Change maven id for testing pom tree
This MR alters the maven artifact-id for the testing/integration-tests root POM to be unique from the artifactID associated with the main POM.
This discrepancy, and the solution, was reported by Zach LaVallee (zach@fossa.com).
Why does this matter?
The artifactID and version combined give a kind of locator for maven to identify the project. By using the artifactID and version for the testing code, it implies that they are the same project.
This caused problems while trying to upgrade the FOSSA scanners to version 3.x. Their newer scanners are better integrated with maven conventions, so they consider the projects to be the same based on this same ID. Ironically, that led to the FOSSA tool missing half of the program.
FOSSA 3.x was the mechanism we used to discover this issue, but it should be changed regardless of whether we upgrade our license scanning tool or not.
Other Projects
It is possible that other projects have the same problem, but the few I spot checked (Storage, Indexer, Entitlements) did not.
This isn't changing FOSSA yet
Just to be clear, this MR fixes a maven configuration problem that was blocking a FOSSA upgrade. It does not include that upgrade itself -- that will be a more complex MR requiring more analysis across multiple projects.
Merge request reports
Activity
changed milestone to %M17 - Release 0.20
added Common Code MRDevOps PriorityMedium SeverityLow no-detached-pipeline labels
requested review from @chad
assigned to @divido
I wasn't sure about the MRDevOps label here.. It's about changing the build configuration. And maybe it isn't "Code" enough to get Common Code. I'm open to your opinion if you want to change these.
Also, I don't strictly need this for %M17 - Release 0.20, perfectly happy to let this sit around until next release.
added MRDependencies Upgrade label and removed MRDevOps label
added 10 commits
-
7889ec72...3ca23e88 - 9 commits from branch
master - 26e4492e - Merge remote-tracking branch 'origin/master' into change-maven-id-for-testing-pom-tree
-
7889ec72...3ca23e88 - 9 commits from branch
@Srinivasan_Narayanan @BdasIBM @Yauhen_Shaliou Could you help check ? This fixes for the FOSSA upgrade but the failure seems to be already present in the master pipeline.
Azure Approved @chad
-
@BdasIBM @Yauhen_Shaliou could you confirm ? Please approve if the changes are not related to the failures.
@chad ibm-test is passing now. Approved from IBM. https://community.opengroup.org/osdu/platform/system/search-service/-/jobs/1852242
-
@Yauhen_Shaliou @Rustam_Lotsmanenko @Stanislav_Riabokon Could you help with this ? Please approve if the changes are not related to the failures.
mentioned in commit 3db461c9
mentioned in merge request !483 (merged)
