diff --git a/.gitattributes b/.gitattributes index d0ebba8..7febf29 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1,14 +1,12 @@ -dependencies.md linguist-generated=true -doc/changes/changelog.md linguist-generated=true -pk_generated_parent.pom linguist-generated=true -.github/workflows/broken_links_checker.yml linguist-generated=true -.github/workflows/ci-build-next-java.yml linguist-generated=true -.github/workflows/ci-build.yml linguist-generated=true -.github/workflows/dependencies_check.yml linguist-generated=true -.github/workflows/release_droid_prepare_original_checksum.yml linguist-generated=true -.github/workflows/release_droid_print_quick_checksum.yml linguist-generated=true -.github/workflows/release_droid_release_on_maven_central.yml linguist-generated=true -.github/workflows/release_droid_upload_github_release_assets.yml linguist-generated=true +dependencies.md linguist-generated=true +doc/changes/changelog.md linguist-generated=true +pk_generated_parent.pom linguist-generated=true +.github/workflows/broken_links_checker.yml linguist-generated=true +.github/workflows/ci-build-next-java.yml linguist-generated=true +.github/workflows/ci-build.yml linguist-generated=true +.github/workflows/dependencies_check.yml linguist-generated=true +.github/workflows/dependencies_update.yml linguist-generated=true +.github/workflows/release.yml linguist-generated=true .settings/org.eclipse.jdt.core.prefs linguist-generated=true .settings/org.eclipse.jdt.ui.prefs linguist-generated=true diff --git a/.github/workflows/broken_links_checker.yml b/.github/workflows/broken_links_checker.yml index 82ec1cd..d7a38b4 100644 --- a/.github/workflows/broken_links_checker.yml +++ b/.github/workflows/broken_links_checker.yml @@ -1,3 +1,5 @@ +# Generated by Project Keeper +# https://github.com/exasol/project-keeper/blob/main/project-keeper/src/main/resources/templates/.github/workflows/broken_links_checker.yml name: Broken Links Checker on: @@ -11,6 +13,9 @@ on: jobs: linkChecker: runs-on: ubuntu-latest + defaults: + run: + shell: "bash" concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true diff --git a/.github/workflows/ci-build-next-java.yml b/.github/workflows/ci-build-next-java.yml index 7cbab08..8886e10 100644 --- a/.github/workflows/ci-build-next-java.yml +++ b/.github/workflows/ci-build-next-java.yml @@ -1,5 +1,6 @@ +# Generated by Project Keeper +# https://github.com/exasol/project-keeper/blob/main/project-keeper/src/main/resources/templates/.github/workflows/ci-build-next-java.yml name: CI Build next Java - on: push: branches: @@ -9,6 +10,12 @@ on: jobs: java-17-compatibility: runs-on: ubuntu-latest + defaults: + run: + shell: "bash" + permissions: + contents: read + checks: write # Allow scacap/action-surefire-report concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true @@ -18,7 +25,7 @@ jobs: with: fetch-depth: 0 - name: Set up JDK 17 - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: distribution: "temurin" java-version: 17 @@ -26,8 +33,9 @@ jobs: - name: Run tests and build with Maven run: | mvn --batch-mode --update-snapshots clean package -DtrimStackTrace=false \ + -Djava.version=17 \ -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn - - name: Publish Test Report + - name: Publish Test Report for Java 17 uses: scacap/action-surefire-report@v1 if: ${{ always() && github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]' }} with: diff --git a/.github/workflows/ci-build.yml b/.github/workflows/ci-build.yml index d19ee2a..8cea999 100644 --- a/.github/workflows/ci-build.yml +++ b/.github/workflows/ci-build.yml @@ -1,63 +1,128 @@ -# Generated by Project Keeper -# https://github.com/exasol/project-keeper/blob/main/project-keeper/src/main/resources/templates/.github/workflows/ci-build.yml +# This file was generated by Project Keeper. name: CI Build on: push: - branches: - - main - pull_request: - + branches: [ + main + ] + + pull_request: null + workflow_dispatch: null jobs: build: runs-on: ubuntu-latest - concurrency: - group: ${{ github.workflow }}-${{ github.ref }} + defaults: + run: { + shell: bash + } + permissions: { + contents: read, + checks: write, + issues: read + } + concurrency: { + group: '${{ github.workflow }}-${{ github.ref }}', cancel-in-progress: true + } + outputs: { + release-required: '${{ steps.check-release.outputs.release-required }}' + } steps: - name: Free Disk Space + id: free-disk-space if: ${{ false }} run: | sudo rm -rf /usr/local/lib/android sudo rm -rf /usr/share/dotnet - name: Checkout the repository + id: checkout uses: actions/checkout@v4 - with: + with: { fetch-depth: 0 - - name: Set up JDK 11 & 17 - uses: actions/setup-java@v3 + } + - name: Set up JDKs + id: setup-java + uses: actions/setup-java@v4 with: - distribution: "temurin" + distribution: temurin java-version: | - 17 11 - cache: "maven" + 17 + cache: maven - name: Cache SonarCloud packages - uses: actions/cache@v3 - with: - path: ~/.sonar/cache - key: ${{ runner.os }}-sonar - restore-keys: ${{ runner.os }}-sonar - - name: Enable testcontainer reuse + id: cache-sonar + uses: actions/cache@v4 + with: { + path: ~/.sonar/cache, + key: '${{ runner.os }}-sonar', + restore-keys: '${{ runner.os }}-sonar' + } + - { + name: Enable testcontainer reuse, + id: enable-testcontainer-reuse, run: echo 'testcontainers.reuse.enable=true' > "$HOME/.testcontainers.properties" + } - name: Run tests and build with Maven + id: build-pk-verify run: | - JAVA_HOME=$JAVA_HOME_11_X64 mvn --batch-mode clean verify \ + mvn --batch-mode clean verify \ -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \ -DtrimStackTrace=false - - name: Publish Test Report - uses: scacap/action-surefire-report@v1 - if: ${{ always() && github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]' }} - with: - github_token: ${{ secrets.GITHUB_TOKEN }} - name: Sonar analysis + id: sonar-analysis if: ${{ env.SONAR_TOKEN != null }} run: | - JAVA_HOME=$JAVA_HOME_17_X64 mvn --batch-mode org.sonarsource.scanner.maven:sonar-maven-plugin:sonar \ + mvn --batch-mode org.sonarsource.scanner.maven:sonar-maven-plugin:sonar \ -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \ -DtrimStackTrace=false \ - -Dsonar.organization=exasol \ - -Dsonar.host.url=https://sonarcloud.io \ -Dsonar.token=$SONAR_TOKEN - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + env: { + GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}', + SONAR_TOKEN: '${{ secrets.SONAR_TOKEN }}' + } + - name: Verify Release Artifacts + id: verify-release-artifacts + run: "print_message() {\n local -r message=$1\n echo \"$message\"\n echo \"$message\" >> \"$GITHUB_STEP_SUMMARY\"\n}\n\nprint_message \"### Release Artifacts\"\n\nIFS=$'\\n' artifacts_array=($ARTIFACTS)\nmissing_files=()\nfor file in \"${artifacts_array[@]}\";\ndo \n echo \"Checking if file $file exists...\"\n if ! [[ -f \"$file\" ]]; then\n print_message \"* ⚠️ \\`$file\\` does not exist ⚠️\"\n echo \"Content of directory $(dirname \"$file\"):\"\n ls \"$(dirname \"$file\")\"\n missing_files+=(\"$file\")\n else\n print_message \"* \\`$file\\` ✅\" \n fi\ndone\nprint_message \"\"\nnumber_of_missing_files=${#missing_files[@]}\nif [[ $number_of_missing_files -gt 0 ]]; then\n print_message \"⚠️ $number_of_missing_files release artifact(s) missing ⚠️\"\n exit 1\nfi\n" + env: { + ARTIFACTS: '${{ steps.build-pk-verify.outputs.release-artifacts }}' + } + - name: Upload artifacts + id: upload-artifacts + uses: actions/upload-artifact@v4 + with: { + name: artifacts, + path: '${{ steps.build-pk-verify.outputs.release-artifacts }}', + retention-days: 5 + } + - name: Check if release is needed + id: check-release + if: ${{ github.ref == 'refs/heads/main' }} + run: | + if mvn --batch-mode com.exasol:project-keeper-maven-plugin:verify-release --projects .; then + echo "### ✅ Release preconditions met, start release" >> "$GITHUB_STEP_SUMMARY" + echo "release-required=true" >> "$GITHUB_OUTPUT" + else + echo "### 🛑 Release precondition not met, skipping release" >> "$GITHUB_STEP_SUMMARY" + echo "See log output for details." >> "$GITHUB_STEP_SUMMARY" + echo "release-required=false" >> "$GITHUB_OUTPUT" + fi + env: { + GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}' + } + start_release: + needs: build + if: ${{ github.ref == 'refs/heads/main' && needs.build.outputs.release-required == 'true' }} + concurrency: { + cancel-in-progress: false, + group: release + } + secrets: inherit + permissions: { + contents: write, + actions: read, + issues: read + } + uses: ./.github/workflows/release.yml + with: { + started-from-ci: true + } diff --git a/.github/workflows/dependencies_check.yml b/.github/workflows/dependencies_check.yml index 4b6eadf..9c2365c 100644 --- a/.github/workflows/dependencies_check.yml +++ b/.github/workflows/dependencies_check.yml @@ -1,35 +1,80 @@ -name: Report Security Issues for Repository - +# This file was generated by Project Keeper. +name: Report Security Issues on: - workflow_dispatch: + workflow_dispatch: null schedule: - - cron: "0 2 * * *" - + - { + cron: 0 2 * * * + } jobs: report_security_issues: runs-on: ubuntu-latest - permissions: + defaults: + run: { + shell: bash + } + permissions: { + contents: read, issues: write - + } + outputs: { + created-issues: '${{ steps.security-issues.outputs.created-issues }}' + } + concurrency: { + group: '${{ github.workflow }}-report_security_issues', + cancel-in-progress: true + } steps: - - uses: actions/checkout@v4 - - name: Set up JDK 11 - uses: actions/setup-java@v3 + - { + name: Checkout, + id: checkout, + uses: actions/checkout@v4 + } + - name: Set up JDKs + id: setup-jdks + uses: actions/setup-java@v4 with: - distribution: "temurin" - java-version: 11 - cache: "maven" - + distribution: temurin + java-version: | + 11 + 17 + cache: maven - name: Generate ossindex report + id: ossindex-report run: | - mvn org.sonatype.ossindex.maven:ossindex-maven-plugin:audit \ + mvn --batch-mode org.sonatype.ossindex.maven:ossindex-maven-plugin:audit \ org.sonatype.ossindex.maven:ossindex-maven-plugin:audit-aggregate \ -Dossindex.reportFile=$(pwd)/ossindex-report.json \ -Dossindex.fail=false - - name: Report Security Issues + id: security-issues uses: exasol/python-toolbox/.github/actions/security-issues@main - with: - format: "maven" - command: "cat ossindex-report.json" - github-token: ${{ secrets.GITHUB_TOKEN }} + with: { + format: maven, + command: cat ossindex-report.json, + github-token: '${{ secrets.GITHUB_TOKEN }}' + } + - name: Output security issues (Debugging) + id: debug-print-security-issues + run: | + echo "$CREATED_ISSUES" > test.jsonl + cat test.jsonl + env: { + CREATED_ISSUES: '${{ steps.security-issues.outputs.created-issues }}' + } + start_dependency_udpate: + needs: report_security_issues + if: ${{ needs.report_security_issues.outputs.created-issues }} + concurrency: { + group: '${{ github.workflow }}-start_dependency_update', + cancel-in-progress: false + } + secrets: inherit + permissions: { + contents: write, + pull-requests: write + } + uses: ./.github/workflows/dependencies_update.yml + with: { + vulnerability_issues: '${{ needs.report_security_issues.outputs.created-issues }}' + } diff --git a/.github/workflows/dependencies_update.yml b/.github/workflows/dependencies_update.yml new file mode 100644 index 0000000..9f536ee --- /dev/null +++ b/.github/workflows/dependencies_update.yml @@ -0,0 +1,180 @@ +# This file was generated by Project Keeper. +name: Update dependencies +on: + workflow_call: + inputs: + vulnerability_issues: { + description: GitHub issues for vulnerable dependencies as JSONL, + required: true, + type: string + } + workflow_dispatch: null +jobs: + update_dependencies: + runs-on: ubuntu-latest + defaults: + run: { + shell: bash + } + permissions: { + contents: write, + pull-requests: write + } + concurrency: { + group: '${{ github.workflow }}', + cancel-in-progress: false + } + steps: + - uses: actions/checkout@v4 + id: checkout + with: { + fetch-depth: 0 + } + - name: Set up JDKs + id: setup-jdks + uses: actions/setup-java@v4 + with: + distribution: temurin + java-version: | + 11 + 17 + cache: maven + - name: Print issues + id: debug-print-issues + run: | + echo "Issues from Action input: $ISSUES" + env: { + ISSUES: '${{ inputs.vulnerability_issues }}' + } + - name: Fail if not running on a branch + id: check-branch + if: ${{ !startsWith(github.ref, 'refs/heads/') }} + uses: actions/github-script@v7 + with: + script: | + core.setFailed('Not running on a branch, github.ref is ${{ github.ref }}. Please start this workflow only on main or a branch') + - name: Update dependencies + id: update-dependencies + run: | + mvn --batch-mode com.exasol:project-keeper-maven-plugin:update-dependencies --projects . \ + -Dproject-keeper:vulnerabilities="$CREATED_ISSUES" + env: { + CREATED_ISSUES: '${{ inputs.vulnerability_issues }}' + } + - name: Project Keeper Fix + id: project-keeper-fix + run: | + mvn --batch-mode com.exasol:project-keeper-maven-plugin:fix --projects . + - name: Project Keeper Fix for updated Project Keeper version + id: project-keeper-fix-2 + run: | + mvn --batch-mode com.exasol:project-keeper-maven-plugin:fix --projects . + - name: Generate Pull Request comment + id: pr-comment + run: | + echo 'comment<> "$GITHUB_OUTPUT" + echo 'This Pull Request was created by [`dependencies_update.yml`](https://github.com/exasol/project-keeper/blob/main/project-keeper/src/main/resources/templates/.github/workflows/dependencies_update.yml) workflow.' >> "$GITHUB_OUTPUT" + if [ -n "$CREATED_ISSUES" ]; then + echo 'It updates dependencies to fix the following vulnerabilities:' >> "$GITHUB_OUTPUT" + echo $CREATED_ISSUES | jq --raw-output '. | "* Closes " + .issue_url + " (" + .cve + ")"' >> "$GITHUB_OUTPUT" + else + echo 'It updates dependencies.' >> "$GITHUB_OUTPUT" + fi + echo >> "$GITHUB_OUTPUT" + echo '# ⚠️ This PR does not trigger CI workflows by default ⚠️' >> "$GITHUB_OUTPUT" + echo 'Please click the **Close pull request** button and then **Reopen pull request** to trigger running checks.' >> "$GITHUB_OUTPUT" + echo 'See https://github.com/exasol/project-keeper/issues/534 for details.' >> "$GITHUB_OUTPUT" + echo 'EOF' >> "$GITHUB_OUTPUT" + + cat "$GITHUB_OUTPUT" + env: { + CREATED_ISSUES: '${{ inputs.vulnerability_issues }}' + } + - name: Generate Pull Request Title + id: pr-title + run: | + if [ -n "$CREATED_ISSUES" ]; then + echo "Security issues are available" + echo "title=🔐 Update dependencies to fix vulnerabilities" >> "$GITHUB_OUTPUT" + else + echo "Security issues are not available" + echo "title=Update dependencies" >> "$GITHUB_OUTPUT" + fi + + cat "$GITHUB_OUTPUT" + env: { + CREATED_ISSUES: '${{ inputs.vulnerability_issues }}' + } + - name: Configure git + id: configure-git + run: | + git config --global user.email "opensource@exasol.com" + git config --global user.name "Automatic Dependency Updater" + - name: Create branch + id: create-branch + if: ${{ github.ref == 'refs/heads/main' }} + run: | + branch_name="dependency-update/$(date "+%Y%m%d%H%M%S")" + echo "Creating branch $branch_name" + git checkout -b "$branch_name" + - name: Commit changes & push + id: publish-branch + if: ${{ startsWith(github.ref, 'refs/heads/' ) }} + run: | + branch_name=$(git rev-parse --abbrev-ref HEAD) + echo "Current branch: $branch_name" + echo "git diff --stat" + git diff --stat + echo "git diff --numstat" + git diff --numstat + echo "git diff --name-status" + git diff --name-status + echo "Adding untracked files:" + git add . --verbose --all + echo "Committing changes..." + git commit --message "$TITLE" + echo "Pushing branch $branch_name..." + git push --set-upstream origin "$branch_name" + echo "Done." + env: { + TITLE: '${{ steps.pr-title.outputs.title }}' + } + - name: Create pull request + id: create-pr + if: ${{ github.ref == 'refs/heads/main' }} + run: | + pr_url=$(gh pr create --base main --title "$TITLE" --body "$COMMENT") + echo "Created Pull Request: $pr_url" + echo "pr_url=$pr_url" >> "$GITHUB_OUTPUT" + env: { + COMMENT: '${{ steps.pr-comment.outputs.comment }}', + TITLE: '${{ steps.pr-title.outputs.title }}', + GH_TOKEN: '${{ github.token }}' + } + - name: Report failure Status to Slack channel + id: report-failure-slack + if: ${{ always() }} + uses: ravsamhq/notify-slack-action@v2 + with: { + status: '${{ job.status }}', + token: '${{ secrets.GITHUB_TOKEN }}', + notification_title: 'Dependency check in {repo} has {status_message}', + message_format: '{emoji} *{workflow}* {status_message} in <{repo_url}|{repo}>', + notify_when: 'failure,cancelled,warnings' + } + env: { + SLACK_WEBHOOK_URL: '${{ secrets.INTEGRATION_TEAM_SLACK_NOTIFICATION_WEBHOOK }}' + } + - name: Report new Pull Request to Slack channel + id: report-pr-slack + if: ${{ steps.create-pr.outputs.pr_url }} + uses: ravsamhq/notify-slack-action@v2 + with: { + status: '${{ job.status }}', + token: '${{ secrets.GITHUB_TOKEN }}', + notification_title: 'Dependency update for {repo} created a Pull Request', + message_format: '{workflow} created Pull Request ${{ steps.create-pr.outputs.pr_url }}' + } + env: { + SLACK_WEBHOOK_URL: '${{ secrets.INTEGRATION_TEAM_SLACK_NOTIFICATION_WEBHOOK }}' + } diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..5be64c8 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,219 @@ +# This file was generated by Project Keeper. +name: Release +on: + workflow_call: + inputs: + started-from-ci: { + description: 'Marks this release as started from CI, skipping precondition check', + type: boolean, + required: true, + default: false + } + workflow_dispatch: + inputs: + skip-maven-central: { + description: Skip deployment to Maven Central, + required: true, + type: boolean, + default: false + } + skip-github-release: { + description: Skip creating the GitHub release, + required: true, + type: boolean, + default: false + } +jobs: + release: + runs-on: ubuntu-latest + defaults: + run: { + shell: bash + } + concurrency: { + group: '${{ github.workflow }}', + cancel-in-progress: false + } + permissions: { + contents: write, + actions: read, + issues: read + } + steps: + - name: Checkout the repository + id: checkout + uses: actions/checkout@v4 + with: { + fetch-depth: 0 + } + - name: Set up Maven Central Repository + id: configure-maven-central-credentials + if: ${{ true }} + uses: actions/setup-java@v4 + with: + distribution: temurin + java-version: | + 11 + 17 + cache: maven + server-id: ossrh + server-username: MAVEN_USERNAME + server-password: MAVEN_PASSWORD + gpg-private-key: ${{ secrets.OSSRH_GPG_SECRET_KEY }} + gpg-passphrase: MAVEN_GPG_PASSPHRASE + - name: Set up JDKs + id: setup-jdks + if: ${{ ! true }} + uses: actions/setup-java@v4 + with: + distribution: temurin + java-version: | + 11 + 17 + cache: maven + - name: Fail if not running on main branch + id: check-main-branch + if: ${{ github.ref != 'refs/heads/main' }} + uses: actions/github-script@v7 + with: + script: | + core.setFailed('Not running on main branch, github.ref is ${{ github.ref }}. Please start this workflow only on main') + - name: Check CI build of this commit succeeded + id: check-ci-build-status + if: ${{ ! inputs.started-from-ci }} + run: | + echo "Commit SHA: $COMMIT_SHA" + gh run list --workflow ci-build.yml --branch main --event push --commit $COMMIT_SHA + ci_build_status=$(gh run list --workflow ci-build.yml --branch main --event push --commit $COMMIT_SHA --json conclusion --template '{{range .