diff --git a/.github/workflows/ci-dependency-check.yml b/.github/workflows/ci-dependency-check.yml
index 4f236e6..640a600 100644
--- a/.github/workflows/ci-dependency-check.yml
+++ b/.github/workflows/ci-dependency-check.yml
@@ -4,39 +4,39 @@ on:
- cron: '0 1 * * 0' # Each Sunday at 01:00 UTC
pull_request:
types:
- - opened
- - synchronize
- - reopened
+ - opened
+ - synchronize
+ - reopened
jobs:
build:
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
steps:
- - uses: actions/setup-java@v2
- with:
- java-version: 11
- distribution: adopt
- - uses: actions/checkout@v2
- with:
- fetch-depth: 0
- - uses: actions/cache@v2
- with:
- path: |
- ~/.m2/repository
- key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
- - name: version
- run: |-
- APP_SHA=$(git rev-parse --short ${GITHUB_SHA})
- APP_LATEST_REV=$(git rev-list --tags --max-count=1)
- APP_LATEST_TAG=$(git describe --tags ${APP_LATEST_REV} 2> /dev/null || echo 0.0.0)
- echo "APP_VERSION=${APP_LATEST_TAG}-${APP_SHA}" >> ${GITHUB_ENV}
- - name: mvn
- run: |-
- mvn dependency-check:check \
- --batch-mode \
- --file ./pom.xml \
- --settings ./settings.xml \
- --define app.packages.username="${APP_PACKAGES_USERNAME}" \
- --define app.packages.password="${APP_PACKAGES_PASSWORD}" \
- env:
- APP_PACKAGES_USERNAME: ${{ github.actor }}
- APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
+ - uses: actions/setup-java@v2
+ with:
+ java-version: 17
+ distribution: adopt
+ - uses: actions/checkout@v2
+ with:
+ fetch-depth: 0
+ - uses: actions/cache@v2
+ with:
+ path: |
+ ~/.m2/repository
+ key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
+ - name: version
+ run: |-
+ APP_SHA=$(git rev-parse --short ${GITHUB_SHA})
+ APP_LATEST_REV=$(git rev-list --tags --max-count=1)
+ APP_LATEST_TAG=$(git describe --tags ${APP_LATEST_REV} 2> /dev/null || echo 0.0.0)
+ echo "APP_VERSION=${APP_LATEST_TAG}-${APP_SHA}" >> ${GITHUB_ENV}
+ - name: mvn
+ run: |-
+ mvn dependency-check:check \
+ --batch-mode \
+ --file ./pom.xml \
+ --settings ./settings.xml \
+ --define app.packages.username="${APP_PACKAGES_USERNAME}" \
+ --define app.packages.password="${APP_PACKAGES_PASSWORD}" \
+ env:
+ APP_PACKAGES_USERNAME: ${{ github.actor }}
+ APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/ci-deploy.yml b/.github/workflows/ci-deploy.yml
index afc2735..3a80e02 100644
--- a/.github/workflows/ci-deploy.yml
+++ b/.github/workflows/ci-deploy.yml
@@ -7,31 +7,31 @@ on:
description: Version to deploy
jobs:
deploy:
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
environment: dev
env:
APP_VERSION: ${{ github.event.inputs.version }}
steps:
- - name: cf setup
- run: |-
- curl -sL "https://packages.cloudfoundry.org/stable?release=${CF_RELEASE}&version=${CF_VERSION}" | \
- sudo tar -zx -C /usr/local/bin
- env:
- CF_VERSION: 7.2.0
- CF_RELEASE: linux64-binary
- - name: cf push
- run: |-
- cf api ${CF_API}
- cf auth
- cf target -o ${CF_ORG} -s ${CF_SPACE}
- cf push ${APP_NAME} --docker-image ${APP_IMAGE}:${APP_VERSION} --docker-username ${CF_DOCKER_USERNAME}
- env:
- APP_NAME: dgca-businessrule-service-eu-test
- APP_IMAGE: docker.pkg.github.com/${{ github.repository }}/dgca-businessrule-service
- CF_API: ${{ secrets.CF_API }}
- CF_ORG: ${{ secrets.CF_ORG }}
- CF_SPACE: ${{ secrets.CF_SPACE }}
- CF_USERNAME: ${{ secrets.CF_USERNAME }}
- CF_PASSWORD: ${{ secrets.CF_PASSWORD }}
- CF_DOCKER_USERNAME: ${{ secrets.CF_DOCKER_USERNAME }}
- CF_DOCKER_PASSWORD: ${{ secrets.CF_DOCKER_PASSWORD }}
+ - name: cf setup
+ run: |-
+ curl -sL "https://packages.cloudfoundry.org/stable?release=${CF_RELEASE}&version=${CF_VERSION}" | \
+ sudo tar -zx -C /usr/local/bin
+ env:
+ CF_VERSION: 7.2.0
+ CF_RELEASE: linux64-binary
+ - name: cf push
+ run: |-
+ cf api ${CF_API}
+ cf auth
+ cf target -o ${CF_ORG} -s ${CF_SPACE}
+ cf push ${APP_NAME} --docker-image ${APP_IMAGE}:${APP_VERSION} --docker-username ${CF_DOCKER_USERNAME}
+ env:
+ APP_NAME: dgca-businessrule-service-eu-test
+ APP_IMAGE: docker.pkg.github.com/${{ github.repository }}/dgca-businessrule-service
+ CF_API: ${{ secrets.CF_API }}
+ CF_ORG: ${{ secrets.CF_ORG }}
+ CF_SPACE: ${{ secrets.CF_SPACE }}
+ CF_USERNAME: ${{ secrets.CF_USERNAME }}
+ CF_PASSWORD: ${{ secrets.CF_PASSWORD }}
+ CF_DOCKER_USERNAME: ${{ secrets.CF_DOCKER_USERNAME }}
+ CF_DOCKER_PASSWORD: ${{ secrets.CF_DOCKER_PASSWORD }}
diff --git a/.github/workflows/ci-main.yml b/.github/workflows/ci-main.yml
index ba2bbde..fe30ac7 100644
--- a/.github/workflows/ci-main.yml
+++ b/.github/workflows/ci-main.yml
@@ -2,55 +2,55 @@ name: ci-main
on:
push:
branches:
- - main
+ - main
jobs:
build:
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
