mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
30945 Commits
59 Branches
Tree: 41d73907d9
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '41d73907d9'
${ noResults }
sonarqube/build.gradle

build.gradle 26KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681 
  1. plugins {

  2.   // Ordered alphabeticly

  3.   id 'com.github.ben-manes.versions' version '0.33.0'

  4.   id 'com.github.hierynomus.license' version '0.15.0'

  5.   id 'com.github.johnrengelman.shadow' version '5.2.0' apply false

  6.   id 'com.google.protobuf' version '0.8.13' apply false

  7.   id 'com.jfrog.artifactory' version '4.21.0'

  8.   id 'com.github.node-gradle.node' version '2.2.4' apply false

  9.   id 'io.spring.dependency-management' version '1.0.10.RELEASE'

  10.   id "com.asarkar.gradle.build-time-tracker" version "2.0.4" apply false

  11.   id 'org.owasp.dependencycheck' version '6.1.6'

  12.   id 'org.sonarqube' version '3.0'

  13.   id "de.undercouch.download" version "4.1.1" apply false

  14. }

  15. 

  16. // display a summary of task durations at the end of the build

  17. if (project.hasProperty('time-tracker')) {

  18.   apply plugin: 'com.asarkar.gradle.build-time-tracker'

  19.   buildTimeTracker {

  20.     sort = true

  21.     maxWidth = 80

  22.     minTaskDuration = Duration.ofSeconds(1)

  23.   }

  24. }

  25. 

  26. 

  27. if (!JavaVersion.current().java11Compatible) {

  28.   throw new GradleException("JDK 11+ is required to perform this build. It's currently " + System.getProperty("java.home") + ".")

  29. }

  30. 

  31. apply plugin: 'org.owasp.dependencycheck'

  32. dependencyCheck {

  33.   analyzers {

  34.     assemblyEnabled = false

  35.     autoconfEnabled = false

  36.     bundleAuditEnabled = false

  37.     cmakeEnabled = false

  38.     cocoapodsEnabled = false

  39.     composerEnabled = false

  40.     cocoapodsEnabled = false

  41.     golangDepEnabled = false

  42.     golangModEnabled = false

  43.     nodeAudit {

  44.       skipDevDependencies = true

  45.     }

  46.     nuspecEnabled = false

  47.     nugetconfEnabled = false

  48.     rubygemsEnabled = false

  49.     swiftEnabled = false

  50.   }

  51.   format = 'ALL'

  52.   junitFailOnCVSS = 0

  53.   failBuildOnCVSS = 0

  54.   suppressionFiles = ["${project.rootDir}/private/owasp/suppressions.xml", "${project.rootDir}/private/owasp/vulnerabilities.xml"]

  55.   skipProjects = project.subprojects

  56.       .findAll {it.name.contains('testing') ||

  57.           it.name.startsWith('it-') ||

  58.           it.name.contains('-test') ||

  59.           it.name == 'sonar-ws-generator'}

  60.       .collect { it.path }

  61. }

  62. 

  63. allprojects {

  64.   apply plugin: 'com.jfrog.artifactory'

  65.   apply plugin: 'maven-publish'

  66. 

  67.   ext.versionInSources = version

  68.   ext.buildNumber = System.getProperty("buildNumber")

  69.   // when no buildNumber is provided, then project version must end with '-SNAPSHOT'

  70.   if (ext.buildNumber == null) {

  71.       version = "${version}-SNAPSHOT".toString()

  72.       ext.versionWithoutBuildNumber = version

  73.   } else {

  74.       ext.versionWithoutBuildNumber = version

  75.       version = (version.toString().count('.') == 1 ? "${version}.0.${ext.buildNumber}" : "${version}.${ext.buildNumber}").toString()

  76.   }

  77. 

  78.   ext {

  79.     release = project.hasProperty('release') && project.getProperty('release')

  80.     official = project.hasProperty('official') && project.getProperty('official')

  81.   }

  82. 

