabilities ...@@ -32,7 +32,28 @@ developing more effective methods for identifying and addressing vulnerabilities
## Usage ## Usage
TODO Make sure to install the dependencies before running the project.
### Setup with Docker
1. Run `docker compose up -d mongo redis mysql` in the root directory of the project to start the databases.
2. Run `docker compose up -d mongo_python` to start populating the CVE-Search database.
3. Run `docker compose up -d --build commit_analysis` to start the main container.
> _NOTE_: Check the README.md in the `Docker/` directory for more information!
### Rebuilding the commit_analysis container
The current code is copied to the `commit_analysis` container.
If any changes are made in the init_scripts, the container needs to be rebuilt.
This can be done by running `docker compose up -d --build commit_analysis`.
### Use of the pre-populated database
The databases expose their ports to the host machine.
To get the ports, check the `docker-compose.yml` file.
You can use those ports to connect to the databases and pre-populate them with the data provided.
Then you do not need to run all mappings.
## License ## License
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment