Can I create a Maven POM-only (BOM) build using the Gradle maven plugin to be deployed to Nexus?
I have a Gradle project which uses Spring\'s dependency management plugin to define a list of dependency versions. I am also using the Maven plugin to deploy the project to
-
Tha acdcjunior's answer can be improved a little. Dependencies in the
build.gradlecan by declared in the standarddependenciessection. Also, inpom.xmlof a BOM versions should be declared independencyManagementsection:plugins { id 'java-library' id 'maven-publish' } group = 'com.example' version = '1.0.0' repositories { mavenCentral() } dependencies { api 'org.apache.commons:commons-lang3:3.9' api 'org.postgresql:postgresql:42.2.11' } publishing { repositories { maven { url = "$nexusUrl" credentials { username = "$nexusUsername" password = "$nexusPassword" } } } publications { maven(MavenPublication) { groupId = "${project.group}" artifactId = "${project.name}" version = "${project.version}" pom.withXml { asNode().children().last() + { resolveStrategy = Closure.DELEGATE_FIRST name 'My BOM' description 'My Bill of Materials (BOM)' dependencyManagement { dependencies { project.configurations.each { conf -> conf.dependencies.each { dep -> dependency { groupId "${dep.group}" artifactId "${dep.name}" version "${dep.version}" } } } } } } } } } }The resulting
pom.xmlcan be published to Nexus with the command./gradlew clean build publish -ior to a local Maven repo (
~/.m2/repository)./gradlew clean build pTML -iThis notation is not only shorter but also allows processing dependencies. For example, perform vulnerabilities scanning using OWASP Dependency-Check plugin:
plugins { //... id 'org.owasp.dependencycheck' version '5.3.0' } dependencyCheck { failBuildOnCVSS = 9 //Critical Severity } check.dependsOn dependencyCheckAnalyze
加载中...
- 热议问题