  83.   repositories {

  84.     def repository = project.hasProperty('qa') ? 'sonarsource-qa' : 'sonarsource'

  85.     maven {

  86.       // The environment variables ARTIFACTORY_PRIVATE_USERNAME and ARTIFACTORY_PRIVATE_PASSWORD are used on QA env (Jenkins)

  87.       // On local box, please add artifactoryUsername and artifactoryPassword to ~/.gradle/gradle.properties

  88.       def artifactoryUsername = System.env.'ARTIFACTORY_PRIVATE_USERNAME' ?: (project.hasProperty('artifactoryUsername') ? project.getProperty('artifactoryUsername') : '')

  89.       def artifactoryPassword = System.env.'ARTIFACTORY_PRIVATE_PASSWORD' ?: (project.hasProperty('artifactoryPassword') ? project.getProperty('artifactoryPassword') : '')

  90.       if (artifactoryUsername && artifactoryPassword) {

  91.         credentials {

  92.           username artifactoryUsername

  93.           password artifactoryPassword

  94.         }

  95.       } else {

  96.         // Workaround for artifactory

  97.         // https://www.jfrog.com/jira/browse/RTFACT-13797

  98.         repository = 'public'

  99.       }

  100.       url "https://repox.jfrog.io/repox/${repository}"

  101.     }

  102.   }

  103. 

  104.   task allDependencies {

  105.     dependsOn 'dependencies'

  106.   }

  107. 

  108.   artifactory {

  109.     clientConfig.setIncludeEnvVars(true)

  110.     clientConfig.setEnvVarsExcludePatterns('*password*,*PASSWORD*,*secret*,*MAVEN_CMD_LINE_ARGS*,sun.java.command,*token*,*TOKEN*,*LOGIN*,*login*,*key*,*KEY*,*signing*')

  111.     contextUrl = System.getenv('ARTIFACTORY_URL')

  112.     publish {

  113.       repository {

  114.         repoKey = System.getenv('ARTIFACTORY_DEPLOY_REPO')

  115.         username = System.getenv('ARTIFACTORY_DEPLOY_USERNAME') ?: project.properties.artifactoryUsername

  116.         password = System.getenv('ARTIFACTORY_DEPLOY_PASSWORD') ?: project.properties.artifactoryPaswword

  117.       }

  118.       defaults {

  119.         properties = [

  120.             'build.name': 'sonar-enterprise',

  121.             'build.number': System.getenv('BUILD_NUMBER'),

  122.             'pr.branch.target': System.getenv('GITHUB_BASE_BRANCH'),

  123.             'pr.number': System.getenv('PULL_REQUEST'),

  124.             'vcs.branch': System.getenv('GITHUB_BRANCH'),

  125.             'vcs.revision': System.getenv('GIT_SHA1'),

  126.             'version': version

  127.         ]

  128.         publications('mavenJava')

  129.         publishPom = true

  130.         publishIvy = false

  131.       }

  132.     }

  133.     clientConfig.info.setBuildName('sonar-enterprise')

  134.     clientConfig.info.setBuildNumber(System.getenv('BUILD_NUMBER'))

  135.     // Define the artifacts to be deployed to https://binaries.sonarsource.com on releases

  136.     clientConfig.info.addEnvironmentProperty('ARTIFACTS_TO_PUBLISH',

  137.         "${project.group}:sonar-application:zip," +

  138.             "com.sonarsource.sonarqube:sonarqube-developer:zip," +

  139.             "com.sonarsource.sonarqube:sonarqube-datacenter:zip," +

  140.             "com.sonarsource.sonarqube:sonarqube-enterprise:zip")

  141.     // The name of this variable is important because it's used by the delivery process when extracting version from Artifactory build info.

  142.     clientConfig.info.addEnvironmentProperty('PROJECT_VERSION', "${version}")

  143.   }

  144. }

  145. 

  146. apply plugin: 'org.sonarqube'

  147. sonarqube {

  148.     properties {

  149.         property 'sonar.projectName', projectTitle

  150.         property 'sonar.projectVersion', "${versionInSources}-SNAPSHOT"

  151.         property 'sonar.buildString', version

  152.     }

  153. }

  154. 

  155. tasks.named('wrapper') {

  156.     distributionType = Wrapper.DistributionType.ALL

  157. }

  158. 

  159. subprojects {

  160.   apply plugin: 'com.github.hierynomus.license'

  161.   apply plugin: 'io.spring.dependency-management'

  162.   apply plugin: 'jacoco'

  163.   apply plugin: 'java'

  164.   apply plugin: 'idea'

  165.   apply plugin: 'signing'

  166. 

  167.   // do not deploy to Artifactory by default

  168.   artifactoryPublish.skip = true

  169. 

  170.   def testFixtureSrc = 'src/testFixtures'

  171.   if (file(testFixtureSrc).exists()) {

  172.     apply plugin: 'java-test-fixtures'

  173.   }

  174. 

