mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
31287 Commits
59 Branches
Tree: 424216bbde
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '424216bbde'
${ noResults }
sonarqube/build.gradle

build.gradle 26KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674 
  1. plugins {

  2.   // Ordered alphabeticly

  3.   id 'com.github.ben-manes.versions' version '0.33.0'

  4.   id 'com.github.hierynomus.license' version '0.15.0'

  5.   id 'com.github.johnrengelman.shadow' version '5.2.0' apply false

  6.   id 'com.google.protobuf' version '0.8.13' apply false

  7.   id 'com.jfrog.artifactory' version '4.21.0'

  8.   id 'com.github.node-gradle.node' version '3.1.0' apply false

  9.   id 'io.spring.dependency-management' version '1.0.10.RELEASE'

  10.   id "com.asarkar.gradle.build-time-tracker" version "2.0.4" apply false

  11.   id 'org.owasp.dependencycheck' version '6.1.6'

  12.   id 'org.sonarqube' version '3.0'

  13.   id "de.undercouch.download" version "4.1.1" apply false

  14. }

  15. 

  16. // display a summary of task durations at the end of the build

  17. if (project.hasProperty('time-tracker')) {

  18.   apply plugin: 'com.asarkar.gradle.build-time-tracker'

  19.   buildTimeTracker {

  20.     sort = true

  21.     maxWidth = 80

  22.     minTaskDuration = Duration.ofSeconds(1)

  23.   }

  24. }

  25. 

  26. 

  27. if (!JavaVersion.current().java11Compatible) {

  28.   throw new GradleException("JDK 11+ is required to perform this build. It's currently " + System.getProperty("java.home") + ".")

  29. }

  30. 

  31. apply plugin: 'org.owasp.dependencycheck'

  32. dependencyCheck {

  33.   analyzers {

  34.     assemblyEnabled = false

  35.     autoconfEnabled = false

  36.     bundleAuditEnabled = false

  37.     cmakeEnabled = false

  38.     cocoapodsEnabled = false

  39.     composerEnabled = false

  40.     cocoapodsEnabled = false

  41.     golangDepEnabled = false

  42.     golangModEnabled = false

  43.     nodeAudit {

  44.       skipDevDependencies = true

  45.     }

  46.     nuspecEnabled = false

  47.     nugetconfEnabled = false

  48.     rubygemsEnabled = false

  49.     swiftEnabled = false

  50.   }

  51.   format = 'ALL'

  52.   junitFailOnCVSS = 0

  53.   failBuildOnCVSS = 0

  54.   suppressionFiles = ["${project.rootDir}/private/owasp/suppressions.xml", "${project.rootDir}/private/owasp/vulnerabilities.xml"]

  55.   skipProjects = project.subprojects

  56.       .findAll {it.name.contains('testing') ||

  57.           it.name.startsWith('it-') ||

  58.           it.name.contains('-test') ||

  59.           it.name == 'sonar-ws-generator'}

  60.       .collect { it.path }

  61. }

  62. 

  63. allprojects {

  64.   apply plugin: 'com.jfrog.artifactory'

  65.   apply plugin: 'maven-publish'

  66. 

  67.   ext.versionInSources = version

  68.   ext.buildNumber = System.getProperty("buildNumber")

  69.   // when no buildNumber is provided, then project version must end with '-SNAPSHOT'

  70.   if (ext.buildNumber == null) {

  71.       version = "${version}-SNAPSHOT".toString()

  72.       ext.versionWithoutBuildNumber = version

  73.   } else {

  74.       ext.versionWithoutBuildNumber = version

  75.       version = (version.toString().count('.') == 1 ? "${version}.0.${ext.buildNumber}" : "${version}.${ext.buildNumber}").toString()

  76.   }

  77. 

  78.   ext {

  79.     release = project.hasProperty('release') && project.getProperty('release')

  80.     official = project.hasProperty('official') && project.getProperty('official')

  81.   }

  82. 

