Working on handling multi-project Gradle and SBT projects

blackducksoftware · Jul 27, 2017 · ce59538 · ce59538
1 parent 649f484
commit ce59538
Show file tree

Hide file tree

Showing 6 changed files with 59 additions and 47 deletions.
diff --git a/src/main/groovy/com/blackducksoftware/integration/hub/detect/DetectProjectManager.groovy b/src/main/groovy/com/blackducksoftware/integration/hub/detect/DetectProjectManager.groovy
@@ -100,6 +100,10 @@ class DetectProjectManager {
                     logger.info("${bomToolTypeString} applies given the current configuration.")
                     foundAnyBomTools = true
                     List<DetectCodeLocation> codeLocations = bomTool.extractDetectCodeLocations()
+                    if (!detectProject.projectName && !detectProject.projectVersionName && bomTool.projectName && bomTool.projectVersion) {
+                        detectProject.projectName = bomTool.projectName
+                        detectProject.projectVersionName = bomTool.projectVersion
+                    }
                     if (codeLocations != null && codeLocations.size() > 0) {
                         detectProject.addAllDetectCodeLocations(codeLocations)
                     } else {
@@ -117,11 +121,11 @@ class DetectProjectManager {
                 }
             }
         }
-
-        //if none of the bom tools could determine a project/version, use some reasonable defaults
-        detectProject.projectName = getProjectName(detectProject.projectName)
-        detectProject.projectVersionName = getProjectVersionName(detectProject.projectVersionName, detectProject.projectVersionHash)
-
+        if (!detectProject.projectName && !detectProject.projectVersionName) {
+            //if none of the bom tools could determine a project/version, use some reasonable defaults
+            detectProject.projectName = getProjectName(detectProject.projectName)
+            detectProject.projectVersionName = getProjectVersionName(detectProject.projectVersionName, detectProject.projectVersionHash)
+        }
         if (!foundAnyBomTools) {
             logger.info("Could not find any tools to run - will register ${detectConfiguration.sourcePath} for signature scanning of ${detectProject.projectName}/${detectProject.projectVersionName}")
             hubSignatureScanner.registerPathToScan(detectConfiguration.sourceDirectory)

diff --git a/src/main/groovy/com/blackducksoftware/integration/hub/detect/bomtool/BomTool.groovy b/src/main/groovy/com/blackducksoftware/integration/hub/detect/bomtool/BomTool.groovy
@@ -52,6 +52,9 @@ abstract class BomTool {
     abstract BomToolType getBomToolType()
     abstract boolean isBomToolApplicable()
 
+    String projectName
+    String projectVersion
+
     /**
      * A BomTool is responsible for doing its best to create at least one, but possibly many, DetectCodeLocations.
      */

diff --git a/src/main/groovy/com/blackducksoftware/integration/hub/detect/bomtool/GradleBomTool.groovy b/src/main/groovy/com/blackducksoftware/integration/hub/detect/bomtool/GradleBomTool.groovy
@@ -70,15 +70,18 @@ class GradleBomTool extends BomTool {
     }
 
     List<DetectCodeLocation> extractDetectCodeLocations() {
-        DependencyNode rootProjectNode = extractRootProjectNode()
-        DetectCodeLocation detectCodeLocation = new DetectCodeLocation(getBomToolType(), sourcePath, rootProjectNode)
-
+        List<DetectCodeLocation> codeLocations = new ArrayList<>()
+        List<DependencyNode> projectNodes = extractProjectNodes()
+        projectNodes.each {
+            // Set the source path of the DetectCodeLocation to the name of the node since we dont know the path of the project it came from
+            DetectCodeLocation detectCodeLocation = new DetectCodeLocation(getBomToolType(), it.name, it.name, it.version, null, it.externalId, it.children)
+            codeLocations.add(detectCodeLocation)
+        }
         File[] additionalTargets = detectFileManager.findFilesToDepth(detectConfiguration.sourceDirectory, 'build', detectConfiguration.searchDepth)
         if (additionalTargets) {
             additionalTargets.each { hubSignatureScanner.registerPathToScan(it) }
         }
-
-        [detectCodeLocation]
+        codeLocations
     }
 
     private String findGradleExecutable(String sourcePath) {
@@ -95,7 +98,7 @@ class GradleBomTool extends BomTool {
         gradlePath
     }
 