  175.   ext {

  176.     protobufVersion = '3.11.4'

  177. 

  178.     // define a method which can be called by project to change Java version to compile to

  179.     configureCompileJavaToVersion = { javaVersion ->

  180.       if ( javaVersion != 11 & javaVersion != 8) {

  181.         throw new InvalidUserDataException("Only Java 8 and 11 are supported")

  182.       }

  183.       if ( javaVersion == 8 ) {

  184.         println "Configuring project ${project.name} to compile to Java ${javaVersion}"

  185. 

  186.         if (!project.hasProperty('skipJava8Checks')) {

  187.           task ensureDependenciesRunOnJava8(dependsOn: [configurations.compileClasspath]) {

  188.             ext.readJavaMajorVersion = { classFile ->

  189.               classFile.withDataInputStream({ d ->

  190.                 if (d.skip(7) == 7) {

  191.                   // read the version of the class file

  192.                   d.read()

  193.                 } else {

  194.                   throw new GradleException("Could not read major version from $classFile")

  195.                 }

  196.               })

  197.             }

  198. 

  199.             doLast {

  200.               [configurations.compileClasspath].each { config ->

  201.                 config.resolvedConfiguration.files

  202.                   .findAll({ f -> f.name.endsWith("jar") })

  203.                   .each { jarFile ->

  204.                     def onlyJava8 = true

  205.                     zipTree(jarFile)

  206.                       .matching({

  207.                         include "**/*.class"

  208.                         // multi-release jar files were introduced with Java 9 => contains only classes targeting Java 9+

  209.                         exclude "META-INF/versions/**"

  210.                         // ignore module-info existing in some archives for Java 9 forward compatibility

  211.                         exclude "module-info.class"

  212.                       })

  213.                       .files

  214.                       .each { classFile ->

  215.                         int javaMajorVersion = readJavaMajorVersion(classFile)

  216.                         if (javaMajorVersion > 52) {

  217.                           println "$classFile has been compiled to a more recent version of Java than 8 (java8=52, java11=55, actual=$javaMajorVersion)"

  218.                           onlyJava8 = false

  219.                         }

  220.                       }

  221.                     if (!onlyJava8) {

  222.                       throw new GradleException("Dependency ${jarFile} in configuration ${config.name} contains class file(s) compiled to a Java version > Java 8 (see logs for details)")

  223.                     }

  224.                   }

  225.               }

  226.             }

  227.           }

  228. 

  229.           compileJava.dependsOn ensureDependenciesRunOnJava8

  230.         }

  231.       }

  232. 

  233.       sourceCompatibility = javaVersion

  234.       targetCompatibility = javaVersion

  235. 

  236.       tasks.withType(JavaCompile) {

  237.         options.compilerArgs.addAll(['--release', javaVersion + ''])

  238.         options.encoding = 'UTF-8'

  239.       }

  240.     }

  241.   }

  242. 

  243.   configureCompileJavaToVersion 11

  244. 

  245.   sonarqube {

  246.     properties {

  247.       property 'sonar.moduleKey', project.group + ':' + project.name

  248.     }

  249.   }

  250. 

  251.   // Central place for definition dependency versions and exclusions.

  252.   dependencyManagement {

  253.     dependencies {

  254.       // bundled plugin list -- keep it alphabetically ordered

  255.       dependency 'com.sonarsource.abap:sonar-abap-plugin:3.9.1.3127'

  256.       dependency 'com.sonarsource.cobol:sonar-cobol-plugin:4.6.2.4876'

  257.       dependency 'com.sonarsource.cpp:sonar-cfamily-plugin:6.20.1.32841'

  258.       dependency 'com.sonarsource.pli:sonar-pli-plugin:1.11.1.2727'

  259.       dependency 'com.sonarsource.plsql:sonar-plsql-plugin:3.6.1.3873'

  260.       dependency 'com.sonarsource.plugins.vb:sonar-vb-plugin:2.7.1.2721'

  261.       dependency 'com.sonarsource.rpg:sonar-rpg-plugin:2.5.1.2575'

  262.       dependency 'com.sonarsource.security:sonar-security-csharp-frontend-plugin:8.9.0.11439'

  263.       dependency 'com.sonarsource.security:sonar-security-java-frontend-plugin:8.9.0.11439'

  264.       dependency 'com.sonarsource.security:sonar-security-php-frontend-plugin:8.9.0.11439'

