plugins { id 'application' id 'war' id 'com.netflix.nebula.ospackage' version '11.8.0' id 'org.springframework.boot' version '3.0.1' id 'io.spring.dependency-management' version '1.1.0' } // Get version from main project gradle def packVersion = properties.get("packageVersion"); def jarVersion = properties.get("jarVersion"); def projVersion = properties.get("projVersion"); //println "packageVersion is ${projVersion}" java { toolchain { languageVersion = JavaLanguageVersion.of(17) } } bootRun { if (project.hasProperty('debug')) { jvmArgs project.debug } } configurations { compileOnly { extendsFrom annotationProcessor } all*.exclude module: 'spring-boot-starter-logging' } dependencies { implementation project(':HIRS_Utils') implementation project(':HIRS_AttestationCA') implementation libs.bouncycastle implementation libs.commons.fileupload implementation libs.gson implementation libs.guava implementation libs.jakarta.persistence.api implementation libs.jakarta.servlet implementation libs.jakarta.xml implementation libs.log4j.spring.boot implementation libs.mariadb.java.client // pull the pci dependency and ... implementation(libs.pci) { // replace the default apache http client transitive dependency exclude group: 'org.apache.httpcomponents', module: 'httpclient' } // with the non-vulnerable version of the apache http client dependency implementation libs.apacheHttpClient implementation libs.spring.boot.starter.web implementation libs.spring.boot.starter.validation implementation libs.spring.boot.starter.data.jpa implementation libs.spring.boot.starter.log4j2 implementation libs.tomcat.embed.jasper compileOnly libs.lombok annotationProcessor libs.lombok providedRuntime libs.spring.boot.starter.tomcat testImplementation libs.junit.jupiter testImplementation libs.hsqldb testImplementation libs.spring.boot.starter.test testCompileOnly libs.lombok testAnnotationProcessor libs.lombok } test { useJUnitPlatform() } task buildVersion() { doLast { def verFile = new File(projectDir, "build/VERSION") verFile.write("${jarVersion}") } } ospackage { packageName = 'HIRS_AttestationCA' description = 'HIRS Attestation CA. Use systemctl status hirs-aca' os = LINUX arch = NOARCH version = "$packVersion" release = '2' user 'root' fileMode = 0755 addParentDirs = true createDirectoryEntry true into('/etc/hirs') { from '../VERSION' } // copy json tables into('/etc/hirs/aca/default-properties') { from '../HIRS_AttestationCA/src/main/resources/component-class.json' from '../HIRS_Utils/src/main/resources/vendor-table.json' } // copy springboot property file into('/etc/hirs/aca/') { from '../HIRS_AttestationCAPortal/src/main/resources/application.properties' from 'build/VERSION' } // copy setup scripts to /opt/hirs/aca into('/opt/hirs/aca/scripts/') { from '../package/linux/' } // copy the war file into /opt/hirs/aca into('/opt/hirs/aca/') { from '../HIRS_AttestationCAPortal/build/libs/HIRS_AttestationCAPortal.war' user 'root' fileMode = 0755 } // Install - check for existing setup preInstall 'if [ -d /etc/hirs ]; then echo "Error: /etc/hirs/ exists, aborting install"; exit 1; fi;' preInstall 'if [ -d /opt/hirs ]; then echo "Error: /opt/hirs/ exists, aborting install"; exit 1; fi;' // Uninstall preUninstall 'bash /opt/hirs/aca/scripts/aca/aca_remove_setup.sh $1' preUninstall 'bash /opt/hirs/aca/scripts/systemd/aca_disable_service.sh' postUninstall 'if [ -d /etc/hirs ]; then rm -rf /etc/hirs; fi;' postUninstall 'if [ -d /opt/hirs ]; then rm -rf /opt/hirs; fi;' buildRpm { dependsOn ':HIRS_AttestationCAPortal:buildVersion' dependsOn ':HIRS_AttestationCAPortal:bootWar' arch = X86_64 // Required apps will be aut installed by dnf if not present requires('java-17-openjdk', '17.0', GREATER | EQUAL) requires('mariadb-server', '10.3', GREATER | EQUAL) requires('procps-ng', '3.3.15', GREATER | EQUAL) requires('alternatives', '1.19', GREATER | EQUAL) requires('hwdata', '0.314', GREATER | EQUAL) // Post Trans stage (Occurs after required app and postInstall stage) // Note postInstall wont wait for required apps postTrans 'update-alternatives --set java java-17-openjdk.x86_64' postTrans 'firewall-cmd --add-port=8443/tcp --permanent' postTrans 'firewall-cmd --reload' postTrans 'bash /opt/hirs/aca/scripts/aca/aca_setup.sh -u' postTrans 'bash /opt/hirs/aca/scripts/systemd/aca_enable_service.sh' postTrans 'chmod +x /opt/hirs/aca/scripts/aca/*' postTrans 'if [ -f /opt/hirs/aca/VERSION ]; then rm /opt/hirs/aca/VERSION; fi;' // Wait for ACA to start up before finishing the install postTrans 'bash /opt/hirs/aca/scripts/aca/check_for_aca.sh' } buildDeb { dependsOn ':HIRS_AttestationCAPortal:buildVersion' dependsOn ':HIRS_AttestationCAPortal:bootWar' packageName = 'hirs-attestationca' arch = 'amd64' requires('openjdk-17-jdk', '17.0', GREATER | EQUAL) requires('mariadb-server', '10.3', GREATER | EQUAL) requires('curl') requires('hwdata', '0.314', GREATER | EQUAL) // Install after required packages postInstall 'bash /opt/hirs/aca/scripts/aca/aca_setup.sh -u' postInstall 'bash /opt/hirs/aca/scripts/systemd/aca_enable_service.sh' postInstall 'chmod +x /opt/hirs/aca/scripts/aca/*' postInstall 'if [ -f /opt/hirs/aca/VERSION ]; then rm /opt/hirs/aca/VERSION; fi;' // Wait for ACA to start up before finishing the install postInstall 'bash /opt/hirs/aca/scripts/aca/check_for_aca.sh' } }