Dependency Management in Gradle 5 and Beyond

Transcript

1. Dependency Management in Gradle 5 and beyond Jendrik Johannes, Gradle

2. PRODUCER A Model of Software Reuse

3. PRODUCER CONSUMER A Model of Software Reuse

4. PRODUCER CONSUMER REPOSITORY push software component component metadata A Model

   of Software Reuse

5. PRODUCER CONSUMER REPOSITORY push software component component metadata pull component

   metadata software component A Model of Software Reuse

6. Chapter 1: Versioning of Software Components Chapter 2: Different Variants

   of Software Components Chapter 3: Dealing with an imperfect World

7. Chapter 1: Versioning of Software Components Chapter 2: Different Variants

   of Software Components Chapter 3: Dealing with an imperfect World

8. PRODUCER CONSUMER REPOSITORY push software component component metadata pull component

   metadata software component

9. PRODUCER CONSUMER REPOSITORY push software component component metadata pull component

   metadata software component NULL 8 FUFFZEHN // BANK !

10. PRODUCER CONSUMER REPOSITORY push software component component metadata pull component

    metadata software component NULL 8 FUFFZEHN // BANK SantaSoft " !

11. NULL 8 FUFFZEHN // BANK

12. XMasTree by SantaSoft Open-source out-of-the-box Christmas trees for Java! From

    Christmas tree lovers for Christmas tree lovers! Maven dependencies { // just add your tree... implementation(“com.santasoft.xmastree:tree-swing:1.0”) // ...and decorate it as you like implementation(“com.santasoft.xmastree:lights-swing:1.0”) } Gradle // inject it in your UI code com.santasoft.xmastree.Tree.compose(container)
13. None
14. None
15. None
16. None

17. NULL 8 FUFFZEHN // BANK

18. XMasTree by SantaSoft Open-source out-of-the-box Christmas trees for Java! From

    Christmas tree lovers for Christmas tree lovers! Maven dependencies { // just add your tree... implementation(“com.santasoft.xmastree:tree-swing:2.0”) // ...and decorate it as you like implementation(“com.santasoft.xmastree:lights-swing:2.0”) } Gradle // inject it in your UI code com.santasoft.xmastree.Tree.compose(container) 2.0 W ITH FLASHY LIGHTS!
19. None
20. None

21. Why did the Christmas tree crash? tree:1.0 lights:1.0 ornaments:1.0 train:1.0

    tree:2.0 lights:2.0 ornaments:2.0 train:2.0 component repository

22. component repository Why did the Christmas tree crash? tree:1.0 lights:1.0

    null8fuffzehn-desktop ornaments:1.0 train:1.0 tree:2.0 lights:2.0 ornaments:2.0 train:2.0

23. component repository Why did the Christmas tree crash? tree:1.0 lights:1.0

    null8fuffzehn-desktop ornaments:1.0 train:1.0 tree:2.0 lights:2.0 ornaments:2.0 train:2.0

24. component repository Why did the Christmas tree crash? tree:1.0 lights:1.0

    null8fuffzehn-desktop ornaments:1.0 train:1.0 tree:2.0 lights:2.0 ornaments:2.0 train:2.0

25. component repository Why did the Christmas tree crash? tree:1.0 lights:1.0

    null8fuffzehn-desktop ornaments:1.0 train:1.0 tree:2.0 lights:2.0 ornaments:2.0 train:2.0

26. component repository Why did the Christmas tree crash? tree:1.0 lights:1.0

    null8fuffzehn-desktop ornaments:1.0 train:1.0 tree:2.0 lights:2.0 ornaments:2.0 train:2.0

27. component repository Why did the Christmas tree crash? tree:1.0 lights:1.0

    null8fuffzehn-desktop ornaments:1.0 train:1.0 tree:2.0 lights:2.0 ornaments:2.0 train:2.0 conflict !

28. component repository Dependency Constraints tree:1.0 lights:1.0 ornaments:1.0 train:1.0 tree:2.0 lights:2.0

    ornaments:2.0 train:2.0 depends-on

29. component repository Dependency Constraints tree:1.0 lights:1.0 ornaments:1.0 train:1.0 tree:2.0 lights:2.0

    ornaments:2.0 train:2.0 depends-on (requires + constraints) constraints

30. component repository Dependency Constraints save Christmas tree:1.0 lights:1.0 ornaments:1.0 train:1.0

    tree:2.0 lights:2.0 ornaments:2.0 train:2.0 depends-on (requires + constraints) constraints null8fuffzehn-desktop

31. component repository Dependency Constraints save Christmas tree:1.0 lights:1.0 ornaments:1.0 train:1.0

    tree:2.0 lights:2.0 ornaments:2.0 train:2.0 depends-on (requires + constraints) constraints null8fuffzehn-desktop

32. com.santasoft.xmastree:tree-swing:2.0 github.com/gradle/gradle/blob/master/subprojects/docs/src/ docs/design/gradle-module-metadata-specification.md { "component": { "group": "com.santasoft.xmastree", "module": "tree-swing",

