diff --git a/.azure-pipelines/nexus-iq-clm.yml b/.azure-pipelines/nexus-iq-clm.yml deleted file mode 100644 index 23f4eefac5d..00000000000 --- a/.azure-pipelines/nexus-iq-clm.yml +++ /dev/null @@ -1,61 +0,0 @@ -# SPDX-License-Identifier: Apache-2.0 -# Copyright Contributors to the ODPi Egeria project. ---- -pr: none - -trigger: - batch: true - branches: - include: - - main - -variables: - - group: Artifactory - - group: NexusIQ - -stages: - - stage: CLM - jobs: - - job: Scan - pool: - vmImage: 'ubuntu-latest' - steps: - - task: Maven@3 - inputs: - mavenPomFile: 'pom.xml' - javaHomeOption: 'JDKVersion' - jdkVersionOption: '11' - jdkArchitectureOption: 'x64' - goals: "clean install" - options: >- - --batch-mode - -e - -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn - -DskipFVT - -DskipTests - -Dmaven.javadoc.skip=true - -Dmaven.source.skip=true - -Denforcer.skip=true - -Djacocoskip=true - - task: Maven@3 - inputs: - mavenPomFile: 'pom.xml' - javaHomeOption: 'JDKVersion' - jdkVersionOption: '11' - jdkArchitectureOption: 'x64' - goals: "dependency:tree com.sonatype.clm:clm-maven-plugin:evaluate" - options: >- - --batch-mode - -e - -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn - -DskipFVT - -DskipTests - -Dmaven.javadoc.skip=true - -Dmaven.source.skip=true - -Denforcer.skip=true - -Djacocoskip=true - -Dclm.stage="build" - -Dclm.applicationId="$(Nexus.IQ.AppId)" - -Dclm.serverUrl="$(Nexus.IQ.Server)" - -Dclm.username="$(Nexus.IQ.User)" - -Dclm.password="$(Nexus.IQ.Pass)" diff --git a/.azure-pipelines/sonar.yml b/.azure-pipelines/sonar.yml deleted file mode 100644 index c2246d46901..00000000000 --- a/.azure-pipelines/sonar.yml +++ /dev/null @@ -1,64 +0,0 @@ -# SPDX-License-Identifier: Apache-2.0 -# Copyright Contributors to the ODPi Egeria project. ---- -trigger: - batch: true - branches: - include: - - main -pr: none - -variables: - - group: Artifactory - - group: SonarCloud - -stages: - - stage: Sonar - jobs: - - job: Scan - timeoutInMinutes: 360 - pool: - vmImage: 'ubuntu-latest' - steps: - - task: SonarCloudPrepare@1 - displayName: 'Prepare SonarCloud Analysis' - inputs: - SonarCloud: 'odpi-sonarcloud' - organization: '$(organization)' - scannerMode: 'Other' - extraProperties: | - sonar.branch.name=$(Build.SourceBranchName) - - task: Maven@3 - displayName: 'Install Egeria' - inputs: - mavenPomFile: 'pom.xml' - javaHomeOption: 'JDKVersion' - jdkVersionOption: '11' - jdkArchitectureOption: 'x64' - goals: 'install' - options: >- - --batch-mode - --quiet - -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn - mavenOptions: '-Xmx5500m' - - task: Maven@3 - displayName: 'Perform SonarScan' - inputs: - mavenPomFile: 'pom.xml' - javaHomeOption: 'JDKVersion' - jdkVersionOption: '11' - jdkArchitectureOption: 'x64' - goals: 'sonar:sonar' - options: >- - --batch-mode - --quiet - -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn - -Dsonar - -Dsonar.projectKey="$(projectKey)" - -Dsonar.organization="$(organization)" - -Dsonar.projectName="$(projectName)" - -Dsonar.host.url="https://sonarcloud.io" - -Dsonar.login="$(apiKey)" - mavenOptions: '-Xmx5500m' - - task: SonarCloudPublish@1 - displayName: 'Publish SonarCloud quality gate results' diff --git a/.github/workflows/codeql-v4.yml b/.github/workflows/codeql-v4.yml new file mode 100644 index 00000000000..99fb3fe7458 --- /dev/null +++ b/.github/workflows/codeql-v4.yml @@ -0,0 +1,50 @@ +# SPDX-License-Identifier: Apache-2.0 +# Copyright Contributors to the ODPi Egeria project. +# +# For most projects, this workflow file will not need changing; you simply need +# to commit it to your repository. +# +# You may wish to alter this file to override the set of languages analyzed, +# or to provide custom queries or build logic. +--- +name: "CodeQL Analysis v4" + +on: + push: + branches: [main, egeria-release-4*] + pull_request: + # The branches below must be a subset of the branches above + branches: [main, egeria-release-4*] + +jobs: + analyze: + if: ${{ github.repository == 'odpi/egeria'}} + name: "CodeQL Build v4" + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + - uses: gradle/wrapper-validation-action@v1 + - name: Setup Java JDK + uses: actions/setup-java@v3 + with: + distribution: 'temurin' + java-version: '17' + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: java + queries: security-and-quality + - name: Build + uses: gradle/gradle-build-action@v2 + with: + cache-read-only: true + arguments: -x javadoc -x test build + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 diff --git a/.github/workflows/merge-gradle.yml b/.github/workflows/merge-gradle.yml deleted file mode 100644 index 1edddabe059..00000000000 --- a/.github/workflows/merge-gradle.yml +++ /dev/null @@ -1,52 +0,0 @@ -# SPDX-License-Identifier: Apache-2.0 -# Copyright Contributors to the ODPi Egeria project. -name: "Publish JavaDoc" - -# Trigger after code is merged. only on main repo -# - does not run on modification (may be just text) - -on: - push: - branches: [main] - -permissions: - contents: read - -jobs: - build: - permissions: - contents: write # for JamesIves/github-pages-deploy-action to push changes in repo - runs-on: ubuntu-latest - name: "Javadoc" - if: startsWith(github.repository,'odpi/') - steps: - - uses: actions/checkout@v3 - name: Checkout source - if: ${{ github.repository == 'odpi/egeria' && github.ref == 'refs/heads/main'}} - - uses: gradle/wrapper-validation-action@v1 - if: ${{ github.repository == 'odpi/egeria' && github.ref == 'refs/heads/main'}} - - name: Set up JDK 11 - uses: actions/setup-java@v3 - with: - java-version: '11' - distribution: 'temurin' - # Build first - lombok & other pre-processing may be needed. safer... - - name: build - if: ${{ github.repository == 'odpi/egeria' && github.ref == 'refs/heads/main'}} - run: './gradlew -x test -x javadoc' - - name: javadoc - if: ${{ github.repository == 'odpi/egeria' && github.ref == 'refs/heads/main'}} - run: './gradlew aggregateJavadoc' - - name: publish - if: ${{ github.repository == 'odpi/egeria' && github.ref == 'refs/heads/main'}} - uses: JamesIves/github-pages-deploy-action@v4.4.1 - with: - branch: gh-pages - folder: build/docs/javadoc - - name: Upload Log of any dependency failures - if: ${{ github.repository == 'odpi/egeria' && github.ref == 'refs/heads/main'}} - uses: actions/upload-artifact@v3 - with: - name: Dependency Analysis Report (on failure) - path: build/reports/dependency-analysis/build-health-report.txt - if-no-files-found: ignore diff --git a/.github/workflows/merge-maven.yml b/.github/workflows/merge-maven.yml deleted file mode 100644 index 56c5a00c08d..00000000000 --- a/.github/workflows/merge-maven.yml +++ /dev/null @@ -1,104 +0,0 @@ -# SPDX-License-Identifier: Apache-2.0 -# Copyright Contributors to the ODPi Egeria project. -name: "Merge main)" - -# Trigger after code is merged. only on main repo -# - does not run on modification (may be just text) - -on: - push: - branches: [main,egeria-release-*,feature-*] - -permissions: - contents: read - -jobs: - build: - runs-on: ubuntu-latest - name: "Merge main" - if: startsWith(github.repository,'odpi/') - steps: - - uses: actions/checkout@v3 - name: Checkout source - # Only for a merge - if: ${{ github.event_name == 'push' && github.repository == 'odpi/egeria' }} - - name: Set up JDK 11 - uses: actions/setup-java@v3 - with: - # Java 11 is used for merge builds (PRs do check Java latest) - java-version: '11' - distribution: 'temurin' - # Publishing attributes for maven central (this step adds to setting.xml) - server-id: ossrh - server-username: MAVEN_USERNAME - server-password: MAVEN_PASSWORD - # Keys must be known to maven central - require broad publishing - gpg-private-key: ${{ secrets.OSSRH_GPG_PRIVATE_KEY }} - gpg-passphrase: MAVEN_GPG_PASSPHRASE - # Build and publish - but only for main - - name: Build with Maven (Publish snapshots to maven central + docker) - if: ${{ github.repository == 'odpi/egeria' && github.ref == 'refs/heads/main'}} - # See https://github.com/actions/toolkit/issues/231 requires parms using . to be quoted - run: 'mvn -B -DuseMavenCentral clean deploy' - # Needed for publishing -- note we push to a staging area, login to oss.sonatype.org to - # verify (close) the repository & release - env: - MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }} - MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }} - MAVEN_GPG_PASSPHRASE: ${{ secrets.OSSRH_GPG_PASSPHRASE }} - # Build and publish - but only for main - - name: Build with Maven (no snapshots / docker published) - if: ${{ github.repository != 'odpi/egeria' || github.ref != 'refs/heads/main'}} - run: mvn -B clean verify - # -- - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - name: Login to container registry (Quay.io) - uses: docker/login-action@v2 - with: - registry: quay.io - username: ${{ secrets.QUAY_IO_USERNAME }} - password: ${{ secrets.QUAY_IO_ACCESS_TOKEN }} - - name: Login to container registry (Docker Hub) - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKER_HUB_USERNAME }} - password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - # QEMU is needed for ARM64 build for egeria-configure - # egeria-configure needs to install utilities - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - - - name: Set Release version env variable - run: | - echo "VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)" >> $GITHUB_ENV - # Publish container images(egeria) to quay.io and docker.io - - name: Copy the distribution content to be used in docker copy command - if: ${{ github.repository == 'odpi/egeria' && github.ref == 'refs/heads/main'}} - run: | - mkdir -p ./open-metadata-resources/open-metadata-deployment/docker/egeria/target/assembly - cp -r open-metadata-distribution/open-metadata-assemblies/target/egeria-${{ env.VERSION }}-distribution/egeria-omag-${{ env.VERSION }}/. open-metadata-resources/open-metadata-deployment/docker/egeria/target/assembly - - name: Build and push(egeria) to quay.io and docker.io - if: ${{ github.repository == 'odpi/egeria' && github.ref == 'refs/heads/main'}} - uses: docker/build-push-action@v4 - with: - push: true - tags: odpi/egeria:${{ env.VERSION }}, odpi/egeria:latest, quay.io/odpi/egeria:${{ env.VERSION }}, quay.io/odpi/egeria:latest - context: ./open-metadata-resources/open-metadata-deployment/docker/egeria - platforms: linux/amd64,linux/arm64 - # Publish container images(egeria-configure) to quay.io and docker.io - - name: Build and push(egeria-configure) to quay.io and docker.io - if: ${{ github.repository == 'odpi/egeria' && github.ref == 'refs/heads/main'}} - uses: docker/build-push-action@v4 - with: - push: true - tags: odpi/egeria-configure:${{ env.VERSION }}, odpi/egeria-configure:latest, quay.io/odpi/egeria-configure:${{ env.VERSION }}, quay.io/odpi/egeria-configure:latest - context: ./open-metadata-resources/open-metadata-deployment/docker/configure - platforms: linux/amd64,linux/arm64 - # -- - # Mostly for verification - not published to the release itself for now - - name: Upload assemblies - uses: actions/upload-artifact@v3 - with: - name: Assemblies - path: open-metadata-distribution/open-metadata-assemblies/target/*.gz diff --git a/.github/workflows/merge-v4.yml b/.github/workflows/merge-v4.yml new file mode 100644 index 00000000000..fed5bded876 --- /dev/null +++ b/.github/workflows/merge-v4.yml @@ -0,0 +1,145 @@ +# SPDX-License-Identifier: Apache-2.0 +# Copyright Contributors to the ODPi Egeria project. +--- +name: "Merge v4" + +# Trigger after code is merged. only on main repo +# - does not run on modification (may be just text) + +on: + push: + branches: [main, egeria-release-4*] + +permissions: + contents: read + +jobs: + build: + permissions: + # for gh-pages + contents: write + runs-on: ubuntu-latest + name: "Merge v4" + if: startsWith(github.repository,'odpi/') + steps: + - uses: actions/checkout@v3 + name: Checkout source + - uses: gradle/wrapper-validation-action@v1 + - name: Set up JDK + uses: actions/setup-java@v3 + with: + java-version: '17' + distribution: 'temurin' + # Build first - lombok & other pre-processing may be needed. safer... + - name: build and publish to maven central + if: ${{ github.ref == 'refs/heads/main'}} + uses: gradle/gradle-build-action@v2 + with: + cache-read-only: false + arguments: build publish + # Import secrets needed for code signing and distribution + env: + OSSRH_GPG_KEYID: ${{ secrets.OSSRH_GPG_KEYID }} + OSSRH_GPG_PASSPHRASE: ${{ secrets.OSSRH_GPG_PASSPHRASE }} + OSSRH_GPG_PRIVATE_KEY: ${{ secrets.OSSRH_GPG_PRIVATE_KEY }} + OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }} + OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }} + # In other cases just build but don't publish + - name: build (no publish to maven central) + if: ${{ github.ref != 'refs/heads/main'}} + uses: gradle/gradle-build-action@v2 + with: + cache-read-only: false + arguments: build + # Now aggregate javadoc - main only + - name: build + if: ${{ github.ref == 'refs/heads/main'}} + uses: gradle/gradle-build-action@v2 + with: + cache-read-only: false + arguments: aggregateJavadoc + - name: publish aggregate javadoc + if: ${{ github.ref == 'refs/heads/main'}} + uses: JamesIves/github-pages-deploy-action@v4 + with: + branch: gh-pages + folder: build/docs/javadoc + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Login to container registry (Quay.io) + uses: docker/login-action@v2 + with: + registry: quay.io + username: ${{ secrets.QUAY_IO_USERNAME }} + password: ${{ secrets.QUAY_IO_ACCESS_TOKEN }} + - name: Login to container registry (Docker Hub) + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} + # QEMU is needed for ARM64 build for egeria-configure + # egeria-configure needs to install utilities + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - name: Set Release version env variable + run: | + echo "VERSION=$(./gradlew properties --no-daemon --console=plain -q | grep '^version:' | awk '{printf $2}')" >> $GITHUB_ENV + # Publish container images(egeria) to quay.io and docker.io + - name: Copy the distribution content to be used in docker copy command + run: | + mkdir -p ./open-metadata-resources/open-metadata-deployment/docker/egeria/target/assembly + cp -r open-metadata-distribution/open-metadata-assemblies/build/unpacked/egeria-${{ env.VERSION }}-distribution.tar.gz/. open-metadata-resources/open-metadata-deployment/docker/egeria/target/assembly + - name: Build and push(egeria) to quay.io and docker.io (tag latest only for main!) + if: ${{ github.ref == 'refs/heads/main'}} + uses: docker/build-push-action@v3 + with: + push: true + tags: odpi/egeria:${{ env.VERSION }}, odpi/egeria:latest, quay.io/odpi/egeria:${{ env.VERSION }}, quay.io/odpi/egeria:latest + context: ./open-metadata-resources/open-metadata-deployment/docker/egeria + platforms: linux/amd64,linux/arm64 + - name: Build and push(egeria) to quay.io and docker.io (no tag latest) + if: ${{ github.ref != 'refs/heads/main'}} + uses: docker/build-push-action@v3 + with: + push: true + tags: odpi/egeria:${{ env.VERSION }}, quay.io/odpi/egeria:${{ env.VERSION }} + context: ./open-metadata-resources/open-metadata-deployment/docker/egeria + platforms: linux/amd64,linux/arm64 + # Publish container images(egeria-configure) to quay.io and docker.io + - name: Build and push(egeria-configure) to quay.io and docker.io (tag latest) + if: ${{ github.ref == 'refs/heads/main'}} + uses: docker/build-push-action@v3 + with: + push: true + tags: odpi/egeria-configure:${{ env.VERSION }}, odpi/egeria-configure:latest, quay.io/odpi/egeria-configure:${{ env.VERSION }}, quay.io/odpi/egeria-configure:latest + context: ./open-metadata-resources/open-metadata-deployment/docker/configure + platforms: linux/amd64,linux/arm64 + # -- + # Publish container images(egeria-configure) to quay.io and docker.io + - name: Build and push(egeria-configure) to quay.io and docker.io (no tag latest) + if: ${{ github.ref != 'refs/heads/main'}} + uses: docker/build-push-action@v3 + with: + push: true + tags: odpi/egeria-configure:${{ env.VERSION }}, quay.io/odpi/egeria-configure:${{ env.VERSION }} + context: ./open-metadata-resources/open-metadata-deployment/docker/configure + platforms: linux/amd64,linux/arm64 + # -- + - name: Upload Log of any dependency failures + uses: actions/upload-artifact@v3 + with: + name: Dependency Analysis Report (on failure) + path: build/reports/dependency-analysis/build-health-report.txt + if-no-files-found: ignore + # Mostly for verification - not published to the release itself for now + - name: Upload assemblies + uses: actions/upload-artifact@v3 + with: + name: Assemblies + path: open-metadata-distribution/open-metadata-assemblies/build/distributions/*.gz + - name: Upload Test coverage report + uses: actions/upload-artifact@v3 + with: + name: Jacoco Coverage Report + path: build/reports/jacoco/codeCoverageReport + if-no-files-found: ignore diff --git a/.github/workflows/pr-codeql.yml b/.github/workflows/pr-codeql.yml deleted file mode 100644 index bd907d3dd3c..00000000000 --- a/.github/workflows/pr-codeql.yml +++ /dev/null @@ -1,80 +0,0 @@ -# SPDX-License-Identifier: Apache-2.0 -# Copyright Contributors to the ODPi Egeria project. -# -# For most projects, this workflow file will not