project.clj 13.9 KB
Newer Older
1
(def pdb-version "5.2.8-SNAPSHOT")
2
(def clj-parent-version "1.4.3")
3
(def tk-jetty9-ver "2.3.1")
4

5 6 7
(defn true-in-env? [x]
  (#{"true" "yes" "1"} (System/getenv x)))

8 9 10 11 12 13 14
(defn pdb-run-sh [& args]
  (apply vector
         ["run" "-m" "puppetlabs.puppetdb.dev.lein/run-sh" (pr-str args)]))

(defn pdb-run-clean [paths]
  (apply pdb-run-sh {:argc #{0} :echo true} "rm" "-rf" paths))

15 16 17 18 19 20 21 22
(defn deploy-info
  "Generate deployment information from the URL supplied and the username and
   password for Nexus supplied as environment variables."
  [url]
  {:url url
   :username :env/nexus_jenkins_username
   :password :env/nexus_jenkins_password
   :sign-releases false})
23

24
(def i18n-version "0.8.0")
25

26 27
(def need-permgen?
  (= "1.7" (System/getProperty "java.specification.version")))
28

29 30 31 32 33 34
(def pdb-repositories
  (if (true-in-env? "PUPPET_SUPPRESS_INTERNAL_LEIN_REPOS")
    []
    [["releases" "https://artifactory.delivery.puppetlabs.net/artifactory/list/clojure-releases__local/"]
     ["snapshots" "https://artifactory.delivery.puppetlabs.net/artifactory/list/clojure-snapshots__local/"]]))

35 36 37 38 39 40 41 42 43 44
;; See the integration tests section in documentation/CONTRIBUTING.md.
(def puppetserver-test-dep-ver
  (some-> (try
            (slurp (str "ext/test-conf/puppetserver-dep"))
            (catch java.io.FileNotFoundException ex
              (binding [*out* *err*]
                (println "puppetserver test depdency unconfigured (ignoring)"))
              nil))
          clojure.string/trim))

45 46
(def puppetserver-test-dep-gem-list
  (when puppetserver-test-dep-ver
47 48 49 50 51 52 53
    (let [[major minor] (->> (re-matches #"^([0-9]+)\.([0-9]+)\..*" puppetserver-test-dep-ver)
                             next
                             (take 2)
                             (map #(Integer/parseInt %)))]
      (if (neg? (compare [major minor] [5 3]))
        "gem-list.txt"
        "jruby-gem-list.txt"))))
54

55 56 57 58 59 60 61
(def puppetserver-test-deps
  (when puppetserver-test-dep-ver
    `[[puppetlabs/puppetserver ~puppetserver-test-dep-ver]
      [puppetlabs/puppetserver ~puppetserver-test-dep-ver :classifier "test"]]))

(def pdb-dev-deps
  (concat
62
   `[[puppetlabs/trapperkeeper-webserver-jetty9 ~tk-jetty9-ver :classifier "test"]]
63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78
   '[[ring-mock]
     [puppetlabs/trapperkeeper :classifier "test"]
     [puppetlabs/kitchensink :classifier "test"]
     [org.flatland/ordered "1.5.3"]
     [org.clojure/test.check "0.9.0"]
     [com.gfredericks/test.chuck "0.2.7" :exclusions
      [clj-time com.andrewmcveigh/cljs-time instaparse joda-time org.clojure/clojure]]
     [environ "1.0.2"]
     [riddley "0.1.12"]
     [io.forward/yaml "1.0.5"]

     ;; Only needed for :integration tests
     [puppetlabs/trapperkeeper-authorization nil]
     [puppetlabs/trapperkeeper-filesystem-watcher nil]]
   puppetserver-test-deps))

79 80 81 82 83 84 85 86
;; Until we resolve the issue with :dependencies ^:replace in the
;; ezbake profile below ignoring all the pins in :dependencies, repeat
;; them in both places via this list.  For now, only include the pins
;; that we added after we recognized the problem (when fixing CVEs),
;; so we don't change unrelated deps that have been deployed for a
;; long time.
(def pdb-dep-pins
  `[;; Use jetty 9.4.11.v20180605 to fix CVE-2017-7656 (PDB-4160)
87
    [puppetlabs/trapperkeeper-webserver-jetty9 ~tk-jetty9-ver]])
88

89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105
;; Don't use lein :clean-targets so that we don't have to repeat
;; ourselves, given that we need to remove some protected files, and
;; in addition, metadata like {:protect false} doesn't appear to
;; survive profile merges.

