diff --git a/.github/workflows/build-project.yml b/.github/workflows/build-project.yml
index d3d0fb3..beb1ff3 100644
--- a/.github/workflows/build-project.yml
+++ b/.github/workflows/build-project.yml
@@ -21,7 +21,7 @@ jobs:
steps:
- name: Checkout
- uses: actions/checkout@v3
+ uses: actions/checkout@v4
- name: Cache Docker Register
uses: actions/cache@v3
@@ -37,7 +37,7 @@ jobs:
- name: Set up Docker Buildx
id: buildx
- uses: docker/setup-buildx-action@v2
+ uses: docker/setup-buildx-action@v3
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
diff --git a/.github/workflows/release-project.yml b/.github/workflows/release-project.yml
index 3bc5dfb..72998ed 100644
--- a/.github/workflows/release-project.yml
+++ b/.github/workflows/release-project.yml
@@ -16,7 +16,7 @@ jobs:
steps:
- name: Checkout
- uses: actions/checkout@v3
+ uses: actions/checkout@v4
- name: Cache Docker Register
uses: actions/cache@v3
@@ -43,9 +43,9 @@ jobs:
java-version: '17'
- name: Set up Docker Buildx
id: buildx
- uses: docker/setup-buildx-action@v2
+ uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
- uses: docker/login-action@v2
+ uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}
diff --git a/.github/workflows/reuse.yml b/.github/workflows/reuse.yml
index 9ebd56d..b89fda9 100644
--- a/.github/workflows/reuse.yml
+++ b/.github/workflows/reuse.yml
@@ -11,6 +11,6 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
- uses: actions/checkout@v3
+ uses: actions/checkout@v4
- name: REUSE Compliance Check
- uses: fsfe/reuse-action@v1
+ uses: fsfe/reuse-action@v2
diff --git a/.github/workflows/sonarcloud-analysis.yml b/.github/workflows/sonarcloud-analysis.yml
index 8a8bf0f..053375f 100644
--- a/.github/workflows/sonarcloud-analysis.yml
+++ b/.github/workflows/sonarcloud-analysis.yml
@@ -4,82 +4,106 @@
name: SonarCloud Analysis
-on:
- push:
- branches:
- - '**'
- pull_request:
- branches:
- - 'main'
- - 'develop'
- pull_request_target:
- branches:
- - 'main'
- - 'develop'
+on:
+ workflow_run:
+ workflows: [SonarCloud Build]
+ types: [completed]
jobs:
- build:
- name: Build
+ sonar-check:
runs-on: ubuntu-latest
+ if: github.event.workflow_run.conclusion == 'success'
timeout-minutes: 15
-
- if: ${{ (github.event_name != 'pull_request_target' && github.actor != 'dependabot[bot]') || (github.actor == 'dependabot[bot]' && github.event_name == 'pull_request_target') }}
steps:
- - name: Checkout
- uses: actions/checkout@v3
- with:
- fetch-depth: 0
-
- - name: Cache SonarCloud packages
- uses: actions/cache@v3
- with:
- path: ~/.sonar/cache
- key: ${{ runner.os }}-sonar
- restore-keys: ${{ runner.os }}-sonar
- - name: Cache Maven packages
- uses: actions/cache@v3
- with:
- path: ~/.m2
- key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
- restore-keys: ${{ runner.os }}-m2
+ - name: echo event
+ run: cat $GITHUB_EVENT_PATH
+ - name: Download PR number artifact
+ if: github.event.workflow_run.event == 'pull_request'
+ uses: dawidd6/action-download-artifact@v2
+ with:
+ workflow: SonarCloud Build
+ run_id: ${{ github.event.workflow_run.id }}
+ name: PR_NUMBER
+ - name: Read PR_NUMBER.txt
+ if: github.event.workflow_run.event == 'pull_request'
+ id: pr_number
+ uses: juliangruber/read-file-action@v1
+ with:
+ path: ./PR_NUMBER.txt
+ - name: Request GitHub API for PR data
+ if: github.event.workflow_run.event == 'pull_request'
+ uses: octokit/request-action@v2.x
+ id: get_pr_data
+ with:
+ route: GET /repos/{full_name}/pulls/{number}
+ number: ${{ steps.pr_number.outputs.content }}
+ full_name: ${{ github.event.repository.full_name }}
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ - uses: actions/checkout@v4
+ with:
+ repository: ${{ github.event.workflow_run.head_repository.full_name }}
+ ref: ${{ github.event.workflow_run.head_branch }}
+ fetch-depth: 0
+ - name: Checkout base branch
+ if: github.event.workflow_run.event == 'pull_request'
+ run: |
+ git remote add upstream ${{ github.event.repository.clone_url }}