steps:
- - uses: actions/setup-java@v2
- with:
- java-version: 11
- distribution: adopt
- - uses: actions/checkout@v2
- with:
- fetch-depth: 0
- - uses: actions/cache@v2
- with:
- path: |
- ~/.m2/repository
- key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
- - name: version
- run: |-
- APP_SHA=$(git rev-parse --short ${GITHUB_SHA})
- APP_LATEST_REV=$(git rev-list --tags --max-count=1)
- APP_LATEST_TAG=$(git describe --tags ${APP_LATEST_REV} 2> /dev/null || echo 0.0.0)
- echo "APP_VERSION=${APP_LATEST_TAG}-${APP_SHA}" >> ${GITHUB_ENV}
- - name: mvn
- run: |-
- mvn versions:set \
- --batch-mode \
- --file ./pom.xml \
- --settings ./settings.xml \
- --define newVersion="${APP_VERSION}"
- mvn clean verify \
- --batch-mode \
- --file ./pom.xml \
- --settings ./settings.xml \
- --define app.packages.username="${APP_PACKAGES_USERNAME}" \
- --define app.packages.password="${APP_PACKAGES_PASSWORD}"
- env:
- APP_PACKAGES_USERNAME: ${{ github.actor }}
- APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
- - name: docker
- run: |-
- echo "${APP_PACKAGES_PASSWORD}" | docker login "${APP_PACKAGES_URL}" \
- --username "${APP_PACKAGES_USERNAME}" \
- --password-stdin
- docker build . \
- --file ./Dockerfile \
- --tag "${APP_PACKAGES_URL}:${APP_VERSION}"
- docker push "${APP_PACKAGES_URL}:${APP_VERSION}"
- env:
- APP_PACKAGES_URL: docker.pkg.github.com/${{ github.repository }}/dgca-businessrule-service
- APP_PACKAGES_USERNAME: ${{ github.actor }}
- APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
+ - uses: actions/setup-java@v2
+ with:
+ java-version: 11
+ distribution: adopt
+ - uses: actions/checkout@v2
+ with:
+ fetch-depth: 0
+ - uses: actions/cache@v2
+ with:
+ path: |
+ ~/.m2/repository
+ key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
+ - name: version
+ run: |-
+ APP_SHA=$(git rev-parse --short ${GITHUB_SHA})
+ APP_LATEST_REV=$(git rev-list --tags --max-count=1)
+ APP_LATEST_TAG=$(git describe --tags ${APP_LATEST_REV} 2> /dev/null || echo 0.0.0)
+ echo "APP_VERSION=${APP_LATEST_TAG}-${APP_SHA}" >> ${GITHUB_ENV}
+ - name: mvn
+ run: |-
+ mvn versions:set \
+ --batch-mode \
+ --file ./pom.xml \
+ --settings ./settings.xml \
+ --define newVersion="${APP_VERSION}"
+ mvn clean verify \
+ --batch-mode \
+ --file ./pom.xml \
+ --settings ./settings.xml \
+ --define app.packages.username="${APP_PACKAGES_USERNAME}" \
+ --define app.packages.password="${APP_PACKAGES_PASSWORD}"
+ env:
+ APP_PACKAGES_USERNAME: ${{ github.actor }}
+ APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
+ - name: docker
+ run: |-
+ echo "${APP_PACKAGES_PASSWORD}" | docker login "${APP_PACKAGES_URL}" \
+ --username "${APP_PACKAGES_USERNAME}" \
+ --password-stdin
+ docker build . \
+ --file ./Dockerfile \
+ --tag "${APP_PACKAGES_URL}:${APP_VERSION}"
+ docker push "${APP_PACKAGES_URL}:${APP_VERSION}"
+ env:
+ APP_PACKAGES_URL: docker.pkg.github.com/${{ github.repository }}/dgca-businessrule-service
+ APP_PACKAGES_USERNAME: ${{ github.actor }}
+ APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/ci-openapi.yml b/.github/workflows/ci-openapi.yml
index af39673..ef64dd0 100644
--- a/.github/workflows/ci-openapi.yml
+++ b/.github/workflows/ci-openapi.yml
@@ -6,11 +6,11 @@ on:
- created
jobs:
release:
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
steps:
- uses: actions/setup-java@v2
with:
- java-version: 11
+ java-version: 17
distribution: adopt
- uses: actions/checkout@v2
with:
diff --git a/.github/workflows/ci-pull-request.yml b/.github/workflows/ci-pull-request.yml
index 980c831..6604214 100644
--- a/.github/workflows/ci-pull-request.yml
+++ b/.github/workflows/ci-pull-request.yml
@@ -2,37 +2,37 @@ name: ci-pull-request
on:
pull_request:
types:
- - opened
- - synchronize
- - reopened
+ - opened
+ - synchronize
+ - reopened
jobs:
build:
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
steps:
- - uses: actions/setup-java@v2
- with:
- java-version: 11
- distribution: adopt
- - uses: actions/checkout@v2
- with:
- fetch-depth: 0
- - uses: actions/cache@v2
- with:
- path: |
- ~/.m2/repository
- key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
- - name: mvn
- run: |-
- mvn clean package \
- --batch-mode \
- --file ./pom.xml \
- --settings ./settings.xml \
- --define app.packages.username="${APP_PACKAGES_USERNAME}" \
- --define app.packages.password="${APP_PACKAGES_PASSWORD}"
- env:
- APP_PACKAGES_USERNAME: ${{ github.actor }}
- APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
- - name: docker
- run: |-
- docker build . \
- --file ./Dockerfile
+ - uses: actions/setup-java@v2
+ with:
+ java-version: 17
+ distribution: adopt
