Skip to content

Commit

Permalink
Merge pull request #217 from aloubyansky/sbom-log-trees-for
Browse files Browse the repository at this point in the history 
Support logging dependency trees to the terminal when generating mani…
  • Loading branch information
@aloubyansky
aloubyansky authored Mar 8, 2023
2 parents 280ccbf + 006b3d0 commit e52c62e
Show file tree
Hide file tree
Showing 8 changed files with 130 additions and 23 deletions.
45 changes: 41 additions & 4 deletions domino/api/src/main/java/io/quarkus/domino/LoggingDependencyTreeVisitor.java
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
package io.quarkus.domino;

import io.quarkus.devtools.messagewriter.MessageWriter;
import io.quarkus.maven.dependency.ArtifactCoords;

public class LoggingDependencyTreeVisitor implements DependencyTreeVisitor {

Expand All @@ -9,10 +10,20 @@ public class LoggingDependencyTreeVisitor implements DependencyTreeVisitor {
private final MessageWriter log;
private final boolean asComments;
private int level;
private boolean loggingEnabled;
private ArtifactSet logTreesFor;

public LoggingDependencyTreeVisitor(MessageWriter log, boolean asComments) {
public LoggingDependencyTreeVisitor(MessageWriter log, boolean asComments, String logTreesFor) {
this.log = log;
this.asComments = asComments;
if (logTreesFor != null) {
final ArtifactSet.Builder builder = ArtifactSet.builder();
final String[] arr = logTreesFor.split(",");
for (String s : arr) {
builder.include(s);
}
this.logTreesFor = builder.build();
}
}

@Override
Expand All @@ -25,20 +36,31 @@ public void afterAllRoots() {

@Override
public void enterRootArtifact(DependencyVisit visit) {
final ArtifactCoords coords = visit.getCoords();
loggingEnabled = logTreesFor == null || logTreesFor.contains(coords.getGroupId(), coords.getArtifactId(),
coords.getClassifier(), coords.getType(), coords.getVersion());
if (!loggingEnabled) {
return;
}
if (visit.isManaged()) {
logComment(visit.getCoords().toCompactCoords());
logComment(coords.toCompactCoords());
} else {
logComment(visit.getCoords().toCompactCoords() + NOT_MANAGED);
logComment(coords.toCompactCoords() + NOT_MANAGED);
}
}

@Override
public void leaveRootArtifact(DependencyVisit visit) {
logComment("");
if (loggingEnabled) {
logComment("");
}
}

@Override
public void enterDependency(DependencyVisit visit) {
if (!loggingEnabled) {
return;
}
++level;
final StringBuilder sb = new StringBuilder();
for (int i = 0; i < level; ++i) {
Expand All @@ -53,11 +75,17 @@ public void enterDependency(DependencyVisit visit) {

@Override
public void leaveDependency(DependencyVisit visit) {
if (!loggingEnabled) {
return;
}
--level;
}

@Override
public void enterParentPom(DependencyVisit visit) {
if (!loggingEnabled) {
return;
}
++level;
final StringBuilder sb = new StringBuilder();
for (int i = 0; i < level; ++i) {
Expand All @@ -69,11 +97,17 @@ public void enterParentPom(DependencyVisit visit) {

@Override
public void leaveParentPom(DependencyVisit visit) {
if (!loggingEnabled) {
return;
}
--level;
}

@Override
public void enterBomImport(DependencyVisit visit) {
if (!loggingEnabled) {
return;
}
++level;
final StringBuilder sb = new StringBuilder();
for (int i = 0; i < level; ++i) {
Expand All @@ -85,6 +119,9 @@ public void enterBomImport(DependencyVisit visit) {

@Override
public void leaveBomImport(DependencyVisit visit) {
if (!loggingEnabled) {
return;
}
--level;
}

Expand Down
9 changes: 9 additions & 0 deletions domino/api/src/main/java/io/quarkus/domino/ProjectDependencyConfig.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,6 +87,13 @@ public interface ProjectDependencyConfig {
*/
boolean isLogTrees();

/**
* Comma-separated list of artifacts to log dependency trees for.
*
* @return comma-separated list of artifacts to log dependency trees for
*/
String getLogTreesFor();

/**
* Whether to log the coordinates of the artifacts below the depth specified. The default is false.
*
Expand Down Expand Up @@ -257,6 +264,8 @@ default Mutable setExcludeKeys(Set<ArtifactKey> artifactKeys) {

Mutable setLogTrees(boolean logTrees);

Mutable setLogTreesFor(String logTreesFor);

Mutable setLogRemaining(boolean logRemaining);

