diff --git a/.github/build.sh b/.github/build.sh
new file mode 100755
index 0000000..1ef4b2b
--- /dev/null
+++ b/.github/build.sh
@@ -0,0 +1,36 @@
+#!/bin/bash
+
+mvn -B clean
+
+(mvn org.codehaus.mojo:license-maven-plugin:2.5.0:aggregate-download-licenses &> ./license-maven-plugin.log) &
+BKMVNPID="$!"
+
+
+# Check if parent has PR version and purge if needed
+PARENT_VERSION=$(mvn help:evaluate -Dexpression=project.parent.version -q -DforceStdout)
+if [[ "$PARENT_VERSION" == *"-PR"* ]]; then
+ PARENT_GROUP_ID=$(mvn help:evaluate -Dexpression=project.parent.groupId -q -DforceStdout)
+ PARENT_ARTIFACT_ID=$(mvn help:evaluate -Dexpression=project.parent.artifactId -q -DforceStdout)
+ echo "~> Parent PR version detected ($PARENT_GROUP_ID:$PARENT_ARTIFACT_ID:$PARENT_VERSION), purging parent dependency cache"
+ mvn dependency:purge-local-repository \
+ -DmanualInclude="$PARENT_GROUP_ID:$PARENT_ARTIFACT_ID" \
+ -DreResolve=false \
+ -DactTransitively=false
+fi
+
+
+# ~ version set
+mvn versions:set -DnewVersion="$ARTIFACT_VERSION"
+
+mvn package;
+
+echo ""
+echo "~> Waiting for license download completion"
+wait "$BKMVNPID" || true
+
+if grep -q "BUILD SUCCESS" ./license-maven-plugin.log; then
+ echo "~> License download completed with success"
+else
+ echo "::error::License download terminated with error"
+ exit 99
+fi
diff --git a/.github/configure b/.github/configure
new file mode 100755
index 0000000..1d1ea23
--- /dev/null
+++ b/.github/configure
@@ -0,0 +1,20 @@
+#!/bin/bash
+
+git config --global advice.detachedHead false
+
+(
+ cd .github
+ git clone --depth 1 --branch "${ENTANDO_GITHUB_TOOLS_VERSION}" "https://github.com/entando-ps/github-tools" &>/dev/null
+)
+
+. .github/github-tools/lib.sh
+
+configure.start "$1"
+
+if [[ "$GITHUB_REF" == refs/tags/* ]]; then
+ . .github/github-tools/base.configure --tag "$GITHUB_REF"
+else
+ . .github/github-tools/base.configure "$GH_PR_TITLE" "$GH_PR_NUMBER"
+fi
+
+configure.complete
diff --git a/.github/publish-nexus.sh b/.github/publish-nexus.sh
new file mode 100755
index 0000000..ecda59f
--- /dev/null
+++ b/.github/publish-nexus.sh
@@ -0,0 +1,24 @@
+#!/bin/bash
+set -e
+
+# Validate required environment variables
+if [[ -z "$NEXUS_URL" || -z "$NEXUS_REPO_ID" ]]; then
+ echo "::error::Missing required environment variables: NEXUS_URL or NEXUS_REPO_ID"
+ exit 1
+fi
+
+echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
+echo " PUBLISH TO NEXUS"
+echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
+
+mvn -B javadoc:jar source:jar source:test-jar deploy \
+ -DskipTests=true \
+ -DaltDeploymentRepository="${NEXUS_REPO_ID}::${NEXUS_URL}" \
+ -Pprepare-for-nexus \
+ -DskipPreDeploymentTests=true \
+ -DskipPostDeploymentTests=true \
+ -Ddependency-check.skip=true
+
+echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
+echo " PUBLISH COMPLETE"
+echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
\ No newline at end of file
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
new file mode 100644
index 0000000..b9c200b
--- /dev/null
+++ b/.github/workflows/build.yml
@@ -0,0 +1,118 @@
+name: Build and Publish
+
+env:
+ ENTANDO_GITHUB_TOOLS_VERSION: "v0.1.1"
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ GH_PR_TITLE: ${{ github.event.pull_request.title }}
+ GH_PR_NUMBER: ${{ github.event.pull_request.number }}
+ GH_PR_RUN_NUMBER: ${{ github.run_number }}
+ GITHUB_REF: ${{ github.ref }}
+ JDK_VERSION: '17'
+
+on:
+ push:
+ branches: [ "develop", "release/*" ]
+ tags: [ 'v*' ]
+ pull_request:
+ branches: [ "develop", "release/*" ]
+
+jobs:
+ #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ # BUILD JOB - Compiles and packages the project
+ #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ build:
+ runs-on: ubuntu-latest
+ outputs:
+ SKIP_SCANS: ${{ steps.configure.outputs.SKIP_SCANS }}
+ SKIP_TESTS: ${{ steps.configure.outputs.SKIP_TESTS }}
+
+ permissions:
+ contents: write
+ pull-requests: read
+
+ steps:
+ - uses: actions/checkout@v4
+
+ - name: Set up JDK ${{ env.JDK_VERSION }}
+ uses: actions/setup-java@v4
+ with:
+ java-version: ${{ env.JDK_VERSION }}
+ distribution: 'temurin'
+ cache: maven
+
+ - name: Configure
+ id: configure
+ run: |
+ if [ -f ".github/configure" ]; then . .github/configure "build"; fi
+ gh.job.outputVar SKIP_SCANS
+ gh.job.outputVar SKIP_TESTS
+
+ - name: Cache Maven packages
+ uses: actions/cache@v4
+ with:
+ path: ~/.m2
+ key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+ restore-keys: ${{ runner.os }}-m2-
+
+ - name: Build Java
+ run: .github/build.sh
+
+ - name: Submit Dependency Snapshot
+ if: github.event_name != 'pull_request'
+ uses: advanced-security/maven-dependency-submission-action@v4
+
+ - name: Save build artifacts
+ uses: actions/upload-artifact@v4
+ with:
+ name: build-output
+ retention-days: 1
+ path: pom.xml
+
+ #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ # PUBLISH NEXUS JOB - Publishes POM to Nexus
+ #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ publish-nexus:
+ needs: [build]
+ if: |
+ always() &&
+ needs.build.result == 'success'
+ runs-on: ubuntu-latest
+
+ permissions:
+ contents: read
+
+ steps:
+ - uses: actions/checkout@v4
+
+ - name: Set up JDK ${{ env.JDK_VERSION }}
+ uses: actions/setup-java@v4
+ with:
+ java-version: ${{ env.JDK_VERSION }}
+ distribution: 'temurin'
+ cache: maven
+ server-id: ${{ vars.NEXUS_SERVER_ID }}
+ server-username: NEXUS_USERNAME
+ server-password: NEXUS_PASSWORD
+ gpg-private-key: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }}
+ gpg-passphrase: MAVEN_GPG_PASSPHRASE
+
+ - name: Restore build artifacts
+ uses: actions/download-artifact@v4
+ with:
+ name: build-output
+ path: .
+
+ - name: Configure