-    DependencyNode extractRootProjectNode() {
+    List<DependencyNode> extractProjectNodes() {
         File initScriptFile = detectFileManager.createFile(BomToolType.GRADLE, 'init-detect.gradle')
         String initScriptContents = getClass().getResourceAsStream('/init-script-gradle').getText(StandardCharsets.UTF_8.name())
         initScriptContents = initScriptContents.replace('GRADLE_INSPECTOR_VERSION', detectConfiguration.getGradleInspectorVersion())
@@ -115,14 +118,28 @@ class GradleBomTool extends BomTool {
 
         File buildDirectory = new File(sourcePath, 'build')
         File blackduckDirectory = new File(buildDirectory, 'blackduck')
-        File dependencyNodeFile = new File(blackduckDirectory, 'dependencyNodes.json')
-        String dependencyNodeJson = dependencyNodeFile.getText(StandardCharsets.UTF_8.name())
-        DependencyNode rootProjectDependencyNode = gson.fromJson(dependencyNodeJson, DependencyNode.class)
+
+        List<DependencyNode> nodes = new ArrayList<>()
+
+        File[] dependencyNodeFiles = detectFileManager.findFiles(blackduckDirectory, '*_dependencyNodes.json')
+        dependencyNodeFiles.each {
+            logger.debug("Dependency Node file name: ${it.getName()}")
+            String dependencyNodeJson = it.getText(StandardCharsets.UTF_8.name())
+            DependencyNode projectDependencyNode = gson.fromJson(dependencyNodeJson, DependencyNode.class)
+            nodes.add(projectDependencyNode)
+        }
+        extractProjectInformation(blackduckDirectory)
 
         if (detectConfiguration.gradleCleanupBuildBlackduckDirectory) {
             blackduckDirectory.deleteDir()
         }
+        nodes
+    }
 
-        rootProjectDependencyNode
+    private void extractProjectInformation(File blackduckDirectory){
+        File projectInfoFile = new File(blackduckDirectory, 'ProjectInfo.txt')
+        String[] projectInfoLines = projectInfoFile.text.split(System.getProperty('line.separator'))
+        projectName = projectInfoLines[0]
+        projectVersion = projectInfoLines[1]
     }
 }
diff --git a/src/main/groovy/com/blackducksoftware/integration/hub/detect/bomtool/SbtBomTool.groovy b/src/main/groovy/com/blackducksoftware/integration/hub/detect/bomtool/SbtBomTool.groovy
@@ -66,10 +66,10 @@ class SbtBomTool extends BomTool {
         int depth = detectConfiguration.getSearchDepth()
         List<File> sbtFiles = detectFileManager.findFilesToDepth(sourcePath, BUILD_SBT_FILENAME, depth)
 
-        DependencyNode root = null
-        List<DependencyNode> children = new ArrayList<DependencyNode>()
+        List<DetectCodeLocation> codeLocations = new ArrayList<DetectCodeLocation>()
 
         sbtFiles.each { sbtFile ->
+            logger.debug("Found SBT build file : ${sbtFile.getCanonicalPath()}")
             def sbtDirectory = sbtFile.getParentFile()
             def reportPath = new File(sbtDirectory, REPORT_FILE_DIRECTORY)
 
@@ -81,22 +81,19 @@ class SbtBomTool extends BomTool {
                 logger.warn("No dependencies could be generated for report folder: ${reportPath}")
             } else {
                 if (sbtDirectory.path.equals(sourcePath)) {
-                    root = node
-                } else {
-                    children.add(node)
+                    projectName = node.name
+                    projectVersion = node.version
                 }
+                def detectCodeLocation = new DetectCodeLocation(getBomToolType(), sbtDirectory.getCanonicalPath(), node)
+                codeLocations.add(detectCodeLocation)
             }
         }
 