  265.       dependency 'com.sonarsource.security:sonar-security-plugin:8.9.0.11439'

  266.       dependency 'com.sonarsource.security:sonar-security-python-frontend-plugin:8.9.0.11439'

  267.       dependency 'com.sonarsource.security:sonar-security-js-frontend-plugin:8.9.0.11439'

  268.       dependency 'com.sonarsource.slang:sonar-apex-plugin:1.8.3.2219'

  269.       dependency 'com.sonarsource.swift:sonar-swift-plugin:4.3.1.4892'

  270.       dependency 'com.sonarsource.tsql:sonar-tsql-plugin:1.5.1.4340'

  271.       dependency 'org.sonarsource.css:sonar-css-plugin:1.4.2.2002'

  272.       dependency 'org.sonarsource.dotnet:sonar-csharp-plugin:8.22.0.31243'

  273.       dependency 'org.sonarsource.dotnet:sonar-vbnet-plugin:8.22.0.31243'

  274.       dependency 'org.sonarsource.flex:sonar-flex-plugin:2.6.1.2564'

  275.       dependency 'org.sonarsource.html:sonar-html-plugin:3.4.0.2754'

  276.       dependency 'org.sonarsource.jacoco:sonar-jacoco-plugin:1.1.1.1157'

  277.       dependency 'org.sonarsource.java:sonar-java-plugin:6.15.1.26025'

  278.       dependency 'org.sonarsource.javascript:sonar-javascript-plugin:7.4.4.15624'

  279.       dependency 'org.sonarsource.php:sonar-php-plugin:3.17.0.7439'

  280.       dependency 'org.sonarsource.python:sonar-python-plugin:3.4.1.8066'

  281.       dependency 'org.sonarsource.slang:sonar-go-plugin:1.8.3.2219'

  282.       dependency 'org.sonarsource.slang:sonar-kotlin-plugin:1.8.3.2219'

  283.       dependency 'org.sonarsource.slang:sonar-ruby-plugin:1.8.3.2219'

  284.       dependency 'org.sonarsource.slang:sonar-scala-plugin:1.8.3.2219'

  285.       dependency 'org.sonarsource.xml:sonar-xml-plugin:2.2.0.2973'

  286. 

  287.       // please keep this list alphabetically ordered

  288.       dependencySet(group: 'ch.qos.logback', version: '1.2.3') {

  289.         entry 'logback-access'

  290.         entry 'logback-classic'

  291.         entry 'logback-core'

  292.       }

  293.       dependency('commons-beanutils:commons-beanutils:1.8.3') {

  294.         exclude 'commons-logging:commons-logging'

  295.       }

  296.       dependency 'commons-codec:commons-codec:1.14'

  297.       dependency 'commons-dbutils:commons-dbutils:1.7'

  298.       dependency 'commons-io:commons-io:2.8.0'

  299.       dependency 'commons-lang:commons-lang:2.6'

  300.       imports { mavenBom 'com.fasterxml.jackson:jackson-bom:2.10.5.20201202' }

  301.       dependency 'com.fasterxml.jackson.dataformat:protobuf:2.10.5'

  302.       dependency 'com.eclipsesource.minimal-json:minimal-json:0.9.5'

  303.       dependencySet(group: 'com.github.scribejava', version: '6.9.0') {

  304.         entry 'scribejava-apis'

  305.         entry 'scribejava-core'

  306.       }

  307.       dependency 'com.github.everit-org.json-schema:org.everit.json.schema:1.12.2'

  308.       // This project is no longer maintained and was forked

  309.       // by https://github.com/java-diff-utils/java-diff-utils

  310.       // (io.github.java-diff-utils:java-diff-utils).

  311.       dependency 'com.googlecode.java-diff-utils:diffutils:1.2'

  312.       dependency('com.googlecode.json-simple:json-simple:1.1.1') {

  313.         exclude 'junit:junit'

  314.       }

  315.       dependency 'com.google.code.findbugs:jsr305:3.0.2'

  316.       dependency 'com.google.code.gson:gson:2.8.6'

  317.       dependency('com.google.guava:guava:28.2-jre') {

  318.         exclude 'com.google.errorprone:error_prone_annotations'

  319.         exclude 'com.google.guava:listenablefuture'

  320.         exclude 'com.google.j2objc:j2objc-annotations'

  321.         exclude 'org.checkerframework:checker-qual'

