Bay Typical (WIP)

Author: pascalwilbrink

.dockerignore

@@ -0,0 +1,9 @@
+# SPDX-FileCopyrightText: 2023 Alliander N.V.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+*
+!target/*-runner
+!target/*-runner.jar
+!target/lib/*
+!target/quarkus-app/*

.gitattributes

@@ -0,0 +1,11 @@
+# SPDX-FileCopyrightText: 2023 Alliander N.V.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+#
+# https://help.github.com/articles/dealing-with-line-endings/
+#
+# These are explicitly windows files and should use crlf
+*.bat           text eol=crlf
+*.cmd           text eol=crlf
+

.github/dependabot.yml

@@ -0,0 +1,41 @@
+# SPDX-FileCopyrightText: 2022 Alliander N.V.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+version: 2
+
+registries:
+  maven-github:
+    type: maven-repository
+    url: https://maven.pkg.github.com/com-pas/*
+    username: OWNER
+    password: ${{ secrets.DB_GITHUB_PACKAGES }}
+
+updates:
+  # Maintain dependencies for GitHub Actions
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    open-pull-requests-limit: 5
+
+  # Maintain dependencies for Maven
+  - package-ecosystem: "maven"
+    directory: "/"
+    registries:
+      - maven-github
+    schedule:
+      interval: "daily"
+    open-pull-requests-limit: 5
+    ignore:
+      # Next two dependencies shouldn't be upgrade, because RestEasy isn't using newer version. (2.3.X)
+      - dependency-name: jakarta.xml.bind:jakarta.xml.bind-api
+        versions: [ "[3.0,)" ]
+      - dependency-name: com.sun.xml.bind:jaxb-impl
+        versions: [ "[3.0,)" ]
+
+  - package-ecosystem: "docker"
+    directory: "/app/src/main/docker/"
+    schedule:
+      interval: "daily"
+    open-pull-requests-limit: 5

.github/release.yml

@@ -0,0 +1,26 @@
+# SPDX-FileCopyrightText: 2022 Alliander N.V.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+changelog:
+  exclude:
+    labels:
+      - wontfix
+      - duplicate
+      - invalid
+  categories:
+    - title: New Features
+      labels:
+        - enhancement
+    - title: Bugfixes
+      labels:
+        - bug
+    - title: Tooling changes
+      labels:
+        - tooling
+    - title: Dependency updates
+      labels:
+        - dependencies
+    - title: Other Changes
+      labels:
+        - "*"

.github/workflows/automate-projects.yml

@@ -0,0 +1,28 @@
+# SPDX-FileCopyrightText: 2022 Alliander N.V.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+name: Add issues and pull request to project boards
+
+on: [ issues, pull_request, pull_request_target ]
+
+jobs:
+  github-actions-automate-projects:
+    runs-on: ubuntu-latest
+
+    if: ${{ (github.event_name != 'pull_request_target' && github.actor != 'dependabot[bot]') || (github.actor == 'dependabot[bot]' && github.event_name == 'pull_request_target') }}
+    steps:
+      - name: add-new-issues-to-organization-based-project-column
+        if: github.event_name == 'issues' && github.event.action == 'opened'
+        uses: alex-page/github-project-automation-plus@v0.8.3
+        with:
+          project: CoMPAS Issues Overview Board
+          column: To do
+          repo-token: ${{ secrets.ORG_GITHUB_ACTION_SECRET }}
+      - name: add-new-pull-request-to-organization-based-project-column
+        if: (github.event_name == 'pull_request' || github.event_name == 'pull_request_target') && github.event.action == 'opened'
+        uses: alex-page/github-project-automation-plus@v0.8.3
+        with:
+          project: CoMPAS Pull Request Overview Board
+          column: To do
+          repo-token: ${{ secrets.ORG_GITHUB_ACTION_SECRET }}

.github/workflows/build-project.yml

@@ -0,0 +1,57 @@
+# SPDX-FileCopyrightText: 2022 Alliander N.V.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+name: Build Project
+
+on:
+  push:
+    branches:
+      - '**'
+  pull_request:
+    branches:
+      - 'main'
+      - 'develop'
+
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    timeout-minutes: 30
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Cache Docker Register
+        uses: actions/cache@v3
+        with:
+          path: /tmp/.buildx-cache
+          key: ${{ runner.os }}-buildx-${{ hashFiles('**/Dockerfile') }}
+      - name: Cache Maven packages
+        uses: actions/cache@v3
+        with:
+          path: ~/.m2
+          key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+          restore-keys: ${{ runner.os }}-m2
+
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v2
+      - name: Set up JDK 17
+        uses: actions/setup-java@v3
+        with:
+          distribution: 'zulu'
+          java-version: '17'
+
+      - name: Create custom Maven Settings.xml
+        uses: whelk-io/maven-settings-xml-action@v21
+        with:
+          output_file: custom_maven_settings.xml
+          servers: '[{ "id": "github-packages-compas", "username": "OWNER", "password": "${{ secrets.GITHUB_TOKEN }}" }]'
+      - name: Build with Maven (Pull Request)
+        if: ${{ github.event_name == 'pull_request' }}
+        run: ./mvnw -s custom_maven_settings.xml -B -Pnative-image clean verify
+      - name: Build with Maven (Push)
+        if: ${{ github.event_name == 'push' }}
+        run: ./mvnw -s custom_maven_settings.xml -B clean verify

