Add DT companion Plugin v1.0.0 #1
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
added 3 commits
May 15, 2023 13:36
This commit addresses an issue where properties were being resolved during configuration time By transitioning the property resolution process to execution time, we leverage the full potential of Gradle properties. This change enhances build performance and optimizes resource usage by preventing premature property resolution.
added 8 commits
May 16, 2023 11:22
Khartris
reviewed
May 23, 2023
src/integrationTest/kotlin/com/liftric/dtcp/service/ApiServiceIgnoreError.kt
Outdated
Show resolved
Hide resolved
Khartris
reviewed
May 23, 2023
src/integrationTest/kotlin/com/liftric/dtcp/service/ApiServiceIgnoreError.kt
Outdated
Show resolved
Hide resolved
Khartris
reviewed
May 23, 2023
Khartris
reviewed
May 23, 2023
Khartris
reviewed
May 23, 2023
Khartris
reviewed
May 23, 2023
Khartris
reviewed
May 23, 2023
|
I'm done with my first round of feedback. I have ignored the TODO parts as I assume they will be done in a later PR. |
added 3 commits
May 25, 2023 12:00
added a task for generating plugin.properties file inspired by the cyclondx sbom gradle plugin
I actually forgot that and now added it afterwards |
The toNonNullPairList methods in the UploadSBOM and UploadVex classes have been refactored for simplicity and readability. The changes include replacing the previous approach of using a mutable list and conditionally adding items with a simpler, more direct approach of creating a list and filtering out any null values.
Ingwersaft
reviewed
May 26, 2023
| import org.gradle.api.tasks.Internal | ||
| import org.gradle.api.tasks.Optional | ||
|
|
||
| data class UploadSBOM( |
There was a problem hiding this comment.
Why do you need the UploadSBOM intermediate step? UploadSBOM is only used to build a List<Pair<String, String>> which is used to fill the POST form fields. You could just use the UploadSBOMBuilder to build List directly, without this intemediate step.
This remark applies analogously to other identical structures in your MR.
There was a problem hiding this comment.
Something like this:
Subject: [PATCH] x
---
Index: src/main/kotlin/com/liftric/dtcp/service/ApiService.kt
IDEA additional info:
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
<+>UTF-8
===================================================================
diff --git a/src/main/kotlin/com/liftric/dtcp/service/ApiService.kt b/src/main/kotlin/com/liftric/dtcp/service/ApiService.kt
--- a/src/main/kotlin/com/liftric/dtcp/service/ApiService.kt (revision 775d325218eeb4619ee4c9aea9a34845cfb7281b)
+++ b/src/main/kotlin/com/liftric/dtcp/service/ApiService.kt (date 1685100310063)
@@ -32,14 +32,12 @@
url: String,
file: File,
documentType: String,
- formData: List<Pair<String, String>>,
+ formData: FormBuilder.() -> Unit,
): HttpResponse {
return client.submitFormWithBinaryData(
url = url,
formData = formData {
- formData.forEach { (key, value) ->
- append(key, value)
- }
+ formData()
append(documentType, file.readBytes(), Headers.build {
append(HttpHeaders.ContentType, "application/${file.extension}")
append(HttpHeaders.ContentDisposition, "filename=\"${file.name}\"")
Index: src/main/kotlin/com/liftric/dtcp/service/DependencyTrack.kt
IDEA additional info:
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
<+>UTF-8
===================================================================
diff --git a/src/main/kotlin/com/liftric/dtcp/service/DependencyTrack.kt b/src/main/kotlin/com/liftric/dtcp/service/DependencyTrack.kt
--- a/src/main/kotlin/com/liftric/dtcp/service/DependencyTrack.kt (revision 775d325218eeb4619ee4c9aea9a34845cfb7281b)
+++ b/src/main/kotlin/com/liftric/dtcp/service/DependencyTrack.kt (date 1685100310079)
@@ -1,9 +1,9 @@
package com.liftric.dtcp.service
-import com.liftric.dtcp.extensions.UploadSBOM
-import com.liftric.dtcp.extensions.toNonNullPairList
+import com.liftric.dtcp.extensions.UploadSBOMBuilder
import com.liftric.dtcp.model.*
import io.ktor.client.call.*
+import io.ktor.client.request.forms.*
import kotlinx.coroutines.delay
import kotlinx.coroutines.runBlocking
import java.io.File
@@ -28,18 +28,36 @@
client.getRequest(url).body()
}
- fun uploadVex(file: File, formData: List<Pair<String, String>>) = runBlocking {
