https://github.com/thomasvitale/supply-chain-security-java-training
Workshop about securing the supply chain for Java applications.
https://github.com/thomasvitale/supply-chain-security-java-training
buildpacks graalvm sbom supply-chain-security vulnerability-scanning
Last synced: about 1 month ago
JSON representation
Workshop about securing the supply chain for Java applications.
- Host: GitHub
- URL: https://github.com/thomasvitale/supply-chain-security-java-training
- Owner: ThomasVitale
- License: mpl-2.0
- Created: 2024-05-25T14:06:23.000Z (11 months ago)
- Default Branch: main
- Last Pushed: 2024-06-21T18:07:05.000Z (10 months ago)
- Last Synced: 2025-02-27T02:54:11.494Z (about 2 months ago)
- Topics: buildpacks, graalvm, sbom, supply-chain-security, vulnerability-scanning
- Language: Java
- Homepage:
- Size: 149 KB
- Stars: 6
- Watchers: 1
- Forks: 11
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Supply Chain Security for Java Applications - Training
[](https://codespaces.new/ThomasVitale/supply-chain-security-java-training)
## 🚀 Setting Up the Development Environment
You can set up a development environment to work on this repository either in the cloud or locally.
### Remote Containerized Development Environment
#### GitHub Codespaces
Create a new development environment via [GitHub Codespaces](https://codespaces.new/ThomasVitale/supply-chain-security-java-training). Choose a _Region_ close to where you live and select at least a 4-core machine (8-core would be better). GitHub will automatically open the development environment in a Visual Studio Code instance in your web browser.
### Local Containerized Development Environment
#### DevPod
Pre-requisites:
* [Podman](https://podman-desktop.io) or [Docker](https://www.docker.com)
* [DevPod](https://devpod.sh)
Open DevPod and create a new Workspace. Choose the _Docker_ provider to configure the Workspace on your local container runtime (it supports both Docker and Podman) and enter the URL to this repository (`github.com/ThomasVitale/supply-chain-security-java-training`). Finally, choose in which IDE you'd like to open the Workspace. By default, the Workspace is opened in a Visual Studio Code instance in your web browser. If you have an IDE installed on your machine (e.g. Visual Studio Code or IntelliJ IDEA), you can decide to use one of them instead.
#### Visual Studio Code
Pre-requisites:
* [Podman](https://podman-desktop.io) or [Docker](https://www.docker.com)
* [Visual Studio Code](https://code.visualstudio.com) with the [Dev Containers](https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.remote-containers) extension installed.
Clone the repository (`git clone https://github.com/ThomasVitale/supply-chain-security-java-training.git`) and open it in your local Visual Studio Code. You will be prompted to `Reopen in Container` the project. If you accept, you will get a local containerized development environment and available through your local Visual Studio Code.
#### IntelliJ IDEA
Pre-requisites:
* [Podman](https://podman-desktop.io) or [Docker](https://www.docker.com)
* [IntelliJ IDEA](https://www.jetbrains.com/idea/)
Open IntelliJ IDEA. From the Welcome screen, choose `Remote Development > Dev Containers > New Dev Container` and enter the URL to this repository (`github.com/ThomasVitale/supply-chain-security-java-training`).
### Local Development Environment
Pre-requisites:
* [Podman](https://podman-desktop.io) or [Docker](https://www.docker.com)
* Java 22 (install via [SDKMAN!](https://sdkman.io/jdks))
* Your favourite Java IDE
Clone the repository (`git clone https://github.com/ThomasVitale/supply-chain-security-java-training.git`) and open it in your favourite Java IDE.
## 🖊️ License
All the textual content in this project is licensed under the **Creative Commons Attribution-NonCommercial 4.0 International** (CC BY-NC 4.0).
All the source code in this project is licensed under the **Mozilla Public License Version 2.0**. See [LICENSE](LICENSE) for more information.