From 3b7a7a985896395567846a606ca609c2e52dfcb0 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Mon, 30 Oct 2023 10:33:54 -0400 Subject: [PATCH 01/63] feat: add a unmanaged dependency check --- .../unmanaged-dependency-check/pom.xml | 34 +++++++++++++ .../cloud/UnmanagedDependencyCheck.java | 50 +++++++++++++++++++ .../cloud/UnmanagedDependencyCheckTest.java | 15 ++++++ pom.xml | 1 + 4 files changed, 100 insertions(+) create mode 100644 java-shared-dependencies/unmanaged-dependency-check/pom.xml create mode 100644 java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java create mode 100644 java-shared-dependencies/unmanaged-dependency-check/src/test/java/com/google/cloud/UnmanagedDependencyCheckTest.java diff --git a/java-shared-dependencies/unmanaged-dependency-check/pom.xml b/java-shared-dependencies/unmanaged-dependency-check/pom.xml new file mode 100644 index 0000000000..d72101ac40 --- /dev/null +++ b/java-shared-dependencies/unmanaged-dependency-check/pom.xml @@ -0,0 +1,34 @@ + + + 4.0.0 + + com.google.cloud + google-cloud-shared-dependencies + 3.18.1-SNAPSHOT + ../pom.xml + + + unmanaged-dependency-check + + + 17 + 17 + UTF-8 + + + + com.google.cloud.tools + dependencies + 1.5.13 + + + junit + junit + 4.13.1 + test + + + + \ No newline at end of file diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java new file mode 100644 index 0000000000..3c321612dc --- /dev/null +++ b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java @@ -0,0 +1,50 @@ +package com.google.cloud; + +import com.google.cloud.tools.opensource.dependencies.Bom; +import com.google.cloud.tools.opensource.dependencies.MavenRepositoryException; +import java.nio.file.Paths; +import java.util.Set; +import java.util.stream.Collectors; +import org.eclipse.aether.resolution.ArtifactDescriptorException; + +public class UnmanagedDependencyCheck { + + /** + * Returns dependency coordinates that are not managed by shared dependency BOM. + * @param sharedDependencyVersion + * @param projectBomPath + * @return + * @throws ArtifactDescriptorException + * @throws MavenRepositoryException + */ + public static String outputUnmanagedDependencies( + String sharedDependencyVersion, String projectBomPath) + throws ArtifactDescriptorException, MavenRepositoryException { + Set sharedDependencies = getSharedDependencies(sharedDependencyVersion); + Set managedDependencies = getManagedDependencies(projectBomPath); + + return managedDependencies.stream() + .filter(dependency -> !sharedDependencies.contains(dependency)) + .collect(Collectors.joining()); + } + + private static Set getSharedDependencies(String sharedDependencyVersion) + throws ArtifactDescriptorException { + return getManagedDependenciesFromBom( + Bom.readBom( + String.format( + "com.google.cloud:google-cloud-shared-dependencies:%s", sharedDependencyVersion))); + } + + private static Set getManagedDependencies(String projectBomPath) + throws MavenRepositoryException { + return getManagedDependenciesFromBom(Bom.readBom(Paths.get(projectBomPath))); + } + + private static Set getManagedDependenciesFromBom(Bom bom) { + return bom.getManagedDependencies().stream() + .filter(artifact -> !artifact.getClassifier().equals("tests")) + .map(artifact -> String.format("%s:%s", artifact.getGroupId(), artifact.getArtifactId())) + .collect(Collectors.toSet()); + } +} diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/test/java/com/google/cloud/UnmanagedDependencyCheckTest.java b/java-shared-dependencies/unmanaged-dependency-check/src/test/java/com/google/cloud/UnmanagedDependencyCheckTest.java new file mode 100644 index 0000000000..fdcae714d7 --- /dev/null +++ b/java-shared-dependencies/unmanaged-dependency-check/src/test/java/com/google/cloud/UnmanagedDependencyCheckTest.java @@ -0,0 +1,15 @@ +package com.google.cloud; + +import com.google.cloud.tools.opensource.dependencies.MavenRepositoryException; +import org.eclipse.aether.resolution.ArtifactDescriptorException; +import org.junit.Test; + +public class UnmanagedDependencyCheckTest { + @Test + public void test() throws MavenRepositoryException, ArtifactDescriptorException { + String unManagedDependencies = + UnmanagedDependencyCheck.outputUnmanagedDependencies( + "3.18.0", "../../gapic-generator-java/pom.xml"); + System.out.println(unManagedDependencies); + } +} diff --git a/pom.xml b/pom.xml index 75ae2a331a..38b85b62c4 100644 --- a/pom.xml +++ b/pom.xml @@ -23,6 +23,7 @@ java-core gapic-generator-java-bom java-shared-dependencies + java-shared-dependencies/unmanaged-dependency-check From 0cc007d7683a44b575eb058e4f3928019339919a Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Thu, 2 Nov 2023 21:01:05 -0400 Subject: [PATCH 02/63] feat: add unmanaged dependency check --- .../unmanaged-dependency-check/pom.xml | 8 +++- .../cloud/UnmanagedDependencyCheck.java | 12 +++-- .../cloud/UnmanagedDependencyCheckTest.java | 26 ++++++++-- .../test/resources/self-dependency-pom.xml | 32 +++++++++++++ .../shared-dependency-3.18.0-pom.xml | 47 +++++++++++++++++++ 5 files changed, 114 insertions(+), 11 deletions(-) create mode 100644 java-shared-dependencies/unmanaged-dependency-check/src/test/resources/self-dependency-pom.xml create mode 100644 java-shared-dependencies/unmanaged-dependency-check/src/test/resources/shared-dependency-3.18.0-pom.xml diff --git a/java-shared-dependencies/unmanaged-dependency-check/pom.xml b/java-shared-dependencies/unmanaged-dependency-check/pom.xml index d72101ac40..441d644511 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/pom.xml +++ b/java-shared-dependencies/unmanaged-dependency-check/pom.xml @@ -26,7 +26,13 @@ junit junit - 4.13.1 + 4.13.2 + test + + + com.google.truth + truth + 1.1.5 test diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java index 3c321612dc..186d328b4f 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java +++ b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java @@ -3,6 +3,7 @@ import com.google.cloud.tools.opensource.dependencies.Bom; import com.google.cloud.tools.opensource.dependencies.MavenRepositoryException; import java.nio.file.Paths; +import java.util.List; import java.util.Set; import java.util.stream.Collectors; import org.eclipse.aether.resolution.ArtifactDescriptorException; @@ -11,13 +12,14 @@ public class UnmanagedDependencyCheck { /** * Returns dependency coordinates that are not managed by shared dependency BOM. - * @param sharedDependencyVersion - * @param projectBomPath - * @return + * + * @param sharedDependencyVersion the version of shared dependency BOM + * @param projectBomPath the path of current project BOM + * @return a list of unmanaged dependencies by the given version of shared dependency BOM * @throws ArtifactDescriptorException * @throws MavenRepositoryException */ - public static String outputUnmanagedDependencies( + public static List getUnmanagedDependencies( String sharedDependencyVersion, String projectBomPath) throws ArtifactDescriptorException, MavenRepositoryException { Set sharedDependencies = getSharedDependencies(sharedDependencyVersion); @@ -25,7 +27,7 @@ public static String outputUnmanagedDependencies( return managedDependencies.stream() .filter(dependency -> !sharedDependencies.contains(dependency)) - .collect(Collectors.joining()); + .collect(Collectors.toList()); } private static Set getSharedDependencies(String sharedDependencyVersion) diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/test/java/com/google/cloud/UnmanagedDependencyCheckTest.java b/java-shared-dependencies/unmanaged-dependency-check/src/test/java/com/google/cloud/UnmanagedDependencyCheckTest.java index fdcae714d7..14191ec595 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/src/test/java/com/google/cloud/UnmanagedDependencyCheckTest.java +++ b/java-shared-dependencies/unmanaged-dependency-check/src/test/java/com/google/cloud/UnmanagedDependencyCheckTest.java @@ -1,15 +1,31 @@ package com.google.cloud; +import static com.google.common.truth.Truth.assertThat; +import static org.junit.Assert.assertTrue; + import com.google.cloud.tools.opensource.dependencies.MavenRepositoryException; +import com.google.common.collect.ImmutableList; +import java.util.List; import org.eclipse.aether.resolution.ArtifactDescriptorException; import org.junit.Test; public class UnmanagedDependencyCheckTest { @Test - public void test() throws MavenRepositoryException, ArtifactDescriptorException { - String unManagedDependencies = - UnmanagedDependencyCheck.outputUnmanagedDependencies( - "3.18.0", "../../gapic-generator-java/pom.xml"); - System.out.println(unManagedDependencies); + public void getUnmanagedDependencyFromSamePomTest() + throws MavenRepositoryException, ArtifactDescriptorException { + List unManagedDependencies = + UnmanagedDependencyCheck.getUnmanagedDependencies( + "3.18.0", "src/test/resources/shared-dependency-3.18.0-pom.xml"); + assertTrue(unManagedDependencies.isEmpty()); + } + + @Test + public void getUnmanagedDependencyFromDifferentPomTest() + throws MavenRepositoryException, ArtifactDescriptorException { + List unManagedDependencies = + UnmanagedDependencyCheck.getUnmanagedDependencies( + "3.18.0", "src/test/resources/self-dependency-pom.xml"); + assertThat(unManagedDependencies) + .containsAtLeastElementsIn(ImmutableList.of("org.springframework.boot:spring-boot")); } } diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/self-dependency-pom.xml b/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/self-dependency-pom.xml new file mode 100644 index 0000000000..eb479ee1d2 --- /dev/null +++ b/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/self-dependency-pom.xml @@ -0,0 +1,32 @@ + + + 4.0.0 + com.example + self-dependencies + pom + 0.0.1 + Self Dependencies + + Self dependency pom used in test. + + + + + + org.springframework.boot + spring-boot-dependencies + 3.1.5 + pom + import + + + + + + + + org.springframework.boot + spring-boot + + + diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/shared-dependency-3.18.0-pom.xml b/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/shared-dependency-3.18.0-pom.xml new file mode 100644 index 0000000000..d716ab7738 --- /dev/null +++ b/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/shared-dependency-3.18.0-pom.xml @@ -0,0 +1,47 @@ + + + 4.0.0 + com.google.cloud + google-cloud-shared-dependencies + pom + 3.18.0 + + first-party-dependencies + third-party-dependencies + + Google Cloud Shared Dependencies + + Shared build configuration for Google Cloud Java libraries. + + + + com.google.api + gapic-generator-java-pom-parent + 2.28.0 + ../gapic-generator-java-pom-parent + + + + UTF-8 + ${project.artifactId} + + + + + + com.google.cloud + first-party-dependencies + 3.18.0 + pom + import + + + com.google.cloud + third-party-dependencies + 3.18.0 + pom + import + + + + From 3b151d305ae8064bec61e04953365eefc4888572 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Thu, 2 Nov 2023 21:09:35 -0400 Subject: [PATCH 03/63] change parent --- .../unmanaged-dependency-check/pom.xml | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/java-shared-dependencies/unmanaged-dependency-check/pom.xml b/java-shared-dependencies/unmanaged-dependency-check/pom.xml index 441d644511..1f902ecb63 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/pom.xml +++ b/java-shared-dependencies/unmanaged-dependency-check/pom.xml @@ -3,14 +3,13 @@ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> 4.0.0 - - com.google.cloud - google-cloud-shared-dependencies - 3.18.1-SNAPSHOT - ../pom.xml - - + com.google.cloud unmanaged-dependency-check + 3.18.1-SNAPSHOT + Unmanaged dependency check + + + 17 From 49574ec65c65dd87726863d726f668b6bde35aa8 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Thu, 2 Nov 2023 22:10:28 -0400 Subject: [PATCH 04/63] change source/target --- java-shared-dependencies/unmanaged-dependency-check/pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/java-shared-dependencies/unmanaged-dependency-check/pom.xml b/java-shared-dependencies/unmanaged-dependency-check/pom.xml index 1f902ecb63..e469374076 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/pom.xml +++ b/java-shared-dependencies/unmanaged-dependency-check/pom.xml @@ -12,8 +12,8 @@ - 17 - 17 + 1.8 + 1.8 UTF-8 From cbd15e3feb1f04d77b8ffc6c9fe1844fe414aedc Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Thu, 2 Nov 2023 22:15:25 -0400 Subject: [PATCH 05/63] add private constructor --- .../main/java/com/google/cloud/UnmanagedDependencyCheck.java | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java index 186d328b4f..2f55e64ad8 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java +++ b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java @@ -49,4 +49,8 @@ private static Set getManagedDependenciesFromBom(Bom bom) { .map(artifact -> String.format("%s:%s", artifact.getGroupId(), artifact.getArtifactId())) .collect(Collectors.toSet()); } + + private UnmanagedDependencyCheck() { + + } } From 420e8ec2280883964eddd9eb92dc17bf8ef0dcdb Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Sat, 4 Nov 2023 14:50:38 -0400 Subject: [PATCH 06/63] throw exception if the private constructor is called --- .../main/java/com/google/cloud/UnmanagedDependencyCheck.