add gh action, dependabot and release-drafter and get rid of travis (#65)

* add gh action, dependabot and release-drafter and get rid of travis * move owasp check in a separate profile Signed-off-by: Olivier Lamy <olamy@apache.org>
2022-04-11 14:11:45 +10:00 · 2022-04-11 14:11:45 +10:00 · 6f4b08e4ad
parent eb489a1dee
commit 6f4b08e4ad
8 changed files with 109 additions and 66 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -31,5 +31,13 @@ updates:

  - package-ecosystem: "github-actions"
    directory: "/"
+    target-branch: "archiva-2.x"
    schedule:
      interval: "daily"
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    target-branch: "master"
+    schedule:
+      interval: "daily"
+
--- a/.github/release-drafter.yml
+++ b/.github/release-drafter.yml
@ -16,3 +16,4 @@
 # under the License.

 _extends: archiva-parent
+tag-template: archiva-$NEXT_MINOR_VERSION
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@ -0,0 +1,48 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+name: GitHub CI
+
+on:
+  push:
+  pull_request:
+
+
+jobs:
+  build:
+
+    strategy:
+      matrix:
+        os: [ubuntu-latest]
+        java: [8, 11]
+      fail-fast: false
+
+    runs-on: ${{ matrix.os }}
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Set up JDK
+        uses: actions/setup-java@v2.3.1
+        with:
+          distribution: temurin
+          java-version: ${{ matrix.java }}
+          cache: 'maven'
+
+      - name: Build with Maven
+        run: mvn -e -B -V install -Pci-build -T2
--- a/.github/workflows/release-drafter.yml
+++ b/.github/workflows/release-drafter.yml
@ -14,16 +14,16 @@
 # KIND, either express or implied.  See the License for the
 # specific language governing permissions and limitations
 # under the License.
-   
 name: Release Drafter
 on:
  push:
    branches:
      - master
+      - archiva-2.x
 jobs:
  update_release_draft:
    runs-on: ubuntu-latest
    steps:
-      - uses: release-drafter/release-drafter@v5.18.1
+      - uses: release-drafter/release-drafter@v5
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
--- a/.travis.yml
+++ b/.travis.yml
@ -1,17 +0,0 @@
-language: java
-dist: xenial
-jdk:
-  - openjdk8
-
-install: "mvn clean install -DskipTests=true -B -V -Pci-build"
-
-script: "mvn clean install -B -V -Pci-build"
-
-cache:
-    directories:
-    - $HOME/.m2
-
-branches:
-    except:
-        - gh-pages
-
--- a/2
+++ b/2
@ -149,7 +149,7 @@ pipeline {
                                        {
                                            sh "chmod 755 ./src/ci/scripts/prepareWorkspace.sh"
                                            sh "./src/ci/scripts/prepareWorkspace.sh"
-                                            sh "mvn clean install -U -B -e -fae -Dorg.slf4j.simpleLogger.showThreadName=true -Dmaven.compiler.fork=true -Pci-build -T${THREADS}"
+                                            sh "mvn clean install -U -B -e -fae -Dorg.slf4j.simpleLogger.showThreadName=true -Pci-build -T${THREADS}"
                                        }
                            }
                        }
--- a/archiva-modules/archiva-web/archiva-webapp/pom.xml
+++ b/archiva-modules/archiva-web/archiva-webapp/pom.xml
@ -840,30 +840,6 @@
          </systemPropertyVariables>
        </configuration>
      </plugin>
-
-
-
-
-      <plugin>
-        <groupId>org.owasp</groupId>
-        <artifactId>dependency-check-maven</artifactId>
-        <version>6.0.4</version>
-        <configuration>
-          <skipProvidedScope>true</skipProvidedScope>
-          <failBuildOnCVSS>8</failBuildOnCVSS>
-          <suppressionFile>${project.basedir}/src/main/resources/META-INF/owasp/cve-suppressions.xml</suppressionFile>
-          <ossindexAnalyzerEnabled>false</ossindexAnalyzerEnabled>
-          <assemblyAnalyzerEnabled>false</assemblyAnalyzerEnabled>
-          <nodeAnalyzerEnabled>false</nodeAnalyzerEnabled>
-        </configuration>
-        <executions>
-          <execution>
-            <goals>
-              <goal>check</goal>
-            </goals>
-          </execution>
-        </executions>
-      </plugin>
    </plugins>
  </build>