.github/workflows/release-project.yml

@@ -0,0 +1,65 @@
+# SPDX-FileCopyrightText: 2022 Alliander N.V.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+name: Release Project
+
+on:
+  release:
+    types: [ released ]
+
+jobs:
+  release_project:
+    name: Release project
+    runs-on: ubuntu-latest
+    timeout-minutes: 30
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Cache Docker Register
+        uses: actions/cache@v3
+        with:
+          path: /tmp/.buildx-cache
+          key: ${{ runner.os }}-buildx-${{ hashFiles('**/Dockerfile') }}
+      - name: Cache Maven packages
+        uses: actions/cache@v3
+        with:
+          path: ~/.m2
+          key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+          restore-keys: ${{ runner.os }}-m2
+
+      - name: Extract tag name
+        id: extract_tagname
+        shell: bash
+        # Extract the tag name from the git reference, value of GITHUB_REF will be something like refs/tags/<tag_name>.
+        run: echo "##[set-output name=tagname;]$(echo ${GITHUB_REF##*/})"
+
+      - name: Set up JDK 17
+        uses: actions/setup-java@v3
+        with:
+          distribution: 'zulu'
+          java-version: '17'
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v2
+      - name: Login to Docker Hub
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_TOKEN }}
+
+      - name: Create custom Maven Settings.xml
+        uses: whelk-io/maven-settings-xml-action@v21
+        with:
+          output_file: custom_maven_settings.xml
+          servers: '[{ "id": "github-packages-compas", "username": "OWNER", "password": "${{ secrets.GITHUB_TOKEN }}" }]'
+      - name: Set version with Maven
+        run: ./mvnw -B versions:set -DprocessAllModules=true -DnewVersion=${{ steps.extract_tagname.outputs.tagname }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Deploy with Maven to GitHub Packages and Docker Hub
+        run: ./mvnw -B -s custom_maven_settings.xml -Pnative-image,release clean deploy
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/reuse.yml

@@ -0,0 +1,16 @@
+# SPDX-FileCopyrightText: 2022 Alliander N.V.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+name: REUSE Compliance Check
+
+on: push
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      - name: REUSE Compliance Check
+        uses: fsfe/reuse-action@v1

.github/workflows/sonarcloud-analysis.yml

@@ -0,0 +1,85 @@
+# SPDX-FileCopyrightText: 2022 Alliander N.V.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+name: SonarCloud Analysis
+
+on:
+  push:
+    branches:
+      - '**'
+  pull_request:
+    branches:
+      - 'main'
+      - 'develop'
+  pull_request_target:
+    branches:
+      - 'main'
+      - 'develop'
+
+jobs:
+  sonar-check:
+    name: Sonar Check
+    runs-on: ubuntu-latest
+    timeout-minutes: 15
+
+    if: ${{ (github.event_name != 'pull_request_target' && github.actor != 'dependabot[bot]') || (github.actor == 'dependabot[bot]' && github.event_name == 'pull_request_target') }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Cache SonarCloud packages
+        uses: actions/cache@v3
+        with:
+          path: ~/.sonar/cache
+          key: ${{ runner.os }}-sonar
+          restore-keys: ${{ runner.os }}-sonar
+      - name: Cache Maven packages
+        uses: actions/cache@v3
+        with:
+          path: ~/.m2
+          key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+          restore-keys: ${{ runner.os }}-m2
+
+      - name: Set up JDK 17
+        uses: actions/setup-java@v3
+        with:
+          distribution: 'zulu'
+          java-version: '17'
+
+      - name: Set Common Sonar Variables
+        id: sonar_env
+        run: |
+          echo "##[set-output name=sonar_opts;]$(echo -Dsonar.host.url=https://sonarcloud.io \
+            -Dsonar.projectKey=com-pas_compas-sitipe-service \
+            -Dsonar.organization=com-pas )"
+      - name: Create custom Maven Settings.xml
+        uses: whelk-io/maven-settings-xml-action@v21
+        with:
+          output_file: custom_maven_settings.xml
+          servers: '[{ "id": "github-packages-compas", "username": "OWNER", "password": "${{ secrets.GITHUB_TOKEN }}" }]'
+      - name: Build and analyze (Pull Request)
+        if: ${{ github.event_name == 'pull_request' || (github.actor == 'dependabot[bot]' && github.event_name == 'pull_request_target') }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        run: |
+          ./mvnw -B -s custom_maven_settings.xml -Psonar \
+            ${{ steps.sonar_env.outputs.sonar_opts }} \
+            -Dsonar.pullrequest.branch=${{ github.ref_name }} \
+            -Dsonar.pullrequest.key=${{ github.event.pull_request.number }} \
+            -Dsonar.pullrequest.base=${{ github.base_ref }} \
+            -Dsonar.scm.revision=${{ github.event.pull_request.head.sha }} \
+            clean verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
+      - name: Build and analyze (Push)
+        if: ${{ github.event_name == 'push' }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        run: |
+          ./mvnw -B -s custom_maven_settings.xml -Psonar \
+            ${{ steps.sonar_env.outputs.sonar_opts }} \
+            -Dsonar.branch.name=${{ github.ref_name }} \
+            clean verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar