SEC-2430: Add Maven BOM

bom/build.gradle

@@ -0,0 +1,8 @@
+apply plugin: 'maven-bom'
+apply from: "$rootDir/gradle/maven-deployment.gradle"
+
+generatePom.enabled = false
+
+mavenBom {
+    projects = coreModuleProjects
+}

build.gradle

@@ -54,7 +54,7 @@ sonarRunner {
 }
 
 // Set up different subproject lists for individual configuration
-ext.javaProjects = subprojects.findAll { project -> project.name != 'docs' && project.name != 'manual' && project.name != 'guides' }
+ext.javaProjects = subprojects.findAll { project -> project.name != 'docs' && project.name != 'manual' && project.name != 'guides' && project.name != 'spring-security-bom' }
 ext.sampleProjects = subprojects.findAll { project -> project.name.startsWith('spring-security-samples') }
 ext.itestProjects = subprojects.findAll { project -> project.name.startsWith('itest') }
 ext.coreModuleProjects = javaProjects - sampleProjects - itestProjects

buildSrc/src/main/groovy/MavenBomPlugin.groovy

@@ -0,0 +1,19 @@
+import org.gradle.api.DefaultTask
+import org.gradle.api.GradleException
+import org.gradle.api.Plugin
+import org.gradle.api.Project
+import org.gradle.api.Task
+import org.gradle.api.plugins.*
+import org.gradle.api.tasks.*
+import org.gradle.api.tasks.TaskAction
+
+public class MavenBomPlugin implements Plugin<Project> {
+	static String MAVEN_BOM_TASK_NAME = "mavenBom"
+
+	public void apply(Project project) {
+		project.plugins.apply(JavaPlugin)
+		project.plugins.apply(MavenPlugin)
+		project.task(MAVEN_BOM_TASK_NAME, type: MavenBomTask, group: 'Generate', description: 'Configures the pom as a Maven Build of Materials (BOM)')
+		project.install.dependsOn project.mavenBom
+	}
+}

buildSrc/src/main/groovy/MavenBomTask.groovy

@@ -0,0 +1,55 @@
+import groovy.xml.MarkupBuilder
+
+import org.gradle.api.DefaultTask
+import org.gradle.api.Project
+import org.gradle.api.tasks.*
+
+public class MavenBomTask extends DefaultTask {
+
+    Set<Project> projects
+
+    File bomFile
+
+
+    public MavenBomTask() {
+        this.group = "Generate"
+        this.description = "Generates a Maven Build of Materials (BOM). See http://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html#Importing_Dependencies"
+        this.projects = project.subprojects
+        this.bomFile = project.file("${->project.buildDir}/maven-bom/${->project.name}-${->project.version}.txt")
+    }
+
+    @TaskAction
+    public void configureBom() {
+        project.configurations.archives.artifacts.clear()
+
+        bomFile.parentFile.mkdirs()
+        bomFile.write("Maven Build of Materials (BOM). See http://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html#Importing_Dependencies")
+        project.artifacts {
+            // work around GRADLE-2406 by attaching text artifact
+            archives(bomFile)
+        }
+        project.install {
+            repositories.mavenInstaller {
+                pom.whenConfigured {
+                    packaging = "pom"
+                    withXml {
+                        asNode().children().last() + {
+                            delegate.dependencyManagement {
+                                delegate.dependencies {
+                                    projects.sort { dep -> "$dep.group:$dep.name" }.each { p ->
+
+                                        delegate.dependency {
+                                            delegate.groupId(p.group)
+                                            delegate.artifactId(p.name)
+                                            delegate.version(p.version)
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+        }
+    }
+}

buildSrc/src/main/resources/META-INF/gradle-plugins/maven-bom.properties

@@ -0,0 +1 @@
+implementation-class=MavenBomPlugin

gradle/javaprojects.gradle

@@ -203,3 +203,7 @@ task javadocJar(type: Jar) {
     classifier = 'javadoc'
     from javadoc
 }
+
+artifacts {
+    archives javadocJar
+}

gradle/maven-deployment.gradle

@@ -9,7 +9,6 @@ task sourceJar(type: Jar) {
 
 artifacts {
     archives sourceJar
-    archives javadocJar
 }
 
 // Configuration for SpringSource s3 maven deployer

settings.gradle

@@ -88,3 +88,6 @@ rootProject.children.each {project ->
     //assert project.projectDir.isDirectory()
     //assert project.buildFile.isFile()
 }
+
+include 'bom'
+findProject(':bom').name = 'spring-security-bom'