+ git fetch upstream
+ git checkout -B ${{ fromJson(steps.get_pr_data.outputs.data).base.ref }} upstream/${{ fromJson(steps.get_pr_data.outputs.data).base.ref }}
+ git checkout ${{ github.event.workflow_run.head_branch }}
+ git clean -ffdx && git reset --hard HEAD
+ - name: Cache SonarCloud packages
+ uses: actions/cache@v3
+ with:
+ path: ~/.sonar/cache
+ key: ${{ runner.os }}-sonar
+ restore-keys: ${{ runner.os }}-sonar
+ - name: Cache Maven packages
+ uses: actions/cache@v3
+ with:
+ path: ~/.m2
+ key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+ restore-keys: ${{ runner.os }}-m2
- - name: Set up JDK 17
- uses: actions/setup-java@v3
- with:
- distribution: 'zulu'
- java-version: '17'
+ - name: Set up JDK 17
+ uses: actions/setup-java@v3
+ with:
+ distribution: 'zulu'
+ java-version: '17'
- - name: Set Common Sonar Variables
- id: sonar_env
- run: |
- echo "##[set-output name=sonar_opts;]$(echo -Dsonar.host.url=https://sonarcloud.io \
- -Dsonar.projectKey=com-pas_compas-cim-mapping \
- -Dsonar.organization=com-pas )"
- - name: Create custom Maven Settings.xml
- uses: whelk-io/maven-settings-xml-action@v21
- with:
- output_file: custom_maven_settings.xml
- servers: '[{ "id": "github-packages-compas", "username": "OWNER", "password": "${{ secrets.GITHUB_TOKEN }}" }]'
- - name: Build and analyze (Pull Request)
- if: ${{ github.event_name == 'pull_request' || (github.actor == 'dependabot[bot]' && github.event_name == 'pull_request_target') }}
- env:
- GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
- run: |
- ./mvnw -B -s custom_maven_settings.xml -Psonar \
- ${{ steps.sonar_env.outputs.sonar_opts }} \
- -Dsonar.pullrequest.branch=${{ github.ref_name }} \
- -Dsonar.pullrequest.key=${{ github.event.pull_request.number }} \
- -Dsonar.pullrequest.base=${{ github.base_ref }} \
- -Dsonar.scm.revision=${{ github.event.pull_request.head.sha }} \
- clean verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
- - name: Build and analyze (Push)
- if: ${{ github.event_name == 'push' }}
- env:
- GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
- run: |
- ./mvnw -B -s custom_maven_settings.xml -Psonar \
- ${{ steps.sonar_env.outputs.sonar_opts }} \
- -Dsonar.branch.name=${{ github.ref_name }} \
- clean verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
+ - name: Set Common Sonar Variables
+ id: sonar_env
+ run: |
+ echo "##[set-output name=sonar_opts;]$(echo -Dsonar.host.url=https://sonarcloud.io \
+ -Dsonar.projectKey=com-pas_compas-cim-mapping \
+ -Dsonar.organization=com-pas )"
+ - name: Create custom Maven Settings.xml
+ uses: whelk-io/maven-settings-xml-action@v21
+ with:
+ output_file: custom_maven_settings.xml
+ servers: '[{ "id": "github-packages-compas", "username": "OWNER", "password": "${{ secrets.GITHUB_TOKEN }}" }]'
+ - name: Build and analyze (Pull Request)
+ if: ${{ github.event.workflow_run.event == 'pull_request' || (github.event.workflow_run.actor == 'dependabot[bot]' && github.event.workflow_run.event == 'pull_request_target') }}
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+ run: |
+ ./mvnw -B -s custom_maven_settings.xml -Psonar \
+ ${{ steps.sonar_env.outputs.sonar_opts }} \
+ -Dsonar.pullrequest.branch=${{ fromJson(steps.get_pr_data.outputs.data).head.ref }} \
+ -Dsonar.pullrequest.key=${{ fromJson(steps.get_pr_data.outputs.data).number }} \
+ -Dsonar.pullrequest.base=${{ fromJson(steps.get_pr_data.outputs.data).base.ref }} \
+ -Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }} \
+ clean verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
+ - name: Build and analyze (Push)
+ if: ${{ github.event.workflow_run.event == 'push' }}
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+ run: |
+ ./mvnw -B -s custom_maven_settings.xml -Psonar \
+ ${{ steps.sonar_env.outputs.sonar_opts }} \
+ -Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }} \
+ -Dsonar.branch.name=${{ github.event.workflow_run.head_branch }} \