  83.   repositories {

  84.     def repository = project.hasProperty('qa') ? 'sonarsource-qa' : 'sonarsource'

  85.     maven {

  86.       // The environment variables ARTIFACTORY_PRIVATE_USERNAME and ARTIFACTORY_PRIVATE_PASSWORD are used on QA env (Jenkins)

  87.       // On local box, please add artifactoryUsername and artifactoryPassword to ~/.gradle/gradle.properties

  88.       def artifactoryUsername = System.env.'ARTIFACTORY_PRIVATE_USERNAME' ?: (project.hasProperty('artifactoryUsername') ? project.getProperty('artifactoryUsername') : '')

  89.       def artifactoryPassword = System.env.'ARTIFACTORY_PRIVATE_PASSWORD' ?: (project.hasProperty('artifactoryPassword') ? project.getProperty('artifactoryPassword') : '')

  90.       if (artifactoryUsername && artifactoryPassword) {

  91.         credentials {

  92.           username artifactoryUsername

  93.           password artifactoryPassword

  94.         }

  95.       } else {

  96.         // Workaround for artifactory

  97.         // https://www.jfrog.com/jira/browse/RTFACT-13797

  98.         repository = 'public'

  99.       }

  100.       url "https://repox.jfrog.io/repox/${repository}"

  101.     }

  102.   }

  103. 

  104.   task allDependencies {

  105.     dependsOn 'dependencies'

  106.   }

  107. 

  108.   artifactory {

  109.     clientConfig.setIncludeEnvVars(true)

  110.     clientConfig.setEnvVarsExcludePatterns('*password*,*PASSWORD*,*secret*,*MAVEN_CMD_LINE_ARGS*,sun.java.command,*token*,*TOKEN*,*LOGIN*,*login*,*key*,*KEY*,*signing*')

  111.     contextUrl = System.getenv('ARTIFACTORY_URL')

  112.     publish {

  113.       repository {

  114.         repoKey = System.getenv('ARTIFACTORY_DEPLOY_REPO')

  115.         username = System.getenv('ARTIFACTORY_DEPLOY_USERNAME') ?: project.properties.artifactoryUsername

  116.         password = System.getenv('ARTIFACTORY_DEPLOY_PASSWORD') ?: project.properties.artifactoryPaswword

  117.       }

  118.       defaults {

  119.         properties = [

  120.             'build.name': 'sonar-enterprise',

  121.             'build.number': System.getenv('BUILD_NUMBER'),

  122.             'pr.branch.target': System.getenv('GITHUB_BASE_BRANCH'),

  123.             'pr.number': System.getenv('PULL_REQUEST'),

  124.             'vcs.branch': System.getenv('GITHUB_BRANCH'),

  125.             'vcs.revision': System.getenv('GIT_SHA1'),

  126.             'version': version

  127.         ]

  128.         publications('mavenJava')

  129.         publishPom = true

  130.         publishIvy = false

  131.       }

  132.     }

  133.     clientConfig.info.setBuildName('sonar-enterprise')

  134.     clientConfig.info.setBuildNumber(System.getenv('BUILD_NUMBER'))

  135.     // Define the artifacts to be deployed to https://binaries.sonarsource.com on releases

  136.     clientConfig.info.addEnvironmentProperty('ARTIFACTS_TO_PUBLISH',

  137.         "${project.group}:sonar-application:zip," +

  138.             "com.sonarsource.sonarqube:sonarqube-developer:zip," +

  139.             "com.sonarsource.sonarqube:sonarqube-datacenter:zip," +

  140.             "com.sonarsource.sonarqube:sonarqube-enterprise:zip")

  141.     // The name of this variable is important because it's used by the delivery process when extracting version from Artifactory build info.

  142.     clientConfig.info.addEnvironmentProperty('PROJECT_VERSION', "${version}")

  143.   }

  144. }

  145. 

  146. apply plugin: 'org.sonarqube'

  147. sonarqube {

  148.     properties {

  149.         property 'sonar.projectName', projectTitle

  150.         property 'sonar.projectVersion', "${versionInSources}-SNAPSHOT"

  151.         property 'sonar.buildString', version

  152.     }

  153. }

  154. 

  155. tasks.named('wrapper') {

  156.     distributionType = Wrapper.DistributionType.ALL

  157. }

  158. 

  159. subprojects {

  160.   apply plugin: 'com.github.hierynomus.license'

  161.   apply plugin: 'io.spring.dependency-management'

  162.   apply plugin: 'jacoco'

  163.   apply plugin: 'java'

  164.   apply plugin: 'idea'

  165.   apply plugin: 'signing'

  166. 

  167.   // do not deploy to Artifactory by default

  168.   artifactoryPublish.skip = true

  169. 

  170.   def testFixtureSrc = 'src/testFixtures'

  171.   if (file(testFixtureSrc).exists()) {

  172.     apply plugin: 'java-test-fixtures'

  173.   }

  174. 

  175.   ext {

  176.     protobufVersion = '3.17.3'

  177. 

  178.     // define a method which can be called by project to change Java version to compile to

  179.     configureCompileJavaToVersion = { javaVersion ->

  180.       if ( javaVersion != 11 & javaVersion != 8) {

  181.         throw new InvalidUserDataException("Only Java 8 and 11 are supported")

  182.       }

  183.       if ( javaVersion == 8 ) {

  184.         println "Configuring project ${project.name} to compile to Java ${javaVersion}"

  185. 

  186.         if (!project.hasProperty('skipJava8Checks')) {

  187.           task ensureDependenciesRunOnJava8(dependsOn: [configurations.compileClasspath]) {

  188.             ext.readJavaMajorVersion = { classFile ->

  189.               classFile.withDataInputStream({ d ->

  190.                 if (d.skip(7) == 7) {

  191.                   // read the version of the class file

  192.                   d.read()

  193.                 } else {

  194.                   throw new GradleException("Could not read major version from $classFile")

  195.                 }

  196.               })

  197.             }

  198. 

  199.             doLast {

  200.               [configurations.compileClasspath].each { config ->

  201.                 config.resolvedConfiguration.files

  202.                   .findAll({ f -> f.name.endsWith("jar") })

  203.                   .each { jarFile ->

  204.                     def onlyJava8 = true

  205.                     zipTree(jarFile)

  206.                       .matching({

  207.                         include "**/*.class"

  208.                         // multi-release jar files were introduced with Java 9 => contains only classes targeting Java 9+

  209.                         exclude "META-INF/versions/**"

  210.                         // ignore module-info existing in some archives for Java 9 forward compatibility

  211.                         exclude "module-info.class"

  212.                       })

  213.                       .files

  214.                       .each { classFile ->

  215.                         int javaMajorVersion = readJavaMajorVersion(classFile)

  216.                         if (javaMajorVersion > 52) {

  217.                           println "$classFile has been compiled to a more recent version of Java than 8 (java8=52, java11=55, actual=$javaMajorVersion)"

  218.                           onlyJava8 = false

  219.                         }

  220.                       }

  221.                     if (!onlyJava8) {

  222.                       throw new GradleException("Dependency ${jarFile} in configuration ${config.name} contains class file(s) compiled to a Java version > Java 8 (see logs for details)")

  223.                     }

  224.                   }

  225.               }

  226.             }

  227.           }

  228. 

  229.           compileJava.dependsOn ensureDependenciesRunOnJava8

  230.         }

  231.       }

  232. 

  233.       sourceCompatibility = javaVersion

  234.       targetCompatibility = javaVersion

  235. 

  236.       tasks.withType(JavaCompile) {

  237.         options.compilerArgs.addAll(['--release', javaVersion + ''])

  238.         options.encoding = 'UTF-8'

  239.       }

  240.     }

  241.   }

  242. 

  243.   configureCompileJavaToVersion 11

  244. 

  245.   sonarqube {

  246.     properties {

  247.       property 'sonar.moduleKey', project.group + ':' + project.name

  248.     }

  249.   }

  250. 

  251.   // Central place for definition dependency versions and exclusions.

  252.   dependencyManagement {

  253.     dependencies {

  254.       // bundled plugin list -- keep it alphabetically ordered

  255.       dependency 'com.sonarsource.abap:sonar-abap-plugin:3.9.1.3127'

  256.       dependency 'com.sonarsource.cobol:sonar-cobol-plugin:4.6.2.4876'

  257.       dependency 'com.sonarsource.cpp:sonar-cfamily-plugin:6.26.0.36731'

  258.       dependency 'com.sonarsource.pli:sonar-pli-plugin:1.11.1.2727'

  259.       dependency 'com.sonarsource.plsql:sonar-plsql-plugin:3.6.1.3873'

  260.       dependency 'com.sonarsource.plugins.vb:sonar-vb-plugin:2.7.1.2721'

  261.       dependency 'com.sonarsource.rpg:sonar-rpg-plugin:3.0.1.2837'

  262.       dependency 'com.sonarsource.security:sonar-security-csharp-frontend-plugin:9.1.0.13548'

  263.       dependency 'com.sonarsource.security:sonar-security-java-frontend-plugin:9.1.0.13548'

  264.       dependency 'com.sonarsource.security:sonar-security-php-frontend-plugin:9.1.0.13548'

  265.       dependency 'com.sonarsource.security:sonar-security-plugin:9.1.0.13548'

  266.       dependency 'com.sonarsource.security:sonar-security-python-frontend-plugin:9.1.0.13548'

  267.       dependency 'com.sonarsource.security:sonar-security-js-frontend-plugin:9.1.0.13548'

  268.       dependency 'com.sonarsource.slang:sonar-apex-plugin:1.8.3.2219'

  269.       dependency 'com.sonarsource.swift:sonar-swift-plugin:4.3.2.5043'

  270.       dependency 'com.sonarsource.tsql:sonar-tsql-plugin:1.5.1.4340'

  271.       dependency 'org.sonarsource.config:sonar-config-plugin:1.0.0.32'

  272.       dependency 'org.sonarsource.css:sonar-css-plugin:1.4.2.2002'

  273.       dependency 'org.sonarsource.dotnet:sonar-csharp-plugin:8.29.0.36737'

  274.       dependency 'org.sonarsource.dotnet:sonar-vbnet-plugin:8.29.0.36737'

  275.       dependency 'org.sonarsource.flex:sonar-flex-plugin:2.6.2.2641'

  276.       dependency 'org.sonarsource.html:sonar-html-plugin:3.4.0.2754'

  277.       dependency 'org.sonarsource.jacoco:sonar-jacoco-plugin:1.1.1.1157'

  278.       dependency 'org.sonarsource.java:sonar-java-plugin:7.3.0.27589'

  279.       dependency 'org.sonarsource.javascript:sonar-javascript-plugin:8.4.0.16431'

  280.       dependency 'org.sonarsource.php:sonar-php-plugin:3.20.0.8080'

  281.       dependency 'org.sonarsource.python:sonar-python-plugin:3.6.0.8488'

  282.       dependency 'org.sonarsource.slang:sonar-go-plugin:1.8.3.2219'

  283.       dependency 'org.sonarsource.kotlin:sonar-kotlin-plugin:2.2.0.499'

  284.       dependency 'org.sonarsource.slang:sonar-ruby-plugin:1.8.3.2219'

  285.       dependency 'org.sonarsource.slang:sonar-scala-plugin:1.8.3.2219'

  286.       dependency 'org.sonarsource.xml:sonar-xml-plugin:2.3.0.3155'

  287. 

  288.       // please keep this list alphabetically ordered

  289.       dependencySet(group: 'ch.qos.logback', version: '1.2.3') {

  290.         entry 'logback-access'

  291.         entry 'logback-classic'

  292.         entry 'logback-core'

  293.       }

  294.       dependency('commons-beanutils:commons-beanutils:1.8.3') {

  295.         exclude 'commons-logging:commons-logging'

  296.       }

  297.       dependency 'commons-codec:commons-codec:1.14'

  298.       dependency 'commons-dbutils:commons-dbutils:1.7'

  299.       dependency 'commons-io:commons-io:2.8.0'

  300.       dependency 'commons-lang:commons-lang:2.6'

  301.       imports { mavenBom 'com.fasterxml.jackson:jackson-bom:2.11.4' }

  302.       dependencySet(group: 'com.fasterxml.jackson.dataformat', version: '2.11.4') {

  303.         entry 'jackson-dataformat-cbor'

  304.         entry 'jackson-dataformat-smile'

  305.         entry 'jackson-dataformat-yaml'

  306.       }

  307.       dependency 'com.eclipsesource.minimal-json:minimal-json:0.9.5'

  308.       dependencySet(group: 'com.github.scribejava', version: '6.9.0') {

  309.         entry 'scribejava-apis'

  310.         entry 'scribejava-core'

  311.       }

  312.       dependency 'com.github.everit-org.json-schema:org.everit.json.schema:1.12.2'

  313.       // This project is no longer maintained and was forked

  314.       // by https://github.com/java-diff-utils/java-diff-utils

  315.       // (io.github.java-diff-utils:java-diff-utils).

  316.       dependency 'com.googlecode.java-diff-utils:diffutils:1.2'

  317.       dependency('com.googlecode.json-simple:json-simple:1.1.1') {

  318.         exclude 'junit:junit'

  319.       }

  320.       dependency 'com.google.code.findbugs:jsr305:3.0.2'

  321.       dependency 'com.google.code.gson:gson:2.8.6'

  322.       dependency('com.google.guava:guava:28.2-jre') {

  323.         exclude 'com.google.errorprone:error_prone_annotations'

  324.         exclude 'com.google.guava:listenablefuture'

  325.         exclude 'com.google.j2objc:j2objc-annotations'

  326.         exclude 'org.checkerframework:checker-qual'

  327.         exclude 'org.codehaus.mojo:animal-sniffer-annotations'

  328.       }

  329.       dependency "com.google.protobuf:protobuf-java:${protobufVersion}"

  330.       // Do not upgrade H2 to 1.4.200 because of instability: https://github.com/h2database/h2database/issues/2205

  331.       dependency 'com.h2database:h2:1.4.199'

  332.       dependencySet(group: 'com.hazelcast', version: '4.2') {

  333.         entry 'hazelcast'

  334.       }

  335.       dependency 'com.hazelcast:hazelcast-kubernetes:2.2.3'

  336.       dependency 'com.ibm.icu:icu4j:3.4.4'

  337.       dependency 'com.microsoft.sqlserver:mssql-jdbc:9.2.0.jre11'

  338.       dependency 'com.oracle.database.jdbc:ojdbc8:19.3.0.0'

  339.       // upgrade okhttp3 dependency kotlin to get rid of not exploitable CVE-2020-29582

  340.       dependency 'org.jetbrains.kotlin:kotlin-stdlib-common:1.4.21'

  341.       dependency 'org.jetbrains.kotlin:kotlin-stdlib:1.4.21'

  342.       dependencySet(group: 'com.squareup.okhttp3', version: '4.9.0') {

  343.         entry 'okhttp'

  344.         entry 'mockwebserver'

  345.       }

  346.       dependency 'com.tngtech.java:junit-dataprovider:1.13.1'

  347.       dependency 'info.picocli:picocli:3.6.1'

  348.       dependencySet(group: 'io.jsonwebtoken', version: '0.11.2') {

  349.         entry 'jjwt-api'

  350.         entry 'jjwt-impl'

  351.         entry 'jjwt-jackson'

  352.       }

  353.       dependency 'com.auth0:java-jwt:3.10.3'

  354.       dependency 'io.netty:netty-all:4.1.65.Final'

  355.       dependency 'com.sun.mail:javax.mail:1.5.6'

  356.       dependency 'javax.annotation:javax.annotation-api:1.3.2'

  357.       dependency 'javax.servlet:javax.servlet-api:3.1.0'

  358.       dependency 'javax.xml.bind:jaxb-api:2.3.0'

  359.       dependency 'junit:junit:4.13.1'

  360.       dependency 'org.junit.jupiter:junit-jupiter-api:5.6.0'

  361.       dependency 'org.xmlunit:xmlunit-core:2.6.4'

  362.       dependency 'org.xmlunit:xmlunit-matchers:2.6.4'

  363.       dependency 'net.jpountz.lz4:lz4:1.3.0'

  364.       dependency 'net.lightbody.bmp:littleproxy:1.1.0-beta-bmp-17'

  365.       dependency 'org.awaitility:awaitility:4.0.2'

  366.       dependency 'org.apache.commons:commons-csv:1.7'

  367.       dependency 'org.apache.commons:commons-email:1.5'

  368.       dependency 'org.apache.commons:commons-dbcp2:2.7.0'

  369.       dependency('org.apache.httpcomponents:httpclient:4.5.13'){

  370.         exclude 'commons-logging:commons-logging'

  371.       }

  372.       // Be aware that Log4j is used by Elasticsearch client

  373.       dependencySet(group: 'org.apache.logging.log4j', version: '2.8.2') {

  374.         entry 'log4j-api'

  375.         entry 'log4j-to-slf4j'

  376.         entry 'log4j-core'

  377.       }

  378.       dependencySet(group: 'org.apache.tomcat.embed', version: '8.5.68') {

  379.         entry 'tomcat-embed-core'

  380.         entry('tomcat-embed-jasper') {

  381.           exclude 'org.eclipse.jdt.core.compiler:ecj'

  382.         }

  383.       }

  384.       dependency 'org.assertj:assertj-core:3.15.0'

  385.       dependency 'org.assertj:assertj-guava:3.3.0'

