From 27447e6bd82fb902a19e953e0a1da68c9e88e8fb Mon Sep 17 00:00:00 2001 From: micronaut-build <65172877+micronaut-build@users.noreply.github.com> Date: Thu, 9 Jan 2025 19:33:25 +0100 Subject: [PATCH] Sonatype Scan Gradle Plugin (#670) --- .github/workflows/gradle.yml | 7 +++++++ buildSrc/build.gradle | 8 ++++++++ buildSrc/settings.gradle | 8 +++++++- .../io.micronaut.build.internal.spring-module.gradle | 10 ++++++++++ gradle/libs.versions.toml | 3 ++- 5 files changed, 34 insertions(+), 2 deletions(-) diff --git a/.github/workflows/gradle.yml b/.github/workflows/gradle.yml index 571e79a24..32d879ad1 100644 --- a/.github/workflows/gradle.yml +++ b/.github/workflows/gradle.yml @@ -30,6 +30,8 @@ jobs: PREDICTIVE_TEST_SELECTION: "${{ github.event_name == 'pull_request' && 'true' || 'false' }}" SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + OSS_INDEX_USERNAME: ${{ secrets.OSS_INDEX_USERNAME }} + OSS_INDEX_PASSWORD: ${{ secrets.OSS_INDEX_PASSWORD }} steps: # https://github.com/actions/virtual-environments/issues/709 - name: "🗑 Free disk space" @@ -58,6 +60,11 @@ jobs: run: | [ -f ./setup.sh ] && ./setup.sh || [ ! -f ./setup.sh ] + - name: "🚔 Sonatype Scan" + id: sonatypescan + run: | + ./gradlew ossIndexAudit --no-parallel --info + - name: "🛠 Build with Gradle" id: gradle run: | diff --git a/buildSrc/build.gradle b/buildSrc/build.gradle index 678405245..46759698d 100644 --- a/buildSrc/build.gradle +++ b/buildSrc/build.gradle @@ -1,3 +1,11 @@ plugins { id 'groovy-gradle-plugin' } + +repositories { + mavenCentral() +} + +dependencies { + implementation(libs.sonatype.scan) +} diff --git a/buildSrc/settings.gradle b/buildSrc/settings.gradle index 359ea7341..6f31e6ef7 100644 --- a/buildSrc/settings.gradle +++ b/buildSrc/settings.gradle @@ -1 +1,7 @@ -rootProject.name = 'spring-parent' \ No newline at end of file +dependencyResolutionManagement { + versionCatalogs { + libs { + from(files("../gradle/libs.versions.toml")) + } + } +} diff --git a/buildSrc/src/main/groovy/io.micronaut.build.internal.spring-module.gradle b/buildSrc/src/main/groovy/io.micronaut.build.internal.spring-module.gradle index 8d9c919f1..5bd2983a2 100644 --- a/buildSrc/src/main/groovy/io.micronaut.build.internal.spring-module.gradle +++ b/buildSrc/src/main/groovy/io.micronaut.build.internal.spring-module.gradle @@ -1,6 +1,16 @@ plugins { id 'io.micronaut.build.internal.spring-base' id 'io.micronaut.build.internal.module' + id("org.sonatype.gradle.plugins.scan") +} +String ossIndexUsername = System.getenv("OSS_INDEX_USERNAME") ?: project.properties["ossIndexUsername"] +String ossIndexPassword = System.getenv("OSS_INDEX_PASSWORD") ?: project.properties["ossIndexPassword"] +boolean sonatypePluginConfigured = ossIndexUsername != null && ossIndexPassword != null +if (sonatypePluginConfigured) { + ossIndexAudit { + username = ossIndexUsername + password = ossIndexPassword + } } repositories { diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index f59c1476a..fcd97e99c 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -12,6 +12,7 @@ micronaut-cache = "5.0.0" micronaut-views = "5.6.0" micronaut-validation = "4.8.0" micronaut-servlet = "4.12.0" +sonatype-scan = "3.0.0" [libraries] # Micronaut @@ -43,5 +44,5 @@ spring-boot-test = { module = 'org.springframework.boot:spring-boot-starter-test spring-test = { module = 'org.springframework:spring-test', version.ref = 'managed-spring' } spock-spring = { module = 'org.spockframework:spock-spring' } - +sonatype-scan = { module = "org.sonatype.gradle.plugins:scan-gradle-plugin", version.ref = "sonatype-scan" } h2database = { module = 'com.h2database:h2', version.ref = 'h2' }