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java index 2f55e64ad8..aa7cbaa526 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java +++ b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java @@ -51,6 +51,6 @@ private static Set getManagedDependenciesFromBom(Bom bom) { } private UnmanagedDependencyCheck() { - + throw new IllegalStateException("Utility class"); } } From b97b883724e8393b81d6a7d108d29a323545c9c5 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Sat, 4 Nov 2023 15:07:36 -0400 Subject: [PATCH 07/63] remove module --- pom.xml | 1 - 1 file changed, 1 deletion(-) diff --git a/pom.xml b/pom.xml index 38b85b62c4..75ae2a331a 100644 --- a/pom.xml +++ b/pom.xml @@ -23,7 +23,6 @@ java-core gapic-generator-java-bom java-shared-dependencies - java-shared-dependencies/unmanaged-dependency-check From 09f3a0efba93e31c8a1e450c9e775af5a207a2b4 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 28 Nov 2023 20:11:00 -0500 Subject: [PATCH 08/63] add main function --- .github/workflows/unmanaged_dependency_check.yaml | 0 .../unmanaged-dependency-check/action.yaml | 0 .../java/com/google/cloud/UnmanagedDependencyCheck.java | 8 ++++++++ 3 files changed, 8 insertions(+) create mode 100644 .github/workflows/unmanaged_dependency_check.yaml create mode 100644 java-shared-dependencies/unmanaged-dependency-check/action.yaml diff --git a/.github/workflows/unmanaged_dependency_check.yaml b/.github/workflows/unmanaged_dependency_check.yaml new file mode 100644 index 0000000000..e69de29bb2 diff --git a/java-shared-dependencies/unmanaged-dependency-check/action.yaml b/java-shared-dependencies/unmanaged-dependency-check/action.yaml new file mode 100644 index 0000000000..e69de29bb2 diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java index aa7cbaa526..43b8d72489 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java +++ b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java @@ -1,5 +1,7 @@ package com.google.cloud; +import static com.google.common.base.Preconditions.checkArgument; + import com.google.cloud.tools.opensource.dependencies.Bom; import com.google.cloud.tools.opensource.dependencies.MavenRepositoryException; import java.nio.file.Paths; @@ -10,6 +12,12 @@ public class UnmanagedDependencyCheck { + public static void main(String[] args) + throws MavenRepositoryException, ArtifactDescriptorException { + checkArgument(args.length == 2, "The length of the inputs should be 2"); + System.out.println(getUnmanagedDependencies(args[0], args[1])); + } + /** * Returns dependency coordinates that are not managed by shared dependency BOM. * From 10c424346f8cb6602e5f6d1467ac2dcdc0454672 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 28 Nov 2023 20:11:45 -0500 Subject: [PATCH 09/63] add action yaml --- .../unmanaged-dependency-check/action.yaml | 27 +++++++++++++++++++ .../unmanaged-dependency-check/pom.xml | 21 +++++++++++++++ 2 files changed, 48 insertions(+) diff --git a/java-shared-dependencies/unmanaged-dependency-check/action.yaml b/java-shared-dependencies/unmanaged-dependency-check/action.yaml index e69de29bb2..08f2262409 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/action.yaml +++ b/java-shared-dependencies/unmanaged-dependency-check/action.yaml @@ -0,0 +1,27 @@ + name: "Unmanaged dependency check" + description: "Validation for " + inputs: + bom-path: + description: "The relative path from the repository root to the pom.xml file" + required: true + runs: + using: "composite" + steps: + - uses: actions/setup-java@v3 + with: + distribution: temurin + java-version: 11 + cache: maven + - name: Set up Maven + uses: stCarolas/setup-maven@v4.5 + with: + maven-version: 3.8.2 + - name: Install check + shell: bash + run: | + mvn clean install + - name: Run unmanaged dependency check + shell: bash + run: | + mvn exec:java -Dexec.args="3.18.0 ${{ inputs.bom-path}}" + diff --git a/java-shared-dependencies/unmanaged-dependency-check/pom.xml b/java-shared-dependencies/unmanaged-dependency-check/pom.xml index e469374076..3ea563f111 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/pom.xml +++ b/java-shared-dependencies/unmanaged-dependency-check/pom.xml @@ -16,6 +16,27 @@ 1.8 UTF-8 + + + + + org.codehaus.mojo + exec-maven-plugin + 3.1.1 + + + + java + + + + + com.google.cloud.UnmanagedDependencyCheck + + + + + com.google.cloud.tools From e42a382b4ad47a2d6dc62869b50ef07eaf15bc0c Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 28 Nov 2023 20:12:26 -0500 Subject: [PATCH 10/63] add ci to check dependencies --- .github/workflows/ci.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index b4df8d1670..90b46a5b1e 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -277,3 +277,11 @@ jobs: with: bom-path: gapic-generator-java-bom/pom.xml + bom_unmanaged_dependency_check: + runs-on: ubuntu-22.04 + steps: + - uses: actions/checkout@v3 + - name: Unmanaged dependency check + uses: java-shared-dependencies/unmanaged-dependency-check + with: + bom-path: gapic-generator-java-bom/pom.xml From e8a64125c59472d3baa4ad44f3e4d6cc8f585c6b Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 28 Nov 2023 20:14:09 -0500 Subject: [PATCH 11/63] delete unused file --- .github/workflows/unmanaged_dependency_check.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 .github/workflows/unmanaged_dependency_check.yaml diff --git a/.github/workflows/unmanaged_dependency_check.yaml b/.github/workflows/unmanaged_dependency_check.yaml deleted file mode 100644 index e69de29bb2..0000000000 From 22909425b52f075ae9487e23c1e7d233d276aa8e Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 28 Nov 2023 20:17:38 -0500 Subject: [PATCH 12/63] change action path --- .github/workflows/ci.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 90b46a5b1e..a078594dd1 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -282,6 +282,6 @@ jobs: steps: - uses: actions/checkout@v3 - name: Unmanaged dependency check - uses: java-shared-dependencies/unmanaged-dependency-check + uses: ./java-shared-dependencies/unmanaged-dependency-check with: bom-path: gapic-generator-java-bom/pom.xml From 74f69b275d5f4d14d55ad1017ba31ca923b5eb22 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 28 Nov 2023 20:27:19 -0500 Subject: [PATCH 13/63] change working directory --- .github/workflows/ci.yaml | 4 ++-- .../unmanaged-dependency-check/action.yaml | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index a078594dd1..4ebae0d395 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -277,11 +277,11 @@ jobs: with: bom-path: gapic-generator-java-bom/pom.xml - bom_unmanaged_dependency_check: + unmanaged_dependency_check: runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v3 - name: Unmanaged dependency check uses: ./java-shared-dependencies/unmanaged-dependency-check with: - bom-path: gapic-generator-java-bom/pom.xml + bom-path: ../../gapic-generator-java-bom/pom.xml diff --git a/java-shared-dependencies/unmanaged-dependency-check/action.yaml b/java-shared-dependencies/unmanaged-dependency-check/action.yaml index 08f2262409..f53f62e97a 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/action.yaml +++ b/java-shared-dependencies/unmanaged-dependency-check/action.yaml @@ -18,10 +18,10 @@ maven-version: 3.8.2 - name: Install check shell: bash - run: | - mvn clean install + run: mvn clean install + working-directory: java-shared-dependencies/unmanaged-dependency-check - name: Run unmanaged dependency check shell: bash - run: | - mvn exec:java -Dexec.args="3.18.0 ${{ inputs.bom-path}}" + run: mvn exec:java -Dexec.args="3.18.0 ${{ inputs.bom-path}}" + working-directory: java-shared-dependencies/unmanaged-dependency-check From 39c5e87bde7fd44257c319ee21b247cd34e749df Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 28 Nov 2023 20:32:44 -0500 Subject: [PATCH 14/63] install modules --- .github/workflows/ci.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 4ebae0d395..7fd68ca7d4 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -281,6 +281,14 @@ jobs: runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v3 + - uses: actions/setup-java@v3 + with: + java-version: 11 + distribution: temurin + - run: mvn -version + - name: Install Maven modules + run: | + mvn install -B -ntp -DskipTests -Dclirr.skip -Dcheckstyle.skip - name: Unmanaged dependency check uses: ./java-shared-dependencies/unmanaged-dependency-check with: From 73d79f3cb011d665406436a4609b7bacf13d191a Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 28 Nov 2023 20:49:42 -0500 Subject: [PATCH 15/63] parse version of shared-dependencies --- .../unmanaged-dependency-check/action.yaml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/java-shared-dependencies/unmanaged-dependency-check/action.yaml b/java-shared-dependencies/unmanaged-dependency-check/action.yaml index f53f62e97a..b2b8951115 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/action.yaml +++ b/java-shared-dependencies/unmanaged-dependency-check/action.yaml @@ -16,12 +16,17 @@ uses: stCarolas/setup-maven@v4.5 with: maven-version: 3.8.2 + - name: Get version of java-shared-dependencies + shell: bash + run: | + echo "shared_dependencies_version=$(mvn help:evaluate -Dexpression=project.version -DforceStdout -q)" >> "$GITHUB_ENV" + working-directory: java-shared-dependencies - name: Install check shell: bash run: mvn clean install working-directory: java-shared-dependencies/unmanaged-dependency-check - name: Run unmanaged dependency check shell: bash - run: mvn exec:java -Dexec.args="3.18.0 ${{ inputs.bom-path}}" + run: mvn exec:java -Dexec.args="${{env.shared_dependencies_version}} ${{ inputs.bom-path}}" working-directory: java-shared-dependencies/unmanaged-dependency-check From ae9b7479323fe43ca05073c9c2044ae910a7a199 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 28 Nov 2023 20:50:02 -0500 Subject: [PATCH 16/63] upgrade checkout action --- .github/workflows/ci.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 7fd68ca7d4..c2d8315079 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -280,7 +280,7 @@ jobs: unmanaged_dependency_check: runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: actions/setup-java@v3 with: java-version: 11 From 22f99ff4d9dae339145408bd3cbfe7579cd674ed Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Wed, 29 Nov 2023 20:45:30 -0500 Subject: [PATCH 17/63] add error exit --- .../unmanaged-dependency-check/action.yaml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/java-shared-dependencies/unmanaged-dependency-check/action.yaml b/java-shared-dependencies/unmanaged-dependency-check/action.yaml index b2b8951115..720201be49 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/action.yaml +++ b/java-shared-dependencies/unmanaged-dependency-check/action.yaml @@ -27,6 +27,11 @@ working-directory: java-shared-dependencies/unmanaged-dependency-check - name: Run unmanaged dependency check shell: bash - run: mvn exec:java -Dexec.args="${{env.shared_dependencies_version}} ${{ inputs.bom-path}}" + run: | + unmanaged_dependencies=$(mvn exec:java -Dexec.args="${{env.shared_dependencies_version}} ${{ inputs.bom-path}}") + if [[ "${unmanaged_dependencies}" != "[]" ]]; then + echo "${unmanaged_dependencies}" + exit 1 + fi working-directory: java-shared-dependencies/unmanaged-dependency-check From df34a0e0d0901414fbf6a5a71a05f16ec62e4a34 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Wed, 29 Nov 2023 20:45:49 -0500 Subject: [PATCH 18/63] add an unmanaged dependency --- gapic-generator-java-bom/pom.xml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/gapic-generator-java-bom/pom.xml b/gapic-generator-java-bom/pom.xml index 6e7dd10fda..2861a7d136 100644 --- a/gapic-generator-java-bom/pom.xml +++ b/gapic-generator-java-bom/pom.xml @@ -131,6 +131,11 @@ grpc-google-iam-v2beta 1.24.0 + + com.h2database + h2 + 2.2.224 + From 8b1e8362ed359c0b47b509a6c72a1cb1492b842c Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Wed, 29 Nov 2023 20:52:01 -0500 Subject: [PATCH 19/63] surpress mvn output --- java-shared-dependencies/unmanaged-dependency-check/action.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java-shared-dependencies/unmanaged-dependency-check/action.yaml b/java-shared-dependencies/unmanaged-dependency-check/action.yaml index 720201be49..e0b6f2df9c 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/action.yaml +++ b/java-shared-dependencies/unmanaged-dependency-check/action.yaml @@ -28,7 +28,7 @@ - name: Run unmanaged dependency check shell: bash run: | - unmanaged_dependencies=$(mvn exec:java -Dexec.args="${{env.shared_dependencies_version}} ${{ inputs.bom-path}}") + unmanaged_dependencies=$(mvn exec:java -Dexec.args="${{env.shared_dependencies_version}} ${{ inputs.bom-path}}" -q) if [[ "${unmanaged_dependencies}" != "[]" ]]; then echo "${unmanaged_dependencies}" exit 1 From ff4a5028ff6d26bbacf07da8a1fc3dc9179fd56f Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Wed, 29 Nov 2023 21:00:51 -0500 Subject: [PATCH 20/63] add slf4j --- .../unmanaged-dependency-check/pom.xml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/java-shared-dependencies/unmanaged-dependency-check/pom.xml b/java-shared-dependencies/unmanaged-dependency-check/pom.xml index 3ea563f111..969a2de614 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/pom.xml +++ b/java-shared-dependencies/unmanaged-dependency-check/pom.xml @@ -55,6 +55,16 @@ 1.1.5 test + + org.slf4j + slf4j-api + 2.0.9 + + + org.slf4j + slf4j-simple + 2.0.9 + \ No newline at end of file From 5ba8ce86f9249ee1d2824d0ffc1d04663643d08c Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Wed, 29 Nov 2023 21:07:59 -0500 Subject: [PATCH 21/63] add echo to debug --- java-shared-dependencies/unmanaged-dependency-check/action.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/java-shared-dependencies/unmanaged-dependency-check/action.yaml b/java-shared-dependencies/unmanaged-dependency-check/action.yaml index e0b6f2df9c..fe1d2a0c40 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/action.yaml +++ b/java-shared-dependencies/unmanaged-dependency-check/action.yaml @@ -29,6 +29,7 @@ shell: bash run: | unmanaged_dependencies=$(mvn exec:java -Dexec.args="${{env.shared_dependencies_version}} ${{ inputs.bom-path}}" -q) + echo "${unmanaged_dependencies}" if [[ "${unmanaged_dependencies}" != "[]" ]]; then echo "${unmanaged_dependencies}" exit 1 From 8cacf764728b4b85dbdb46c66a43173c79f919ad Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Wed, 29 Nov 2023 22:56:41 -0500 Subject: [PATCH 22/63] checkout branch head --- .github/workflows/ci.yaml | 2 ++ java-shared-dependencies/unmanaged-dependency-check/action.yaml | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index c2d8315079..326dc69dc7 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -281,6 +281,8 @@ jobs: runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.sha }} - uses: actions/setup-java@v3 with: java-version: 11 diff --git a/java-shared-dependencies/unmanaged-dependency-check/action.yaml b/java-shared-dependencies/unmanaged-dependency-check/action.yaml index fe1d2a0c40..1af7a6d6f6 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/action.yaml +++ b/java-shared-dependencies/unmanaged-dependency-check/action.yaml @@ -28,7 +28,7 @@ - name: Run unmanaged dependency check shell: bash run: | - unmanaged_dependencies=$(mvn exec:java -Dexec.args="${{env.shared_dependencies_version}} ${{ inputs.bom-path}}" -q) + unmanaged_dependencies=$(mvn exec:java -Dexec.args="${{ env.shared_dependencies_version }} ${{ inputs.bom-path }}" -q) echo "${unmanaged_dependencies}" if [[ "${unmanaged_dependencies}" != "[]" ]]; then echo "${unmanaged_dependencies}" From a952d7a29798c4f29a75f4a21d7758a5d2f2c982 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Fri, 1 Dec 2023 13:16:19 -0500 Subject: [PATCH 23/63] add an unit test --- .../cloud/UnmanagedDependencyCheckTest.java | 10 ++++++++ .../src/test/resources/gax-example-pom.xml | 16 +++++++++++++ .../test/resources/nested-dependency-pom.xml | 21 +++++++++++++++++ .../resources/transitive-dependency-pom.xml | 23 +++++++++++++++++++ 4 files changed, 70 insertions(+) create mode 100644 java-shared-dependencies/unmanaged-dependency-check/src/test/resources/gax-example-pom.xml create mode 100644 java-shared-dependencies/unmanaged-dependency-check/src/test/resources/nested-dependency-pom.xml create mode 100644 java-shared-dependencies/unmanaged-dependency-check/src/test/resources/transitive-dependency-pom.xml diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/test/java/com/google/cloud/UnmanagedDependencyCheckTest.java b/java-shared-dependencies/unmanaged-dependency-check/src/test/java/com/google/cloud/UnmanagedDependencyCheckTest.java index 14191ec595..e7feb53a14 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/src/test/java/com/google/cloud/UnmanagedDependencyCheckTest.java +++ b/java-shared-dependencies/unmanaged-dependency-check/src/test/java/com/google/cloud/UnmanagedDependencyCheckTest.java @@ -28,4 +28,14 @@ public void getUnmanagedDependencyFromDifferentPomTest() assertThat(unManagedDependencies) .containsAtLeastElementsIn(ImmutableList.of("org.springframework.boot:spring-boot")); } + + @Test + public void getUnmanagedDependencyFromNestedPomTest() + throws MavenRepositoryException, ArtifactDescriptorException { + List unManagedDependencies = + UnmanagedDependencyCheck.getUnmanagedDependencies( + "3.18.0", "src/test/resources/transitive-dependency-pom.xml"); + assertThat(unManagedDependencies) + .containsAtLeastElementsIn(ImmutableList.of("com.h2database:h2")); + } } diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/gax-example-pom.xml b/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/gax-example-pom.xml new file mode 100644 index 0000000000..1734cc522b --- /dev/null +++ b/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/gax-example-pom.xml @@ -0,0 +1,16 @@ + + + 4.0.0 + com.google.api + gax-grpc + 0.0.1-SNAPSHOT + jar + + + + com.h2database + h2 + 2.2.224 + + + \ No newline at end of file diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/nested-dependency-pom.xml b/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/nested-dependency-pom.xml new file mode 100644 index 0000000000..d841f4daf2 --- /dev/null +++ b/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/nested-dependency-pom.xml @@ -0,0 +1,21 @@ + + + 4.0.0 + com.example + dependencies-bom + pom + 0.0.1-SNAPSHOT + Self Dependencies + + Self dependency pom used in test. + + + + + com.google.api + gax-grpc + 0.0.1-SNAPSHOT + + + + diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/transitive-dependency-pom.xml b/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/transitive-dependency-pom.xml new file mode 100644 index 0000000000..899652963b --- /dev/null +++ b/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/transitive-dependency-pom.xml @@ -0,0 +1,23 @@ + + + 4.0.0 + com.example + transitive-dependencies + pom + 0.0.1 + Self Dependencies + + Self dependency pom used in test. + + + + + com.example + dependencies-bom + 0.0.1-SNAPSHOT + pom + import + + + + From e404f90c81cd7b99ffff52d1df1814e86a04a281 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Fri, 1 Dec 2023 13:29:20 -0500 Subject: [PATCH 24/63] add an execution --- .../unmanaged-dependency-check/pom.xml | 12 ++++++++++++ .../src/test/resources/local-install.sh | 5 +++++ 2 files changed, 17 insertions(+) create mode 100755 java-shared-dependencies/unmanaged-dependency-check/src/test/resources/local-install.sh diff --git a/java-shared-dependencies/unmanaged-dependency-check/pom.xml b/java-shared-dependencies/unmanaged-dependency-check/pom.xml index 969a2de614..724c9d1902 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/pom.xml +++ b/java-shared-dependencies/unmanaged-dependency-check/pom.xml @@ -29,8 +29,20 @@ java + + install-test-poms + test + + exec + + + bash + + local-install.sh + + src/test/resources com.google.cloud.UnmanagedDependencyCheck diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/local-install.sh b/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/local-install.sh new file mode 100755 index 0000000000..384c30b01e --- /dev/null +++ b/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/local-install.sh @@ -0,0 +1,5 @@ +#!/usr/bin/env bash + +mvn install -f src/test/resources/gax-example-pom.xml +mvn install -f src/test/resources/nested-dependency-pom.xml +mvn install -f src/test/resources/transitive-dependency-pom.xml \ No newline at end of file From f15ecd9a7ad9c19a3848a4f8a0110cb82c1db0ca Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Fri, 1 Dec 2023 14:15:59 -0500 Subject: [PATCH 25/63] change phase --- .../unmanaged-dependency-check/pom.xml | 21 +++++++++++-------- .../src/test/resources/local-install.sh | 6 +++--- 2 files changed, 15 insertions(+), 12 deletions(-) diff --git a/java-shared-dependencies/unmanaged-dependency-check/pom.xml b/java-shared-dependencies/unmanaged-dependency-check/pom.xml index 724c9d1902..087f4e5854 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/pom.xml +++ b/java-shared-dependencies/unmanaged-dependency-check/pom.xml @@ -28,23 +28,26 @@ java + + com.google.cloud.UnmanagedDependencyCheck + + install-test-poms - test + test-compile exec + + bash + + local-install.sh + + src/test/resources + - - bash - - local-install.sh - - src/test/resources - com.google.cloud.UnmanagedDependencyCheck - diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/local-install.sh b/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/local-install.sh index 384c30b01e..79307795f7 100755 --- a/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/local-install.sh +++ b/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/local-install.sh @@ -1,5 +1,5 @@ #!/usr/bin/env bash -mvn install -f src/test/resources/gax-example-pom.xml -mvn install -f src/test/resources/nested-dependency-pom.xml -mvn install -f src/test/resources/transitive-dependency-pom.xml \ No newline at end of file +mvn install -f gax-example-pom.xml +mvn install -f nested-dependency-pom.xml +mvn install -f transitive-dependency-pom.xml \ No newline at end of file From f72ad9f18775164df5948a80e8e912393b7f7a1f Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Fri, 1 Dec 2023 20:39:29 -0500 Subject: [PATCH 26/63] use ClassPathBuilder --- .../unmanaged-dependency-check/pom.xml | 6 ++-- .../cloud/UnmanagedDependencyCheck.java | 32 +++++++++++++------ .../cloud/UnmanagedDependencyCheckTest.java | 15 ++------- .../test/resources/self-dependency-pom.xml | 32 ------------------- 4 files changed, 29 insertions(+), 56 deletions(-) delete mode 100644 java-shared-dependencies/unmanaged-dependency-check/src/test/resources/self-dependency-pom.xml diff --git a/java-shared-dependencies/unmanaged-dependency-check/pom.xml b/java-shared-dependencies/unmanaged-dependency-check/pom.xml index 087f4e5854..9579a833a1 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/pom.xml +++ b/java-shared-dependencies/unmanaged-dependency-check/pom.xml @@ -28,9 +28,6 @@ java - - com.google.cloud.UnmanagedDependencyCheck - @@ -48,6 +45,9 @@ + + com.google.cloud.UnmanagedDependencyCheck + diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java index 43b8d72489..a3bc442a7a 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java +++ b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java @@ -2,18 +2,22 @@ import static com.google.common.base.Preconditions.checkArgument; +import com.google.cloud.tools.opensource.classpath.ClassPathBuilder; +import com.google.cloud.tools.opensource.classpath.DependencyMediation; import com.google.cloud.tools.opensource.dependencies.Bom; import com.google.cloud.tools.opensource.dependencies.MavenRepositoryException; import java.nio.file.Paths; +import java.util.HashSet; import java.util.List; import java.util.Set; import java.util.stream.Collectors; import org.eclipse.aether.resolution.ArtifactDescriptorException; +import org.eclipse.aether.version.InvalidVersionSpecificationException; public class UnmanagedDependencyCheck { public static void main(String[] args) - throws MavenRepositoryException, ArtifactDescriptorException { + throws MavenRepositoryException, ArtifactDescriptorException, InvalidVersionSpecificationException { checkArgument(args.length == 2, "The length of the inputs should be 2"); System.out.println(getUnmanagedDependencies(args[0], args[1])); } @@ -29,7 +33,7 @@ public static void main(String[] args) */ public static List getUnmanagedDependencies( String sharedDependencyVersion, String projectBomPath) - throws ArtifactDescriptorException, MavenRepositoryException { + throws ArtifactDescriptorException, MavenRepositoryException, InvalidVersionSpecificationException { Set sharedDependencies = getSharedDependencies(sharedDependencyVersion); Set managedDependencies = getManagedDependencies(projectBomPath); @@ -39,7 +43,7 @@ public static List getUnmanagedDependencies( } private static Set getSharedDependencies(String sharedDependencyVersion) - throws ArtifactDescriptorException { + throws ArtifactDescriptorException, InvalidVersionSpecificationException { return getManagedDependenciesFromBom( Bom.readBom( String.format( @@ -47,15 +51,25 @@ private static Set getSharedDependencies(String sharedDependencyVersion) } private static Set getManagedDependencies(String projectBomPath) - throws MavenRepositoryException { + throws MavenRepositoryException, InvalidVersionSpecificationException { return getManagedDependenciesFromBom(Bom.readBom(Paths.get(projectBomPath))); } - private static Set getManagedDependenciesFromBom(Bom bom) { - return bom.getManagedDependencies().stream() - .filter(artifact -> !artifact.getClassifier().equals("tests")) - .map(artifact -> String.format("%s:%s", artifact.getGroupId(), artifact.getArtifactId())) - .collect(Collectors.toSet()); + private static Set getManagedDependenciesFromBom(Bom bom) + throws InvalidVersionSpecificationException { + Set res = new HashSet<>(); + new ClassPathBuilder() + .resolve(bom.getManagedDependencies(), true, DependencyMediation.MAVEN) + .getClassPath() + .forEach( + classPath -> { + String coordinate = classPath.toString(); + // ignore the version. + int index = coordinate.lastIndexOf(":"); + res.add(coordinate.substring(0, index)); + }); + + return res; } private UnmanagedDependencyCheck() { diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/test/java/com/google/cloud/UnmanagedDependencyCheckTest.java b/java-shared-dependencies/unmanaged-dependency-check/src/test/java/com/google/cloud/UnmanagedDependencyCheckTest.java index e7feb53a14..560bc29669 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/src/test/java/com/google/cloud/UnmanagedDependencyCheckTest.java +++ b/java-shared-dependencies/unmanaged-dependency-check/src/test/java/com/google/cloud/UnmanagedDependencyCheckTest.java @@ -7,31 +7,22 @@ import com.google.common.collect.ImmutableList; import java.util.List; import org.eclipse.aether.resolution.ArtifactDescriptorException; +import org.eclipse.aether.version.InvalidVersionSpecificationException; import org.junit.Test; public class UnmanagedDependencyCheckTest { @Test public void getUnmanagedDependencyFromSamePomTest() - throws MavenRepositoryException, ArtifactDescriptorException { + throws MavenRepositoryException, ArtifactDescriptorException, InvalidVersionSpecificationException { List unManagedDependencies = UnmanagedDependencyCheck.getUnmanagedDependencies( "3.18.0", "src/test/resources/shared-dependency-3.18.0-pom.xml"); assertTrue(unManagedDependencies.isEmpty()); } - @Test - public void getUnmanagedDependencyFromDifferentPomTest() - throws MavenRepositoryException, ArtifactDescriptorException { - List unManagedDependencies = - UnmanagedDependencyCheck.getUnmanagedDependencies( - "3.18.0", "src/test/resources/self-dependency-pom.xml"); - assertThat(unManagedDependencies) - .containsAtLeastElementsIn(ImmutableList.of("org.springframework.boot:spring-boot")); - } - @Test public void getUnmanagedDependencyFromNestedPomTest() - throws MavenRepositoryException, ArtifactDescriptorException { + throws MavenRepositoryException, ArtifactDescriptorException, InvalidVersionSpecificationException { List unManagedDependencies = UnmanagedDependencyCheck.getUnmanagedDependencies( "3.18.0", "src/test/resources/transitive-dependency-pom.xml"); diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/self-dependency-pom.xml b/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/self-dependency-pom.xml deleted file mode 100644 index eb479ee1d2..0000000000 --- a/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/self-dependency-pom.xml +++ /dev/null @@ -1,32 +0,0 @@ - - - 4.0.0 - com.example - self-dependencies - pom - 0.0.1 - Self Dependencies - - Self dependency pom used in test. - - - - - - org.springframework.boot - spring-boot-dependencies - 3.1.5 - pom - import - - - - - - - - org.springframework.boot - spring-boot - - - From df445ba7079e5556e00dba829fe6755244ece82b Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Fri, 1 Dec 2023 20:39:51 -0500 Subject: [PATCH 27/63] restore BOM --- gapic-generator-java-bom/pom.xml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/gapic-generator-java-bom/pom.xml b/gapic-generator-java-bom/pom.xml index 15eca8203a..540f637e8a 100644 --- a/gapic-generator-java-bom/pom.xml +++ b/gapic-generator-java-bom/pom.xml @@ -131,11 +131,6 @@ grpc-google-iam-v2beta 1.24.1-SNAPSHOT - - com.h2database - h2 - 2.2.224 - From 3feb3e9382ac82a9f205591de0b7b22dcb16fdfa Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Sat, 2 Dec 2023 13:48:03 -0500 Subject: [PATCH 28/63] fix shared dependency version --- gax-java/gax-grpc/pom.xml | 5 +++++ .../unmanaged-dependency-check/action.yaml | 9 ++------- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/gax-java/gax-grpc/pom.xml b/gax-java/gax-grpc/pom.xml index 8a6a853f34..95dc3f32af 100644 --- a/gax-java/gax-grpc/pom.xml +++ b/gax-java/gax-grpc/pom.xml @@ -92,6 +92,11 @@ auto-value-annotations provided + + com.h2database + h2 + 2.2.224 + diff --git a/java-shared-dependencies/unmanaged-dependency-check/action.yaml b/java-shared-dependencies/unmanaged-dependency-check/action.yaml index 1af7a6d6f6..19afe1149a 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/action.yaml +++ b/java-shared-dependencies/unmanaged-dependency-check/action.yaml @@ -16,19 +16,14 @@ uses: stCarolas/setup-maven@v4.5 with: maven-version: 3.8.2 - - name: Get version of java-shared-dependencies - shell: bash - run: | - echo "shared_dependencies_version=$(mvn help:evaluate -Dexpression=project.version -DforceStdout -q)" >> "$GITHUB_ENV" - working-directory: java-shared-dependencies - name: Install check shell: bash - run: mvn clean install + run: mvn clean install -DskipTests working-directory: java-shared-dependencies/unmanaged-dependency-check - name: Run unmanaged dependency check shell: bash run: | - unmanaged_dependencies=$(mvn exec:java -Dexec.args="${{ env.shared_dependencies_version }} ${{ inputs.bom-path }}" -q) + unmanaged_dependencies=$(mvn exec:java -Dexec.args="3.20.0 ${{ inputs.bom-path }}" -q) echo "${unmanaged_dependencies}" if [[ "${unmanaged_dependencies}" != "[]" ]]; then echo "${unmanaged_dependencies}" From d3537f948ad7dc19ce44f0557c73887ad328b040 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 19 Dec 2023 15:10:38 -0500 Subject: [PATCH 29/63] change check's description --- java-shared-dependencies/unmanaged-dependency-check/action.