Export API Dependency Extractor
This Java example provides a summary of dependency versions used across builds.
By default, this project will detect all log4j
dependencies used, but can be adapted for other dependencies.
This project is based on the Java sample in https://github.com/gradle/gradle-enterprise-export-api-samples.
Setup
To run this sample:
- Replace the hostname value of the
GRADLE_ENTERPRISE_SERVER
constant inExportApiDependencyExtractor.java
with your Gradle Enterprise hostname. - Optionally change the value of the
DEPENDENCY_GROUP_PREFIX
constant to filter for different dependencies. Set this value to '' to extract all dependency versions. - Optionally change the value of the
PROCESS_SCANS_SINCE
constant to extend the range of scans to process. By default, scans published in the past 24 hrs are processed. - Set the appropriate authentication environment variables (see below).
- Run
./gradlew run
from the command line.
Authentication
We recommend using the Bearer token authentication which has been available since Gradle Enterprise 2021.1.
Bearer token authentication (access key)
- Create a Gradle Enterprise access key for a user with the
Export API
role as described in the Export API Access Control documentation. - Set an environment variable locally:
EXPORT_API_ACCESS_KEY
to match the newly created Gradle Enterprise access key.
Basic authentication (user / password)
Non-SAML users can authenticate via basic auth.
- Create a Gradle Enterprise user with the
Export API
role as described in the Export API Access Control documentation. - Set two environment variables locally:
EXPORT_API_USER
EXPORT_API_PASSWORD
to match the newly created Export API user credentials.
Output
All builds processed and their dependencies are logged to the console.
At the end of execution, a summary is printed. The summary shows each unique dependency version, together with the build ID of the first scan that loaded that dependency version. You can use this ID to view the respective build scan to get more information on the project involved.
Sample output
Streaming builds...
Processing build: hmvewcdjvsl54
Processing build: nymyvw7pt32b2
mtrpn4sdlcnq6: org.apache.logging.log4j:log4j-api:2.17.1
mtrpn4sdlcnq6: org.apache.logging.log4j:log4j-core:2.17.1
Processing build: ozvdxgi2yr66e
...
Processing build: wguszvsvcvysy
VERSION SUMMARY: (First build scan detected for each version)
--------------------------------------------------------------
txfjcwedzacmw: org.apache.logging.log4j:log4j-api:2.11.2
arp4cremlczjw: org.apache.logging.log4j:log4j-api:2.17.1
arp4cremlczjw: org.apache.logging.log4j:log4j-core:2.17.1