  322.         exclude 'org.codehaus.mojo:animal-sniffer-annotations'

  323.       }

  324.       dependency "com.google.protobuf:protobuf-java:${protobufVersion}"

  325.       // Do not upgrade H2 to 1.4.200 because of instability: https://github.com/h2database/h2database/issues/2205

  326.       dependency 'com.h2database:h2:1.4.199'

  327.       dependencySet(group: 'com.hazelcast', version: '4.2') {

  328.         entry 'hazelcast'

  329.       }

  330.       dependency 'com.ibm.icu:icu4j:3.4.4'

  331.       dependency 'com.microsoft.sqlserver:mssql-jdbc:9.2.0.jre11'

  332.       dependency 'com.oracle.database.jdbc:ojdbc8:19.3.0.0'

  333.       // upgrade okhttp3 dependency kotlin to get rid of not exploitable CVE-2020-29582

  334.       dependency 'org.jetbrains.kotlin:kotlin-stdlib-common:1.4.21'

  335.       dependency 'org.jetbrains.kotlin:kotlin-stdlib:1.4.21'

  336.       dependencySet(group: 'com.squareup.okhttp3', version: '4.9.0') {

  337.         entry 'okhttp'

  338.         entry 'mockwebserver'

  339.       }

  340.       dependency 'com.tngtech.java:junit-dataprovider:1.13.1'

  341.       dependency 'info.picocli:picocli:3.6.1'

  342.       dependencySet(group: 'io.jsonwebtoken', version: '0.11.2') {

  343.         entry 'jjwt-api'

  344.         entry 'jjwt-impl'

  345.         entry 'jjwt-jackson'

  346.       }

  347.       dependency 'com.auth0:java-jwt:3.10.3'

  348.       dependency 'io.netty:netty-all:4.1.48.Final'

  349.       dependency 'com.sun.mail:javax.mail:1.5.6'

  350.       dependency 'javax.annotation:javax.annotation-api:1.3.2'

  351.       dependency 'javax.servlet:javax.servlet-api:3.1.0'

  352.       dependency 'javax.xml.bind:jaxb-api:2.3.0'

  353.       dependency 'junit:junit:4.13.1'

  354.       dependency 'org.junit.jupiter:junit-jupiter-api:5.6.0'

  355.       dependency 'org.xmlunit:xmlunit-core:2.6.4'

  356.       dependency 'org.xmlunit:xmlunit-matchers:2.6.4'

  357.       dependency 'net.jpountz.lz4:lz4:1.3.0'

  358.       dependency 'net.lightbody.bmp:littleproxy:1.1.0-beta-bmp-17'

  359.       dependency 'org.awaitility:awaitility:4.0.2'

  360.       dependency 'org.apache.commons:commons-csv:1.7'

  361.       dependency 'org.apache.commons:commons-email:1.5'

  362.       dependency 'org.apache.commons:commons-dbcp2:2.7.0'

  363.       dependency('org.apache.httpcomponents:httpclient:4.5.13'){

  364.         exclude 'commons-logging:commons-logging'

  365.       }

  366.       // Be aware that Log4j is used by Elasticsearch client

  367.       dependencySet(group: 'org.apache.logging.log4j', version: '2.8.2') {

  368.         entry 'log4j-api'

  369.         entry 'log4j-to-slf4j'

  370.         entry 'log4j-core'

  371.       }

  372.       dependencySet(group: 'org.apache.tomcat.embed', version: '8.5.63') {

  373.         entry 'tomcat-embed-core'

  374.         entry('tomcat-embed-jasper') {

  375.           exclude 'org.eclipse.jdt.core.compiler:ecj'

  376.         }

  377.       }

  378.       dependency 'org.assertj:assertj-core:3.15.0'

  379.       dependency 'org.assertj:assertj-guava:3.3.0'

  380.       dependency('org.codehaus.sonar:sonar-channel:4.2') {

  381.         exclude 'org.slf4j:slf4j-api'

  382.       }

  383.       dependency 'org.codehaus.sonar:sonar-classloader:1.0'

  384.       dependency 'com.fasterxml.staxmate:staxmate:2.4.0'

  385.       dependencySet(group: 'org.eclipse.jetty', version: '9.4.6.v20170531') {

  386.         entry 'jetty-proxy'

  387.         entry 'jetty-server'

  388.         entry 'jetty-servlet'

