Skip to content

Commit

Permalink
Merge branch 'develop' into update-from-template-merged
Browse files Browse the repository at this point in the history
  • Loading branch information
@xdev-gh-bot
xdev-gh-bot committed Nov 25, 2024
2 parents d12ec22 + e494993 commit b734c09
Show file tree
Hide file tree
Showing 384 changed files with 47,534 additions and 162 deletions.
4 changes: 2 additions & 2 deletions .github/ISSUE_TEMPLATE/bug_report.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,9 +14,9 @@ body:
attributes:
label: "Checklist"
options:
- label: "I am able to reproduce the bug with the [latest version](https://github.com/xdev-software/template-placeholder/releases/latest)"
- label: "I am able to reproduce the bug with the [latest version](https://github.com/xdev-software/mockserver-neolight/releases/latest)"
required: true
- label: "I made sure that there are *no existing issues* - [open](https://github.com/xdev-software/template-placeholder/issues) or [closed](https://github.com/xdev-software/template-placeholder/issues?q=is%3Aissue+is%3Aclosed) - which I could contribute my information to."
- label: "I made sure that there are *no existing issues* - [open](https://github.com/xdev-software/mockserver-neolight/issues) or [closed](https://github.com/xdev-software/mockserver-neolight/issues?q=is%3Aissue+is%3Aclosed) - which I could contribute my information to."
required: true
- label: "I have taken the time to fill in all the required details. I understand that the bug report will be dismissed otherwise."
required: true
Expand Down
2 changes: 1 addition & 1 deletion .github/ISSUE_TEMPLATE/enhancement.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ body:
attributes:
label: "Checklist"
options:
- label: "I made sure that there are *no existing issues* - [open](https://github.com/xdev-software/template-placeholder/issues) or [closed](https://github.com/xdev-software/template-placeholder/issues?q=is%3Aissue+is%3Aclosed) - which I could contribute my information to."
- label: "I made sure that there are *no existing issues* - [open](https://github.com/xdev-software/mockserver-neolight/issues) or [closed](https://github.com/xdev-software/mockserver-neolight/issues?q=is%3Aissue+is%3Aclosed) - which I could contribute my information to."
required: true
- label: "I have taken the time to fill in all the required details. I understand that the feature request will be dismissed otherwise."
required: true
Expand Down
2 changes: 1 addition & 1 deletion .github/ISSUE_TEMPLATE/question.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ body:
attributes:
label: "Checklist"
options:
- label: "I made sure that there are *no existing issues* - [open](https://github.com/xdev-software/template-placeholder/issues) or [closed](https://github.com/xdev-software/template-placeholder/issues?q=is%3Aissue+is%3Aclosed) - which I could contribute my information to."
- label: "I made sure that there are *no existing issues* - [open](https://github.com/xdev-software/mockserver-neolight/issues) or [closed](https://github.com/xdev-software/mockserver-neolight/issues?q=is%3Aissue+is%3Aclosed) - which I could contribute my information to."
required: true
- label: "I have taken the time to fill in all the required details. I understand that the question will be dismissed otherwise."
required: true
Expand Down
29 changes: 20 additions & 9 deletions .github/workflows/check-build.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,10 +19,6 @@ on:
- '.idea/**'
- 'assets/**'

env:
PRIMARY_MAVEN_MODULE: ${{ github.event.repository.name }}
DEMO_MAVEN_MODULE: ${{ github.event.repository.name }}-demo

jobs:
build:
runs-on: ubuntu-latest
Expand All @@ -44,7 +40,7 @@ jobs:
cache: 'maven'

- name: Build with Maven
run: ./mvnw -B clean package
run: ./mvnw -B clean package -P run-integration-tests

- name: Check for uncommited changes
run: |
Expand All @@ -64,13 +60,27 @@ jobs:
exit 1
fi
- name: Upload demo files
- name: Upload standalone server JAR
uses: actions/upload-artifact@v4
with:
name: demo-files-java-${{ matrix.java }}
path: ${{ env.DEMO_MAVEN_MODULE }}/target/${{ env.DEMO_MAVEN_MODULE }}.jar
name: server-${{ matrix.java }}
path: server/target/server-standalone.jar
if-no-files-found: error

# Build docker
- uses: docker/setup-qemu-action@v3

- uses: docker/setup-buildx-action@v3

- uses: docker/build-push-action@v6
with:
context: ./server
push: false
tags: mockserver-standalone:experimental
platforms: linux/amd64,linux/arm64
cache-from: type=gha
cache-to: type=gha,mode=max

checkstyle:
runs-on: ubuntu-latest
if: ${{ github.event_name != 'pull_request' || !startsWith(github.head_ref, 'renovate/') }}
Expand Down Expand Up @@ -118,7 +128,8 @@ jobs:
run: ./mvnw -B test pmd:aggregate-pmd-no-fork pmd:check -P pmd -DskipTests -T2C