Mutable setLogSummary(boolean logSummary);
Expand Down
20 changes: 20 additions & 0 deletions domino/api/src/main/java/io/quarkus/domino/ProjectDependencyConfigImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ public class ProjectDependencyConfigImpl implements ProjectDependencyConfig {
private final boolean logArtifactsToBuild;
private final boolean logModulesToBuild;
private final boolean logTrees;
private final String logTreesFor;
private final boolean logRemaining;
private final boolean logSummary;
private final boolean logNonManagedVisited;
Expand Down Expand Up @@ -55,6 +56,7 @@ private ProjectDependencyConfigImpl(ProjectDependencyConfig other) {
logArtifactsToBuild = other.isLogArtifactsToBuild();
logModulesToBuild = other.isLogModulesToBuild();
logTrees = other.isLogTrees();
logTreesFor = other.getLogTreesFor();
logRemaining = other.isLogRemaining();
logSummary = other.isLogSummary();
logNonManagedVisited = other.isLogNonManagedVisitied();
Expand Down Expand Up @@ -136,6 +138,11 @@ public boolean isLogTrees() {
return logTrees;
}

@Override
public String getLogTreesFor() {
return logTreesFor;
}

@Override
public boolean isLogRemaining() {
return logRemaining;
Expand Down Expand Up @@ -225,6 +232,7 @@ static class Builder implements ProjectDependencyConfig.Mutable {
private boolean logArtifactsToBuild;
private boolean logModulesToBuild;
private boolean logTrees;
private String logTreesFor;
private boolean logRemaining;
private boolean logSummary;
private boolean logNonManagedVisited;
Expand Down Expand Up @@ -257,6 +265,7 @@ static class Builder implements ProjectDependencyConfig.Mutable {
logArtifactsToBuild = other.isLogArtifactsToBuild();
logModulesToBuild = other.isLogModulesToBuild();
logTrees = other.isLogTrees();
logTreesFor = other.getLogTreesFor();
logRemaining = other.isLogRemaining();
logSummary = other.isLogSummary();
logNonManagedVisited = other.isLogNonManagedVisitied();
Expand Down Expand Up @@ -342,6 +351,11 @@ public boolean isLogTrees() {
return logTrees;
}

@Override
public String getLogTreesFor() {
return logTreesFor;
}

@Override
public boolean isLogRemaining() {
return logRemaining;
Expand Down Expand Up @@ -503,6 +517,12 @@ public Mutable setLogTrees(boolean logTrees) {
return this;
}

@Override
public Mutable setLogTreesFor(String logTreesFor) {
this.logTreesFor = logTreesFor;
return this;
}

@Override
public Mutable setLogRemaining(boolean logRemaining) {
this.logRemaining = logRemaining;
Expand Down
15 changes: 7 additions & 8 deletions domino/api/src/main/java/io/quarkus/domino/ProjectDependencyResolver.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,6 @@
import org.apache.maven.model.Profile;
import org.eclipse.aether.artifact.Artifact;
import org.eclipse.aether.artifact.DefaultArtifact;
import org.eclipse.aether.collection.CollectRequest;
import org.eclipse.aether.graph.Dependency;
import org.eclipse.aether.graph.DependencyNode;
import org.eclipse.aether.repository.RemoteRepository;
Expand Down Expand Up @@ -230,10 +229,10 @@ private ProjectDependencyResolver(Builder builder) {
includeSet = new ArrayList<>(config.getIncludeArtifacts().size() + config.getIncludePatterns().size());
config.getIncludePatterns().forEach(p -> includeSet.add(toPattern(p)));
config.getIncludeArtifacts().forEach(c -> includeSet.add(toPattern(c)));
if (config.isLogTrees()) {
if (config.isLogTrees() || config.getLogTreesFor() != null) {
treeVisitors = new ArrayList<>(builder.visitors.size() + 1);
treeVisitors.addAll(builder.visitors);
treeVisitors.add(new LoggingDependencyTreeVisitor(getOutput(), true));
treeVisitors.add(new LoggingDependencyTreeVisitor(getOutput(), true, config.getLogTreesFor()));
} else {
treeVisitors = builder.visitors;
}
Expand Down Expand Up @@ -488,6 +487,7 @@ protected Iterable<ArtifactCoords> getProjectArtifacts() {
}

private void processRootArtifact(ArtifactCoords rootArtifact, List<Dependency> managedDeps) {

final DependencyNode root = collectDependencies(rootArtifact, managedDeps);
if (root == null) {
// couldn't be resolved
Expand All @@ -500,6 +500,7 @@ private void processRootArtifact(ArtifactCoords rootArtifact, List<Dependency> m
} catch (Exception e) {
throw new RuntimeException("Failed to process " + rootArtifact, e);
}

if (resolved != null) {
for (DependencyTreeVisitor v : treeVisitors) {
v.enterRootArtifact(resolved);
Expand Down Expand Up @@ -531,13 +532,11 @@ private DependencyNode collectDependencies(ArtifactCoords coords, List<Dependenc
if (root != null) {
return root;
}

try {
final Artifact a = toAetherArtifact(coords);
root = resolver.getSystem().collectDependencies(resolver.getSession(), new CollectRequest()
.setManagedDependencies(managedDeps)
.setRepositories(resolver.getRepositories())
.setRoot(new Dependency(a, JavaScopes.RUNTIME)))
.getRoot();
root = resolver.collectManagedDependencies(a, List.of(), managedDeps, List.of(), List.of(), JavaScopes.PROVIDED,
JavaScopes.TEST).getRoot();
// if the dependencies are not found, make sure the artifact actually exists
if (root.getChildren().isEmpty()) {
resolver.resolve(a);
Expand Down
2 changes: 1 addition & 1 deletion domino/api/src/main/java/io/quarkus/domino/manifest/PncSbomTransformer.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ public class PncSbomTransformer implements SbomTransformer {