need changing; you simply need -# to commit it to your repository. -# -# You may wish to alter this file to override the set of languages analyzed, -# or to provide custom queries or build logic. -name: "CodeQL Analysis" - -on: - push: - branches: [main, feature-*, egeria-release-*] - pull_request: - # The branches below must be a subset of the branches above - branches: [main, feature-*, egeria-release-*] - schedule: - - cron: '0 20 * * 0' - -jobs: - analyze: - if: ${{ github.repository == 'odpi/egeria'}} - name: CodeQL Build - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write - - strategy: - fail-fast: false - matrix: - # Override automatic language detection by changing the below list - # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python'] - language: ['java'] - # Learn more... - # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection - - steps: - - name: Checkout repository - uses: actions/checkout@v3 - - name: Setup Java JDK - uses: actions/setup-java@v3 - with: - distribution: 'temurin' - java-version: '11' - - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v2 - with: - languages: ${{ matrix.language }} - # If you wish to specify custom queries, you can do so here or in a config file. - # By default, queries listed here will override any specified in a config file. - # Prefix the list here with "+" to use these queries and those in the config file. - # queries: ./path/to/local/query, your-org/your-repo/queries@main - queries: security-and-quality - - # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - #- name: Autobuild - # uses: github/codeql-action/autobuild@v1 - # - name: Build with Gradle - # For a build machine environment, force a more clean build - - name: Build - run: ./gradlew -x javadoc -x test build --priority normal --no-watch-fs - - # ℹī¸ Command-line programs to run using the OS shell. - # 📚 https://git.io/JvXDl - - # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines - # and modify them (or add more) to build your code if your project - # uses a compiled language - - # - run: | - # make bootstrap - # make release - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 diff --git a/.github/workflows/pr-maven-latest.yml b/.github/workflows/pr-maven-latest.yml deleted file mode 100644 index f1c6150073d..00000000000 --- a/.github/workflows/pr-maven-latest.yml +++ /dev/null @@ -1,37 +0,0 @@ -# SPDX-License-Identifier: Apache-2.0 -# Copyright Contributors to the ODPi Egeria project. -name: "Maven - latest release" - -on: - pull_request: - branches: [main, feature-*, egeria-release-*] - -permissions: - contents: read - -jobs: - build: - runs-on: ubuntu-latest - name: "Maven - latest release" - if: startsWith(github.repository,'odpi/') - steps: - - uses: actions/checkout@v3 - name: Checkout - - name: Set up JDK 17 - uses: actions/setup-java@v3 - with: - distribution: 'temurin' - java-version: '17' - - name: Cache Maven packages - uses: actions/cache@v3.2.4 - with: - path: ~/.m2 - key: ${{ runner.os }}-maven-java11-${{ hashFiles('**/pom.xml') }} - restore-keys: ${{ runner.os }}-maven-javalatest - - name: Build with Maven - run: mvn -B -DargLine="-XX:+TieredCompilation -XX:TieredStopAtLevel=1" clean verify --file pom.xml - - name: Upload assemblies - uses: actions/upload-artifact@v3 - with: - name: Assemblies - path: open-metadata-distribution/open-metadata-assemblies/target/*.gz diff --git a/.github/workflows/pr-maven-prod.yml b/.github/workflows/pr-maven-prod.yml deleted file mode 100644 index b11c73e978b..00000000000 --- a/.github/workflows/pr-maven-prod.yml +++ /dev/null @@ -1,37 +0,0 @@ -# SPDX-License-Identifier: Apache-2.0 -# Copyright Contributors to the ODPi Egeria project. -name: "Maven" - -on: - pull_request: - branches: [main, feature-*, egeria-release-*] - -permissions: - contents: read - -jobs: - build: - runs-on: ubuntu-latest - name: "Maven" - if: startsWith(github.repository,'odpi/') - steps: - - uses: actions/checkout@v3 - name: Checkout - - name: Set up JDK 11 - uses: actions/setup-java@v3 - with: - distribution: 'temurin' - java-version: '11' - - name: Cache Maven packages - uses: actions/cache@v3.2.4 - with: - path: ~/.m2 - key: ${{ runner.os }}-maven-java11-${{ hashFiles('**/pom.xml') }} - restore-keys: ${{ runner.os }}-maven-java11 - - name: Build with