In my jenkinsbuild I have a Maven(v3.1.0) project with a Fortify SCA plugin. I'm searching for the command to exclude a folder from the sca test and the place this command belongs. The Java project to test will be loaded from a GIT repository.
My commands(working):
(Build)
clean -Dfortify.sca.buildId=${JOB_NAME} sca:clean -Dmaven.test.skip=true install -Dfortify.sca.buildId=${JOB_NAME} sca:translate
(Post-Build)
-Dfortify.sca.Xmx=4G
-Dfortify.sca.Xms=2G
-Dfortify.sca.Xss=100M
-Dfortify.sca.PermGen=1G
-Dfortify.sca.64bit=true
-Dfortify.sca.verbose=true
-Dfortify.sca.debug=false
-Dfortify.sca.buildId=${JOB_NAME}
-Dfortify.sca.toplevel.artifactId=test
-Dfortify.sca.scan.failOnError=true
-Dfortify.sca.upload=false
-Dfortify.sca.upload.failOnError=true
-Dfortify.f360.url=${SSC_URL}
-Dfortify.f360.authToken=${SSC_AUTH_TOKEN}
-Dfortify.f360.projectName=${JOB_NAME}
-Dfortify.f360.projectVersion=current
sca:scan
Fortify Maven plugin (4.21) has a property to exclude files/folders from scan:
-Dcom.fortify.sca.exclude="fileA;fileB;fileC"
Or you can define Fortify properties in a file and import it:
-Dfortify.sca.properties.file=fortify.properties
Related
I use a standard Maven/Gradle project structure putting source code under src/main/kotlin and automatically collected resources under src/main/resources:
\myapp
-\src
-\main
-\kotlin
-\com
-\projectname
-\MyApp.kt
-\resources
- som_file.txt
This works fine to package my distribution with the distZip task and all resources end up in a jar which is then zipped into the following structure:
myapp
-\bin\
-\libs\
I am not sure where to put external config files in my Kotlin project (e.g. db.config) which the user could edit later. Is there a correct location for external config files in Gradle project?
we have
desktopRuntime 'org.xerial:sqlite-jdbc:3.15.1'
in gradle file.
i build project but my zip file dont have this file in lib folder.
how can i build project for desktop?
my ide is netbeans.
Thankful.
The problem with the distZip or jar gradle tasks is they miss to include desktop dependencies.
When deploying to desktop you can change temporary desktopRuntime to runtime, so they will be included, as Ladislav Török suggests, but then you should undo the change so that dependency isn't included in the mobile deployment.
If you want to have a working zip, we have to modify the distZip task, to include the desktop dependencies in the lib folder, and also to include them in the class path (so they are also added to the scripts in the bin folder). Include this in your build.gradle script:
startScripts {
classpath += configurations.desktopRuntime
}
distZip {
into("$project.name/lib") {
from configurations.desktopRuntime
}
}
You can also solve the issue by using the shadowJar, providing you include the desktop dependencies, to create an executable fat jar, like in this solution.
Try next steps:
1.
dependencies {
compile 'org.xerial:sqlite-jdbc:3.15.1'
runtime 'org.xerial:sqlite-jdbc:3.15.1'
}
Go to "Files" tab in NetBeans IDE -> your_project -> build -> libs and here add your lib some as sqlite-jdbc.jar
afterburner.fx for JavaFX 8 is a minimalistic (3 classes) JavaFX MVP framework based on Convention over Configuration and Dependency Injection created by Adam Bien.
afterburner.fx use Maven 3.
I would like to use it with Gradle.
How to use Afterburner.fx with Gradle instaed of Maven 3, while leaving the original project structure of afterburner.fx ?
In the build.gradle File add dependencies
dependencies {
compile group: 'com.airhacks', name:'afterburner.fx', version: afterburnerfxVersion
}
In the build.gradle File add the additional Resources (.fxml , .css , .properties)
sourceSets.main.resources.srcDirs("src/main/java").includes.addAll(["**/*.fxml", "**/*.css", "**/*.properties"])
and (re-)add all the standard Resources (in the resources folder)
sourceSets.main.resources.srcDirs("src/main/resources").includes.addAll(["**/*.*"])
Update for Gradle Version 6.8.1 : if you run gradlew with --warning-mode all there is a deprecated Message:
Copying or archiving duplicate paths with the default duplicates strategy has been deprecated. This is scheduled to be removed in Gradle 7.0.
