Skip to content

Commit

Permalink
Build and Publishing improvements (#402)
Browse files Browse the repository at this point in the history
Co-authored-by: Wilke Matthias Fabian (HOME/EET1 ❤️) <[email protected]>
  • Loading branch information
nightm4re94 and Wilke Matthias Fabian (HOME/EET1 ❤️) authored Aug 22, 2024
1 parent 1e36cdb commit 181e774
Show file tree
Hide file tree
Showing 9 changed files with 109 additions and 319 deletions.
107 changes: 34 additions & 73 deletions build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -16,67 +16,35 @@
* Copyright (c) 2015 Wei Ma. All Rights Reserved.
*/

ext {
odcVersion = '10.0.3'
openVulnClientVersion = '5.1.1'
slackWebhookVersion = '1.4.0'
spockCoreVersion = '2.3-groovy-3.0'
plugins {
id('groovy')
id('idea')
id('eclipse')
id('signing')
id('project-report')
id('build-dashboard')
alias(libs.plugins.gradle.plugin.publish)
}

group = 'org.owasp'
version = "${odcVersion}"

buildscript {
repositories {
mavenLocal()
mavenCentral()
maven {
url 'https://plugins.gradle.org/m2/'
}
}
dependencies {
classpath "com.gradle.publish:plugin-publish-plugin:0.11.0"
}
}

apply plugin: 'groovy'
apply plugin: 'java-gradle-plugin'
apply plugin: 'idea'
apply plugin: 'eclipse'
apply plugin: 'maven-publish'
apply plugin: 'signing'
apply plugin: 'project-report'
apply plugin: 'build-dashboard'
apply plugin: 'com.gradle.plugin-publish'

repositories {
mavenLocal()
maven {
name 'OWASP dependency-check snapshot'
url 'https://oss.sonatype.org/content/repositories/snapshots'
}
mavenCentral()
}
version = libs.versions.odc.get()

dependencies {
implementation(
localGroovy(),
gradleApi()
)
api(
"org.owasp:dependency-check-core:$odcVersion",
"org.owasp:dependency-check-utils:$odcVersion",
"io.github.jeremylong:open-vulnerability-clients:$openVulnClientVersion",
"net.gpedro.integrations.slack:slack-webhook:$slackWebhookVersion"
)
implementation localGroovy()
implementation gradleApi()

api libs.owasp.dependencyCheck.core
api libs.owasp.dependencyCheck.utils
api libs.openVuln.clients
api libs.slack.webhook

testImplementation gradleTestKit()
testImplementation("org.spockframework:spock-core:$spockCoreVersion") {
testImplementation(libs.spock.core) {
exclude module: 'groovy-all'
}
testImplementation 'org.junit.jupiter:junit-jupiter-api:5.9.3'
testImplementation 'org.junit.jupiter:junit-jupiter-params:5.9.3'
testRuntimeOnly 'org.junit.jupiter:junit-jupiter-engine:5.9.3'
testImplementation libs.junit.jupiter.api
testImplementation libs.junit.jupiter.params
testRuntimeOnly libs.junit.jupiter.engine
}
test {
useJUnitPlatform()
Expand All @@ -86,28 +54,24 @@ test.onlyIf { !project.hasProperty('skipTests') }
java {
sourceCompatibility = JavaVersion.VERSION_1_8
targetCompatibility = JavaVersion.VERSION_1_8

withJavadocJar()
withSourcesJar()
}

javadoc {
if(JavaVersion.current().isJava9Compatible()) {
if (JavaVersion.current().isJava9Compatible()) {
options.addBooleanOption('html5', true)
}
}

publishing {
publications {
maven(MavenPublication) {
groupId "$group"
artifactId 'dependency-check-gradle'
version "$version"
groupId = project.group
artifactId = 'dependency-check-gradle'
version = project.version
from components.java
pom {
name = 'dependency-check-gradle'
description = 'OWASP dependency-check gradle plugin is a software ' +
'composition analysis tool used to find known vulnerable dependencies.'
description = 'OWASP dependency-check gradle plugin is a software composition analysis tool used to find known vulnerable dependencies.'

url = 'https://jeremylong.github.io/DependencyCheck/'