+ - uses: actions/checkout@v2
+ with:
+ fetch-depth: 0
+ - uses: actions/cache@v2
+ with:
+ path: |
+ ~/.m2/repository
+ key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
+ - name: mvn
+ run: |-
+ mvn clean package \
+ --batch-mode \
+ --file ./pom.xml \
+ --settings ./settings.xml \
+ --define app.packages.username="${APP_PACKAGES_USERNAME}" \
+ --define app.packages.password="${APP_PACKAGES_PASSWORD}"
+ env:
+ APP_PACKAGES_USERNAME: ${{ github.actor }}
+ APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
+ - name: docker
+ run: |-
+ docker build . \
+ --file ./Dockerfile
diff --git a/.github/workflows/ci-release-notes.yml b/.github/workflows/ci-release-notes.yml
index c2de5b9..2b391a7 100644
--- a/.github/workflows/ci-release-notes.yml
+++ b/.github/workflows/ci-release-notes.yml
@@ -2,18 +2,18 @@ name: ci-release-notes
on:
release:
types:
- - created
+ - created
jobs:
release-notes:
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
env:
APP_VERSION: ${{ github.event.release.tag_name }}
steps:
- - uses: actions/checkout@v2
- with:
- fetch-depth: 0
- - name: release-notes
- run: npx github-release-notes release --override --tags ${APP_VERSION}
- env:
- GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- GREN_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ - uses: actions/checkout@v2
+ with:
+ fetch-depth: 0
+ - name: release-notes
+ run: npx github-release-notes release --override --tags ${APP_VERSION}
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ GREN_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml
index 3f0258e..c13d243 100644
--- a/.github/workflows/ci-release.yml
+++ b/.github/workflows/ci-release.yml
@@ -3,92 +3,92 @@ on:
workflow_dispatch:
release:
types:
- - created
+ - created
jobs:
build:
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
env:
APP_VERSION: ${{ github.event.release.tag_name }}
steps:
- - uses: actions/setup-java@v2
- with:
- java-version: 11
- distribution: adopt
- - uses: actions/checkout@v2
- with:
- fetch-depth: 0
- - uses: actions/cache@v2
- with:
- path: |
- ~/.m2/repository
- key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
- - name: mvn
- run: |-
- mvn versions:set \
- --batch-mode \
- --file ./pom.xml \
- --settings ./settings.xml \
- --define newVersion="${APP_VERSION}"
- mvn clean deploy \
- --batch-mode \
- --file ./pom.xml \
- --settings ./settings.xml \
- --define app.packages.username="${APP_PACKAGES_USERNAME}" \
- --define app.packages.password="${APP_PACKAGES_PASSWORD}"
- env:
- APP_PACKAGES_USERNAME: ${{ github.actor }}
- APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
- - name: docker
- run: |-
- echo "${APP_PACKAGES_PASSWORD}" | docker login "${APP_PACKAGES_URL}" \
- --username "${APP_PACKAGES_USERNAME}" \
- --password-stdin
- docker build . \
- --file ./Dockerfile \
- --tag "${APP_PACKAGES_URL}:latest" \
- --tag "${APP_PACKAGES_URL}:${APP_VERSION}"
- docker push "${APP_PACKAGES_URL}:latest"
- docker push "${APP_PACKAGES_URL}:${APP_VERSION}"
- env:
- APP_PACKAGES_URL: docker.pkg.github.com/${{ github.repository }}/dgca-businessrule-service
- APP_PACKAGES_USERNAME: ${{ github.actor }}
- APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
- - name: assets
- run: |-
- gh release upload ${APP_VERSION} \
- --clobber \
- ./target/openapi.json#openapi-${APP_VERSION}.json \
- ./target/generated-resources/licenses.xml#licenses-${APP_VERSION}.xml
- env:
- GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ - uses: actions/setup-java@v2
+ with:
+ java-version: 17
+ distribution: adopt
+ - uses: actions/checkout@v2
+ with:
+ fetch-depth: 0
+ - uses: actions/cache@v2
+ with:
+ path: |
+ ~/.m2/repository
+ key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
+ - name: mvn
+ run: |-
+ mvn versions:set \
+ --batch-mode \
+ --file ./pom.xml \
+ --settings ./settings.xml \
+ --define newVersion="${APP_VERSION}"
+ mvn clean deploy \
+ --batch-mode \
+ --file ./pom.xml \
+ --settings ./settings.xml \
+ --define app.packages.username="${APP_PACKAGES_USERNAME}" \
+ --define app.packages.password="${APP_PACKAGES_PASSWORD}"
+ env:
+ APP_PACKAGES_USERNAME: ${{ github.actor }}
+ APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
+ - name: docker
+ run: |-
+ echo "${APP_PACKAGES_PASSWORD}" | docker login "${APP_PACKAGES_URL}" \
+ --username "${APP_PACKAGES_USERNAME}" \
+ --password-stdin
+ docker build . \
+ --file ./Dockerfile \
+ --tag "${APP_PACKAGES_URL}:latest" \
+ --tag "${APP_PACKAGES_URL}:${APP_VERSION}"
+ docker push "${APP_PACKAGES_URL}:latest"
+ docker push "${APP_PACKAGES_URL}:${APP_VERSION}"
+ env:
+ APP_PACKAGES_URL: docker.pkg.github.com/${{ github.repository }}/dgca-businessrule-service
