From b2e6e2cee7af9b660570374edabd739701413a3a Mon Sep 17 00:00:00 2001 From: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com> Date: Mon, 16 Sep 2024 19:09:01 -0500 Subject: [PATCH] Added latest ServiceNow versions (washingtondc, xanadu) to the GHA Upgraded to Gradle 8.10.1 and switched to *.kts and foojay toolchain resolver --- .../workflows/publish.servicenow.plugin.yml | 14 ++-- .../build.gradle | 57 --------------- .../build.gradle.kts | 69 +++++++++++++++++++ .../gradle/wrapper/gradle-wrapper.properties | 12 ++-- .../settings.gradle.kts | 16 +++++ 5 files changed, 99 insertions(+), 69 deletions(-) delete mode 100644 integration/servicenow-external-credential-resolver/build.gradle create mode 100644 integration/servicenow-external-credential-resolver/build.gradle.kts create mode 100644 integration/servicenow-external-credential-resolver/settings.gradle.kts diff --git a/.github/workflows/publish.servicenow.plugin.yml b/.github/workflows/publish.servicenow.plugin.yml index 1ebff720..f9496914 100644 --- a/.github/workflows/publish.servicenow.plugin.yml +++ b/.github/workflows/publish.servicenow.plugin.yml @@ -43,7 +43,7 @@ jobs: run: | TAG="${{ github.event.inputs.tagname }}" GRADLE_CFG=./build.gradle - BUILD_VERSION=`fgrep version $GRADLE_CFG | sed -r 's/^version\s+//g' | sed "s/'//g"` + BUILD_VERSION=`fgrep version $GRADLE_CFG | sed -r 's/^version\s+//g' | sed 's/"//g'` if [[ "$TAG" == *"-$BUILD_VERSION"* ]]; then echo "Build version $BUILD_VERSION is included in the tag $TAG" else @@ -56,6 +56,8 @@ jobs: cat <<'EOF' > build.sh #!/usr/bin/env bash MID_SERVER_URLS='' + MID_SERVER_URLS=${MID_SERVER_URLS},https://install.service-now.com/glide/distribution/builds/package/mid/2024/09/01/mid.xanadu-07-02-2024__patch1-08-24-2024_09-01-2024_1853.linux.x86-64.zip + MID_SERVER_URLS=${MID_SERVER_URLS},https://install.service-now.com/glide/distribution/builds/package/mid/2024/08/31/mid.washingtondc-12-20-2023__patch7-08-21-2024_08-31-2024_1809.linux.x86-64.zip MID_SERVER_URLS=${MID_SERVER_URLS},https://install.service-now.com/glide/distribution/builds/package/mid/2023/07/26/mid.vancouver-07-06-2023__patch0-07-18-2023_07-26-2023_1029.linux.x86-64.zip MID_SERVER_URLS=${MID_SERVER_URLS},https://install.service-now.com/glide/distribution/builds/package/mid/2023/08/20/mid.utah-12-21-2022__patch6-08-09-2023_08-20-2023_0545.linux.x86-64.zip MID_SERVER_URLS=${MID_SERVER_URLS},https://install.service-now.com/glide/distribution/builds/package/mid/2023/06/23/mid.tokyo-07-08-2022__patch9-hotfix2-06-07-2023_06-23-2023_1740.linux.x86-64.zip @@ -71,8 +73,8 @@ jobs: chmod u+x ${buildroot}/gradlew gradlecfg=${buildroot}/build.gradle - buildname=`fgrep archivesName ${gradlecfg} | sed -r 's/^\s*archivesName\s*=\s*//g' | sed "s/'//g"` - buildversion=`fgrep version ${gradlecfg} | sed -r 's/^version\s+//g' | sed "s/'//g"` + buildname=`fgrep archivesName ${gradlecfg} | sed -r 's/^\s*archivesName\s*=\s*//g' | sed 's/"//g'` + buildversion=`fgrep version ${gradlecfg} | sed -r 's/^version\s+//g' | sed 's/"//g'` srcjarpath=${buildroot}/build/libs/${buildname}-${buildversion}.jar IFS="," read -a urls <<< ${MID_SERVER_URLS} @@ -88,7 +90,7 @@ jobs: libpath=${midsdir}/${version}/agent/lib elibpath=${libpath//\//\\/} - sed -i "s/def midserver_agent_dir =.