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java-shared-dependencies/unmanaged-dependency-check/action.yaml b/java-shared-dependencies/unmanaged-dependency-check/action.yaml index 19afe1149a..0ddae22e88 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/action.yaml +++ b/java-shared-dependencies/unmanaged-dependency-check/action.yaml @@ -1,5 +1,5 @@ name: "Unmanaged dependency check" - description: "Validation for " + description: "Checks whether there's a dependency that is not managed by java shared dependencies." inputs: bom-path: description: "The relative path from the repository root to the pom.xml file" From 5df6a312ae7767f776cb14d5d165e8b15819431c Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 19 Dec 2023 15:11:31 -0500 Subject: [PATCH 30/63] change version --- java-shared-dependencies/unmanaged-dependency-check/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java-shared-dependencies/unmanaged-dependency-check/pom.xml b/java-shared-dependencies/unmanaged-dependency-check/pom.xml index 9579a833a1..c632e59920 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/pom.xml +++ b/java-shared-dependencies/unmanaged-dependency-check/pom.xml @@ -5,7 +5,7 @@ 4.0.0 com.google.cloud unmanaged-dependency-check - 3.18.1-SNAPSHOT + 0.0.1-SNAPSHOT Unmanaged dependency check From 1170018236b32c4f44807284a526eab6b7ab58e7 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 19 Dec 2023 15:16:04 -0500 Subject: [PATCH 31/63] run unit tests in ci --- .github/workflows/ci.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 326dc69dc7..545ab2219c 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -288,6 +288,9 @@ jobs: java-version: 11 distribution: temurin - run: mvn -version + - name: Unit Tests + run: | + mvn test --batch-mode --no-transfer-progress - name: Install Maven modules run: | mvn install -B -ntp -DskipTests -Dclirr.skip -Dcheckstyle.skip From 79530e8a316bb9ad76aafadca37467525cdc4024 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 19 Dec 2023 15:20:10 -0500 Subject: [PATCH 32/63] change error message --- .../unmanaged-dependency-check/action.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/java-shared-dependencies/unmanaged-dependency-check/action.yaml b/java-shared-dependencies/unmanaged-dependency-check/action.yaml index 0ddae22e88..00b7b549e4 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/action.yaml +++ b/java-shared-dependencies/unmanaged-dependency-check/action.yaml @@ -24,9 +24,9 @@ shell: bash run: | unmanaged_dependencies=$(mvn exec:java -Dexec.args="3.20.0 ${{ inputs.bom-path }}" -q) - echo "${unmanaged_dependencies}" if [[ "${unmanaged_dependencies}" != "[]" ]]; then - echo "${unmanaged_dependencies}" + echo "Unmanaged dependencies, ${unmanaged_dependencies}, found in ${{ inputs.bom-path }}." + echo "Please follow go/add-dependency-to-cloud-sdk-java to add a third-party dependency." exit 1 fi working-directory: java-shared-dependencies/unmanaged-dependency-check From 81c23f0b1b861d03b3ae0114682e1b5a92bff7d7 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 19 Dec 2023 15:24:50 -0500 Subject: [PATCH 33/63] only run tests in unmanaged dependency check module --- .github/workflows/ci.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 545ab2219c..548cf82790 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -291,9 +291,11 @@ jobs: - name: Unit Tests run: | mvn test --batch-mode --no-transfer-progress - - name: Install Maven modules + working-directory: java-shared-dependencies/unmanaged-dependency-check + - name: Install unmanaged-dependency-check run: | mvn install -B -ntp -DskipTests -Dclirr.skip -Dcheckstyle.skip + working-directory: java-shared-dependencies/unmanaged-dependency-check - name: Unmanaged dependency check uses: ./java-shared-dependencies/unmanaged-dependency-check with: From c23076553f7f50d5c50fbad72185a5f36a894951 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 19 Dec 2023 15:32:30 -0500 Subject: [PATCH 34/63] change install command --- .github/workflows/ci.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 548cf82790..e4f1e277ae 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -294,7 +294,7 @@ jobs: working-directory: java-shared-dependencies/unmanaged-dependency-check - name: Install unmanaged-dependency-check run: | - mvn install -B -ntp -DskipTests -Dclirr.skip -Dcheckstyle.skip + mvn install --batch-mode --no-transfer-progress -DskipTests working-directory: java-shared-dependencies/unmanaged-dependency-check - name: Unmanaged dependency check uses: ./java-shared-dependencies/unmanaged-dependency-check From 6a1e3e5f2e26f29ec5f3f7eb6d15589178acd896 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 19 Dec 2023 15:51:48 -0500 Subject: [PATCH 35/63] add a debug echo --- .../unmanaged-dependency-check/action.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/java-shared-dependencies/unmanaged-dependency-check/action.yaml b/java-shared-dependencies/unmanaged-dependency-check/action.yaml index 00b7b549e4..f171eb41ba 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/action.yaml +++ b/java-shared-dependencies/unmanaged-dependency-check/action.yaml @@ -18,12 +18,13 @@ maven-version: 3.8.2 - name: Install check shell: bash - run: mvn clean install -DskipTests + run: mvn clean install --batch-mode --no-transfer-progress -DskipTests working-directory: java-shared-dependencies/unmanaged-dependency-check - name: Run unmanaged dependency check shell: bash run: | unmanaged_dependencies=$(mvn exec:java -Dexec.args="3.20.0 ${{ inputs.bom-path }}" -q) + echo "${unmanaged_dependencies}" if [[ "${unmanaged_dependencies}" != "[]" ]]; then echo "Unmanaged dependencies, ${unmanaged_dependencies}, found in ${{ inputs.bom-path }}." echo "Please follow go/add-dependency-to-cloud-sdk-java to add a third-party dependency." From 3dd389ed1b920a8380a762062eedd5b9aa5609be Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 19 Dec 2023 15:58:31 -0500 Subject: [PATCH 36/63] change exec path --- .../unmanaged-dependency-check/action.yaml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/java-shared-dependencies/unmanaged-dependency-check/action.yaml b/java-shared-dependencies/unmanaged-dependency-check/action.yaml index f171eb41ba..c570d8431d 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/action.yaml +++ b/java-shared-dependencies/unmanaged-dependency-check/action.yaml @@ -23,12 +23,10 @@ - name: Run unmanaged dependency check shell: bash run: | + cd java-shared-dependencies/unmanaged-dependency-check unmanaged_dependencies=$(mvn exec:java -Dexec.args="3.20.0 ${{ inputs.bom-path }}" -q) - echo "${unmanaged_dependencies}" if [[ "${unmanaged_dependencies}" != "[]" ]]; then echo "Unmanaged dependencies, ${unmanaged_dependencies}, found in ${{ inputs.bom-path }}." echo "Please follow go/add-dependency-to-cloud-sdk-java to add a third-party dependency." exit 1 - fi - working-directory: java-shared-dependencies/unmanaged-dependency-check - + fi From 4300d7052392d9a715b7d8cf3a3fa1779945cab4 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 19 Dec 2023 19:26:12 -0500 Subject: [PATCH 37/63] do not install check --- .github/workflows/ci.yaml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index e4f1e277ae..0cb4daaf0d 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -292,10 +292,6 @@ jobs: run: | mvn test --batch-mode --no-transfer-progress working-directory: java-shared-dependencies/unmanaged-dependency-check - - name: Install unmanaged-dependency-check - run: | - mvn install --batch-mode --no-transfer-progress -DskipTests - working-directory: java-shared-dependencies/unmanaged-dependency-check - name: Unmanaged dependency check uses: ./java-shared-dependencies/unmanaged-dependency-check with: From a17d693e7b38617bdc683272b6777d3a3ca6d531 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 19 Dec 2023 19:29:00 -0500 Subject: [PATCH 38/63] change working dir --- .../unmanaged-dependency-check/action.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/java-shared-dependencies/unmanaged-dependency-check/action.yaml b/java-shared-dependencies/unmanaged-dependency-check/action.yaml index c570d8431d..282fd665ca 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/action.yaml +++ b/java-shared-dependencies/unmanaged-dependency-check/action.yaml @@ -23,10 +23,12 @@ - name: Run unmanaged dependency check shell: bash run: | - cd java-shared-dependencies/unmanaged-dependency-check + pwd unmanaged_dependencies=$(mvn exec:java -Dexec.args="3.20.0 ${{ inputs.bom-path }}" -q) if [[ "${unmanaged_dependencies}" != "[]" ]]; then echo "Unmanaged dependencies, ${unmanaged_dependencies}, found in ${{ inputs.bom-path }}." echo "Please follow go/add-dependency-to-cloud-sdk-java to add a third-party dependency." exit 1 - fi + fi + working-directory: java-shared-dependencies/unmanaged-dependency-check + From cd641410aa3445dfa8db3824b0addfed01839b37 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 19 Dec 2023 19:38:07 -0500 Subject: [PATCH 39/63] print mvn log --- java-shared-dependencies/unmanaged-dependency-check/action.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java-shared-dependencies/unmanaged-dependency-check/action.yaml b/java-shared-dependencies/unmanaged-dependency-check/action.yaml index 282fd665ca..a61e797d47 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/action.yaml +++ b/java-shared-dependencies/unmanaged-dependency-check/action.yaml @@ -23,7 +23,7 @@ - name: Run unmanaged dependency check shell: bash run: | - pwd + mvn exec:java -Dexec.args="3.20.0 ${{ inputs.bom-path }}" unmanaged_dependencies=$(mvn exec:java -Dexec.args="3.20.0 ${{ inputs.bom-path }}" -q) if [[ "${unmanaged_dependencies}" != "[]" ]]; then echo "Unmanaged dependencies, ${unmanaged_dependencies}, found in ${{ inputs.bom-path }}." From b28ac5e7b2c32edbab72b5c315185d68f3679c61 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 19 Dec 2023 19:44:58 -0500 Subject: [PATCH 40/63] install modules --- .github/workflows/ci.yaml | 3 +++ .../unmanaged-dependency-check/action.yaml | 1 - 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 0cb4daaf0d..567fab8a0a 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -292,6 +292,9 @@ jobs: run: | mvn test --batch-mode --no-transfer-progress working-directory: java-shared-dependencies/unmanaged-dependency-check + - name: Install Maven modules + run: | + mvn install -B -ntp -DskipTests -Dclirr.skip -Dcheckstyle.skip - name: Unmanaged dependency check uses: ./java-shared-dependencies/unmanaged-dependency-check with: diff --git a/java-shared-dependencies/unmanaged-dependency-check/action.yaml b/java-shared-dependencies/unmanaged-dependency-check/action.yaml index a61e797d47..d29cb1f2f3 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/action.yaml +++ b/java-shared-dependencies/unmanaged-dependency-check/action.yaml @@ -23,7 +23,6 @@ - name: Run unmanaged dependency check shell: bash run: | - mvn exec:java -Dexec.args="3.20.0 ${{ inputs.bom-path }}" unmanaged_dependencies=$(mvn exec:java -Dexec.args="3.20.0 ${{ inputs.bom-path }}" -q) if [[ "${unmanaged_dependencies}" != "[]" ]]; then echo "Unmanaged dependencies, ${unmanaged_dependencies}, found in ${{ inputs.bom-path }}." From a526ab00acb35061e857eef4b8bd1a7a03626f2a Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Wed, 20 Dec 2023 12:11:39 -0500 Subject: [PATCH 41/63] modify ut --- .../java/com/google/cloud/UnmanagedDependencyCheckTest.java | 3 +++ .../src/test/resources/gax-example-pom.xml | 6 ++++++ 2 files changed, 9 insertions(+) diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/test/java/com/google/cloud/UnmanagedDependencyCheckTest.java b/java-shared-dependencies/unmanaged-dependency-check/src/test/java/com/google/cloud/UnmanagedDependencyCheckTest.java index 560bc29669..b59195a03a 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/src/test/java/com/google/cloud/UnmanagedDependencyCheckTest.java +++ b/java-shared-dependencies/unmanaged-dependency-check/src/test/java/com/google/cloud/UnmanagedDependencyCheckTest.java @@ -28,5 +28,8 @@ public void getUnmanagedDependencyFromNestedPomTest() "3.18.0", "src/test/resources/transitive-dependency-pom.xml"); assertThat(unManagedDependencies) .containsAtLeastElementsIn(ImmutableList.of("com.h2database:h2")); + // test dependency should be ignored. + assertThat(unManagedDependencies) + .doesNotContain(ImmutableList.of("com.mysql:mysql-connector-j")); } } diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/gax-example-pom.xml b/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/gax-example-pom.xml index 1734cc522b..5bc943c2de 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/gax-example-pom.xml +++ b/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/gax-example-pom.xml @@ -12,5 +12,11 @@ h2 2.2.224 + + com.mysql + mysql-connector-j + 8.2.0 + test + \ No newline at end of file From 99baeaa8fd25898b8884953ee0416439b55eb608 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Wed, 20 Dec 2023 14:06:32 -0500 Subject: [PATCH 42/63] add javadoc --- .../google/cloud/UnmanagedDependencyCheck.java | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java index a3bc442a7a..41b1bcc0ae 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java +++ b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java @@ -14,8 +14,16 @@ import org.eclipse.aether.resolution.ArtifactDescriptorException; import org.eclipse.aether.version.InvalidVersionSpecificationException; +/** + * A utility class to check unmanaged dependencies in BOM. + */ public class UnmanagedDependencyCheck { + /** + * @param args An array with two elements.

+ * The first string is the version of Java shared dependencies.

+ * The second string is the path of a pom.xml contains BOM. + */ public static void main(String[] args) throws MavenRepositoryException, ArtifactDescriptorException, InvalidVersionSpecificationException { checkArgument(args.length == 2, "The length of the inputs should be 2"); @@ -28,8 +36,11 @@ public static void main(String[] args) * @param sharedDependencyVersion the version of shared dependency BOM * @param projectBomPath the path of current project BOM * @return a list of unmanaged dependencies by the given version of shared dependency BOM - * @throws ArtifactDescriptorException - * @throws MavenRepositoryException + * @throws ArtifactDescriptorException thrown if the artifact descriptor is unreachable + * @throws MavenRepositoryException thrown if the artifacts in Bom can't be reached in remote or + * local Maven repository + * @throws InvalidVersionSpecificationException thrown if the shared dependency version can't be + * parsed */ public static List getUnmanagedDependencies( String sharedDependencyVersion, String projectBomPath) From 4c0b1c665fd737e4893b77c570a507d079162a92 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Wed, 20 Dec 2023 14:56:30 -0500 Subject: [PATCH 43/63] use github.action_path --- .../unmanaged-dependency-check/action.yaml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/java-shared-dependencies/unmanaged-dependency-check/action.yaml b/java-shared-dependencies/unmanaged-dependency-check/action.yaml index d29cb1f2f3..d1c282bd51 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/action.yaml +++ b/java-shared-dependencies/unmanaged-dependency-check/action.yaml @@ -18,16 +18,20 @@ maven-version: 3.8.2 - name: Install check shell: bash - run: mvn clean install --batch-mode --no-transfer-progress -DskipTests - working-directory: java-shared-dependencies/unmanaged-dependency-check + run: | + cd ${{ github.action_path }} + echo "Install Unmanaged Dependency Check in $(pwd)" + mvn clean install -V --batch-mode --no-transfer-progress -DskipTests - name: Run unmanaged dependency check shell: bash run: | - unmanaged_dependencies=$(mvn exec:java -Dexec.args="3.20.0 ${{ inputs.bom-path }}" -q) + cd ${{ github.action_path }} + bom_absolute_path=$(realpath "${{ inputs.bom-path }}") + echo "Running Unmanaged Dependency Check against ${bom_absolute_path}" + unmanaged_dependencies=$(mvn exec:java -Dexec.args="3.20.0 ${bom_absolute_path}" -q) if [[ "${unmanaged_dependencies}" != "[]" ]]; then echo "Unmanaged dependencies, ${unmanaged_dependencies}, found in ${{ inputs.bom-path }}." echo "Please follow go/add-dependency-to-cloud-sdk-java to add a third-party dependency." exit 1 fi - working-directory: java-shared-dependencies/unmanaged-dependency-check From c92525d802550b18d69e1ae13504aa44555901a8 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Wed, 20 Dec 2023 15:00:31 -0500 Subject: [PATCH 44/63] change pom path --- .github/workflows/ci.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 567fab8a0a..e13e261c30 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -298,4 +298,4 @@ jobs: - name: Unmanaged dependency check uses: ./java-shared-dependencies/unmanaged-dependency-check with: - bom-path: ../../gapic-generator-java-bom/pom.xml + bom-path: gapic-generator-java-bom/pom.xml From 0723511b889eecb792724983f3a9bce3d651d6eb Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Wed, 20 Dec 2023 15:05:36 -0500 Subject: [PATCH 45/63] change command sequence --- java-shared-dependencies/unmanaged-dependency-check/action.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java-shared-dependencies/unmanaged-dependency-check/action.yaml b/java-shared-dependencies/unmanaged-dependency-check/action.yaml index d1c282bd51..cd22cd0522 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/action.yaml +++ b/java-shared-dependencies/unmanaged-dependency-check/action.yaml @@ -25,8 +25,8 @@ - name: Run unmanaged dependency check shell: bash run: | - cd ${{ github.action_path }} bom_absolute_path=$(realpath "${{ inputs.bom-path }}") + cd ${{ github.action_path }} echo "Running Unmanaged Dependency Check against ${bom_absolute_path}" unmanaged_dependencies=$(mvn exec:java -Dexec.args="3.20.0 ${bom_absolute_path}" -q) if [[ "${unmanaged_dependencies}" != "[]" ]]; then From 11bb40e10abde8d254ee9af2f2b8903723d2e5d4 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 2 Jan 2024 11:06:36 -0500 Subject: [PATCH 46/63] exclude handwritten artifacts --- .../cloud/UnmanagedDependencyCheck.java | 22 +-- .../cloud/UnmanagedDependencyCheckTest.java | 9 ++ .../src/test/resources/bigtable-pom.xml | 127 ++++++++++++++++++ 3 files changed, 149 insertions(+), 9 deletions(-) create mode 100644 java-shared-dependencies/unmanaged-dependency-check/src/test/resources/bigtable-pom.xml diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java index 41b1bcc0ae..3197c4517b 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java +++ b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java @@ -18,11 +18,13 @@ * A utility class to check unmanaged dependencies in BOM. */ public class UnmanagedDependencyCheck { + // regex of handwritten artifacts + private final static String handwrittenArtifact = "(com.google.cloud:google-cloud-.*)|(com.google.api.grpc:(grpc|proto)-google-cloud-.*)"; + /** - * @param args An array with two elements.