Maven - run: mvn -B -DargLine="-XX:+TieredCompilation -XX:TieredStopAtLevel=1" clean verify --file pom.xml - - name: Upload assemblies - uses: actions/upload-artifact@v3 - with: - name: Assemblies - path: open-metadata-distribution/open-metadata-assemblies/target/*.gz diff --git a/.github/workflows/pr-gradle.yml b/.github/workflows/pr-v4.yml similarity index 60% rename from .github/workflows/pr-gradle.yml rename to .github/workflows/pr-v4.yml index ce6a4b61585..3158aa96d5a 100644 --- a/.github/workflows/pr-gradle.yml +++ b/.github/workflows/pr-v4.yml @@ -1,10 +1,11 @@ # SPDX-License-Identifier: Apache-2.0 # Copyright Contributors to the ODPi Egeria project. -name: "Gradle" +--- +name: "Verify PR v4" on: pull_request: - branches: [main, feature-*, egeria-release-*] + branches: [main, egeria-release-4*] permissions: contents: read @@ -12,25 +13,22 @@ permissions: jobs: build: runs-on: ubuntu-latest - name: "Gradle" + name: "Verify PR v4" if: startsWith(github.repository,'odpi/') steps: - uses: actions/checkout@v3 - uses: gradle/wrapper-validation-action@v1 - - name: Set up JDK 11 + - name: Set up JDK uses: actions/setup-java@v3 with: distribution: 'temurin' - java-version: '11' - - name: Cache Gradle packages - uses: actions/cache@v3.2.4 - with: - path: ~/.gradle/caches - key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }} - restore-keys: ${{ runner.os }}-gradle + java-version: '17' - name: Build with Gradle - # For a build machine environment, force a more clean build - run: ./gradlew clean build --no-build-cache --no-configure-on-demand --priority normal --no-watch-fs --refresh-dependencies --no-daemon --no-parallel + uses: gradle/gradle-build-action@v2 + with: + # Only cache for main build + cache-read-only: true + arguments: build publishToMavenLocal - name: Upload Test coverage report uses: actions/upload-artifact@v3 with: @@ -42,4 +40,3 @@ jobs: name: Dependency Analysis Report (on failure) path: build/reports/dependency-analysis/build-health-report.txt if-no-files-found: ignore - diff --git a/.github/workflows/release.yml b/.github/workflows/release-v4.yml similarity index 74% rename from .github/workflows/release.yml rename to .github/workflows/release-v4.yml index fb5990db748..ea4f2be83fe 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release-v4.yml @@ -1,6 +1,7 @@ # SPDX-License-Identifier: Apache-2.0 # Copyright Contributors to the ODPi Egeria project. -name: "Release" +--- +name: "Release v4" # Trigger when a Release is created in github # - does not run on modification (may be just text) @@ -10,7 +11,8 @@ on: release: types: - created - # Also allow for manual invocation for testing + branches: [main, egeria-release-4*] + workflow_dispatch: permissions: @@ -24,6 +26,7 @@ jobs: steps: - uses: actions/checkout@v3 name: Checkout source + - uses: gradle/wrapper-validation-action@v1 # Prep for docker builds - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 @@ -38,33 +41,27 @@ jobs: with: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - - name: Set up JDK 11 + - name: Set up JDK 17 uses: actions/setup-java@v3 with: distribution: 'temurin' - java-version: '11' - # Publishing attributes for maven central (this step adds to setting.xml) - server-id: ossrh - server-username: MAVEN_USERNAME - server-password: MAVEN_PASSWORD - # Keys must be known to maven central - require broad publishing - gpg-private-key: ${{ secrets.OSSRH_GPG_PRIVATE_KEY }} - gpg-passphrase: MAVEN_GPG_PASSPHRASE - # Normal build (in future may also run reports (site)) - - - name: Build with Maven and publish to oss.sonatype.org - # See https://github.com/actions/toolkit/issues/231 requires parms using . to be quoted - run: 'mvn -B -DuseMavenCentral clean deploy' - # Needed for publishing -- note we push to a staging area, login to oss.sonatype.org to - # verify (close) the repository & release + java-version: '17' + - name: build and publish to maven central + uses: gradle/gradle-build-action@v2 + with: + cache-read-only: false + arguments: build publish + # Import secrets needed for code signing and distribution env: - MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }} - MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }} - MAVEN_GPG_PASSPHRASE: ${{ secrets.OSSRH_GPG_PASSPHRASE }} + OSSRH_GPG_KEYID: ${{ secrets.OSSRH_GPG_KEYID }} + OSSRH_GPG_PASSPHRASE: ${{ secrets.OSSRH_GPG_PASSPHRASE }} + OSSRH_GPG_PRIVATE_KEY: ${{ secrets.OSSRH_GPG_PRIVATE_KEY }} + OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }} + OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }} # QEMU is needed for ARM64 build for egeria-configure # egeria-configure needs to install utilities - name: Set up QEMU uses: docker/setup-qemu-action@v2 - - name: Set Release version env variable run: | echo "VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)" >> $GITHUB_ENV diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 5fca27cfada..ddf9d782ecb 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -8,7 +8,7 @@ on: schedule: - cron: '26 9 * * 6' push: - branches: [ "main" ] + branches: ["main"] # Also allow for manual invocation for testing workflow_dispatch: @@ -30,12 +30,12 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # tag=v3.0.0 + uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # tag=v3.0.0 with: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # tag=v2.1.2 + uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # tag=v2.1.2 with: results_file: results.sarif results_format: sarif @@ -54,7 +54,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # tag=v3.0.0 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # tag=v3.0.0 with: name: SARIF file path: results.sarif @@ -62,6 +62,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@5f532563584d71fdef14ee64d17bafb34f751ce5 # tag=v1.0.26 + uses: github/codeql-action/upload-sarif@5f532563584d71fdef14ee64d17bafb34f751ce5 # tag=v1.0.26 with: sarif_file: results.sarif diff --git a/.lift.toml b/.lift.toml index 8cae98682fb..82f4fef5e60 100644 --- a/.lift.toml +++ b/.lift.toml @@ -1,4 +1,4 @@ # SPDX-License-Identifier: Apache-2.0 # Copyright Contributors to the ODPi Egeria project. -jdk11 = true -build = "gradlew -x test -x javadoc build" +jdkVersion = "17" +build = "./gradlew -x test -x javadoc build" diff --git a/build.gradle b/build.gradle index b847d13e31e..0d297ce6568 100644 --- a/build.gradle +++ b/build.gradle @@ -26,7 +26,7 @@ plugins { allprojects { group = 'org.odpi.egeria' - version = '3.16-SNAPSHOT' + version = '4.0-SNAPSHOT' // Mostly java, so default to this for now apply plugin: 'java' @@ -318,7 +318,7 @@ allprojects { withJavadocJar() } tasks.withType(JavaCompile) { - options.release = 11 + options.release = 17 options.encoding = 'UTF-8' options.incremental = true options.failOnError = true @@ -365,7 +365,7 @@ allprojects { publishing { publications { - connector(MavenPublication) { + mavenmodule(MavenPublication) { from components.java pom { url = 'http://egeria.odpi.org' diff --git a/gradle.properties b/gradle.properties index c4bcfbd161f..5855fc20495 100644 --- a/gradle.properties +++ b/gradle.properties @@ -5,10 +5,10 @@ org.gradle.parallel=true # Caching -org.gradle.caching=false +org.gradle.caching=true -# Watch fileystem - disable - too many files swamps OS -org.gradle.vfs.watch=false +# Watch filesystem for changes. Disable if memory constrained +org.gradle.vfs.watch=true # Default logging output org.gradle.console=auto diff --git a/open-metadata-distribution/open-metadata-assemblies/build.gradle b/open-metadata-distribution/open-metadata-assemblies/build.gradle index c253c012fd7..503b38a4fdb 100644 --- a/open-metadata-distribution/open-metadata-assemblies/build.gradle +++ b/open-metadata-distribution/open-metadata-assemblies/build.gradle @@ -226,9 +226,12 @@ build.dependsOn unzip // We don't want a published artifact from this module, as it's creating the final assembly // So disable all publish tasks inherited from the top level publish.onlyIf { false } -generatePomFileForConnectorPublication.onlyIf { false } -publishConnectorPublicationToMavenLocal.onlyIf { false } +generatePomFileForMavenmodulePublication.onlyIf { false } +publishMavenmodulePublicationToMavenLocal.onlyIf { false } publishToMavenLocal.onlyIf { false } +publishAllPublicationsToOSSRHRepository.onlyIf { false } +publishMavenmodulePublicationToOSSRHRepository.onlyIf { false } +generateMetadataFileForMavenmodulePublication.onlyIf { false } diff --git a/open-metadata-implementation/platform-services/platform-services-server/src/main/java/org/odpi/openmetadata/platformservices/server/OMAGServerPlatformOriginServices.java