0

This is how i have added dependencies in my build.gradle

 // Dependency Versioning
    apply plugin: 'io.spring.dependency-management'
    dependencyManagement {
        imports {
            mavenBom 'org.springframework.cloud:spring-cloud-dependencies:Edgware.RELEASE'
            mavenBom 'io.pivotal.spring.cloud:spring-cloud-services-dependencies:1.5.0.RELEASE'
            mavenBom 'org.springframework.boot:spring-boot-dependencies:1.5.15.RELEASE'

        }
        dependencies {

            dependency 'io.springfox:springfox-swagger2:2.8.0'
            dependency 'io.springfox:springfox-swagger-ui:2.8.0'

            dependency 'org.flywaydb:flyway-core:4.2.0'
            dependency 'com.microsoft.sqlserver:mssql-jdbc:6.2.2.jre8'
        }
    }

I am looking to add a custom-number with each dependency. This number is our Approval number provided by our Architecture team for approval of using that dependency within our enterprise..

Say if my Architecture team has Approved to use io.springfox:springfox-swagger2:2.8.0 dependency and if the approval number is APPL-1054 then i have to add this number also as a metadata along within the dependency tag with which i will have a different gradle task to consume those numbers

something that looks like dependency 'io.springfox:springfox-swagger2:2.8.0' : APPL-1054

Please help with your ideas

4

1 回答 1

1

您可以在 Map 中设置批准,然后使用依赖关系解析来验证批准。只要您能以某种方式将其转换为地图,该地图就可以来自某些网络资源。这是一个简单的例子

buildscript {
    repositories {
        jcenter()
    }
    dependencies {
        gradleApi()
    }
}

group 'com.stackoverflow'
version '1.0-SNAPSHOT'

repositories {
    jcenter()
}

configurations {
    audited.extendsFrom(compile)
}

Map<String, Object> approvedDeps = [
        'junit:junit:4.12': 'APPROVAL-1234'
]

dependencies {
    compile gradleApi()
    audited 'junit:junit:4.12'
    audited 'org.mockito:mockito-android:2.22.0'
}
dependencies {
    components {
        all { ComponentMetadataDetails details ->
            String requestedArtifact = "${details.id.group}:${details.id.name}:${details.id.version}"
            String approvalCode = approvedDeps[requestedArtifact]
            if (approvalCode == null) {
                throw new GradleException("Use of unapproved dependency (${requestedArtifact})")
            }
            logger.lifecycle("Requested dependency (${requestedArtifact}) is approved: ${approvalCode}")
            return details
        }
    }
}

// lets fake some action that would trigger dependency resolution
configurations.eachWithIndex { Configuration entry, int index ->
    if (entry.canBeResolved) {
        entry.resolve()
        print("Resolved index: ${index}")
    }

}

现在,如果我们运行./gradlew clean build,我们会收到一个错误,因为添加了未经批准的依赖项。

$ ./gradlew clean build

> Configure project :
Requested dependency (junit:junit:4.12) is approved: APPROVAL-1234

FAILURE: Build failed with an exception.

* Where:
Build file '/Users/jonstanford/dev/stackoverflow/q52427676/build.gradle' line: 36

* What went wrong:
A problem occurred evaluating root project 'q52427676'.
> Could not resolve all dependencies for configuration ':audited'.
   > There was an error while evaluating a component metadata rule for org.mockito:mockito-android:2.22.0.
      > Use of unapproved dependency (org.mockito:mockito-android:2.22.0)

* Try:
Run with --stacktrace option to get the stack trace. Run with --info or --debug option to get more log output. Run with --scan to get full insights.

* Get more help at https://help.gradle.org

BUILD FAILED in 0s

当然,您可以将此功能移动到自定义插件等,但我认为基本想法是成立的。

于 2018-09-20T16:47:12.130 回答