  386.       dependency('org.codehaus.sonar:sonar-channel:4.2') {

  387.         exclude 'org.slf4j:slf4j-api'

  388.       }

  389.       dependency 'org.codehaus.sonar:sonar-classloader:1.0'

  390.       dependency 'com.fasterxml.staxmate:staxmate:2.4.0'

  391.       dependencySet(group: 'org.eclipse.jetty', version: '9.4.6.v20170531') {

  392.         entry 'jetty-proxy'

  393.         entry 'jetty-server'

  394.         entry 'jetty-servlet'

  395.       }

  396.       dependency('org.elasticsearch.client:elasticsearch-rest-high-level-client:7.14.1') {

  397.         exclude 'commons-logging:commons-logging'

  398.       }

  399.       dependency 'org.elasticsearch.plugin:transport-netty4-client:7.14.1'

  400.       dependency 'org.elasticsearch:mocksocket:1.0'

  401.       dependency 'org.codelibs.elasticsearch.module:analysis-common:7.14.1'

  402.       dependency 'org.eclipse.jgit:org.eclipse.jgit:5.11.0.202103091610-r'

  403.       dependency 'org.tmatesoft.svnkit:svnkit:1.10.1'

  404.       dependency 'org.hamcrest:hamcrest-all:1.3'

  405.       dependency 'org.jsoup:jsoup:1.13.1'

  406.       dependency 'org.mindrot:jbcrypt:0.4'

  407.       dependency('org.mockito:mockito-core:3.3.3') {

  408.         exclude 'org.hamcrest:hamcrest-core'

  409.       }

  410.       dependency 'org.mybatis:mybatis:3.5.6'

  411.       dependency 'org.nanohttpd:nanohttpd:2.3.1'

  412.       dependency 'org.picocontainer:picocontainer:2.15'

  413.       dependencySet(group: 'org.slf4j', version: '1.7.30') {

  414.         entry 'jcl-over-slf4j'

  415.         entry 'jul-to-slf4j'

  416.         entry 'log4j-over-slf4j'

  417.         entry 'slf4j-api'

  418.       }

  419.       dependency 'org.postgresql:postgresql:42.2.19'

  420.       dependency 'org.reflections:reflections:0.9.12'

  421.       dependency 'org.simpleframework:simple:4.1.21'

  422.       dependency 'org.sonarsource.orchestrator:sonar-orchestrator:3.35.1.2719'

  423.       dependency 'org.sonarsource.update-center:sonar-update-center-common:1.23.0.723'

  424.       dependency 'org.subethamail:subethasmtp:3.1.7'

  425.       dependency 'org.yaml:snakeyaml:1.26'

  426.       dependency 'xml-apis:xml-apis:1.4.01'

  427. 

  428.       // please keep this list alphabetically ordered

  429.     }

  430.   }

  431. 

  432.   // global exclusions

  433.   configurations.all {

  434.     // do not conflict with com.sun.mail:javax.mail

  435.     exclude group: 'javax.mail', module: 'mail'

  436.   }

  437. 

  438.   tasks.withType(Javadoc) {

  439.     options.addStringOption('Xdoclint:none', '-quiet')

  440.     options.encoding = 'UTF-8'

  441.     doFirst {

  442.       options.addBooleanOption('-no-module-directories', true)

  443.     }

  444.     title = project.name + ' ' + versionWithoutBuildNumber

  445.   }

  446. 

  447.   task sourcesJar(type: Jar, dependsOn: classes) {

  448.     classifier = 'sources'

  449.     from sourceSets.main.allSource

  450.   }

  451. 

  452.   task javadocJar(type: Jar, dependsOn: javadoc) {

  453.     classifier = 'javadoc'

  454.     from javadoc.destinationDir

  455.   }

  456. 

  457.   // generate code before opening project in IDE (Eclipse or Intellij)

  458.   task ide() {

  459.     // empty by default. Dependencies are added to the task

  460.     // when needed (see protobuf modules for example)

  461.   }

  462. 

  463.   jacocoTestReport {

  464.     reports {

  465.       xml.enabled true

  466.       csv.enabled false

  467.       html.enabled false

  468.     }

  469.   }

  470. 

