1 files changed, 75 insertions, 25 deletions

diff --git a/spec/integration/java/maven_spec.rb b/spec/integration/java/maven_spec.rb
index 49ee82c..faa5fc1 100644
--- a/spec/integration/java/maven_spec.rb
+++ b/spec/integration/java/maven_spec.rb
@@ -4,32 +4,38 @@ RSpec.describe "maven" do
   include_examples "each report version", "java", "maven"
   include_examples "each report version", "java", "maven-multimodules"
 
-  describe "When the maven dependencies come from a custom public maven repository" do
-    it 'is able to detect some of the licenses' do
-      runner.add_file('pom.xml', fixture_file_content('java/pom-public-gitlab-repository.xml'))
-
-      report = runner.scan(env: {
-        'CI_PROJECT_ID' => '6130122'
-      })
+  context "when the maven dependencies come from the same projects public maven repository" do
+    subject { runner.scan(env: { 'CI_PROJECT_ID' => '6130122' }) }
 
-      expect(report).to match_schema
-      expect(report.dependency_names).to match_array(%w[example jaxb-api])
-      expect(report.licenses_for('example')).to match_array(['MIT'])
-      expect(report.licenses_for('jaxb-api')).to match_array(['GPL-2.0-only', 'cddl 1.1'])
+    before do
+      runner.mount(dir: fixture_file('java/maven/gitlab-repo'))
     end
 
-    it 'downloads packages from by using a custom `settings.xml`' do
-      runner.add_file('pom.xml', fixture_file_content('java/pom-public-gitlab-repository.xml'))
-      runner.add_file('my_settings.xml', fixture_file_content('java/custom-maven-settings.xml'))
+    it 'is able to detect some of the licenses' do
+      expect(subject).to match_schema
+      expect(subject.dependency_names).to match_array(%w[example jaxb-api])
+      expect(subject.licenses_for('example')).to match_array(['MIT'])
+      expect(subject.licenses_for('jaxb-api')).to match_array(['GPL-2.0-only', 'CDDL-1.1'])
+    end
+  end
 
-      report = runner.scan(env: {
+  context "when packages are sourced from an external package registry" do
+    subject do
+      runner.scan(env: {
         'CI_PROJECT_ID' => 'invalid',
-        'MAVEN_CLI_OPTS' => "--settings my_settings.xml"
+        'MAVEN_CLI_OPTS' => "--settings settings.xml"
       })
+    end
 
-      expect(report).to match_schema
-      expect(report[:dependencies]).to match_array([{ name: 'example', url: '', description: '', paths: ['.'], licenses: ['MIT'] },
-                                                    { description: '', licenses: ['GPL-2.0-only', 'cddl 1.1'], name: 'jaxb-api', paths: ['.'], url: '' }])
+    before do
+      runner.mount(dir: fixture_file('java/maven/external-gitlab-repo'))
+    end
+
+    it 'downloads packages from by using a custom `settings.xml`' do
+      expect(subject).to match_schema
+      expect(subject.dependency_names).to match_array(%w[example jaxb-api])
+      expect(subject.licenses_for('example')).to match_array(['MIT'])
+      expect(subject.licenses_for('jaxb-api')).to match_array(['GPL-2.0-only', 'CDDL-1.1'])
     end
   end
 
@@ -53,7 +59,7 @@ RSpec.describe "maven" do
 
   describe "When scanning a project with multiple modules" do
     before do
-      runner.mount(dir: fixture_file('java/maven-multimodule'))
+      runner.mount(dir: fixture_file('java/maven/multimodule'))
     end
 
     it 'detects dependences from each module' do
@@ -82,18 +88,21 @@ RSpec.describe "maven" do
     end
   end
 
-  context "when connecting to a custom package registry with a self signed certificate", environment: 'offline' do
-    let(:bundle) { fixture_file_content('java/maven.crt') }
-    let(:report) { runner.scan(env: { 'ADDITIONAL_CA_CERT_BUNDLE' => bundle, 'LOG_LEVEL' => 'debug' }) }
+  context "when connecting to a custom package registry with a self signed certificate" do
+    let(:report) { runner.scan(env: { 'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate('wildcard.test').read }) }
+    let(:private_maven_host) { 'maven.test' }
 
     before do
+      add_host('maven.test', '127.0.0.1')
+      start_proxy_server
+
       runner.add_file('pom.xml') do
-        fixture_file_content('java/pom-single.xml.erb', {
+        fixture_file_content('java/maven/pom-single.xml.erb', {
           group_id: 'com.fasterxml.jackson.core',
           artifact_id: 'jackson-core',
           version: '2.10.0',
           repository_id: 'custom',
-          repository_url: "https://#{private_maven_host}/artifactory/mvn-cache"
+          repository_url: "https://#{private_maven_host}/maven2"
         })
       end
     end
@@ -144,4 +153,45 @@ RSpec.describe "maven" do
       expect(output_file.read).to include('openjdk version "1.8.0_252"')
     end
   end
+
+  context "when scanning a project that depends on an older version of maven" do
+    subject { runner.scan }
+
+    before do
+      runner.mount(dir: fixture_file('java/maven/my-spring-app2'))
+    end
+
+    specify { expect(subject).to match_schema }
+    specify { expect(subject.dependency_names).to match_array(["asm", "asm-commons", "asm-tree", "barcodes", "classmate", "commons-fileupload", "commons-io", "commons-lang", "font-asian", "forms", "freemarker", "hibernate-validator", "hyph", "io", "jackson-annotations", "jackson-core", "jackson-databind", "jackson-datatype-jdk8", "jackson-datatype-jsr310", "jackson-module-parameter-names", "javassist", "javax.annotation-api", "jboss-logging", "jul-to-slf4j", "kernel", "layout", "log4j-api", "log4j-to-slf4j", "logback-classic", "logback-core", "ognl", "pdfa", "sign", "slf4j-api", "snakeyaml", "spring-aop", "spring-beans", "spring-boot", "spring-boot-autoconfigure", "spring-boot-starter", "spring-boot-starter-json", "spring-boot-starter-logging", "spring-boot-starter-tomcat", "spring-boot-starter-web", "spring-context", "spring-core", "spring-expression", "spring-jcl", "spring-web", "spring-webmvc", "struts2-core", "tomcat-embed-core", "tomcat-embed-el", "tomcat-embed-websocket", "validation-api", "xwork-core"]) }
+  end
+
+  [
+    { java: '8', maven: ['3.6.3', '3.5.4', '3.3.9', '3.2.5'] },
+    { java: '11', maven: ['3.6.3', '3.5.4', '3.3.9', '3.2.5'] }
+  ].each do |item|
+    item[:maven].each do |maven_version|
+      context "when using Java v#{item[:java]} with maven v#{maven_version}" do
+        let(:report) { runner.scan(env: env) }
+        let(:env) do
+          {
+            'LM_JAVA_VERSION' => item[:java],
+            'MAVEN_CLI_OPTS' => "--settings settings.xml"
+          }
+        end
+
+        before do
+          runner.mount(dir: fixture_file('java/maven/simple'))
+          runner.add_file('.mvn/wrapper/maven-wrapper.properties') do
+            "distributionUrl=https://repo1.maven.org/maven2/org/apache/maven/apache-maven/#{maven_version}/apache-maven-#{maven_version}-bin.zip"
+          end
+        end
+
+        specify do
+          expect(report).to match_schema
+          expect(report.dependency_names).to match_array(['netty-all'])
+          expect(report.licenses_for('netty-all')).to match_array(['Apache-2.0'])
+        end
+      end
+    end
+  end
 end