    "version": "2.0", }, ... "dependencyConstraints": [ { "group": "com.santasoft.xmastree", "module": "lights-swing", "version": { "requires": "2.0" } }, { "group": "com.santasoft.xmastree", "module": "ornaments-swing", "version": { "requires": "2.0" } }, { "group": "com.santasoft.xmastree", "module": "train-swing", "version": { "requires": "2.0" } } ], ... } component repository — tree-swing-2.0.jar — tree-swing-2.0.pom — tree-swing-2.0.module

33. Chapter 1: Versioning of Software Components Chapter 2: Different Variants

    of Software Components Chapter 3: Dealing with an imperfect World

34. NULL 8 FUFFZEHN // BANK

35. NULL 8 FUFFZEHN // BANK

36. Gradle_Android XMasTree by SantaSoft Open-source out-of-the-box Christmas trees for Java!

    From Christmas tree lovers for Christmas tree lovers! Maven dependencies { // just add your tree... implementation(“com.santasoft.xmastree:tree-swing:2.0”) // ...and decorate it as you like implementation(“com.santasoft.xmastree:lights-swing:2.0”) } Gradle // inject it in your UI code com.santasoft.xmastree.Tree.compose(container) NOW ALSO FOR ANDROID! 2.0 W ITH FLASHY LIGHTS!

37. Gradle XMasTree by SantaSoft Open-source out-of-the-box Christmas trees for Java!

    From Christmas tree lovers for Christmas tree lovers! Maven dependencies { // just add your tree... implementation(“com.santasoft.xmastree:tree-android:2.0”) // ...and decorate it as you like implementation(“com.santasoft.xmastree:lights-android:2.0”) } // inject it in your UI code com.santasoft.xmastree.Tree.compose(container) Gradle_Android NOW ALSO FOR ANDROID! 2.0 W ITH FLASHY LIGHTS!
38. None
39. None
40. None

41. component repository Modeling Platforms as Variants tree-swing lights-swing null8fuffzehn-desktop ornaments-swing

    train-swing tree-android lights-android null8fuffzehn-android ornaments-android train-android

42. component repository Modeling Platforms as Variants tree-swing lights-swing ornaments-swing train-swing

    tree-android lights-android ornaments-android train-android null8fuffzehn-shared null8fuffzehn-desktop null8fuffzehn-android

43. component repository Modeling Platforms as Variants tree-swing lights-swing ornaments-swing train-swing

    tree-android lights-android ornaments-android train-android null8fuffzehn-shared null8fuffzehn-desktop null8fuffzehn-android tree lights ornaments train variant ui-framework = swing variant ui-framework = android ui-framework = swing ui-framework = android

44. component repository Modeling Platforms as Variants tree-swing lights-swing ornaments-swing train-swing

    tree-android lights-android ornaments-android train-android null8fuffzehn-shared null8fuffzehn-desktop null8fuffzehn-android tree lights ornaments train variant ui-framework = swing variant ui-framework = android ui-framework = swing ui-framework = android

45. component repository Modeling Platforms as Variants tree-swing lights-swing ornaments-swing train-swing

    tree-android lights-android ornaments-android train-android null8fuffzehn-shared null8fuffzehn-desktop null8fuffzehn-android tree lights ornaments train variant ui-framework = swing variant ui-framework = android ui-framework = swing ui-framework = android

46. Gradle_Android Gradle XMasTree by SantaSoft Open-source out-of-the-box Christmas trees for

    Java! From Christmas tree lovers for Christmas tree lovers! Maven // configure your tree dependencies { implementation(“com.santasoft.xmastree:lights”) } // choose your variant configurations.all { attributes { attribute(“ui-framework”, “android”) } } // inject it in your UI code com.santasoft.xmastree.Tree.compose(container) NOW ALSO FOR ANDROID! 2.0 W ITH FLASHY LIGHTS! NOW W ITH VARIANT SUPPORT! Gradle_Variants
47. None
48. None

49. com.santasoft.xmastree:tree:2.0 github.com/gradle/gradle/blob/master/subprojects/docs/src/ docs/design/gradle-module-metadata-specification.md { "component": { "group": "com.santasoft.xmastree", "module": "tree",

    "version": "2.0", "attributes": { "org.gradle.status": "release" } }, "variants": [ { "name": "swing-api", "attributes": { "org.gradle.usage": "java-api", "ui-framework": "swing" }, "available-at": { "url": "../../tree-swing/2.0/tree-swing-2.0.module", "group": "com.santasoft.xmastree", "module": "tree-swing", "version": "2.0" } }, { "name": "android-api", "attributes": { "org.gradle.usage": "java-api", "ui-framework": "android" }, "available-at": { "url": "../../tree-swing/2.0/tree-android-2.0.module", "group": "com.santasoft.xmastree", "module": "tree-android", "version": "2.0" } } ] ... } component repository — tree-swing-2.0.module

50. Chapter 1: Versioning of Software Components Chapter 2: Different Variants

    of Software Components Chapter 3: Dealing with the imperfect World

51. NULL 8 FUFFZEHN // BANK

52. What if the consumer has a different opinion than the

    producer?

