GITBOOK-8441: vc-Java and Kotlin for OS: add a section on ant & ivy

snyk · Nov 19, 2024 · 6148508 · 6148508
1 parent 6a614c7
commit 6148508
Show file tree

Hide file tree

Showing 3 changed files with 53 additions and 3 deletions.
diff --git a/docs/SUMMARY.md b/docs/SUMMARY.md
@@ -33,7 +33,7 @@
   * [Java and Kotlin](supported-languages-package-managers-and-frameworks/java-and-kotlin/README.md)
     * [Java and Kotlin for code analysis](supported-languages-package-managers-and-frameworks/java-and-kotlin/java-and-kotlin-for-code-analysis.md)
     * [Java and Kotlin for open source](supported-languages-package-managers-and-frameworks/java-and-kotlin/java-and-kotlin-for-open-source.md)
-    * [Snyk CLI with Maven and Gradle](supported-languages-package-managers-and-frameworks/java-and-kotlin/snyk-cli-with-maven-and-gradle.md)
+    * [Snyk CLI for Java and Kotlin](supported-languages-package-managers-and-frameworks/java-and-kotlin/snyk-cli-for-java-and-kotlin.md)
     * [SCM integrations with Maven and Gradle](supported-languages-package-managers-and-frameworks/java-and-kotlin/git-repositories-with-maven-and-gradle.md)
     * [Snyk workflow with Java and Kotlin](supported-languages-package-managers-and-frameworks/java-and-kotlin/snyk-workflow-with-java-and-kotlin.md)
     * [Guidance for Java and Kotlin](supported-languages-package-managers-and-frameworks/java-and-kotlin/guidance-for-java-and-kotlin.md)

diff --git a/docs/supported-languages-package-managers-and-frameworks/java-and-kotlin/README.md b/docs/supported-languages-package-managers-and-frameworks/java-and-kotlin/README.md
@@ -10,7 +10,7 @@ Snyk supports [Java and Kotlin for code analysis](java-and-kotlin-for-code-analy
 You can use any Java version up to Java SE 17.
 {% endhint %}
 
-There are special considerations for [Snyk CLI with Maven and Gradle](snyk-cli-with-maven-and-gradle.md) and [SCM integrations with Maven and Gradle](git-repositories-with-maven-and-gradle.md).
+There are special considerations for [Snyk CLI with Maven and Gradle](snyk-cli-for-java-and-kotlin.md) and [SCM integrations with Maven and Gradle](git-repositories-with-maven-and-gradle.md).
 
 [Guidance for Java and Kotlin](guidance-for-java-and-kotlin.md) is available, along with information about the [Snyk workflow with Java and Kotlin](snyk-workflow-with-java-and-kotlin.md) and [More information about Java support](more-information-about-java-support.md).
 

diff --git a/...-kotlin/snyk-cli-with-maven-and-gradle.md → ...nd-kotlin/snyk-cli-for-java-and-kotlin.md b/...-kotlin/snyk-cli-with-maven-and-gradle.md → ...nd-kotlin/snyk-cli-for-java-and-kotlin.md
@@ -1,4 +1,4 @@
-# Snyk CLI with Maven and Gradle
+# Snyk CLI for Java and Kotlin
 
 The Snyk CLI tests Maven and Gradle Projects as follows:
 
@@ -180,3 +180,53 @@ If you are having any trouble testing your Gradle Projects with Snyk, collect th
 * The output from the following commands:
   * `$ snyk test -d`
   * `$ gradle dependencies -q`
+
+## Workaround for `ant` and `ivy`
+
+[Apache Ant](https://ant.apache.org/) is a Java build system focused solely on executing build tasks defined in XML. [Apache Ivy](https://ant.apache.org/ivy/) extends Ant by adding dependency management, handling library retrieval and transitive dependencies, which Ant alone does not manage.
+
+Ivy dependencies are configured in an XML file, for example `ivy.xml`:
+
+```xml
+<ivy-module version="2.0">
+    <info organisation="com.example" module="my-project" revision="1.0"/>
+
+    <dependencies>
+        <dependency org="junit" name="junit" rev="4.12" conf="default"/>
+    </dependencies>
+</ivy-module>
+```
+
+Such a dependency file is typically evaluated using an `ant` task defined in `build.xml`:
+
+```xml
+<target name="resolve-dependencies" depends="init">
+    <ivy:retrieve pattern="${lib.dir}/[artifact]-[revision].[ext]"/>
+</target>
+```
+
+Using the command `ant resolve-dependencies`, dependencies will be downloaded from Maven Central, just like regular Maven dependencies.
+
+To let Snyk know about the dependency tree, you must first convert to the Maven POM format. Start by configuring a new `makepom` task in `build.xml`
+
+```xml
+<target name="makepom" depends="resolve-dependencies">
+    <ivy:makepom ivyfile="${basedir}/ivy.xml" pomfile="${basedir}/pom.xml" conf="default,runtime">
+        <mapping conf="default" scope="compile"/>
+        <mapping conf="runtime" scope="runtime"/>
+    </ivy:makepom>
+</target>
+```
+
+With this, you can now run the following commands:
+
+```
+ant makepom
+snyk test --file=pom.xml
+```
+
+The `pom.xml` file does not need to be checked in and can be deleted after a test is done using `snyk`. Additionally, the dependency tree can be monitored using:
+
+```
+snyk monitor --file=pom.xml
+```