+ run: if [ -f ".github/configure" ]; then . .github/configure "publish-nexus"; fi
+
+ - name: Publish to Nexus
+ env:
+ # Secrets required for authentication (read by Maven settings or script)
+ NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }}
+ NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }}
+ MAVEN_GPG_PASSPHRASE: ${{ secrets.MAVEN_GPG_PASSPHRASE }}
+
+ # Variables required by the bash script
+ NEXUS_URL: ${{ vars.NEXUS_INSTANCE_URI }}
+ NEXUS_REPO_ID: ${{ vars.NEXUS_SERVER_ID }}
+ run: .github/publish-nexus.sh
diff --git a/.github/workflows/ga-publication.yml b/.github/workflows/ga-publication.yml
deleted file mode 100644
index 590e9a2..0000000
--- a/.github/workflows/ga-publication.yml
+++ /dev/null
@@ -1,63 +0,0 @@
-name: GA Publication
-
-on:
- release:
- types:
- - created
-
-env:
- ENTANDO_OPT_USE_PPL_TAG: "v1.4.1"
- ENTANDO_OPT_DATA_REPO: "${{ secrets.ENTANDO_OPT_DATA_REPO }}"
- ENTANDO_OPT_DATA_REPO_TOKEN: "${{ secrets.ENTANDO_OPT_DATA_REPO_TOKEN }}"
- ENTANDO_OPT_ENVIRONMENT_NAMES: "${{ secrets.ENTANDO_OPT_ENVIRONMENT_NAMES }}"
- ENTANDO_OPT_FEATURES: "${{ secrets.ENTANDO_OPT_FEATURES }}"
- ENTANDO_OPT_GLOBAL_FEATURES: "${{ secrets.ENTANDO_OPT_GLOBAL_FEATURES }}"
- ENTANDO_OPT_LOG_LEVEL: "${{ secrets.ENTANDO_OPT_LOG_LEVEL }}"
- ENTANDO_OPT_CUSTOM_ENV: "${{ secrets.ENTANDO_OPT_CUSTOM_ENV }}"
- PPL_CONTEXT: ${{ toJson(github) }}
- LOCAL_CLONE_DIR: "local-checkout"
-
-
-jobs:
- # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- # GA PUBLICATION
-
- ga-publish:
- env:
- ENTANDO_BOT_TOKEN: ${{ secrets.ENTANDO_BOT_TOKEN }}
- runs-on: ubuntu-latest
- steps:
- - name: "PR PIPELINE START"
- run: |
- ${{ secrets.ENTANDO_OPT_PPL_INSTALL_CMD }}
- ~/ppl-run status-report
- - name: "Checkout"
- run: |
- ~/ppl-run checkout-branch base \
- --id "CHECKOUT FOR GA PUBLICATION" \
- --lcd "$LOCAL_CLONE_DIR"
- - name: "Cache Maven packages"
- uses: actions/cache@v2
- with:
- path: ~/.m2
- key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
- restore-keys: ${{ runner.os }}-m2
- - name: "Configure GA Repository"
- uses: actions/setup-java@v1
- with:
- java-version: 11
- server-id: maven-central
- server-username: MAVEN_USERNAME
- server-password: MAVEN_PASSWORD
- gpg-private-key: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }}
- gpg-passphrase: MAVEN_GPG_PASSPHRASE
- - name: "Publish package to GA"
- run: |
- ~/ppl-run mvn GA-PUBLICATION \
- --id "GA-PUBLICATION" \
- --lcd "$LOCAL_CLONE_DIR"
- env:
- MAVEN_USERNAME: ${{ secrets.MAVEN_USERNAME }}
- MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }}
- MAVEN_GPG_PASSPHRASE: ${{ secrets.MAVEN_GPG_PASSPHRASE }}
diff --git a/.github/workflows/post-merge.yml b/.github/workflows/post-merge.yml
deleted file mode 100644
index 92fc340..0000000
--- a/.github/workflows/post-merge.yml
+++ /dev/null
@@ -1,42 +0,0 @@
-name: Post-Merge
-
-on:
- push:
- branches:
- - develop
- - epic/*