- name: Run CPD (Copy Paste Detector)
run: ./mvnw -B pmd:aggregate-cpd pmd:cpd-check -P pmd -DskipTests -T2C
# Todo: Readd pmd:cpd-check - Disabled for now due to upstream code
run: ./mvnw -B pmd:aggregate-cpd -P pmd -DskipTests -T2C

- name: Upload report
if: always()
Expand Down
68 changes: 68 additions & 0 deletions .github/workflows/image-vuln-scan.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,68 @@
name: Image vuln scan

on:
workflow_dispatch:
schedule:
- cron: "22 7 * * 0"

permissions:
issues: write

env:
# Note: Use ghcr since we have no rate limiting there
TRIVYY_IMAGE_REF: 'ghcr.io/xdev-software/mockserver-neolight:latest'

jobs:
scan:
runs-on: ubuntu-latest
continue-on-error: true # Ignore errors, we create an issue instead
steps:
- uses: actions/checkout@v4

- name: Scan - Full
uses: aquasecurity/[email protected]
with:
image-ref: ${{ env.TRIVYY_IMAGE_REF }}

- name: Scan - Relevant
id: scan_relevant
uses: aquasecurity/[email protected]
with:
image-ref: ${{ env.TRIVYY_IMAGE_REF }}
exit-code: 1
severity: 'HIGH,CRITICAL'
output: reported.txt
env:
TRIVY_DISABLE_VEX_NOTICE: 1

- name: Find already existing issue
id: find-issue
if: ${{ always() }}
run: |
echo "number=$(gh issue list -l 'bug' -l 'automated' -L 1 -S 'in:title \"Trivy Vulnerability Report\"' -s 'open' --json 'number' --jq '.[].number')" >> $GITHUB_OUTPUT
env:
GH_TOKEN: ${{ github.token }}

- name: Close issue if everything is fine
if: ${{ success() && steps.find-issue.outputs.number != '' }}
run: gh issue close -r 'not planned' ${{ steps.find-issue.outputs.number }}
env:
GH_TOKEN: ${{ github.token }}

- name: Reformat report
if: ${{ failure() && steps.scan_relevant.conclusion == 'failure' }}
run: |
echo 'Trivy reported vulnerabilities that should be addressed:' > reported.md
echo '```' >> reported.md
cat reported.txt >> reported.md
echo '```' >> reported.md
cat reported.md
- name: Create Issue From File
if: ${{ failure() && steps.scan_relevant.conclusion == 'failure' }}
uses: peter-evans/create-issue-from-file@v5
with:
issue-number: ${{ steps.find-issue.outputs.number }}
title: Trivy Vulnerability Report
content-filepath: ./reported.md
labels: bug, automated
144 changes: 128 additions & 16 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,6 @@ on:
push:
branches: [ master ]

env:
PRIMARY_MAVEN_MODULE: ${{ github.event.repository.name }}

permissions:
contents: write
pull-requests: write
Expand Down Expand Up @@ -51,7 +48,8 @@ jobs:
needs: [check-code]
timeout-minutes: 10
outputs:
upload_url: ${{ steps.create_release.outputs.upload_url }}
upload_url: ${{ steps.create-release.outputs.upload_url }}
version: ${{ steps.version.outputs.release }}
steps:
- uses: actions/checkout@v4

Expand All @@ -74,10 +72,9 @@ jobs:
- name: Get version
id: version
run: |
version=$(../mvnw help:evaluate -Dexpression=project.version -q -DforceStdout)
version=$(./mvnw help:evaluate -Dexpression=project.version -q -DforceStdout)
echo "release=$version" >> $GITHUB_OUTPUT
echo "releasenumber=${version//[!0-9]/}" >> $GITHUB_OUTPUT
working-directory: ${{ env.PRIMARY_MAVEN_MODULE }}
- name: Commit and Push
run: |
Expand All @@ -88,7 +85,7 @@ jobs:
git push origin --tags
- name: Create Release
id: create_release
id: create-release
uses: shogo82148/actions-create-release@v1
with:
tag_name: v${{ steps.version.outputs.release }}
Expand All @@ -99,15 +96,39 @@ jobs:
See [Changelog#v${{ steps.version.outputs.release }}](https://github.com/${{ github.repository }}/blob/develop/CHANGELOG.md#${{ steps.version.outputs.releasenumber }}) for more information.
## Installation
### Client
Add the following lines to your pom:
```XML
<dependency>
<groupId>software.xdev.mockserver</groupId>
<artifactId>client</artifactId>
<version>${{ steps.version.outputs.release }}</version>
</dependency>
```
### Testcontainers Integration
Add the following lines to your pom:
```XML
<dependency>
<groupId>software.xdev</groupId>
<artifactId>${{ env.PRIMARY_MAVEN_MODULE }}</artifactId>
<groupId>software.xdev.mockserver</groupId>
<artifactId>testcontainers</artifactId>
<version>${{ steps.version.outputs.release }}</version>
</dependency>
```
### Standalone/Server
#### Docker
Download the image from
* [DockerHub](https://hub.docker.com/r/xdevsoftware/mockserver/tags?name=${{ steps.version.outputs.release }})
* [GitHub Packages (ghcr.io)](https://github.com/xdev-software/mockserver-neolight/pkgs/container/mockserver-neolight)
#### JAR
If you don't like to use the docker image, the executable jar is also available
* at [Maven Central](https://repo1.maven.org/maven2/software/xdev/mockserver/server/${{ steps.version.outputs.release }}/server-${{ steps.version.outputs.release }}-standalone.jar)
* or in the release assets below
publish-maven:
runs-on: ubuntu-latest
needs: [prepare-release]
Expand All @@ -133,16 +154,99 @@ jobs:
gpg-private-key: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }}

