Can I create a Maven POM-only (BOM) build using the Gradle maven plugin to be deployed to Nexus?
I have a Gradle project which uses Spring\'s dependency management plugin to define a list of dependency versions. I am also using the Maven plugin to deploy the project to
-
Tha acdcjunior's answer can be improved a little. Dependencies in the
build.gradlecan by declared in the standarddependenciessection. Also, inpom.xmlof a BOM versions should be declared independencyManagementsection:plugins { id 'java-library' id 'maven-publish' } group = 'com.example' version = '1.0.0' repositories { mavenCentral() } dependencies { api 'org.apache.commons:commons-lang3:3.9' api 'org.postgresql:postgresql:42.2.11' } publishing { repositories { maven { url = "$nexusUrl" credentials { username = "$nexusUsername" password = "$nexusPassword" } } } publications { maven(MavenPublication) { groupId = "${project.group}" artifactId = "${project.name}" version = "${project.version}" pom.withXml { asNode().children().last() + { resolveStrategy = Closure.DELEGATE_FIRST name 'My BOM' description 'My Bill of Materials (BOM)' dependencyManagement { dependencies { project.configurations.each { conf -> conf.dependencies.each { dep -> dependency { groupId "${dep.group}" artifactId "${dep.name}" version "${dep.version}" } } } } } } } } } }The resulting
pom.xmlcan be published to Nexus with the command./gradlew clean build publish -ior to a local Maven repo (
~/.m2/repository)./gradlew clean build pTML -iThis notation is not only shorter but also allows processing dependencies. For example, perform vulnerabilities scanning using OWASP Dependency-Check plugin:
plugins { //... id 'org.owasp.dependencycheck' version '5.3.0' } dependencyCheck { failBuildOnCVSS = 9 //Critical Severity } check.dependsOn dependencyCheckAnalyze讨论(0) -
In Gradle 6+ versions, we can use Gradle Java Platform Plugin to publish a maven-bom without many configurations and scripting.
group 'test.platform.simple.bom' version '1.0.0-SNAPSHOT' repositories { maven { mavenCentral() } } apply plugin: 'java-platform' apply plugin: 'maven-publish' javaPlatform { allowDependencies() } dependencies { constraints { api 'cglib:cglib-nodep:3.2.4' api 'junit:junit:4.12' // runtime 'org.postgresql:postgresql:42.2.5' <-- runtime constraint // api project(":core") <-- constraint from local project // api platform('com.fasterxml.jackson:jackson-bom:2.9.8') <-- constraint from another platform } } publishing { publications { maven(MavenPublication) { from components.javaPlatform } } }Dependencies to be managed can be defined under dependencies as api or runtime constraints. Constraints can be utilized to manage dependencies from a local project as well as from another platform/bom. Please note that we need to configure a Maven publication that uses the javaPlatform component to get it published as a maven bom artifact.
讨论(0) -
You should consider that plugin which has a DSL to create BOMs the gradle way :
https://github.com/xvik/gradle-pom-plugin
Julien
讨论(0) -
You could have a
build.gradlesuch as:apply plugin: 'maven-publish' apply plugin: 'signing' publishing { repositories { maven { def releasesRepoUrl = "https://oss.sonatype.org/service/local/staging/deploy/maven2/" def snapshotsRepoUrl = "https://oss.sonatype.org/content/repositories/snapshots/" url = version.endsWith('SNAPSHOT') ? snapshotsRepoUrl : releasesRepoUrl credentials { username ossrhUsername password ossrhPassword } } } publications { maven(MavenPublication) { groupId = 'com.example.id' artifactId = 'my-artifact-id' version = '1.0.0' pom.withXml { asNode().children().last() + { resolveStrategy = Closure.DELEGATE_FIRST name 'My Lib Name' description 'My Lib Description' url 'https://example.com/id/lib' licenses { license { name 'The Apache License, Version 2.0' url 'http://www.apache.org/licenses/LICENSE-2.0.txt' } } scm { connection 'scm:git:git@example.com:acdcjunior/lib/id.git' developerConnection 'scm:git:git@example.com:acdcjunior/lib/id.git' url 'git@example.lib/id.git' } developers { developer { id 'someone' name 'Someone Name' email 'someone@example.com' } } dependencies { dependency { groupId 'com.example.other' artifactId 'some-dependency' version '1.0.0' } dependency { groupId 'org.apache.commons' artifactId 'commons-lang3' version '3.9' } } } } } } } signing { sign publishing.publications.maven }Example of a project using this: https://github.com/acdcjunior/domain-id/blob/master/domain-id-all/build.gradle
讨论(0)
加载中...
- 热议问题