170 lines
5.9 KiB
Groovy
170 lines
5.9 KiB
Groovy
description = 'Builds the Machine Learning Java classes and UI'
|
|
|
|
import org.gradle.plugins.ide.eclipse.model.SourceFolder
|
|
import org.elasticsearch.gradle.precommit.LicenseHeadersTask
|
|
import org.elasticsearch.gradle.VersionProperties
|
|
import com.bettercloud.vault.Vault
|
|
import com.bettercloud.vault.VaultConfig
|
|
import com.bettercloud.vault.response.LogicalResponse
|
|
|
|
import java.nio.file.Files
|
|
import java.nio.file.attribute.PosixFilePermission
|
|
import java.nio.file.attribute.PosixFilePermissions
|
|
|
|
if (project.projectDir.name != 'prelert-legacy') {
|
|
throw new GradleException('You must checkout prelert-legacy in the following directory: <path to Elasticsearch checkout>/../elasticsearch-extra/prelert-legacy')
|
|
}
|
|
|
|
buildscript {
|
|
repositories {
|
|
mavenCentral()
|
|
}
|
|
dependencies {
|
|
classpath group: 'com.bettercloud', name: 'vault-java-driver', version:"1.1.0"
|
|
}
|
|
}
|
|
|
|
// Vault auth to get keys for access to cpp artifacts
|
|
|
|
// first need to get an authentication token with vault
|
|
File githubToken = project.file('github.token')
|
|
final String VAULT_URL = 'https://secrets.elastic.co:8200'
|
|
final String VAULT_ROLE_ID = "8e90dd88-5a8e-9c12-0da9-5439f293ff97"
|
|
final String VAULT_SECRET_ID = System.env.VAULT_SECRET_ID
|
|
String authBody = null
|
|
URL vaultUrl = null
|
|
if (githubToken.exists()) {
|
|
try {
|
|
Set<PosixFilePermission> perms = Files.getPosixFilePermissions(githubToken.toPath())
|
|
if (perms.equals(PosixFilePermissions.fromString("rw-------")) == false) {
|
|
throw new GradleException('github.token must have 600 permissions')
|
|
}
|
|
} catch (UnsupportedOperationException e) {
|
|
// Assume not on a POSIX file system
|
|
}
|
|
vaultUrl = new URL(VAULT_URL + '/v1/auth/github/login')
|
|
authBody = "{\"token\": \"${githubToken.getText('UTF-8').trim()}\"}"
|
|
} else if (VAULT_SECRET_ID != null) {
|
|
vaultUrl = new URL(VAULT_URL + '/v1/auth/approle/login')
|
|
authBody = "{\"role_id\": \"${VAULT_ROLE_ID}\", \"secret_id\": \"${VAULT_SECRET_ID}\"}"
|
|
} else {
|
|
throw new GradleException('Missing github.token file or VAULT_SECRET_ID environment variable, needed to authenticate with vault for secrets')
|
|
}
|
|
HttpURLConnection vaultConn = (HttpURLConnection) vaultUrl.openConnection()
|
|
vaultConn.setRequestProperty('Content-Type', 'application/json')
|
|
vaultConn.setRequestMethod('PUT')
|
|
vaultConn.setDoOutput(true)
|
|
vaultConn.outputStream.withWriter('UTF-8') { writer ->
|
|
writer.write(authBody)
|
|
}
|
|
vaultConn.connect()
|
|
Object authResponse = new groovy.json.JsonSlurper().parseText(vaultConn.content.text)
|
|
VaultConfig config = new VaultConfig(VAULT_URL, authResponse.auth.client_token)
|
|
Vault vault = new Vault(config)
|
|
LogicalResponse secret = vault.logical().read("aws-dev/creds/prelertartifacts")
|
|
String mlAwsAccessKey = secret.data.get('access_key')
|
|
String mlAwsSecretKey = secret.data.get('secret_key')
|
|
// Sleeping to give AWS a chance to propagate the credentials
|
|
sleep(3000)
|
|
|
|
String envCppLocalDists = System.env.CPP_LOCAL_DISTS
|
|
if (envCppLocalDists != null) {
|
|
project.ext.cppLocalDists = envCppLocalDists
|
|
} else if (project.hasProperty("CPP_LOCAL_DISTS")) {
|
|
project.ext.cppLocalDists = CPP_LOCAL_DISTS
|
|
} else {
|
|
project.ext.cppLocalDists = ''
|
|
}
|
|
|
|
allprojects {
|
|
group = 'org.elasticsearch.ml'
|
|
}
|
|
|
|
task bundlePack(type: Zip) {
|
|
onlyIf { project(':prelert-legacy:kibana').bundlePlugin.enabled }
|
|
dependsOn ':prelert-legacy:elasticsearch:bundlePlugin'
|
|
dependsOn ':prelert-legacy:kibana:bundlePlugin'
|
|
from { zipTree(project(':prelert-legacy:elasticsearch').bundlePlugin.outputs.files.singleFile) }
|
|
from { zipTree(project(':prelert-legacy:kibana').bundlePlugin.outputs.files.singleFile) }
|
|
destinationDir file('build/distributions')
|
|
baseName = 'ml'
|
|
version = VersionProperties.elasticsearch
|
|
}
|
|
|
|
subprojects {
|
|
plugins.withType(MavenPublishPlugin).whenPluginAdded {
|
|
publishing {
|
|
publications {
|
|
// add license information to generated poms
|
|
all {
|
|
pom.withXml { XmlProvider xml ->
|
|
Node node = xml.asNode()
|
|
|
|
Node license = node.appendNode('licenses').appendNode('license')
|
|
license.appendNode('name', 'Elastic Commercial Software End User License Agreement')
|
|
license.appendNode('url', 'https://www.elastic.co/eula/')
|
|
license.appendNode('distribution', 'repo')
|
|
|
|
Node developer = node.appendNode('developers').appendNode('developer')
|
|
developer.appendNode('name', 'Elastic')
|
|
developer.appendNode('url', 'http://www.elastic.co')
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
task assemble(dependsOn: bundlePack) {
|
|
group = 'Build'
|
|
description = 'Assembles the outputs of this project.'
|
|
}
|
|
|
|
task build(dependsOn: assemble) {
|
|
group = 'Build'
|
|
description = 'Assembles and tests this project.'
|
|
}
|
|
|
|
task test(dependsOn: [':prelert-legacy:elasticsearch:test', ':prelert-legacy:kibana:test']) {
|
|
group = 'Build'
|
|
description = 'Assembles and tests this project.'
|
|
}
|
|
|
|
task clean(type: Delete) {
|
|
group = 'Build'
|
|
description = 'Deletes the build directory'
|
|
delete 'build'
|
|
}
|
|
|
|
subprojects {
|
|
|
|
tasks.withType(LicenseHeadersTask.class) {
|
|
approvedLicenses = ['Elasticsearch Confidential']
|
|
additionalLicense 'ESCON', 'Elasticsearch Confidential', 'ELASTICSEARCH CONFIDENTIAL'
|
|
}
|
|
ext.projectSubstitutions += [ "org.elasticsearch.plugin:ml-api:${version}": ':prelert-legacy:elasticsearch' ]
|
|
}
|
|
|
|
allprojects {
|
|
repositories {
|
|
if (System.getProperty("repos.mavenlocal") != null) {
|
|
// with -Drepos.mavenlocal=true we can force checking the local .m2 repo which is useful for building against
|
|
// elasticsearch snapshots
|
|
mavenLocal()
|
|
}
|
|
maven {
|
|
url "s3://prelert-artifacts/maven"
|
|
credentials(AwsCredentials) {
|
|
accessKey "${mlAwsAccessKey}"
|
|
secretKey "${mlAwsSecretKey}"
|
|
}
|
|
}
|
|
mavenCentral()
|
|
maven {
|
|
name 'sonatype-snapshots'
|
|
url "https://oss.sonatype.org/content/repositories/snapshots/"
|
|
}
|
|
jcenter()
|
|
}
|
|
}
|