added gradle package finder (#114)

Signed-off-by: san-zrl <san@zurich.ibm.com>
IBM · Feb 7, 2025 · 13442ba · 13442ba
1 parent 6aec9c0
commit 13442ba
Show file tree

Hide file tree

Showing 7 changed files with 95 additions and 38 deletions.
diff --git a/pom.xml b/pom.xml
@@ -120,6 +120,11 @@
       <artifactId>maven-model</artifactId>
       <version>3.9.9</version>
     </dependency>
+    <dependency>
+      <groupId>dev.gradleplugins</groupId>
+      <artifactId>gradle-api</artifactId>
+      <version>7.6</version>
+    </dependency>
     <dependency>
       <groupId>org.tomlj</groupId>
       <artifactId>tomlj</artifactId>

diff --git a/src/main/java/com/ibm/usecases/scanning/processmanager/ScanProcessManager.java b/src/main/java/com/ibm/usecases/scanning/processmanager/ScanProcessManager.java
@@ -59,9 +59,10 @@
 import com.ibm.usecases.scanning.services.indexing.JavaIndexService;
 import com.ibm.usecases.scanning.services.indexing.ProjectModule;
 import com.ibm.usecases.scanning.services.indexing.PythonIndexService;
-import com.ibm.usecases.scanning.services.pkg.JavaPackageFinderService;
-import com.ibm.usecases.scanning.services.pkg.PythonPackageFinderService;
+import com.ibm.usecases.scanning.services.pkg.GradlePackageFinderService;
+import com.ibm.usecases.scanning.services.pkg.MavenPackageFinderService;
 import com.ibm.usecases.scanning.services.pkg.SetupPackageFinderService;
+import com.ibm.usecases.scanning.services.pkg.TomlPackageFinderService;
 import com.ibm.usecases.scanning.services.scan.ScanResultDTO;
 import com.ibm.usecases.scanning.services.scan.java.JavaScannerService;
 import com.ibm.usecases.scanning.services.scan.python.PythonScannerService;
@@ -224,13 +225,13 @@ private void handleSetPackageFolderCommand(@Nonnull IdentifyPackageFolderCommand
                 final PackageURL purl = optionalPackageURL.get();
 
                 Optional<Path> packagePath = Optional.empty();
-                // java
                 if (purl.getType().equals("maven")) {
-                    packagePath = new JavaPackageFinderService(dir).findPackage(purl);
-                    // TODO: find gradle package
-                    // python
+                    packagePath = new MavenPackageFinderService(dir).findPackage(purl);
+                    if (packagePath.isEmpty()) {
+                        packagePath = new GradlePackageFinderService(dir).findPackage(purl);
+                    }
                 } else if (purl.getType().equals("pypi")) {
-                    packagePath = new PythonPackageFinderService(dir).findPackage(purl);
+                    packagePath = new TomlPackageFinderService(dir).findPackage(purl);
                     if (packagePath.isEmpty()) {
                         packagePath = new SetupPackageFinderService(dir).findPackage(purl);
                     }

diff --git a/src/main/java/com/ibm/usecases/scanning/services/pkg/GradlePackageFinderService.java b/src/main/java/com/ibm/usecases/scanning/services/pkg/GradlePackageFinderService.java
@@ -0,0 +1,67 @@
+/*
+ * CBOMkit
+ * Copyright (C) 2025 IBM
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to you under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.ibm.usecases.scanning.services.pkg;
+
+import jakarta.annotation.Nonnull;
+import java.io.File;
+import java.nio.file.Path;
+import java.util.Optional;
+import org.gradle.api.Project;
+import org.gradle.api.publish.PublishingExtension;
+import org.gradle.api.publish.maven.MavenPublication;
+import org.gradle.tooling.GradleConnector;
+import org.gradle.tooling.ProjectConnection;
+
+public class GradlePackageFinderService extends PackageFinderService {
+    public GradlePackageFinderService(@Nonnull File rootFile) throws IllegalArgumentException {
+        super(rootFile);
+    }
+
+    @Override
+    public boolean isBuildFile(@Nonnull Path file) {
+        return file.endsWith("build.gradle") || file.endsWith("build.gradle.kts");
+    }
+
+    @Override
+    public Optional<String> getPackageName(@Nonnull Path buildFile) throws Exception {
+        try (ProjectConnection connection =
+                GradleConnector.newConnector()
+                        .forProjectDirectory(buildFile.toFile().getParentFile())
+                        .connect()) {
+
+            Project project = connection.getModel(Project.class);
+            PublishingExtension publishing =
+                    project.getExtensions().findByType(PublishingExtension.class);
+
+            if (publishing != null) {
+                String projectName =
+                        publishing.getPublications().withType(MavenPublication.class).stream()
+                                .findFirst()
+                                .map(MavenPublication::getArtifactId)
+                                .orElse(project.getName());
+                return Optional.ofNullable(projectName);
+            }
+
+            return Optional.ofNullable(project.getName());
+        } catch (RuntimeException rte) {
+            throw new Exception(rte);
+        }
+    }
+}
diff --git a/...ervices/pkg/JavaPackageFinderService.java → ...rvices/pkg/MavenPackageFinderService.java b/...ervices/pkg/JavaPackageFinderService.java → ...rvices/pkg/MavenPackageFinderService.java
@@ -22,17 +22,15 @@
 import jakarta.annotation.Nonnull;
 import java.io.File;
 import java.io.FileReader;
-import java.io.IOException;
 import java.nio.file.Path;
 import java.util.Optional;
 import org.apache.maven.model.Model;
 import org.apache.maven.model.io.xpp3.MavenXpp3Reader;
-import org.codehaus.plexus.util.xml.pull.XmlPullParserException;
 
