hs.hsadmin.ng/build.gradle

346 lines
12 KiB
Groovy

plugins {
id 'java'
id 'org.springframework.boot' version '3.1.7'
id 'io.spring.dependency-management' version '1.1.4'
id 'io.openapiprocessor.openapi-processor' version '2023.2'
id 'com.github.jk1.dependency-license-report' version '2.5'
id "org.owasp.dependencycheck" version "9.0.7"
id "com.diffplug.spotless" version "6.23.3"
id 'jacoco'
id 'info.solidsoft.pitest' version '1.15.0'
id 'se.patrikerdes.use-latest-versions' version '0.2.18'
id 'com.github.ben-manes.versions' version '0.50.0'
}
group = 'net.hostsharing'
version = '0.0.1-SNAPSHOT'
wrapper {
distributionType = Wrapper.DistributionType.BIN
gradleVersion = '8.5'
}
configurations {
compileOnly {
extendsFrom annotationProcessor
}
testCompile {
extendsFrom testAnnotationProcessor
// Only JUNit 5 (Jupiter) should be used at compile time.
// For runtime it's still needed by testcontainers, though.
exclude group: 'junit', module: 'junit'
exclude group: 'org.junit.vintage', module: 'junit-vintage-engine'
}
}
repositories {
mavenCentral()
maven { url 'https://repo.spring.io/milestone' }
maven { url 'https://repo.spring.io/snapshot' }
}
java {
toolchain {
languageVersion = JavaLanguageVersion.of(21)
}
}
ext {
set('testcontainersVersion', "1.17.3")
}
dependencies {
implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
implementation 'org.springframework.boot:spring-boot-starter-data-rest'
implementation 'org.springframework.boot:spring-boot-starter-jdbc'
implementation 'org.springframework.boot:spring-boot-starter-web'
implementation 'org.springframework.boot:spring-boot-starter-validation'
implementation 'com.github.gavlyukovskiy:datasource-proxy-spring-boot-starter:1.9.1'
implementation 'org.springdoc:springdoc-openapi:2.3.0'
implementation 'org.postgresql:postgresql:42.7.1'
implementation 'org.liquibase:liquibase-core:4.25.1'
implementation 'com.vladmihalcea:hibernate-types-60:2.21.1'
implementation 'io.hypersistence:hypersistence-utils-hibernate-62:3.7.0'
implementation 'com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.16.1'
implementation 'org.openapitools:jackson-databind-nullable:0.2.6'
implementation 'org.apache.commons:commons-text:1.11.0'
implementation 'org.modelmapper:modelmapper:3.2.0'
implementation 'org.iban4j:iban4j:3.2.7-RELEASE'
implementation 'org.springdoc:springdoc-openapi-starter-webmvc-ui:2.3.0'
// fixes vulnerability CVE-2022-1471
// The dependency usually comes from Spring Boot, just in the wrong version.
// TODO: Remove this explicit dependency once we are on SpringBoot 3.2.x
// as well as the related exclude in settings.gradle
// and the dependency suppression in owasp-dependency-check-suppression.xml.
