add an IT

JoeWang1127 · JoeWang1127 · commit 00dbae0ed35e · 2024-11-22T10:14:42.000-05:00
diff --git a/.github/workflows/analyze_dependency.yaml b/.github/workflows/analyze_dependency.yaml
@@ -27,10 +27,6 @@ jobs:
         distribution: temurin
         java-version: 17
         cache: maven
-    - name: Set up Maven
-      uses: stCarolas/setup-maven@v5
-      with:
-        maven-version: 3.8.2
     - name: Install dependency analyzer
       shell: bash
       run: |
diff --git a/java-shared-dependencies/dependency-analyzer/pom.xml b/java-shared-dependencies/dependency-analyzer/pom.xml
@@ -43,13 +43,21 @@
         <artifactId>maven-surefire-plugin</artifactId>
         <version>3.5.0</version>
         <configuration>
+          <excludes>
+            <exclude>**/*IntegrationTest.java</exclude>
+          </excludes>
           <environmentVariables>
             <!--this environment variable is used to set token when construct
               a mock http request in unit test-->
             <GITHUB_TOKEN>fake_value</GITHUB_TOKEN>
           </environmentVariables>
         </configuration>
       </plugin>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-failsafe-plugin</artifactId>
+        <version>3.5.0</version>
+      </plugin>
     </plugins>
   </build>
 
diff --git a/java-shared-dependencies/dependency-analyzer/src/test/java/com/google/cloud/integration/DependencyAnalyzerIntegrationTest.java b/java-shared-dependencies/dependency-analyzer/src/test/java/com/google/cloud/integration/DependencyAnalyzerIntegrationTest.java
@@ -0,0 +1,26 @@
+package com.google.cloud.integration;
+
+import com.google.cloud.DependencyAnalyzer;
+import com.google.cloud.external.DepsDevClient;
+import com.google.cloud.model.AnalysisResult;
+import com.google.cloud.model.ReportResult;
+import java.net.http.HttpClient;
+import org.junit.Test;
+
+public class DependencyAnalyzerIntegrationTest {
+  @Test
+  public void testAnalyzeFromJavaSharedDependenciesBom() {
+    DependencyAnalyzer dependencyAnalyzer = new DependencyAnalyzer(
+        new DepsDevClient(HttpClient.newHttpClient()));
+    String sharedDependenciesBom = "../pom.xml";
+    AnalysisResult analyzeReport = dependencyAnalyzer.analyze(sharedDependenciesBom);
+    System.out.println(analyzeReport.toString());
+    ReportResult result = analyzeReport.getAnalysisResult();
+    System.out.println(result);
+    if (result.equals(ReportResult.FAIL)) {
+      System.out.println(
+          "Please refer to go/cloud-java-rotations#security-advisories-monitoring for further actions");
+      System.exit(1);
+    }
+  }
+}
