From 5b78b2070004daf1b6904dfec3ccfc7942af9ced Mon Sep 17 00:00:00 2001 From: Hritik Vijay Date: Tue, 21 Nov 2023 16:21:21 +0530 Subject: [PATCH] Add repotest for repos without broken mvn wrapper MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ; ../cdxgen/bin/cdxgen.js -p Executing '/Users/neo/contrib/appthreat/broken-mvn-wrapper/gs-spring-boot-main/complete/mvnw org.cyclonedx:cyclonedx-maven-plugin:2.7.10:makeAggregateBom -DoutputName=bom -DincludeTestScope=true -q' in /Users/neo/contrib/appthreat/broken-mvn-wrapper/gs-spring-boot-main/complete Fallback to executing /Users/neo/contrib/appthreat/broken-mvn-wrapper/gs-spring-boot-main/complete/mvnw dependency:tree -DoutputFile=/var/folders/l1/tbpy9vkn2151gnkf324c1bdm0000gr/T/cdxmvn-6HUFz0/mvn-tree.txt /Users/neo/contrib/appthreat/broken-mvn-wrapper/gs-spring-boot-main/complete/mvnw: line 1: unexpected EOF while looking for matching `'' /Users/neo/contrib/appthreat/broken-mvn-wrapper/gs-spring-boot-main/complete/mvnw: line 2: syntax error: unexpected end of file Resolve the above maven error. This could be due to the following: 1. Java version requirement: cdxgen container image bundles Java 20 with maven 3.9 which might be incompatible. 2. Private dependencies cannot be downloaded: Check if any additional arguments must be passed to maven and set them via MVN_ARGS environment variable. 3. Check if all required environment variables including any maven profile arguments are passed correctly to this tool. Falling back to manual pom.xml parsing. The result would be incomplete! ╔═══════════════════════════╤═════════════════════════════════════╤═══════════════════════════╤═════════════════╗ ║ Group │ Name │ Version │ Scope ║ ╚═══════════════════════════╧═════════════════════════════════════╧═══════════════════════════╧═════════════════╝ BOM includes 0 components and 0 dependencies ; (cd ../cdxgen; gh pr checkout 726) Previous HEAD position was 23a4902 Bump version Switched to branch 'master' Your branch is ahead of 'origin/master' by 1 commit. (use "git push" to publish your local commits) Already up to date. ../cdxgen/bin/cdxgen.js -p Executing 'mvn org.cyclonedx:cyclonedx-maven-plugin:2.7.10:makeAggregateBom -DoutputName=bom -DincludeTestScope=true -q' in /Users/neo/contrib/appthreat/broken-mvn-wrapper/gs-spring-boot-main/complete pkg:maven/com.example/spring-boot-complete@0.0.1-SNAPSHOT?type=jar ├── pkg:maven/org.springframework.boot/spring-boot-starter-actuator@3.1.4?type=jar │ ├── pkg:maven/io.micrometer/micrometer-core@1.11.4?type=jar │ │ ├── pkg:maven/io.micrometer/micrometer-commons@1.11.4?type=jar │ │ ├── pkg:maven/io.micrometer/micrometer-observation@1.11.4?type=jar └───└───└───└── pkg:maven/io.micrometer/micrometer-commons@1.11.4?type=jar │ │ ├── pkg:maven/org.hdrhistogram/HdrHistogram@2.1.12?type=jar └───└───└── pkg:maven/org.latencyutils/LatencyUtils@2.0.3?type=jar │ ├── pkg:maven/io.micrometer/micrometer-observation@1.11.4?type=jar Signed-off-by: Hritik Vijay --- .github/workflows/repotests.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/repotests.yml b/.github/workflows/repotests.yml index f7bbc6d017..327e7e724e 100644 --- a/.github/workflows/repotests.yml +++ b/.github/workflows/repotests.yml @@ -156,6 +156,10 @@ jobs: with: repository: 'googleprojectzero/Jackalope' path: 'repotests/Jackalope' + - uses: actions/checkout@v3 + with: + repository: 'hritik14/broken-mvn-wrapper' + path: 'repotests/broken-mvn-wrapper' - uses: dtolnay/rust-toolchain@stable - name: repotests run: | @@ -208,6 +212,7 @@ jobs: bin/cdxgen.js -p -r -t dotnet repotests/dotnet-paket -o bomresults/bom-dotnet-paket.json --validate bin/cdxgen.js -p -t python repotests/blint -o bomresults/bom-blint.json bin/cdxgen.js -p -t python repotests/blint -o bomresults/bom-blint-deep.json --deep + bin/cdxgen.js -p -t java repotests/broken-mvn-wrapper -o bomresults/bom-broken-mvn-wrapper.json ls -ltr bomresults shell: bash - name: jenkins plugins