b/open-metadata-implementation/platform-services/platform-services-server/src/main/java/org/odpi/openmetadata/platformservices/server/OMAGServerPlatformOriginServices.java index 01a549bb3ed..bdc09c340e3 100644 --- a/open-metadata-implementation/platform-services/platform-services-server/src/main/java/org/odpi/openmetadata/platformservices/server/OMAGServerPlatformOriginServices.java +++ b/open-metadata-implementation/platform-services/platform-services-server/src/main/java/org/odpi/openmetadata/platformservices/server/OMAGServerPlatformOriginServices.java @@ -8,7 +8,7 @@ */ public class OMAGServerPlatformOriginServices { - final String implementationOrigin = "Egeria OMAG Server Platform (version 3.16-SNAPSHOT)\n"; + final String implementationOrigin = "Egeria OMAG Server Platform (version 4.0-SNAPSHOT)\n"; /** * Return the origin of this server platform implementation. diff --git a/open-metadata-implementation/server-chassis/server-chassis-spring/src/main/java/org/odpi/openmetadata/serverchassis/springboot/OMAGServerPlatform.java b/open-metadata-implementation/server-chassis/server-chassis-spring/src/main/java/org/odpi/openmetadata/serverchassis/springboot/OMAGServerPlatform.java index 3859d0efbab..86bb59d7712 100644 --- a/open-metadata-implementation/server-chassis/server-chassis-spring/src/main/java/org/odpi/openmetadata/serverchassis/springboot/OMAGServerPlatform.java +++ b/open-metadata-implementation/server-chassis/server-chassis-spring/src/main/java/org/odpi/openmetadata/serverchassis/springboot/OMAGServerPlatform.java @@ -37,7 +37,7 @@ @OpenAPIDefinition( info = @Info( title = "Egeria's Open Metadata and Governance (OMAG) Server Platform", - version = "3.16-SNAPSHOT", + version = "4.0-SNAPSHOT", description = "The OMAG Server Platform provides a runtime process and platform for Open Metadata and Governance (OMAG) Services.\n" + "\n" + "The OMAG services are configured and activated in OMAG Servers using the Administration Services.\n" + diff --git a/open-metadata-resources/open-metadata-deployment/docker/configure/Dockerfile b/open-metadata-resources/open-metadata-deployment/docker/configure/Dockerfile index 3e905875259..a976b1952d9 100644 --- a/open-metadata-resources/open-metadata-deployment/docker/configure/Dockerfile +++ b/open-metadata-resources/open-metadata-deployment/docker/configure/Dockerfile @@ -2,7 +2,7 @@ # Copyright Contributors to the Egeria project FROM docker.io/library/alpine:3.17.1 -ARG version=3.16-SNAPSHOT +ARG version=4.0-SNAPSHOT ARG VCS_REF=unknown ARG VCS_ORIGIN=unknown ARG BUILD_TIME=unknown diff --git a/open-metadata-resources/open-metadata-deployment/docker/egeria/Dockerfile b/open-metadata-resources/open-metadata-deployment/docker/egeria/Dockerfile index a0e8f90953c..1ece86978ec 100644 --- a/open-metadata-resources/open-metadata-deployment/docker/egeria/Dockerfile +++ b/open-metadata-resources/open-metadata-deployment/docker/egeria/Dockerfile @@ -10,11 +10,11 @@ # See readme in source tree or on docker hub for more info # Based on RedHat UBI image. -# https://catalog.redhat.com/software/containers/ubi8/openjdk-11/5dd6a4b45a13461646f677f4?container-tabs=gti>i-tabs=unauthenticated +# https://catalog.redhat.com/software/containers/ubi9/openjdk-17-runtime/61ee7d45384a3eb331996bee -FROM registry.access.redhat.com/ubi8/openjdk-11 -ARG version=3.16-SNAPSHOT +FROM registry.access.redhat.com/ubi9/openjdk-17-runtime +ARG version=4.0-SNAPSHOT ARG VCS_REF=unknown ARG VCS_ORIGIN=unknown ARG BUILD_TIME=unknown @@ -25,7 +25,7 @@ ENV version ${version} # Labels from https://github.com/opencontainers/image-spec/blob/master/annotations.md#pre-defined-annotation-keys (with additions prefixed ext) LABEL org.opencontainers.image.vendor = "ODPi" \ org.opencontainers.image.title = "Egeria" \ - org.opencontainers.image.description = "Common image for core ODPi Egeria runtime. Based on RedHat UBI 8 openjdk-11 image" \ + org.opencontainers.image.description = "Common image for core ODPi Egeria runtime. Based on RedHat UBI 8 openjdk-17 image" \ org.opencontainers.image.url = "https://egeria.odpi.org/" \ org.opencontainers.image.source = "$VCS_ORIGIN" \ org.opencontainers.image.authors = "ODPi Egeria" \ diff --git a/pom.xml b/pom.xml index 042cabd3180..a3e485fd4f1 100644 --- a/pom.xml +++ b/pom.xml @@ -2,6 +2,14 @@ + +