plugins { id 'java' id 'org.springframework.boot' version '3.1.7' id 'io.spring.dependency-management' version '1.1.4' id 'io.openapiprocessor.openapi-processor' version '2023.2' id 'com.github.jk1.dependency-license-report' version '2.5' id "org.owasp.dependencycheck" version "9.0.7" id "com.diffplug.spotless" version "6.23.3" id 'jacoco' id 'info.solidsoft.pitest' version '1.15.0' id 'se.patrikerdes.use-latest-versions' version '0.2.18' id 'com.github.ben-manes.versions' version '0.50.0' } group = 'net.hostsharing' version = '0.0.1-SNAPSHOT' wrapper { distributionType = Wrapper.DistributionType.BIN gradleVersion = '8.5' } configurations { compileOnly { extendsFrom annotationProcessor } testCompile { extendsFrom testAnnotationProcessor // Only JUNit 5 (Jupiter) should be used at compile time. // For runtime it's still needed by testcontainers, though. exclude group: 'junit', module: 'junit' exclude group: 'org.junit.vintage', module: 'junit-vintage-engine' } } repositories { mavenCentral() maven { url 'https://repo.spring.io/milestone' } maven { url 'https://repo.spring.io/snapshot' } } java { toolchain { languageVersion = JavaLanguageVersion.of(21) vendor = JvmVendorSpec.ADOPTIUM implementation = JvmImplementation.VENDOR_SPECIFIC } } ext { set('testcontainersVersion', "1.17.3") } dependencies { implementation 'org.springframework.boot:spring-boot-starter-data-jpa' implementation 'org.springframework.boot:spring-boot-starter-data-rest' implementation 'org.springframework.boot:spring-boot-starter-jdbc' implementation 'org.springframework.boot:spring-boot-starter-web' implementation 'org.springframework.boot:spring-boot-starter-validation' implementation 'com.github.gavlyukovskiy:datasource-proxy-spring-boot-starter:1.9.1' implementation 'org.springdoc:springdoc-openapi:2.3.0' implementation 'org.postgresql:postgresql:42.7.1' implementation 'org.liquibase:liquibase-core:4.25.1' implementation 'com.vladmihalcea:hibernate-types-60:2.21.1' implementation 'io.hypersistence:hypersistence-utils-hibernate-62:3.7.0' implementation 'com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.16.1' implementation 'org.openapitools:jackson-databind-nullable:0.2.6' implementation 'org.apache.commons:commons-text:1.11.0' implementation 'org.modelmapper:modelmapper:3.2.0' implementation 'org.iban4j:iban4j:3.2.7-RELEASE' implementation 'org.springdoc:springdoc-openapi-starter-webmvc-ui:2.3.0' // fixes vulnerability CVE-2022-1471 // The dependency usually comes from Spring Boot, just in the wrong version. // TODO: Remove this explicit dependency once we are on SpringBoot 3.2.x // as well as the related exclude in settings.gradle // and the dependency suppression in owasp-dependency-check-suppression.xml. implementation('org.yaml:snakeyaml') { version { strictly('2.2') } } compileOnly 'org.projectlombok:lombok' testCompileOnly 'org.projectlombok:lombok' developmentOnly 'org.springframework.boot:spring-boot-devtools' annotationProcessor 'org.projectlombok:lombok' testAnnotationProcessor 'org.projectlombok:lombok' testImplementation 'org.springframework.boot:spring-boot-starter-test' testImplementation 'org.testcontainers:testcontainers' testImplementation 'org.testcontainers:junit-jupiter' testImplementation 'org.junit.jupiter:junit-jupiter' testImplementation 'org.testcontainers:postgresql' testImplementation 'com.tngtech.archunit:archunit-junit5:1.2.1' testImplementation 'io.rest-assured:spring-mock-mvc' testImplementation 'org.hamcrest:hamcrest-core:2.2' testImplementation 'org.pitest:pitest-junit5-plugin:1.2.1' } dependencyManagement { imports { mavenBom "org.testcontainers:testcontainers-bom:${testcontainersVersion}" } } // Java Compiler Options tasks.withType(JavaCompile) { options.compilerArgs += [ "-parameters" // keep parameter names => no need for @Param for SpringData ] } // Configure tests tasks.named('test') { useJUnitPlatform() jvmArgs '-Duser.language=en' jvmArgs '-Duser.country=US' } // OpenAPI Source Code Generation openapiProcessor { springRoot { processorName 'spring' processor 'io.openapiprocessor:openapi-processor-spring:2022.5' apiPath "$projectDir/src/main/resources/api-definition.yaml" mapping "$projectDir/src/main/resources/api-mappings.yaml" targetDir "$projectDir/build/generated/sources/openapi-javax" showWarnings true openApiNullable true } springRbac { processorName 'spring' processor 'io.openapiprocessor:openapi-processor-spring:2022.5' apiPath "$projectDir/src/main/resources/api-definition/rbac/rbac.yaml" mapping "$projectDir/src/main/resources/api-definition/rbac/api-mappings.yaml" targetDir "$projectDir/build/generated/sources/openapi-javax" showWarnings true openApiNullable true } springTest { processorName 'spring' processor 'io.openapiprocessor:openapi-processor-spring:2022.5' apiPath "$projectDir/src/main/resources/api-definition/test/test.yaml" mapping "$projectDir/src/main/resources/api-definition/test/api-mappings.yaml" targetDir "$projectDir/build/generated/sources/openapi-javax" showWarnings true openApiNullable true } springHs { processorName 'spring' processor 'io.openapiprocessor:openapi-processor-spring:2022.5' apiPath "$projectDir/src/main/resources/api-definition/hs-office/hs-office.yaml" mapping "$projectDir/src/main/resources/api-definition/hs-office/api-mappings.yaml" targetDir "$projectDir/build/generated/sources/openapi-javax" showWarnings true openApiNullable true } } sourceSets.main.java.srcDir 'build/generated/sources/openapi' abstract class ProcessSpring extends DefaultTask {} tasks.register('processSpring', ProcessSpring) ['processSpringRoot', 'processSpringRbac', 'processSpringTest', 'processSpringHs'].each { project.tasks.processSpring.dependsOn it } project.tasks.processResources.dependsOn processSpring project.tasks.compileJava.dependsOn processSpring // Rename javax to jakarta in OpenApi generated java files because // io.openapiprocessor.openapi-processor 2022.2 does not yet support the openapiprocessor useSpringBoot3 config option. task openApiGenerate(type: Copy) { from "$buildDir/generated/sources/openapi-javax" into "$buildDir/generated/sources/openapi" filter { line -> line.replaceAll('javax', 'jakarta') } } compileJava.source "$buildDir/generated/sources/openapi" compileJava.dependsOn openApiGenerate openApiGenerate.dependsOn processSpring // Spotless Code Formatting spotless { java { removeUnusedImports() indentWithSpaces(4) endWithNewline() toggleOffOn() target fileTree(rootDir) { include '**/*.java' exclude '**/generated/**/*.java' } } } project.tasks.check.dependsOn(spotlessCheck) // HACK: no idea why spotless uses the output of these tasks, but we get warnings without those project.tasks.spotlessJava.dependsOn( tasks.generateLicenseReport, tasks.pitest, tasks.jacocoTestReport, tasks.processResources, tasks.processTestResources) // OWASP Dependency Security Test dependencyCheck { nvd { apiKey = project.property('OWASP_API_KEY') // set it in ~/.gradle/gradle.properties delay = 16000 } format = 'ALL' suppressionFile = 'etc/owasp-dependency-check-suppression.xml' failOnError = true failBuildOnCVSS = 5 } project.tasks.check.dependsOn(dependencyCheckAnalyze) project.tasks.dependencyCheckAnalyze.doFirst { // Why not doLast? See README.md! println "OWASP Dependency Security Report: file:///${project.rootDir}/build/reports/dependency-check-report.html" } // License Check licenseReport { excludeBoms = true allowedLicensesFile = new File("$projectDir/etc/allowed-licenses.json") } project.tasks.check.dependsOn(checkLicense) // JaCoCo Test Code Coverage jacoco { toolVersion = "0.8.10" } test { finalizedBy jacocoTestReport // generate report after tests excludes = [ 'net.hostsharing.hsadminng.**.generated.**', ] } jacocoTestReport { dependsOn test afterEvaluate { classDirectories.setFrom(files(classDirectories.files.collect { fileTree(dir: it, exclude: [ "net/hostsharing/hsadminng/**/generated/**/*.class", "net/hostsharing/hsadminng/hs/HsadminNgApplication.class" ]) })) } doFirst { // Why not doLast? See README.md! println "HTML Jacoco Test Code Coverage Report: file://${reports.html.outputLocation.get()}/index.html" } } project.tasks.check.dependsOn(jacocoTestCoverageVerification) jacocoTestCoverageVerification { violationRules { rule { limit { minimum = 0.92 } } // element: PACKAGE, BUNDLE, CLASS, SOURCEFILE or METHOD // counter: INSTRUCTION, BRANCH, LINE, COMPLEXITY, METHOD, or CLASS // value: TOTALCOUNT, COVEREDCOUNT, MISSEDCOUNT, COVEREDRATIO or MISSEDRATIO rule { element = 'CLASS' excludes = [ 'net.hostsharing.hsadminng.**.generated.**', 'net.hostsharing.hsadminng.HsadminNgApplication', 'net.hostsharing.hsadminng.ping.PingController', 'net.hostsharing.hsadminng.mapper.Mapper' ] limit { counter = 'LINE' value = 'COVEREDRATIO' minimum = 0.98 } } rule { element = 'METHOD' excludes = [ 'net.hostsharing.hsadminng.**.generated.**', 'net.hostsharing.hsadminng.HsadminNgApplication.main', 'net.hostsharing.hsadminng.ping.PingController.*' ] limit { counter = 'BRANCH' value = 'COVEREDRATIO' minimum = 1.00 } } } } // pitest mutation testing pitest { targetClasses = ['net.hostsharing.hsadminng.**'] excludedClasses = [ 'net.hostsharing.hsadminng.config.**', 'net.hostsharing.hsadminng.**.*Controller', 'net.hostsharing.hsadminng.**.generated.**' ] targetTests = ['net.hostsharing.hsadminng.**.*UnitTest', 'net.hostsharing.hsadminng.**.*RestTest'] excludedTestClasses = ['**AcceptanceTest*', '**IntegrationTest*'] pitestVersion = '1.15.3' junit5PluginVersion = '1.1.0' threads = 4 // As Java unit tests are pretty pointless in our case, this maybe makes not much sense. mutationThreshold = 71 coverageThreshold = 57 testStrengthThreshold = 87 outputFormats = ['XML', 'HTML'] timestampedReports = false } project.tasks.check.dependsOn(project.tasks.pitest) project.tasks.pitest.doFirst { // Why not doLast? See README.md! println "PiTest Mutation Report: file:///${project.rootDir}/build/reports/pitest/index.html" } // Dependency Versions Upgrade useLatestVersions { finalizedBy check } def isNonStable = { String version -> def stableKeyword = ['RELEASE', 'FINAL', 'GA'].any { it -> version.toUpperCase().contains(it) } def regex = /^[0-9,.v-]+(-r)?$/ return !stableKeyword && !(version ==~ regex) } tasks.named("dependencyUpdates").configure { rejectVersionIf { isNonStable(it.candidate.version) } }