+ APP_PACKAGES_USERNAME: ${{ github.actor }}
+ APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
+ - name: assets
+ run: |-
+ gh release upload ${APP_VERSION} \
+ --clobber \
+ ./target/openapi.json#openapi-${APP_VERSION}.json \
+ ./target/generated-resources/licenses.xml#licenses-${APP_VERSION}.xml
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
deploy:
runs-on: ubuntu-20.04
environment: dev
needs:
- - build
+ - build
env:
APP_VERSION: ${{ github.event.release.tag_name }}
steps:
- - name: cf setup
- run: |-
- curl -sL "https://packages.cloudfoundry.org/stable?release=${CF_RELEASE}&version=${CF_VERSION}" | \
- sudo tar -zx -C /usr/local/bin
- env:
- CF_VERSION: 7.2.0
- CF_RELEASE: linux64-binary
- - name: cf push
- run: |-
- cf api ${CF_API}
- cf auth
- cf target -o ${CF_ORG} -s ${CF_SPACE}
- cf push ${APP_NAME} --docker-image ${APP_IMAGE}:${APP_VERSION} --docker-username ${CF_DOCKER_USERNAME}
- env:
- APP_NAME: dgca-businessrule-service
- APP_IMAGE: docker.pkg.github.com/${{ github.repository }}/dgca-businessrule-service
- CF_API: ${{ secrets.CF_API }}
- CF_ORG: ${{ secrets.CF_ORG }}
- CF_SPACE: ${{ secrets.CF_SPACE }}
- CF_USERNAME: ${{ secrets.CF_USERNAME }}
- CF_PASSWORD: ${{ secrets.CF_PASSWORD }}
- CF_DOCKER_USERNAME: ${{ secrets.CF_DOCKER_USERNAME }}
- CF_DOCKER_PASSWORD: ${{ secrets.CF_DOCKER_PASSWORD }}
+ - name: cf setup
+ run: |-
+ curl -sL "https://packages.cloudfoundry.org/stable?release=${CF_RELEASE}&version=${CF_VERSION}" | \
+ sudo tar -zx -C /usr/local/bin
+ env:
+ CF_VERSION: 7.2.0
+ CF_RELEASE: linux64-binary
+ - name: cf push
+ run: |-
+ cf api ${CF_API}
+ cf auth
+ cf target -o ${CF_ORG} -s ${CF_SPACE}
+ cf push ${APP_NAME} --docker-image ${APP_IMAGE}:${APP_VERSION} --docker-username ${CF_DOCKER_USERNAME}
+ env:
+ APP_NAME: dgca-businessrule-service
+ APP_IMAGE: docker.pkg.github.com/${{ github.repository }}/dgca-businessrule-service
+ CF_API: ${{ secrets.CF_API }}
+ CF_ORG: ${{ secrets.CF_ORG }}
+ CF_SPACE: ${{ secrets.CF_SPACE }}
+ CF_USERNAME: ${{ secrets.CF_USERNAME }}
+ CF_PASSWORD: ${{ secrets.CF_PASSWORD }}
+ CF_DOCKER_USERNAME: ${{ secrets.CF_DOCKER_USERNAME }}
+ CF_DOCKER_PASSWORD: ${{ secrets.CF_DOCKER_PASSWORD }}
diff --git a/.github/workflows/ci-sonar.yml b/.github/workflows/ci-sonar.yml
index f278a1e..be6e0bc 100644
--- a/.github/workflows/ci-sonar.yml
+++ b/.github/workflows/ci-sonar.yml
@@ -2,38 +2,38 @@ name: ci-sonar
on:
push:
branches:
- - main
+ - main
pull_request:
types:
- - opened
- - synchronize
- - reopened
+ - opened
+ - synchronize
+ - reopened
jobs:
sonar:
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
steps:
- - uses: actions/setup-java@v2
- with:
- java-version: 11
- distribution: adopt
- - uses: actions/checkout@v2
- with:
- fetch-depth: 0
- - uses: actions/cache@v2
- with:
- path: |
- ~/.m2/repository
- key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
- - name: mvn
- run: |-
- mvn verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar \
- --batch-mode \
- --file ./pom.xml \
- --settings ./settings.xml \
- --define app.packages.username="${APP_PACKAGES_USERNAME}" \
- --define app.packages.password="${APP_PACKAGES_PASSWORD}"
- env:
- SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
- GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- APP_PACKAGES_USERNAME: ${{ github.actor }}
- APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
+ - uses: actions/setup-java@v2
+ with:
+ java-version: 17
+ distribution: adopt
+ - uses: actions/checkout@v2
+ with:
+ fetch-depth: 0
+ - uses: actions/cache@v2
+ with:
+ path: |
+ ~/.m2/repository
+ key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
+ - name: mvn
+ run: |-
+ mvn verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar \
+ --batch-mode \
+ --file ./pom.xml \
+ --settings ./settings.xml \
+ --define app.packages.username="${APP_PACKAGES_USERNAME}" \
+ --define app.packages.password="${APP_PACKAGES_PASSWORD}"
+ env:
+ SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ APP_PACKAGES_USERNAME: ${{ github.actor }}
+ APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.gitignore b/.gitignore
index 5e92f88..8e632cc 100644
--- a/.gitignore
+++ b/.gitignore
@@ -46,3 +46,4 @@ build/
.DS_STORE
.settings.xml
+pom.xml.versionsBackup
diff --git a/owasp/suppressions.xml b/owasp/suppressions.xml
index a900841..ee7ca5e 100644
--- a/owasp/suppressions.xml
+++ b/owasp/suppressions.xml
@@ -28,4 +28,14 @@
CVE-2021-22118
+
+ False positive, Dependency Updated but still matches for fixed version
+ CVE-2022-45688
+
+
+ H2 is only used for Unit Testing. Version 2.x includes major breaking changes.