  471.   normalization {

  472.     runtimeClasspath {

  473.       // Following classpath resources contain volatile data that changes in each CI build (build number, commit id, time),

  474.       // so we exclude them from calculation of build cache key of test tasks:

  475.       ignore 'META-INF/MANIFEST.MF'

  476.       ignore 'sonar-api-version.txt'

  477.       ignore 'sq-version.txt'

  478.     }

  479.   }

  480. 

  481. 

  482.   ext.failedTests = []

  483.   test {

  484.     jvmArgs '-Dfile.encoding=UTF8'

  485.     maxHeapSize = '1G'

  486.     systemProperty 'java.awt.headless', true

  487.     testLogging {

  488.       events "skipped", "failed" // verbose log for failed and skipped tests (by default the name of the tests are not logged)

  489.       exceptionFormat 'full' // log the full stack trace (default is the 1st line of the stack trace)

  490.     }

  491.     jacoco {

  492.       enabled = true // do not disable recording of code coverage, so that remote Gradle cache entry can be used locally

  493.       includes = ['com.sonar.*', 'com.sonarsource.*', 'org.sonar.*', 'org.sonarqube.*', 'org.sonarsource.*']

  494.     }

  495.     if (project.hasProperty('maxParallelTests')) {

  496.       maxParallelForks = project.maxParallelTests as int

  497.     }

  498.     if (project.hasProperty('parallelTests')) {

  499.       // See https://guides.gradle.org/performance/#parallel_test_execution

  500.       maxParallelForks = Runtime.runtime.availableProcessors().intdiv(2) ?: 1

  501.     }

  502. 

  503.      afterTest { descriptor, result ->

  504.         if (result.resultType == TestResult.ResultType.FAILURE) {

  505.             String failedTest = "  ${descriptor.className} > ${descriptor.name}"

  506.             failedTests << failedTest

  507.         }

  508.     }

  509.   }

  510. 

  511.   gradle.buildFinished {

  512.     if (!failedTests.empty) {

  513.       println "\nFailed tests:"

  514.       failedTests.each { failedTest ->

  515.         println failedTest

  516.       }

  517.       println ""

  518.     }

  519.   }

  520. 

  521.   def protoMainSrc = 'src/main/protobuf'

  522.   def protoTestSrc = 'src/test/protobuf'

  523.   if (file(protoMainSrc).exists() || file(protoTestSrc).exists()) {

  524.     // protobuf must be applied after java

  525.     apply plugin: 'com.google.protobuf'

  526. 

  527.     sourceSets.main.proto.srcDir protoMainSrc  // in addition to the default 'src/main/proto'

  528.     sourceSets.test.proto.srcDir protoTestSrc  // in addition to the default 'src/test/proto'

  529.     protobuf {

  530.       protoc {

  531.         artifact = "com.google.protobuf:protoc:${protobufVersion}"

  532.       }

  533.     }

  534.     jar {

  535.       exclude('**/*.proto')

  536.     }

  537.     idea {

  538.       module {

  539.         sourceDirs += file("${protobuf.generatedFilesBaseDir}/main/java")

  540.         testSourceDirs += file("${protobuf.generatedFilesBaseDir}/test/java")

  541.         generatedSourceDirs += file("${protobuf.generatedFilesBaseDir}/main/java")

  542.         generatedSourceDirs += file("${protobuf.generatedFilesBaseDir}/test/java")

  543.       }

  544.     }

  545.     ide.dependsOn(['generateProto', 'generateTestProto'])

  546.   }

  547. 

  548.   if (file('package.json').exists()) {

  549.     apply plugin: 'com.github.node-gradle.node'

  550. 

  551.     node {

  552.       version = '14.17.5'

  553.       yarnVersion = '1.22.11'

  554.       download = true

  555.     }

  556. 

  557.     // the OWASP tool does not support yarn, and its yarn.lock files, so node modules

  558.     // should be explicitly installed (yarn task) before running the audit

  559.     // See https://github.com/jeremylong/DependencyCheck/issues/2393

  560.     dependencyCheckAggregate.dependsOn(yarn)

  561.   }

  562. 

  563.   if (official) {

  564.     jar {

  565.       // do not break incremental build on non official versions

  566.       manifest {

  567.         attributes(

  568.           'Version': "${version}",

  569.           'Implementation-Build': System.getenv('GIT_SHA1'),

  570.           'Build-Time': new Date().format("yyyy-MM-dd'T'HH:mm:ssZ")

  571.         )

  572.       }

  573.     }

  574.   }

  575. 

