这就是我在build.gradle
// Dependency Versioning
apply plugin: 'io.spring.dependency-management'
dependencyManagement {
imports {
mavenBom 'org.springframework.cloud:spring-cloud-dependencies:Edgware.RELEASE'
mavenBom 'io.pivotal.spring.cloud:spring-cloud-services-dependencies:1.5.0.RELEASE'
mavenBom 'org.springframework.boot:spring-boot-dependencies:1.5.15.RELEASE'
}
dependencies {
dependency 'io.springfox:springfox-swagger2:2.8.0'
dependency 'io.springfox:springfox-swagger-ui:2.8.0'
dependency 'org.flywaydb:flyway-core:4.2.0'
dependency 'com.microsoft.sqlserver:mssql-jdbc:6.2.2.jre8'
}
}
我希望为每个依赖项添加一个自定义编号。此编号是我们的架构团队提供的批准编号,用于批准在企业中使用该依赖项。
说,如果我的体系结构团队已批准使用io.springfox:springfox-swagger2:2.8.0
依赖项,并且批准号为APPL-1054
,那么我还必须在依赖项标记中将该数字也添加为metadata
,我将有一个不同的gradle任务来消耗这些数字
类似dependency 'io.springfox:springfox-swagger2:2.8.0' : APPL-1054
请帮助您提出想法
答案 0 :(得分:1)
您可以在地图中设置批准,然后使用依赖性解析来验证批准。只要您能以某种方式将其获取到地图,该地图就可以来自某些Web来源。这是一个简单的例子
buildscript {
repositories {
jcenter()
}
dependencies {
gradleApi()
}
}
group 'com.stackoverflow'
version '1.0-SNAPSHOT'
repositories {
jcenter()
}
configurations {
audited.extendsFrom(compile)
}
Map<String, Object> approvedDeps = [
'junit:junit:4.12': 'APPROVAL-1234'
]
dependencies {
compile gradleApi()
audited 'junit:junit:4.12'
audited 'org.mockito:mockito-android:2.22.0'
}
dependencies {
components {
all { ComponentMetadataDetails details ->
String requestedArtifact = "${details.id.group}:${details.id.name}:${details.id.version}"
String approvalCode = approvedDeps[requestedArtifact]
if (approvalCode == null) {
throw new GradleException("Use of unapproved dependency (${requestedArtifact})")
}
logger.lifecycle("Requested dependency (${requestedArtifact}) is approved: ${approvalCode}")
return details
}
}
}
// lets fake some action that would trigger dependency resolution
configurations.eachWithIndex { Configuration entry, int index ->
if (entry.canBeResolved) {
entry.resolve()
print("Resolved index: ${index}")
}
}
现在,如果我们运行./gradlew clean build
,则会添加一个未经批准的依赖项,从而导致错误。
$ ./gradlew clean build
> Configure project :
Requested dependency (junit:junit:4.12) is approved: APPROVAL-1234
FAILURE: Build failed with an exception.
* Where:
Build file '/Users/jonstanford/dev/stackoverflow/q52427676/build.gradle' line: 36
* What went wrong:
A problem occurred evaluating root project 'q52427676'.
> Could not resolve all dependencies for configuration ':audited'.
> There was an error while evaluating a component metadata rule for org.mockito:mockito-android:2.22.0.
> Use of unapproved dependency (org.mockito:mockito-android:2.22.0)
* Try:
Run with --stacktrace option to get the stack trace. Run with --info or --debug option to get more log output. Run with --scan to get full insights.
* Get more help at https://help.gradle.org
BUILD FAILED in 0s
当然,您可以将此功能移至自定义插件等,但我认为基本思想仍然成立。