Solution
add this line:
// from https://docs.gradle.org/6.8.1/userguide/upgrading_version_5.html#implicit_duplicate_strategy_for_copy_or_archive_tasks_has_been_deprecated
// and https://docs.gradle.org/current/userguide/java_plugin.html
// Java Plugin Task processResources(type: Copy)
processResources.duplicatesStrategy = DuplicatesStrategy.INCLUDE // allow duplicates
Thanks, this helped me a lot. I added the short form of it to dependencies:
compile 'com.airhacks:afterburner.fx:1.6.0'
Additionally I added a second line to include the files from the resources folder and not only from /java. I also added **/*.png to include png files because new Image("filename.png") wasn't working anymore.
sourceSets.main.resources.srcDirs("src/main/java").includes.addAll(["**/*.fxml", "**/*.css", "**/*.properties", "**/*.png"])
sourceSets.main.resources.srcDirs("src/main/resources").includes.addAll(["**/*.fxml", "**/*.css", "**/*.properties", "**/*.png"])
I don't know why the above two lines broke the default behavior - seems like I have to add every new file type to the above lines. :/ If anyone has a better solution please tell me.
In the Gradle samples (included with version 2.2.1) there is a java/multiproject project.
The settings.gradle file defines the following projects:
include "shared", "api", "services:webservice", "services:shared"
Note that services is not itself a project, merely a directory which contains the webservice and shared projects.
When I run the command gradle build from the root directory, I notice that after gradle successfully builds it creates inside the /services directory a /build directory containing /lib and a /tmp directories.
Inside of /services/build/lib is a jar: services-1.0.jar which contains very little; specifically just a META-INF/MANIFEST.MF file containing:
Manifest-Version: 1.0
provider: gradle
So what is causing Gradle to build a jar for this non-project? And how can I prevent this behavior in my similarly structured multiproject project?
/services isn't a project, I don't want to create anything inside /build folder at all. Yes I could just delete it, but I would like to avoid the unnecessary work of building this jar/running any tasks on this non-project in the first place.
To be honest I've no reasonable idea why gradle builds this folder. I guess that because it's a kind of a transient folder. However it can be excluded by adding the following piece of code to main build.gradle script:
project(':services').jar { onlyIf { false } }
Desired effect (services.jar elimination) can be also obtained with the following settings.gradle content:
include "shared", "api", "services/webservice", "services/shared"
File instead of project paths are included.
My guess would be that this is a combination of the next 2 gradle rules:
When you're including subprojects in the build.settings file using the include keyword according to Gradle Documentation here:
the inclusion of the path 'services:hotels:api' will result in
creating 3 projects: 'services', 'services:hotels' and
'services:hotels:api'.
In simple words, this means that the inclusion of services::webservice will also build the services project
The bulid.gradle file in your root that applies the 'java' plugin. According to Gradle Documentation here every configuration defined in the root.gradle takes effect for all sub projects. This means that it will also hold as the default configuration for the services project. As the 'java' plugin was applied a jar will be created, but as there is no src/main folder under the services directory nothing will be compiled and the jar will include only a META-INF/MANIFEST.MF file.
In a multi-project build I have a module that in itself is composed of two sub-projects. If I just want the option of building the top-level module but also ensure both the sub-projects within it are also built, how I do achieve this?
include 'moduleA', 'moduleB', 'moduleC' (root project settings.gradle)
project(':moduleC').projectDir = new File('path to custom module that includes sub-projects)
project(':moduleC').settingsDir = ?? (gradle fails because there is no settingsDir path)
but moduleC has a settings.gradle in itself that has
include 'api'
include 'server'
Now I want both these to be triggered when I specify gradlew :moduleC:build, but instead it just builds moduleC root project. Is there a way? This use case does seem valid to me (i.e. for modularity, you want to keep the inclusion of sub-projects at moduleC's level and not at root level).
Thanks,
Paddy
As of Gradle 2.2, only a single settings.gradle per build is supported. If that file contains include "moduleC:api" and include "moduleC:server", then running gradle build from moduleC's project directory will also build api and server.