+ CVE-2021-23463
+ CVE-2018-14335
+ CVE-2022-45868
+
diff --git a/pom.xml b/pom.xml
index d88ed61..9368008 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1,13 +1,14 @@
-
+
4.0.0
org.springframework.boot
spring-boot-starter-parent
- 2.6.7
-
+ 3.0.7
+
+
@@ -24,35 +25,31 @@
- 11
- 11
- 11
+ 17
+ 17
+ 17
UTF-8
UTF-8
- 6.5.3
- 2.6.7
- 5.3.19
- 5.6.2
- 1.18.22
- 4.10.0
- 1.6.0
- 5.8.2
- 1.4.2.Final
- 4.1.0
+ 8.3.1
+ 1.18.28
+ 4.22.0
+ 2.1.0
+ 1.5.5.Final
1.70
- 4.9.1
- 4.30.0
- 1.1.13
- 2.0.206
- 1.7.32
+ 5.0.0-alpha.11
+ 5.4.0
+ 2.0.2
+ 2.1.214
+ 4.16.0
+ 3.7.0
- 3.1.2
- 3.9.0.2155
- 0.8.7
+ 3.3.0
+ 3.9.1.2184
+ 0.8.10
1.7.0
- 3.0.0-M5
+ 3.1.2
EU Digital COVID Certificate Business Rule Service / dgca-businessrule-service
2021
@@ -99,41 +96,19 @@
-
-
-
- org.springframework.boot
- spring-boot-dependencies
- ${spring.boot.version}
- pom
- import
-
-
- org.projectlombok
- lombok
- ${lombok.version}
-
-
- org.springdoc
- springdoc-openapi-ui
- ${springdoc.version}
-
-
- org.liquibase
- liquibase-core
- ${liquibase.version}
-
-
- com.sap.cloud.sdk
- sdk-bom
- 3.43.0
- pom
- import
-
-
-
-
+
+
+ com.google.guava
+ guava
+ 32.0.1-jre
+
+
+ org.yaml
+ snakeyaml
+ 2.0
+
+
eu.europa.ec.dgc
dgc-lib
@@ -159,45 +134,18 @@
org.springframework.boot
spring-boot-starter-actuator
-
- org.springframework.boot
- spring-boot-test
- test
-
-
- io.micrometer
- micrometer-core
-
-
- io.micrometer
- micrometer-registry-prometheus
-
org.liquibase
liquibase-core
-
- org.junit.jupiter
- junit-jupiter-api
- ${junit.jupiter.version}
- test
-
+
org.springframework.boot
spring-boot-starter-test
test
-
- org.junit.vintage
- junit-vintage-engine
- 5.7.0
-
-
- org.springframework
- spring-test
- ${spring.test.version}
- test
-
+
+
org.projectlombok
lombok
@@ -205,13 +153,12 @@
org.springdoc
- springdoc-openapi-ui
+ springdoc-openapi-starter-webmvc-ui
${springdoc.version}
com.h2database
h2
- ${h2.version}
runtime
@@ -224,17 +171,8 @@
mapstruct
${mapstruct.version}
-
- org.mockito
- mockito-core
- ${mockito.version}
- test
-
-
- org.springframework.security
- spring-security-web
- ${spring.security.version}
-
+
+
com.squareup.okhttp3
okhttp
@@ -254,26 +192,22 @@
io.pivotal.cfenv
java-cfenv-boot
- 2.3.0
-
-
- org.springframework.boot
- spring-boot
-
-
+ 2.4.1
com.sap.cloud.sdk.cloudplatform
scp-cf
+ 3.75.0
com.sap.hcp.cf.logging
cf-java-logging-support-logback
+ 3.6.2
com.nimbusds
nimbus-jose-jwt
- 9.9.2
+ 9.31
org.springframework.boot
@@ -284,11 +218,6 @@
-
- org.springframework.boot
- spring-boot-maven-plugin
- ${spring.boot.version}
-
org.apache.maven.plugins
maven-checkstyle-plugin
@@ -343,10 +272,6 @@
true
-
- org.apache.maven.plugins
- maven-surefire-plugin
-
org.springframework.boot
spring-boot-maven-plugin
@@ -365,7 +290,6 @@
./codestyle/checkstyle.xml
./target/**/*
- UTF-8
true
true
warning
diff --git a/src/main/java/eu/europa/ec/dgc/businessrule/DgcBusinessRuleServiceApplication.java b/src/main/java/eu/europa/ec/dgc/businessrule/DgcBusinessRuleServiceApplication.java
index 4025203..c7cb612 100644
--- a/src/main/java/eu/europa/ec/dgc/businessrule/DgcBusinessRuleServiceApplication.java
+++ b/src/main/java/eu/europa/ec/dgc/businessrule/DgcBusinessRuleServiceApplication.java
@@ -28,6 +28,7 @@
import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;
import org.springframework.cache.annotation.EnableCaching;
+
/**
* The Application class.
