Merge pull request #15 from embold/development

Development

.github/workflows/build.yml

@@ -14,17 +14,16 @@ jobs:
       - name: Set up Maven Repository
         uses: actions/setup-java@v1
         with:
-          java-version: 1.8
+          java-version: 11
           server-id: ossrh
           server-username: MAVEN_USERNAME
           server-password: MAVEN_PASSWORD
       - name: Build & Scan
         env:
           MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
           MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}
-          EMBOLD_URL: https://oss.emboldci.dev
-          EMBOLD_TOKEN: ${{ secrets.EMBOLD_OSS_SCAN_TOKEN }}
-        run: mvn --batch-mode clean deploy -DskipTests=true io.embold.scan:embold-maven-plugin:embold -Dembold.host.url=https://embolddemo.emboldci.dev -Dembold.user.token=${{ secrets.EMBOLD_OSS_SCAN_TOKEN }} --file pom.xml
+          embold.user.token: ${{ secrets.EMBOLD_OSS_SCAN_TOKEN }}
+        run: mvn --batch-mode clean deploy io.embold.scan:embold-maven-plugin:embold -Dembold.host.url=https://tester.emboldci.dev -Dembold.user.token=${{ secrets.EMBOLD_OSS_SCAN_TOKEN }} --file pom.xml
 
   release:
     runs-on: ubuntu-latest
@@ -36,7 +35,7 @@ jobs:
       - name: Set up Maven Repository
         uses: actions/setup-java@v1
         with:
-          java-version: 1.8
+          java-version: 11
       - name: maven-settings-xml-action
         uses: whelk-io/maven-settings-xml-action@v11
         with:
@@ -81,8 +80,8 @@ jobs:
           GITHUB_USER: 'github-actions'
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           GPG_SECRET_KEY_PASSWORD: ${{ secrets.GPG_SECRET_KEY_PASSWORD }}
-          EMBOLD_URL: https://oss.emboldci.dev
-          EMBOLD_TOKEN: ${{ secrets.EMBOLD_OSS_SCAN_TOKEN }}
+          embold.host.url: https://tester.emboldci.dev
+          embold.user.token: ${{ secrets.EMBOLD_OSS_SCAN_TOKEN }}
         run: |
           mvn \
             --no-transfer-progress \
@@ -97,8 +96,8 @@ jobs:
           MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
           MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}
           GPG_SECRET_KEY_PASSWORD: ${{ secrets.GPG_SECRET_KEY_PASSWORD }}
-          EMBOLD_URL: https://oss.emboldci.dev
-          EMBOLD_TOKEN: ${{ secrets.EMBOLD_OSS_SCAN_TOKEN }}
+          embold.host.url: https://tester.emboldci.dev
+          embold.user.token: ${{ secrets.EMBOLD_OSS_SCAN_TOKEN }}
         run: |
           mvn \
             --no-transfer-progress \

README.md

@@ -1,6 +1,6 @@
 # Embold Maven Plugin
 Embold scanner for Maven builds
-![build](https://github.com/embold/embold-maven-plugin/workflows/build/badge.svg?branch=development)
+![build](https://github.com/embold/embold-maven-plugin/actions/workflows/build.yml/badge.svg?branch=development)
 [![Maven Central](https://img.shields.io/maven-central/v/io.embold.scan/embold-maven-plugin.svg?label=Maven%20Central)](https://search.maven.org/search?q=g:%22io.embold.scan%22%20AND%20a:%22embold-maven-plugin%22)
 
 Maven plugin for Embold static analysis
@@ -25,6 +25,8 @@ You can then link to a Project on Embold in order to view the scan results.
 * JDK 1.8 or higher
 * Embold on-premise server instance (version 1.8.7.0 or higher)
 
+
+
 ## Known Issues and Limitations
 ##### 1. Aborting the maven build doesn't always abort the scan on Windows
 For now, you may need to manually kill the Java process if you abort on Windows

pom.xml

@@ -62,7 +62,7 @@
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <maven.compiler.source>1.8</maven.compiler.source>
         <maven.compiler.target>1.8</maven.compiler.target>
-        <maven.version>3.3.3</maven.version>
+        <maven.version>3.3.9</maven.version>
         <project.scm.id>github</project.scm.id>
     </properties>
 
