Merge pull request #256 from s4u/keysmap-duplicate-items

detect and merge duplicate items in keysMap

pom.xml

@@ -497,6 +497,16 @@
                     </execution>
                 </executions>
             </plugin>
+            <plugin>
+                <groupId>org.simplify4u.plugins</groupId>
+                <artifactId>sign-maven-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <!-- signature can be used in IT test, so must be executed early -->
+                        <phase>pre-integration-test</phase>
+                    </execution>
+                </executions>
+            </plugin>
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-failsafe-plugin</artifactId>
@@ -581,7 +591,9 @@
                     <skip>${maven.test.skip}</skip>
                     <failOnWarning>true</failOnWarning>
                     <ignoredUnusedDeclaredDependencies>
-                        <ignoredUnusedDeclaredDependency>org.simplify4u:slf4j-mock:jar:*</ignoredUnusedDeclaredDependency>
+                        <ignoredUnusedDeclaredDependency>
+                            org.simplify4u:slf4j-mock:jar:*
+                        </ignoredUnusedDeclaredDependency>
                     </ignoredUnusedDeclaredDependencies>
                 </configuration>
             </plugin>

src/it/sigOkKeysMap/keysmap.list

@@ -16,10 +16,10 @@
 org.hamcrest:hamcrest-core:1.3  = 0x4DB1A49729B053CAF015CEE9A6ADFC93EF34893E
 
 # sub key test
-junit:junit:4.12                = 0xEFE8086F9E93774E
+junit:junit:4.12                = 0xEFE8086F9E93774E, 0xEFE8086F9E93774E
 
-commons-chain:commons-chain:1.2 = 0xB95BBD3FA43C4492, \
-                                  0x1861C322C56014B2
+commons-chain:commons-chain:1.2 = 0xB95BBD3FA43C4492
+commons-chain:commons-chain:1.2 = 0x1861C322C56014B2
 
 # master key test
 ognl                            = 0xE157EEB8D208EEB23F5723AC06F21382801CEF5F

src/it/sigOkKeysMapWithPluginDependencies/keysmap.list

@@ -20,7 +20,7 @@ junit:junit:4.12=0xEFE8086F9E93774E
 commons-chain:commons-chain:1.2=0xB95BBD3FA43C4492,0x1861C322C56014B2
 #
 # Plugins:
-org.simplify4u.plugins:pgpverify-maven-plugin:*=
+org.simplify4u.plugins:pgpverify-maven-plugin = noSig, 0x57EB3F12030A57BAA31CAAD5BE3E2A5CB80794EE
 #
 # Transitive dependencies of plugins:
 antlr:antlr:2.7.2 =

src/it/sigOkKeysMapWithPlugins/keysmap.list

@@ -19,7 +19,7 @@ junit:junit:4.12=0xEFE8086F9E93774E
 commons-chain:commons-chain:1.2=0xB95BBD3FA43C4492,0x1861C322C56014B2
 #
 # Plugins:
-org.simplify4u.plugins:pgpverify-maven-plugin = noSig, 0x6636274B2E8BEA9D15A61143F8484389379ACEAC
+org.simplify4u.plugins:pgpverify-maven-plugin = noSig, 0x57EB3F12030A57BAA31CAAD5BE3E2A5CB80794EE
 
 org.apache.maven.plugins = \
     0x6A814B1F869C2BBEAB7CB7271A2A1C94BDE89688, \

src/main/java/org/simplify4u/plugins/keysmap/ArtifactData.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2020 Slawomir Jaranowski
+ * Copyright 2021 Slawomir Jaranowski
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -17,6 +17,7 @@
 
 import java.util.Locale;
 
+import lombok.Getter;
 import org.apache.maven.artifact.Artifact;
 
 /**
@@ -26,6 +27,7 @@
  *
  * @author Slawomir Jaranowski.
  */
+@Getter
 class ArtifactData {
 
     private final String groupId;
@@ -34,26 +36,9 @@ class ArtifactData {
     private final String version;
 
     ArtifactData(Artifact artifact) {
-
         groupId = artifact.getGroupId().toLowerCase(Locale.US);
         artifactId = artifact.getArtifactId().toLowerCase(Locale.US);
         type = artifact.getType().toLowerCase(Locale.US);
         version = artifact.getVersion().toLowerCase(Locale.US);
     }
-
-    public String getGroupId() {
-        return groupId;
-    }
-
-    public String getArtifactId() {
-        return artifactId;
-    }
-
-    public String getType() {
-        return type;
-    }
-
-    public String getVersion() {
-        return version;
-    }
 }

src/main/java/org/simplify4u/plugins/keysmap/ArtifactInfo.java → src/main/java/org/simplify4u/plugins/keysmap/ArtifactPattern.java

@@ -21,33 +21,38 @@
 import java.util.regex.Pattern;
 import java.util.regex.PatternSyntaxException;
 
+import lombok.EqualsAndHashCode;
 import org.apache.maven.artifact.versioning.DefaultArtifactVersion;
 import org.apache.maven.artifact.versioning.InvalidVersionSpecificationException;
 import org.apache.maven.artifact.versioning.VersionRange;
-import org.bouncycastle.openpgp.PGPPublicKey;
-import org.bouncycastle.openpgp.PGPPublicKeyRing;
 
 /**
  * Store information about artifact definition from KeysMap file.
  *
  * @author Slawomir Jaranowski.
  */
-class ArtifactInfo {
+@EqualsAndHashCode(onlyExplicitlyIncluded = true)
+class ArtifactPattern {
 
