mirror of
https://github.com/corda/corda.git
synced 2025-05-09 20:12:56 +00:00
ENT-12844 - Build default jars for snyk scans (#7914)
* Build default jars for snyk scans * Snyk-scanner JAR for corda capsule * Don't publish snyk-scanner jars * Unwound previous changes * Include more snyk-scanner jars; removed references to Snyk
This commit is contained in:
parent
66c44adc16
commit
910e6f3212
43
build.gradle
43
build.gradle
@ -755,12 +755,53 @@ artifactory {
|
||||
defaults {
|
||||
// Root project applies the plugin (for this block) but does not need to be published
|
||||
if (project != rootProject) {
|
||||
publications(project.extensions.publish.name())
|
||||
def pubNames = project.publishing.publications*.name
|
||||
publications(pubNames.toArray(new String[0]))
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Publish the default jar for fat-jar sub-modules that do not currently publish their dependencies.
|
||||
// These are not for external consumption.
|
||||
// We must generate a jar which has a pom.xml with a full dependency list for vulnerability tools to evaluate.
|
||||
subprojects {
|
||||
afterEvaluate { project ->
|
||||
// map project to actual jar name, since some sub-project jars are not
|
||||
// published with the same name as their sub-project.
|
||||
def projectDict = [
|
||||
"testing:testserver": "corda-testserver",
|
||||
"tools:explorer": "corda-tools-explorer",
|
||||
"opentelemetry:opentelemetry-driver": "corda-opentelemetry-driver",
|
||||
"tools:network-builder": "corda-tools-network-builder",
|
||||
"node:capsule": "corda"
|
||||
]
|
||||
def lookupName = "${project.parent.name}:${project.name}".toString()
|
||||
|
||||
if (projectDict.containsKey(lookupName)) {
|
||||
apply plugin: 'maven-publish'
|
||||
def jarName = projectDict[lookupName]
|
||||
publishing {
|
||||
publications {
|
||||
"$jarName-jarPublication"(MavenPublication) {
|
||||
from components.java
|
||||
artifactId = "$jarName-thin-with-deps"
|
||||
pom {
|
||||
name = "$jarName-thin-with-deps"
|
||||
description = "Corda ${project.name} for vulnerability checking."
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
jar {
|
||||
archiveClassifier = 'R3-internal'
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
tasks.register('generateApi', net.corda.plugins.apiscanner.GenerateApi) {
|
||||
baseName = "api-corda"
|
||||
}
|
||||
|
@ -20,6 +20,9 @@ dependencies {
|
||||
capsuleRuntime "com.typesafe:config:$typesafe_config_version"
|
||||
compileOnly "com.typesafe:config:$typesafe_config_version"
|
||||
testRuntimeOnly "com.typesafe:config:$typesafe_config_version"
|
||||
|
||||
// 'implementation' for the benefit of the snyk-scanner POM file
|
||||
implementation "com.typesafe:config:$typesafe_config_version"
|
||||
|
||||
// Capsule is a library for building independently executable fat JARs.
|
||||
// We only need this dependency to compile our Caplet against.
|
||||
@ -30,7 +33,7 @@ dependencies {
|
||||
testImplementation "junit:junit:$junit_version"
|
||||
}
|
||||
|
||||
jar.enabled = false
|
||||
jar.enabled = true
|
||||
|
||||
capsule {
|
||||
version capsule_version
|
||||
|
@ -30,7 +30,7 @@ artifacts {
|
||||
}
|
||||
|
||||
jar {
|
||||
enabled = false
|
||||
enabled = true
|
||||
}
|
||||
|
||||
publish {
|
||||
|
@ -88,7 +88,7 @@ artifacts {
|
||||
}
|
||||
|
||||
jar {
|
||||
enabled = false
|
||||
enabled = true
|
||||
}
|
||||
|
||||
publish {
|
||||
|
Loading…
x
Reference in New Issue
Block a user