First untested checkin of composite actions. Lots of fixes upcoming

Author: yshollander-selerity

cdflow2-deploy/action.yml

@@ -0,0 +1,38 @@
+name: "deploy cdflow2 release"
+description: "deploy cdflow2 release"
+
+inputs:
+  release_name:
+    description: "Name of release, default should be adequate"
+    required: true
+    default: "main-${{ github.run_number }}-${{ github.sha }}"
+  capability:
+    description: "key to find AWS authentication info in github actions secrets context. E.g. 'CAPINTERFACE', 'CAPAUTOMATION', etc."
+    required: true
+  environment:
+    description: "live or aslive"
+    required: true
+
+runs:
+  using: "composite"
+  steps:
+    if: ${{ github.ref == 'refs/heads/main' }}
+  - name: Check out code
+    uses: actions/checkout@v2
+
+  - name: Notify Teams
+    uses: toko-bifrost/[email protected]
+    with:
+      github-token: ${{ github.token }}
+      webhook-uri: ${{ secrets.MSTEAMS_WEBHOOK }}
+      card-layout-exit: compact
+      show-on-start: false
+
+  - name: Get latest cdflow2
+    run: curl -Lo infra/cdflow2 https://github.com/mergermarket/cdflow2/releases/latest/download/cdflow2-linux-amd64 && chmod +x infra/cdflow2
+
+  - name: Deploy to ${{ inputs.environment }}
+    env:
+      AWS_ACCESS_KEY_ID: ${{ format('secrets,{0}_AWS_ACCESS_KEY_ID', ${{ inputs.capability }}
+      AWS_SECRET_ACCESS_KEY: ${{ format('secrets,{0}_AWS_SECRET_ACCESS_KEY', ${{ inputs.capability }}
+    run: infra/cdflow2 deploy aslive ${{ inputs.release_name }}

cdflow2-release/action.yml

@@ -0,0 +1,36 @@
+name: "prepare cdflow2 release"
+description: "prepare cdflow2 release"
+
+inputs:
+  release_name:
+    description: "Name of release, default should be adequate"
+    required: true
+    default: "main-${{ github.run_number }}-${{ github.sha }}"
+  capability:
+    description: "key to find AWS authentication info in github actions secrets context. E.g. 'CAPINTERFACE', 'CAPAUTOMATION', etc."
+    required: true
+
+runs:
+  using: "composite"
+  steps:
+  - name: Prepare multilayered jar
+    run: mvn -B -V clean package --file pom.xml -s $GITHUB_WORKSPACE/settings.xml -Dmaven.javadoc.skip=true -DskipTests -Dmaven.test.skip=true -Dmaven.deploy.skip=true -Ddockerfile.skip -DdockerCompose.skip
+    env:
+      MAVEN_USERNAME: ${{ secrets.IONA_GITHUB_PACKAGE_USER }}
+      MAVEN_PASSWORD: ${{ secrets.IONA_GITHUB_PACKAGE_TOKEN }}
+
+  - name: Extract multilayered jar layers
+    run: |
+      cp target/spac-search-api*.jar target/application.jar
+      mkdir target/extracted
+      java -Djarmode=layertools -jar target/application.jar extract --destination target/extracted
+
+  - name: Get latest cdflow2
+    run: curl -Lo infra/cdflow2 https://github.com/mergermarket/cdflow2/releases/latest/download/cdflow2-linux-amd64 && chmod +x infra/cdflow2
+
+  - name: Prepare release
+    env:
+      GITHUB_TOKEN: ${{ github.token }}
+      AWS_ACCESS_KEY_ID: ${{ format('secrets,{0}_AWS_ACCESS_KEY_ID', ${{ inputs.capability }}
+      AWS_SECRET_ACCESS_KEY: ${{ format('secrets,{0}_AWS_SECRET_ACCESS_KEY', ${{ inputs.capability }}
+    run: infra/cdflow2 release ${{ inputs.release_name }}

code-analysis/action.yml

@@ -0,0 +1,40 @@
+name: 'Static Code Analysis'
+description: 'License checks, CodeQL, spotbugs, etc'
+  
+runs:
+  using: "composite"
+  steps:
+   - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: java
+
+    - name: Check third-party licenses
+      run: |
+        mvn -B -V -s $GITHUB_WORKSPACE/settings.xml -Dmaven.test.skip=true -DskipTests=true -Djacoco.skip=true \
+        org.codehaus.mojo:license-maven-plugin:2.0.0:add-third-party -Dlicense.outputDirectory=src/main/resources/META-INF/license \
+        -Dlicense.useMissingFile -Dlicense.useRepositoryMissingFiles=false -Dlicense.excludedGroups=com\\.ionanalytics.* \
+        -Dlicense.licenseMergesUrl=file:src/main/license/license-merges.txt \
+        -Dlicense.missingFileUrl=file:src/main/license/license-missing.txt \
+        -Dlicense.overrideUrl=file:src/main/license/license-overrides.txt \
+        -Dlicense.failOnBlacklist=true -Dlicense.failOnMissing=true -Dlicense.excludedScopes=test \
+        -Dlicense.excludedLicenses=file:src/main/license/license-blacklist.txt \
+        -Dlicense.includedLicenses=file:src/main/license/license-whitelist.txt
+
+    - name: Fetch findsecbugs spotbugs plugin
+      run: mvn dependency:copy -Dartifact=com.h3xstream.findsecbugs:findsecbugs-plugin:1.11.0
+
+    - name: Perform Spotbugs Analysis
+      run: |
+        mvn -B -V -s $GITHUB_WORKSPACE/settings.xml -Dmaven.test.skip=true -DskipTests=true \
+        -Dspotbugs.sarifOutput=true -Dspotbugs.sarifFullPath=true -Dspotbugs.threshold=high -Dspotbugs.pluginList=target/dependency/findsecbugs-plugin-1.11.0.jar \
+        com.github.spotbugs:spotbugs-maven-plugin:4.4.1:spotbugs
+      env:
+        MAVEN_USERNAME: ${{ secrets.IONA_GITHUB_PACKAGE_USER }}
+        MAVEN_PASSWORD: ${{ secrets.IONA_GITHUB_PACKAGE_TOKEN }}
+
+    - name: Upload Spotbugs sarif result
+      uses: github/codeql-action/upload-sarif@v1
+      with:
+        sarif_file: target/spotbugsSarif.json
+

java-build/action.yml

@@ -0,0 +1,36 @@
+name: "Java Build"
+description: "Build Java application in Github"
+
+runs:
+  using: "composite"
+  steps:
+  - name: Checkout code
+    uses: actions/checkout@v2
+
+  - name: Initialize CodeQL
+    uses: github/codeql-action/init@v1
+    with:
+      languages: java
+
+  - name: Set up JDK11
+    uses: actions/setup-java@v2
+    with:
+      distribution: 'temurin'
+      java-version: '11'
+      cache: 'maven'
+      server-id: github
+      settings-path: ${{ github.workspace }}
+
+  - name: Cache Maven packages
+    uses: actions/cache@v2
+    with:
+      path: ~/.m2/repository
+      key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+      restore-keys: ${{ runner.os }}-m2-
+
+# assumes repository is defined in pom.xml. mvn deploy runs all prerequisite steps including build
+  - name: Deploy Snapshot
+    run: mvn -B -V -U deploy -s $GITHUB_WORKSPACE/settings.xml
+    env:
+      GITHUB_TOKEN: ${{ secrets.IONA_GITHUB_PACKAGE_TOKEN }}
+