(def pdb-clean-paths
  ["puppet/client_data"
   "puppet/client_yaml"
   "puppet/clientbucket"
   "puppet/facts.d"
   "puppet/locales"
   "puppet/preview"
   "puppet/state"
   "resources/locales.clj"
   "resources/puppetlabs/puppetdb/Messages_eo$1.class"
   "resources/puppetlabs/puppetdb/Messages_eo.class"
   "target"
106
   "target-gems"
107 108 109 110 111 112 113 114
   "test-resources/puppetserver/ssl/certificate_requests"
   "test-resources/puppetserver/ssl/private"])

(def pdb-distclean-paths
  (into pdb-clean-paths
        [".bundle"
         ".lein-failures"
         "Gemfile.lock"
115 116 117
         "ext/test-conf/pgbin-requested"
         "ext/test-conf/pgport-requested"
         "ext/test-conf/puppet-ref-requested"
118
         "ext/test-conf/puppetserver-dep"
119
         "ext/test-conf/puppetserver-ref-requested"
120 121 122
         "puppetserver"
         "vendor"]))

123
(defproject puppetlabs/puppetdb pdb-version
124
  :description "Puppet-integrated catalog and fact storage"
125

126 127 128 129 130
  :license {:name "Apache License, Version 2.0"
            :url "http://www.apache.org/licenses/LICENSE-2.0.html"}

  :url "https://docs.puppetlabs.com/puppetdb/"

131 132
  :min-lein-version "2.7.1"

133
  :parent-project {:coords [puppetlabs/clj-parent ~clj-parent-version]
134 135
                   :inherit [:managed-dependencies]}

136 137 138 139 140
  ;; Abort when version ranges or version conflicts are detected in
  ;; dependencies. Also supports :warn to simply emit warnings.
  ;; requires lein 2.2.0+.
  :pedantic? :abort

141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205
  :dependencies ~(concat
                  pdb-dep-pins
                  '[[org.clojure/clojure "1.8.0"]
                    [org.clojure/core.async]
                    [org.clojure/core.match "0.3.0-alpha4" :exclusions [org.clojure/tools.analyzer.jvm]]
                    [org.clojure/core.memoize "0.5.9"]
                    [org.clojure/java.jdbc]
                    [org.clojure/tools.macro]
                    [org.clojure/math.combinatorics "0.1.1"]
                    [org.clojure/math.numeric-tower "0.0.4"]
                    [org.clojure/tools.logging]

                    ;; Puppet specific
                    [puppetlabs/comidi]
                    [puppetlabs/dujour-version-check]
                    [puppetlabs/http-client]
                    [puppetlabs/i18n]
                    [puppetlabs/kitchensink]
                    [puppetlabs/stockpile "0.0.4"]
                    [puppetlabs/tools.namespace "0.2.4.1"]
                    [puppetlabs/trapperkeeper]
                    [puppetlabs/trapperkeeper-metrics :exclusions [ring/ring-defaults org.slf4j/slf4j-api]]
                    [puppetlabs/trapperkeeper-status]

                    ;; Various
                    [cheshire]
                    [clj-stacktrace]
                    [clj-time]
                    [com.rpl/specter "0.5.7"]
                    [com.taoensso/nippy "2.10.0" :exclusions [org.clojure/tools.reader]]
                    [digest "1.4.3"]
                    [fast-zip-visit "1.0.2"]
                    [instaparse "1.4.1"]
                    [me.raynes/fs]
                    [metrics-clojure "2.6.1" :exclusions [org.clojure/clojure org.slf4j/slf4j-api]]
                    [prismatic/schema "1.1.2"]
                    [robert/hooke "1.3.0"]
                    [slingshot]
                    [trptcolin/versioneer]

                    ;; Filesystem utilities
                    [org.apache.commons/commons-lang3 "3.4"]
                    ;; Version information
                    ;; Job scheduling
                    [overtone/at-at "1.2.0"]

                    ;; Database connectivity
                    [com.zaxxer/HikariCP]
                    [honeysql "0.6.3"]
                    [org.postgresql/postgresql "9.4.1208.jre7"]

                    ;; MQ connectivity
                    [org.apache.activemq/activemq-broker "5.13.2" :exclusions [org.slf4j/slf4j-api]]
                    [org.apache.activemq/activemq-kahadb-store "5.13.2" :exclusions [org.slf4j/slf4j-api]]
                    [org.apache.activemq/activemq-pool "5.13.2" :exclusions [org.slf4j/slf4j-api]]
                    ;; bridge to allow some spring/activemq stuff to log over slf4j
                    [org.slf4j/jcl-over-slf4j "1.7.14" :exclusions [org.slf4j/slf4j-api]]

                    ;; WebAPI support libraries.
                    [bidi "2.0.12" :exclusions [org.clojure/clojurescript]]
                    [clj-http "2.0.1" :exclusions [org.apache.httpcomponents/httpcore org.apache.httpcomponents/httpclient]]
                    [com.novemberain/pantomime "2.1.0"]
                    [compojure]
                    [org.apache.commons/commons-compress "1.10"]
                    [ring/ring-core :exclusions [javax.servlet/servlet-api org.clojure/tools.reader]]])
206

207 208 209
  ; permanently exclude jackson-databind, as it is a source of CVE's and we don't use it
  :exclusions [[com.fasterxml.jackson.core/jackson-databind]]

210 211 212
  :jvm-opts ~(if need-permgen?
              ["-XX:MaxPermSize=200M"]
              [])
213

214
  :repositories ~pdb-repositories
215

216 217
  :plugins [[lein-release "1.0.5" :exclusions [org.clojure/clojure]]
            [lein-cloverage "1.0.6" :exclusions [org.clojure/clojure]]
218
            [lein-parent "0.3.5"]
219
            [puppetlabs/i18n ~i18n-version]]
220

