From 355cc070339cd3690e2c4c9216375dec99b28afb Mon Sep 17 00:00:00 2001 From: Christoph Pirkl Date: Thu, 1 Feb 2024 16:39:18 +0100 Subject: [PATCH] #515: Add requirements & design (#521) Co-authored-by: Christoph Kuhnke --- .gitattributes | 4 + .github/workflows/ci-build.yml | 2 +- ...elease_droid_prepare_original_checksum.yml | 4 +- ...ase_droid_upload_github_release_assets.yml | 2 - .../workflows/test_linux_build_on_windows.yml | 4 +- .github/workflows/test_on_windows.yml | 2 +- .gitignore | 1 - README.md | 4 +- doc/changes/changelog.md | 1 + doc/changes/changes_2.9.3.md | 4 +- doc/changes/changes_3.0.0.md | 2 +- doc/changes/changes_4.0.0.md | 119 +++++ doc/developer_guide/developer_guide.md | 14 +- doc/{ => requirements}/design.md | 412 ++++++++++++++++++ .../dependencies_update_process.plantuml | 53 +++ .../images/dependencies_update_process.svg | 1 + .../images/release_process.plantuml | 51 +++ doc/requirements/images/release_process.svg | 1 + doc/{ => requirements}/system_requirements.md | 120 ++++- maven-project-crawler/pk_generated_parent.pom | 10 +- maven-project-crawler/pom.xml | 4 +- parent-pom/pom.xml | 27 +- pom.xml | 8 +- project-keeper-cli/pk_generated_parent.pom | 10 +- .../pk_generated_parent.pom | 10 +- project-keeper-maven-plugin/pom.xml | 4 +- project-keeper/pk_generated_parent.pom | 10 +- .../error-code-crawler-maven-plugin.xml | 2 +- .../maven_templates/flatten-maven-plugin.xml | 2 +- .../maven_templates/maven-compiler-plugin.xml | 2 +- .../maven_templates/maven-failsafe-plugin.xml | 2 +- .../maven_templates/maven-surefire-plugin.xml | 2 +- .../workflows/ci-build-db-version-matrix.yml | 2 +- .../workflows/ci-build-native-build.yml | 6 +- .../templates/.github/workflows/ci-build.yml | 2 +- ...elease_droid_prepare_original_checksum.yml | 2 +- scripts/build_diagrams.sh | 34 ++ shared-model-classes/pk_generated_parent.pom | 8 +- shared-test-setup/pk_generated_parent.pom | 8 +- 39 files changed, 886 insertions(+), 70 deletions(-) create mode 100644 doc/changes/changes_4.0.0.md rename doc/{ => requirements}/design.md (52%) create mode 100644 doc/requirements/images/dependencies_update_process.plantuml create mode 100644 doc/requirements/images/dependencies_update_process.svg create mode 100644 doc/requirements/images/release_process.plantuml create mode 100644 doc/requirements/images/release_process.svg rename doc/{ => requirements}/system_requirements.md (64%) create mode 100755 scripts/build_diagrams.sh diff --git a/.gitattributes b/.gitattributes index 21854292..83cfcd69 100644 --- a/.gitattributes +++ b/.gitattributes @@ -4,3 +4,7 @@ pk_generated_parent.pom linguist-generated=true dependencies.md linguist-generated=true doc/changes/changelog.md linguist-generated=true + +.settings/org.eclipse.jdt.core.prefs linguist-generated=true +.settings/org.eclipse.jdt.ui.prefs linguist-generated=true +doc/images/.svg linguist-generated=true diff --git a/.github/workflows/ci-build.yml b/.github/workflows/ci-build.yml index d3f05222..46992224 100644 --- a/.github/workflows/ci-build.yml +++ b/.github/workflows/ci-build.yml @@ -32,7 +32,7 @@ jobs: - name: Install Go tools run: go install github.com/google/go-licenses@v1.6.0 - name: Cache SonarCloud packages - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: ~/.sonar/cache key: ${{ runner.os }}-sonar diff --git a/.github/workflows/release_droid_prepare_original_checksum.yml b/.github/workflows/release_droid_prepare_original_checksum.yml index 28948834..a0515fd0 100644 --- a/.github/workflows/release_droid_prepare_original_checksum.yml +++ b/.github/workflows/release_droid_prepare_original_checksum.yml @@ -24,7 +24,7 @@ jobs: with: go-version: "1.21" - name: Cache Go modules - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: | ~/.cache/go-build @@ -39,7 +39,7 @@ jobs: - name: Prepare checksum run: find target -maxdepth 1 -name *.jar -exec sha256sum "{}" + > original_checksum - name: Upload checksum to the artifactory - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: original_checksum retention-days: 5 diff --git a/.github/workflows/release_droid_upload_github_release_assets.yml b/.github/workflows/release_droid_upload_github_release_assets.yml index b66a0d61..d0fb6c89 100644 --- a/.github/workflows/release_droid_upload_github_release_assets.yml +++ b/.github/workflows/release_droid_upload_github_release_assets.yml @@ -39,8 +39,6 @@ jobs: with: upload_url: ${{ github.event.inputs.upload_url }} asset_path: project-keeper-cli/target/*.sha256 - - name: Zip error-code-reports - run: zip -v error_code_report.zip */target/error_code_report.json - name: Upload error-code-report uses: shogo82148/actions-upload-release-asset@v1 with: diff --git a/.github/workflows/test_linux_build_on_windows.yml b/.github/workflows/test_linux_build_on_windows.yml index 8e623d8a..4cd88797 100644 --- a/.github/workflows/test_linux_build_on_windows.yml +++ b/.github/workflows/test_linux_build_on_windows.yml @@ -30,7 +30,7 @@ jobs: with: go-version: "1.21" - name: Cache Go modules - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: | ~/.cache/go-build @@ -57,7 +57,7 @@ jobs: cp $(find project-keeper-maven-plugin/target/ -regextype sed -regex ".*/project-keeper-maven-plugin-[0-9]\+\.[0-9]\+\.[0-9]\+\(-SNAPSHOT\)\?\.jar") artifact/project-keeper-maven-plugin.jar cp project-keeper-maven-plugin/.flattened-pom.xml artifact/project-keeper-maven-plugin.pom - name: Upload jar artifact - uses: actions/upload-artifact@master + uses: actions/upload-artifact@v4 with: name: project-keeper-jar path: artifact diff --git a/.github/workflows/test_on_windows.yml b/.github/workflows/test_on_windows.yml index 039afbd0..bc951b62 100644 --- a/.github/workflows/test_on_windows.yml +++ b/.github/workflows/test_on_windows.yml @@ -30,7 +30,7 @@ jobs: with: go-version: "1.21" - name: Cache Go modules - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: | ~/.cache/go-build diff --git a/.gitignore b/.gitignore index b0aeffc2..c2500b6e 100644 --- a/.gitignore +++ b/.gitignore @@ -25,7 +25,6 @@ dependency-reduced-pom.xml .DS_Store *.swp local -Scripts .dbeaver* **/*.log .directory diff --git a/README.md b/README.md index afd1bac0..c34c93dd 100644 --- a/README.md +++ b/README.md @@ -54,5 +54,5 @@ See the [User Guide](doc/user_guide/user_guide.md) for details and for non-Maven - [Developer Guide](doc/developer_guide/developer_guide.md) - [Dependencies](dependencies.md) - [Changelog](doc/changes/changelog.md) -- [Features & Requirements](doc/system_requirements.md) -- [Design](doc/design.md) +- [Features & Requirements](doc/requirements/system_requirements.md) +- [Design](doc/requirements/design.md) diff --git a/doc/changes/changelog.md b/doc/changes/changelog.md index 672beb8a..ddff9ab8 100644 --- a/doc/changes/changelog.md +++ b/doc/changes/changelog.md @@ -1,5 +1,6 @@ # Changes +* [4.0.0](changes_4.0.0.md) * [3.0.1](changes_3.0.1.md) * [3.0.0](changes_3.0.0.md) * [2.9.17](changes_2.9.17.md) diff --git a/doc/changes/changes_2.9.3.md b/doc/changes/changes_2.9.3.md index 5f53487c..66e45b28 100644 --- a/doc/changes/changes_2.9.3.md +++ b/doc/changes/changes_2.9.3.md @@ -4,9 +4,9 @@ Code name: Fix GitHub verify workflow ## Summary -This release fixes fetching dependencies for NPM modules. Dependencies where only fetched for the first NPM module, not for the others. The release also fixes the syntax of the GitHub verify workflow file and increases the timeout for Maven Central deployments. +This release fixes fetching dependencies for NPM modules. Dependencies were only fetched for the first NPM module, not for the others. The release also fixes the syntax of the GitHub verify workflow file and increases the timeout for Maven Central deployments. -PK's template for github workflow `ci-build-next-java.yml` now uses Maven profile `-P skipNativeImage` for projects using PK module [native_image](../developers_guide/preparing_a_project_for_native_image_builds.md). +PK's template for github workflow `ci-build-next-java.yml` now uses Maven profile `-P skipNativeImage` for projects using PK module [native_image](../user_guide/preparing_a_project_for_native_image_builds.md). ## Features diff --git a/doc/changes/changes_3.0.0.md b/doc/changes/changes_3.0.0.md index 38b00483..6dec7ee8 100644 --- a/doc/changes/changes_3.0.0.md +++ b/doc/changes/changes_3.0.0.md @@ -4,7 +4,7 @@ Code name: Support Java 17 builds ## Summary -This release adds support for using different Java versions for running Maven and for compiling/testing projects. We use the `maven-toolchains-plugin` to implement this. See [requirements](../system_requirements.md#support-building-with-multiple-java-versions) and [software design](../design.md#use-maven-toolchain) for implementation details. +This release adds support for using different Java versions for running Maven and for compiling/testing projects. We use the `maven-toolchains-plugin` to implement this. See [requirements](../requirements/system_requirements.md#support-building-with-multiple-java-versions) and [software design](../requirements/design.md#use-maven-toolchain) for implementation details. This is a breaking change as it requires PK users to install both JDK versions 11 and 17 and create `~/.m2/toolchains.xml`. See the [user guide](../user_guide/user_guide.md#prerequisites-for-using-project-keeper) and [troubleshooting](../user_guide/user_guide.md#troubleshooting) for details. diff --git a/doc/changes/changes_4.0.0.md b/doc/changes/changes_4.0.0.md new file mode 100644 index 00000000..b249b9da --- /dev/null +++ b/doc/changes/changes_4.0.0.md @@ -0,0 +1,119 @@ +# Project Keeper 4.0.0, released 2024-??-?? + +Code name: Automatic Security Updates + +## Summary + +## Features + +* #515: Added requirements and design for automatic dependency upgrade + +## Dependency Updates + +### Project Keeper Shared Model Classes + +#### Test Dependency Updates + +* Updated `nl.jqno.equalsverifier:equalsverifier:3.15.4` to `3.15.6` +* Updated `org.mockito:mockito-core:5.8.0` to `5.10.0` + +#### Plugin Dependency Updates + +* Updated `com.exasol:error-code-crawler-maven-plugin:1.3.1` to `2.0.0` +* Updated `org.apache.maven.plugins:maven-compiler-plugin:3.11.0` to `3.12.1` +* Updated `org.apache.maven.plugins:maven-surefire-plugin:3.2.3` to `3.2.5` +* Updated `org.codehaus.mojo:flatten-maven-plugin:1.5.0` to `1.6.0` + +### Project Keeper Core + +#### Compile Dependency Updates + +* Updated `com.exasol:project-keeper-shared-model-classes:3.0.1` to `4.0.0` + +#### Runtime Dependency Updates + +* Updated `com.exasol:project-keeper-java-project-crawler:3.0.1` to `4.0.0` + +#### Test Dependency Updates + +* Updated `com.exasol:project-keeper-shared-test-setup:3.0.1` to `4.0.0` +* Updated `nl.jqno.equalsverifier:equalsverifier:3.15.4` to `3.15.6` +* Updated `org.mockito:mockito-junit-jupiter:5.8.0` to `5.10.0` + +#### Plugin Dependency Updates + +* Updated `com.exasol:error-code-crawler-maven-plugin:1.3.1` to `2.0.0` +* Updated `org.apache.maven.plugins:maven-compiler-plugin:3.11.0` to `3.12.1` +* Updated `org.apache.maven.plugins:maven-failsafe-plugin:3.2.3` to `3.2.5` +* Updated `org.apache.maven.plugins:maven-surefire-plugin:3.2.3` to `3.2.5` +* Updated `org.codehaus.mojo:flatten-maven-plugin:1.5.0` to `1.6.0` + +### Project Keeper Command Line Interface + +#### Compile Dependency Updates + +* Updated `com.exasol:project-keeper-core:3.0.1` to `4.0.0` + +#### Test Dependency Updates + +* Updated `com.exasol:project-keeper-shared-test-setup:3.0.1` to `4.0.0` + +#### Plugin Dependency Updates + +* Updated `com.exasol:error-code-crawler-maven-plugin:1.3.1` to `2.0.0` +* Updated `org.apache.maven.plugins:maven-compiler-plugin:3.11.0` to `3.12.1` +* Updated `org.apache.maven.plugins:maven-failsafe-plugin:3.2.3` to `3.2.5` +* Updated `org.apache.maven.plugins:maven-surefire-plugin:3.2.3` to `3.2.5` +* Updated `org.codehaus.mojo:flatten-maven-plugin:1.5.0` to `1.6.0` + +### Project Keeper Maven Plugin + +#### Compile Dependency Updates + +* Updated `com.exasol:project-keeper-core:3.0.1` to `4.0.0` + +#### Test Dependency Updates + +* Updated `org.mockito:mockito-core:5.8.0` to `5.10.0` + +#### Plugin Dependency Updates + +* Updated `com.exasol:error-code-crawler-maven-plugin:1.3.1` to `2.0.0` +* Updated `org.apache.maven.plugins:maven-compiler-plugin:3.11.0` to `3.12.1` +* Updated `org.apache.maven.plugins:maven-failsafe-plugin:3.2.3` to `3.2.5` +* Updated `org.apache.maven.plugins:maven-plugin-plugin:3.10.2` to `3.11.0` +* Updated `org.apache.maven.plugins:maven-surefire-plugin:3.2.3` to `3.2.5` +* Updated `org.codehaus.mojo:flatten-maven-plugin:1.5.0` to `1.6.0` + +### Project Keeper Java Project Crawler + +#### Compile Dependency Updates + +* Updated `com.exasol:project-keeper-shared-model-classes:3.0.1` to `4.0.0` + +#### Test Dependency Updates + +* Updated `org.mockito:mockito-core:5.8.0` to `5.10.0` +* Updated `org.mockito:mockito-junit-jupiter:5.8.0` to `5.10.0` + +#### Plugin Dependency Updates + +* Updated `com.exasol:error-code-crawler-maven-plugin:1.3.1` to `2.0.0` +* Updated `org.apache.maven.plugins:maven-compiler-plugin:3.11.0` to `3.12.1` +* Updated `org.apache.maven.plugins:maven-failsafe-plugin:3.2.3` to `3.2.5` +* Updated `org.apache.maven.plugins:maven-plugin-plugin:3.10.2` to `3.11.0` +* Updated `org.apache.maven.plugins:maven-surefire-plugin:3.2.3` to `3.2.5` +* Updated `org.codehaus.mojo:flatten-maven-plugin:1.5.0` to `1.6.0` + +### Project Keeper Shared Test Setup + +#### Compile Dependency Updates + +* Updated `com.exasol:project-keeper-shared-model-classes:3.0.1` to `4.0.0` + +#### Plugin Dependency Updates + +* Updated `com.exasol:error-code-crawler-maven-plugin:1.3.1` to `2.0.0` +* Updated `org.apache.maven.plugins:maven-compiler-plugin:3.11.0` to `3.12.1` +* Updated `org.apache.maven.plugins:maven-surefire-plugin:3.2.3` to `3.2.5` +* Updated `org.codehaus.mojo:flatten-maven-plugin:1.5.0` to `1.6.0` diff --git a/doc/developer_guide/developer_guide.md b/doc/developer_guide/developer_guide.md index 7b76989f..13efc7e2 100644 --- a/doc/developer_guide/developer_guide.md +++ b/doc/developer_guide/developer_guide.md @@ -6,13 +6,25 @@ You need the following dependencies for running the tests: * Java Development Kit 11 * Maven 3.6.3 or later -* Go 1.16 or later for testing Go support, see [installation guide](https://go.dev/doc/install) +* Go 1.20 or later for testing Go support, see [installation guide](https://go.dev/doc/install) ### go-licenses [go-licenses](https://github.com/google/go-licenses/) is required for extracting Go module license information. Since version 2.7.0 PK will automatically install `go-licenses` if required. +## Requirements and Design + +Design documents are located at +* [requirements/system_requirements.md](../requirements/system_requirements.md) +* [requirements/design.md](../requirements/design.md) + +After modifying the `.plantuml` files in `doc/images/` please generate the `.svg` diagrams by running the following command and commit them to Git: + +```sh +./scripts/build_diagrams.sh +``` + ## Building When building a new release of PK then Maven might display the following error: diff --git a/doc/design.md b/doc/requirements/design.md similarity index 52% rename from doc/design.md rename to doc/requirements/design.md index 18820f97..588c6fca 100644 --- a/doc/design.md +++ b/doc/requirements/design.md @@ -345,6 +345,64 @@ Covers: Needs: impl, utest, itest +### Customize Release Artifacts +`dsn~customize-release-artifacts~0` + +PK allows customizing the list of files that are attached to new GitHub releases in the `release.yml` workflow. + +Needs: dsn +Covers: +* [`req~customize-release-artifacts~0`](system_requirements.md#customize-release-artifacts) + +#### Archive Configured JAR Artifact +`dsn~customize-release-artifacts-jar~0` + +PK adds the JAR name configured in the `maven-assembly-plugin` to the list of release artifacts. + +Rationale: +* This avoids duplicating configuration already present in `pom.xml`. +* This requires evaluating placeholders, e.g. `document-files-virtual-schema-dist-${vs-common-document-files.version}-s3-${project.version}`. + +Covers: +* [`dsn~customize-release-artifacts~0`](#customize-release-artifacts) + +-Needs: impl, utest, itest + +#### Common List of Release Artifacts +`dsn~customize-release-artifacts-hard-coded~0` + +PK adds the following files to a hard coded list of release artifacts: +* `target/error_code_report.json` + +Rationale: +* These files are created by all projects. +* Hard coding this list in PK avoids duplication in the `.project-keeper.yml` + +Covers: +* [`dsn~customize-release-artifacts~0`](#customize-release-artifacts) + +-Needs: impl, utest, itest + +#### Custom Release Artifacts +`dsn~customize-release-artifacts-custom~0` + +PK adds a list of configured files to the list of release artifacts. + +Rationale: +This allows adding project-specific release artifacts like `.js` extensions. + +Covers: +* [`dsn~customize-release-artifacts~0`](#customize-release-artifacts) + +-Needs: impl, utest, itest + +### Customize Build Process +`dsn~customize-build-process~0` + +Covers: + +* [`req~customize-build-process~0`](system_requirements.md#customize-build-process) + ## Golang Support ### Get Project Version @@ -442,3 +500,357 @@ Covers: * [`req~npm-changed-dependency~1`](system_requirements.md#get-changed-dependency) Needs: impl, utest, itest + +## Automatic Dependency Update Process + +This consists of the following steps: +1. Trigger the dependency update process +2. Update dependencies +3. Create a pull request + +![Activity Diagram for the dependencies update process](images/dependencies_update_process.svg) + +#### Triggering the Dependency Update Process +`dsn~trigger-dependency-updates~1` + +PK generates the `dependencies_check.yml` GitHub workflow so that it launches the `dependencies_update.yml` workflow when it detects new vulnerabilities. + +Rationale: + +`dependencies_check.yml` already uses the [security-issues](https://exasol.github.io/python-toolbox/github_actions/security_issues.html) tool from the [python-toolbox](https://github.com/exasol/python-toolbox) to create issues for new vulnerabilities. Re-implementing this in PK is not necessary. + +Covers: +* [`req~auto-update-dependencies~1`](system_requirements.md#auto-update-dependencies) + +-Needs: impl, utest, itest + +#### Update Dependencies Mode +`dsn~update-dependencies-mode~1` + +PK provides an `update-dependencies` mode in addition to `fix` and `verify`. This mode performs the following steps: + +1. Increment version of the project +2. Update dependencies to their latest version +3. Create changelog containing information about the fixed vulnerabilities (if available) + +Rationale: + +* We implement this in PK because + * PK already contains code for working with versions and changelog, so we can reuse this code + * The `update-dependencies` mode is also useful for running locally on the developer's machine when working on a non-security related task +* We don't implement git/GitHub operations in PK because + * This would couple PK to GitHub + * This would be surprising when running it locally + * This would require credentials for accessing the GitHub API + +Covers: +* [`req~auto-update-dependencies~1`](system_requirements.md#auto-update-dependencies) +* [`req~auto-create-changelog~1`](system_requirements.md#automatically-create-change-log-entry) + +Needs: dsn + +##### Incrementing the Project Version +`dsn~increment-version~1` + +PK increments the project's patch version. PK does not modify the version if the current version was not yet released (i.e. there is not release in the latest changelog file). + +Rationale: + +Leaving the version unchanged when it was not yet released avoids surprises when running this locally. + +Covers: +* [`dsn~update-dependencies-mode~1`](#update-dependencies-mode) + +-Needs: impl, utest, itest + +##### Upgrade Dependencies +`dsn~upgrade-dependencies~1` + +PK upgrades dependencies using the [versions-maven-plugin](https://www.mojohaus.org/versions/versions-maven-plugin/index.html): + +```sh +mvn versions:use-latest-releases && mvn versions:update-properties +``` + +Rationale: + +* This avoids re-inventing the wheel. +* The plugin supports excluding dependencies from the upgrade that could cause problems using the [``](https://www.mojohaus.org/versions/versions-maven-plugin/use-latest-releases-mojo.html#excludes) configuration. + +Covers: +* [`dsn~update-dependencies-mode~1`](#update-dependencies-mode) + +-Needs: impl, utest, itest + +##### Generate Changelog + +PK generates the changelog for the fixed vulnerabilities if the required information is available. The changelog contains the following information: +* Issues that fix the vulnerabilities +* CVE-number, description and severity of each vulnerability +* The vulnerable dependency, its version and scope + +Rationale: +* The `dependencies_check.yml` workflow detects vulnerabilities and creates issues. It will output information about the created issues and the vulnerabilities. This information is passed to `dependencies_update.yml` as a parameter and forwarded to PK's `update-dependencies` mode. +* Vulnerability information must be optional in order to allow running the process locally. + +Covers: +* [`dsn~update-dependencies-mode~1`](#update-dependencies-mode) + +-Needs: impl, utest, itest + +#### Generate `dependencies_update.yml` workflow +`dsn~dependencies_update-workflow~1` + +PK generates the `dependencies_update.yml` GitHub workflow. + +Covers: +* [`req~auto-update-dependencies~1`](system_requirements.md#auto-update-dependencies) +* [`req~auto-create-changelog~1`](system_requirements.md#automatically-create-change-log-entry) +* [`req~auto-create-pr~1`](system_requirements.md#automatically-create-a-pull-request) + +Needs: dsn + +##### `dependencies_update.yml` Workflow Receives Vulnerability Info +`dsn~dependencies_update-vulnerability-info~1` + +PK generates the `dependencies_update.yml` workflow so that it receives information about vulnerabilities and issues as optional parameter. + +-Needs: impl, utest, itest + +Covers: +* [`dsn~dependencies_update-workflow~1`](#generate-dependencies_updateyml-workflow) + +##### `dependencies_update.yml` Workflow Starts PK `update-dependencies` Mode +`dsn~dependencies_update-starts-pk-update~1` + +PK generates the `dependencies_update.yml` workflow so that it starts PK's [`update-dependencies` mode](#update-dependencies-mode), passing information about vulnerabilities. + +Rationale: + +PK needs the vulnerability info for generating the changelog. + +-Needs: impl, utest, itest + +Covers: +* [`dsn~dependencies_update-workflow~1`](#generate-dependencies_updateyml-workflow) + +##### `dependencies_update.yml` Workflow Creates a Pull Request +`dsn~dependencies_update-creates-pull-request~1` + +PK generates the `dependencies_update.yml` workflow so that it creates a Pull Request in GitHub. This requires the following steps: +1. Create a new local branch using a random name +2. Commit local changes using a commit message that contains the issue number +3. Push the branch +4. Create a new pull request with `Closes` comments for each issue number +5. If the Slack notification URL is available as secret: send a Slack notification + * If the workflow fails: send a warning containing the workflow run + * If the workflow succeeded: send a success message containing the pull request link + +Rationale: + +We implement this in a workflow and not in PK because +* Git/GitHub operations should not be done locally to avoid surprises +* GitHub action automatically have credentials for pushing and creating a pull request +* The Slack notification URL might not be available as secret to all repositories, so this step must be optional +* Sending notifications to developers to + * investigate a failed update process + * review and merge a new pull request + +Note: Implementing this in a workflow makes it hard to do integration tests. We accept that there are no integration tests for running the workflow. + +-Needs: impl, utest, itest + +Covers: +* [`dsn~dependencies_update-workflow~1`](#generate-dependencies_updateyml-workflow) + +#### Generate `release.yml` workflow +`dsn~release-workflow~1` + +PK generates the `release.yml` GitHub workflow for Maven projects. This workflow runs the build including tests, integration tests, releases to Maven Central and on GitHub. + +Rationale: +* The release process is limited to Maven projects. Support for other projects may be added later. +* The previous build process with release-droid used separate steps for testing and releasing. This allowed re-starting a release (e.g. to Maven Central) in case of failures, without having to start potentially long running tests (~40 minutes). + * The new process always runs the complete process, it's not possible to skip tests. + * We accept this disadvantage of potential slow release times for now because the release process to Maven Central is usually stable nowadays. +* We implement the workflow purely with a single generated GitHub actions. An alternative would be to implement parts of the build logic (e.g. checksum of build artifacts) as workflow steps implemented in JavaScript. + * Advantages: + * All generated code is one file, no need to use multiple files or reference other workflows + * Simple, standalone implementation + * Disadvantage: + * Long generated workflow file + * Not easily testable, one option would be [nektos/act](https://github.com/nektos/act) + * We accept the disadvantages for now. However the architecture allows changing this in the future. + +![Activity diagram of the release process](images/release_process.svg) + +Covers: +* [`req~auto-release~1`](system_requirements.md#automatic-release) + +Needs: dsn + +##### `release.yml` Workflow Triggers +`dsn~release-workflow-triggers~1` + +PK generates the `release.yml` workflow so that it is triggered by the following events: +* manual triggering (`workflow_dispatch`) +* push to `main` branch (`push: branches: - main`) + +Rationale: +* Manually triggering simplifies debugging in case of problems +* Hard-coding the `main` branch for the `push` trigger is OK because we assume that all repositories use the same development workflow + +Covers: +* [`dsn~release-workflow~1`](#generate-releaseyml-workflow) + +-Needs: impl, utest, itest + +##### `release.yml` Workflow Release Verification +`dsn~release-workflow-run-verify-release~1` + +PK generates the `release.yml` workflow so that it runs PK in `verify-release` mode, see [`dsn~verify-release-mode~1`](#verify-release-mode). + +Rationale: +* This ensures that all preconditions for the release are met (e.g. current release date). In the previous process this was checked by release-droid. +* Checking the release date allows skipping a release. I.e. when no release is planned when updating the `main` branch, the user can leave the release date undefined, e.g. `2024-??-??