在 Gradle 7.2 項目上運行 Fortify 時出錯

Question

在 Gradle-Java 項目上運行 Fortify 20 時出現錯誤。 該項目使用“gradle build”命令順利編譯，但在運行 Fortify 時出現此錯誤：

不得將 ForkOptions 上的可執行屬性與 javaCompiler 屬性一起使用

我唯一的線索是這個功能是從 6.7 版開始引入的，但該項目是在 gradle 7 上構建的。

我想知道是否有可能抑制導致錯誤的兩件事之一？

Answer 1

看起來它可能與 Gradle 有關。

https://github.com/gradle/gradle/blob/master/subprojects/language-java/src/main/java/org/gradle/api/tasks/compile/JavaCompile.java

如果你查看 github 代碼，你會看到這個方法：

private void validateConfiguration() {
    if (javaCompiler.isPresent()) {
        checkState(getOptions().getForkOptions().getJavaHome() == null, "Must not use `javaHome` property on `ForkOptions` together with `javaCompiler` property");
        checkState(getOptions().getForkOptions().getExecutable() == null, "Must not use `executable` property on `ForkOptions` together with `javaCompiler` property");
    }
}

validateConfiguration()從在compile()期間運行的createSpec()調用。

請參閱下面使用java plugin和compileJava任務的示例 build.gradle 以及options.forkOptions.executable ：

https://docs.gradle.org/current/userguide/java_plugin.html#java_plugin

import com.nr.builder.JarUtil

apply plugin: 'java'

subprojects {
    dependencies {
        // introspector classes for testing externals
        testImplementation(project(":instrumentation-test"))
    }
}

ext.moduleName = "com.greetings"

dependencies {
    implementation("junit:junit:4.13")
}

compileJava {
    inputs.property("moduleName", "com.greetings")
    doFirst {
        options.compilerArgs = [
                '--module-path', classpath.asPath,
                '--patch-module', "$moduleName=" + files(sourceSets.main.java.srcDirs).asPath,
        ]
        classpath = files()
    }
}

compileJava.options.encoding = 'UTF-8'
compileJava.options.fork = true

// Compile with Java 11 to test module support
compileJava.options.forkOptions.executable = jdk11 + '/bin/javac'
compileJava.options.forkOptions.javaHome = new File(jdk11)

compileTestJava.options.encoding = 'UTF-8'
compileTestJava.options.fork = true

// Compile with Java 11 to test module support
compileTestJava.options.forkOptions.executable = jdk11 + '/bin/javac'
compileTestJava.options.forkOptions.javaHome = new File(jdk11)

// Boot classpath no longer works in JDK 9+ so we should ignore it here
compileJava.options.bootstrapClasspath = null

sourceCompatibility = JavaVersion.VERSION_11
targetCompatibility = JavaVersion.VERSION_11

def module_test_args = [
        "-javaagent:${project.jar.archivePath.absolutePath}",
        "-javaagent:${JarUtil.getNewRelicJar(project(":newrelic-agent")).absolutePath}",
        "-Dnewrelic.config.file=${project(':newrelic-agent').projectDir}/src/test/resources/com/newrelic/agent/config/newrelic.yml",
        "-Dnewrelic.unittest=true",
        "-Dnewrelic.config.startup_log_level=warn",
        "-Dnewrelic.debug=$newrelicDebug",
        "--module-path=lib:out/production/classes",
        "--add-modules com.greetings",
        "--module junit/org.junit.runner.JUnitCore"
]

test {
    dependsOn(project(":newrelic-agent").getTasksByName("newrelicJar", false))
    forkEvery = 1
    maxParallelForks = Runtime.runtime.availableProcessors()

    executable = jdk11 + '/bin/java'

    minHeapSize = "256m"
    maxHeapSize = "256m"

    beforeSuite {
        descriptor ->
            // We get two notifications per Test class. One of them is simply the Gradle executor used to run the test
            // We filter that one out and only log the Test class name with this null check.
            if (descriptor.getClassName() != null) {
                logger.lifecycle("Running test suite: " + descriptor.getClassName())
            }
    }
}

javadoc {
    onlyIf { JavaVersion.current().isJava11Compatible() }
}

Answer 2

如果您想繼續使用 Gradle 工具鏈功能，請將以下內容添加到您的 build.gradle：

// Circumvents issues with Fortify scan without disabling Gradle toolchain feature
tasks.withType(JavaCompile).configureEach {
  doFirst {
    configure(options) {
      configure(forkOptions) {
        executable = null
        javaHome = null
      }
    }
  }
}