add build files

Author: f-necas

.github/workflows/backport.yml

@@ -0,0 +1,29 @@
+name: Automatic backport action
+
+on:
+  pull_request_target:
+    types: ["closed", "labeled"]
+
+permissions:
+  contents: write # so it can comment
+  pull-requests: write # so it can create pull requests
+
+jobs:
+  backport:
+    name: Backport PR
+    if: github.event.pull_request.merged == true && !(contains(github.event.pull_request.labels.*.name, 'backport'))
+    runs-on: ubuntu-latest
+    steps:
+      - name: Backport Action
+        uses: sorenlouv/[email protected]
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          auto_backport_label_prefix: backport-to-
+
+      - name: Info log
+        if: ${{ success() }}
+        run: cat ~/.backport/backport.info.log
+
+      - name: Debug log
+        if: ${{ failure() }}
+        run: cat ~/.backport/backport.debug.log

.github/workflows/sp.yml

@@ -0,0 +1,84 @@
+name: "security-proxy"
+on:
+  push:
+    branches:
+      - main
+    tags:
+      - '*'
+  pull_request:
+
+jobs:
+  build:
+    if: "!startsWith(github.event.head_commit.message, '[skip ci] ')"
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    steps:
+    - name: "Checking out"
+      uses: actions/checkout@v5
+
+    - name: "Setting up Java"
+      uses: actions/setup-java@v5
+      with:
+        java-version: '11'
+        distribution: 'adopt'
+        cache: 'maven'
+        server-id: geOrchestra-artifactory
+        server-username: ARTIFACTORY_USERNAME_REF
+        server-password: ARTIFACTORY_TOKEN_REF
+
+    - name: "Installing & checking formatting"
+      run: mvn install -DskipTests --no-transfer-progress -B -Dfmt.action=validate -Dadditionalparam=-Xdoclint:none
+      # note "-pl :security-proxy --also-make" builds only the project and its dependencies
+
+    - name: "Running tests"
+      run: mvn verify -Pit --no-transfer-progress -Dfmt.skip=true -Dadditionalparam=-Xdoclint:none
+
+    - name: Getting image tag
+      if: github.repository == 'georchestra/security-proxy' && github.actor != 'dependabot[bot]'
+      id: version
+      run: echo "VERSION=$(echo $GITHUB_REF | cut -d / -f 3)" >> $GITHUB_OUTPUT
+
+    - name: "Building docker image"
+      if: github.repository == 'georchestra/security-proxy' && github.actor != 'dependabot[bot]'
+      run: mvn clean package docker:build -Pdocker,log4j-logstash,sentry-log4j  -DdockerImageName=georchestra/security-proxy:${{ steps.version.outputs.VERSION }} -DskipTests --no-transfer-progress
+
+    - name: "Logging in docker.io"
+      uses: azure/docker-login@v2
+      if: github.repository == 'georchestra/security-proxy' && github.actor != 'dependabot[bot]' && github.event_name != 'pull_request'
+      with:
+        username: '${{ secrets.DOCKER_HUB_USERNAME }}'
+        password: '${{ secrets.DOCKER_HUB_PASSWORD }}'
+
+    - name: "Update Docker Hub Description"
+      if: github.ref == 'refs/heads/master' && github.repository == 'georchestra/security-proxy' && github.actor != 'dependabot[bot]' && github.event_name != 'pull_request'
+      uses: peter-evans/dockerhub-description@v4
+      with:
+        username: ${{ secrets.DOCKER_HUB_USERNAME }}
+        password: ${{ secrets.DOCKER_HUB_PASSWORD }}
+        repository: georchestra/security-proxy
+        readme-filepath: ./security-proxy/DOCKER_HUB.md
+        short-description: 'Security-proxy module for the geOrchestra SDI'
+
+    - name: "Pushing latest to docker.io"
+      if: github.ref == 'refs/heads/master' && github.repository == 'georchestra/security-proxy' && github.actor != 'dependabot[bot]' && github.event_name != 'pull_request'
+      run: |
+        docker tag georchestra/security-proxy:${{ steps.version.outputs.VERSION }} georchestra/security-proxy:latest
+        docker push georchestra/security-proxy:latest
+
+    - name: "Pushing release branch or tag to docker.io"
+      if: (endsWith(github.ref, '.x') || contains(github.ref, 'refs/tags/')) && github.repository == 'georchestra/security-proxy' && github.actor != 'dependabot[bot]' && github.event_name != 'pull_request'
+      run: |
+        docker push georchestra/security-proxy:${{ steps.version.outputs.VERSION }}
+
+    - name: "Publish war in artifactory"
+      run:  mvn deploy -DskipTests
+      if: github.actor != 'dependabot[bot]' && github.event_name != 'pull_request'
+      continue-on-error: true
+      env:
+        ARTIFACTORY_TOKEN_REF: ${{ secrets.ARTIFACTORY_TOKEN }}
+        ARTIFACTORY_USERNAME_REF: ${{ secrets.ARTIFACTORY_USERNAME }}
+
+    - name: "Remove SNAPSHOT jars from repository"
+      if: github.actor != 'dependabot[bot]' && github.event_name != 'pull_request'
+      run: |
+        find .m2/repository -name "*SNAPSHOT*" -type d | xargs rm -rf {}

.gitignore

@@ -0,0 +1,20 @@
+**/target/
+*/jsbuild/venv/
+*/jsbuild/env/
+**/.project
+**/.classpath
+**/.settings
+.idea/
+*.iml
+*~
+.attach_pid*
+
+
+# documentation
+venv_mkdocs/
+.venv_mkdocs/
+docs/technical_guides_to_delete/
+
+
+# mac
+.DS_STORE