- * The first string is the version of Java shared dependencies.

- * The second string is the path of a pom.xml contains BOM. + * @param args An array with two elements.

The first string is the version of Java shared + * dependencies.

The second string is the path of a pom.xml contains BOM. */ public static void main(String[] args) throws MavenRepositoryException, ArtifactDescriptorException, InvalidVersionSpecificationException { @@ -50,6 +52,8 @@ public static List getUnmanagedDependencies( return managedDependencies.stream() .filter(dependency -> !sharedDependencies.contains(dependency)) + // handwritten artifacts, e.g., com.google.cloud:google-cloud-bigtable, should be excluded. + .filter(dependency -> !dependency.matches(handwrittenArtifact)) .collect(Collectors.toList()); } @@ -73,12 +77,12 @@ private static Set getManagedDependenciesFromBom(Bom bom) .resolve(bom.getManagedDependencies(), true, DependencyMediation.MAVEN) .getClassPath() .forEach( - classPath -> { - String coordinate = classPath.toString(); - // ignore the version. - int index = coordinate.lastIndexOf(":"); - res.add(coordinate.substring(0, index)); - }); + classPath -> { + String coordinate = classPath.toString(); + // ignore the version. + int index = coordinate.lastIndexOf(":"); + res.add(coordinate.substring(0, index)); + }); return res; } diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/test/java/com/google/cloud/UnmanagedDependencyCheckTest.java b/java-shared-dependencies/unmanaged-dependency-check/src/test/java/com/google/cloud/UnmanagedDependencyCheckTest.java index b59195a03a..5c6eaf2d39 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/src/test/java/com/google/cloud/UnmanagedDependencyCheckTest.java +++ b/java-shared-dependencies/unmanaged-dependency-check/src/test/java/com/google/cloud/UnmanagedDependencyCheckTest.java @@ -20,6 +20,15 @@ public void getUnmanagedDependencyFromSamePomTest() assertTrue(unManagedDependencies.isEmpty()); } + @Test + public void getUnmanagedDependencyFromHWBomTest() + throws MavenRepositoryException, ArtifactDescriptorException, InvalidVersionSpecificationException { + List unManagedDependencies = + UnmanagedDependencyCheck.getUnmanagedDependencies( + "3.18.0", "src/test/resources/bigtable-pom.xml"); + assertTrue(unManagedDependencies.isEmpty()); + } + @Test public void getUnmanagedDependencyFromNestedPomTest() throws MavenRepositoryException, ArtifactDescriptorException, InvalidVersionSpecificationException { diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/bigtable-pom.xml b/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/bigtable-pom.xml new file mode 100644 index 0000000000..b7a896241e --- /dev/null +++ b/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/bigtable-pom.xml @@ -0,0 +1,127 @@ + + + 4.0.0 + com.google.cloud + google-cloud-bigtable-bom + 2.29.0 + pom + + com.google.cloud + google-cloud-shared-config + 1.6.0 + + + + Google Cloud Bigtable BOM + https://github.com/googleapis/java-bigtable + + BOM for Google Cloud Bigtable + + + + Google LLC + + + + + chingor13 + Jeff Ching + chingor@google.com + Google LLC + + Developer + + + + igorberstein + Igor Bernstein + igorbernstein@google.com + Google LLC + + Developer + + + + + + scm:git:https://github.com/googleapis/java-bigtable.git + scm:git:git@github.com:googleapis/java-bigtable.git + https://github.com/googleapis/java-bigtable + + + + + + The Apache Software License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + com.google.cloud + google-cloud-bigtable + 2.29.0 + + + com.google.cloud + google-cloud-bigtable-emulator + 0.166.0 + + + com.google.cloud + google-cloud-bigtable-emulator-core + 0.166.0 + + + com.google.api.grpc + grpc-google-cloud-bigtable-admin-v2 + 2.29.0 + + + com.google.api.grpc + grpc-google-cloud-bigtable-v2 + 2.29.0 + + + com.google.api.grpc + proto-google-cloud-bigtable-admin-v2 + 2.29.0 + + + com.google.api.grpc + proto-google-cloud-bigtable-v2 + 2.29.0 + + + com.google.cloud + google-cloud-bigtable-stats + 2.29.0 + + + + + + + + org.apache.maven.plugins + maven-checkstyle-plugin + + true + + + + + + org.apache.maven.plugins + maven-site-plugin + + + false + + + + + From 8c39284274c4521ffad6638f2a03c9edcd99a9b1 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 2 Jan 2024 13:34:24 -0500 Subject: [PATCH 47/63] retrieve latest shared dependencies using git tag --- .../unmanaged-dependency-check/action.yaml | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/java-shared-dependencies/unmanaged-dependency-check/action.yaml b/java-shared-dependencies/unmanaged-dependency-check/action.yaml index cd22cd0522..1cb7d90e8e 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/action.yaml +++ b/java-shared-dependencies/unmanaged-dependency-check/action.yaml @@ -16,6 +16,11 @@ uses: stCarolas/setup-maven@v4.5 with: maven-version: 3.8.2 + - name: Retrieve latest released version of Java shared dependencies + shell: bash + run: | + version=$(git tag -l 'google-cloud-shared-dependencies/v*' --sort=-v:refname | head -1) + echo "version=${version#*v}" >> $GITHUB_ENV - name: Install check shell: bash run: | @@ -27,8 +32,9 @@ run: | bom_absolute_path=$(realpath "${{ inputs.bom-path }}") cd ${{ github.action_path }} - echo "Running Unmanaged Dependency Check against ${bom_absolute_path}" - unmanaged_dependencies=$(mvn exec:java -Dexec.args="3.20.0 ${bom_absolute_path}" -q) + echo "The version of Java shared dependencies is ${{ env.version }}" + echo "Running Unmanaged Dependency Check against ${ bom_absolute_path }" + unmanaged_dependencies=$(mvn exec:java -Dexec.args="${{ env.version }} ${ bom_absolute_path }" -q) if [[ "${unmanaged_dependencies}" != "[]" ]]; then echo "Unmanaged dependencies, ${unmanaged_dependencies}, found in ${{ inputs.bom-path }}." echo "Please follow go/add-dependency-to-cloud-sdk-java to add a third-party dependency." From 20fcebeb390f99017171d2c6e525ed06aea21651 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 2 Jan 2024 13:43:00 -0500 Subject: [PATCH 48/63] add a variable --- .../unmanaged-dependency-check/action.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/java-shared-dependencies/unmanaged-dependency-check/action.yaml b/java-shared-dependencies/unmanaged-dependency-check/action.yaml index 1cb7d90e8e..df6d279adc 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/action.yaml +++ b/java-shared-dependencies/unmanaged-dependency-check/action.yaml @@ -20,7 +20,7 @@ shell: bash run: | version=$(git tag -l 'google-cloud-shared-dependencies/v*' --sort=-v:refname | head -1) - echo "version=${version#*v}" >> $GITHUB_ENV + echo "short_version=${version#*v}" >> $GITHUB_ENV - name: Install check shell: bash run: | @@ -32,9 +32,9 @@ run: | bom_absolute_path=$(realpath "${{ inputs.bom-path }}") cd ${{ github.action_path }} - echo "The version of Java shared dependencies is ${{ env.version }}" - echo "Running Unmanaged Dependency Check against ${ bom_absolute_path }" - unmanaged_dependencies=$(mvn exec:java -Dexec.args="${{ env.version }} ${ bom_absolute_path }" -q) + echo "The version of Java shared dependencies is ${{ env.short_version }}" + echo "Running Unmanaged Dependency Check against ${bom_absolute_path}" + unmanaged_dependencies=$(mvn exec:java -Dexec.args="${{ env.short_version }} ${bom_absolute_path}" -q) if [[ "${unmanaged_dependencies}" != "[]" ]]; then echo "Unmanaged dependencies, ${unmanaged_dependencies}, found in ${{ inputs.bom-path }}." echo "Please follow go/add-dependency-to-cloud-sdk-java to add a third-party dependency." From 9b6d3aef67bc38c8ead1b7170f9ce96393922af2 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 2 Jan 2024 13:51:28 -0500 Subject: [PATCH 49/63] debug --- java-shared-dependencies/unmanaged-dependency-check/action.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/java-shared-dependencies/unmanaged-dependency-check/action.yaml b/java-shared-dependencies/unmanaged-dependency-check/action.yaml index df6d279adc..0c2224a9da 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/action.yaml +++ b/java-shared-dependencies/unmanaged-dependency-check/action.yaml @@ -20,6 +20,7 @@ shell: bash run: | version=$(git tag -l 'google-cloud-shared-dependencies/v*' --sort=-v:refname | head -1) + echo "${version}" echo "short_version=${version#*v}" >> $GITHUB_ENV - name: Install check shell: bash From b01b0f00315ea1c77ce4ac58ba20676e123f5fc5 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 2 Jan 2024 13:59:41 -0500 Subject: [PATCH 50/63] combine steps --- .../unmanaged-dependency-check/action.yaml | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/java-shared-dependencies/unmanaged-dependency-check/action.yaml b/java-shared-dependencies/unmanaged-dependency-check/action.yaml index 0c2224a9da..8a7fe3e5b9 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/action.yaml +++ b/java-shared-dependencies/unmanaged-dependency-check/action.yaml @@ -16,12 +16,6 @@ uses: stCarolas/setup-maven@v4.5 with: maven-version: 3.8.2 - - name: Retrieve latest released version of Java shared dependencies - shell: bash - run: | - version=$(git tag -l 'google-cloud-shared-dependencies/v*' --sort=-v:refname | head -1) - echo "${version}" - echo "short_version=${version#*v}" >> $GITHUB_ENV - name: Install check shell: bash run: | @@ -33,9 +27,12 @@ run: | bom_absolute_path=$(realpath "${{ inputs.bom-path }}") cd ${{ github.action_path }} - echo "The version of Java shared dependencies is ${{ env.short_version }}" + version=$(git tag -l 'google-cloud-shared-dependencies/v*' --sort=-v:refname | head -1) + echo "${version}" + short_version=${version#*v} + echo "The version of Java shared dependencies is ${short_version}" echo "Running Unmanaged Dependency Check against ${bom_absolute_path}" - unmanaged_dependencies=$(mvn exec:java -Dexec.args="${{ env.short_version }} ${bom_absolute_path}" -q) + unmanaged_dependencies=$(mvn exec:java -Dexec.args="${short_version} ${bom_absolute_path}" -q) if [[ "${unmanaged_dependencies}" != "[]" ]]; then echo "Unmanaged dependencies, ${unmanaged_dependencies}, found in ${{ inputs.bom-path }}." echo "Please follow go/add-dependency-to-cloud-sdk-java to add a third-party dependency." From 67310bddbe92e8e63549c24c719059dbbc8d0c69 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 2 Jan 2024 14:45:54 -0500 Subject: [PATCH 51/63] use shared dependencies bom path --- .../unmanaged-dependency-check/action.yaml | 6 +----- .../cloud/UnmanagedDependencyCheck.java | 20 +++++-------------- .../cloud/UnmanagedDependencyCheckTest.java | 15 +++++++------- 3 files changed, 13 insertions(+), 28 deletions(-) diff --git a/java-shared-dependencies/unmanaged-dependency-check/action.yaml b/java-shared-dependencies/unmanaged-dependency-check/action.yaml index 8a7fe3e5b9..316406e743 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/action.yaml +++ b/java-shared-dependencies/unmanaged-dependency-check/action.yaml @@ -27,12 +27,8 @@ run: | bom_absolute_path=$(realpath "${{ inputs.bom-path }}") cd ${{ github.action_path }} - version=$(git tag -l 'google-cloud-shared-dependencies/v*' --sort=-v:refname | head -1) - echo "${version}" - short_version=${version#*v} - echo "The version of Java shared dependencies is ${short_version}" echo "Running Unmanaged Dependency Check against ${bom_absolute_path}" - unmanaged_dependencies=$(mvn exec:java -Dexec.args="${short_version} ${bom_absolute_path}" -q) + unmanaged_dependencies=$(mvn exec:java -Dexec.args="../pom.xml ${bom_absolute_path}" -q) if [[ "${unmanaged_dependencies}" != "[]" ]]; then echo "Unmanaged dependencies, ${unmanaged_dependencies}, found in ${{ inputs.bom-path }}." echo "Please follow go/add-dependency-to-cloud-sdk-java to add a third-party dependency." diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java index 3197c4517b..9b5d0ce953 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java +++ b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java @@ -11,7 +11,6 @@ import java.util.List; import java.util.Set; import java.util.stream.Collectors; -import org.eclipse.aether.resolution.ArtifactDescriptorException; import org.eclipse.aether.version.InvalidVersionSpecificationException; /** @@ -27,7 +26,7 @@ public class UnmanagedDependencyCheck { * dependencies.