  389.       }

  390.       dependency('org.elasticsearch.client:elasticsearch-rest-high-level-client:7.12.1') {

  391.         exclude 'commons-logging:commons-logging'

  392.       }

  393.       dependency 'org.elasticsearch.plugin:transport-netty4-client:7.12.1'

  394.       dependency 'org.elasticsearch:mocksocket:1.0'

  395.       //analysis-common need to stay at 7.10.2 as it hasn't been published to mvn central

  396.       dependency 'org.codelibs.elasticsearch.module:analysis-common:7.10.2'

  397.       dependency 'org.eclipse.jgit:org.eclipse.jgit:5.11.0.202103091610-r'

  398.       dependency 'org.tmatesoft.svnkit:svnkit:1.10.1'

  399.       dependency 'org.hamcrest:hamcrest-all:1.3'

  400.       dependency 'org.jsoup:jsoup:1.13.1'

  401.       dependency 'org.mindrot:jbcrypt:0.4'

  402.       dependency('org.mockito:mockito-core:3.3.3') {

  403.         exclude 'org.hamcrest:hamcrest-core'

  404.       }

  405.       dependency 'org.mybatis:mybatis:3.5.6'

  406.       dependency 'org.nanohttpd:nanohttpd:2.3.1'

  407.       dependency 'org.picocontainer:picocontainer:2.15'

  408.       dependencySet(group: 'org.slf4j', version: '1.7.30') {

  409.         entry 'jcl-over-slf4j'

  410.         entry 'jul-to-slf4j'

  411.         entry 'log4j-over-slf4j'

  412.         entry 'slf4j-api'

  413.       }

  414.       dependency 'org.postgresql:postgresql:42.2.19'

  415.       dependency 'org.reflections:reflections:0.9.12'

  416.       dependency 'org.simpleframework:simple:4.1.21'

  417.       dependency 'org.sonarsource.orchestrator:sonar-orchestrator:3.35.1.2719'

  418.       dependency 'org.sonarsource.update-center:sonar-update-center-common:1.23.0.723'

  419.       dependency 'org.subethamail:subethasmtp:3.1.7'

  420.       dependency 'org.yaml:snakeyaml:1.26'

  421.       dependency 'xml-apis:xml-apis:1.4.01'

  422. 

  423.       // please keep this list alphabetically ordered

  424.     }

  425.   }

  426. 

  427.   // global exclusions

  428.   configurations.all {

  429.     // do not conflict with com.sun.mail:javax.mail

  430.     exclude group: 'javax.mail', module: 'mail'

  431.   }

  432. 

  433.   tasks.withType(Javadoc) {

  434.     options.addStringOption('Xdoclint:none', '-quiet')

  435.     options.encoding = 'UTF-8'

  436.     doFirst {

  437.       options.addBooleanOption('-no-module-directories', true)

  438.     }

  439.     title = project.name + ' ' + versionWithoutBuildNumber

  440.   }

  441. 

  442.   task sourcesJar(type: Jar, dependsOn: classes) {

  443.     classifier = 'sources'

  444.     from sourceSets.main.allSource

  445.   }

  446. 

  447.   task javadocJar(type: Jar, dependsOn: javadoc) {

  448.     classifier = 'javadoc'

  449.     from javadoc.destinationDir

  450.   }

  451. 

  452.   // generate code before opening project in IDE (Eclipse or Intellij)

  453.   task ide() {

  454.     // empty by default. Dependencies are added to the task

  455.     // when needed (see protobuf modules for example)

  456.   }

  457. 

  458.   jacocoTestReport {

  459.     reports {

  460.       xml.enabled true

  461.       csv.enabled false

  462.       html.enabled false

  463.     }

  464.   }

  465. 

  466.   normalization {

  467.     runtimeClasspath {

  468.       // Following classpath resources contain volatile data that changes in each CI build (build number, commit id, time),

  469.       // so we exclude them from calculation of build cache key of test tasks:

  470.       ignore 'META-INF/MANIFEST.MF'

  471.       ignore 'sonar-api-version.txt'

  472.       ignore 'sq-version.txt'

  473.     }

  474.   }

  475. 

  476. 

