@@ -666,3 +666,36 @@ dependencyUpdates { | |||
rejected | |||
} | |||
} | |||
// Hack to avoid unecessary yarn install. | |||
// This will create a avoidInstallTask task on which both installTask & runTask will depend. | |||
// installTask is disabled and will only be activated by avoidInstallTask when it is executed | |||
// Because it is set to share the same dependencies, avoidInstallTask will be executed only if | |||
// the runTask will be executed | |||
ext.avoidYarnInstallIfPossible = { taskList, installTask, runTask -> | |||
// Disable the yarn install task | |||
installTask.enabled = false; | |||
def avoidInstallTask = taskList.register('avoidInstallTask_' + runTask.name) { | |||
// Copy all inputs and outputs | |||
runTask.inputs.getFiles().each { fi -> | |||
if (fi.isDirectory()) inputs.dir(fi) | |||
else inputs.file(fi) | |||
} | |||
runTask.outputs.getFiles().each { fi -> | |||
if (fi.isDirectory()) outputs.dir(fi) | |||
else outputs.file(fi) | |||
} | |||
outputs.cacheIf { true } | |||
// Activate the yarn install task | |||
doLast { | |||
installTask.enabled = true | |||
} | |||
} | |||
runTask.dependsOn(installTask) | |||
runTask.dependsOn(avoidInstallTask) | |||
installTask.dependsOn(avoidInstallTask) | |||
} |
@@ -67,6 +67,10 @@ yarn_run { | |||
outputs.cacheIf { true } | |||
args = ['build'] | |||
} | |||
build.dependsOn(yarn_run) | |||
avoidYarnInstallIfPossible(tasks, yarn, yarn_run); | |||
// To clean outputs outside of "build" directory: | |||
clean.dependsOn(cleanYarn_run) | |||
@@ -97,12 +101,15 @@ clean.dependsOn(cleanYarn_run) | |||
dependsOn(yarn) | |||
} | |||
avoidYarnInstallIfPossible(tasks, yarn, tasks.getByName("yarn_validate-ci")); | |||
// Check for known vulnerabilities | |||
task dependency_audit(type: Exec) { | |||
inputs.file('package.json') | |||
outputs.cacheIf { false } | |||
commandLine 'yarn', 'npm', 'audit', '--environment', 'production', '--severity', 'high' | |||
ignoreExitValue = true | |||
dependsOn(yarn) | |||
} | |||
@@ -24,9 +24,13 @@ yarn_run { | |||
outputs.dir(webappDir) | |||
outputs.cacheIf { true } | |||
args = ['build-release'] | |||
dependsOn(yarn) | |||
} | |||
build.dependsOn(yarn_run) | |||
avoidYarnInstallIfPossible(tasks, yarn, yarn_run); | |||
"yarn_check-ci" { | |||
// Note that outputs are not relocatable, because contain absolute paths, and that's why inputs are not relativized | |||
['config', 'src'].each { | |||
@@ -54,12 +58,15 @@ build.dependsOn(yarn_run) | |||
dependsOn(yarn) | |||
} | |||
avoidYarnInstallIfPossible(tasks, yarn, tasks.getByName("yarn_validate-ci")); | |||
// Check for known vulnerabilities | |||
task dependency_audit(type: Exec) { | |||
inputs.file('package.json') | |||
outputs.cacheIf { false } | |||
commandLine 'yarn', 'npm', 'audit', '--environment', 'production', '--severity', 'high' | |||
ignoreExitValue = true | |||
dependsOn(yarn) | |||
} | |||