Insert gemnasium-gradle-plugin version into gemnasium-maven project when building Docker image
Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.
Problem to solve
When the version of gemnasium-gradle-plugin is updated, we need to modify the following files in the gemnasium-maven project:
In order to avoid only updating one file and forgetting about the other, which happened here, we should add the version of gemnasium-gradle-plugin to the Dockerfile in gemnasium-maven and when the image is built, we should rewrite the versions in gemnasium-gradle-plugin-init.gradle and utils/gradle-plugin-builder/build.gradle with the one from the Dockerfile
Intended users
User experience goal
Developers are able to update the version of gemnasium-gradle-plugin by only modifying a single value in gemnasium-maven
Implementation details
-
Add GEMNASIUM_GRADLE_PLUGIN_VERSIONenvironment variable to the Dockerfile in gemnasium-maven -
Replace version references (i.e. 0.3.2) ingemnasium-gradle-plugin-init.gradleandutils/gradle-plugin-builder/build.gradlewith placeholder values -
Add a command to the gemnasium-maven Dockerfile to rewrite the above placeholder values with the version contained in GEMNASIUM_GRADLE_PLUGIN_VERSION.
Testing
-
All downstream gradle projects continue to pass
Further details
By only needing to update a single value to upgrade the version of the gemnasium-gradle-plugin, it will avoid the situation where only one of the necessary files is updated by mistake.
Documentation
-
Add details to the gemnasium-maven README to explain how to update the gemnasium-gradle-pluginto a new version.
What does success look like, and how can we measure that?
The version of gemnasium-gradle-plugin can be changed by configuring a single environment variable in the Dockerfile.
What is the type of buyer?
GitLab Ultimate Enterprise Edition
Is this a cross-stage feature?
No, this only affects dependency scanning