+ clean verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
diff --git a/.github/workflows/sonarcloud-build.yml b/.github/workflows/sonarcloud-build.yml
new file mode 100644
index 0000000..7228a74
--- /dev/null
+++ b/.github/workflows/sonarcloud-build.yml
@@ -0,0 +1,77 @@
+# SPDX-FileCopyrightText: 2022 Alliander N.V.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+name: SonarCloud Build
+
+on:
+ push:
+ branches:
+ - '**'
+ pull_request:
+ branches:
+ - 'main'
+ - 'develop'
+ pull_request_target:
+ branches:
+ - 'main'
+ - 'develop'
+
+jobs:
+ precheck-build:
+ name: Pre Check Build
+ runs-on: ubuntu-latest
+ timeout-minutes: 30
+
+ if: ${{ (github.event_name != 'pull_request_target' && github.actor != 'dependabot[bot]') || (github.actor == 'dependabot[bot]' && github.event_name == 'pull_request_target') }}
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+ with:
+ fetch-depth: 0
+
+ - name: Cache SonarCloud packages
+ uses: actions/cache@v3
+ with:
+ path: ~/.sonar/cache
+ key: ${{ runner.os }}-sonar
+ restore-keys: ${{ runner.os }}-sonar
+ - name: Cache Maven packages
+ uses: actions/cache@v3
+ with:
+ path: ~/.m2
+ key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+ restore-keys: ${{ runner.os }}-m2
+
+ - name: Set up JDK 17
+ uses: actions/setup-java@v3
+ with:
+ distribution: 'zulu'
+ java-version: '17'
+
+ - name: Create custom Maven Settings.xml
+ uses: whelk-io/maven-settings-xml-action@v21
+ with:
+ output_file: custom_maven_settings.xml
+ servers: '[{ "id": "github-packages-compas", "username": "OWNER", "password": "${{ secrets.GITHUB_TOKEN }}" }]'
+ - name: Build and analyze (Pull Request)
+ if: ${{ github.event_name == 'pull_request' || (github.actor == 'dependabot[bot]' && github.event_name == 'pull_request_target') }}
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ run: |
+ ./mvnw -B -s custom_maven_settings.xml clean verify
+ - name: Build and analyze (Push)
+ if: ${{ github.event_name == 'push' }}
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ run: |
+ ./mvnw -B -s custom_maven_settings.xml clean verify
+ - name: Save PR number to file
+ if: github.event_name == 'pull_request'
+ run: echo ${{ github.event.number }} > PR_NUMBER.txt
+ - name: Archive PR number
+ if: github.event_name == 'pull_request'
+ uses: actions/upload-artifact@v3
+ with:
+ name: PR_NUMBER
+ path: PR_NUMBER.txt
diff --git a/app/src/main/docker/Dockerfile.jvm b/app/src/main/docker/Dockerfile.jvm
index 7fae8d0..5decd9f 100644
--- a/app/src/main/docker/Dockerfile.jvm
+++ b/app/src/main/docker/Dockerfile.jvm
@@ -21,7 +21,7 @@
# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/app-jvm
#
###
-FROM registry.access.redhat.com/ubi8/ubi-minimal:8.7-1107
+FROM registry.access.redhat.com/ubi8/ubi-minimal:8.8-1072.1697626218
ARG JAVA_PACKAGE=java-17-openjdk-headless
ARG RUN_JAVA_VERSION=1.3.8
diff --git a/app/src/main/docker/Dockerfile.native b/app/src/main/docker/Dockerfile.native
index 15681ae..ddd95ff 100644
--- a/app/src/main/docker/Dockerfile.native
+++ b/app/src/main/docker/Dockerfile.native
@@ -14,7 +14,7 @@
# docker run -i --rm -p 8080:8080 quarkus/app
#
###
-FROM registry.access.redhat.com/ubi8/ubi-minimal:8.7-1107
+FROM registry.access.redhat.com/ubi8/ubi-minimal:8.8-1072.1697626218
WORKDIR /work/
RUN chown 1001 /work \
&& chmod "g+rwX" /work \
diff --git a/pom.xml b/pom.xml
index f7670f3..87ac6df 100644
--- a/pom.xml
+++ b/pom.xml
@@ -20,15 +20,15 @@ SPDX-License-Identifier: Apache-2.0
UTF-8
3.11.0
- 3.0.0
+ 3.2.2
3.2.0
0.11.0
2.16.6.Final
- 3.1
+ 3.1.1
5.1.1
- 2.20.0
+ 2.21.1
1.5.5.Final
0.9.1
@@ -193,7 +193,7 @@ SPDX-License-Identifier: Apache-2.0
java
- 0.8.10
+ 0.8.11
jacoco
target/site/jacoco/jacoco.xml,
@@ -247,7 +247,7 @@ SPDX-License-Identifier: Apache-2.0
org.apache.maven.plugins
maven-source-plugin
- 3.2.1
+ 3.3.0
attach-sources
@@ -261,7 +261,7 @@ SPDX-License-Identifier: Apache-2.0
org.apache.maven.plugins
maven-javadoc-plugin
- 3.5.0
+ 3.6.0
attach-javadocs