Restructure build process

2026-05-25 08:55:04 +00:00 · 2022-11-09 12:59:14 +00:00 · 2022-11-09 12:59:14 +00:00 · a1300e0f6f
commit a1300e0f6f
parent d019642ba5
5 changed files with 88 additions and 101 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -13,13 +13,27 @@ cache:
  paths:
    - .m2/repository

-
-java-11:
+.java:
  stage: build
-  image: $CI_REGISTRY_IMAGE/maven:3-jdk-11
+  needs:
+    - job: java-11
+      artifacts: false
  script:
    - mvn $MAVEN_CLI_OPTS $BUILD_PROPS $CI_JOB_TIMESTAMP verify
-  retry: 2
+  artifacts:
+    name: artifacts
+    when: on_failure
+    paths:
+      - target/*.jar
+    reports:
+      junit:
+        - target/surefire-reports/*.xml
+        - target/failsafe-reports/*.xml
+
+java-11:
+  extends: .java
+  image: $CI_REGISTRY_IMAGE/maven:3-jdk-11
+  needs: [ ]
  artifacts:
    name: java-11
    paths:
@ -30,122 +44,43 @@ java-11:
        - target/surefire-reports/*.xml
        - target/failsafe-reports/*.xml

-java-11-openj9:
-  stage: build
-  image: $CI_REGISTRY_IMAGE/maven:3-jdk-11-openj9
-  script:
-    - mvn $MAVEN_CLI_OPTS $BUILD_PROPS $CI_JOB_TIMESTAMP verify
-  retry: 2
-  artifacts:
-    name: java-11-openj9
-    paths:
-      - target/*.jar
-    reports:
-      junit:
-        - target/surefire-reports/*.xml
-        - target/failsafe-reports/*.xml
-
 java8:
-  stage: build
+  extends: .java
  image: $CI_REGISTRY_IMAGE/maven:3-jdk-8
-  script:
-    - mvn $MAVEN_CLI_OPTS $BUILD_PROPS $CI_JOB_TIMESTAMP verify
-  retry: 2
-  artifacts:
-    name: java-8
-    paths:
-      - target/*.jar
-    reports:
-      junit:
-        - target/surefire-reports/*.xml
-        - target/failsafe-reports/*.xml
+
+java-11-openj9:
+  extends: .java
+  image: $CI_REGISTRY_IMAGE/maven:3-jdk-11-openj9

 java-8-openj9:
-  stage: build
+  extends: .java
  image: $CI_REGISTRY_IMAGE/maven:3-jdk-8-openj9
-  script:
-    - mvn $MAVEN_CLI_OPTS $BUILD_PROPS $CI_JOB_TIMESTAMP verify
-  retry: 2
-  artifacts:
-    name: java-8-open-j9
-    paths:
-      - target/*.jar
-    reports:
-      junit:
-        - target/surefire-reports/*.xml
-        - target/failsafe-reports/*.xml

 java-15:
-  stage: build
+  extends: .java
  image: $CI_REGISTRY_IMAGE/maven:3-openjdk-15
-  script:
-    - microdnf install libcgroup-tools
-    - cgget -n --values-only --variable memory.limit_in_bytes /
-    - mvn $MAVEN_CLI_OPTS $BUILD_PROPS $CI_JOB_TIMESTAMP verify
-  retry: 2
-  artifacts:
-    when: on_failure
-    name: java-15
-    paths:
-      - target/*
-    reports:
-      junit:
-        - target/surefire-reports/*.xml
-        - target/failsafe-reports/*.xml
+#  script:
+#    - microdnf install libcgroup-tools
+#    - cgget -n --values-only --variable memory.limit_in_bytes /
+#    - mvn $MAVEN_CLI_OPTS $BUILD_PROPS $CI_JOB_TIMESTAMP verify

 java-16:
-  stage: build
+  extends: .java
  image: $CI_REGISTRY_IMAGE/maven:3-openjdk-16
-  script:
-    - mvn $MAVEN_CLI_OPTS $BUILD_PROPS $CI_JOB_TIMESTAMP verify
-  retry: 2
-  artifacts:
-    when: on_failure
-    name: java-16
-    paths:
-      - target/*
-    reports:
-      junit:
-        - target/surefire-reports/*.xml
-        - target/failsafe-reports/*.xml

 java-17:
-  stage: build
+  extends: .java
  image: $CI_REGISTRY_IMAGE/maven:3-openjdk-17
-  script:
-    - mvn $MAVEN_CLI_OPTS $BUILD_PROPS $CI_JOB_TIMESTAMP verify
-  retry: 2
-  artifacts:
-    when: on_failure
-    name: java-17
-    paths:
-      - target/*
-    reports:
-      junit:
-        - target/surefire-reports/*.xml
-        - target/failsafe-reports/*.xml