- name: Publish to Apache Maven Central
run: ../mvnw -B deploy -Possrh -DskipTests
run: ./mvnw -B deploy -pl "client,server,testcontainers" -am -Possrh -DskipTests
env:
MAVEN_CENTRAL_USERNAME: ${{ secrets.S01_OSS_SONATYPE_MAVEN_USERNAME }}
MAVEN_CENTRAL_TOKEN: ${{ secrets.S01_OSS_SONATYPE_MAVEN_TOKEN }}
MAVEN_GPG_PASSPHRASE: ${{ secrets.MAVEN_GPG_PASSPHRASE }}
working-directory: ${{ env.PRIMARY_MAVEN_MODULE }}

- name: Upload server standalone JAR
uses: actions/upload-artifact@v4
with:
name: server-standalone
path: server/target/server-standalone.jar
if-no-files-found: error

- name: Upload Release assets
uses: shogo82148/actions-upload-release-asset@v1
with:
upload_url: ${{ needs.prepare-release.outputs.upload_url }}
asset_path: server/target/server-standalone.jar

publish-docker:
runs-on: ubuntu-latest
needs: [prepare-release, publish-maven]
timeout-minutes: 15
permissions:
packages: write
contents: read
attestations: write
id-token: write
steps:
- uses: actions/checkout@v4

- name: Init Git and pull
run: |
git config --global user.email "[email protected]"
git config --global user.name "GitHub Actions"
git pull
- name: Download server JAR
uses: actions/download-artifact@v4
with:
name: server-standalone
path: server/target

- uses: docker/setup-qemu-action@v3

- uses: docker/setup-buildx-action@v3

- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}

- name: Login to ghcr.io
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: |
${{ secrets.DOCKERHUB_USERNAME }}/mockserver
ghcr.io/${{ github.repository }}
tags: |
type=semver,pattern={{version}},value=${{ needs.prepare-release.outputs.version }}
type=semver,pattern={{major}}.{{minor}},value=${{ needs.prepare-release.outputs.version }}
type=semver,pattern={{major}},value=${{ needs.prepare-release.outputs.version }}
latest
- uses: docker/build-push-action@v6
id: push
with:
context: ./server
push: true
platforms: linux/amd64,linux/arm64
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
outputs: type=image,compression=zstd,force-compression=true

- name: Generate artifact attestation (ghcr.io)
uses: actions/attest-build-provenance@v1
with:
subject-name: ghcr.io/${{ github.repository }}
subject-digest: ${{ steps.push.outputs.digest }}
push-to-registry: true

publish-pages:
runs-on: ubuntu-latest
needs: [prepare-release]
needs: [publish-maven]
timeout-minutes: 15
steps:
- uses: actions/checkout@v4
Expand All @@ -161,18 +265,26 @@ jobs:
cache: 'maven'

- name: Build site
run: ../mvnw -B compile site -DskipTests -T2C
working-directory: ${{ env.PRIMARY_MAVEN_MODULE }}
run: ./mvnw -B compile site -DskipTests -T2C

- name: Aggregate site
run: |
modules=($(grep -ozP '(?<=module>)[^<]+' 'pom.xml' | tr -d '\0'))
for m in "${modules[@]}"
do
echo "$m/target/site -> ./target/site/$m"
cp -r $m/target/site ./target/site/$m
done
- name: Deploy to Github pages
uses: peaceiris/actions-gh-pages@v4
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
publish_dir: ./${{ env.PRIMARY_MAVEN_MODULE }}/target/site
publish_dir: ./target/site

after-release:
runs-on: ubuntu-latest
needs: [publish-maven]
needs: [publish-maven, publish-docker]
timeout-minutes: 10
steps:
- uses: actions/checkout@v4
Expand Down
Loading

0 comments on commit b734c09

Please sign in to comment.