VersionEye plug-in for the Kobalt build system
Kotlin Other
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
.idea
example
kobalt
src
.gitignore
.travis.yml
LICENSE.TXT
README.md
kobalt-versioneye.iml
kobaltw
kobaltw.bat

README.md

VersionEye plug-in for Kobalt

License (3-Clause BSD) Build Status Download

VersionEye Logo

The plug-in will create and update projects on VersionEye, a service that notifies you about outdated dependencies, security vulnerabilities and license violations.

To use the plug-in include the following in Build.kt file:

import net.thauvin.erik.kobalt.plugin.versioneye.*

val pl = plugins("net.thauvin.erik:kobalt-versioneye:")

val p = project {
    name = "example"
    group = "com.example"
    artifactId = name
    version = "0.1"

    versionEye {

    }
}

View Example

To create or update your project on VersionEye, you will need an API key. If you are signed up, you can find your API Key here:

VersionEye API Key

To create your project on VersionEye simply use your API Key as follows

./kobaltw -Dversioneye.ApiKey=YOUR_API_KEY_HERE versionEye

This will instruct the plug-in to create and update your project on VersionEye. Your API Key will automatically be saved in thelocal.properties file.

Upon running the above command the plug-in will output something like:

Example Report

The report is based on the Traffic Light concept:

  1. Green items are clear.
  2. Yellow items may require some attention.
  3. Red items will cause the build to fail.

By default the plug-in is configured to only fail on known security vulnerabilities.

Global Configuration

You can configure the VersionEye API Key and Project Key (if you already have one) in one of two ways.

Using the command line:

./kobaltw -Dversioneye.ApiKey=YOUR_API_KEY -Dversionkey.projectKey=YOUR_PROJECT_KEY versionEye

These keys will be save automatically in the local.properties file.

In the local.properties file:

versioneye.ApiKey=YOUR_API_KEY
versioneye.projectKey=YOUR_PROJECT_KEY

Task Configuration

Parameters are configurable in the versionEye task:

versionEye {
    baseUrl = "https://www.versioneye.com/"
    colors = true
    name = ""
    org = ""
    quiet = false
    team = ""
    verbose = true
    visibility = "public"

    failOn(Fail.securityCheck)
}

The values are:

Value Description Default
baseUrl For VersionEye Enterprise VM to use your own domain, e.g. https://versioneye.my-company.com/ https://www.versioneye.com/
colors To enable (true) or disable (false) colors in the plug-in output. true
name The name of the VersionEye project, if none is specified the Kobalt project name will be used. none
quiet To completely disable output from the plug-in. false
org The VersionEye organization, if any. none
team The VersionEye team, if any. none
verbose To enable or disable extra information in the plug-in output. true
visibility To set the project's visibility on VersionEye, either public or private public

Some of the parameters can be controlled temporarily from the command line, as follows:

./kobaltw -Dve.colors=false versionEye
./kobaltw -Dve.verbose=false versionEye
./kobaltw -Dve.quiet=true versionEye

./kobaltw -Dve.colors=false -Dve.verbose=false versionEye

Failures Configuration

The failOn directive can be used to trigger specific failures:

versionEye {
    failOn(Fail.securityCheck, Fail.licensesCheck)
}
Fail On Description
Fail.dependenciesCheck Will triggered a failure on outdated dependencies.
Fail.licensesUnknownCheck Will trigger a failure on unknown licenses.
Fail.licensesCheck Will trigger a failure on licenses whitelist violations. Licenses and components whitelists can be configured on the VersionEye website.
Fail.securityCheck Will trigger a failure on known security vulnerabilities, on by default.