implementation('org.yaml:snakeyaml') {
version {
strictly('2.2')
}
}
compileOnly 'org.projectlombok:lombok'
testCompileOnly 'org.projectlombok:lombok'
developmentOnly 'org.springframework.boot:spring-boot-devtools'
annotationProcessor 'org.projectlombok:lombok'
testAnnotationProcessor 'org.projectlombok:lombok'
testImplementation 'org.springframework.boot:spring-boot-starter-test'
testImplementation 'org.testcontainers:testcontainers'
testImplementation 'org.testcontainers:junit-jupiter'
testImplementation 'org.junit.jupiter:junit-jupiter'
testImplementation 'org.testcontainers:postgresql'
testImplementation 'com.tngtech.archunit:archunit-junit5:1.2.1'
testImplementation 'io.rest-assured:spring-mock-mvc'
testImplementation 'org.hamcrest:hamcrest-core:2.2'
testImplementation 'org.pitest:pitest-junit5-plugin:1.2.1'
}
dependencyManagement {
imports {
mavenBom "org.testcontainers:testcontainers-bom:${testcontainersVersion}"
}
}
// Java Compiler Options
tasks.withType(JavaCompile) {
options.compilerArgs += [
"-parameters" // keep parameter names => no need for @Param for SpringData
]
}
// Configure tests
tasks.named('test') {
useJUnitPlatform()
jvmArgs '-Duser.language=en'
jvmArgs '-Duser.country=US'
}
// OpenAPI Source Code Generation
openapiProcessor {
springRoot {
processorName 'spring'
processor 'io.openapiprocessor:openapi-processor-spring:2022.5'
apiPath "$projectDir/src/main/resources/api-definition.yaml"
mapping "$projectDir/src/main/resources/api-mappings.yaml"
targetDir "$projectDir/build/generated/sources/openapi-javax"
showWarnings true
openApiNullable true
}
springRbac {
processorName 'spring'
processor 'io.openapiprocessor:openapi-processor-spring:2022.5'
apiPath "$projectDir/src/main/resources/api-definition/rbac/rbac.yaml"
mapping "$projectDir/src/main/resources/api-definition/rbac/api-mappings.yaml"
targetDir "$projectDir/build/generated/sources/openapi-javax"
showWarnings true
openApiNullable true
}
springTest {
processorName 'spring'
processor 'io.openapiprocessor:openapi-processor-spring:2022.5'
apiPath "$projectDir/src/main/resources/api-definition/test/test.yaml"
mapping "$projectDir/src/main/resources/api-definition/test/api-mappings.yaml"
targetDir "$projectDir/build/generated/sources/openapi-javax"
showWarnings true
openApiNullable true
}
springHs {
processorName 'spring'
processor 'io.openapiprocessor:openapi-processor-spring:2022.5'
apiPath "$projectDir/src/main/resources/api-definition/hs-office/hs-office.yaml"
mapping "$projectDir/src/main/resources/api-definition/hs-office/api-mappings.yaml"
targetDir "$projectDir/build/generated/sources/openapi-javax"
showWarnings true
openApiNullable true
}
}
sourceSets.main.java.srcDir 'build/generated/sources/openapi'
abstract class ProcessSpring extends DefaultTask {}
tasks.register('processSpring', ProcessSpring)
['processSpringRoot', 'processSpringRbac', 'processSpringTest', 'processSpringHs'].each {
project.tasks.processSpring.dependsOn it
}
project.tasks.processResources.dependsOn processSpring
project.tasks.compileJava.dependsOn processSpring
// Rename javax to jakarta in OpenApi generated java files because
// io.openapiprocessor.openapi-processor 2022.2 does not yet support the openapiprocessor useSpringBoot3 config option.
task openApiGenerate(type: Copy) {
from "$buildDir/generated/sources/openapi-javax"
into "$buildDir/generated/sources/openapi"
filter { line -> line.replaceAll('javax', 'jakarta') }
}
compileJava.source "$buildDir/generated/sources/openapi"
compileJava.dependsOn openApiGenerate
openApiGenerate.dependsOn processSpring
// Spotless Code Formatting
spotless {
java {
removeUnusedImports()
indentWithSpaces(4)
endWithNewline()
toggleOffOn()
target fileTree(rootDir) {
include '**/*.java'
exclude '**/generated/**/*.java'
}
}
}
project.tasks.check.dependsOn(spotlessCheck)
// HACK: no idea why spotless uses the output of these tasks, but we get warnings without those
project.tasks.spotlessJava.dependsOn(
tasks.generateLicenseReport,
tasks.pitest,
tasks.jacocoTestReport,
tasks.processResources,
tasks.processTestResources)
// OWASP Dependency Security Test
dependencyCheck {
nvd {
apiKey = project.property('OWASP_API_KEY') // set it in ~/.gradle/gradle.properties
delay = 16000
}
// cveValidForHours = 4
format = 'ALL'
suppressionFile = 'etc/owasp-dependency-check-suppression.xml'
failOnError = true
failBuildOnCVSS = 5
}
project.tasks.check.dependsOn(dependencyCheckAnalyze)
project.tasks.dependencyCheckAnalyze.doFirst { // Why not doLast? See README.md!
println "OWASP Dependency Security Report: file:///${project.rootDir}/build/reports/dependency-check-report.html"
}
// License Check
licenseReport {
excludeBoms = true
allowedLicensesFile = new File("$projectDir/etc/allowed-licenses.json")
}
project.tasks.check.dependsOn(checkLicense)
// JaCoCo Test Code Coverage
jacoco {
toolVersion = "0.8.10"
}
test {
finalizedBy jacocoTestReport // generate report after tests
excludes = [
'net.hostsharing.hsadminng.**.generated.**',
]
}
jacocoTestReport {
dependsOn test
afterEvaluate {
classDirectories.setFrom(files(classDirectories.files.collect {
fileTree(dir: it, exclude: [
"net/hostsharing/hsadminng/**/generated/**/*.class",
"net/hostsharing/hsadminng/hs/HsadminNgApplication.class"
])
}))
}
doFirst { // Why not doLast? See README.md!
println "HTML Jacoco Test Code Coverage Report: file://${reports.html.outputLocation.get()}/index.html"
}
}
project.tasks.check.dependsOn(jacocoTestCoverageVerification)
jacocoTestCoverageVerification {
violationRules {
rule {
limit {
minimum = 0.92
}
}
// element: PACKAGE, BUNDLE, CLASS, SOURCEFILE or METHOD
// counter: INSTRUCTION, BRANCH, LINE, COMPLEXITY, METHOD, or CLASS
// value: TOTALCOUNT, COVEREDCOUNT, MISSEDCOUNT, COVEREDRATIO or MISSEDRATIO
rule {
element = 'CLASS'
excludes = [
'net.hostsharing.hsadminng.**.generated.**',
'net.hostsharing.hsadminng.HsadminNgApplication',
'net.hostsharing.hsadminng.ping.PingController',
'net.hostsharing.hsadminng.mapper.Mapper'
]
limit {
counter = 'LINE'
value = 'COVEREDRATIO'
minimum = 0.98
}
}
rule {
element = 'METHOD'
excludes = [
'net.hostsharing.hsadminng.**.generated.**',
'net.hostsharing.hsadminng.HsadminNgApplication.main',
'net.hostsharing.hsadminng.ping.PingController.*'
]
limit {
counter = 'BRANCH'
value = 'COVEREDRATIO'
minimum = 1.00
}
}
}
}
// pitest mutation testing
pitest {
targetClasses = ['net.hostsharing.hsadminng.**']
excludedClasses = [
'net.hostsharing.hsadminng.config.**',
'net.hostsharing.hsadminng.**.*Controller',
'net.hostsharing.hsadminng.**.generated.**'
]
targetTests = ['net.hostsharing.hsadminng.**.*UnitTest', 'net.hostsharing.hsadminng.**.*RestTest']
excludedTestClasses = ['**AcceptanceTest*', '**IntegrationTest*']
pitestVersion = '1.15.3'
junit5PluginVersion = '1.1.0'
threads = 4
// As Java unit tests are pretty pointless in our case, this maybe makes not much sense.
mutationThreshold = 71
coverageThreshold = 57
testStrengthThreshold = 87
outputFormats = ['XML', 'HTML']
timestampedReports = false
}
project.tasks.check.dependsOn(project.tasks.pitest)
project.tasks.pitest.doFirst { // Why not doLast? See README.md!
println "PiTest Mutation Report: file:///${project.rootDir}/build/reports/pitest/index.html"
}
// Dependency Versions Upgrade
useLatestVersions {
finalizedBy check
}
def isNonStable = { String version ->
def stableKeyword = ['RELEASE', 'FINAL', 'GA'].any { it -> version.toUpperCase().contains(it) }
def regex = /^[0-9,.v-]+(-r)?$/
return !stableKeyword && !(version ==~ regex)
}
tasks.named("dependencyUpdates").configure {
rejectVersionIf {
isNonStable(it.candidate.version)
}
}