forked from snyk/scala-woof
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbuild.gradle
122 lines (99 loc) · 3.33 KB
/
build.gradle
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
plugins {
id 'com.github.johnrengelman.shadow' version '2.0.4'
id 'de.undercouch.download' version '3.4.3'
id 'java'
id 'scala'
id 'application'
id 'distribution'
}
mainClassName = 'io.snyk.woof.server.WoofStartup'
dependencies {
compile 'org.scala-lang:scala-library:2.12.8'
compile 'com.datasift.dropwizard.scala:dropwizard-scala-core_2.12:1.3.7-1'
compile 'net.lingala.zip4j:zip4j:1.3.2'
compile 'io.dropwizard:dropwizard-assets:1.3.8'
compile 'io.dropwizard:dropwizard-core:1.3.8'
compile 'io.dropwizard:dropwizard-forms:1.3.8'
compile 'com.google.guava:guava:27.0.1-jre'
compile 'com.fasterxml.jackson.core:jackson-databind:2.9.6'
compile 'org.apache.httpcomponents:httpmime:4.5.7'
compile 'org.apache.httpcomponents:httpclient:4.5.7'
runtime 'javax.xml.bind:jaxb-api:2.2.12'
runtime 'com.sun.xml.bind:jaxb-core:2.3.0.1'
runtime 'com.sun.xml.bind:jaxb-impl:2.3.0.1'
runtime 'javax.activation:activation:1.1.1'
}
build.dependsOn shadowJar
distZip.dependsOn shadowJar
task fetchAgent(type: Download) {
src 'https://static.snyk.io/resources/runtime/agent/java/snyk-java-runtime-agent.zip'
dest buildDir
overwrite false
}
task unpackAgent(type: Copy) {
from zipTree("${buildDir}/snyk-java-runtime-agent.zip")
into "${buildDir}"
}
task writeConfig() {
doLast {
if (!project.hasProperty("projectId")) {
throw new InvalidUserDataException("\n\nYou must specify a project ID.\n\n" +
"Please run `snyk monitor`, collect the id from the results' settings page,\n" +
" then re-run `startWithAgent` using that ID.\n\n" +
"For example (you *must* change the projectId!):\n\n" +
" ./gradlew -PprojectId=4567901-2345-6789-0123-45678912345 startWithAgent")
}
def output = "projectId=${projectId}\n"
if (project.hasProperty("verbose") && Boolean.parseBoolean(String.valueOf(project.property("verbose")))) {
output += "logTo=stderr\n"
}
new File("${buildDir}/snyk-java-runtime-agent/snyk-agent.properties")
.text = output
}
outputs.upToDateWhen { false }
}
task start(type: JavaExec) {
classpath = sourceSets.main.runtimeClasspath
main = mainClassName
args('server')
}
task startWithAgent(type: JavaExec) {
classpath = sourceSets.main.runtimeClasspath
main = mainClassName
jvmArgs("-javaagent:${buildDir}/snyk-java-runtime-agent/snyk-java-runtime-agent.jar")
args('server')
}
task runExploit(type: JavaExec) {
classpath = sourceSets.main.runtimeClasspath
main = mainClassName
args('list-zip', "${projectDir}/zip-slip.zip")
doLast {
println ""
println ""
println "An exploit attempt has been made."
println ""
println "If your application is protected, then you should"
println " shortly see the warning on https://app.snyk.io/"
}
}
fetchAgent.dependsOn build
unpackAgent.dependsOn fetchAgent
writeConfig.dependsOn unpackAgent
start.dependsOn build
startWithAgent.dependsOn writeConfig
jar {
baseName = 'without-deps'
}
shadowJar {
mergeServiceFiles()
baseName = 'java-woof'
classifier = null
version = null
}
repositories {
mavenCentral()
jcenter()
}
wrapper {
gradleVersion = "4.10.3"
}