  477.   ext.failedTests = []

  478.   test {

  479.     jvmArgs '-Dfile.encoding=UTF8'

  480.     maxHeapSize = '1G'

  481.     systemProperty 'java.awt.headless', true

  482.     testLogging {

  483.       events "skipped", "failed" // verbose log for failed and skipped tests (by default the name of the tests are not logged)

  484.       exceptionFormat 'full' // log the full stack trace (default is the 1st line of the stack trace)

  485.     }

  486.     jacoco {

  487.       enabled = true // do not disable recording of code coverage, so that remote Gradle cache entry can be used locally

  488.       includes = ['com.sonar.*', 'com.sonarsource.*', 'org.sonar.*', 'org.sonarqube.*', 'org.sonarsource.*']

  489.     }

  490.     if (project.hasProperty('maxParallelTests')) {

  491.       maxParallelForks = project.maxParallelTests as int

  492.     }

  493.     if (project.hasProperty('parallelTests')) {

  494.       // See https://guides.gradle.org/performance/#parallel_test_execution

  495.       maxParallelForks = Runtime.runtime.availableProcessors().intdiv(2) ?: 1

  496.     }

  497. 

  498.      afterTest { descriptor, result ->

  499.         if (result.resultType == TestResult.ResultType.FAILURE) {

  500.             String failedTest = "  ${descriptor.className} > ${descriptor.name}"

  501.             failedTests << failedTest

  502.         }

  503.     }

  504.   }

  505. 

  506.   gradle.buildFinished {

  507.     if (!failedTests.empty) {

  508.       println "\nFailed tests:"

  509.       failedTests.each { failedTest ->

  510.         println failedTest

  511.       }

  512.       println ""

  513.     }

  514.   }

  515. 

  516.   def protoMainSrc = 'src/main/protobuf'

  517.   def protoTestSrc = 'src/test/protobuf'

  518.   if (file(protoMainSrc).exists() || file(protoTestSrc).exists()) {

  519.     // protobuf must be applied after java

  520.     apply plugin: 'com.google.protobuf'

  521. 

  522.     sourceSets.main.proto.srcDir protoMainSrc  // in addition to the default 'src/main/proto'

  523.     sourceSets.test.proto.srcDir protoTestSrc  // in addition to the default 'src/test/proto'

  524.     protobuf {

  525.       protoc {

  526.         artifact = "com.google.protobuf:protoc:${protobufVersion}"

  527.       }

  528.     }

  529.     jar {

  530.       exclude('**/*.proto')

  531.     }

  532.     idea {

  533.       module {

  534.         sourceDirs += file("${protobuf.generatedFilesBaseDir}/main/java")

  535.         testSourceDirs += file("${protobuf.generatedFilesBaseDir}/test/java")

  536.         generatedSourceDirs += file("${protobuf.generatedFilesBaseDir}/main/java")

  537.         generatedSourceDirs += file("${protobuf.generatedFilesBaseDir}/test/java")

  538.       }

  539.     }

  540.     ide.dependsOn(['generateProto', 'generateTestProto'])

  541.   }

  542. 

  543.   if (file('package.json').exists()) {

  544.     apply plugin: 'com.github.node-gradle.node'

  545. 

  546.     node {

  547.       version = '10.22.1'

  548.       yarnVersion = '1.22.0'

  549.       download = true

  550.     }

  551. 

  552.     // the OWASP tool does not support yarn, and its yarn.lock files, so node modules

  553.     // should be explicitly installed (yarn task) before running the audit

  554.     // See https://github.com/jeremylong/DependencyCheck/issues/2393

  555.     dependencyCheckAggregate.dependsOn(yarn)

  556.   }

  557. 

  558.   if (official) {

  559.     jar {

  560.       // do not break incremental build on non official versions

  561.       manifest {

  562.         attributes(

  563.           'Version': "${version}",

  564.           'Implementation-Build': System.getenv('GIT_SHA1'),

  565.           'Build-Time': new Date().format("yyyy-MM-dd'T'HH:mm:ssZ")

  566.         )

  567.       }

  568.     }

  569.   }

  570. 

  571.   license {

  572.     header = rootProject.file('HEADER')

  573.     strictCheck true

  574.     mapping {

  575.       java = 'SLASHSTAR_STYLE'

  576.       js = 'SLASHSTAR_STYLE'

  577.       ts = 'SLASHSTAR_STYLE'

  578.       tsx = 'SLASHSTAR_STYLE'

  579.       css = 'SLASHSTAR_STYLE'

  580.     }

  581.     includes(['**/*.java', '**/*.js', '**/*.ts', '**/*.tsx', '**/*.css'])

  582.   }

  583. 