-    private final KeyInfo keyInfo;
+    private static final Pattern DOT_REPLACE = Pattern.compile("\\.");
+    private static final Pattern STAR_REPLACE = Pattern.compile("\\*");
+    private static final Pattern PACKAGING = Pattern.compile("^[a-zA-Z]+$");
+
+    /**
+     * Original pattern from keysMap. Used to compare if object is equal to another.
+     */
+    @EqualsAndHashCode.Include
+    private final String pattern;
 
     private final Pattern groupIdPattern;
     private final Pattern artifactIdPattern;
     private final Pattern packagingPattern;
     private final Function<String, Boolean> versionMatch;
 
-    private static final Pattern DOT_REPLACE = Pattern.compile("\\.");
-    private static final Pattern STAR_REPLACE = Pattern.compile("\\*");
-    private static final Pattern PACKAGING = Pattern.compile("^[a-zA-Z]+$");
-
-    public ArtifactInfo(String strArtifact, KeyInfo keyInfo) {
+    public ArtifactPattern(String pattern) {
 
-        String[] split = strArtifact.split(":");
+        this.pattern = pattern;
+        String[] split = this.pattern.split(":");
         String groupId = split.length > 0 ? split[0].trim().toLowerCase(Locale.US) : "";
         String artifactId = split.length > 1 ? split[1].trim().toLowerCase(Locale.US) : "";
 
@@ -75,9 +80,8 @@ public ArtifactInfo(String strArtifact, KeyInfo keyInfo) {
             packagingPattern = Pattern.compile(patternPrepare(packaging));
             versionMatch = versionMatchPrepare(version);
         } catch (InvalidVersionSpecificationException | PatternSyntaxException e) {
-            throw new IllegalArgumentException("Invalid artifact definition: " + strArtifact, e);
+            throw new IllegalArgumentException("Invalid artifact definition: " + pattern, e);
         }
-        this.keyInfo = keyInfo;
     }
 
     private static String patternPrepare(String str) {
@@ -146,20 +150,4 @@ private static boolean isMatchPattern(Pattern pattern, String str) {
         Matcher m = pattern.matcher(str);
         return m.matches();
     }
-
-    public boolean isKeyMatch(PGPPublicKey key, PGPPublicKeyRing keyRing) {
-        return keyInfo.isKeyMatch(key, keyRing);
-    }
-
-    public boolean isNoSignature() {
-        return keyInfo.isNoSignature();
-    }
-
-    public boolean isBrokenSignature() {
-        return keyInfo.isBrokenSignature();
-    }
-
-    public boolean isKeyMissing() {
-        return keyInfo.isKeyMissing();
-    }
 }

src/main/java/org/simplify4u/plugins/keysmap/KeyInfoItem.java → src/main/java/org/simplify4u/plugins/keysmap/KeyItem.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2020 Slawomir Jaranowski
+ * Copyright 2021 Slawomir Jaranowski
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -18,7 +18,10 @@
 import org.bouncycastle.openpgp.PGPPublicKey;
 import org.bouncycastle.openpgp.PGPPublicKeyRing;
 
-public interface KeyInfoItem {
+/**
+ * Describe single key item in keysMap.
+ */
+interface KeyItem {
 
     /**
      * Artifact can has no signature.
@@ -50,7 +53,7 @@ default boolean isKeyMissing() {
     /**
      * Check if current key mach with given key.
      *
-     * @param pgpPublicKey key to test
+     * @param pgpPublicKey     key to test
      * @param pgpPublicKeyRing keys ring to find master key
      *
      * @return key matching status

src/main/java/org/simplify4u/plugins/keysmap/KeyInfoItemAnyKey.java → src/main/java/org/simplify4u/plugins/keysmap/KeyItemAnyKey.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2020 Slawomir Jaranowski
+ * Copyright 2021 Slawomir Jaranowski
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -15,13 +15,27 @@
  */
 package org.simplify4u.plugins.keysmap;
 
+import lombok.EqualsAndHashCode;
 import org.bouncycastle.openpgp.PGPPublicKey;
 import org.bouncycastle.openpgp.PGPPublicKeyRing;
 
-public class KeyInfoItemAnyKey implements KeyInfoItem {
+/**
+ * Special key value.
+ * <p>
+ * Given artifact pattern can has any kay.
+ */
+@EqualsAndHashCode
+class KeyItemAnyKey implements KeyItem {
+
+    public static final String DESC = "any";
 
     @Override
     public boolean isKeyMatch(PGPPublicKey pgpPublicKey, PGPPublicKeyRing pgpPublicKeyRing) {
         return true;
     }
+
+    @Override
+    public String toString() {
+        return DESC;
+    }
 }

src/main/java/org/simplify4u/plugins/keysmap/KeyInfoItemBrokenSig.java → src/main/java/org/simplify4u/plugins/keysmap/KeyItemBrokenSig.java

@@ -15,10 +15,25 @@
  */
 package org.simplify4u.plugins.keysmap;
 
-public class KeyInfoItemBrokenSig implements KeyInfoItem {
+import lombok.EqualsAndHashCode;
+
+/**
+ * Special key value.
+ * <p>
+ * Given artifact pattern can has broken signature.
+ */
+@EqualsAndHashCode
+class KeyItemBrokenSig implements KeyItem {
+
+    public static final String DESC = "badSig";
 
     @Override
     public boolean isBrokenSignature() {
         return true;
     }
+
+    @Override
+    public String toString() {
+        return DESC;
+    }
 }