53. PRODUCER CONSUMER REPOSITORY push software component component metadata pull component

    metadata software component NULL 8 FUFFZEHN // BANK SantaSoft " ! What if the consumer has a different opinion than the producer?

54. component repository tree lights ornaments train What if the consumer

    has a different opinion than the producer? null8fuffzehn-desktop

55. component repository tree lights ornaments train What if the consumer

    has a different opinion than the producer? null8fuffzehn-desktop Component Metadata Rule

56. What if the producer “forgot” an important variant?

57. Gradle_Variants Gradle_Android Gradle XMasTree by SantaSoft Open-source out-of-the-box Christmas trees

    for Java! From Christmas tree lovers for Christmas tree lovers! Maven // configure your tree dependencies { implementation(“com.santasoft.xmastree:lights”) } // choose your variant configurations.all { attributes { attribute(“ui-framework”, “gif”) } } // inject it in your UI code com.santasoft.xmastree.Tree.compose(container) NOW ALSO FOR ANDROID! 2.0 W ITH FLASHY LIGHTS! NOW W ITH VARIANT SUPPORT! NOW ALSO AS FLASHY GIF VARIANT! GIF

58. component repository tree-swing lights-swing ornaments-swing train-swing tree-gif lights-gif null8fuffzehn-shared null8fuffzehn-gif

    tree lights ornaments train variant ui-framework = swing variant ui-framework = gif ui-framework = gif What if the producer “forgot” an important variant?

59. component repository tree-swing lights-swing ornaments-swing train-swing tree-gif lights-gif null8fuffzehn-shared null8fuffzehn-gif

    tree lights ornaments train variant ui-framework = swing variant ui-framework = gif ui-framework = gif X What if the producer “forgot” an important variant?

60. What if the producer “forgot” an important variant?

61. What if the producer “forgot” an important variant? Artifact Transform

62. component repository tree-swing lights-swing ornaments-swing train-swing tree-gif lights-gif null8fuffzehn-shared null8fuffzehn-gif

    tree lights ornaments train variant ui-framework = swing variant ui-framework = gif ui-framework = gif What if the producer “forgot” an important variant? train-gif transformed into

63. Chapter 1: Versioning of Software Components Chapter 2: Different Variants

    of Software Components Chapter 3: Dealing with the imperfect World …and in the real world?

64. https://docs.google.com/document/d/ 1NYGbfz56C0Oh4IGymXjeQUVK4FcRiqDbpc4vGLnDMrY

65. https://docs.google.com/document/d/ 1NYGbfz56C0Oh4IGymXjeQUVK4FcRiqDbpc4vGLnDMrY

66. https://github.com/gradle/gradle/blob/master/buildSrc/subprojects/configuration/src/main/kotlin/ org/gradle/gradlebuild/dependencies/DependenciesMetadataRulesPlugin.kt

67. https://github.com/gradle/gradle/blob/master/buildSrc/subprojects/packaging/src/main/kotlin/ org/gradle/gradlebuild/packaging/MinifyTransform.kt

68. Gradle Summit 2017
 Dependencies, distributed code and engineering velocity
 -

    Mike McGarr, Netflix https://www.youtube.com/watch?v=k_mPS_1JpXM

69. Dependency Management in Gradle 5 and beyond Jendrik Johannes, Gradle

70. Dependency Constraints dependencies { implementation("org.apache.httpcomponents:httpclient") constraints { implementation("org.apache.httpcomponents:httpclient:4.5.3") { because("previous

    versions have a bug impacting this application") } implementation("commons-codec:commons-codec:1.11") { because("version 1.9 pulled from httpclient has bugs affecting this application") } } }

71. BOM/Platform support dependencies { // import a BOM implementation(platform( “org.springframework.boot:spring-boot-dependencies:1.5.8.RELEASE"))

    // define dependencies without versions implementation("com.google.code.gson:gson") implementation("dom4j:dom4j") }

72. dependencies { // get recommended versions from the platform project

    api(platform(project(":platform"))) // no version required api("commons-httpclient:commons-httpclient") } Java Platform Plugin consumer plugins { `java-platform` } dependencies { constraints { // Platform declares some versions of libraries used in subprojects api("commons-httpclient:commons-httpclient:3.1") api("org.apache.commons:commons-lang3:3.8.1") } } producer

73. (New) Maven Publish Plugin publishing { publications { create<MavenPublication>("maven") {

    groupId = "org.gradle.sample" artifactId = "project1-sample" version = "1.1" from(components["java"]) } } } enableFeaturePreview("GRADLE_METADATA") settings.gradle.kts

74. Dependency Locking configurations.compileClasspath { resolutionStrategy.activateDependencyLocking() }

75. Repository to dependency matching repositories { maven { url "https://repo.mycompany.com"

    content { includeGroupByRegex "com\\.mycompany.*" } } }

76. Christmas Tree by Jordan Irwin – https://opengameart.org/content/christmas-tree-0 Compose your own

    Christmas trees: https://github.com/jjohannes/xmas-tree-reuse