From df55a75654fc7e5af24ac19d22721539cf82348a Mon Sep 17 00:00:00 2001 From: Slawomir Jaranowski Date: Sun, 8 Jan 2023 18:53:29 +0100 Subject: [PATCH] [MENFORCER-447] RequireNoRepositories skip repositories defined in settings.xml Maven 4 model contains repositories defined in settings.xml As workaround we exclude repositories defined in settings.xml Add assertions also for positive IT tests --- .../enforcer/rules/RequireNoRepositories.java | 68 ++++++++++++++++++- .../rules/TestRequireNoRepositories.java | 38 +++++------ .../require-no-repositories/verify.groovy | 20 ++++++ .../require-no-repositories_mm/verify.groovy | 20 ++++++ .../verify.groovy | 20 ++++++ 5 files changed, 145 insertions(+), 21 deletions(-) create mode 100644 maven-enforcer-plugin/src/it/projects/require-no-repositories/verify.groovy create mode 100644 maven-enforcer-plugin/src/it/projects/require-no-repositories_mm/verify.groovy create mode 100644 maven-enforcer-plugin/src/it/projects/require-no-repositories_mm_ci/verify.groovy diff --git a/enforcer-rules/src/main/java/org/apache/maven/enforcer/rules/RequireNoRepositories.java b/enforcer-rules/src/main/java/org/apache/maven/enforcer/rules/RequireNoRepositories.java index 878f7c57..3a0fb360 100644 --- a/enforcer-rules/src/main/java/org/apache/maven/enforcer/rules/RequireNoRepositories.java +++ b/enforcer-rules/src/main/java/org/apache/maven/enforcer/rules/RequireNoRepositories.java @@ -22,15 +22,22 @@ import javax.inject.Named; import java.util.ArrayList; +import java.util.Collection; import java.util.Collections; import java.util.List; import java.util.Objects; +import java.util.Optional; +import java.util.function.Function; +import java.util.stream.Collectors; import org.apache.maven.enforcer.rule.api.EnforcerRuleException; import org.apache.maven.execution.MavenSession; import org.apache.maven.model.Model; import org.apache.maven.model.Repository; import org.apache.maven.project.MavenProject; +import org.apache.maven.project.ProjectBuildingRequest; +import org.apache.maven.settings.Profile; +import org.apache.maven.settings.RepositoryBase; import org.codehaus.plexus.util.StringUtils; /** @@ -62,14 +69,14 @@ public final class RequireNoRepositories extends AbstractStandardEnforcerRule { * * @see #setAllowedRepositories(List) */ - private List allowedRepositories = Collections.emptyList(); + private List allowedRepositories; /** * Specify explicitly allowed plugin repositories. This is a list of ids. * * @see #setAllowedPluginRepositories(List) */ - private List allowedPluginRepositories = Collections.emptyList(); + private List allowedPluginRepositories; /** * Whether to allow repositories which only resolve snapshots. By default they are banned. @@ -119,6 +126,30 @@ public void setAllowSnapshotPluginRepositories(boolean allowSnapshotPluginReposi @Override public void execute() throws EnforcerRuleException { + // Maven 4 Model contains repositories defined in settings.xml + // As workaround we exclude repositories defined in settings.xml + // https://issues.apache.org/jira/browse/MNG-7228 + if (banRepositories) { + Collection reposIdsFromSettings = getRepoIdsFromSettings(Profile::getRepositories); + if (!reposIdsFromSettings.isEmpty()) { + getLog().debug(() -> "Allow repositories from settings: " + reposIdsFromSettings); + } + + allowedRepositories = Optional.ofNullable(allowedRepositories).orElseGet(ArrayList::new); + allowedRepositories.addAll(reposIdsFromSettings); + } + + if (banPluginRepositories) { + Collection reposIdsFromSettings = getRepoIdsFromSettings(Profile::getPluginRepositories); + if (!reposIdsFromSettings.isEmpty()) { + getLog().debug(() -> "Allow plugin repositories from settings: " + reposIdsFromSettings); + } + + allowedPluginRepositories = + Optional.ofNullable(allowedPluginRepositories).orElseGet(ArrayList::new); + allowedPluginRepositories.addAll(reposIdsFromSettings); + } + List sortedProjects = session.getProjectDependencyGraph().getSortedProjects(); List models = new ArrayList<>(); @@ -171,6 +202,26 @@ public void execute() throws EnforcerRuleException { } } + private Collection getRepoIdsFromSettings( + Function> getRepositoriesFunc) { + + List activeProfileIds = Optional.ofNullable(session.getProjectBuildingRequest()) + .map(ProjectBuildingRequest::getActiveProfileIds) + .orElse(Collections.emptyList()); + + List inactiveProfileIds = Optional.ofNullable(session.getProjectBuildingRequest()) + .map(ProjectBuildingRequest::getInactiveProfileIds) + .orElse(Collections.emptyList()); + + return session.getSettings().getProfiles().stream() + .filter(p -> activeProfileIds.contains(p.getId())) + .filter(p -> !inactiveProfileIds.contains(p.getId())) + .map(getRepositoriesFunc) + .flatMap(Collection::stream) + .map(RepositoryBase::getId) + .collect(Collectors.toSet()); + } + /** * @param repos all repositories, never {@code null} * @param allowedRepos allowed repositories, never {@code null} @@ -195,4 +246,17 @@ private static List findBannedRepositories( } return bannedRepos; } + + @Override + public String toString() { + return String.format( + "RequireNoRepositories[banRepositories=%b, allowSnapshotRepositories=%b, allowedRepositories=%s, " + + "banPluginRepositories=%b, allowSnapshotPluginRepositories=%b, allowedPluginRepositories=%s]", + banRepositories, + allowSnapshotRepositories, + allowedRepositories, + banPluginRepositories, + allowSnapshotPluginRepositories, + allowedPluginRepositories); + } } diff --git a/enforcer-rules/src/test/java/org/apache/maven/enforcer/rules/TestRequireNoRepositories.java b/enforcer-rules/src/test/java/org/apache/maven/enforcer/rules/TestRequireNoRepositories.java index ca8cc70e..72d386a0 100644 --- a/enforcer-rules/src/test/java/org/apache/maven/enforcer/rules/TestRequireNoRepositories.java +++ b/enforcer-rules/src/test/java/org/apache/maven/enforcer/rules/TestRequireNoRepositories.java @@ -30,7 +30,7 @@ import org.apache.maven.model.Repository; import org.apache.maven.model.RepositoryPolicy; import org.apache.maven.project.MavenProject; -import org.codehaus.plexus.component.configurator.expression.ExpressionEvaluationException; +import org.apache.maven.settings.Settings; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; @@ -44,14 +44,14 @@ * @author Brett Porter * @author Karl Heinz Marbaise */ -public class TestRequireNoRepositories { +class TestRequireNoRepositories { private RequireNoRepositories rule; private MavenSession session; @BeforeEach - public void before() throws ExpressionEvaluationException { + void before() { session = mock(MavenSession.class); rule = new RequireNoRepositories(session); @@ -90,6 +90,7 @@ private void setupSortedProjects(List projectList) { ProjectDependencyGraph pdg = mock(ProjectDependencyGraph.class); when(session.getProjectDependencyGraph()).thenReturn(pdg); when(pdg.getSortedProjects()).thenReturn(projectList); + when(session.getSettings()).thenReturn(mock(Settings.class)); } private Repository createRepository(String id, String url) { @@ -160,7 +161,7 @@ private MavenProject addEmptyPluginRepository(MavenProject project) { * This model contains a single module maven project without any repository. */ @Test - public void testAllBannedNoRepositories() throws EnforcerRuleException { + void testAllBannedNoRepositories() throws EnforcerRuleException { MavenProject baseProject = createStandAloneProject(); setupSortedProjects(Collections.singletonList(baseProject)); @@ -171,7 +172,7 @@ public void testAllBannedNoRepositories() throws EnforcerRuleException { * The model contains a single repository which is is