}}{{.conclusion}}{{"\n"}}{{end}}') + echo "CI build status at commit $COMMIT_SHA was '$ci_build_status'" + if [[ "$ci_build_status" != "success" ]]; then + gh run list --workflow ci-build.yml --commit $COMMIT_SHA >> $GITHUB_STEP_SUMMARY + echo "Status of CI build for commit $COMMIT_SHA was '$ci_build_status', expected 'success'" >> $GITHUB_STEP_SUMMARY + cat $GITHUB_STEP_SUMMARY + exit 1 + fi + env: { + COMMIT_SHA: '${{ github.sha }}', + GH_TOKEN: '${{ github.token }}' + } + - name: Verify release preconditions + id: verify-release + run: | + mvn --batch-mode com.exasol:project-keeper-maven-plugin:verify-release --projects . + echo "$GITHUB_OUTPUT" + env: { + GITHUB_TOKEN: '${{ github.token }}' + } + - { + name: Build project, + id: build, + run: mvn --batch-mode -DskipTests clean verify + } + - { + name: List secret GPG keys, + id: list-secret-gpg-keys, + if: '${{ true && (! inputs.skip-maven-central) }}', + run: gpg --list-secret-keys + } + - name: Publish to Central Repository + id: deploy-maven-central + if: ${{ true && (! inputs.skip-maven-central) }} + run: | + echo "#### Maven Central Release" >> "$GITHUB_STEP_SUMMARY" + mvn --batch-mode -Dgpg.skip=false -DskipTests deploy + echo "Published to Maven Central ✅" >> "$GITHUB_STEP_SUMMARY" + env: { + MAVEN_USERNAME: '${{ secrets.OSSRH_USERNAME }}', + MAVEN_PASSWORD: '${{ secrets.OSSRH_PASSWORD }}', + MAVEN_GPG_PASSPHRASE: '${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }}' + } + - name: Calculate Artifact Checksums + id: artifact-checksum + if: ${{ ! inputs.skip-github-release }} + run: | + echo "Calculating sha256 checksum for artifact files" + echo "artifacts<> "$GITHUB_OUTPUT" + IFS=$'\n' artifacts_array=($ARTIFACTS) + for file in "${artifacts_array[@]}"; + do + full_path=$(realpath "$file") + echo "Calculate sha256sum for file '$full_path'" + file_dir="$(dirname "$full_path")" + file_name=$(basename "$full_path") + pushd "$file_dir" + checksum_file_name="${file_name}.sha256" + sha256sum "$file_name" > "$checksum_file_name" + echo "$full_path" >> "$GITHUB_OUTPUT" + echo "${file_dir}/$checksum_file_name" >> "$GITHUB_OUTPUT" + popd + done + echo "EOF" >> "$GITHUB_OUTPUT" + echo "Full artifact file list" + cat "$GITHUB_OUTPUT" + env: { + ARTIFACTS: '${{ steps.verify-release.outputs.release-artifacts }}' + } + - name: Create GitHub Release + id: create-github-release + if: ${{ ! inputs.skip-github-release }} + run: | + echo "### GitHub Release" >> "$GITHUB_STEP_SUMMARY" + IFS=$'\n' artifacts_array=($ARTIFACTS) + echo "#### Attaching Release Artifacts" >> "$GITHUB_STEP_SUMMARY" + for file in "${artifacts_array[@]}"; + do + echo "Attaching artifact '$file'" + echo "* \`$file\`" >> "$GITHUB_STEP_SUMMARY" + done + echo "" >> "$GITHUB_STEP_SUMMARY" + release_url=$(gh release create --latest --title "$TITLE" --notes "$NOTES" --target main $TAG "${artifacts_array[@]}") + echo "Created release $TAG with title '$TITLE' at $release_url ✅" >> "$GITHUB_STEP_SUMMARY" + echo "release-url=$release_url" >> "$GITHUB_OUTPUT" + + # [impl->dsn~release-workflow.create-golang-tags~1] + echo "#### Creating Additional Tags" >> "$GITHUB_STEP_SUMMARY" + IFS=$'\n' tags_array=($ADDITIONAL_TAGS) + for tag in "${tags_array[@]}"; + do + echo "Creating tag '$tag'" + git tag "$tag" + git push origin "$tag" + echo "* \`$tag\`" >> "$GITHUB_STEP_SUMMARY" + done + + git fetch --tags origin + env: { + GH_TOKEN: '${{ github.token }}', + TAG: '${{ steps.verify-release.outputs.release-tag }}', + ADDITIONAL_TAGS: '${{ steps.verify-release.outputs.additional-release-tags }}', + NOTES: '${{ steps.verify-release.outputs.release-notes }}', + TITLE: '${{ steps.verify-release.outputs.release-title }}', + ARTIFACTS: '${{ steps.artifact-checksum.outputs.artifacts }}' + } + - name: Report failure Status to Slack channel + id: report-failure-status-slack + if: ${{ always() }} + uses: ravsamhq/notify-slack-action@v2 + with: { + status: '${{ job.status }}', + token: '${{ github.token }}', + notification_title: 'Release build in {repo} has {status_message}', + message_format: '{emoji} *{workflow}* {status_message} in <{repo_url}|{repo}>', + notify_when: 'failure,cancelled,warnings,skipped' + } + env: { + SLACK_WEBHOOK_URL: '${{ secrets.INTEGRATION_TEAM_SLACK_NOTIFICATION_WEBHOOK }}' + } + - name: Report new release to Slack channel + id: report-new-release-slack + if: ${{ steps.create-github-release.outputs.release-url }} + uses: ravsamhq/notify-slack-action@v2 + with: { + status: '${{ job.status }}', + token: '${{ github.token }}', + notification_title: 'Release build for {repo} created a new release', + message_format: '{workflow} created release ${{ steps.create-github-release.outputs.release-url }}' + } + env: { + SLACK_WEBHOOK_URL: '${{ secrets.INTEGRATION_TEAM_SLACK_NOTIFICATION_WEBHOOK }}' + } diff --git a/.github/workflows/release_droid_prepare_original_checksum.yml b/.github/workflows/release_droid_prepare_original_checksum.yml deleted file mode 100644 index ba96c12..0000000 --- a/.github/workflows/release_droid_prepare_original_checksum.yml +++ /dev/null @@ -1,36 +0,0 @@ -name: Release Droid - Prepare Original Checksum - -on: - workflow_dispatch: - -jobs: - build: - runs-on: ubuntu-latest - steps: - - name: Free Disk Space - if: ${{ false }} - run: | - sudo rm -rf /usr/local/lib/android - sudo rm -rf /usr/share/dotnet - - name: Checkout the repository - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Set up JDK 11 - uses: actions/setup-java@v3 - with: - distribution: "temurin" - java-version: 11 - cache: "maven" - - name: Enable testcontainer reuse - run: echo 'testcontainers.reuse.enable=true' > "$HOME/.testcontainers.properties" - - name: Run tests and build with Maven - run: mvn --batch-mode clean verify --file pom.xml - - name: Prepare checksum - run: find target -maxdepth 1 -name *.jar -exec sha256sum "{}" + > original_checksum - - name: Upload checksum to the artifactory - uses: actions/upload-artifact@v3 - with: - name: original_checksum - retention-days: 5 - path: original_checksum diff --git a/.github/workflows/release_droid_print_quick_checksum.yml b/.github/workflows/release_droid_print_quick_checksum.yml deleted file mode 100644 index aed4444..0000000 --- a/.github/workflows/release_droid_print_quick_checksum.yml +++ /dev/null @@ -1,23 +0,0 @@ -name: Release Droid - Print Quick Checksum - -on: - workflow_dispatch: - -jobs: - build: - runs-on: ubuntu-latest - steps: - - name: Checkout the repository - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Set up JDK 11 - uses: actions/setup-java@v3 - with: - distribution: "temurin" - java-version: 11 - cache: "maven" - - name: Build with Maven skipping tests - run: mvn --batch-mode clean verify -DskipTests - - name: Print checksum - run: echo 'checksum_start==';find target -maxdepth 1 -name *.jar -exec sha256sum "{}" + | xargs;echo '==checksum_end' diff --git a/.github/workflows/release_droid_release_on_maven_central.yml b/.github/workflows/release_droid_release_on_maven_central.yml deleted file mode 100644 index dfdbd6a..0000000 --- a/.github/workflows/release_droid_release_on_maven_central.yml +++ /dev/null @@ -1,30 +0,0 @@ -name: Release Droid - Release On Maven Central - -on: - workflow_dispatch: - -jobs: - publish: - runs-on: ubuntu-latest - steps: - - name: Checkout the repository - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Set up Maven Central Repository - uses: actions/setup-java@v3 - with: - distribution: "temurin" - java-version: 11 - cache: "maven" - server-id: ossrh - server-username: MAVEN_USERNAME - server-password: MAVEN_PASSWORD - gpg-private-key: ${{ secrets.OSSRH_GPG_SECRET_KEY }} - gpg-passphrase: MAVEN_GPG_PASSPHRASE - - name: Publish to Central Repository - run: mvn --batch-mode -Dgpg.skip=false -DskipTests clean deploy - env: - MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }} - MAVEN_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} - MAVEN_GPG_PASSPHRASE: ${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }} diff --git a/.github/workflows/release_droid_upload_github_release_assets.yml b/.github/workflows/release_droid_upload_github_release_assets.yml deleted file mode 100644 index 7ae8bbb..0000000 --- a/.github/workflows/release_droid_upload_github_release_assets.yml +++ /dev/null @@ -1,44 +0,0 @@ -name: Release Droid - Upload GitHub Release Assets - -on: - workflow_dispatch: - inputs: - upload_url: - description: "Assets upload URL" - required: true - -jobs: - build: - runs-on: ubuntu-latest - steps: - - name: Checkout the repository - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Set up JDK 11 - uses: actions/setup-java@v3 - with: - distribution: "temurin" - java-version: 11 - cache: "maven" - - name: Build with Maven skipping tests - run: mvn --batch-mode clean verify -DskipTests - - name: Generate sha256sum files - run: | - cd target - find . -maxdepth 1 -name \*.jar -exec bash -c 'sha256sum {} > {}.sha256' \; - - name: Upload assets to the GitHub release draft - uses: shogo82148/actions-upload-release-asset@v1 - with: - upload_url: ${{ github.event.inputs.upload_url }} - asset_path: target/*.jar - - name: Upload sha256sum files - uses: shogo82148/actions-upload-release-asset@v1 - with: - upload_url: ${{ github.event.inputs.upload_url }} - asset_path: target/*.sha256 - - name: Upload error-code-report - uses: shogo82148/actions-upload-release-asset@v1 - with: - upload_url: ${{ github.event.inputs.upload_url }} - asset_path: target/error_code_report.json diff --git a/.vscode/settings.json b/.vscode/settings.json index 21c0cc1..60b625b 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -1,9 +1,9 @@ { "editor.formatOnSave": true, "editor.codeActionsOnSave": { - "source.organizeImports": true, - "source.generate.finalModifiers": true, - "source.fixAll": true + "source.organizeImports": "explicit", + "source.generate.finalModifiers": "explicit", + "source.fixAll": "explicit" }, "java.codeGeneration.useBlocks": true, "java.saveActions.organizeImports": true, diff --git a/dependencies.md b/dependencies.md index 90061c8..9312d3e 100644 --- a/dependencies.md +++ b/dependencies.md @@ -31,22 +31,23 @@ | Dependency | License | | ------------------------------------------------------- | --------------------------------- | | [SonarQube Scanner for Maven][19] | [GNU LGPL 3][20] | -| [Apache Maven Compiler Plugin][21] | [Apache-2.0][18] | -| [Apache Maven Enforcer Plugin][22] | [Apache-2.0][18] | -| [Maven Flatten Plugin][23] | [Apache Software Licenese][18] | -| [org.sonatype.ossindex.maven:ossindex-maven-plugin][24] | [ASL2][10] | -| [Maven Surefire Plugin][25] | [Apache-2.0][18] | -| [Versions Maven Plugin][26] | [Apache License, Version 2.0][18] | -| [duplicate-finder-maven-plugin Maven Mojo][27] | [Apache License 2.0][28] | -| [Apache Maven Deploy Plugin][29] | [Apache-2.0][18] | -| [Apache Maven GPG Plugin][30] | [Apache-2.0][18] | -| [Apache Maven Source Plugin][31] | [Apache License, Version 2.0][18] | -| [Apache Maven Javadoc Plugin][32] | [Apache-2.0][18] | -| [Nexus Staging Maven Plugin][33] | [Eclipse Public License][34] | -| [JaCoCo :: Maven Plugin][35] | [Eclipse Public License 2.0][36] | -| [error-code-crawler-maven-plugin][37] | [MIT License][38] | -| [Reproducible Build Maven Plugin][39] | [Apache 2.0][10] | -| [Project keeper maven plugin][40] | [The MIT License][41] | +| [Apache Maven Toolchains Plugin][21] | [Apache License, Version 2.0][18] | +| [Apache Maven Compiler Plugin][22] | [Apache-2.0][18] | +| [Apache Maven Enforcer Plugin][23] | [Apache-2.0][18] | +| [Maven Flatten Plugin][24] | [Apache Software Licenese][18] | +| [org.sonatype.ossindex.maven:ossindex-maven-plugin][25] | [ASL2][10] | +| [Maven Surefire Plugin][26] | [Apache-2.0][18] | +| [Versions Maven Plugin][27] | [Apache License, Version 2.0][18] | +| [duplicate-finder-maven-plugin Maven Mojo][28] | [Apache License 2.0][29] | +| [Apache Maven Deploy Plugin][30] | [Apache-2.0][18] | +| [Apache Maven GPG Plugin][31] | [Apache-2.0][18] | +| [Apache Maven Source Plugin][32] | [Apache License, Version 2.0][18] | +| [Apache Maven Javadoc Plugin][33] | [Apache-2.0][18] | +| [Nexus Staging Maven Plugin][34] | [Eclipse Public License][35] | +| [JaCoCo :: Maven Plugin][36] | [EPL-2.0][37] | +| [error-code-crawler-maven-plugin][38] | [MIT License][39] | +| [Reproducible Build Maven Plugin][40] | [Apache 2.0][10] | +| [Project Keeper Maven plugin][41] | [The MIT License][42] | [0]: https://github.com/eclipse-ee4j/jsonp [1]: https://projects.eclipse.org/license/epl-2.0 @@ -69,24 +70,25 @@ [18]: https://www.apache.org/licenses/LICENSE-2.0.txt [19]: http://sonarsource.github.io/sonar-scanner-maven/ [20]: http://www.gnu.org/licenses/lgpl.txt -[21]: https://maven.apache.org/plugins/maven-compiler-plugin/ -[22]: https://maven.apache.org/enforcer/maven-enforcer-plugin/ -[23]: https://www.mojohaus.org/flatten-maven-plugin/ -[24]: https://sonatype.github.io/ossindex-maven/maven-plugin/ -[25]: https://maven.apache.org/surefire/maven-surefire-plugin/ -[26]: https://www.mojohaus.org/versions/versions-maven-plugin/ -[27]: https://basepom.github.io/duplicate-finder-maven-plugin -[28]: http://www.apache.org/licenses/LICENSE-2.0.html -[29]: https://maven.apache.org/plugins/maven-deploy-plugin/ -[30]: https://maven.apache.org/plugins/maven-gpg-plugin/ -[31]: https://maven.apache.org/plugins/maven-source-plugin/ -[32]: https://maven.apache.org/plugins/maven-javadoc-plugin/ -[33]: http://www.sonatype.com/public-parent/nexus-maven-plugins/nexus-staging/nexus-staging-maven-plugin/ -[34]: http://www.eclipse.org/legal/epl-v10.html -[35]: https://www.jacoco.org/jacoco/trunk/doc/maven.html -[36]: https://www.eclipse.org/legal/epl-2.0/ -[37]: https://github.com/exasol/error-code-crawler-maven-plugin/ -[38]: https://github.com/exasol/error-code-crawler-maven-plugin/blob/main/LICENSE -[39]: http://zlika.github.io/reproducible-build-maven-plugin -[40]: https://github.com/exasol/project-keeper/ -[41]: https://github.com/exasol/project-keeper/blob/main/LICENSE +[21]: https://maven.apache.org/plugins/maven-toolchains-plugin/ +[22]: https://maven.apache.org/plugins/maven-compiler-plugin/ +[23]: https://maven.apache.org/enforcer/maven-enforcer-plugin/ +[24]: https://www.mojohaus.org/flatten-maven-plugin/ +[25]: https://sonatype.github.io/ossindex-maven/maven-plugin/ +[26]: https://maven.apache.org/surefire/maven-surefire-plugin/ +[27]: https://www.mojohaus.org/versions/versions-maven-plugin/ +[28]: https://basepom.github.io/duplicate-finder-maven-plugin +[29]: http://www.apache.org/licenses/LICENSE-2.0.html +[30]: https://maven.apache.org/plugins/maven-deploy-plugin/ +[31]: https://maven.apache.org/plugins/maven-gpg-plugin/ +[32]: https://maven.apache.org/plugins/maven-source-plugin/ +[33]: https://maven.apache.org/plugins/maven-javadoc-plugin/ +[34]: http://www.sonatype.com/public-parent/nexus-maven-plugins/nexus-staging/nexus-staging-maven-plugin/ +[35]: http://www.eclipse.org/legal/epl-v10.html +[36]: https://www.jacoco.org/jacoco/trunk/doc/maven.html +[37]: https://www.eclipse.org/legal/epl-2.0/ +[38]: https://github.com/exasol/error-code-crawler-maven-plugin/ +[39]: https://github.com/exasol/error-code-crawler-maven-plugin/blob/main/LICENSE +[40]: http://zlika.github.io/reproducible-build-maven-plugin +[41]: https://github.com/exasol/project-keeper/ +[42]: https://github.com/exasol/project-keeper/blob/main/LICENSE diff --git a/doc/changes/changelog.md b/doc/changes/changelog.md index a58a586..e3dd0b8 100644 --- a/doc/changes/changelog.md +++ b/doc/changes/changelog.md @@ -1,5 +1,6 @@ # Changes +* [17.1.0](changes_17.1.0.md) * [17.0.1](changes_17.0.1.md) * [17.0.0](changes_17.0.0.md) * [16.2.0](changes_16.2.0.md) diff --git a/doc/changes/changes_17.1.0.md b/doc/changes/changes_17.1.0.md new file mode 100644 index 0000000..586152c --- /dev/null +++ b/doc/changes/changes_17.1.0.md @@ -0,0 +1,39 @@ +# Common Module of Exasol Virtual Schemas Adapters 17.1.0, released 2024-??-?? + +Code name: Add `WIDTH_BUCKET` + +## Summary + +This release adds support for scalar function [`WIDTH_BUCKET`](https://docs.exasol.com/db/latest/sql_references/functions/alphabeticallistfunctions/width_bucket.htm) and capability `FN_WIDTH_BUCKET` by adding the following enum values: +* `ScalarFunctionCapability.WIDTH_BUCKET` +* `ScalarFunction.WIDTH_BUCKET` + +## Features + +* #278: Added support for scalar function `WIDTH_BUCKET` + +## Dependency Updates + +### Compile Dependency Updates + +* Updated `com.exasol:udf-api-java:1.0.3` to `1.0.5` + +### Test Dependency Updates + +* Updated `nl.jqno.equalsverifier:equalsverifier:3.15.3` to `3.16.1` +* Updated `org.junit.jupiter:junit-jupiter:5.10.1` to `5.10.2` +* Updated `org.mockito:mockito-junit-jupiter:5.7.0` to `5.11.0` + +### Plugin Dependency Updates + +* Updated `com.exasol:error-code-crawler-maven-plugin:1.3.1` to `2.0.2` +* Updated `com.exasol:project-keeper-maven-plugin:2.9.16` to `4.3.0` +* Updated `org.apache.maven.plugins:maven-compiler-plugin:3.11.0` to `3.13.0` +* Updated `org.apache.maven.plugins:maven-gpg-plugin:3.1.0` to `3.2.2` +* Updated `org.apache.maven.plugins:maven-javadoc-plugin:3.6.2` to `3.6.3` +* Updated `org.apache.maven.plugins:maven-surefire-plugin:3.2.2` to `3.2.5` +* Added `org.apache.maven.plugins:maven-toolchains-plugin:3.1.0` +* Updated `org.codehaus.mojo:flatten-maven-plugin:1.5.0` to `1.6.0` +* Updated `org.codehaus.mojo:versions-maven-plugin:2.16.1` to `2.16.2` +* Updated `org.jacoco:jacoco-maven-plugin:0.8.11` to `0.8.12` +* Updated `org.sonarsource.scanner.maven:sonar-maven-plugin:3.10.0.2594` to `3.11.0.3922` diff --git a/pk_generated_parent.pom b/pk_generated_parent.pom index 7994ee6..a60760f 100644 --- a/pk_generated_parent.pom +++ b/pk_generated_parent.pom @@ -3,12 +3,14 @@ 4.0.0 com.exasol virtual-schema-common-java-generated-parent - 17.0.1 + 17.1.0 pom UTF-8 UTF-8 11 + exasol + https://sonarcloud.io true @@ -48,20 +50,38 @@ org.sonarsource.scanner.maven sonar-maven-plugin - 3.10.0.2594 + 3.11.0.3922 + + + org.apache.maven.plugins + maven-toolchains-plugin + 3.1.0 + + + + toolchain + + + + + + + ${java.version} + + + org.apache.maven.plugins maven-compiler-plugin - 3.11.0 + 3.13.0 ${java.version} ${java.version} true - - -Xlint:all,-processing - + -Xlint:all + -Werror @@ -80,6 +100,9 @@ 3.6.3 + + 17 + @@ -88,7 +111,7 @@ org.codehaus.mojo flatten-maven-plugin - 1.5.0 + 1.6.0 true oss @@ -127,7 +150,7 @@ org.apache.maven.plugins maven-surefire-plugin - 3.2.2 + 3.2.5 @@ -138,7 +161,7 @@ org.codehaus.mojo versions-maven-plugin - 2.16.1 + 2.16.2 display-updates @@ -151,6 +174,17 @@ file:///${project.basedir}/versionsMavenPluginRules.xml + false + true + true + true + false + true + true + true + false + true + true @@ -189,7 +223,7 @@ org.apache.maven.plugins maven-gpg-plugin - 3.1.0 + 3.2.2 sign-artifacts @@ -225,7 +259,7 @@ org.apache.maven.plugins maven-javadoc-plugin - 3.6.2 + 3.6.3 attach-javadocs @@ -241,6 +275,7 @@ true true true + ${java.version} @@ -267,7 +302,7 @@ org.jacoco jacoco-maven-plugin - 0.8.11 + 0.8.12 prepare-agent @@ -308,7 +343,7 @@ com.exasol error-code-crawler-maven-plugin - 1.3.1 + 2.0.2 verify diff --git a/pom.xml b/pom.xml index 83528fb..953e321 100644 --- a/pom.xml +++ b/pom.xml @@ -2,7 +2,7 @@ 4.0.0 virtual-schema-common-java - 17.0.1 + 17.1.0 Common module of Exasol Virtual Schemas Adapters This is one of the modules of Virtual Schemas Adapters. The libraries provided by this project are the foundation of the adapter development, i.e. adapters must be implemented on top of them. @@ -23,7 +23,7 @@ com.exasol udf-api-java - 1.0.3 + 1.0.5 org.hamcrest @@ -40,13 +40,13 @@ org.junit.jupiter junit-jupiter - 5.10.1 + 5.10.2 test org.mockito mockito-junit-jupiter - 5.7.0 + 5.11.0 test @@ -58,7 +58,7 @@ nl.jqno.equalsverifier equalsverifier - 3.15.3 + 3.16.1 test @@ -72,7 +72,7 @@ com.exasol project-keeper-maven-plugin - 2.9.16 + 4.3.0 @@ -86,7 +86,7 @@ virtual-schema-common-java-generated-parent com.exasol - 17.0.1 + 17.1.0 pk_generated_parent.pom