- - release/*
-
-env:
- ENTANDO_OPT_USE_PPL_TAG: "v1.4.1"
- ENTANDO_OPT_DATA_REPO: "${{ secrets.ENTANDO_OPT_DATA_REPO }}"
- ENTANDO_OPT_DATA_REPO_TOKEN: "${{ secrets.ENTANDO_OPT_DATA_REPO_TOKEN }}"
- ENTANDO_OPT_ENVIRONMENT_NAMES: "${{ secrets.ENTANDO_OPT_ENVIRONMENT_NAMES }}"
- ENTANDO_OPT_FEATURES: "${{ secrets.ENTANDO_OPT_FEATURES }}"
- ENTANDO_OPT_GLOBAL_FEATURES: "${{ secrets.ENTANDO_OPT_GLOBAL_FEATURES }}"
- ENTANDO_OPT_LOG_LEVEL: "${{ secrets.ENTANDO_OPT_LOG_LEVEL }}"
- ENTANDO_OPT_CUSTOM_ENV: "${{ secrets.ENTANDO_OPT_CUSTOM_ENV }}"
- PPL_CONTEXT: ${{ toJson(github) }}
- LOCAL_CLONE_DIR: "local-checkout"
-
-
-jobs:
- # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- # SNAPSHOT TAG
-
- add-version-tag:
- runs-on: ubuntu-latest
- steps:
- - name: "ADD SNAPSHOT TAG"
- run: |
- ${{ secrets.ENTANDO_OPT_PPL_INSTALL_CMD }}
-
- ~/ppl-run pr-status-report \
- .. checkout-branch base \
- --id "CHECKOUT-BASE" \
- --lcd "$LOCAL_CLONE_DIR" \
- --token "${{ secrets.ENTANDO_BOT_TOKEN }}" \
- .. publication tag-git-version \
- --id "TAG-VERSION" \
- --lcd "$LOCAL_CLONE_DIR"
diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml
deleted file mode 100644
index ff6810e..0000000
--- a/.github/workflows/pr.yml
+++ /dev/null
@@ -1,159 +0,0 @@
-name: PR-CYCLE
-
-on:
- pull_request:
- types:
- - opened
- - synchronize
- - reopened
- branches:
- - develop
- - epic/*
- - release/*
-
-env:
- ENTANDO_OPT_USE_PPL_TAG: "v1.4.1"
- ENTANDO_OPT_DATA_REPO: "${{ secrets.ENTANDO_OPT_DATA_REPO }}"
- ENTANDO_OPT_DATA_REPO_TOKEN: "${{ secrets.ENTANDO_OPT_DATA_REPO_TOKEN }}"
- ENTANDO_OPT_ENVIRONMENT_NAMES: "${{ secrets.ENTANDO_OPT_ENVIRONMENT_NAMES }}"
- ENTANDO_OPT_FEATURES: "${{ secrets.ENTANDO_OPT_FEATURES }}"
- ENTANDO_OPT_GLOBAL_FEATURES: "${{ secrets.ENTANDO_OPT_GLOBAL_FEATURES }}"
- ENTANDO_OPT_LOG_LEVEL: "${{ secrets.ENTANDO_OPT_LOG_LEVEL }}"
- ENTANDO_OPT_CUSTOM_ENV: "${{ secrets.ENTANDO_OPT_CUSTOM_ENV }}"
- PPL_CONTEXT: ${{ toJson(github) }}
- LOCAL_CLONE_DIR: "local-checkout"
-
-
-jobs:
- # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- # PREPARE
-
- prepare:
- runs-on: ubuntu-latest
- outputs:
- SCAN_MATRIX: ${{ steps.START.outputs.SCAN_MATRIX }}
- steps:
- #~
- - name: "PR PIPELINE START"
- id: START
- run: |
- ${{ secrets.ENTANDO_OPT_PPL_INSTALL_CMD }}
- ~/ppl-run \
- .. @checkout-branch --lcd "$LOCAL_CLONE_DIR" \
- .. status-report \
- .. @setup-feature-flags "PR_PREFLIGHT_CHECKS" "BOM_CHECK" "BOM" \
- .. @setup-features-list "SCAN_MATRIX" --prefix "MTX-MVN-,MTX-SCAN-" \
- ;
- - name: "PR preflight checks"
- if: steps.START.outputs.PR_PREFLIGHT_CHECKS != 'false'
- id: pr-preflight-checks
- run: |
- ~/ppl-run pr-preflight-checks --lcd "$LOCAL_CLONE_DIR"
-
- # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- # FULL-BUILD
-
- full-build:
- needs: [ 'prepare' ]
- runs-on: ubuntu-latest
- env:
- ENTANDO_BOT_TOKEN: "${{ secrets.ENTANDO_BOT_TOKEN }}"
- ENTANDO_OPT_OKD_LOGIN_TOKEN: "${{ secrets.ENTANDO_OPT_OKD_LOGIN_TOKEN }}"
- steps:
- #~ CHECKOUT
- - name: "CHECKOUT"
- id: CHECKOUT
- run: |
- ${{ secrets.ENTANDO_OPT_PPL_INSTALL_CMD }}
- ~/ppl-run checkout-branch \
- --lcd "$LOCAL_CLONE_DIR" \
- --token "$ENTANDO_BOT_TOKEN" \
- ;
- #~ JDK
- - name: "Set up JDK 11"
- uses: actions/setup-java@v1
- with:
- java-version: 11
- #~ MAVEN CACHE
- - name: "Cache Maven packages"
- uses: actions/cache@v2
- with:
- path: ~/.m2
- key: ${{ runner.os }}-m2
- restore-keys: ${{ runner.os }}-m2
- #~ SONAR CACHE
- - name: Cache SonarCloud packages
- uses: actions/cache@v1
- with:
- path: ~/.sonar/cache
- key: ${{ runner.os }}-sonar
- restore-keys: ${{ runner.os }}-sonar
- #~ BUILD
- - name: "FULL BUILD"
- env:
- ENTANDO_OPT_SONAR_PROJECT_KEY: "${{ secrets.ENTANDO_OPT_SONAR_PROJECT_KEY }}"
- SONAR_TOKEN: "${{ secrets.SONAR_TOKEN }}"
- GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
- run: |
- ~/ppl-run generic FULL-BUILD --lcd "$LOCAL_CLONE_DIR"
-
- # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- # SCANS
- scans:
- needs: [ 'prepare', 'full-build' ]
- runs-on: ubuntu-latest
- if: ${{ needs.prepare.outputs.SCAN_MATRIX != '' }}
- strategy:
- max-parallel: 5
- fail-fast: false
- matrix:
- scan-type: ${{fromJson(needs.prepare.outputs.SCAN_MATRIX)}}
-
- steps:
- #~ CHECKOUT
- - name: "CHECKOUT"
- run: |
- ${{ secrets.ENTANDO_OPT_PPL_INSTALL_CMD }}
- ~/ppl-run checkout-branch pr --lcd "$LOCAL_CLONE_DIR"
- #~ JDK
- - name: "Set up JDK 11"
- uses: actions/setup-java@v1
- with:
- java-version: 11
- #~ MAVEN CACHE
- - name: "Cache Maven packages"
- id: maven-cache
- uses: actions/cache@v2
- with:
- path: ~/.m2
- key: ${{ runner.os }}-m2-matrix-${{ matrix.scan-type }}
- restore-keys: |
- ${{ runner.os }}-m2-matrix-${{ matrix.scan-type }}
- ${{ runner.os }}-m2-matrix-
- ${{ runner.os }}-m2-
- #~ SCAN
- - name: "Run the matrix step ${{ matrix.scan-type }}"
- run: |
- SCAN_TYPE="${{ matrix.scan-type }}"
- case "$SCAN_TYPE" in
- MTX-MVN-SCAN-SONAR)
- export GITHUB_TOKEN="${{ secrets.GITHUB_TOKEN }}"
- export SONAR_TOKEN="${{ secrets.SONAR_TOKEN }}"
- export ENTANDO_OPT_SONAR_PROJECT_KEY="${{ secrets.ENTANDO_OPT_SONAR_PROJECT_KEY }}"
- ;;
- MTX-SCAN-SNYK)
- export SNYK_TOKEN="${{ secrets.SNYK_TOKEN }}"
- ;;
- MTX-MVN-POST-DEPLOYMENT-TESTS)
- export ENTANDO_OPT_OKD_LOGIN_TOKEN="${{ secrets.ENTANDO_OPT_OKD_LOGIN_TOKEN }}"
- export ENTANDO_OPT_IMAGE_REGISTRY_CREDENTIALS="${{ secrets.ENTANDO_OPT_IMAGE_REGISTRY_CREDENTIALS }}"
- export ENTANDO_OPT_DOCKER_USERNAME="${{ secrets.ENTANDO_OPT_DOCKER_USERNAME }}"
- export ENTANDO_OPT_DOCKER_PASSWORD="${{ secrets.ENTANDO_OPT_DOCKER_PASSWORD }}"
- export ENTANDO_OPT_TEST_TLS_CRT="${{ secrets.ENTANDO_OPT_TEST_TLS_CRT }}"
- export ENTANDO_OPT_TEST_TLS_KEY="${{ secrets.ENTANDO_OPT_TEST_TLS_KEY }}"
- ;;
