OpenSearch/x-pack/plugin/security/cli/build.gradle

49 lines
1.6 KiB
Groovy

import de.thetaphi.forbiddenapis.gradle.CheckForbiddenApis
import org.elasticsearch.gradle.info.BuildParams
apply plugin: 'elasticsearch.build'
archivesBaseName = 'elasticsearch-security-cli'
dependencies {
compileOnly project(":server")
compileOnly project(path: xpackModule('core'), configuration: 'default')
api "org.bouncycastle:bcpkix-jdk15on:${versions.bouncycastle}"
api "org.bouncycastle:bcprov-jdk15on:${versions.bouncycastle}"
testImplementation('com.google.jimfs:jimfs:1.1') {
// this is provided by the runtime classpath, from the security project
exclude group: 'com.google.guava', module: 'guava'
}
testRuntimeOnly 'com.google.guava:guava:19.0'
testImplementation project(":test:framework")
testImplementation project(path: xpackModule('core'), configuration: 'testArtifacts')
}
tasks.named("dependencyLicenses").configure {
mapping from: /bc.*/, to: 'bouncycastle'
}
forbiddenPatterns {
exclude '**/*.p12'
exclude '**/*.jks'
}
thirdPartyAudit {
ignoreMissingClasses(
// Used in org.bouncycastle.pqc.crypto.qtesla.QTeslaKeyEncodingTests
'junit.framework.Assert',
'junit.framework.TestCase'
)
}
if (BuildParams.inFipsJvm) {
test.enabled = false
jarHell.enabled = false
testingConventions.enabled = false
// Forbiden APIs non-portable checks fail because bouncy castle classes being used from the FIPS JDK since those are
// not part of the Java specification - all of this is as designed, so we have to relax this check for FIPS.
tasks.withType(CheckForbiddenApis).configureEach {
bundledSignatures -= "jdk-non-portable"
}
}