Expand All @@ -131,15 +95,14 @@ publishing {
}
}
}
pluginPublication (MavenPublication) {
groupId "$group"
artifactId 'dependency-check-gradle'
version "$version"
pluginPublication(MavenPublication) {
groupId = project.group
artifactId = 'dependency-check-gradle'
version = project.version
from components.java
pom {
name = 'dependency-check-gradle'
description = 'OWASP dependency-check gradle plugin is a software ' +
'composition analysis tool used to find known vulnerable dependencies.'
description = 'OWASP dependency-check gradle plugin is a software composition analysis tool used to find known vulnerable dependencies.'

url = 'https://jeremylong.github.io/DependencyCheck/'

Expand Down Expand Up @@ -179,21 +142,19 @@ signing {
sign publishing.publications.pluginPublication
}

pluginBundle {
gradlePlugin {
website = 'http://jeremylong.github.io/DependencyCheck/dependency-check-gradle/index.html'
vcsUrl = 'https://github.com/dependency-check/dependency-check-gradle/'
description = 'A software composition analysis plugin that identifies known vulnerable dependencies used by the project.'
tags = ['OWASP', 'dependency-check', 'gradle-plugin', 'software-composition-analysis', 'vulnerability-detection', 'security']

plugins {
dependencyCheck {
id = 'org.owasp.dependencycheck'
displayName = 'OWASP dependency-check-gradle plugin'
description = 'A software composition analysis plugin that identifies known vulnerable dependencies used by the project.'
tags.addAll('OWASP', 'dependency-check', 'gradle-plugin', 'software-composition-analysis', 'vulnerability-detection', 'security')
implementationClass = 'org.owasp.dependencycheck.gradle.DependencyCheckPlugin'
}
}
mavenCoordinates {
groupId = "org.owasp"
}
}

publish.dependsOn publishPlugins
Expand Down
21 changes: 21 additions & 0 deletions gradle/libs.versions.toml
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
[versions]
odc = '10.0.3'
spock = '2.3-groovy-3.0'
junit = '5.10.3'

[libraries]
owasp-dependencyCheck-core = { module = "org.owasp:dependency-check-core", version.ref = "odc" }
owasp-dependencyCheck-utils = { module = "org.owasp:dependency-check-utils", version.ref = "odc" }
openVuln-clients = { module = "io.github.jeremylong:open-vulnerability-clients", version = "6.1.7" }
slack-webhook = { module = "net.gpedro.integrations.slack:slack-webhook", version = "1.4.0" }

junit-jupiter-api = { module = 'org.junit.jupiter:junit-jupiter-api', version.ref = "junit" }
junit-jupiter-params = { module = 'org.junit.jupiter:junit-jupiter-params', version.ref = "junit" }
junit-jupiter-engine = { module = 'org.junit.jupiter:junit-jupiter-engine', version.ref = "junit" }

spock-core = { module = 'org.spockframework:spock-core', version.ref = "spock" }

[bundles]

[plugins]
gradle-plugin-publish = { id = "com.gradle.plugin-publish", version = "1.2.1" }
Binary file modified gradle/wrapper/gradle-wrapper.jar
Binary file not shown.
3 changes: 2 additions & 1 deletion gradle/wrapper/gradle-wrapper.properties
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
distributionBase=GRADLE_USER_HOME
distributionPath=wrapper/dists
distributionUrl=https\://services.gradle.org/distributions/gradle-7.6.4-all.zip
distributionUrl=https\://services.gradle.org/distributions/gradle-8.9-bin.zip
networkTimeout=10000
validateDistributionUrl=true
zipStoreBase=GRADLE_USER_HOME
zipStorePath=wrapper/dists
34 changes: 21 additions & 13 deletions gradlew
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,8 @@
# See the License for the specific language governing permissions and
# limitations under the License.
#
# SPDX-License-Identifier: Apache-2.0
#

##############################################################################
#
Expand Down Expand Up @@ -55,7 +57,7 @@
# Darwin, MinGW, and NonStop.
#
# (3) This script is generated from the Groovy template
# https://github.com/gradle/gradle/blob/HEAD/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
# https://github.com/gradle/gradle/blob/HEAD/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
# within the Gradle project.
#
# You can find Gradle at https://github.com/gradle/gradle/.
Expand Down Expand Up @@ -83,10 +85,9 @@ done
# This is normally unused
# shellcheck disable=SC2034
APP_BASE_NAME=${0##*/}
APP_HOME=$( cd "${APP_HOME:-./}" && pwd -P ) || exit

# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
# Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036)
APP_HOME=$( cd -P "${APP_HOME:-./}" > /dev/null && printf '%s
' "$PWD" ) || exit

# Use the maximum available, or set MAX_FD != -1 to use that value.
MAX_FD=maximum
Expand Down Expand Up @@ -133,26 +134,29 @@ location of your Java installation."
fi
else
JAVACMD=java
which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
if ! command -v java >/dev/null 2>&1
then
die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
Please set the JAVA_HOME variable in your environment to match the
location of your Java installation."
fi
fi

# Increase the maximum file descriptors if we can.
if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then
case $MAX_FD in #(
max*)
# In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked.
# shellcheck disable=SC3045
# shellcheck disable=SC2039,SC3045
MAX_FD=$( ulimit -H -n ) ||
warn "Could not query maximum file descriptor limit"
esac
case $MAX_FD in #(
'' | soft) :;; #(
*)
# In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked.
# shellcheck disable=SC3045
# shellcheck disable=SC2039,SC3045
ulimit -n "$MAX_FD" ||
warn "Could not set maximum file descriptor limit to $MAX_FD"
esac
Expand Down Expand Up @@ -197,11 +201,15 @@ if "$cygwin" || "$msys" ; then
done
fi

# Collect all arguments for the java command;
# * $DEFAULT_JVM_OPTS, $JAVA_OPTS, and $GRADLE_OPTS can contain fragments of
# shell script including quotes and variable substitutions, so put them in
# double quotes to make sure that they get re-expanded; and
# * put everything else in single quotes, so that it's not re-expanded.

# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'

# Collect all arguments for the java command:
# * DEFAULT_JVM_OPTS, JAVA_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments,
# and any embedded shellness will be escaped.
# * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be
# treated as '${Hostname}' itself on the command line.

set -- \
"-Dorg.gradle.appname=$APP_BASE_NAME" \
Expand Down
22 changes: 12 additions & 10 deletions gradlew.bat
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,8 @@
@rem See the License for the specific language governing permissions and
@rem limitations under the License.
@rem
@rem SPDX-License-Identifier: Apache-2.0
@rem

@if "%DEBUG%"=="" @echo off
@rem ##########################################################################
Expand Down Expand Up @@ -43,11 +45,11 @@ set JAVA_EXE=java.exe
%JAVA_EXE% -version >NUL 2>&1
if %ERRORLEVEL% equ 0 goto execute

echo.
echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
echo.
echo Please set the JAVA_HOME variable in your environment to match the
echo location of your Java installation.
echo. 1>&2
echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 1>&2
echo. 1>&2
echo Please set the JAVA_HOME variable in your environment to match the 1>&2
echo location of your Java installation. 1>&2

goto fail

Expand All @@ -57,11 +59,11 @@ set JAVA_EXE=%JAVA_HOME%/bin/java.exe

if exist "%JAVA_EXE%" goto execute

echo.
echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
echo.
echo Please set the JAVA_HOME variable in your environment to match the
echo location of your Java installation.
echo. 1>&2
echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 1>&2
echo. 1>&2
echo Please set the JAVA_HOME variable in your environment to match the 1>&2
echo location of your Java installation. 1>&2

goto fail

Expand Down
20 changes: 19 additions & 1 deletion settings.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -16,4 +16,22 @@
* Copyright (c) 2015 Wei Ma. All Rights Reserved.
*/

rootProject.name = 'dependency-check-gradle'
pluginManagement {
repositories {
gradlePluginPortal()
}
}

dependencyResolutionManagement() {
repositories {
mavenLocal()
maven {
name 'OWASP dependency-check snapshot'
url 'https://oss.sonatype.org/content/repositories/snapshots'
}
mavenCentral()
}
}


rootProject.name = 'dependency-check-gradle'

This file was deleted.

Loading

0 comments on commit 181e774

Please sign in to comment.