- esac
- ~/ppl-run generic "$SCAN_TYPE" mvn --id "$SCAN_TYPE" --lcd "$LOCAL_CLONE_DIR"
diff --git a/.github/workflows/publication.yml b/.github/workflows/publication.yml
deleted file mode 100644
index 7fbf439..0000000
--- a/.github/workflows/publication.yml
+++ /dev/null
@@ -1,180 +0,0 @@
-name: PUB
-
-on:
- push:
- tags:
- - 'v*'
-
-env:
- ENTANDO_OPT_USE_PPL_TAG: "v1.4.1"
- ENTANDO_OPT_DATA_REPO: "${{ secrets.ENTANDO_OPT_DATA_REPO }}"
- ENTANDO_OPT_DATA_REPO_TOKEN: "${{ secrets.ENTANDO_OPT_DATA_REPO_TOKEN }}"
- ENTANDO_OPT_ENVIRONMENT_NAMES: "${{ secrets.ENTANDO_OPT_ENVIRONMENT_NAMES }}"
- ENTANDO_OPT_FEATURES: "${{ secrets.ENTANDO_OPT_FEATURES }}"
- ENTANDO_OPT_GLOBAL_FEATURES: "${{ secrets.ENTANDO_OPT_GLOBAL_FEATURES }}"
- ENTANDO_OPT_LOG_LEVEL: "${{ secrets.ENTANDO_OPT_LOG_LEVEL }}"
- ENTANDO_OPT_CUSTOM_ENV: "${{ secrets.ENTANDO_OPT_CUSTOM_ENV }}"
- PPL_CONTEXT: ${{ toJson(github) }}
- LOCAL_CLONE_DIR: "local-checkout"
-
-
-jobs:
- # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- # PUBLICATION
-
- publication:
- outputs:
- POST_PUB_DOCKER_SCAN: ${{ steps.START.outputs.POST_PUB_DOCKER_SCAN }}
- POST_DEP_TESTS: ${{ steps.START.outputs.POST_DEP_TESTS }}
- env:
- ENTANDO_BOT_TOKEN: ${{ secrets.ENTANDO_BOT_TOKEN }}
- runs-on: ubuntu-latest
- steps:
- - name: "PR PIPELINE START"
- id: START
- run: |
- ${{ secrets.ENTANDO_OPT_PPL_INSTALL_CMD }}
- ~/ppl-run \
- .. status-report \
- .. @setup-feature-flags "PR_FORMAT_CHECK" "BOM_CHECK" "BOM" "POST_PUB_DOCKER_SCAN" "POST_DEP_TESTS" \
- ;
- #~ CHECKOUT
- - name: "CHECKOUT"
- id: CHECKOUT
- run: |
- ~/ppl-run \
- .. checkout-branch --id "CHECKOUT FOR PUBLICATION" \
- --lcd "$LOCAL_CLONE_DIR" \
- --token "$ENTANDO_BOT_TOKEN" \
- .. pr-preflight-checks --only flags --lcd "$LOCAL_CLONE_DIR" \
- ;
- #~ JDK
- - name: "Set up JDK 11"
- uses: actions/setup-java@v1
- with:
- java-version: 11
- #~ MAVEN CACHE
- - name: "Cache Maven packages"
- uses: actions/cache@v2
- with:
- path: ~/.m2
- key: ${{ runner.os }}-m2
- restore-keys: ${{ runner.os }}-m2
- #~ CONFIGURE REPO
- - name: "Configure Entando Nexus Repository"
- uses: actions/setup-java@v1
- with:
- java-version: 11
- server-id: internal-nexus
- server-username: NEXUS_USERNAME
- server-password: NEXUS_PASSWORD
- #~ PUBLISH THE ARTIFACT
- - name: "Publish package"
- run: |
- ~/ppl-run generic PUBLISH --id "PUBLICATION" \
- --lcd "$LOCAL_CLONE_DIR"
- env:
- NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }}
- NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }}
- #~ UPDATE THE BOM (if required)
- - name: "BOM Update"
- if: steps.CHECKOUT.outputs.BOM_UPDATE_FLAG == 'true' && steps.START.outputs.BOM == 'true'
- run: |
- ~/ppl-run bom update-bom \
- --id "UPDATE-BOM" \
- --lcd "$LOCAL_CLONE_DIR" \
- --token "$ENTANDO_BOT_TOKEN" \
- ;
- #~ PUBLISH TO DOCKER
- - name: "Publish docker"
- run: |