221 222 223
  :lein-release {:scm        :git
                 :deploy-via :lein-deploy}

224
  :uberjar-name "puppetdb.jar"
225 226 227
  :lein-ezbake {:vars {:user "puppetdb"
                       :group "puppetdb"
                       :build-type "foss"
228
                       :main-namespace "puppetlabs.puppetdb.main"
229
                       :start-timeout 14400
230 231
                       :repo-target "puppet5"
                       :nonfinal-repo-target "puppet5-nightly"
232
                       :logrotate-enabled false}
233
                :config-dir "ext/config/foss"
234 235
                }

236 237
  :deploy-repositories [["releases" ~(deploy-info "https://artifactory.delivery.puppetlabs.net/artifactory/list/clojure-releases__local/")]
                        ["snapshots" ~(deploy-info "https://artifactory.delivery.puppetlabs.net/artifactory/list/clojure-snapshots__local/")]]
238

239 240 241 242 243 244
  ;; By declaring a classifier here and a corresponding profile below we'll get an additional jar
  ;; during `lein jar` that has all the code in the test/ directory. Downstream projects can then
  ;; depend on this test jar using a :classifier in their :dependencies to reuse the test utility
  ;; code that we have.
  :classifiers  [["test" :testutils]]

Nick Lewis's avatar
Nick Lewis committed
245
  :profiles {:dev {:resource-paths ["test-resources"],
246
                   :dependencies ~pdb-dev-deps
247 248 249
                   :injections [(do
                                  (require 'schema.core)
                                  (schema.core/set-fn-validation! true))]}
250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273
             :ezbake {:dependencies ^:replace ~(concat
                                                pdb-dep-pins
                                                `[;; NOTE: we need to explicitly pass in `nil` values
                                                  ;; for the version numbers here in order to correctly
                                                  ;; inherit the versions from our parent project.
                                                  ;; This is because of a bug in lein 2.7.1 that
                                                  ;; prevents the deps from being processed properly
                                                  ;; with `:managed-dependencies` when you specify
                                                  ;; dependencies in a profile.  See:
                                                  ;; https://github.com/technomancy/leiningen/issues/2216
                                                  ;; Hopefully we can remove those `nil`s (if we care)
                                                  ;; and this comment when lein 2.7.2 is available.

                                                  ;; we need to explicitly pull in our parent project's
                                                  ;; clojure version here, because without it, lein
                                                  ;; brings in its own version, and older versions of
                                                  ;; lein depend on clojure 1.6.
                                                  [org.clojure/clojure nil]

                                                  ;; This circular dependency is required because of a bug in
                                                  ;; ezbake (EZ-35); without it, bootstrap.cfg will not be included
                                                  ;; in the final package.
                                                  [puppetlabs/puppetdb ~pdb-version]
                                                  [org.clojure/tools.nrepl nil]])
274
                      :name "puppetdb"
275
                      :plugins [[puppetlabs/lein-ezbake "1.8.10"]]}
276
             :testutils {:source-paths ^:replace ["test"]}
277 278 279
             :install-gems {:source-paths ^:replace ["src-gems"]
                            :target-path "target-gems"
                            :dependencies ~puppetserver-test-deps}
280 281 282 283 284
             :ci {:plugins [[lein-pprint "1.1.1"]]}
             :test {:jvm-opts ~(if need-permgen?
                                 ;; integration tests cycle jruby a lot, which chews through permgen
                                 ^:replace ["-XX:MaxPermSize=500M"]
                                 [])}}
Nick Lewis's avatar
Nick Lewis committed
285

286 287
  :jar-exclusions [#"leiningen/"]

288 289
  :resource-paths ["resources" "puppet/lib" "resources/puppetlabs/puppetdb" "resources/ext/docs"]

290 291 292 293 294 295
  :main ^:skip-aot puppetlabs.puppetdb.core

  :test-selectors {:default (complement :integration)
                   :unit (complement :integration)
                   :integration :integration}

296 297 298 299 300 301 302
  ;; This is used to merge the locales.clj of all the dependencies into a single
  ;; file inside the uberjar
  :uberjar-merge-with {"locales.clj"  [(comp read-string slurp)
                                       (fn [new prev]
                                         (if (map? prev) [new prev] (conj prev new)))
                                       #(spit %1 (pr-str %2))]}

303 304
  :aliases {"gem" ["with-profie" "install-gems"
                   "trampoline" "run" "-m" "puppetlabs.puppetserver.cli.gem"
305
                   "--config" "./test-resources/puppetserver/puppetserver.conf"]
306 307
            "install-gems" ["with-profile" "install-gems"
                            "trampoline" "run" "-m" "puppetlabs.puppetdb.integration.install-gems"
308
                            ~puppetserver-test-dep-gem-list
309 310 311
                            "--config" "./test-resources/puppetserver/puppetserver.conf"]
            "clean" ~(pdb-run-clean pdb-clean-paths)
            "distclean" ~(pdb-run-clean pdb-distclean-paths)})