*/
diff --git a/src/main/java/eu/europa/ec/dgc/businessrule/config/ErrorHandler.java b/src/main/java/eu/europa/ec/dgc/businessrule/config/ErrorHandler.java
index 0fd7dab..2b5f126 100644
--- a/src/main/java/eu/europa/ec/dgc/businessrule/config/ErrorHandler.java
+++ b/src/main/java/eu/europa/ec/dgc/businessrule/config/ErrorHandler.java
@@ -30,7 +30,6 @@
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.bind.annotation.ExceptionHandler;
-import org.springframework.web.server.ResponseStatusException;
import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler;
@ControllerAdvice
@@ -48,10 +47,9 @@ public class ErrorHandler extends ResponseEntityExceptionHandler {
*/
@ExceptionHandler(Exception.class)
public ResponseEntity handleException(Exception e) {
- if (e instanceof ResponseStatusException) {
- DgcaBusinessRulesResponseException de = (DgcaBusinessRulesResponseException) e;
+ if (e instanceof DgcaBusinessRulesResponseException de) {
return ResponseEntity
- .status(((ResponseStatusException) e).getStatus())
+ .status(de.getStatus().value())
.contentType(MediaType.APPLICATION_JSON)
.body(new ProblemReportDto(de.getCode(), de.getProblem(), de.getSentValues(), de.getDetails()));
} else {
diff --git a/src/main/java/eu/europa/ec/dgc/businessrule/config/WebSecurityConfig.java b/src/main/java/eu/europa/ec/dgc/businessrule/config/WebSecurityConfig.java
index a29a6a8..8e2060e 100644
--- a/src/main/java/eu/europa/ec/dgc/businessrule/config/WebSecurityConfig.java
+++ b/src/main/java/eu/europa/ec/dgc/businessrule/config/WebSecurityConfig.java
@@ -1,15 +1,21 @@
package eu.europa.ec.dgc.businessrule.config;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.web.SecurityFilterChain;
-@EnableWebSecurity
-public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+@Configuration
+public class WebSecurityConfig {
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http.cors().and().csrf().disable();
+ /**
+ * Disable csrf and cors.
+ */
+ @Bean
+ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+ http.csrf().disable();
+ http.cors().disable();
+ return http.build();
}
}
\ No newline at end of file
diff --git a/src/main/java/eu/europa/ec/dgc/businessrule/entity/BusinessRuleEntity.java b/src/main/java/eu/europa/ec/dgc/businessrule/entity/BusinessRuleEntity.java
index 1879119..2d508d8 100644
--- a/src/main/java/eu/europa/ec/dgc/businessrule/entity/BusinessRuleEntity.java
+++ b/src/main/java/eu/europa/ec/dgc/businessrule/entity/BusinessRuleEntity.java
@@ -20,11 +20,11 @@
package eu.europa.ec.dgc.businessrule.entity;
-import javax.persistence.Column;
-import javax.persistence.Entity;
-import javax.persistence.Id;
-import javax.persistence.Lob;
-import javax.persistence.Table;
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.Id;
+import jakarta.persistence.Lob;
+import jakarta.persistence.Table;
import lombok.AllArgsConstructor;
import lombok.Getter;
import lombok.NoArgsConstructor;
diff --git a/src/main/java/eu/europa/ec/dgc/businessrule/entity/CountryListEntity.java b/src/main/java/eu/europa/ec/dgc/businessrule/entity/CountryListEntity.java
index a7cca00..fbfac02 100644
--- a/src/main/java/eu/europa/ec/dgc/businessrule/entity/CountryListEntity.java
+++ b/src/main/java/eu/europa/ec/dgc/businessrule/entity/CountryListEntity.java
@@ -20,11 +20,11 @@
package eu.europa.ec.dgc.businessrule.entity;
-import javax.persistence.Column;
-import javax.persistence.Entity;
-import javax.persistence.Id;
-import javax.persistence.Lob;
-import javax.persistence.Table;
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.Id;
+import jakarta.persistence.Lob;
+import jakarta.persistence.Table;
import lombok.AllArgsConstructor;
import lombok.Getter;
import lombok.NoArgsConstructor;
diff --git a/src/main/java/eu/europa/ec/dgc/businessrule/entity/ShedlockEntity.java b/src/main/java/eu/europa/ec/dgc/businessrule/entity/ShedlockEntity.java
index 750af02..418c404 100644
--- a/src/main/java/eu/europa/ec/dgc/businessrule/entity/ShedlockEntity.java
+++ b/src/main/java/eu/europa/ec/dgc/businessrule/entity/ShedlockEntity.java
@@ -20,13 +20,13 @@
package eu.europa.ec.dgc.businessrule.entity;
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.GenerationType;
+import jakarta.persistence.Id;
+import jakarta.persistence.Table;
import java.util.Date;
-import javax.persistence.Column;
-import javax.persistence.Entity;
-import javax.persistence.GeneratedValue;
-import javax.persistence.GenerationType;
-import javax.persistence.Id;
-import javax.persistence.Table;
@Entity
@Table(name = "shedlock_br")
diff --git a/src/main/java/eu/europa/ec/dgc/businessrule/entity/SignedListEntity.java b/src/main/java/eu/europa/ec/dgc/businessrule/entity/SignedListEntity.java
index 28922ca..38bd811 100644
--- a/src/main/java/eu/europa/ec/dgc/businessrule/entity/SignedListEntity.java