  576.   license {

  577.     header = rootProject.file('HEADER')

  578.     strictCheck true

  579.     mapping {

  580.       java = 'SLASHSTAR_STYLE'

  581.       js = 'SLASHSTAR_STYLE'

  582.       ts = 'SLASHSTAR_STYLE'

  583.       tsx = 'SLASHSTAR_STYLE'

  584.       css = 'SLASHSTAR_STYLE'

  585.     }

  586.     includes(['**/*.java', '**/*.js', '**/*.ts', '**/*.tsx', '**/*.css'])

  587.   }

  588. 

  589.   tasks.withType(GenerateModuleMetadata) {

  590.     enabled = false

  591.   }

  592. 

  593.   publishing {

  594.     publications {

  595.       mavenJava(MavenPublication) {

  596.         pom {

  597.           name = 'SonarQube'

  598.           description = project.description

  599.           url = 'http://www.sonarqube.org/'

  600.           organization {

  601.             name = 'SonarSource'

  602.             url = 'http://www.sonarsource.com'

  603.           }

  604.           licenses {

  605.             license {

  606.               name = 'GNU LGPL 3'

  607.               url = 'http://www.gnu.org/licenses/lgpl.txt'

  608.               distribution = 'repo'

  609.             }

  610.           }

  611.           scm {

  612.             url = 'https://github.com/SonarSource/sonarqube'

  613.           }

  614.           developers {

  615.             developer {

  616.               id = 'sonarsource-team'

  617.               name = 'SonarSource Team'

  618.             }

  619.           }

  620.         }

  621.       }

  622.     }

  623.   }

  624. 

  625.   signing {

  626.     def signingKeyId = findProperty("signingKeyId")

  627.     def signingKey = findProperty("signingKey")

  628.     def signingPassword = findProperty("signingPassword")

  629.     useInMemoryPgpKeys(signingKeyId, signingKey, signingPassword)

  630.     required {

  631.       def branch = System.getenv()["CIRRUS_BRANCH"]

  632.       return (branch in ['master', 'dogfood-on-next'] || branch ==~ 'branch-[\\d.]+') &&

  633.              gradle.taskGraph.hasTask(":artifactoryPublish")

  634.     }

  635.     sign publishing.publications

  636.   }

  637. 

  638.   tasks.withType(Sign) {

  639.     onlyIf {

  640.       def branch = System.getenv()["CIRRUS_BRANCH"]

  641.       return !artifactoryPublish.skip &&

  642.              (branch in ['master', 'dogfood-on-next'] || branch ==~ 'branch-[\\d.]+') &&

  643.              gradle.taskGraph.hasTask(":artifactoryPublish")

  644.     }

  645.   }

  646. }

  647. 

  648. // by default, Yarn will update lock file if it is not up to date with "package.json"

  649. // using option "--immutable" will disable this behavior and "yarn install" will fail if lock file is out of date

  650. // all "yarn install" tasks should be executed with this option for reproducibility of builds

  651. // and to prevent developers from forgetting to update lock file when they update "package.json"

  652. def yarnInstallTasks = allprojects.findResults { it -> it.tasks.findByName('yarn') }

  653. yarnInstallTasks.each { it -> it.args = ['--immutable'] }

  654. 

  655. // https://github.com/ben-manes/gradle-versions-plugin

  656. apply plugin: 'com.github.ben-manes.versions'

  657. dependencyUpdates {

  658.   rejectVersionIf {

  659.     // Exclude dev versions from the list of dependency upgrades, for

  660.     // example to replace:

  661.     //   org.slf4j:log4j-over-slf4j [1.7.25 -> 1.8.0-beta4]

  662.     // by

  663.     //   org.slf4j:log4j-over-slf4j [1.7.25 -> 1.7.26]

  664.     boolean rejected = ['alpha', 'beta', 'rc', 'cr', 'm', 'preview', 'jre12'].any { qualifier ->

  665.       it.candidate.version ==~ /(?i).*[.-]${qualifier}[.\d-]*/

  666.     }

  667. 

  668.     // Exclude upgrades on new major versions :

  669.     //   com.hazelcast:hazelcast [3.12.3 -> 4.0.0]

  670.     rejected |= !it.candidate.version.substring(0, 2).equals(it.currentVersion.substring(0, 2))

  671. 

  672.     rejected

  673.   }

  674. }