*/def midserver_agent_dir = \'${elibpath}\'/" ${gradlecfg} + sed -i "s/val midServerAgentDir =.*/val midServerAgentDir = \'${elibpath}\'/" ${gradlecfg} cd ${buildroot} gradlew_return_code=0 @@ -118,7 +120,7 @@ jobs: run: | TAG="${{ github.event.inputs.tagname }}" GRADLE_CFG=./build.gradle - BUILD_NAME=`fgrep archivesName $GRADLE_CFG | sed -r 's/^\s*archivesName\s*=\s*//g' | sed "s/'//g"` - BUILD_VERSION=`fgrep version $GRADLE_CFG | sed -r 's/^version\s+//g' | sed "s/'//g"` + BUILD_NAME=`fgrep archivesName $GRADLE_CFG | sed -r 's/^\s*archivesName\s*=\s*//g' | sed 's/"//g'` + BUILD_VERSION=`fgrep version $GRADLE_CFG | sed -r 's/^version\s+//g' | sed 's/"//g'` RELEASE_NAME=${BUILD_NAME}-${BUILD_VERSION}.jar gh release create ${TAG} `pwd`/releases/*.jar --repo="$GITHUB_REPOSITORY" --title="$RELEASE_NAME" --generate-notes diff --git a/integration/servicenow-external-credential-resolver/build.gradle b/integration/servicenow-external-credential-resolver/build.gradle deleted file mode 100644 index 28dbcd15..00000000 --- a/integration/servicenow-external-credential-resolver/build.gradle +++ /dev/null @@ -1,57 +0,0 @@ -plugins { - id 'base' - id 'java' -} - -group 'com.keepersecurity' -version '0.1.0' - -base { - archivesName = 'keeper-external-credentials' -} -java { - sourceCompatibility = JavaVersion.VERSION_1_8 - targetCompatibility = JavaVersion.VERSION_1_8 -} - -// TODO: replace with mid server path -// This must point to the MID Server installation location (agent directory path). -def midserver_agent_dir = '/opt/servicenow/mid/agent/lib' - -repositories { - mavenCentral() - flatDir { - dirs("$midserver_agent_dir") - } -} - -dependencies { - implementation 'com.keepersecurity.secrets-manager:core:16.6.2+' - - // MID server dependencies, not required to be uploaded - // MID jar dependency for config APIs - compileOnly 'com.snc:mid' - compileOnly 'com.snc:commons-glide' - compileOnly 'com.snc:commons-core-automation' - compileOnly 'com.snc:snc-automation-api' - - // NB! JDK16+/Vancouver+ may require: export _JAVA_OPTIONS="--add-opens=java.base/sun.security.util=ALL-UNNAMED" - // Vancouver and newer: IFileSystem is in the new mid-api.jar - if( !fileTree("$midserver_agent_dir").filter{File f -> (f.name == "mid-api.jar")}.isEmpty() ) { - compileOnly 'com.snc:mid-api' - } -} - -jar { - duplicatesStrategy = DuplicatesStrategy.EXCLUDE - manifest { - attributes('Main-Class': 'com.snc.discovery.CredentialResolver') - } - from { - configurations.runtimeClasspath.collect { it.isDirectory() ? it : zipTree(it) } - } { - exclude "META-INF/*.SF" - exclude "META-INF/*.DSA" - exclude "META-INF/*.RSA" - } -} diff --git a/integration/servicenow-external-credential-resolver/build.gradle.kts b/integration/servicenow-external-credential-resolver/build.gradle.kts new file mode 100644 index 00000000..e77de111 --- /dev/null +++ b/integration/servicenow-external-credential-resolver/build.gradle.kts @@ -0,0 +1,69 @@ +group "com.keepersecurity" +version "0.1.0" + +plugins { + base + java +} + +base { + archivesName = "keeper-external-credentials" +} + +java { + toolchain { + // Vancouver-- built with OpenJDK 11.x + languageVersion = JavaLanguageVersion.of(11) + + // Washington DC: A ServiceNow build of OpenJDK 17.0.8.1 is Supported and Included (17.0.8.1-sncmid1) + // Administrators will need to make sure any 3rd party JAR files for Credential resolvers, JDBC drivers, etc. + // are compatible with Java 17 and 'strong encapsulation', before upgrading. + // More information: KB1273036 MID Server - JRE 17 Upgrade + + // Washington DC, Xanadu++ built with OpenJDK 17.x + //languageVersion = JavaLanguageVersion.of(17) + } +} + +// This must point to the MID Server installation location (agent directory path). +val midServerAgentDir = "/opt/servicenow/mid/agent/lib" + +repositories { + mavenCentral() + flatDir { + dirs(midServerAgentDir) + } +} + +dependencies { + implementation ("com.keepersecurity.secrets-manager:core:16.6.4+") + + // MID server dependencies, not required to be uploaded + // MID jar dependency for config APIs + compileOnly("com.snc:mid") + compileOnly("com.snc:commons-glide") + compileOnly("com.snc:commons-core-automation") + compileOnly("com.snc:snc-automation-api") + + // NB! JDK16+/Vancouver+ may require: export _JAVA_OPTIONS="--add-opens=java.base/sun.security.util=ALL-UNNAMED" + // Vancouver and newer: IFileSystem is in the new mid-api.jar + if (file("${midServerAgentDir}/mid-api.jar").exists()) { + compileOnly("com.snc:mid-api") + } +} + +tasks.jar { + duplicatesStrategy = DuplicatesStrategy.EXCLUDE + manifest { + attributes("Main-Class" to "com.snc.discovery.CredentialResolver") + } + from(configurations + .runtimeClasspath + .get() // Gradle 6+ + .files // Gradle 6+ + .map { if (it.isDirectory) it else zipTree(it) } + ) + exclude("META-INF/*.SF") + exclude("META-INF/*.DSA") + exclude("META-INF/*.RSA") +} diff --git a/integration/servicenow-external-credential-resolver/gradle/wrapper/gradle-wrapper.properties b/integration/servicenow-external-credential-resolver/gradle/wrapper/gradle-wrapper.properties index c30b486a..732ebe8e 100644 --- a/integration/servicenow-external-credential-resolver/gradle/wrapper/gradle-wrapper.properties +++ b/integration/servicenow-external-credential-resolver/gradle/wrapper/gradle-wrapper.properties @@ -1,6 +1,6 @@ -distributionBase=GRADLE_USER_HOME -distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-8.3-bin.zip -networkTimeout=10000 -zipStoreBase=GRADLE_USER_HOME -zipStorePath=wrapper/dists +#Mon Sep 16 16:27:48 CDT 2024 +distributionBase=GRADLE_USER_HOME +distributionPath=wrapper/dists +distributionUrl=https\://services.gradle.org/distributions/gradle-8.10.1-bin.zip +zipStoreBase=GRADLE_USER_HOME +zipStorePath=wrapper/dists diff --git a/integration/servicenow-external-credential-resolver/settings.gradle.kts b/integration/servicenow-external-credential-resolver/settings.gradle.kts new file mode 100644 index 00000000..c75f1d39 --- /dev/null +++ b/integration/servicenow-external-credential-resolver/settings.gradle.kts @@ -0,0 +1,16 @@ +rootProject.name = "keeper-external-credentials" + +plugins { + id("org.gradle.toolchains.foojay-resolver") version "0.8.0" +} + +@Suppress("UnstableApiUsage") +toolchainManagement { + jvm { + javaRepositories { + repository("foojay") { + resolverClass.set(org.gradle.toolchains.foojay.FoojayToolchainResolver::class.java) + } + } + } +}