@@ -78,17 +78,21 @@
     </distributionManagement>
 
     <dependencies>
+        <dependency>
+            <groupId>org.apache.maven.plugin-tools</groupId>
+            <artifactId>maven-plugin-annotations</artifactId>
+            <version>3.5</version>
+            <scope>provided</scope>
+        </dependency>
         <dependency>
             <groupId>org.apache.maven</groupId>
             <artifactId>maven-plugin-api</artifactId>
             <version>${maven.version}</version>
-            <scope>provided</scope>
         </dependency>
         <dependency>
             <groupId>org.apache.maven</groupId>
             <artifactId>maven-core</artifactId>
             <version>${maven.version}</version>
-            <scope>provided</scope>
         </dependency>
         <dependency>
             <groupId>org.apache.maven</groupId>
@@ -100,67 +104,60 @@
             <groupId>org.apache.maven</groupId>
             <artifactId>maven-compat</artifactId>
             <version>${maven.version}</version>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.apache.maven.plugin-tools</groupId>
-            <artifactId>maven-plugin-annotations</artifactId>
-            <version>3.6.0</version>
-            <scope>provided</scope>
         </dependency>
         <dependency>
             <groupId>junit</groupId>
             <artifactId>junit</artifactId>
-            <version>4.12</version>
+            <version>4.11</version>
             <scope>test</scope>
         </dependency>
         <dependency>
             <groupId>org.apache.maven.plugin-testing</groupId>
             <artifactId>maven-plugin-testing-harness</artifactId>
-            <version>3.3.0</version>
             <scope>test</scope>
+            <version>3.3.0</version>
         </dependency>
 
         <dependency>
             <groupId>com.konghq</groupId>
             <artifactId>unirest-java</artifactId>
-            <version>3.11.03</version>
+            <version>3.14.5</version>
             <classifier>standalone</classifier>
         </dependency>
 
         <!-- https://mvnrepository.com/artifact/org.apache.commons/commons-lang3 -->
         <dependency>
             <groupId>org.apache.commons</groupId>
             <artifactId>commons-lang3</artifactId>
-            <version>3.9</version>
+            <version>3.14.0</version>
         </dependency>
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-databind</artifactId>
-            <version>2.13.3</version>
+            <version>2.17.0</version>
         </dependency>
         <!-- https://mvnrepository.com/artifact/org.apache.commons/commons-exec -->
         <dependency>
             <groupId>org.apache.commons</groupId>
             <artifactId>commons-exec</artifactId>
-            <version>1.3</version>
+            <version>1.4.0</version>
         </dependency>
         <!-- https://mvnrepository.com/artifact/commons-io/commons-io -->
         <dependency>
             <groupId>commons-io</groupId>
             <artifactId>commons-io</artifactId>
-            <version>2.6</version>
+            <version>2.16.1</version>
         </dependency>
         <!-- https://mvnrepository.com/artifact/org.apache.commons/commons-compress -->
         <dependency>
             <groupId>org.apache.commons</groupId>
             <artifactId>commons-compress</artifactId>
-            <version>1.21</version>
+            <version>1.26.1</version>
         </dependency>
         <dependency>
             <groupId>io.embold.scan</groupId>
             <artifactId>scanner-sync</artifactId>
-            <version>1.0.5</version>
+            <version>1.0.10</version>
         </dependency>
 
     </dependencies>
@@ -212,7 +209,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-plugin-plugin</artifactId>
-                <version>3.6.0</version>
+                <version>3.12.0</version>
                 <configuration>
                     <!-- <goalPrefix>maven-archetype-plugin</goalPrefix> -->
                     <skipErrorNoDescriptorsFound>true</skipErrorNoDescriptorsFound>
@@ -246,7 +243,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-release-plugin</artifactId>
-                <version>2.5.3</version>
+                <version>3.0.1</version>
                 <configuration>
                     <autoVersionSubmodules>true</autoVersionSubmodules>
                     <useReleaseProfile>false</useReleaseProfile>
@@ -266,7 +263,7 @@
                     <plugin>
                         <groupId>org.apache.maven.plugins</groupId>
                         <artifactId>maven-invoker-plugin</artifactId>
-                        <version>3.2.1</version>
+                        <version>3.6.1</version>
                         <configuration>
                             <debug>true</debug>
                             <cloneProjectsTo>${project.build.directory}/it</cloneProjectsTo>
@@ -303,7 +300,7 @@
                     <plugin>
                         <groupId>org.apache.maven.plugins</groupId>
                         <artifactId>maven-source-plugin</artifactId>
-                        <version>2.2.1</version>
+                        <version>3.3.1</version>
                         <executions>
                             <execution>
                                 <id>attach-sources</id>
@@ -316,7 +313,7 @@
                     <plugin>
                         <groupId>org.apache.maven.plugins</groupId>
                         <artifactId>maven-javadoc-plugin</artifactId>
-                        <version>2.9.1</version>
+                        <version>3.6.3</version>
                         <configuration>
                             <source>8</source>
                         </configuration>
@@ -332,7 +329,7 @@
                     <plugin>
                         <groupId>org.apache.maven.plugins</groupId>
                         <artifactId>maven-gpg-plugin</artifactId>
-                        <version>1.5</version>
+                        <version>3.2.3</version>
                         <configuration>
                             <gpgArguments>
                                 <arg>--pinentry-mode</arg>

src/main/java/io/embold/scan/mvn/Repo.java

@@ -30,7 +30,7 @@ public String getRepoName() {
 
     @Override
     public String toString() {
-        return "Repo [uid=" + repoUid + ", name=" + repoName + "]";
+        return "Repository [uid=" + repoUid + ", name=" + repoName + "]";
     }
 
     public String jsonString() throws MojoExecutionException {

src/main/java/io/embold/scan/mvn/ScanMojo.java

@@ -13,24 +13,36 @@
 import org.apache.maven.plugin.AbstractMojo;
 import org.apache.maven.plugin.MojoExecutionException;
 import org.apache.maven.plugins.annotations.Component;
-import org.apache.maven.plugins.annotations.Mojo;
 import org.apache.maven.plugins.annotations.Parameter;
-import org.apache.maven.plugins.annotations.ResolutionScope;
 import org.apache.maven.project.MavenProject;
 
 /**
  * Goal which scans the maven project with embold
+ *
+ * @goal embold
+ *
+ * @requiresDependencyResolution test
+ *
+ * @aggregator
+ *
  */
-@Mojo(name = "embold", requiresDependencyResolution = ResolutionScope.TEST, aggregator = true)
 public class ScanMojo extends AbstractMojo {
+
     /**
-     * Embold Server URL
+     * Embold Host URL
+     *
+     * @parameter name="emboldHostUrl" property="embold.host.url""
+     * @readonly
+     * @required
      */
-    @Parameter(property = "embold.host.url", required = true)
     private String emboldHostUrl;
 
     /**
-     * Embold Token
+     * Embold Access Token
+     *
+     * @parameter name="emboldUserToken" property="embold.user.token""
+     * @readonly
+     * @required
      */
     @Parameter(property = "embold.user.token", required = true)
     private String emboldUserToken;
@@ -54,7 +66,10 @@ public class ScanMojo extends AbstractMojo {
     @Parameter(property = "embold.scanner.update", required = false)
     private final boolean emboldScannerUpdate = Boolean.TRUE;
 
-    @Component
+    /**
+     * @parameter default-value="${session}"
+     * @readonly
+     */
     MavenSession mavenSession;
 
     private static final String SEP = File.separator;
@@ -93,6 +108,9 @@ public void execute() throws MojoExecutionException {
                     FilenameUtils.normalize(topLevelProject.getBasedir() + File.separator + ".embold_data"),
                     emboldScannerLocation, emboldPublishPort, emboldScannerUpdate);
             scanner.scan(settings);
+            getLog().info("----------------------------------------------------------------------------");
+            getLog().info("Results published at: " + emboldHostUrl + ", " + repo);
+            getLog().info("----------------------------------------------------------------------------");
         } finally {
             Unirest.shutDown();
         }

src/test/java/io/embold/scan/mvn/EmboldAbstractMojoTestCase.java

@@ -21,8 +21,15 @@
 import org.eclipse.aether.internal.impl.SimpleLocalRepositoryManagerFactory;
 import org.eclipse.aether.repository.LocalRepository;
 
+
 public abstract class EmboldAbstractMojoTestCase extends AbstractMojoTestCase {
 
+    protected void setUp() throws Exception
+    {
+        // required for mojo lookups to work
+        super.setUp();
+    }
+
     protected MavenSession newMavenSession() {
         try {
             MavenExecutionRequest request = new DefaultMavenExecutionRequest();
@@ -76,23 +83,24 @@ protected Mojo lookupConfiguredMojo(File pom, String goal) throws Exception {
         ProjectBuildingRequest buildingRequest = newMavenSession().getProjectBuildingRequest();
         ProjectBuilder projectBuilder = lookup(ProjectBuilder.class);
         MavenProject project = projectBuilder.build(pom, buildingRequest).getProject();
-
-        return lookupConfiguredMojo(project, goal);
+        ScanMojo mojo = (ScanMojo) lookupConfiguredMojo(project, goal);
+        mojo.mavenSession = newMavenSession(project);
+        return mojo;
     }
 
     protected String emboldUrl() {
-        String url = System.getProperty("EMBOLD_URL");
+        String url = System.getProperty("embold.host.url");
         if(StringUtils.isEmpty(url)) {
-            url = System.getenv("EMBOLD_URL");
+            url = System.getenv("embold.host.url");
         }
 
         return url;
     }
 
     protected String emboldToken() {
-        String token = System.getProperty("EMBOLD_TOKEN");
+        String token = System.getProperty("embold.user.token");
         if(StringUtils.isEmpty(token)) {
-            token = System.getenv("EMBOLD_TOKEN");
+            token = System.getenv("embold.user.token");
         }
 
         return token;