not allowed by the default rules. */ @Test - public void testAllBannedWithRepository() { + void testAllBannedWithRepository() { assertThrows(EnforcerRuleException.class, () -> { MavenProject baseProject = createStandAloneProject(); addRepository(baseProject, createRepository("repo", "http://example.com/repo")); @@ -185,7 +186,7 @@ public void testAllBannedWithRepository() { * The model contains a single plugin repository which is is not allowed by the default rules. */ @Test - public void testAllBannedWithPluginRepository() { + void testAllBannedWithPluginRepository() { assertThrows(EnforcerRuleException.class, () -> { MavenProject baseProject = createStandAloneProject(); addPluginRepository(baseProject, createRepository("repo", "http://example.com/repo")); @@ -199,7 +200,7 @@ public void testAllBannedWithPluginRepository() { * The model contains a single repository which is allowed by setting allowedRepositories to the id. */ @Test - public void testAllBannedWithAllowedRepositories() throws EnforcerRuleException { + void testAllBannedWithAllowedRepositories() throws EnforcerRuleException { final String repositoryId = "repo"; rule.setAllowedRepositories(Collections.singletonList(repositoryId)); @@ -214,7 +215,7 @@ public void testAllBannedWithAllowedRepositories() throws EnforcerRuleException * The model contains a single repository. Turned off ban repositories. */ @Test - public void testRepositoriesNotBannedWithSingleRepository() throws EnforcerRuleException { + void testRepositoriesNotBannedWithSingleRepository() throws EnforcerRuleException { final String repositoryId = "repo"; rule.setBanRepositories(false); @@ -230,7 +231,7 @@ public void testRepositoriesNotBannedWithSingleRepository() throws EnforcerRuleE * The model contains no repository at all. Turned off ban repositories. */ @Test - public void testRepositoriesNotBannedWithOutAnyRepository() throws EnforcerRuleException { + void testRepositoriesNotBannedWithOutAnyRepository() throws EnforcerRuleException { rule.setBanRepositories(false); MavenProject baseProject = createStandAloneProject(); @@ -244,7 +245,7 @@ public void testRepositoriesNotBannedWithOutAnyRepository() throws EnforcerRuleE * plugin repositories. */ @Test - public void testAllBannedWithAllowedPluginRepositories() throws EnforcerRuleException { + void testAllBannedWithAllowedPluginRepositories() throws EnforcerRuleException { final String repositoryId = "repo"; rule.setAllowedPluginRepositories(Collections.singletonList(repositoryId)); @@ -259,7 +260,7 @@ public void testAllBannedWithAllowedPluginRepositories() throws EnforcerRuleExce * The model contains a single plugin repository. Turned off ban plugin repositories. */ @Test - public void testPluginRepositoriesNotBannedWithSinglePluginRepository() throws EnforcerRuleException { + void testPluginRepositoriesNotBannedWithSinglePluginRepository() throws EnforcerRuleException { final String repositoryId = "repo"; rule.setBanPluginRepositories(false); @@ -275,7 +276,7 @@ public void testPluginRepositoriesNotBannedWithSinglePluginRepository() throws E * The model contains no repository at all. Turned off ban plugin repositories. */ @Test - public void testPluginRepositoriesNotBannedWithOutAnyRepository() throws EnforcerRuleException { + void testPluginRepositoriesNotBannedWithOutAnyRepository() throws EnforcerRuleException { rule.setBanPluginRepositories(false); MavenProject baseProject = createStandAloneProject(); @@ -285,7 +286,7 @@ public void testPluginRepositoriesNotBannedWithOutAnyRepository() throws Enforce } @Test - public void testAllBannedWithSnapshotRepository() { + void testAllBannedWithSnapshotRepository() { assertThrows(EnforcerRuleException.class, () -> { MavenProject baseProject = createStandAloneProject(); addRepository(baseProject, createSnapshotRepository("repo", "http://example.com/repo")); @@ -296,7 +297,7 @@ public void testAllBannedWithSnapshotRepository() { } @Test - public void testAllBannedWithSnapshotRepositoryAllowedRepositories() throws EnforcerRuleException { + void testAllBannedWithSnapshotRepositoryAllowedRepositories() throws EnforcerRuleException { final String repositoryId = "repo"; rule.setAllowedRepositories(Collections.singletonList(repositoryId)); @@ -308,7 +309,7 @@ public void testAllBannedWithSnapshotRepositoryAllowedRepositories() throws Enfo } @Test - public void testAllBannedWithSnapshotRepositoryAndSetAllowSnapshotRepositories() throws EnforcerRuleException { + void testAllBannedWithSnapshotRepositoryAndSetAllowSnapshotRepositories() throws EnforcerRuleException { final String repositoryId = "repo"; rule.setAllowSnapshotRepositories(true); @@ -320,8 +321,7 @@ public void testAllBannedWithSnapshotRepositoryAndSetAllowSnapshotRepositories() } @Test - public void testAllBannedWithSnapshotPluginRepositoryAndSetAllowSnapshotPluginRepositories() - throws EnforcerRuleException { + void testAllBannedWithSnapshotPluginRepositoryAndSetAllowSnapshotPluginRepositories() throws EnforcerRuleException { final String repositoryId = "repo"; rule.setAllowSnapshotPluginRepositories(true); @@ -333,7 +333,7 @@ public void testAllBannedWithSnapshotPluginRepositoryAndSetAllowSnapshotPluginRe } @Test - public void testAllBannedWithEmptyRepository() throws EnforcerRuleException { + void testAllBannedWithEmptyRepository() throws EnforcerRuleException { MavenProject baseProject = createStandAloneProject(); addEmptyRepository(baseProject); setupSortedProjects(Collections.singletonList(baseProject)); @@ -342,7 +342,7 @@ public void testAllBannedWithEmptyRepository() throws EnforcerRuleException { } @Test - public void testAllBannedWithEmptyPluginRepository() throws EnforcerRuleException { + void testAllBannedWithEmptyPluginRepository() throws EnforcerRuleException { MavenProject baseProject = createStandAloneProject(); addEmptyPluginRepository(baseProject); setupSortedProjects(Collections.singletonList(baseProject)); diff --git a/maven-enforcer-plugin/src/it/projects/require-no-repositories/verify.groovy b/maven-enforcer-plugin/src/it/projects/require-no-repositories/verify.groovy new file mode 100644 index 00000000..97cb89f4 --- /dev/null +++ b/maven-enforcer-plugin/src/it/projects/require-no-repositories/verify.groovy @@ -0,0 +1,20 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +File buildLog = new File( basedir, 'build.log' ) +assert buildLog.text.contains( '[INFO] Rule 0: org.apache.maven.enforcer.rules.RequireNoRepositories executed' ) diff --git a/maven-enforcer-plugin/src/it/projects/require-no-repositories_mm/verify.groovy b/maven-enforcer-plugin/src/it/projects/require-no-repositories_mm/verify.groovy new file mode 100644 index 00000000..97cb89f4 --- /dev/null +++ b/maven-enforcer-plugin/src/it/projects/require-no-repositories_mm/verify.groovy @@ -0,0 +1,20 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +File buildLog = new File( basedir, 'build.log' ) +assert buildLog.text.contains( '[INFO] Rule 0: org.apache.maven.enforcer.rules.RequireNoRepositories executed' ) diff --git a/maven-enforcer-plugin/src/it/projects/require-no-repositories_mm_ci/verify.groovy b/maven-enforcer-plugin/src/it/projects/require-no-repositories_mm_ci/verify.groovy new file mode 100644 index 00000000..97cb89f4 --- /dev/null +++ b/maven-enforcer-plugin/src/it/projects/require-no-repositories_mm_ci/verify.groovy @@ -0,0 +1,20 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +File buildLog = new File( basedir, 'build.log' ) +assert buildLog.text.contains( '[INFO] Rule 0: org.apache.maven.enforcer.rules.RequireNoRepositories executed' )