diff --git a/buildSrc/src/main/java/org/springframework/security/convention/versions/VerifyDependenciesVersionsPlugin.java b/buildSrc/src/main/java/org/springframework/security/convention/versions/VerifyDependenciesVersionsPlugin.java index 2046941789..708e3a1c0e 100644 --- a/buildSrc/src/main/java/org/springframework/security/convention/versions/VerifyDependenciesVersionsPlugin.java +++ b/buildSrc/src/main/java/org/springframework/security/convention/versions/VerifyDependenciesVersionsPlugin.java @@ -21,50 +21,30 @@ import java.util.Collections; import java.util.List; import java.util.Map; import java.util.Set; -import java.util.function.Supplier; import java.util.stream.Collectors; +import org.gradle.api.DefaultTask; import org.gradle.api.Plugin; import org.gradle.api.Project; -import org.gradle.api.Task; import org.gradle.api.artifacts.Configuration; import org.gradle.api.artifacts.ModuleVersionIdentifier; +import org.gradle.api.plugins.JavaBasePlugin; +import org.gradle.api.tasks.TaskAction; import org.gradle.api.tasks.TaskProvider; public class VerifyDependenciesVersionsPlugin implements Plugin { @Override public void apply(Project project) { - TaskProvider provider = project.getTasks().register("verifyDependenciesVersions", (verifyDependenciesVersionsTask) -> { - verifyDependenciesVersionsTask.setGroup("Verification"); - verifyDependenciesVersionsTask.setDescription("Verify that specific dependencies are using the same version"); + TaskProvider verifyDependenciesVersionsTaskProvider = project.getTasks().register("verifyDependenciesVersions", VerifyDependenciesVersionsTask.class, (task) -> { + task.setGroup("Verification"); + task.setDescription("Verify that specific dependencies are using the same version"); List allConfigurations = new ArrayList<>(); allConfigurations.addAll(getConfigurations(project)); allConfigurations.addAll(getSubprojectsConfigurations(project.getSubprojects())); - verifyDependenciesVersionsTask.getInputs().property("dependenciesVersions", new DependencySupplier(allConfigurations)); - verifyDependenciesVersionsTask.doLast((task) -> { - DependencySupplier dependencies = (DependencySupplier) task.getInputs().getProperties().get("dependenciesVersions"); - Map> artifacts = dependencies.get(); - List oauth2OidcSdk = artifacts.get("oauth2-oidc-sdk"); - List nimbusJoseJwt = artifacts.get("nimbus-jose-jwt"); - if (oauth2OidcSdk.size() > 1) { - throw new IllegalStateException("Found multiple versions of oauth2-oidc-sdk: " + oauth2OidcSdk); - } - Artifact oauth2OidcSdkArtifact = oauth2OidcSdk.get(0); - String nimbusJoseJwtVersion = TransitiveDependencyLookupUtils.lookupJwtVersion(oauth2OidcSdkArtifact.version()); - List differentVersions = nimbusJoseJwt.stream() - .filter((artifact) -> !artifact.version().equals(nimbusJoseJwtVersion)) - .filter((artifact -> !artifact.configurationName().contains("spring-security-cas"))) // CAS uses a different version - .toList(); - if (!differentVersions.isEmpty()) { - String message = "Found transitive nimbus-jose-jwt version [" + nimbusJoseJwtVersion + "] in oauth2-oidc-sdk " + oauth2OidcSdkArtifact - + ", but the project contains a different version of nimbus-jose-jwt " + differentVersions - + ". Please align the versions of nimbus-jose-jwt."; - throw new IllegalStateException(message); - } - }); + task.setConfigurations(allConfigurations); }); - project.getTasks().getByName("build").dependsOn(provider); + project.getTasks().named(JavaBasePlugin.CHECK_TASK_NAME, checkTask -> checkTask.dependsOn(verifyDependenciesVersionsTaskProvider)); } private List getConfigurations(Project project) { @@ -86,20 +66,34 @@ public class VerifyDependenciesVersionsPlugin implements Plugin { return subprojectConfigurations; } - private record Artifact(String name, String version, String configurationName) { - } + public static class VerifyDependenciesVersionsTask extends DefaultTask { - private static final class DependencySupplier implements Supplier>> { + private List configurations; - private final List configurations; - - private DependencySupplier(List configurations) { + public void setConfigurations(List configurations) { this.configurations = configurations; } - @Override - public Map> get() { - return getDependencies(this.configurations); + @TaskAction + public void verify() { + Map> artifacts = getDependencies(this.configurations); + List oauth2OidcSdk = artifacts.get("oauth2-oidc-sdk"); + List nimbusJoseJwt = artifacts.get("nimbus-jose-jwt"); + if (oauth2OidcSdk.size() > 1) { + throw new IllegalStateException("Found multiple versions of oauth2-oidc-sdk: " + oauth2OidcSdk); + } + Artifact oauth2OidcSdkArtifact = oauth2OidcSdk.get(0); + String nimbusJoseJwtVersion = TransitiveDependencyLookupUtils.lookupJwtVersion(oauth2OidcSdkArtifact.version()); + List differentVersions = nimbusJoseJwt.stream() + .filter((artifact) -> !artifact.version().equals(nimbusJoseJwtVersion)) + .filter((artifact -> !artifact.configurationName().contains("spring-security-cas"))) // CAS uses a different version + .toList(); + if (!differentVersions.isEmpty()) { + String message = "Found transitive nimbus-jose-jwt version [" + nimbusJoseJwtVersion + "] in oauth2-oidc-sdk " + oauth2OidcSdkArtifact + + ", but the project contains a different version of nimbus-jose-jwt " + differentVersions + + ". Please align the versions of nimbus-jose-jwt."; + throw new IllegalStateException(message); + } } private Map> getDependencies(List configurations) { @@ -113,6 +107,10 @@ public class VerifyDependenciesVersionsPlugin implements Plugin { .distinct() .collect(Collectors.groupingBy(Artifact::name)); } + + } + + private record Artifact(String name, String version, String configurationName) { } }