From d2b0ab41e550e8113cd14ec551122121e9e4b8a8 Mon Sep 17 00:00:00 2001 From: mo khan Date: Wed, 20 May 2020 14:05:18 -0600 Subject: Compress using multiple threads --- config/install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/install.sh b/config/install.sh index e303910..ff8f0b7 100644 --- a/config/install.sh +++ b/config/install.sh @@ -159,7 +159,7 @@ rm -fr "$ASDF_DATA_DIR/docs" \ /var/lib/systemd/* \ /var/log/* -zstd_command="/usr/bin/zstd -19" +zstd_command="/usr/bin/zstd -19 -T0" cd /opt tar --use-compress-program "$zstd_command" -cf /opt/asdf.tar.zst asdf & -- cgit v1.2.3 From 703fdd64133163f6d8072f9917298e2b5db6b1e8 Mon Sep 17 00:00:00 2001 From: mo khan Date: Wed, 20 May 2020 15:55:53 -0600 Subject: Pass the `bower_ca` env variable to bower --- lib/license/finder/ext/bower.rb | 5 ++++- spec/integration/js/bower_spec.rb | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/lib/license/finder/ext/bower.rb b/lib/license/finder/ext/bower.rb index ccfa7ee..d288b05 100644 --- a/lib/license/finder/ext/bower.rb +++ b/lib/license/finder/ext/bower.rb @@ -48,7 +48,10 @@ module LicenseFinder def default_env return {} unless shell.custom_certificate_installed? - { 'NPM_CONFIG_CAFILE' => ENV.fetch('NPM_CONFIG_CAFILE', shell.custom_certificate_path.to_s) } + { + 'NPM_CONFIG_CAFILE' => ENV.fetch('NPM_CONFIG_CAFILE', shell.custom_certificate_path.to_s), + 'bower_ca' => ENV.fetch('bower_ca', shell.custom_certificate_path.to_s) + } end end end diff --git a/spec/integration/js/bower_spec.rb b/spec/integration/js/bower_spec.rb index 2127c2e..2fe2883 100644 --- a/spec/integration/js/bower_spec.rb +++ b/spec/integration/js/bower_spec.rb @@ -22,7 +22,7 @@ RSpec.describe "bower" do specify { expect(subject.licenses_for('stimulus.umd')).to match_array(['unknown']) } end - context "when scanning a bower project with a dependency from a custom registry" do + context "when scanning a bower project with a dependency from a custom npm registry" do subject { runner.scan(env: { 'ADDITIONAL_CA_CERT_BUNDLE' => fixture_file_content('js/custom-npm.crt') }) } before do -- cgit v1.2.3 From a399a38ca5abb8dbab7776b90bea5333e14582ed Mon Sep 17 00:00:00 2001 From: mo khan Date: Wed, 20 May 2020 15:56:37 -0600 Subject: Upload maven package to GL repo for testing --- .gitlab-ci.yml | 7 +++++ spec/fixtures/java/custom-maven-settings.xml | 2 +- spec/fixtures/java/example/pom.xml | 38 ++++++++++++++++++++++++++++ spec/fixtures/java/example/settings.xml | 15 +++++++++++ spec/integration/java/maven_spec.rb | 2 +- 5 files changed, 62 insertions(+), 2 deletions(-) create mode 100644 spec/fixtures/java/example/pom.xml create mode 100644 spec/fixtures/java/example/settings.xml diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index a6aa573..63c89d8 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -39,6 +39,13 @@ build commit: - docker image inspect $TMP_IMAGE --format='{{.Size}}' - docker push $TMP_IMAGE +build mvn: + image: maven:3.3.9-jdk-8 + stage: build + script: + - cd spec/fixtures/java/example/ && mvn deploy -s settings.xml + allow_failure: true + container_scanning: variables: CI_APPLICATION_REPOSITORY: $CI_REGISTRY_IMAGE/tmp # only predefined variables are parameter-expanded (no $TMP_IMAGE) diff --git a/spec/fixtures/java/custom-maven-settings.xml b/spec/fixtures/java/custom-maven-settings.xml index 4fa5d16..b7dbb1c 100644 --- a/spec/fixtures/java/custom-maven-settings.xml +++ b/spec/fixtures/java/custom-maven-settings.xml @@ -8,7 +8,7 @@ gitlab-maven - https://gitlab.com/api/v4/projects/17523603/packages/maven + https://gitlab.com/api/v4/projects/6130122/packages/maven diff --git a/spec/fixtures/java/example/pom.xml b/spec/fixtures/java/example/pom.xml new file mode 100644 index 0000000..30d9b03 --- /dev/null +++ b/spec/fixtures/java/example/pom.xml @@ -0,0 +1,38 @@ + + 4.0.0 + com.gitlab.secure + example + jar + 1.0 + example + http://maven.apache.org + + + MIT + + + + + junit + junit + 3.8.1 + test + + + + + gitlab-maven + https://gitlab.com/api/v4/projects/6130122/packages/maven + + + + + gitlab-maven + https://gitlab.com/api/v4/projects/6130122/packages/maven + + + gitlab-maven + https://gitlab.com/api/v4/projects/6130122/packages/maven + + + diff --git a/spec/fixtures/java/example/settings.xml b/spec/fixtures/java/example/settings.xml new file mode 100644 index 0000000..e84b931 --- /dev/null +++ b/spec/fixtures/java/example/settings.xml @@ -0,0 +1,15 @@ + + + + gitlab-maven + + + + Job-Token + ${env.CI_JOB_TOKEN} + + + + + + diff --git a/spec/integration/java/maven_spec.rb b/spec/integration/java/maven_spec.rb index f14e566..51f5f28 100644 --- a/spec/integration/java/maven_spec.rb +++ b/spec/integration/java/maven_spec.rb @@ -9,7 +9,7 @@ RSpec.describe "maven" do runner.add_file('pom.xml', fixture_file_content('java/pom-public-gitlab-repository.xml')) report = runner.scan(env: { - 'CI_PROJECT_ID' => '17523603' + 'CI_PROJECT_ID' => '6130122' }) expect(report).to match_schema(version: '2.0') -- cgit v1.2.3 From 0f29eb08625f21e241ee46196577c76c21fbe43f Mon Sep 17 00:00:00 2001 From: mo khan Date: Wed, 20 May 2020 16:08:58 -0600 Subject: Detect maven package from the same GL project --- spec/fixtures/java/pom-public-gitlab-repository.xml | 6 +++--- spec/integration/java/maven_spec.rb | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/spec/fixtures/java/pom-public-gitlab-repository.xml b/spec/fixtures/java/pom-public-gitlab-repository.xml index 4e57c79..c39e703 100644 --- a/spec/fixtures/java/pom-public-gitlab-repository.xml +++ b/spec/fixtures/java/pom-public-gitlab-repository.xml @@ -8,9 +8,9 @@ http://maven.apache.org - com.gitlab.xlgmokha - mvn-spike - 1.2-SNAPSHOT + com.gitlab.secure + example + 1.0 diff --git a/spec/integration/java/maven_spec.rb b/spec/integration/java/maven_spec.rb index 51f5f28..d45c99d 100644 --- a/spec/integration/java/maven_spec.rb +++ b/spec/integration/java/maven_spec.rb @@ -13,8 +13,8 @@ RSpec.describe "maven" do }) expect(report).to match_schema(version: '2.0') - expect(report.dependency_names).to match_array(['mvn-spike']) - expect(report.licenses_for('mvn-spike')).to match_array(['MIT']) + expect(report.dependency_names).to match_array(['example']) + expect(report.licenses_for('example')).to match_array(['MIT']) end it 'downloads packages from by using a custom `settings.xml`' do @@ -27,7 +27,7 @@ RSpec.describe "maven" do }) expect(report).to match_schema(version: '2.0') - expect(report[:dependencies]).to match_array([{ name: 'mvn-spike', url: '', description: '', paths: ['.'], licenses: ['MIT'] }]) + expect(report[:dependencies]).to match_array([{ name: 'example', url: '', description: '', paths: ['.'], licenses: ['MIT'] }]) end end -- cgit v1.2.3 From 03799b1b47575fbaa8d8026ae5a0f661536453d9 Mon Sep 17 00:00:00 2001 From: mo khan Date: Wed, 20 May 2020 16:13:50 -0600 Subject: Specify license of maven package --- spec/fixtures/java/example/pom.xml | 1 + 1 file changed, 1 insertion(+) diff --git a/spec/fixtures/java/example/pom.xml b/spec/fixtures/java/example/pom.xml index 30d9b03..b59f809 100644 --- a/spec/fixtures/java/example/pom.xml +++ b/spec/fixtures/java/example/pom.xml @@ -9,6 +9,7 @@ MIT + https://opensource.org/licenses/MIT -- cgit v1.2.3 From d018033cf5542bf35ff7e60d28806655f5ea83ed Mon Sep 17 00:00:00 2001 From: mo khan Date: Wed, 20 May 2020 20:50:48 -0600 Subject: Update CHANGELOG --- CHANGELOG.md | 4 ++++ Gemfile.lock | 2 +- lib/license/management/version.rb | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index a973158..30f15ee 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ # GitLab License management changelog +## v3.9.2 + +- Pass `bower_ca` to bower install step. (!151) + ## v3.9.1 - Add `--allow-root` option when install bower packages. (!150) diff --git a/Gemfile.lock b/Gemfile.lock index 4ba5c69..548dd1b 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,7 +1,7 @@ PATH remote: . specs: - license-management (3.9.1) + license-management (3.9.2) license_finder (~> 6.0.0) GEM diff --git a/lib/license/management/version.rb b/lib/license/management/version.rb index 0fe76f1..f3e2116 100644 --- a/lib/license/management/version.rb +++ b/lib/license/management/version.rb @@ -2,6 +2,6 @@ module License module Management - VERSION = '3.9.1' + VERSION = '3.9.2' end end -- cgit v1.2.3