The second string is the path of a pom.xml contains BOM. */ public static void main(String[] args) - throws MavenRepositoryException, ArtifactDescriptorException, InvalidVersionSpecificationException { + throws MavenRepositoryException, InvalidVersionSpecificationException { checkArgument(args.length == 2, "The length of the inputs should be 2"); System.out.println(getUnmanagedDependencies(args[0], args[1])); } @@ -35,19 +34,18 @@ public static void main(String[] args) /** * Returns dependency coordinates that are not managed by shared dependency BOM. * - * @param sharedDependencyVersion the version of shared dependency BOM + * @param sharedDependenciesBomPath the path of shared dependency BOM * @param projectBomPath the path of current project BOM * @return a list of unmanaged dependencies by the given version of shared dependency BOM - * @throws ArtifactDescriptorException thrown if the artifact descriptor is unreachable * @throws MavenRepositoryException thrown if the artifacts in Bom can't be reached in remote or * local Maven repository * @throws InvalidVersionSpecificationException thrown if the shared dependency version can't be * parsed */ public static List getUnmanagedDependencies( - String sharedDependencyVersion, String projectBomPath) - throws ArtifactDescriptorException, MavenRepositoryException, InvalidVersionSpecificationException { - Set sharedDependencies = getSharedDependencies(sharedDependencyVersion); + String sharedDependenciesBomPath, String projectBomPath) + throws MavenRepositoryException, InvalidVersionSpecificationException { + Set sharedDependencies = getManagedDependencies(sharedDependenciesBomPath); Set managedDependencies = getManagedDependencies(projectBomPath); return managedDependencies.stream() @@ -57,14 +55,6 @@ public static List getUnmanagedDependencies( .collect(Collectors.toList()); } - private static Set getSharedDependencies(String sharedDependencyVersion) - throws ArtifactDescriptorException, InvalidVersionSpecificationException { - return getManagedDependenciesFromBom( - Bom.readBom( - String.format( - "com.google.cloud:google-cloud-shared-dependencies:%s", sharedDependencyVersion))); - } - private static Set getManagedDependencies(String projectBomPath) throws MavenRepositoryException, InvalidVersionSpecificationException { return getManagedDependenciesFromBom(Bom.readBom(Paths.get(projectBomPath))); diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/test/java/com/google/cloud/UnmanagedDependencyCheckTest.java b/java-shared-dependencies/unmanaged-dependency-check/src/test/java/com/google/cloud/UnmanagedDependencyCheckTest.java index 5c6eaf2d39..0f1e0e85da 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/src/test/java/com/google/cloud/UnmanagedDependencyCheckTest.java +++ b/java-shared-dependencies/unmanaged-dependency-check/src/test/java/com/google/cloud/UnmanagedDependencyCheckTest.java @@ -6,35 +6,34 @@ import com.google.cloud.tools.opensource.dependencies.MavenRepositoryException; import com.google.common.collect.ImmutableList; import java.util.List; -import org.eclipse.aether.resolution.ArtifactDescriptorException; import org.eclipse.aether.version.InvalidVersionSpecificationException; import org.junit.Test; public class UnmanagedDependencyCheckTest { @Test public void getUnmanagedDependencyFromSamePomTest() - throws MavenRepositoryException, ArtifactDescriptorException, InvalidVersionSpecificationException { + throws MavenRepositoryException, InvalidVersionSpecificationException { + String sharedDependenciesBom = "src/test/resources/shared-dependency-3.18.0-pom.xml"; List unManagedDependencies = - UnmanagedDependencyCheck.getUnmanagedDependencies( - "3.18.0", "src/test/resources/shared-dependency-3.18.0-pom.xml"); + UnmanagedDependencyCheck.getUnmanagedDependencies(sharedDependenciesBom, sharedDependenciesBom); assertTrue(unManagedDependencies.isEmpty()); } @Test public void getUnmanagedDependencyFromHWBomTest() - throws MavenRepositoryException, ArtifactDescriptorException, InvalidVersionSpecificationException { + throws MavenRepositoryException, InvalidVersionSpecificationException { List unManagedDependencies = UnmanagedDependencyCheck.getUnmanagedDependencies( - "3.18.0", "src/test/resources/bigtable-pom.xml"); + "src/test/resources/shared-dependency-3.18.0-pom.xml", "src/test/resources/bigtable-pom.xml"); assertTrue(unManagedDependencies.isEmpty()); } @Test public void getUnmanagedDependencyFromNestedPomTest() - throws MavenRepositoryException, ArtifactDescriptorException, InvalidVersionSpecificationException { + throws MavenRepositoryException, InvalidVersionSpecificationException { List unManagedDependencies = UnmanagedDependencyCheck.getUnmanagedDependencies( - "3.18.0", "src/test/resources/transitive-dependency-pom.xml"); + "src/test/resources/shared-dependency-3.18.0-pom.xml", "src/test/resources/transitive-dependency-pom.xml"); assertThat(unManagedDependencies) .containsAtLeastElementsIn(ImmutableList.of("com.h2database:h2")); // test dependency should be ignored. From ae72da286e5258232855631fe8e03803d4fb9cfb Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 2 Jan 2024 14:48:08 -0500 Subject: [PATCH 52/63] install pom in test --- .../src/test/resources/local-install.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/local-install.sh b/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/local-install.sh index 79307795f7..f7162e9f7b 100755 --- a/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/local-install.sh +++ b/java-shared-dependencies/unmanaged-dependency-check/src/test/resources/local-install.sh @@ -1,5 +1,6 @@ #!/usr/bin/env bash +mvn install -f shared-dependency-3.18.0-pom.xml mvn install -f gax-example-pom.xml mvn install -f nested-dependency-pom.xml mvn install -f transitive-dependency-pom.xml \ No newline at end of file From 0f35e6a80f237e9bee24eba833dfeab70a168f61 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 2 Jan 2024 14:53:44 -0500 Subject: [PATCH 53/63] revert depdendency --- gax-java/gax-grpc/pom.xml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/gax-java/gax-grpc/pom.xml b/gax-java/gax-grpc/pom.xml index 95dc3f32af..8a6a853f34 100644 --- a/gax-java/gax-grpc/pom.xml +++ b/gax-java/gax-grpc/pom.xml @@ -92,11 +92,6 @@ auto-value-annotations provided - - com.h2database - h2 - 2.2.224 - From 3b276df5b59b60531fccfb76d02b5d95fb008a81 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 2 Jan 2024 15:55:20 -0500 Subject: [PATCH 54/63] install shared dependencies in action.yaml --- .../unmanaged-dependency-check/action.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/java-shared-dependencies/unmanaged-dependency-check/action.yaml b/java-shared-dependencies/unmanaged-dependency-check/action.yaml index 316406e743..d32110e78a 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/action.yaml +++ b/java-shared-dependencies/unmanaged-dependency-check/action.yaml @@ -16,6 +16,12 @@ uses: stCarolas/setup-maven@v4.5 with: maven-version: 3.8.2 + - name: Install latest Java shared dependencies + shell: bash + run: | + cd ${{ github.action_path }}/.. + echo "Install Java shared dependencies" + mvn clean install -V --batch-mode --no-transfer-progress -DskipTests - name: Install check shell: bash run: | From f47bb736b814bc6bc2dcd6c40232613352a0bade Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Tue, 2 Jan 2024 18:33:13 -0500 Subject: [PATCH 55/63] add a tag for the check --- .github/workflows/create_additional_release_tag.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/create_additional_release_tag.yaml b/.github/workflows/create_additional_release_tag.yaml index 419cab0ac6..77eb5eb522 100644 --- a/.github/workflows/create_additional_release_tag.yaml +++ b/.github/workflows/create_additional_release_tag.yaml @@ -36,3 +36,10 @@ jobs: git tag $TAG_NAME git push origin $TAG_NAME done + # Generate a tag for unmanaged dependencies check. + # Use fixed tag so that checks in handwritten libraries do not need to + # update the version. + FIXED_CHECK_TAG="unmanaged-dependencies-check-latest" + git tag ${FIXED_CHECK_TAG} + git push origin ${FIXED_CHECK_TAG} + From 6c59374be1db05deaf09a9b90d8dd8a03f207329 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Wed, 3 Jan 2024 11:27:25 -0500 Subject: [PATCH 56/63] refactor --- .../workflows/create_additional_release_tag.yaml | 16 +++++++--------- .../google/cloud/UnmanagedDependencyCheck.java | 2 +- 2 files changed, 8 insertions(+), 10 deletions(-) diff --git a/.github/workflows/create_additional_release_tag.yaml b/.github/workflows/create_additional_release_tag.yaml index 77eb5eb522..0ecaf63863 100644 --- a/.github/workflows/create_additional_release_tag.yaml +++ b/.github/workflows/create_additional_release_tag.yaml @@ -14,16 +14,14 @@ jobs: uses: actions/checkout@v3 with: token: ${{ secrets.GITHUB_TOKEN }} - - name: Set up Git run: | git config --local user.email "action@github.com" git config --local user.name "GitHub Action" - - name: Fetch all tags run: git fetch --tags - - name: Create additional tags + bash: shell run: | ARTIFACT_IDS=('google-cloud-shared-dependencies' 'api-common' 'gax') for ARTIFACT_ID in "${ARTIFACT_IDS[@]}"; do @@ -36,10 +34,10 @@ jobs: git tag $TAG_NAME git push origin $TAG_NAME done - # Generate a tag for unmanaged dependencies check. - # Use fixed tag so that checks in handwritten libraries do not need to - # update the version. - FIXED_CHECK_TAG="unmanaged-dependencies-check-latest" - git tag ${FIXED_CHECK_TAG} - git push origin ${FIXED_CHECK_TAG} + # Generate a tag for unmanaged dependencies check. + # Use fixed tag so that checks in handwritten libraries do not need to + # update the version. + CHECK_LATEST_TAG="unmanaged-dependencies-check-latest" + git tag ${CHECK_LATEST_TAG} + git push origin -f ${CHECK_LATEST_TAG} diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java index 9b5d0ce953..abf6f5bce6 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java +++ b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java @@ -16,7 +16,7 @@ /** * A utility class to check unmanaged dependencies in BOM. */ -public class UnmanagedDependencyCheck { +class UnmanagedDependencyCheck { // regex of handwritten artifacts private final static String handwrittenArtifact = "(com.google.cloud:google-cloud-.*)|(com.google.api.grpc:(grpc|proto)-google-cloud-.*)"; From abfe946a7f9da3a7ecff9e719d286b1c53963f8b Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Wed, 3 Jan 2024 11:42:54 -0500 Subject: [PATCH 57/63] restore public --- .../main/java/com/google/cloud/UnmanagedDependencyCheck.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java index abf6f5bce6..9b5d0ce953 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java +++ b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java @@ -16,7 +16,7 @@ /** * A utility class to check unmanaged dependencies in BOM. */ -class UnmanagedDependencyCheck { +public class UnmanagedDependencyCheck { // regex of handwritten artifacts private final static String handwrittenArtifact = "(com.google.cloud:google-cloud-.*)|(com.google.api.grpc:(grpc|proto)-google-cloud-.*)"; From ac23cf1d43fbc89c571c2222d457b1225a2b7282 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Wed, 3 Jan 2024 12:52:53 -0500 Subject: [PATCH 58/63] use artifact instead of toString --- .../java/com/google/cloud/UnmanagedDependencyCheck.java | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java index 9b5d0ce953..4e741a3da2 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java +++ b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java @@ -4,6 +4,7 @@ import com.google.cloud.tools.opensource.classpath.ClassPathBuilder; import com.google.cloud.tools.opensource.classpath.DependencyMediation; +import com.google.cloud.tools.opensource.dependencies.Artifacts; import com.google.cloud.tools.opensource.dependencies.Bom; import com.google.cloud.tools.opensource.dependencies.MavenRepositoryException; import java.nio.file.Paths; @@ -11,6 +12,7 @@ import java.util.List; import java.util.Set; import java.util.stream.Collectors; +import org.eclipse.aether.artifact.Artifact; import org.eclipse.aether.version.InvalidVersionSpecificationException; /** @@ -68,10 +70,8 @@ private static Set getManagedDependenciesFromBom(Bom bom) .getClassPath() .forEach( classPath -> { - String coordinate = classPath.toString(); - // ignore the version. - int index = coordinate.lastIndexOf(":"); - res.add(coordinate.substring(0, index)); + Artifact artifact = classPath.getArtifact(); + res.add(String.format("%s:%s", artifact.getGroupId(), artifact.getArtifactId())); }); return res; From cce1d696b6c8f4c8132dac89fd78e5eb9f251aaf Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Wed, 3 Jan 2024 12:56:29 -0500 Subject: [PATCH 59/63] change error message --- .../unmanaged-dependency-check/action.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/java-shared-dependencies/unmanaged-dependency-check/action.yaml b/java-shared-dependencies/unmanaged-dependency-check/action.yaml index d32110e78a..e8988d3be1 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/action.yaml +++ b/java-shared-dependencies/unmanaged-dependency-check/action.yaml @@ -36,8 +36,8 @@ echo "Running Unmanaged Dependency Check against ${bom_absolute_path}" unmanaged_dependencies=$(mvn exec:java -Dexec.args="../pom.xml ${bom_absolute_path}" -q) if [[ "${unmanaged_dependencies}" != "[]" ]]; then - echo "Unmanaged dependencies, ${unmanaged_dependencies}, found in ${{ inputs.bom-path }}." - echo "Please follow go/add-dependency-to-cloud-sdk-java to add a third-party dependency." + echo "This pull request seems to add new third-party dependency, ${unmanaged_dependencies}, among the artifacts listed in ${{ inputs.bom-path }}." + echo "Please see go/cloud-sdk-java-dependency-governance." exit 1 fi From d06099bd841e3fa90fb44c8d436d15a5ba228b0d Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Wed, 3 Jan 2024 12:57:19 -0500 Subject: [PATCH 60/63] change variable name --- .../main/java/com/google/cloud/UnmanagedDependencyCheck.java | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java index 4e741a3da2..8a3ec0feea 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java +++ b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java @@ -4,7 +4,6 @@ import com.google.cloud.tools.opensource.classpath.ClassPathBuilder; import com.google.cloud.tools.opensource.classpath.DependencyMediation; -import com.google.cloud.tools.opensource.dependencies.Artifacts; import com.google.cloud.tools.opensource.dependencies.Bom; import com.google.cloud.tools.opensource.dependencies.MavenRepositoryException; import java.nio.file.Paths; @@ -20,7 +19,7 @@ */ public class UnmanagedDependencyCheck { // regex of handwritten artifacts - private final static String handwrittenArtifact = "(com.google.cloud:google-cloud-.*)|(com.google.api.grpc:(grpc|proto)-google-cloud-.*)"; + private final static String downstreamArtifact = "(com.google.cloud:google-cloud-.*)|(com.google.api.grpc:(grpc|proto)-google-cloud-.*)"; /** @@ -53,7 +52,7 @@ public static List getUnmanagedDependencies( return managedDependencies.stream() .filter(dependency -> !sharedDependencies.contains(dependency)) // handwritten artifacts, e.g., com.google.cloud:google-cloud-bigtable, should be excluded. - .filter(dependency -> !dependency.matches(handwrittenArtifact)) + .filter(dependency -> !dependency.matches(downstreamArtifact)) .collect(Collectors.toList()); } From 38b3ee42e497903175cded102980e636653183ad Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Wed, 3 Jan 2024 13:16:42 -0500 Subject: [PATCH 61/63] remove main method --- .../com/google/cloud/UnmanagedDependencyCheck.java | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java index 8a3ec0feea..06fec793cd 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java +++ b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java @@ -21,17 +21,6 @@ public class UnmanagedDependencyCheck { // regex of handwritten artifacts private final static String downstreamArtifact = "(com.google.cloud:google-cloud-.*)|(com.google.api.grpc:(grpc|proto)-google-cloud-.*)"; - - /** - * @param args An array with two elements.

