-
Notifications
You must be signed in to change notification settings - Fork 146
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update defectdojo hook to jdk 17 #1228
Conversation
Signed-off-by: Simon Hülkenberg <simon.huelkenberg@iteratec.com>
Signed-off-by: Simon Hülkenberg <simon.huelkenberg@iteratec.com>
MegaLinter status: ✅ SUCCESS
See errors details in artifact MegaLinter reports on CI Job page |
Signed-off-by: Simon Hülkenberg <simon.huelkenberg@iteratec.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
MegaLinter is complaining about the ci.yaml file, maybe you could take a look at that?
Besides that: Looks good to me, also good job at testing very extensively!
|
||
.PHONY: integration-tests | ||
integration-tests: ## 🩺 Start integration test for this module in the namespace "integration-tests" | ||
@echo "No integration tests for $(hook) defined!" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No newline at the end of the file
@@ -2,7 +2,7 @@ | |||
# | |||
# SPDX-License-Identifier: Apache-2.0 | |||
|
|||
FROM gradle:jdk11 as build | |||
FROM gradle:jdk17 as build | |||
COPY . /home/gradle/src | |||
WORKDIR /home/gradle/src | |||
RUN ./gradlew build -x test |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you also update the distroless image to java 17? 🙏
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(Relevant code is in line 10, github didn't let me comment there) :)
Signed-off-by: Simon Hülkenberg <simon.huelkenberg@iteratec.com>
Signed-off-by: Simon Hülkenberg <simon.huelkenberg@iteratec.com>
This PR updates the Defectdojo hook to JDK 17. Closes #1054
First I updated the Gradle Version we use to the newest because the version we use currently does not support JDK 17. Doing this I got an error regarding lombok about some unexported modules.
java.lang.IllegalAccessError: class lombok.javac.apt.LombokProcessor (in unnamed module @0x2c90820d) cannot access class com.sun.tools.javac.processing.JavacProcessingEnvironment (in module jdk.compiler) because module jdk.compiler does not export com.sun.tools.javac.processing to unnamed module @0x2c90820d
I updated lombok to the newest version and it fixed the error. (I guess the old lombok version used some deprecated apis).
Another error occurred:
Entry META-INF/LICENSE is a duplicate but no duplicate handling strategy has been set
. I used this solution from Stackoverflow:duplicatesStrategy = DuplicatesStrategy.EXCLUDE
in build.gradle.Maybe there is a different solution but for now it works.
After this the build works. The unit test succeed and I also tested the hook locally and it successfully uploaded findings into a local Defectdojo instance.
Additionally I noticed that there are no integration tests defined (so no hook.test.js file is presented). Running
make test
which will runmake integration-tests
has weird behavior then. Jest will run the integration tests of all hooks which fails. I overwrote theìntegration-tests
target to stop this behavior. Nowmake test
only runs the correct hook tests for the defectdojo hook.