-public class JavaPackageFinderService extends PackageFinderService {
+public class MavenPackageFinderService extends PackageFinderService {
     @Nonnull private final MavenXpp3Reader reader;
 
-    public JavaPackageFinderService(@Nonnull File rootFile) throws IllegalArgumentException {
+    public MavenPackageFinderService(@Nonnull File rootFile) throws IllegalArgumentException {
         super(rootFile);
         this.reader = new MavenXpp3Reader();
     }
@@ -43,12 +41,8 @@ public boolean isBuildFile(@Nonnull Path file) {
     }
 
     @Override
-    public Optional<String> getPackageName(@Nonnull Path buildFile) {
-        try {
-            final Model model = reader.read(new FileReader(buildFile.toFile()));
-            return Optional.ofNullable(model.getArtifactId());
-        } catch (IOException | XmlPullParserException e) {
-            return Optional.empty();
-        }
+    public Optional<String> getPackageName(@Nonnull Path buildFile) throws Exception {
+        final Model model = reader.read(new FileReader(buildFile.toFile()));
+        return Optional.ofNullable(model.getArtifactId());
     }
 }
diff --git a/src/main/java/com/ibm/usecases/scanning/services/pkg/PackageFinderService.java b/src/main/java/com/ibm/usecases/scanning/services/pkg/PackageFinderService.java
@@ -22,7 +22,6 @@
 import com.github.packageurl.PackageURL;
 import jakarta.annotation.Nonnull;
 import java.io.File;
-import java.io.IOException;
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.Paths;
@@ -46,7 +45,7 @@ protected PackageFinderService(@Nonnull File rootFile) throws IllegalArgumentExc
 
     @Nonnull
     public Optional<Path> findPackage(@Nonnull PackageURL purl) {
-        LOGGER.info("Trying to find package folder for purl {} in gir repository", purl);
+        LOGGER.info("Searching package folder for purl {}", purl);
         try (Stream<Path> walk = Files.walk(this.root)) {
             final List<Path> poms =
                     walk.filter(p -> !Files.isDirectory(p)).filter(this::isBuildFile).toList();
@@ -67,15 +66,13 @@ public Optional<Path> findPackage(@Nonnull PackageURL purl) {
                         pkgPath.equals(Paths.get("")) ? "<root>" : pkgPath);
                 return Optional.of(pkgPath);
             }
-        } catch (IOException e) {
-            LOGGER.warn("Package folder not found");
-            return Optional.empty();
+        } catch (Exception e) {
+            LOGGER.error("Failed to find package folder: " + e.getLocalizedMessage());
         }
-        LOGGER.warn("Package folder not found");
         return Optional.empty();
     }
 
     public abstract boolean isBuildFile(@Nonnull Path file);
 
-    public abstract Optional<String> getPackageName(@Nonnull Path buildFile);
+    public abstract Optional<String> getPackageName(@Nonnull Path buildFile) throws Exception;
 }
diff --git a/src/main/java/com/ibm/usecases/scanning/services/pkg/SetupPackageFinderService.java b/src/main/java/com/ibm/usecases/scanning/services/pkg/SetupPackageFinderService.java
@@ -54,7 +54,7 @@ public Optional<String> getPackageName(@Nonnull Path buildFile) {
     }
 
     @Nonnull
-    private Optional<String> findPackageNameUsingRegex(@Nonnull Path buildFile) {
+    private Optional<String> findPackageNameUsingRegex(@Nonnull Path buildFile) throws Exception {
         try (BufferedReader reader = new BufferedReader(new FileReader(buildFile.toFile()))) {
             final Pattern pattern = Pattern.compile("name\\s*=\\s*['\"]([^'\"]*)['\"]");
             String line;
@@ -65,8 +65,6 @@ private Optional<String> findPackageNameUsingRegex(@Nonnull Path buildFile) {
                     return Optional.ofNullable(matcher.group(1));
                 }
             }
-        } catch (Exception e) {
-            return Optional.empty();
         }
         return Optional.empty();
     }

diff --git a/...vices/pkg/PythonPackageFinderService.java → ...ervices/pkg/TomlPackageFinderService.java b/...vices/pkg/PythonPackageFinderService.java → ...ervices/pkg/TomlPackageFinderService.java
@@ -21,15 +21,14 @@
 
 import jakarta.annotation.Nonnull;
 import java.io.File;
-import java.io.IOException;
 import java.nio.file.Path;
 import java.util.Optional;
 import org.tomlj.Toml;
 import org.tomlj.TomlParseResult;
 
-public class PythonPackageFinderService extends PackageFinderService {
+public class TomlPackageFinderService extends PackageFinderService {
 
-    public PythonPackageFinderService(@Nonnull File rootFile) throws IllegalArgumentException {
+    public TomlPackageFinderService(@Nonnull File rootFile) throws IllegalArgumentException {
         super(rootFile);
     }
 
@@ -39,12 +38,8 @@ public boolean isBuildFile(@Nonnull Path file) {
     }
 
     @Override
-    public Optional<String> getPackageName(@Nonnull Path buildFile) {
-        try {
-            TomlParseResult result = Toml.parse(buildFile);
-            return Optional.ofNullable(result.getString(("project.name")));
-        } catch (IOException e) {
-            return Optional.empty();
-        }
+    public Optional<String> getPackageName(@Nonnull Path buildFile) throws Exception {
+        TomlParseResult result = Toml.parse(buildFile);
+        return Optional.ofNullable(result.getString("project.name"));
     }
 }