commit 1f5bec863241291d28b658ba660c3932dff2fd4c Author: Oliver Weyhmueller Date: Sat Jan 4 10:04:50 2025 +0100 chore: initial Commit of project diff --git a/.gitea/workflows/release.yaml b/.gitea/workflows/release.yaml new file mode 100644 index 0000000..b9d68ad --- /dev/null +++ b/.gitea/workflows/release.yaml @@ -0,0 +1,159 @@ +--- +name: release + +on: + push: + branches: + - main + +jobs: + release: + name: Release + runs-on: ubuntu-latest + if: ${{ !startsWith(github.event.head_commit.message, 'Release') }} + + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - name: Set up Environment + run: | + apt update + apt install -y zip + mkdir -p /root/.jreleaser + touch /root/.jreleaser/config.properties + + - name: Determine next version + uses: https://github.com/obfu5c8/action-svu@v1 + id: generate_next_version + with: + type: auto + force-increment: true + no-metadata: false + no-pre-release: false + no-build: false + strip-prefix: true + prefix: '' + suffix: '' + + - name: Install syft + uses: https://github.com/anchore/sbom-action/download-syft@v0 + id: install_syft + with: + syft-version: v1.18.1 + + - name: Set new version + run: | + NEW_VERSION=${{steps.generate_next_version.outputs.version}} + echo NEW_VERSION=$NEW_VERSION >> "$GITHUB_ENV" + echo "New version: $NEW_VERSION" + + - name: Cache Java and Maven software + uses: https://github.com/actions/cache@v4 + with: + path: ~/.sdkman + key: ${{ runner.os }}-sdkman + restore-keys: | + ${{ runner.os }}-sdkman + env: + ACTIONS_STEP_DEBUG: true + + - name: Cache local Maven repository + uses: https://github.com/actions/cache@v4 + with: + path: ~/.m2/repository + key: ${{ runner.os }}-maven + restore-keys: | + ${{ runner.os }}-maven + env: + ACTIONS_STEP_DEBUG: true + + - name: Install Java & Maven + uses: https://github.com/sdkman/sdkman-action@main + id: sdkman + + - name: Set Version + env: + MAVEN_USERNAME: ${{ secrets.NEXUS_USERNAME }} + MAVEN_CENTRAL_TOKEN: ${{ secrets.NEXUS_PASSWORD }} + MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} + run: | + export GPG_TTY=$(tty) + git config user.name "${{ github.event.head_commit.committer.name }}" + git config user.email "${{ github.event.head_commit.committer.email }}" + mvn -B --file pom.xml versions:set -DnewVersion=${{ env.NEW_VERSION }} + + - name: Run JReleaser (Changelog) + uses: https://w9r.dev/actions/release-action@main + with: + arguments: changelog --debug + setup-java: false + continue-on-error: true + env: + JRELEASER_OUTPUT_DIRECTORY: target + JRELEASER_PROJECT_VERSION: ${{ env.NEW_VERSION }} + JRELEASER_GITEA_TOKEN: ${{ secrets.JRELEASER_GITEA_TOKEN }} + JRELEASER_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} + JRELEASER_GPG_PUBLIC_KEY: ${{ secrets.GPG_PUBLIC_KEY }} + JRELEASER_GPG_SECRET_KEY: ${{ secrets.GPG_PRIVATE_KEY }} + + - name: Commit and push changes + run: | + git config user.name "${{ github.event.head_commit.committer.name }}" + git config user.email "${{ github.event.head_commit.committer.email }}" + git add pom.xml CHANGELOG.md + git commit -a -m "Release ${{ env.NEW_VERSION }}" + git push + - name: Build package and populate staging area for deployment + run: | + mvn -B --file pom.xml package + mvn --file pom.xml -Ppublication + + + - name: Run JReleaser (Assemble) + uses: https://w9r.dev/actions/release-action@main + with: + arguments: assemble --debug + setup-java: false + continue-on-error: true + env: + JRELEASER_OUTPUT_DIRECTORY: target + JRELEASER_PROJECT_VERSION: ${{ env.NEW_VERSION }} + JRELEASER_GITEA_TOKEN: ${{ secrets.JRELEASER_GITEA_TOKEN }} + JRELEASER_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} + JRELEASER_GPG_PUBLIC_KEY: ${{ secrets.GPG_PUBLIC_KEY }} + JRELEASER_GPG_SECRET_KEY: ${{ secrets.GPG_PRIVATE_KEY }} + + - name: Run JReleaser (Release) + uses: https://w9r.dev/actions/release-action@main + with: + arguments: release --debug + setup-java: false + env: + JRELEASER_OUTPUT_DIRECTORY: target + JRELEASER_PROJECT_VERSION: ${{ env.NEW_VERSION }} + JRELEASER_GITEA_TOKEN: ${{ secrets.JRELEASER_GITEA_TOKEN }} + JRELEASER_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} + JRELEASER_GPG_PUBLIC_KEY: ${{ secrets.GPG_PUBLIC_KEY }} + JRELEASER_GPG_SECRET_KEY: ${{ secrets.GPG_PRIVATE_KEY }} + JRELEASER_ARTIFACTORY_USERNAME: ${{ secrets.NEXUS_USERNAME }} + JRELEASER_ARTIFACTORY_TOKEN: ${{ secrets.NEXUS_PASSWORD }} + + + # Persist logs + + - name: JReleaser release trace + if: always() + uses: https://gitea.com/actions/upload-artifact@v3 + with: + name: jreleaser-trace + path: target/jreleaser/trace.log + + - name: JReleaser release properties + if: always() + uses: https://gitea.com/actions/upload-artifact@v3 + with: + name: jreleaser-properties + path: target/jreleaser/output.properties diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..5ff6309 --- /dev/null +++ b/.gitignore @@ -0,0 +1,38 @@ +target/ +!.mvn/wrapper/maven-wrapper.jar +!**/src/main/**/target/ +!**/src/test/**/target/ + +### IntelliJ IDEA ### +.idea/modules.xml +.idea/jarRepositories.xml +.idea/compiler.xml +.idea/libraries/ +*.iws +*.iml +*.ipr + +### Eclipse ### +.apt_generated +.classpath +.factorypath +.project +.settings +.springBeans +.sts4-cache + +### NetBeans ### +/nbproject/private/ +/nbbuild/ +/dist/ +/nbdist/ +/.nb-gradle/ +build/ +!**/src/main/**/build/ +!**/src/test/**/build/ + +### VS Code ### +.vscode/ + +### Mac OS ### +.DS_Store \ No newline at end of file diff --git a/.sdkmanrc b/.sdkmanrc new file mode 100644 index 0000000..cea8def --- /dev/null +++ b/.sdkmanrc @@ -0,0 +1,2 @@ +java=21.0.5-tem +maven=3.9.9 diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..8aa2645 --- /dev/null +++ b/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) [year] [fullname] + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/README.md b/README.md new file mode 100644 index 0000000..682687d --- /dev/null +++ b/README.md @@ -0,0 +1,9 @@ +# Common Java Dependencies + +This project defines common dependency versions to multiple projects in order to keep them up-to-date. This Project +handles: + +- Common dependencies used by all projects + This ensures that dependencies used by every project have the same version +- Dependency version overrides for security reasons + This ensures that dependencies having known vulnerabilities are replaced by patched ones diff --git a/jreleaser.yml b/jreleaser.yml new file mode 100644 index 0000000..9a144c5 --- /dev/null +++ b/jreleaser.yml @@ -0,0 +1,184 @@ +--- +project: + versionPattern: SEMVER + snapshot: + pattern: .*-SNAPSHOT + label: early-access + fullChangelog: true + description: Dependencies + longDescription: | + Common dependencies + authors: + - Oliver Weyhmüller + tags: + - java + maintainers: + - 'oliver' + stereotype: NONE + license: MIT + inceptionYear: 2025 + links: + homepage: https://w9r.dev/pom/dependencies + documentation: https://w9r.dev/pom/dependencies/src/branch/main/README.md + license: https://spdx.org/licenses/MIT.html + vcsBrowser: https://w9r.dev/pom/dependencies + languages: + java: + groupId: dev.w9r.pom + artifactId: dependencies + version: 17 +signing: + active: ALWAYS + armored: true + verify: true + mode: MEMORY + files: true + artifacts: true + checksums: true + +assemble: + archive: + pom: + active: ALWAYS + exported: true + stereotype: NONE + platform: + replacements: + osx-x86_64: mac + aarch_64: aarch64 + x86_64: amd64 + linux_musl: alpine + archiveName: '{{projectName}}-{{projectVersion}}' + distributionType: JAVA_BINARY + formats: + - ZIP + - TAR_GZ + + fileSets: + - input: . # A set of files and directory to include. + includes: + - 'LICENSE' + - 'README.md' + - 'CHANGELOG.md' + - 'pom.xml' + +catalog: + sbom: + syft: + active: ALWAYS + distributions: true + files: true + pack: + enabled: false + name: '{{projectName}}-{{projectVersion}}-sboms' + formats: + - SPDX_JSON + - CYCLONEDX_JSON + - SYFT_JSON + - GITHUB_JSON + - TABLE + - TEXT +release: + gitea: + enabled: true + connectTimeout: 20 + readTimeout: 60 + owner: pom + name: dependencies + host: w9r.dev + username: releasebot + apiEndpoint: https://w9r.dev + tagName: "{{projectVersion}}" + overwrite: true + update: + enabled: false + sections: + - ASSETS + skipTag: false + skipRelease: false + sign: true + branch: main + uploadAssets: ALWAYS + files: true + artifacts: true + checksums: true + signatures: true + catalogs: true + draft: false + prerelease: + enabled: false + pattern: .*-SNAPSHOT + commitAuthor: + name: ReleaseBot + email: releasebot@w9r.dev + milestone: + close: true + name: '{{tagName}}' + issues: + enabled: true + comment: '🎉 This issue has been resolved in `{{tagName}}` ([Release Notes]({{releaseNotesUrl}}))' + applyMilestone: ALWAYS + label: + name: released + color: '#FF0000' + description: Issue has been released + issueTrackerUrl: https://w9r.dev/pom/dependencies/issues + changelog: + enabled: true + sort: DESC + links: true + skipMergeCommits: false + formatted: ALWAYS + preset: 'conventional-commits' + categoryTitleFormat: '### {{categoryTitle}}' + contributorsTitleFormat: '### Contributors' + content: | + {{changelogChanges}} + {{changelogContributors}} + append: + enabled: true + title: '## [{{tagName}}]' + target: 'CHANGELOG.md' + content: | + {{changelogTitle}} + {{changelogChanges}} + contributors: + enabled: false + + format: '- {{contributorName}} ({{contributorUsernameAsLink}})' + hide: + uncategorized: false + contributors: + - 'ReleaseBot' + - 'RenovateBot' + labelers: + - label: 'issue' + title: 'regex:fix:' + body: 'Fixes: ' + order: 1 + replacers: + - search: '\[chore\]\s' + replace: '' + - search: '/CVE-(\d{4})-(\d+)/g' + replace: 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-$1-$2' + +distributions: + pom: + artifacts: + - path: pom.xml +deploy: + maven: + artifactory: + pom: + active: ALWAYS + url: https://nexus.w9r.dev/repository/maven-releases + snapshotSupported: true + authorization: Basic + sign: false + checksums: true + sourceJar: false + javadocJar: false + verifyPom: true + applyMavenCentralRules: false + stagingRepositories: + - target/staging-deploy diff --git a/pom.xml b/pom.xml new file mode 100644 index 0000000..ed4db49 --- /dev/null +++ b/pom.xml @@ -0,0 +1,155 @@ + + + 4.0.0 + + dev.w9r.pom + dependencies + 0.0.1 + + Common Dependency Project Object Model for Maven Builds + Common dependencies and management of their versions + https://w9r.dev/pom/dependencies + + + + oliver + Oliver Weyhmüller + oliver@weyhmueller.de + + + + + scm:git:https://github.com/aalmiray/app.git + scm:git:https://w9r.dev/pom/dependencies.git + https://w9r.dev/pom/dependencies.git + HEAD + + + pom + + UTF-8 + 0.1.5 + 1.5.15 + + + + + MIT + https://spdx.org/licenses/MIT.html + repo + + + + + + + maven-snapshots + https://nexus.w9r.dev/repository/maven-snapshots + + + maven-releases + https://nexus.w9r.dev/repository/maven-releases + + + + + + + ch.qos.logback + logback-classic + ${w9r.logback.version} + + + ch.qos.logback + logback-core + ${w9r.logback.version} + + + ch.qos.logback.contrib + logback-json-classic + ${w9r.logback.json.version} + + + ch.qos.logback.contrib + logback-jackson + ${w9r.logback.json.version} + + + + + + + + + org.apache.maven.plugins + maven-deploy-plugin + 3.1.3 + + + org.apache.maven.plugins + maven-compiler-plugin + 3.13.0 + + + org.apache.maven.plugins + maven-javadoc-plugin + 3.11.2 + + + org.apache.maven.plugins + maven-source-plugin + 3.3.1 + + + + + + + + publication + + local::file:./target/staging-deploy + + + deploy + + + org.apache.maven.plugins + maven-javadoc-plugin + + + attach-javadocs + + jar + + + true + + + + + + org.apache.maven.plugins + maven-source-plugin + + + attach-sources + + jar + + + true + + + + + + + + +