Quick installation
Use the TrustSource Gradle plugin to transfer the dependencies of your Gradle project. Use the given example build.gradle file as a template, provide your security credentials and name your project.
To retrieve the TrustSource API key, login to the TrustSource web application. Goto profile settings by clicking the gear-icon in the navigation bar and copy one of your company’s API keys to your clipboard. Use this value inside the apiKey
string and enter your TrustSource username, probably your e-mail address, as a value for the userName
variable. Find a resonable project name and place it into the projectName
variable.
Then on the command line execute:
gradle ecsScan
// define the module coordinates for the gradle plugin buildscript { dependencies { classpath 'de.eacg:ecs-gradle-plugin:0.1.3' } repositories { mavenCentral() } } // apply the plugin to current project apply plugin: 'de.eacg.ecs.plugin.gradle' // configure the plugin ecsPlugin{ userName = 'LOGINNAME(e-mail) GOES HERE' apiKey = 'YOUR API KEY GOES HERE' projectName = 'THE NAME OF YOUR PROJECT'
baseUrl = 'https://app.trustsource.io' }
Use of a properties file
The gradle-plugin is able to read the TrustSource access credentials (userName, apiKey) from a properties file in json format. This allows sharing of the TrustSource credentials with other projects and also with other build tools.
properties file ‘ecs-settings.json’ in your home directory:
{ "userName": "email@yourdomain.com", "apiKey": "234434-fb9b-46f2-db84-ec3f57a46f2" }
Adjust the configuration of the gradle-plugin by specifying an additional credentials
variable in your build.gradle file. In the variable define the path to your properties file and the gradle-plugin will then read the properties from this file. The tilde, ‘~’, represents your user home directory, the dot, ‘.’ stands for the current working directory and forward slashes ‘/’ are used to separate sub-directories.
The modified build.gradle:
... ecsPlugin { credentials = '~/ecs-settings.json' } ...
Multi module projects
In a more complex gradle multi project setup, you may define the classpath for the plugin and the projects for which to execute the plugin in the root build.gradle file. Execute the plugin only for sub-projects which are the start point for your dependency tree.
Your root build.gradle may look like this:
Example multi project build.gradle file:
buildscript { dependencies { classpath 'de.eacg:ecs-gradle-plugin:0.1.3' } repositories { mavenCentral() } } ... project(':ecs-gradle-sample-depA') { apply plugin: 'de.eacg.ecs.plugin.gradle' ecsPlugin { credentials = '~/.ecsrc.json' } }
New incubating plugin mechanism introduced in Gradle 2.1
Since version 0.1.3 of the gradle-plugin, the new gradle plugin mechanism is supported. This mechanism provides a concise and convenient way to declare a plugin dependency. It works with the Gradle plugin portal to provide easy access to both core and community plugins. Since the gradle-plugin is a community plugin, the following declaration with fully qualified plugin id and version should be used.
Example declaration of plugin, new style:
plugins { id "de.eacg.ecsPlugin" version "0.1.3" }
There is no need to configure the buildscript classpath. Gradle will resolve the plugin in the plugin portal, locate it, and make it available to the build.
Unfortunately the new mechanism has some limitations at the moment (see Gradle Documentation). If the restrictions of the new syntax are prohibitive, the recommended approach is to apply plugins using the buildscript {} block.
Reference
All gradle configuration properties
- credentials
- Path to a json file, which holds ‘userName’ and ‘apiKey’ credentials. Use ‘~’ as shortcut to your home directory, and ‘.’ for the current working directory. A forward slash ‘/’ separates directories.
- Optional: default: apiKey and userName are expected to be set in the plugin configuration
- apiKey
- This key permits the access to ECS server. Create or retrieve the key from your profile settings of the ECS web application.
- Required, if not specified in credentials file.
- userName
- Identifies the initiator of the data transfer.
- Required, if not specified in credentials file.
- projectName
- For which project is the dependency information transferred.
- Optional: default: the value of the gradle
project.name
variable - configuration
- Gradle configuration for which to execute the dependency analysis (for example: ‘runtime’)
- Optional: default: ‘default’
- skip
- Set to true do disable the ecs-mvn-plugin.
- Optional: default: false
- skipTransfer
- Set to true to execute a dry run and do not transfer anything.Optional: default: false
verbose
Set to true to increase the output during execution of the pluginOptional: default: false
System requirements
- JDK
- 1.7 or later
- Gradle
- 2.0 or later
Comments
0 comments
Please sign in to leave a comment.