+ fun uploadVex(file: File, formData: FormBuilder.() -> Unit) = runBlocking {
val url = "$baseUrl/api/v1/vex"
client.uploadFileWithFormData(url, file, "vex", formData)
}
fun uploadSbom(
file: File,
- uploadSBOM: UploadSBOM,
+ uploadSBOM: UploadSBOMBuilder,
): UploadSBOMResponse = runBlocking {
- val formData = uploadSBOM.toNonNullPairList()
val url = "$baseUrl/api/v1/bom"
- val res = client.uploadFileWithFormData(url, file, "bom", formData)
+ val res = client.uploadFileWithFormData(url, file, "bom") {
+ uploadSBOM.project.orNull?.let {
+ append("project", it)
+ }
+ uploadSBOM.projectName.orNull?.let {
+ append("projectName", it)
+ }
+ uploadSBOM.projectVersion.orNull?.let {
+ append("projectVersion", it)
+ }
+ uploadSBOM.parentName.orNull?.let {
+ append("parentName", it)
+ }
+ uploadSBOM.parentVersion.orNull?.let {
+ append("parentVersion", it)
+ }
+ uploadSBOM.parentUUID.orNull?.let {
+ append("parentUUID", it)
+ }
+ }
res.body()
}
Index: src/main/kotlin/com/liftric/dtcp/extensions/UploadSBOM.kt
IDEA additional info:
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
<+>UTF-8
===================================================================
diff --git a/src/main/kotlin/com/liftric/dtcp/extensions/UploadSBOM.kt b/src/main/kotlin/com/liftric/dtcp/extensions/UploadSBOM.kt
--- a/src/main/kotlin/com/liftric/dtcp/extensions/UploadSBOM.kt (revision 775d325218eeb4619ee4c9aea9a34845cfb7281b)
+++ b/src/main/kotlin/com/liftric/dtcp/extensions/UploadSBOM.kt (date 1685100310083)
@@ -6,16 +6,6 @@
import org.gradle.api.tasks.Internal
import org.gradle.api.tasks.Optional
-data class UploadSBOM(
- val autoCreate: Boolean,
- val project: String?,
- val projectName: String?,
- val projectVersion: String?,
- val parentName: String?,
- val parentVersion: String?,
- val parentUUID: String?,
-)
-
@Suppress("MemberVisibilityCanBePrivate")
@ConfigDsl
class UploadSBOMBuilder(@get:Internal val proj: Project) {
@@ -47,22 +37,4 @@
@get:Optional
val parentUUID: Property<String?> = proj.objects.property(String::class.java)
- fun build(): UploadSBOM = UploadSBOM(
- autoCreate = autoCreate.get(),
- project = project.orNull,
- projectName = projectName.orNull,
- projectVersion = projectVersion.orNull,
- parentName = parentName.orNull,
- parentVersion = parentVersion.orNull,
- parentUUID = parentUUID.orNull,
- )
}
-
-fun UploadSBOM.toNonNullPairList(): List<Pair<String, String>> = listOf(
- Pair("project", project),
- Pair("projectName", projectName),
- Pair("projectVersion", projectVersion),
- Pair("parentName", parentName),
- Pair("parentVersion", parentVersion),
- Pair("parentUUID", parentUUID),
-).filterNot { it.second == null } as List<Pair<String, String>>
Index: src/main/kotlin/com/liftric/dtcp/tasks/UploadSBOM.kt
IDEA additional info:
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
<+>UTF-8
===================================================================
diff --git a/src/main/kotlin/com/liftric/dtcp/tasks/UploadSBOM.kt b/src/main/kotlin/com/liftric/dtcp/tasks/UploadSBOM.kt
--- a/src/main/kotlin/com/liftric/dtcp/tasks/UploadSBOM.kt (revision 775d325218eeb4619ee4c9aea9a34845cfb7281b)
+++ b/src/main/kotlin/com/liftric/dtcp/tasks/UploadSBOM.kt (date 1685100310087)
@@ -28,11 +28,10 @@
val inputFileValue = inputFile.get().asFile
val apiKeyValue = apiKey.get()
val urlValue = url.get()
- val uploadSBOMValue = uploadSBOM.get().build()
if (inputFileValue.exists()) {
val dt = DependencyTrack(apiKeyValue, urlValue)
- val response = dt.uploadSbom(inputFileValue, uploadSBOMValue)
+ val response = dt.uploadSbom(inputFileValue, uploadSBOM.get())
dt.waitForSbomAnalysis(response.token)
} else {
throw Exception("CycloneDX report file not found, run './gradlew cyclonedxBom'")
Apply patch from clipboard is the way to get this into your IDEA.
Also, you never used the autoCreate in your approach, was pretty obvious in my approach because we have less indirection :D
There was a problem hiding this comment.
Changed in 5eee5a7
Also had to adjust the uploadVex Task, because the code was in an broken state. that should fit now so?
Ingwersaft
reviewed
May 26, 2023
|
I dont have the rights to updade Gradle Plugin Credentials in this Project. |
You mean you can't change/add the repository actions secrets? |
|
LGTM |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adds the init Code for the Plugin