- export ENTANDO_OPT_DOCKER_PASSWORD="${{ secrets.ENTANDO_OPT_DOCKER_PASSWORD }}"
- export ENTANDO_OPT_DOCKER_ALT_LOGIN_URL="${{ secrets.ENTANDO_OPT_DOCKER_ALT_LOGIN }}"
- export ENTANDO_OPT_DOCKER_ALT_USERNAME="${{ secrets.ENTANDO_OPT_DOCKER_ALT_USERNAME }}"
- export ENTANDO_OPT_DOCKER_ALT_PASSWORD="${{ secrets.ENTANDO_OPT_DOCKER_ALT_PASSWORD }}"
-
- ~/ppl-run docker publish --id "PUBLISH-DOCKER" --lcd "$LOCAL_CLONE_DIR"
-
- # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- # POST PUB JOBS
-
- post-pub-docker-scan:
- needs: [ 'publication' ]
- if: needs.publication.outputs.POST_PUB_DOCKER_SCAN == 'true'
- runs-on: ubuntu-latest
- steps:
- #~ CHECKOUT
- - name: "CHECKOUT"
- id: CHECKOUT
- run: |
- ${{ secrets.ENTANDO_OPT_PPL_INSTALL_CMD }}
- ~/ppl-run \
- .. checkout-branch --id "CHECKOUT FOR PUBLICATION" \
- --lcd "$LOCAL_CLONE_DIR" \
- --token "$ENTANDO_BOT_TOKEN" \
- .. pr-preflight-checks --only flags --lcd "$LOCAL_CLONE_DIR" \
- ;
- #~ JDK
- - name: "Set up JDK 11"
- uses: actions/setup-java@v1
- with:
- java-version: 11
- #~ MAVEN CACHE
- - name: "Cache Maven packages"
- uses: actions/cache@v2
- with:
- path: ~/.m2
- key: ${{ runner.os }}-m2
- restore-keys: ${{ runner.os }}-m2
- #~ SCAN
- - name: "Scan docker"
- env:
- ENTANDO_OPT_SNYK_ORG: "${{ secrets.ENTANDO_OPT_SNYK_ORG }}"
- SNYK_TOKEN: "${{ secrets.SNYK_TOKEN }}"
- ENTANDO_OPT_DOCKER_BUILDS: "${{ secrets.ENTANDO_OPT_DOCKER_BUILDS }}"
- ENTANDO_OPT_DOCKER_ORG: "${{ secrets.ENTANDO_OPT_DOCKER_ORG }}"
- run: |
- ~/ppl-run docker scan --id "SCAN-DOCKER" --lcd "$LOCAL_CLONE_DIR"
-
- post-dep-tests:
- needs: [ 'publication' ]
- if: needs.publication.outputs.POST_DEP_TESTS == 'true'
- runs-on: ubuntu-latest
- steps:
- #~ CHECKOUT
- - name: "CHECKOUT"
- id: CHECKOUT
- run: |
- ${{ secrets.ENTANDO_OPT_PPL_INSTALL_CMD }}
- ~/ppl-run \
- .. checkout-branch --id "CHECKOUT FOR PUBLICATION" \
- --lcd "$LOCAL_CLONE_DIR" \
- --token "$ENTANDO_BOT_TOKEN" \
- .. pr-preflight-checks --only flags --lcd "$LOCAL_CLONE_DIR" \
- ;
- #~ JDK
- - name: "Set up JDK 11"
- uses: actions/setup-java@v1
- with:
- java-version: 11
- #~ MAVEN CACHE
- - name: "Cache Maven packages"
- uses: actions/cache@v2
- with:
- path: ~/.m2
- key: ${{ runner.os }}-m2
- restore-keys: ${{ runner.os }}-m2
- - name: "Post deployment tests"
- run: |
- ${{ secrets.ENTANDO_OPT_PPL_INSTALL_CMD }}
-
- export ENTANDO_OPT_OKD_LOGIN_TOKEN="${{ secrets.ENTANDO_OPT_OKD_LOGIN_TOKEN }}"
- export ENTANDO_OPT_IMAGE_REGISTRY_CREDENTIALS="${{ secrets.ENTANDO_OPT_IMAGE_REGISTRY_CREDENTIALS }}"
- export ENTANDO_OPT_DOCKER_USERNAME="${{ secrets.ENTANDO_OPT_DOCKER_USERNAME }}"
- export ENTANDO_OPT_DOCKER_PASSWORD="${{ secrets.ENTANDO_OPT_DOCKER_PASSWORD }}"
- export ENTANDO_OPT_TEST_TLS_CRT="${{ secrets.ENTANDO_OPT_TEST_TLS_CRT }}"
- export ENTANDO_OPT_TEST_TLS_KEY="${{ secrets.ENTANDO_OPT_TEST_TLS_KEY }}"
-
