use of org.eclipse.dash.licenses.cli.NeedsReviewCollector in project dash-licenses by eclipse.
the class LicenseCheckMojo method execute.
@Override
public void execute() throws MojoExecutionException, MojoFailureException {
// top-level reactor project and avoids duplicate invokations
if (!mavenSession.getCurrentProject().equals(mavenSession.getTopLevelProject())) {
return;
}
if (skip) {
getLog().info("Skipping dependency license check");
return;
}
// Validate the user-given dash license tool settings
ISettings settings;
try {
settings = new MavenSettings(batch, foundationApi, clearlyDefinedApi, licenses, confidence, projectId, iplabToken);
} catch (IllegalArgumentException e) {
throw new MojoExecutionException("Invalid setting: " + e.getMessage());
}
// Get filtered list of project dependencies for all modules in the reactor
Set<Artifact> filteredArtifacts = new HashSet<>();
for (MavenProject project : reactorProjects) {
filteredArtifacts.addAll(filterArtifacts(project.getArtifacts()));
}
if (getLog().isDebugEnabled()) {
getLog().debug("Filtered dependency artifact list:");
filteredArtifacts.stream().sorted().map(a -> " " + a).forEach(getLog()::debug);
}
// Adapt dependency artifacts to dash content IDs
List<IContentId> deps = new ArrayList<>();
filteredArtifacts.stream().sorted().forEach(a -> {
String type = a.getGroupId().startsWith(TychoConstants.P2_GROUPID_PREFIX) ? "p2" : "maven";
// TODO deps are not necessarily from orbit or maven central
String source = a.getGroupId().startsWith(TychoConstants.P2_GROUPID_PREFIX) ? "orbit" : "mavencentral";
// TODO could get duplicates here if two artifact coords differ only by
// classifier
deps.add(ContentId.getContentId(type, source, a.getGroupId(), a.getArtifactId(), a.getVersion()));
});
List<IResultsCollector> collectors = new ArrayList<>();
// This collector generates feedback for the user that the command line tool
// would always print to stdout, so we collect the output in memory for printing
// to the maven log later
ByteArrayOutputStream primaryOut = new ByteArrayOutputStream();
NeedsReviewCollector needsReviewCollector = new NeedsReviewCollector();
collectors.add(needsReviewCollector);
Injector injector = Guice.createInjector(new LicenseToolModule(settings, createProxySettings()));
LicenseChecker checker = injector.getInstance(LicenseChecker.class);
summary.getParentFile().mkdirs();
reviewSummary.getParentFile().mkdirs();
try (OutputStream summaryOut = new FileOutputStream(summary);
PrintWriter reviewSummaryOut = new PrintWriter(new FileWriter(reviewSummary))) {
collectors.add(new CSVCollector(summaryOut));
if (iplabToken != null && projectId != null) {
collectors.add(new CreateReviewRequestCollector(injector.getInstance(GitLabSupport.class), (id, url) -> reviewSummaryOut.println("[" + id + "](" + url + ")")));
} else if (iplabToken != null) {
getLog().info("Provide both an authentication token and a project id to automatically create review tickets.");
}
for (LicenseData licenseData : checker.getLicenseData(deps).values()) {
collectors.forEach(c -> c.accept(licenseData));
}
collectors.forEach(IResultsCollector::close);
} catch (IOException e) {
throw new MojoExecutionException("Can't write dependency summary file", e);
}
// Pass the output from the collectors to the maven log
primaryOut.toString(StandardCharsets.UTF_8).lines().forEach(getLog()::info);
getLog().info("Summary file was written to: " + summary);
if (failWhenReviewNeeded && needsReviewCollector.getStatus() > 0) {
getLog().error("Dependency license check failed. Some dependencies need to be vetted.");
throw new MojoFailureException("Some dependencies must be vetted.");
}
}
Aggregations