+++ b/src/main/java/eu/europa/ec/dgc/businessrule/entity/SignedListEntity.java
@@ -1,12 +1,12 @@
package eu.europa.ec.dgc.businessrule.entity;
-import javax.persistence.Column;
-import javax.persistence.Entity;
-import javax.persistence.EnumType;
-import javax.persistence.Enumerated;
-import javax.persistence.Id;
-import javax.persistence.Lob;
-import javax.persistence.Table;
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.EnumType;
+import jakarta.persistence.Enumerated;
+import jakarta.persistence.Id;
+import jakarta.persistence.Lob;
+import jakarta.persistence.Table;
import lombok.AllArgsConstructor;
import lombok.Getter;
import lombok.NoArgsConstructor;
diff --git a/src/main/java/eu/europa/ec/dgc/businessrule/entity/ValueSetEntity.java b/src/main/java/eu/europa/ec/dgc/businessrule/entity/ValueSetEntity.java
index 2193ee6..195a593 100644
--- a/src/main/java/eu/europa/ec/dgc/businessrule/entity/ValueSetEntity.java
+++ b/src/main/java/eu/europa/ec/dgc/businessrule/entity/ValueSetEntity.java
@@ -20,11 +20,11 @@
package eu.europa.ec.dgc.businessrule.entity;
-import javax.persistence.Column;
-import javax.persistence.Entity;
-import javax.persistence.Id;
-import javax.persistence.Lob;
-import javax.persistence.Table;
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.Id;
+import jakarta.persistence.Lob;
+import jakarta.persistence.Table;
import lombok.AllArgsConstructor;
import lombok.Getter;
import lombok.NoArgsConstructor;
diff --git a/src/main/java/eu/europa/ec/dgc/businessrule/exception/DgcaBusinessRulesResponseException.java b/src/main/java/eu/europa/ec/dgc/businessrule/exception/DgcaBusinessRulesResponseException.java
index af583aa..61bbc76 100644
--- a/src/main/java/eu/europa/ec/dgc/businessrule/exception/DgcaBusinessRulesResponseException.java
+++ b/src/main/java/eu/europa/ec/dgc/businessrule/exception/DgcaBusinessRulesResponseException.java
@@ -22,15 +22,15 @@
import lombok.Getter;
import org.springframework.http.HttpStatus;
-import org.springframework.web.server.ResponseStatusException;
@Getter
-public class DgcaBusinessRulesResponseException extends ResponseStatusException {
+public class DgcaBusinessRulesResponseException extends RuntimeException {
private final String code;
private final String details;
private final String sentValues;
private final String problem;
+ private final HttpStatus status;
/**
* All Args constructor for DgcaBusinessRulesResponseException.
@@ -46,7 +46,7 @@ public DgcaBusinessRulesResponseException(HttpStatus status,
String problem,
String sentValues,
String details) {
- super(status);
+ this.status = status;
this.code = code;
this.details = details;
this.sentValues = sentValues;
diff --git a/src/main/java/eu/europa/ec/dgc/businessrule/restapi/controller/BusinessRuleController.java b/src/main/java/eu/europa/ec/dgc/businessrule/restapi/controller/BusinessRuleController.java
index d27a0ae..4b038e2 100644
--- a/src/main/java/eu/europa/ec/dgc/businessrule/restapi/controller/BusinessRuleController.java
+++ b/src/main/java/eu/europa/ec/dgc/businessrule/restapi/controller/BusinessRuleController.java
@@ -34,10 +34,10 @@
import io.swagger.v3.oas.annotations.media.ExampleObject;
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
+import jakarta.validation.Valid;
import java.util.List;
import java.util.Locale;
import java.util.Optional;
-import javax.validation.Valid;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.http.HttpHeaders;
diff --git a/src/main/java/eu/europa/ec/dgc/businessrule/restapi/controller/ValueSetController.java b/src/main/java/eu/europa/ec/dgc/businessrule/restapi/controller/ValueSetController.java
index 096b0ab..84b64dd 100644
--- a/src/main/java/eu/europa/ec/dgc/businessrule/restapi/controller/ValueSetController.java
+++ b/src/main/java/eu/europa/ec/dgc/businessrule/restapi/controller/ValueSetController.java
@@ -36,9 +36,9 @@
import io.swagger.v3.oas.annotations.media.ExampleObject;
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
+import jakarta.validation.Valid;
import java.util.List;
import java.util.Optional;
-import javax.validation.Valid;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.http.HttpHeaders;
diff --git a/src/main/java/eu/europa/ec/dgc/businessrule/service/BusinessRuleService.java b/src/main/java/eu/europa/ec/dgc/businessrule/service/BusinessRuleService.java
index 242eb1e..6b4b2b4 100644
--- a/src/main/java/eu/europa/ec/dgc/businessrule/service/BusinessRuleService.java
+++ b/src/main/java/eu/europa/ec/dgc/businessrule/service/BusinessRuleService.java
@@ -29,13 +29,13 @@
import eu.europa.ec.dgc.businessrule.restapi.dto.BusinessRuleListItemDto;
import eu.europa.ec.dgc.businessrule.utils.BusinessRulesUtils;
import eu.europa.ec.dgc.gateway.connector.model.ValidationRule;
+import jakarta.annotation.PostConstruct;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.List;
import java.util.Locale;