The first string is the version of Java shared - * dependencies.

The second string is the path of a pom.xml contains BOM. - */ - public static void main(String[] args) - throws MavenRepositoryException, InvalidVersionSpecificationException { - checkArgument(args.length == 2, "The length of the inputs should be 2"); - System.out.println(getUnmanagedDependencies(args[0], args[1])); - } - /** * Returns dependency coordinates that are not managed by shared dependency BOM. * From 506003317166f8aca78a15186c44004eb8b47edc Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Wed, 3 Jan 2024 13:21:17 -0500 Subject: [PATCH 62/63] Revert "remove main method" This reverts commit 38b3ee42e497903175cded102980e636653183ad. --- .../com/google/cloud/UnmanagedDependencyCheck.java | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java index 06fec793cd..8a3ec0feea 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java +++ b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java @@ -21,6 +21,17 @@ public class UnmanagedDependencyCheck { // regex of handwritten artifacts private final static String downstreamArtifact = "(com.google.cloud:google-cloud-.*)|(com.google.api.grpc:(grpc|proto)-google-cloud-.*)"; + + /** + * @param args An array with two elements.

The first string is the version of Java shared + * dependencies.

The second string is the path of a pom.xml contains BOM. + */ + public static void main(String[] args) + throws MavenRepositoryException, InvalidVersionSpecificationException { + checkArgument(args.length == 2, "The length of the inputs should be 2"); + System.out.println(getUnmanagedDependencies(args[0], args[1])); + } + /** * Returns dependency coordinates that are not managed by shared dependency BOM. * From 37a5837ea192cab7115d055ecf9b512433d508c7 Mon Sep 17 00:00:00 2001 From: Joe Wang Date: Wed, 3 Jan 2024 13:26:38 -0500 Subject: [PATCH 63/63] change description --- .../main/java/com/google/cloud/UnmanagedDependencyCheck.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java index 8a3ec0feea..410c5f3966 100644 --- a/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java +++ b/java-shared-dependencies/unmanaged-dependency-check/src/main/java/com/google/cloud/UnmanagedDependencyCheck.java @@ -23,8 +23,8 @@ public class UnmanagedDependencyCheck { /** - * @param args An array with two elements.

The first string is the version of Java shared - * dependencies.

The second string is the path of a pom.xml contains BOM. + * @param args An array with two elements.

The first string is the path of Java shared + * dependencies BOM.

The second string is the path of a pom.xml contains BOM. */ public static void main(String[] args) throws MavenRepositoryException, InvalidVersionSpecificationException {