@ -874,6 +850,33 @@
        <archiva.repositorySessionFactory.id>cassandra</archiva.repositorySessionFactory.id>
      </properties>
    </profile>
+    <profile>
+      <id>owasp</id>
+      <build>
+        <plugins>
+          <plugin>
+            <groupId>org.owasp</groupId>
+            <artifactId>dependency-check-maven</artifactId>
+            <version>6.0.4</version>
+            <configuration>
+              <skipProvidedScope>true</skipProvidedScope>
+              <failBuildOnCVSS>8</failBuildOnCVSS>
+              <suppressionFile>${project.basedir}/src/main/resources/META-INF/owasp/cve-suppressions.xml</suppressionFile>
+              <ossindexAnalyzerEnabled>false</ossindexAnalyzerEnabled>
+              <assemblyAnalyzerEnabled>false</assemblyAnalyzerEnabled>
+              <nodeAnalyzerEnabled>false</nodeAnalyzerEnabled>
+            </configuration>
+            <executions>
+              <execution>
+                <goals>
+                  <goal>check</goal>
+                </goals>
+              </execution>
+            </executions>
+          </plugin>
+        </plugins>
+      </build>
+    </profile>
  </profiles>

 </project>
--- a/pom.xml
+++ b/pom.xml
@ -2179,17 +2179,17 @@
        <enabled>true</enabled>
      </snapshots>
    </repository>
-    <repository>
-      <id>jetty.snapshots</id>
-      <name>Jetty Snapshots</name>
-      <url>https://oss.sonatype.org/content/repositories/jetty-snapshots/</url>
-      <releases>
-        <enabled>false</enabled>
-      </releases>
-      <snapshots>
-        <enabled>true</enabled>
-      </snapshots>
-    </repository>
+<!--    <repository>-->
+<!--      <id>jetty.snapshots</id>-->
+<!--      <name>Jetty Snapshots</name>-->
+<!--      <url>https://oss.sonatype.org/content/repositories/jetty-snapshots/</url>-->
+<!--      <releases>-->
+<!--        <enabled>false</enabled>-->
+<!--      </releases>-->
+<!--      <snapshots>-->
+<!--        <enabled>true</enabled>-->
+<!--      </snapshots>-->
+<!--    </repository>-->
  </repositories>
  <pluginRepositories>
    <pluginRepository>
@ -2203,16 +2203,16 @@
        <enabled>true</enabled>
      </snapshots>
    </pluginRepository>
-    <pluginRepository>
-      <id>jetty.snapshots</id>
-      <name>Jetty Snapshots</name>
-      <url>https://oss.sonatype.org/content/repositories/jetty-snapshots/</url>
-      <releases>
-        <enabled>false</enabled>
-      </releases>
-      <snapshots>
-        <enabled>true</enabled>
-      </snapshots>
-    </pluginRepository>
+<!--    <pluginRepository>-->
+<!--      <id>jetty.snapshots</id>-->
+<!--      <name>Jetty Snapshots</name>-->
+<!--      <url>https://oss.sonatype.org/content/repositories/jetty-snapshots/</url>-->
+<!--      <releases>-->
+<!--        <enabled>false</enabled>-->
+<!--      </releases>-->
+<!--      <snapshots>-->
+<!--        <enabled>true</enabled>-->
+<!--      </snapshots>-->
+<!--    </pluginRepository>-->
  </pluginRepositories>
 </project>