 java-18:
-  stage: build
+  extends: .java
  image: $CI_REGISTRY_IMAGE/maven:3-openjdk-18
-  script:
-    - mvn $MAVEN_CLI_OPTS $BUILD_PROPS $CI_JOB_TIMESTAMP verify
-  retry: 2
-  artifacts:
-    when: on_failure
-    name: java-18
-    paths:
-      - target/*
-    reports:
-      junit:
-        - target/surefire-reports/*.xml
-        - target/failsafe-reports/*.xml

 deploy:
  stage: deploy
  image: $CI_REGISTRY_IMAGE/maven:3-jdk-11
-  dependencies:
-    - java-11
+  needs:
+    - job: java-11
  script:
    - export PROJECT_VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)
    - mvn $MAVEN_CLI_OPTS  deploy:deploy-file -Dfile=target/validationtool-${PROJECT_VERSION}.zip -DgroupId=kosit -DartifactId=validator -Dclassifier="distribution" -Dversion=${PROJECT_VERSION} -Dpackaging=zip -DrepositoryId="gitlab-maven" -Durl=https://projekte.kosit.org/api/v4/projects/7/packages/maven
@ -165,6 +100,20 @@ create-build-image:
  script:
    - apk add bash
    - bash .mvn/createBuildImages.sh
-  when: manual
+  rules:
+    - if: $CI_PIPELINE_SOURCE == "schedule"
+    - changes:
+        - .mvn/createBuildImages.sh

+owasp-check:
+  extends: .java
+  image: $CI_REGISTRY_IMAGE/maven:3-jdk-11
+  needs: [ ]
+  script:
+    - mvn $MAVEN_CLI_OPTS $BUILD_PROPS $CI_JOB_TIMESTAMP validate -Powasp-check
+  rules:
+    - if: $CI_PIPELINE_SOURCE == "schedule"
+    - changes:
+        - pom.xml
+        - owasp-suppressions.xml

--- a/.idea/compiler.xml
+++ b/.idea/compiler.xml
@ -11,5 +11,8 @@
        <module name="validationtool" />
      </profile>
    </annotationProcessing>
+    <bytecodeTargetLevel>
+      <module name="validator" target="1.8" />
+    </bytecodeTargetLevel>
  </component>
 </project>
--- a/.mvn/createBuildImages.sh
+++ b/.mvn/createBuildImages.sh
@ -16,7 +16,7 @@
 # limitations under the License.
 #

-TAGS=("3-openjdk-16" "3-jdk-11" "3-jdk-11-openj9" "3-jdk-8" "3-jdk-8-openj9" "3-openjdk-15" "3-openjdk-17", "3-openjdk-18")
+TAGS=("3-openjdk-16" "3-jdk-11" "3-jdk-11-openj9" "3-jdk-8" "3-jdk-8-openj9" "3-openjdk-15" "3-openjdk-17", "3-openjdk-18", "3-eclipse-temurin-19")

 docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" "$CI_REGISTRY"
 for i in "${TAGS[@]}"
--- a/owasp-suppressions.xml
+++ b/owasp-suppressions.xml
@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
+
+
+</suppressions>
--- a/pom.xml
+++ b/pom.xml
@ -61,6 +61,7 @@
        <version.jaxb>2.3.7</version.jaxb>
        <version.lombok>1.18.24</version.lombok>
        <version.mockito>4.8.1</version.mockito>
+        <version.owasp-dependency-check>7.2.0</version.owasp-dependency-check>
        <version.rest-assured>5.2.0</version.rest-assured>
        <version.saxon-he>11.4</version.saxon-he>
        <version.slf4j>1.7.25</version.slf4j>
@ -591,6 +592,35 @@
                </plugins>
            </build>
        </profile>
+        <profile>
+            <id>owasp-check</id>
+            <build>
+                <plugins>
+                    <plugin>
+                        <groupId>org.owasp</groupId>
+                        <artifactId>dependency-check-maven</artifactId>
+                        <version>${version.owasp-dependency-check}</version>
+                        <configuration>
+                            <failBuildOnCVSS>0</failBuildOnCVSS>
+                            <suppressionFiles>
+                                <suppressionFile>${project.basedir}/owasp-suppressions.xml</suppressionFile>
+                            </suppressionFiles>
+
+                        </configuration>
+                        <executions>
+                            <execution>
+                                <phase>
+                                    validate
+                                </phase>
+                                <goals>
+                                    <goal>check</goal>
+                                </goals>
+                            </execution>
+                        </executions>
+                    </plugin>
+                </plugins>
+            </build>
+        </profile>
        <profile>
            <id>format</id>
            <activation><activeByDefault>false</activeByDefault></activation>