Skip to content
The Candlepin entitlement engine
Java Ruby JavaScript Python CSS Shell Other
Branch: master
Clone or download

Latest commit

Januson Merge pull request #2705 from candlepin/nikos/m/1815172
[M] 1815172: Upon registration, first resolve owner; ENT-2246
Latest commit 0995e10 May 25, 2020


Type Name Latest commit message Commit time
Failed to load latest commit information.
.github/workflows Add workflow for auto-assign reviewer action Mar 20, 2020
.idea Add shared IntelliJ IDEA settings. Mar 2, 2017
.settings Update copyright dates Jun 24, 2012
api Bumped Artemis version from 2.10.1 to 2.12.0 May 12, 2020
bin Remove buildr from bash_functions May 22, 2019
buildSrc Add custom openapi vendor extension to override collection type Jan 16, 2020
checks Bumped Artemis version from 2.10.1 to 2.12.0 May 12, 2020
common Bumped Artemis version from 2.10.1 to 2.12.0 May 12, 2020
config/checkstyle Fix the checkstyle to put static imports at the top of each file. Feb 4, 2020
docker ENT-2065 Migrate to new docker registry Feb 5, 2020
gradle/wrapper Update to Gradle 6.2 Feb 18, 2020
project_conf/eclipse Update to Checkstyle 8.26 & use sevntu.checks for DiamondOperatorForV… Dec 16, 2019
rel-eng Automatic commit of package [candlepin] release [3.1.11-1]. Apr 29, 2020
server Merge pull request #2705 from candlepin/nikos/m/1815172 May 25, 2020
vagrant Containers now use gradle instead of buildr Nov 20, 2019
.gitignore [F] ENT-851: Port EntitlerJob To The New Messaging Framework Dec 12, 2019
.rubocop.yml Use better name for 2xx status code expectation. Feb 29, 2016
BUILDING Move 'true' candlepin code to the toplevel Jun 19, 2012
Gemfile Clean up unused files & dependencies Dec 11, 2019
Gemfile.lock Revert "Bump rake from to 13.0.1" Mar 4, 2020
LICENSE 1520831: ENT-392: Move license to root directory Jun 28, 2018 Add explanations to MEAD docs. Apr 26, 2016 Clarify gradle rspec instructions Jun 12, 2019
Vagrantfile Change from nfs to sshfs for mounting filesystem in vagrant Sep 24, 2019
build.gradle Bumped Artemis version from 2.10.1 to 2.12.0 May 12, 2020
gradlew Update to Gradle 5.6.2 Oct 1, 2019
gradlew.bat Update to Gradle 5.6.2 Oct 1, 2019
pom.xml Adjust pom generation to handle spec-first changes Feb 19, 2020
profiles.yaml Update postgres dialect to minimum supported version of Postgres 9.2 Jun 10, 2019
rpmlint.config add rpmlint target to buildfile, and rpmlint.config Mar 14, 2013
settings.gradle Add spec-first build changes Jan 3, 2020

Custom Build Tasks

Unless otherwise noted, these tasks are all recursive: they will run on the project you are in and all subprojects contained within.

Building with Gradle

Candlepin uses gradle & gradle wrapper for building & running unit tests. To build Candlepin run ./gradlew war from the root of the project.

Custom Build Properties

A number of build flags can be passed to Gradle in order to rurn on or off certain features. The available flags are as follows:

  • -Pdatabase_server=(mariadb|postgres) Specify Mariadb or postgres as the database server to target. This defaults to postgres.
  • -Pdb_host="hostname" Specify the hostname for the databse server. This defaults to localhost
  • -Papp_db_name="db_name" Specify the name of the db schema to use. This defaults to candlepin
  • -Plogdriver=true Enable Logdriver support in config file generation & the generated war file.
  • -Pqpid=true Enable qpid configuration when generating a config file
  • -Phostedtest=true Enable the hosted test suite


  • ./gradlew gettext runs xgettext to extract strings from source files.
  • ./gradlew msgmerge runs msgmerge to merge translation updates back into the primary keys.pot file.
  • ./gradlew msgfmt runs msgfmt to convert the keys .po & .pot files into the generated java source files for compilation into the build. This task is run as a prerequisite of the compileJava task so it is run automatically every time compilation is done.

Check for Dependencies with CVEs

  • buildr dependency:check

The dependency:check task will check a project (and all sub-projects) using the OWASP Dependency Check to see if any dependencies have CVEs reported against them. The maximum allowable CVSS score can be modified by setting the max_allowed_cvss to a float value between 1.0 and 10.0. Any CVEs above the maximum allowed CVSS score will cause the build to fail.


  • ./gradlew checkstyleMain

Buildr provides a Checkstyle task, but we have our own that reads from the Eclipse Checkstyle Plugin configuration. The Eclipse configuration defines several variables that are then passed in to the project_conf/checks.xml (which is the actual Checkstyle configuration). This practice allows us to have slightly different style requirements for tests versus production code. The Eclipse Checkstyle Plugin defaults to reading from a file named .checkstyle in the root of the Eclipse project and that file points to the location of checks.xml. Unfortunately, checks.xml isn't in the Eclipse project root and the plugin doesn't know how to look outside of the Eclipse project directory except by using an absolute path.

To solve this problem, we generate the .checkstyle file programmatically when running the buildr eclipse task. The template is located at project_conf/.checkstyle and uses an XML entity to represent the location of checks.xml. When you run buildr eclipse, we set the value of the conf_dir entity in project_conf/eclipse-checkstyle.xml to the absolute path to checks.xml and drop the result into .checkstyle in your Eclipse project directory.

Unit Tests

  • ./gradlew tasks runs Unit tests

Spec Tests

  • ./gradlew rspec runs RSpec tests serially
  • ./gradlew rspec --spec my_file_name --test 'my test name' runs my test name in the my_file_name_spec.rb file (note that the _spec.rb suffix must be excluded).


  • buildr "changeset:my changeset name" Much like the rspec task, the changeset task is followed by a colon and an argument. In this case the argument is a brief description of the nature of the changeset. Be sure to quote the task name to prevent the shell from interpreting the spaces.


  • buildr swagger connects to a Candlepin deployment defined in buildfile and downloads the swagger.json file. It then sends this JSON file to swagger-codegen to automatically generate client bindings. The task can be subdivided with buildr swagger:json and buildr swagger:client.


Our crypto functions are provided by JSS which is not available in the normal Maven repositories. I put it in a Maven repository we control on, but here is the process I use in case anyone needs to replicate it. The example commands use version 4.5.0 and Fedora 28. Change those values as appropriate.

  • Download the latest SRPM from Fedora.
  • Build the SRPM in mock for that version of Fedora.
    mock -r fedora-28-x86_64 jss-4.5.0-1.fc28.src.rpm
  • Copy the rebuilt RPM from /var/lib/mock/fedora-28-x86_64/result (where Mock drops the results of its build)
  • Explode the RPM using rpm2cpio.
    rpm2cpio jss-4.5.0-1.fc28.src.rpm | cpio -idmv
  • Install the JAR file from the exploded RPM into your Maven repository. Make sure the version and path are correct.
    mvn install:install-file -Dpackaging=jar -DgroupId=org.mozilla
    -Dversion=4.5.0 -DartifactId=jss -Dfile=/tmp/jss/usr/lib/java/jss4.jar
  • Explode the SRPM into /tmp/jss. This will give you a source tarball.
    rpm2cpio jss-4.5.0-1.fc28.src.rpm |  cpio -idmv
  • Extract the source tarball.
    tar xzvf jss-4.5.0.tar.gz
  • Go into the source directory and create a source jar.
    cd jss-4.5.0 && jar cvf jss-4.5.0-sources.jar org
  • Install the sources jar
    mvn install:install-file -Dpackaging=jar -DgroupId=org.mozilla -Dversion=4.5.0 -DartifactId=jss -Dfile=jss-4.5.0-sources.jar -Dclassifier=sources
  • Now rsync everything under ~/.m2/repository/org/mozilla/jss to the Maven repository.
    rsync -avz ~/.m2/repository/org/mozilla/jss/


  • buildr pom creates a pom.xml file with the project dependencies in it
  • buildr rpmlint runs rpmlint on all *.spec files
You can’t perform that action at this time.