  584.   tasks.withType(GenerateModuleMetadata) {

  585.     enabled = false

  586.   }

  587. 

  588.   publishing {

  589.     publications {

  590.       mavenJava(MavenPublication) {

  591.         pom {

  592.           name = 'SonarQube'

  593.           description = project.description

  594.           url = 'http://www.sonarqube.org/'

  595.           organization {

  596.             name = 'SonarSource'

  597.             url = 'http://www.sonarsource.com'

  598.           }

  599.           licenses {

  600.             license {

  601.               name = 'GNU LGPL 3'

  602.               url = 'http://www.gnu.org/licenses/lgpl.txt'

  603.               distribution = 'repo'

  604.             }

  605.           }

  606.           scm {

  607.             url = 'https://github.com/SonarSource/sonarqube'

  608.           }

  609.           developers {

  610.             developer {

  611.               id = 'sonarsource-team'

  612.               name = 'SonarSource Team'

  613.             }

  614.           }

  615.         }

  616.       }

  617.     }

  618.   }

  619. 

  620.   signing {

  621.     def signingKeyId = findProperty("signingKeyId")

  622.     def signingKey = findProperty("signingKey")

  623.     def signingPassword = findProperty("signingPassword")

  624.     useInMemoryPgpKeys(signingKeyId, signingKey, signingPassword)

  625.     required {

  626.       def branch = System.getenv()["CIRRUS_BRANCH"]

  627.       return (branch == 'master' || branch ==~ 'branch-[\\d.]+') &&

  628.              gradle.taskGraph.hasTask(":artifactoryPublish")

  629.     }

  630.     sign publishing.publications

  631.   }

  632. 

  633.   tasks.withType(Sign) {

  634.     onlyIf {

  635.       def branch = System.getenv()["CIRRUS_BRANCH"]

  636.       return !artifactoryPublish.skip &&

  637.              (branch == 'master' || branch ==~ 'branch-[\\d.]+') &&

  638.              gradle.taskGraph.hasTask(":artifactoryPublish")

  639.     }

  640.   }

  641. }

  642. 

  643. 

  644. // Yarn doesn't support concurrent access to its global cache,

  645. // i.e. parallel execution of several "yarn install" tasks,

  646. // since these tasks are independent, we can establish arbitrary total order

  647. // to prevent their concurrent execution.

  648. // Note that "task1.mustRunAfter(task2)" ordering has an effect only when both

  649. // tasks are scheduled for execution, therefore should be established between

  650. // all pairs of "yarn install" tasks to define their total order and to prevent

  651. // their concurrent execution even in case when one or more of these tasks not

  652. // scheduled.

  653. def yarnInstallTasks = allprojects.findResults { it -> it.tasks.findByName('yarn') }

  654. yarnInstallTasks.drop(1).eachWithIndex { it, i -> it.mustRunAfter(yarnInstallTasks[0..i]) }

  655. 

  656. // by default, Yarn will update lock file if it is not up to date with "package.json"

  657. // using option "--frozen-lockfile" will disable this behavior and "yarn install" will fail if lock file is out of date

  658. // all "yarn install" tasks should be executed with this option for reproducibility of builds

  659. // and to prevent developers from forgetting to update lock file when they update "package.json"

  660. yarnInstallTasks.each { it -> it.args = ['--frozen-lockfile'] }

  661. 

  662. // https://github.com/ben-manes/gradle-versions-plugin

  663. apply plugin: 'com.github.ben-manes.versions'

  664. dependencyUpdates {

  665.   rejectVersionIf {

  666.     // Exclude dev versions from the list of dependency upgrades, for

  667.     // example to replace:

  668.     //   org.slf4j:log4j-over-slf4j [1.7.25 -> 1.8.0-beta4]

  669.     // by

  670.     //   org.slf4j:log4j-over-slf4j [1.7.25 -> 1.7.26]

  671.     boolean rejected = ['alpha', 'beta', 'rc', 'cr', 'm', 'preview', 'jre12'].any { qualifier ->

  672.       it.candidate.version ==~ /(?i).*[.-]${qualifier}[.\d-]*/

  673.     }

  674. 

  675.     // Exclude upgrades on new major versions :

  676.     //   com.hazelcast:hazelcast [3.12.3 -> 4.0.0]

  677.     rejected |= !it.candidate.version.substring(0, 2).equals(it.currentVersion.substring(0, 2))

  678. 

  679.     rejected

  680.   }

  681. }