- ~/ppl-run generic "POST-DEP-TESTS" --id "POST_DEP_TESTS" --lcd "$LOCAL_CLONE_DIR"
diff --git a/pom.xml b/pom.xml
index f5634f0..b4ef70d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -6,12 +6,13 @@
org.entando
entando-maven-root
- 7.4.0-ENG-5324-PR-23
+ 7.2.0
org.entando
entando-spring-boot-parent
- 7.4.0-SNAPSHOT
+ 7.5.0-SNAPSHOT
+
pom
Entando Spring Boot Parent
Entando Spring Boot Parent
@@ -46,6 +47,9 @@
entando
+ 17
+ 17
+ 17
false
https://raw.githubusercontent.com/entando-k8s/entando-spring-boot-parent/ACTIVE-CHECKSTYLE/checkstyle.xml
@@ -55,44 +59,43 @@
- 7.4.0-ENG-5324-PR-91
- 42.3.8
- 9.0.81
- 4.0.1
- 0.9.0
- 4.10.3
- 2.5.15
- 2.5.7
- 1.2.2
- 0.25.2
- 2.13.2
- 4.4
- 2.8.0
- 1.69
- 1.4.199
- 3.23.1-GA
+ 7.3.0-fix.2
+ 42.7.4
+ 10.1.47
+ 4.2.2
+ 0.10.2
+ 6.13.5
+ 3.5.9
+ 1.3
+ 0.29.1
+ 2.25.3
+ 4.5.0-M2
+ 2.18.0
+ 1.79
+ 2.3.232
+ 3.30.2-GA
3.1.0
- 2.13.2
- 1.9.16
- 2.5.2.RELEASE
- 2.12.7.1
- 5.4.28.Final
- 2.9.9
- 0.25.2
- 1.6.0
- 1.21
- 19.3.0.0
- 5.7.0.202003110725-r
- 3.4.1
- 2.2.1.RELEASE
- 2.3.1
- 4.5.13
- 5.2.1.RELEASE
- 1.27
- Finchley.SR1
- 5.3.27
- 5.3.18
- 5.5.7
+ 2.25.3
+ 1.15.11
+ 2.16.2
+ 6.6.4.Final
+ 2.16.2
+ 4.0.0
+ 0.29.1
+ 2.8.4
+ 1.27.1
+ 23.6.0.24.10
+ 7.1.0.202411261347-r
+ 3.27.0
+ 4.2.0
+ 4.0.2
+ 5.4.1
+ 2.3
+ 2024.0.0
+ 6.2.15
+ 6.5.7
+ 3.5.2
+ 3.1.1
@@ -138,7 +141,7 @@
org.springframework.security.oauth
spring-security-oauth2
- ${spring-security-oauth2.version}
+ ${spring-security.version}
com.fasterxml.jackson.core
@@ -185,8 +188,8 @@
org.springdoc
- springdoc-openapi-ui
- ${springdoc-openapi-ui.version}
+ springdoc-openapi-starter-webmvc-ui
+ ${springdoc-openapi.version}
org.springframework.boot
@@ -225,7 +228,7 @@
${commons-compress.version}
- com.oracle.ojdbc
+ com.oracle.database.jdbc
ojdbc8
${ojdbc8.version}
compile
@@ -278,15 +281,20 @@
${spring-cloud-starter-contract-stub-runner.version}
test
+
+
+
+
+
- javax.xml.bind
- jaxb-api
- ${jaxb-api.version}
+ jakarta.xml.bind
+ jakarta.xml.bind-api
+ ${jakarta.xml.bind-api.version}
- org.apache.httpcomponents
- httpclient
- ${httpclient.version}
+ org.apache.httpcomponents.client5
+ httpclient5
+ ${httpclient5.version}
org.awaitility
@@ -296,7 +304,7 @@
org.springframework.security
spring-security-test
- ${spring-security-test.version}
+ ${spring-security.version}
test
@@ -371,16 +379,6 @@
spring-security-crypto
${spring-security.version}
-
- org.springframework.security.oauth
- spring-security-oauth2
- ${spring-security-oauth2.version}
-
-
- org.springframework.security.oauth.boot
- spring-security-oauth2-autoconfigure
- ${spring-security-oauth2-autoconfigure.version}
-
@@ -445,12 +443,13 @@ mvn clean verify -DpreDeploymentTestGroups=in-process -Ppre-deployment-verificat
org.apache.maven.plugins
maven-deploy-plugin
+ ${maven-deploy-plugin.version}
org.apache.maven.plugins
maven-surefire-plugin
- 3.0.0-M1
+ ${maven-surefire-plugin.version}