Make deps check task run in CI/CD (#88)

A3a3e1 · web-flow · commit c7961159df1a · 2022-05-11T18:55:49.000+03:00
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -87,7 +87,7 @@ jobs:
             - ~/.gradle/wrapper
       - run:
           name: Audit Dependencies
-          command: ./gradlew dependencyCheckAnalyze
+          command: ./gradlew dependencyCheckAnalyze -PrunWithDependencyCheck
       - run:
           name: Run Unit Tests
           command: ./gradlew test --daemon
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,6 @@
+## 2.5.4 (May 11, 2022)
+* Made an automated vulnerability check run in CI/CD
+
 ## 2.5.3 (May 06, 2022)
 * Add an automated vulnerability check
 
diff --git a/build.gradle b/build.gradle
@@ -3,7 +3,18 @@ apply plugin: 'java'
 apply plugin: 'idea'
 apply plugin: 'eclipse'
 apply plugin: 'groovy'
-apply plugin: org.owasp.dependencycheck.gradle.DependencyCheckPlugin
+
+if (hasProperty('runWithDependencyCheck')) {
+    apply plugin: org.owasp.dependencycheck.gradle.DependencyCheckPlugin
+
+    check.dependsOn dependencyCheckAnalyze
+
+    dependencyCheck {
+        format = 'HTML'
+        failBuildOnCVSS = 7
+        suppressionFile='./dependencyCheck-suppression.xml'
+    }
+}
 
 sourceSets {
     integrationTest {
@@ -72,23 +83,12 @@ dependencies {
     testCompile 'org.spockframework:spock-core:1.1-groovy-2.4'
 }
 
-check.dependsOn dependencyCheckAnalyze
-
-dependencyCheck {
-    format = 'ALL'
-    // Dependency Check script will fail in case there are critical (9.0-10.0) vulnerabilities.
-    // It should be configured to 7 (high and critical), but so far is not possible as 'axis' library
-    // and log4j issues which does not have any updates that solve the problem
-    failBuildOnCVSS = 7
-    suppressionFile='./dependencyCheck-suppression.xml'
-}
-
 buildscript {
     repositories {
         mavenCentral()
     }
     dependencies {
-        classpath 'org.owasp:dependency-check-gradle:6.0.3'
+        classpath 'org.owasp:dependency-check-gradle:7.1.0.1'
     }
 }
 
diff --git a/component.json b/component.json
@@ -1,7 +1,7 @@
 {
   "title": "Database",
   "description": "Database JDBC connector",
-  "version": "2.5.3",
+  "version": "2.5.4",
   "credentials": {
     "verifier": "io.elastic.jdbc.JdbcCredentialsVerifier",
     "fields": {

Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"title": "Database",`
`3`	`3`	`"description": "Database JDBC connector",`
`4`		`- "version": "2.5.3",`
	`4`	`+ "version": "2.5.4",`
`5`	`5`	`"credentials": {`
`6`	`6`	`"verifier": "io.elastic.jdbc.JdbcCredentialsVerifier",`
`7`	`7`	`"fields": {`