Keep your gradle dependencies up to date seamlessly

le 11/12/2015 par Thomas Dalous
Tags: Software Engineering

Keeping your dependencies up to date is not the funniest part of a project dev process. Especially if the dependencies list becomes long. However, it is crucial to keep your dependencies as possible close to the up-to-date versions available in order to benefit from the latest upgrades (such as bug fixes). The longer you wait, the harder the upgrade will be.

So what if you receive an email every week to inform your team about the last version available of your projects dependencies? Some tools like Lint (or other static code analyzers) already provide such features, but as long as you don't keep an eye on their reports you will not be warned about new versions.

In this quick tutorial we will setup a Jenkins job running a gradle plugin as a task in order to receive something like this by email:

The following dependencies have later milestone versions: - com.android.support.test.espresso:espresso-core [2.0 -> 2.2.1] - com.facebook.android:facebook-android-sdk [3.23.1 -> 4.8.2] - com.fasterxml.jackson.core:jackson-annotations [2.5.3 -> 2.7.0-rc1] - com.fasterxml.jackson.core:jackson-core [2.5.3 -> 2.7.0-rc1] - com.fasterxml.jackson.core:jackson-databind [2.5.3 -> 2.7.0-rc1]

Step 1: install the gradle plugin

We use the following gradle plugin: https://github.com/ben-manes/gradle-versions-plugin As described in the gradle-versions-plugin doc you just have to add these line to your gradle file:

Voir le lien github

Step 2: create a new jenkins job

Then go to your Jenkins web interface and create a new job, lets call it "[YourApp]-DependenciesCheck". Just add the following command in your task:

dependencyUpdates -DoutputDir=${WORKSPACE}

where you define the target directory (thanks to "-DoutputDir") of the result using the "${WORKSPACE}" constant (defined in your Jenkins configuration). Then specify the app root folder name in the root build script field:

Gradle scriptInvoke gradle script sample configuration

You may want to make the gradle plugin output more specific with only latest release versions (no beta, rc etc.), there is an option for that:

-Drevision=release

and plenty of others that you will find on the github repository readme.

Step 3: configure the email notification

Once your job is ready, we need to add a plugin to Jenkins in order be able to send an email with custom content: https://wiki.jenkins-ci.org/display/JENKINS/Email-ext+plugin (the default one is not as customizable as this one). Then specify the project recipient list, the default subject, default content and the attachments fields:

Email configuration sampleEmail notification sample configuration

Note: ${FILE,path="report.txt"} refers to the command output and print its content in the mail body.

And voilà! Choose the frequency of the job execution, we recommend you at least weekly, for instance every Monday at noon:

H 12,12 * * 1

(find more info about this syntaxe here)

Step 4: no step 4

To conclude these easy steps to follow will allow you to maintain your dependencies up to date and as a consequence improve your project quality. However be careful, a major version update may introduce some breaking changes that need to be analysed deeper in the changelog.

Feel free to ask any question in comments or to suggest improvements/others solutions.