`. This will let `verify-release` fail and the release is cancelled. + +Covers: +* [`dsn~release-workflow~1`](#generate-releaseyml-workflow) + +-Needs: impl, utest, itest + +##### `release.yml` Workflow Runs Build +`dsn~release-workflow-run-build~1` + +PK generates the `release.yml` workflow so that it runs the build including tests, integration tests and verifications (`mvn verify`). + +Rationale: +* Supporting other build tools is not necessary for now because building and testing of other components (e.g. JavaScript extensions using `npm`) can be included into the Maven build process using the `exec-maven-plugin` plugin. + +Covers: +* [`dsn~release-workflow~1`](#generate-releaseyml-workflow) + +-Needs: impl, utest, itest + +##### `release.yml` Workflow Deploys to Maven Central +`dsn~release-workflow-deploy-maven-central~1` + +If at least one source in `.project-keeper.yml` uses the `maven_central` module, PK generates the `release.yml` workflow so that it runs deploys the project to Maven Central (`mvn deploy`). + +Covers: +* [`dsn~release-workflow~1`](#generate-releaseyml-workflow) + +-Needs: impl, utest, itest + +##### `release.yml` Workflow Creates GitHub Release +`dsn~release-workflow-create-github-release~1` + +PK generates the `release.yml` workflow so that it creates a new GitHub release for the new version. + +Rationale: +* In the old release process this was implemented in release-droid (`GitHubReleaseMaker.createReleaseModel()`). +* The GitHub workflow has permissions to use the GitHub API. + +Covers: +* [`dsn~release-workflow~1`](#generate-releaseyml-workflow) + +-Needs: impl, utest, itest + +##### `release.yml` Workflow Creates Tags for Golang Modules +`dsn~release-workflow-create-golang-tags~1` + +PK generates the `release.yml` workflow so that it creates the correct tags for Golang modules. + +Rationale: +* In the old release process this was implemented in release-droid (`Revision.getTags()`). + +Covers: +* [`dsn~release-workflow~1`](#generate-releaseyml-workflow) + +-Needs: impl, utest, itest + +#### `verify-release` Mode +`dsn~verify-release-mode~1` + +PK provides an `verify-release` mode in addition to `fix`, `verify` and `update-dependencies`. + +If any of the checks fails, PK fails with an exit code > 0 to signal a build failure. + +Covers: +* [`dsn~release-workflow~1`](#generate-releaseyml-workflow) + +Needs: dsn + +##### `verify-release` Mode Runs PK Verify +`dsn~verify-release-mode-verify~1` + +PK's `verify-release` mode runs the same validations as the `verify` mode. + +Rationale: +This simplifies usage because it's not necessary to start PK twice. + +Covers: +* [`dsn~verify-release-mode~1`](#verify-release-mode) + +-Needs: impl, utest, itest + +##### `verify-release` Mode Checks Release Date +`dsn~verify-release-mode-verify-release-date~1` + +PK's `verify-release` mode verifies that the release date in the current version's changelog is the current date. + +Rationale: +* The release date must be up-to-date. In the previous release process this was checked by release-droid. +* This allows opting out of releasing: + * The `release.yml` workflow runs for every push to the `main` branch. This is not always intended if developers want to wait with the release and add more changes in other pull requests. + * Setting the release date to `2024-??-??` will let the `verify-release` mode fail which will stop the release build. +* Possible future improvement: + * To avoid creating a PR just for updating the release date we could add an optional parameter to the `release.yml` workflow that updates the release date and commits this change directly to `main`. + +Covers: +* [`dsn~verify-release-mode~1`](#verify-release-mode) + +-Needs: impl, utest, itest + +##### `verify-release` Mode Checks All Issues are Closed +`dsn~verify-release-mode-verify-issues-closed~1` + +PK's `verify-release` mode verifies that all GitHub issues mentioned in the current version's changelog are closed. + +Rationale: +* In the previous release process this was checked by release-droid. + +Covers: +* [`dsn~verify-release-mode~1`](#verify-release-mode) + +-Needs: impl, utest, itest + +##### `verify-release` Mode Checks Version Increment +`dsn~verify-release-mode-verify-version-increment~1` + +PK's `verify-release` mode verifies that current version was incremented correctly based on the previous version. + +Rationale: +* In the previous release process this was checked by release-droid in `CommonRepositoryValidator.validateSuccessor()` + +Covers: +* [`dsn~verify-release-mode~1`](#verify-release-mode) + +-Needs: impl, utest, itest + +##### `verify-release` Mode Sets GitHub Action Output Parameters +`dsn~verify-release-mode-output-parameters~1` + +PK's `verify-release` mode outputs the following information as [GitHub Output Parameters](https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#setting-an-output-parameter): +* Project version +* Code name from changelog +* Remaining content of changelog + +Rationale: +* The `release.yml` workflow needs this information for creating the GitHub release. +* Steps in a GitHub workflow can read the output parameters of other steps. + +Covers: +* [`dsn~verify-release-mode~1`](#verify-release-mode) + +-Needs: impl, utest, itest diff --git a/doc/requirements/images/dependencies_update_process.plantuml b/doc/requirements/images/dependencies_update_process.plantuml new file mode 100644 index 00000000..5de174ae --- /dev/null +++ b/doc/requirements/images/dependencies_update_process.plantuml @@ -0,0 +1,53 @@ +@startuml dependencies_update_process + +start +:**dependencies_check.yml** workflow +(triggered daily); +note right + Pass information about created + issues & vulnerabilities to + **dependencies_update.yml** +end note +if(Vulnerable dependencies found?) then (yes) + group **dependencies_update.yml** workflow + note right + GitHub Workflow + generated by PK + end note + :Run PK **update-dependencies** as Maven plugin; + group PK **update-dependencies** + note right + Implement + in PK + end note + if(Latest version already released?) then (yes) + :Increment project version; + else (no) + endif + :Update dependencies; + :Run PK fix; + note right + Add dependency changes to + changelog, Update list of + dependencies, ... + end note + :Update changlog: add fixed vulnerabilites; + if(pom.xml contains artifact-reference-checker-maven-plugin) then (yes) + :Run artifact-reference-checker-maven-plugin:fix; + else (no) + endif + end group + :Create branch, commit, push & + create pull request; + note right + Needs information about + issues & vulnerabilities + end note + :Send Slack notification + for success and failure; + end group +else (no) + stop +endif +stop +@enduml diff --git a/doc/requirements/images/dependencies_update_process.svg b/doc/requirements/images/dependencies_update_process.svg new file mode 100644 index 00000000..8fe162b6 --- /dev/null +++ b/doc/requirements/images/dependencies_update_process.svg @@ -0,0 +1 @@ +Pass information about createdissues & vulnerabilities todependencies_update.ymldependencies_check.ymlworkflow(triggered daily)dependencies_update.ymlworkflowGitHub Workflowgenerated by PKRun PKupdate-dependenciesas Maven pluginPKupdate-dependenciesImplementin PKIncrement project versionyesLatest version already released?noUpdate dependenciesAdd dependency changes tochangelog, Update list ofdependencies, ...Run PK fixUpdate changlog: add fixed vulnerabilitesRun artifact-reference-checker-maven-plugin:fixyespom.xml contains artifact-reference-checker-maven-pluginnoNeeds information aboutissues & vulnerabilitiesCreate branch, commit, push &create pull requestSend Slack notificationfor success and failureyesVulnerable dependencies found?no \ No newline at end of file diff --git a/doc/requirements/images/release_process.plantuml b/doc/requirements/images/release_process.plantuml new file mode 100644 index 00000000..6f54aa41 --- /dev/null +++ b/doc/requirements/images/release_process.plantuml @@ -0,0 +1,51 @@ +@startuml release_process + +start +note right + Triggered manually or + on pushes to main branch. +end note +group **release.yml** workflow + note right + Generated + by PK + end note + :Run PK **verify-release** as Maven plugin; + group PK **verify-release** + note right + Implemented + in PK + end note + if(Release date up-to-date?\n(allow skipping the release)) then (up-to-date) + :Run PK **verify**; + :Run additional release checks; + :Write changelog content to file; + note right + Required for creating + the GitHub release + end note + else (invalid/outdated) + :Fail build; + stop + endif + end group + :Run **mvn verify**; + if(Maven Central deployment required) then (required) + :Run **mvn deploy**; + endif + :Calculate checksums for release artifacts; + :Create GitHub release; + note right + Reads changelog + content from file + end note + :Attach release artifacts and + checksums to GitHub release; + note right + Customizable + end note + :Send Slack notification + for success & failure; +end group +stop +@enduml diff --git a/doc/requirements/images/release_process.svg b/doc/requirements/images/release_process.svg new file mode 100644 index 00000000..850f6913 --- /dev/null +++ b/doc/requirements/images/release_process.svg @@ -0,0 +1 @@ +Triggered manually oron pushes to main branch.release.ymlworkflowGeneratedby PKRun PKverify-releaseas Maven pluginPKverify-releaseImplementedin PKRelease date up-to-date?(allow skipping the release)up-to-dateinvalid/outdatedRun PKverifyRun additional release checksRequired for creatingthe GitHub releaseWrite changelog content to fileFail buildRunmvn verifyRunmvn deployrequiredMaven Central deployment requiredCalculate checksums for release artifactsReads changelogcontent from fileCreate GitHub releaseCustomizableAttach release artifacts andchecksums to GitHub releaseSend Slack notificationfor success & failure \ No newline at end of file diff --git a/doc/system_requirements.md b/doc/requirements/system_requirements.md similarity index 64% rename from doc/system_requirements.md rename to doc/requirements/system_requirements.md index f2ee7638..62744354 100644 --- a/doc/system_requirements.md +++ b/doc/requirements/system_requirements.md @@ -266,7 +266,7 @@ Needs: dsn `req~golang-changed-dependency~1` -PK can retrieve changed Golang dependencies that where added, updated or removed since the last release. +PK can retrieve changed Golang dependencies that were added, updated or removed since the last release. Covers: @@ -305,9 +305,125 @@ Needs: dsn #### Get Changed Dependency `req~npm-changed-dependency~1` -PK can retrieve changed NPM dependencies that where added, updated or removed since the last release. +PK can retrieve changed NPM dependencies that were added, updated or removed since the last release. Covers: * `feat~npm-project-support~1` Needs: dsn + +### Automatic Dependency Update Process +`feat~automatic-dependency-update-process~1` + +PK supports a process for automated dependency update. This speeds up fixing vulnerabilities in third party dependencies and creating releases. + +Rationale: + +The Exasol integration team maintains more than 130 projects that often require dependency updates due to security issues that are found in direct or transitive dependencies. In most cases the update requires pulling the latest source, updating the dependencies, updating the change log, running the tests locally, on success pushing the branch, running CI and creating a release as shown in the following bullet-list. + +* Update dependencies +* Create change log entry +* Run local tests +* Push branch +* Run CI +* Release + +Needs: req + +#### Auto-update dependencies +`req~auto-update-dependencies~1` + +PK automatically updates dependencies when the `dependencies_check.yml` workflow finds a new vulnerability. + +Covers: +* [`feat~automatic-dependency-update-process~1`](#automatic-dependency-update-process) + +Needs: dsn + +#### Automatically create change log entry +`req~auto-create-changelog~1` + +PK generates an entry in the changes file for fixed vulnerabilities. + +Rationale: + +The changes file entries for fixed vulnerabilities always have the same structure and can be easily automated to avoid manual work. + +Covers: +* [`feat~automatic-dependency-update-process~1`](#automatic-dependency-update-process) + +Needs: dsn + +#### Automatically Create a Pull Request +`req~auto-create-pr~1` + +PK creates a new Pull Request after upgrading dependencies. + +Rationale: + +A pull requests allows to +* automatically run tests using the updated dependencies to verify if the upgrade caused any problems +* review and approve changes +* manually modify files in case of problems + +Covers: +* [`feat~automatic-dependency-update-process~1`](#automatic-dependency-update-process) + +Needs: dsn + +#### Automatic Release +`req~auto-release~1` + +PK automatically builds a new release whenever the `main` branch is updated. + +Rationale: + +* This reduces manual work, it's not necessary any more to manually run release-droid. +* Optionally the user can indicate to apply the changes, but postpone creating a release. + +Covers: +* [`feat~automatic-dependency-update-process~1`](#automatic-dependency-update-process) + +Needs: dsn + +### Customizable Workflows +`feat~customize-workflows~0` + +PK allows customizing the `ci-build.yml` and `release.yml` workflows with project-specific build steps. + +Rationale: +Currently some projects are already using customized workflows but needed to exclude them from PK generation. Allowing to customize workflows will simplify maintenance of GH workflows. + +Needs: req + +#### Customize Release Artifacts +`req~customize-release-artifacts~0` + +PK allows customizing the list of files that are attached to new GitHub releases in the `release.yml` workflow. + +Rationale: +Some projects need to release custom files like executable `.jar` files or `.js` extensions. + +Needs: dsn + +Covers: +* [`feat~customize-workflows~0`](#customizable-workflows) + +#### Customize Build Process +`req~customize-build-process~0` + +PK allows adding pre and post steps during the build process as well as customizing the actual build step. + +Rationale: +Some projects need to +* install additional tools like Go, Node +* prepare files (e.g. `test_config.properties`) with configuration and credentials +* prepare test infrastructure with `terraform init && terraform apply` +* pass additional environment variables (e.g. AWS credentials) to the build step +* attach files to the workflow (e.g. `classes.lst` for the S3 virtual schema) +* run cleanup steps like `terraform destroy` + +Needs: dsn + +Covers: +* [`feat~customize-workflows~0`](#customizable-workflows) diff --git a/maven-project-crawler/pk_generated_parent.pom b/maven-project-crawler/pk_generated_parent.pom index d3c92cc6..b9745cc7 100644 --- a/maven-project-crawler/pk_generated_parent.pom +++ b/maven-project-crawler/pk_generated_parent.pom @@ -88,7 +88,7 @@ org.apache.maven.plugins maven-compiler-plugin - 3.11.0 + 3.12.1 ${java.version} ${java.version} @@ -126,7 +126,7 @@ org.codehaus.mojo flatten-maven-plugin - 1.5.0 + 1.6.0 true oss @@ -165,7 +165,7 @@ org.apache.maven.plugins maven-surefire-plugin - 3.2.3 + 3.2.5 @@ -325,7 +325,7 @@ org.apache.maven.plugins maven-failsafe-plugin - 3.2.3 + 3.2.5 -Djava.util.logging.config.file=src/test/resources/logging.properties ${argLine} @@ -394,7 +394,7 @@ com.exasol error-code-crawler-maven-plugin - 1.3.1 + 2.0.0 verify diff --git a/maven-project-crawler/pom.xml b/maven-project-crawler/pom.xml index f173d06d..a031ef89 100644 --- a/maven-project-crawler/pom.xml +++ b/maven-project-crawler/pom.xml @@ -99,7 +99,9 @@ org.apache.maven.plugins maven-plugin-plugin - 3.10.2 + + pk-crawl + org.basepom.maven diff --git a/parent-pom/pom.xml b/parent-pom/pom.xml index dfb2c276..db5a528b 100644 --- a/parent-pom/pom.xml +++ b/parent-pom/pom.xml @@ -28,12 +28,12 @@ - 3.0.1 + 4.0.0 3.9.6 3.6.3 5.10.1 2.9.1 - 5.8.0 + 5.10.0 UTF-8 UTF-8 11 @@ -89,7 +89,7 @@ org.apache.maven.plugin-tools maven-plugin-annotations - 3.10.2 + 3.11.0 provided @@ -111,6 +111,7 @@ org.eclipse.jgit org.eclipse.jgit + 6.7.0.202309050840-r @@ -204,7 +205,7 @@ nl.jqno.equalsverifier equalsverifier - 3.15.4 + 3.15.6 test @@ -213,13 +214,17 @@ 1.4.8 test - - - junit - junit - 4.13.2 - test - + + + + + org.apache.maven.plugins + maven-plugin-plugin + 3.11.0 + + + + diff --git a/pom.xml b/pom.xml index 579e33f8..a2d83f9e 100644 --- a/pom.xml +++ b/pom.xml @@ -49,6 +49,12 @@ + + true + html + ALL + true + org.apache.maven.plugins @@ -61,7 +67,7 @@ com.exasol error-code-crawler-maven-plugin - 1.3.1 + 2.0.0 verify diff --git a/project-keeper-cli/pk_generated_parent.pom b/project-keeper-cli/pk_generated_parent.pom index ea59acae..2f2022b7 100644 --- a/project-keeper-cli/pk_generated_parent.pom +++ b/project-keeper-cli/pk_generated_parent.pom @@ -80,7 +80,7 @@ org.apache.maven.plugins maven-compiler-plugin - 3.11.0 + 3.12.1 ${java.version} ${java.version} @@ -118,7 +118,7 @@ org.codehaus.mojo flatten-maven-plugin - 1.5.0 + 1.6.0 true oss @@ -157,7 +157,7 @@ org.apache.maven.plugins maven-surefire-plugin - 3.2.3 + 3.2.5 @@ -347,7 +347,7 @@ org.apache.maven.plugins maven-failsafe-plugin - 3.2.3 + 3.2.5 -Djava.util.logging.config.file=src/test/resources/logging.properties ${argLine} @@ -408,7 +408,7 @@ com.exasol error-code-crawler-maven-plugin - 1.3.1 + 2.0.0 verify diff --git a/project-keeper-maven-plugin/pk_generated_parent.pom b/project-keeper-maven-plugin/pk_generated_parent.pom index 2789bdc5..7b91571e 100644 --- a/project-keeper-maven-plugin/pk_generated_parent.pom +++ b/project-keeper-maven-plugin/pk_generated_parent.pom @@ -88,7 +88,7 @@ org.apache.maven.plugins maven-compiler-plugin - 3.11.0 + 3.12.1 ${java.version} ${java.version} @@ -126,7 +126,7 @@ org.codehaus.mojo flatten-maven-plugin - 1.5.0 + 1.6.0 true oss @@ -165,7 +165,7 @@ org.apache.maven.plugins maven-surefire-plugin - 3.2.3 + 3.2.5 @@ -325,7 +325,7 @@ org.apache.maven.plugins maven-failsafe-plugin - 3.2.3 + 3.2.5 -Djava.util.logging.config.file=src/test/resources/logging.properties ${argLine} @@ -394,7 +394,7 @@ com.exasol error-code-crawler-maven-plugin - 1.3.1 + 2.0.0 verify diff --git a/project-keeper-maven-plugin/pom.xml b/project-keeper-maven-plugin/pom.xml index 8d16a459..06af4b13 100644 --- a/project-keeper-maven-plugin/pom.xml +++ b/project-keeper-maven-plugin/pom.xml @@ -91,7 +91,9 @@ org.apache.maven.plugins maven-plugin-plugin - 3.10.2 + + project-keeper + org.apache.maven.plugins diff --git a/project-keeper/pk_generated_parent.pom b/project-keeper/pk_generated_parent.pom index 9f59f2bb..44c2a879 100644 --- a/project-keeper/pk_generated_parent.pom +++ b/project-keeper/pk_generated_parent.pom @@ -80,7 +80,7 @@ org.apache.maven.plugins maven-compiler-plugin - 3.11.0 + 3.12.1 ${java.version} ${java.version} @@ -118,7 +118,7 @@ org.codehaus.mojo flatten-maven-plugin - 1.5.0 + 1.6.0 true oss @@ -157,7 +157,7 @@ org.apache.maven.plugins maven-surefire-plugin - 3.2.3 + 3.2.5 @@ -297,7 +297,7 @@ org.apache.maven.plugins maven-failsafe-plugin - 3.2.3 + 3.2.5 -Djava.util.logging.config.file=src/test/resources/logging.properties ${argLine} @@ -358,7 +358,7 @@ com.exasol error-code-crawler-maven-plugin - 1.3.1 + 2.0.0 verify diff --git a/project-keeper/src/main/resources/maven_templates/error-code-crawler-maven-plugin.xml b/project-keeper/src/main/resources/maven_templates/error-code-crawler-maven-plugin.xml index 09dccd46..564dafb3 100644 --- a/project-keeper/src/main/resources/maven_templates/error-code-crawler-maven-plugin.xml +++ b/project-keeper/src/main/resources/maven_templates/error-code-crawler-maven-plugin.xml @@ -1,7 +1,7 @@ com.exasol error-code-crawler-maven-plugin - 1.3.1 + 2.0.0 verify diff --git a/project-keeper/src/main/resources/maven_templates/flatten-maven-plugin.xml b/project-keeper/src/main/resources/maven_templates/flatten-maven-plugin.xml index a085da45..289e1055 100644 --- a/project-keeper/src/main/resources/maven_templates/flatten-maven-plugin.xml +++ b/project-keeper/src/main/resources/maven_templates/flatten-maven-plugin.xml @@ -1,7 +1,7 @@ org.codehaus.mojo flatten-maven-plugin - 1.5.0 + 1.6.0 true oss diff --git a/project-keeper/src/main/resources/maven_templates/maven-compiler-plugin.xml b/project-keeper/src/main/resources/maven_templates/maven-compiler-plugin.xml index d85791f3..39407441 100644 --- a/project-keeper/src/main/resources/maven_templates/maven-compiler-plugin.xml +++ b/project-keeper/src/main/resources/maven_templates/maven-compiler-plugin.xml @@ -1,7 +1,7 @@ org.apache.maven.plugins maven-compiler-plugin - 3.11.0 + 3.12.1 ${java.version} ${java.version} diff --git a/project-keeper/src/main/resources/maven_templates/maven-failsafe-plugin.xml b/project-keeper/src/main/resources/maven_templates/maven-failsafe-plugin.xml index 2976a31d..71ed162d 100644 --- a/project-keeper/src/main/resources/maven_templates/maven-failsafe-plugin.xml +++ b/project-keeper/src/main/resources/maven_templates/maven-failsafe-plugin.xml @@ -1,7 +1,7 @@ org.apache.maven.plugins maven-failsafe-plugin - 3.2.3 + 3.2.5 -Djava.util.logging.config.file=src/test/resources/logging.properties ${argLine} diff --git a/project-keeper/src/main/resources/maven_templates/maven-surefire-plugin.xml b/project-keeper/src/main/resources/maven_templates/maven-surefire-plugin.xml index 7a2a23ac..4845da1c 100644 --- a/project-keeper/src/main/resources/maven_templates/maven-surefire-plugin.xml +++ b/project-keeper/src/main/resources/maven_templates/maven-surefire-plugin.xml @@ -1,7 +1,7 @@ org.apache.maven.plugins maven-surefire-plugin - 3.2.3 + 3.2.5 diff --git a/project-keeper/src/main/resources/templates/.github/workflows/ci-build-db-version-matrix.yml b/project-keeper/src/main/resources/templates/.github/workflows/ci-build-db-version-matrix.yml index 5e98d32b..afcf41ed 100644 --- a/project-keeper/src/main/resources/templates/.github/workflows/ci-build-db-version-matrix.yml +++ b/project-keeper/src/main/resources/templates/.github/workflows/ci-build-db-version-matrix.yml @@ -38,7 +38,7 @@ jobs: 17 cache: "maven" - name: Cache SonarCloud packages - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: ~/.sonar/cache key: ${{ runner.os }}-sonar diff --git a/project-keeper/src/main/resources/templates/.github/workflows/ci-build-native-build.yml b/project-keeper/src/main/resources/templates/.github/workflows/ci-build-native-build.yml index 97a79a69..9d4f1d70 100644 --- a/project-keeper/src/main/resources/templates/.github/workflows/ci-build-native-build.yml +++ b/project-keeper/src/main/resources/templates/.github/workflows/ci-build-native-build.yml @@ -35,7 +35,7 @@ jobs: - name: Enable testcontainer reuse run: echo 'testcontainers.reuse.enable=true' > "$HOME/.testcontainers.properties" - name: Cache local Maven repository - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: ~/.m2/repository key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} @@ -44,7 +44,7 @@ jobs: - name: Run tests and build with Maven run: mvn --batch-mode --update-snapshots clean verify --file pom.xml -DtrimStackTrace=false - name: Cache SonarCloud packages - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: ~/.sonar/cache key: ${{ runner.os }}-sonar @@ -60,7 +60,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - name: Upload binary - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: executable-${{ matrix.os }} path: target/${{ github.event.repository.name }} diff --git a/project-keeper/src/main/resources/templates/.github/workflows/ci-build.yml b/project-keeper/src/main/resources/templates/.github/workflows/ci-build.yml index 7b4c1792..cfc33587 100644 --- a/project-keeper/src/main/resources/templates/.github/workflows/ci-build.yml +++ b/project-keeper/src/main/resources/templates/.github/workflows/ci-build.yml @@ -32,7 +32,7 @@ jobs: 17 cache: "maven" - name: Cache SonarCloud packages - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: ~/.sonar/cache key: ${{ runner.os }}-sonar diff --git a/project-keeper/src/main/resources/templates/.github/workflows/release_droid_prepare_original_checksum.yml b/project-keeper/src/main/resources/templates/.github/workflows/release_droid_prepare_original_checksum.yml index 2c72984b..ea8812b6 100644 --- a/project-keeper/src/main/resources/templates/.github/workflows/release_droid_prepare_original_checksum.yml +++ b/project-keeper/src/main/resources/templates/.github/workflows/release_droid_prepare_original_checksum.yml @@ -32,7 +32,7 @@ jobs: - name: Prepare checksum run: find target -maxdepth 1 -name *.jar -exec sha256sum "{}" + > original_checksum - name: Upload checksum to the artifactory - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: original_checksum retention-days: 5 diff --git a/scripts/build_diagrams.sh b/scripts/build_diagrams.sh new file mode 100755 index 00000000..b399f1bf --- /dev/null +++ b/scripts/build_diagrams.sh @@ -0,0 +1,34 @@ +#!/bin/bash + +set -o errexit +set -o nounset +set -o pipefail + +# This script builds all design diagrams + +base_dir="$( cd "$(dirname "$0")/.." >/dev/null 2>&1 ; pwd -P )" +readonly base_dir + +readonly diagrams_dir="$base_dir/doc/requirements/images" +readonly output_dir="$base_dir/doc/requirements/images" + +if [[ "$(ls -A "$output_dir"/*.svg)" ]]; then + echo "Deleting diagrams from $output_dir..." + rm "$output_dir"/*.svg +fi + +expected_diagram_count=$(find "$diagrams_dir" -name "*.plantuml" | wc --lines) +readonly expected_diagram_count + +echo "Building $expected_diagram_count diagrams..." +plantuml -tsvg -output "$output_dir" -failonerror -failonwarn -failfast2 "$diagrams_dir/**/*.plantuml" + +actual_diagram_count=$(find "$output_dir" -name "*.svg" | wc --lines) +readonly actual_diagram_count + +if [[ "$expected_diagram_count" -ne "$actual_diagram_count" ]]; then + echo "ERROR: Expected $expected_diagram_count diagrams but $actual_diagram_count were generated" + exit 1 +fi + +echo "All $actual_diagram_count diagrams were built successfully in $output_dir." diff --git a/shared-model-classes/pk_generated_parent.pom b/shared-model-classes/pk_generated_parent.pom index 0b397bd0..e5e3dba0 100644 --- a/shared-model-classes/pk_generated_parent.pom +++ b/shared-model-classes/pk_generated_parent.pom @@ -80,7 +80,7 @@ org.apache.maven.plugins maven-compiler-plugin - 3.11.0 + 3.12.1 ${java.version} ${java.version} @@ -118,7 +118,7 @@ org.codehaus.mojo flatten-maven-plugin - 1.5.0 + 1.6.0 true oss @@ -157,7 +157,7 @@ org.apache.maven.plugins maven-surefire-plugin - 3.2.3 + 3.2.5 @@ -338,7 +338,7 @@ com.exasol error-code-crawler-maven-plugin - 1.3.1 + 2.0.0 verify diff --git a/shared-test-setup/pk_generated_parent.pom b/shared-test-setup/pk_generated_parent.pom index c1109e2e..91f61d03 100644 --- a/shared-test-setup/pk_generated_parent.pom +++ b/shared-test-setup/pk_generated_parent.pom @@ -69,7 +69,7 @@ org.apache.maven.plugins maven-compiler-plugin - 3.11.0 + 3.12.1 ${java.version} ${java.version} @@ -107,7 +107,7 @@ org.codehaus.mojo flatten-maven-plugin - 1.5.0 + 1.6.0 true oss @@ -146,7 +146,7 @@ org.apache.maven.plugins maven-surefire-plugin - 3.2.3 + 3.2.5 @@ -241,7 +241,7 @@ com.exasol error-code-crawler-maven-plugin - 1.3.1 + 2.0.0 verify