@Override
public Bom transform(SbomTransformContext ctx) {
log.info("Adding PNC build info to the manifest");
log.debug("Adding PNC build info to the manifest");
final Bom bom = ctx.getOriginalBom();
if (bom.getComponents() == null) {
return bom;
Expand Down
16 changes: 12 additions & 4 deletions domino/app/src/main/java/io/quarkus/domino/cli/BaseDepsToBuildCommand.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,10 @@ public abstract class BaseDepsToBuildCommand implements Callable<Integer> {
"--log-trees" }, description = "Whether to log the dependency trees walked down to the depth specified. The default is false.")
public boolean logTrees;

@CommandLine.Option(names = {
"--log-trees-for" }, description = "Comma-separate list of artifacts to log dependency trees for")
public String logTreesFor;

@CommandLine.Option(names = {
"--log-remaining" }, description = "Whether to log the coordinates of the artifacts below the depth specified. The default is false.")
public boolean logRemaining;
Expand Down Expand Up @@ -155,17 +159,20 @@ public Integer call() throws Exception {
if (exportTo != null) {
config.persist(exportTo.toPath());
} else {
final ProjectDependencyResolver dependencyResolver = ProjectDependencyResolver.builder()
final ProjectDependencyResolver.Builder resolverBuilder = ProjectDependencyResolver.builder()
.setLogOutputFile(outputFile == null ? null : outputFile.toPath())
.setAppendOutput(appendOutput)
.setDependencyConfig(config)
.setArtifactResolver(getArtifactResolver())
.build();
return process(dependencyResolver);
.setArtifactResolver(getArtifactResolver());
initResolver(resolverBuilder);
return process(resolverBuilder.build());
}
return CommandLine.ExitCode.OK;
}

protected void initResolver(ProjectDependencyResolver.Builder resolverBuilder) {
}

protected void initConfig(ProjectDependencyConfig.Mutable config) {
if (bom != null) {
config.setProjectBom(ArtifactCoords.fromString(bom));
Expand Down Expand Up @@ -232,6 +239,7 @@ protected void initConfig(ProjectDependencyConfig.Mutable config) {
.setIncludeKeys(Set.of()) // TODO
.setLevel(level)
.setLogArtifactsToBuild(logArtifactsToBuild)
.setLogTreesFor(logTreesFor)
.setLogCodeRepoTree(logCodeRepoGraph)
.setLogCodeRepos(logCodeRepos)
.setLogModulesToBuild(logModulesToBuild)
Expand Down
23 changes: 22 additions & 1 deletion domino/app/src/main/java/io/quarkus/domino/cli/Report.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,14 +3,20 @@
import io.quarkus.domino.ProjectDependencyConfig;
import io.quarkus.domino.ProjectDependencyResolver;
import io.quarkus.domino.manifest.ManifestGenerator;
import io.quarkus.domino.manifest.SbomGeneratingDependencyVisitor;
import picocli.CommandLine;

@CommandLine.Command(name = "report")
public class Report extends BaseDepsToBuildCommand {

@CommandLine.Option(names = { "--manifest" }, description = "Generate an SBOM", defaultValue = "false")
@CommandLine.Option(names = {
"--manifest" }, description = "Generate an SBOM with dependency trees", defaultValue = "false")
public boolean manifest;

@CommandLine.Option(names = {
"--flat-manifest" }, description = "Generate an SBOM without dependency tree information", defaultValue = "false")
public boolean flatManifest;

@Override
protected void initConfig(ProjectDependencyConfig.Mutable config) {
super.initConfig(config);
Expand All @@ -19,9 +25,24 @@ protected void initConfig(ProjectDependencyConfig.Mutable config) {
}
}

@Override
protected void initResolver(ProjectDependencyResolver.Builder resolverBuilder) {
super.initResolver(resolverBuilder);
if (manifest || flatManifest) {
resolverBuilder.setLogOutputFile(null);
}
if (manifest) {
resolverBuilder.addDependencyTreeVisitor(
new SbomGeneratingDependencyVisitor(getArtifactResolver(),
outputFile == null ? null : outputFile.toPath()));
}
}

@Override
protected Integer process(ProjectDependencyResolver depResolver) {
if (manifest) {
depResolver.resolveDependencies();
} else if (flatManifest) {
ManifestGenerator.builder()
.setArtifactResolver(getArtifactResolver())
.setOutputFile(outputFile == null ? null : this.outputFile.toPath())
Expand Down
Loading

0 comments on commit e52c62e

Please sign in to comment.