use gradle secure check

rjernst · May 21, 2020 · 7f0a45c · 7f0a45c
1 parent be159ec
commit 7f0a45c
Showing 1 changed file with 3 additions and 29 deletions.
diff --git a/buildSrc/src/main/java/org/elasticsearch/gradle/ElasticsearchJavaPlugin.java b/buildSrc/src/main/java/org/elasticsearch/gradle/ElasticsearchJavaPlugin.java
@@ -40,6 +40,7 @@
 import org.gradle.api.artifacts.repositories.ExclusiveContentRepository;
 import org.gradle.api.artifacts.repositories.IvyArtifactRepository;
 import org.gradle.api.artifacts.repositories.MavenArtifactRepository;
+import org.gradle.api.artifacts.repositories.UrlArtifactRepository;
 import org.gradle.api.file.FileCollection;
 import org.gradle.api.plugins.BasePlugin;
 import org.gradle.api.plugins.ExtraPropertiesExtension;
@@ -154,15 +155,8 @@ public static void configureConfigurations(Project project) {
     public static void configureRepositories(Project project) {
         // ensure all repositories use secure urls
         project.getRepositories().all(repository -> {
-            if (repository instanceof MavenArtifactRepository) {
-                final MavenArtifactRepository maven = (MavenArtifactRepository) repository;
-                assertRepositoryURIIsSecure(maven.getName(), project.getPath(), maven.getUrl());
-                for (URI uri : maven.getArtifactUrls()) {
-                    assertRepositoryURIIsSecure(maven.getName(), project.getPath(), uri);
-                }
-            } else if (repository instanceof IvyArtifactRepository) {
-                final IvyArtifactRepository ivy = (IvyArtifactRepository) repository;
-                assertRepositoryURIIsSecure(ivy.getName(), project.getPath(), ivy.getUrl());
+            if (repository instanceof UrlArtifactRepository) {
+                ((UrlArtifactRepository) repository).setAllowInsecureProtocol(false);
             }
         });
         RepositoryHandler repos = project.getRepositories();
@@ -195,26 +189,6 @@ public static void configureRepositories(Project project) {
         }
     }
 
-    private static final List<String> SECURE_URL_SCHEMES = Arrays.asList("file", "https", "s3");
-
-    private static void assertRepositoryURIIsSecure(final String repositoryName, final String projectPath, final URI uri) {
-        if (uri != null && SECURE_URL_SCHEMES.contains(uri.getScheme()) == false) {
-            String url;
-            try {
-                url = uri.toURL().toString();
-            } catch (MalformedURLException e) {
-                throw new IllegalStateException(e);
-            }
-            final String message = String.format(
-                Locale.ROOT,
-                "repository [%s] on project with path [%s] is not using a secure protocol for artifacts on [%s]",
-                repositoryName,
-                projectPath,
-                url);
-            throw new GradleException(message);
-        }
-    }
-
     /** Adds compiler settings to the project */
     public static void configureCompile(Project project) {
         project.getExtensions().getExtraProperties().set("compactProfile", "full");