import java.util.Optional;
import java.util.stream.Collectors;
-import javax.annotation.PostConstruct;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.cache.annotation.CacheEvict;
diff --git a/src/main/java/eu/europa/ec/dgc/businessrule/service/GatewayDataDownloadServiceImpl.java b/src/main/java/eu/europa/ec/dgc/businessrule/service/GatewayDataDownloadServiceImpl.java
index b8dbe5f..5f9199e 100644
--- a/src/main/java/eu/europa/ec/dgc/businessrule/service/GatewayDataDownloadServiceImpl.java
+++ b/src/main/java/eu/europa/ec/dgc/businessrule/service/GatewayDataDownloadServiceImpl.java
@@ -20,6 +20,7 @@
package eu.europa.ec.dgc.businessrule.service;
+import com.fasterxml.jackson.databind.ObjectMapper;
import eu.europa.ec.dgc.businessrule.model.BusinessRuleItem;
import eu.europa.ec.dgc.businessrule.model.ValueSetItem;
import eu.europa.ec.dgc.gateway.connector.DgcGatewayCountryListDownloadConnector;
@@ -30,13 +31,13 @@
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import net.javacrumbs.shedlock.spring.annotation.SchedulerLock;
-import net.minidev.json.JSONArray;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.annotation.Profile;
import org.springframework.scheduling.annotation.Scheduled;
import org.springframework.stereotype.Component;
+
/**
* A service to download the valuesets, business rules and country list from the
* digital covid certificate gateway.
@@ -48,6 +49,8 @@
@Profile("!btp")
public class GatewayDataDownloadServiceImpl implements GatewayDataDownloadService {
+ private final ObjectMapper objectMapper;
+
private final DgcGatewayValidationRuleDownloadConnector dgcRuleConnector;
private final DgcGatewayValueSetDownloadConnector dgcValueSetConnector;
@@ -149,8 +152,14 @@ public void downloadCountryList() {
List countryList = dgcCountryListConnector.getCountryList();
if (!countryList.isEmpty()) {
- String countryListJsonStr = JSONArray.toJSONString(countryList);
- countryListService.updateCountryList(countryListJsonStr);
+
+ try {
+ String countryListJsonStr = objectMapper.writeValueAsString(countryList);
+ countryListService.updateCountryList(countryListJsonStr);
+ } catch (Exception e) {
+ log.error("Failed to convert List to JSON", e);
+ return;
+ }
} else {
log.warn("The download of the country list seems to fail, as the download connector "
+ "returns an empty country list.-> No data was changed.");
diff --git a/src/main/java/eu/europa/ec/dgc/businessrule/service/JksSigningService.java b/src/main/java/eu/europa/ec/dgc/businessrule/service/JksSigningService.java
index cf98991..3485a09 100644
--- a/src/main/java/eu/europa/ec/dgc/businessrule/service/JksSigningService.java
+++ b/src/main/java/eu/europa/ec/dgc/businessrule/service/JksSigningService.java
@@ -21,6 +21,7 @@
package eu.europa.ec.dgc.businessrule.service;
import eu.europa.ec.dgc.businessrule.config.JksSigningConfig;
+import jakarta.annotation.PostConstruct;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
@@ -38,7 +39,6 @@
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Base64;
-import javax.annotation.PostConstruct;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
diff --git a/src/main/java/eu/europa/ec/dgc/businessrule/service/ValueSetService.java b/src/main/java/eu/europa/ec/dgc/businessrule/service/ValueSetService.java
index 17f785f..fe61831 100644
--- a/src/main/java/eu/europa/ec/dgc/businessrule/service/ValueSetService.java
+++ b/src/main/java/eu/europa/ec/dgc/businessrule/service/ValueSetService.java
@@ -28,13 +28,13 @@
import eu.europa.ec.dgc.businessrule.repository.ValueSetRepository;
import eu.europa.ec.dgc.businessrule.restapi.dto.ValueSetListItemDto;
import eu.europa.ec.dgc.businessrule.utils.BusinessRulesUtils;
+import jakarta.annotation.PostConstruct;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.stream.Collectors;
-import javax.annotation.PostConstruct;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.cache.annotation.CacheEvict;
diff --git a/src/main/java/eu/europa/ec/dgc/businessrule/utils/btp/CredentialStoreCryptoUtil.java b/src/main/java/eu/europa/ec/dgc/businessrule/utils/btp/CredentialStoreCryptoUtil.java
index 047f40d..efe1f13 100644
--- a/src/main/java/eu/europa/ec/dgc/businessrule/utils/btp/CredentialStoreCryptoUtil.java
+++ b/src/main/java/eu/europa/ec/dgc/businessrule/utils/btp/CredentialStoreCryptoUtil.java
@@ -4,6 +4,7 @@
import com.nimbusds.jose.JWEObject;
import com.nimbusds.jose.Payload;
import com.nimbusds.jose.crypto.RSADecrypter;
+import jakarta.annotation.PostConstruct;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
@@ -13,7 +14,6 @@
import java.security.spec.X509EncodedKeySpec;
import java.text.ParseException;
import java.util.Base64;
-import javax.annotation.PostConstruct;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.NotImplementedException;
import org.springframework.beans.factory.annotation.Value;