-        if (root == null) {
-            logger.error("Unable to find dependencies for the root artifact.")
+        if (!codeLocations) {
+            logger.error("Unable to find any dependency information.")
             return []
         } else {
-            root.children.addAll(children)
-
-            def detectCodeLocation = new DetectCodeLocation(getBomToolType(), sourcePath, root)
-
-            return [detectCodeLocation]
+            return codeLocations
         }
     }
 }
diff --git a/src/main/groovy/com/blackducksoftware/integration/hub/detect/bomtool/sbt/SbtPackager.groovy b/src/main/groovy/com/blackducksoftware/integration/hub/detect/bomtool/sbt/SbtPackager.groovy
@@ -39,6 +39,7 @@ public class SbtPackager {
         def aggregator = new SbtConfigurationAggregator()
 
         List<SbtConfigurationDependencyTree> configurations = reportFiles.collect { reportFile->
+            logger.debug("Parsing SBT report file : ${reportFile.getCanonicalPath()}")
             def xml = new XmlSlurper().parse(reportFile)
             def report = parser.parseReportFromXml(xml)
             def tree = resolver.resolveReportDependencies(report)

diff --git a/src/main/resources/init-script-gradle b/src/main/resources/init-script-gradle
@@ -4,22 +4,15 @@ import org.gradle.api.Task
 import org.gradle.api.execution.TaskExecutionListener
 import org.gradle.api.tasks.TaskState
 
-import com.google.gson.Gson
-import com.google.gson.GsonBuilder
-import com.google.gson.stream.JsonWriter
-
 import com.blackducksoftware.integration.gradle.DependencyGatherer
-import com.blackducksoftware.integration.hub.bdio.simple.model.DependencyNode
-import com.blackducksoftware.integration.hub.bdio.simple.model.externalid.ExternalId
-import com.blackducksoftware.integration.hub.bdio.simple.model.Forge
 
 initscript {
     repositories {
+        mavenLocal()
         mavenCentral()
     }
     dependencies {
         classpath 'com.blackducksoftware.integration:integration-gradle-inspector:GRADLE_INSPECTOR_VERSION'
-        classpath 'com.google.code.gson:gson:2.7'
     }
 }
 
@@ -35,17 +28,14 @@ addListener(
                     executed = true
                 }
 
-                def dependencyGatherer = new DependencyGatherer()
-                DependencyNode rootProjectDependencyNode = dependencyGatherer.getFullyPopulatedRootNode(task.project, 'EXCLUDED_PROJECT_NAMES', 'INCLUDED_PROJECT_NAMES', 'EXCLUDED_CONFIGURATION_NAMES', 'INCLUDED_CONFIGURATION_NAMES')
                 File outputDirectory = new File(task.project.buildDir, 'blackduck')
                 outputDirectory.mkdirs()
-                File outputFile = new File(outputDirectory, 'dependencyNodes.json')
-                if (outputFile.exists()) {
-                    outputFile.delete()
-                }
-                Gson gson = new GsonBuilder().setPrettyPrinting().create()
-                JsonWriter jsonWriter = gson.newJsonWriter(new BufferedWriter(new FileWriter(outputFile)))
-                gson.toJson(rootProjectDependencyNode, DependencyNode.class, jsonWriter)
-                jsonWriter.close()
-            }
-        })
+
+                def dependencyGatherer = new DependencyGatherer()
+                def rootProject = task.project
+                dependencyGatherer.createAllProjectDependencyFiles(rootProject, 'EXCLUDED_PROJECT_NAMES', 'INCLUDED_PROJECT_NAMES', 'EXCLUDED_CONFIGURATION_NAMES', 'INCLUDED_CONFIGURATION_NAMES', outputDirectory)
+
+                File projectInfoFile = new File(outputDirectory, "ProjectInfo.txt")
+                projectInfoFile.write("${rootProject.name.toString()}${System.getProperty('line.separator')}${rootProject.version.toString()}")
+           }
+       })