This is an automated email from the ASF dual-hosted git repository.
hboutemy pushed a commit to branch MARTIFACT-81
in repository https://gitbox.apache.org/repos/asf/maven-artifact-plugin.git
commit a95b2d2304e2d165f8259f087422e69ed6f227cc
Author: Hervé Boutemy <hbout...@apache.org>
AuthorDate: Fri Nov 22 07:59:14 2024 +0100
[MARTIFACT-81] add reproducible-central report
---
pom.xml | 21 ++++
.../buildinfo/ReproducibleCentralReport.java | 125 +++++++++++++++++++++
src/site/apt/index.apt.vm | 6 +-
3 files changed, 150 insertions(+), 2 deletions(-)
diff --git a/pom.xml b/pom.xml
index 69990c4..c394097 100644
--- a/pom.xml
+++ b/pom.xml
@@ -62,6 +62,7 @@
<properties>
<mavenVersion>3.9.6</mavenVersion>
<resolverVersion>1.9.20</resolverVersion>
+ <doxiaVersion>1.12.0</doxiaVersion>
<javaVersion>8</javaVersion>
<project.build.outputTimestamp>2024-10-27T16:23:14Z</project.build.outputTimestamp>
</properties>
@@ -160,6 +161,17 @@
<version>4.13.2</version>
<scope>test</scope>
</dependency>
+ <!-- reproducible-central report -->
+ <dependency>
+ <groupId>org.apache.maven.doxia</groupId>
+ <artifactId>doxia-sink-api</artifactId>
+ <version>${doxiaVersion}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.maven.reporting</groupId>
+ <artifactId>maven-reporting-impl</artifactId>
+ <version>3.1.0</version>
+ </dependency>
</dependencies>
<build>
@@ -177,6 +189,15 @@
</pluginManagement>
</build>
+ <reporting>
+ <plugins>
+ <plugin>
+ <artifactId>maven-artifact-plugin</artifactId>
+ <version>${project.version}</version>
+ </plugin>
+ </plugins>
+ </reporting>
+
<profiles>
<profile>
<id>run-its</id>
diff --git
a/src/main/java/org/apache/maven/plugins/artifact/buildinfo/ReproducibleCentralReport.java
b/src/main/java/org/apache/maven/plugins/artifact/buildinfo/ReproducibleCentralReport.java
new file mode 100644
index 0000000..c5345d8
--- /dev/null
+++
b/src/main/java/org/apache/maven/plugins/artifact/buildinfo/ReproducibleCentralReport.java
@@ -0,0 +1,125 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.maven.plugins.artifact.buildinfo;
+
+import java.util.Locale;
+import java.util.TreeMap;
+
+import org.apache.maven.artifact.Artifact;
+import org.apache.maven.doxia.sink.Sink;
+import org.apache.maven.execution.MavenSession;
+import org.apache.maven.plugins.annotations.Component;
+import org.apache.maven.plugins.annotations.LifecyclePhase;
+import org.apache.maven.plugins.annotations.Mojo;
+import org.apache.maven.plugins.annotations.ResolutionScope;
+import org.apache.maven.reporting.AbstractMavenReport;
+import org.apache.maven.reporting.MavenReportException;
+
+/**
+ * Builds a Reproducible Builds report on the project and its dependencies
based on data and badges provided
+ * by Reproducible Central.
+ * @since 3.6.0
+ */
+@Mojo(
+ name = "reproducible-central",
+ defaultPhase = LifecyclePhase.SITE,
+ requiresDependencyResolution = ResolutionScope.RUNTIME,
+ requiresProject = true,
+ threadSafe = true)
+public class ReproducibleCentralReport extends AbstractMavenReport {
+ @Component
+ private MavenSession session;
+
+ @Override
+ protected void executeReport(Locale locale) throws MavenReportException {
+ Sink sink = getSink();
+
+ sink.head();
+ sink.title();
+ sink.text("Reproducible Central Report");
+ sink.title_();
+ sink.head_();
+ sink.body();
+ sink.section1();
+ sink.sectionTitle1();
+ sink.text("Reproducible Central Report");
+ sink.sectionTitle1_();
+ sink.paragraph();
+ sink.text("this project:");
+ sink.paragraph_();
+ sink.paragraph();
+ renderReproducibleCentralArtifact(sink, project.getGroupId(),
project.getArtifactId(), project.getVersion());
+ sink.paragraph_();
+
+ sink.paragraph();
+ sink.text("project's dependencies:");
+ sink.paragraph_();
+
+ sink.list();
+ new TreeMap<String, Artifact>(project.getArtifactMap()).forEach((key,
a) -> {
+ sink.listItem();
+ renderReproducibleCentralArtifact(sink, a.getGroupId(),
a.getArtifactId(), a.getVersion());
+ sink.listItem_();
+ });
+ sink.list_();
+
+ sink.paragraph();
+ sink.text("(*) ");
+ sink.link("https://reproducible-builds.org/";);
+ sink.text("Reproducible Builds");
+ sink.link_();
+ sink.text(" check is done through ");
+ sink.link("https://github.com/jvm-repo-rebuild/reproducible-central";);
+ sink.text("Reproducible Central");
+ sink.link_();
+ sink.text(" data.");
+ sink.text("If you think data is not accurate, please help improve.");
+ sink.paragraph_();
+ sink.section1_();
+ sink.body_();
+ }
+
+ private void renderReproducibleCentralArtifact(Sink sink, String groupId,
String artifactId, String version) {
+ String url =
"https://jvm-repo-rebuild.github.io/reproducible-central/badge/artifact/";
+ + groupId.replace('.', '/') + '/' + artifactId + "/index.html";
+ String badge =
+
"https://img.shields.io/endpoint?url=https://jvm-repo-rebuild.github.io/reproducible-central/badge/artifact/";
+ + groupId.replace('.', '/') + '/' + artifactId + '/'
+ + version + ".json";
+ sink.link(url);
+ sink.figureGraphics(badge);
+ sink.link_();
+ sink.text(groupId + ':' + artifactId + ':' + version);
+ }
+
+ @Override
+ public String getOutputName() {
+ return "reproducible-central";
+ }
+
+ @Override
+ public String getName(Locale locale) {
+ return "Reproducible Central";
+ }
+
+ @Override
+ public String getDescription(Locale locale) {
+ return "This reports shows if dependencies are proven Reproducible
Builds at Reproducible Central.";
+ }
+}
diff --git a/src/site/apt/index.apt.vm b/src/site/apt/index.apt.vm
index 4637687..17d86c8 100644
--- a/src/site/apt/index.apt.vm
+++ b/src/site/apt/index.apt.vm
@@ -38,9 +38,11 @@ ${project.name}
* {{{./compare-mojo.html}artifact:compare}} compares current build output
(from <<<package>>>) against reference build previously published,
- * {{{./check-buildplan-mojo.html}artifact:check-buildplan}} checks the
project's buildplan to find if any used {{{./plugin-issues.html}plugin has a
known Reproducible Builds issue}}.
+ * {{{./check-buildplan-mojo.html}artifact:check-buildplan}} checks the
project's buildplan to find if any used {{{./plugin-issues.html}plugin has a
known Reproducible Builds issue}},
- * {{{./describe-build-output-mojo.html}artifact:describe-build-output}}
(experimental) describes the miscellaneous output files of a build.
+ * {{{./describe-build-output-mojo.html}artifact:describe-build-output}}
(experimental) reports shows if dependencies are proven Reproducible Builds at
Reproducible Central.
+
+ * {{{./reproducible-central-mojo.html}artifact:reproducible-central}}
(experimental) .
* Usage
