Merge pull request #52 from FAIRDataTeam/release/0.1.0

Release 0.1.0

.github/dependabot.yml

@@ -0,0 +1,17 @@
+version: 2
+updates:
+  - package-ecosystem: "maven"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    target-branch: "develop"
+    labels:
+      - "dependencies"
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    target-branch: "develop"
+    labels:
+      - "dependencies"

.github/workflows/build.yml

@@ -0,0 +1,149 @@
+name: "Build"
+
+on:
+  push:
+  pull_request:
+
+jobs:
+
+  test:
+    name: Maven Test & Package
+    runs-on: ubuntu-latest
+
+    env:
+      JAVA_DISTRIBUTION: temurin
+      JAVA_VERSION: 17
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Setup Java
+        uses: actions/setup-java@v3
+        with:
+          distribution: ${{ env.JAVA_DISTRIBUTION }}
+          java-version: ${{ env.JAVA_VERSION }}
+          cache: 'maven'
+
+      - name: Verify Maven and Java
+        run: |
+          mvn --version
+
+      - name: Run tests
+        run: |
+          mvn --quiet -U -B org.jacoco:jacoco-maven-plugin:prepare-agent test -Dspring.profiles.active=ci
+
+      - name: Build package
+        run: |
+          mvn --quiet -B -U --fail-fast -DskipTests package
+
+  docker:
+    name: Docker build
+    runs-on: ubuntu-latest
+    needs: test
+
+    env:
+      PUBLIC_IMAGE: fairdata/fairdatastation
+      PRIVATE_IMAGE: ${{ secrets.PRIVATE_REGISTRY_URL }}/fairdatastation
+      PRIVATE_REGISTRY_URL: ${{ secrets.PRIVATE_REGISTRY_URL }}
+      DOCKER_HUB_USERNAME: ${{ secrets.DOCKER_HUB_USERNAME }}
+
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Check available platforms
+        run: echo ${{ steps.buildx.outputs.platforms }}
+
+      - name: Docker meta [test]
+        id: meta-test
+        uses: docker/metadata-action@v4
+        with:
+          images: |
+            ${{ env.PUBLIC_IMAGE }}
+          tags: |
+            type=sha
+      - name: Docker build+push [test]
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          file: ./Dockerfile
+          platforms: linux/amd64,linux/arm64
+          push: false
+          tags: ${{ steps.meta-test.outputs.tags }}
+          labels: ${{ steps.meta-test.outputs.labels }}
+
+      # PRIVATE: DOCKER REGISTRY
+      - name: Docker login [private]
+        if: github.event_name == 'push' && env.PRIVATE_REGISTRY_URL != ''
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ secrets.PRIVATE_REGISTRY_URL }}
+          username: ${{ secrets.PRIVATE_REGISTRY_USERNAME }}
+          password: ${{ secrets.PRIVATE_REGISTRY_PASSWORD }}
+
+      - name: Docker meta [private]
+        id: meta-private
+        if: github.event_name == 'push' && env.PRIVATE_REGISTRY_URL != ''
+        uses: docker/metadata-action@v4
+        with:
+          images: |
+            ${{ env.PRIVATE_IMAGE }}
+          tags: |
+            type=ref,event=branch
+            type=semver,pattern={{version}}
+
+      - name: Docker build+push [private]
+        uses: docker/build-push-action@v4
+        if: github.event_name == 'push' && env.PRIVATE_REGISTRY_URL != '' && steps.meta-private.outputs.tags != ''
+        with:
+          context: .
+          file: ./Dockerfile
+          platforms: linux/amd64,linux/arm64
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta-private.outputs.tags }}
+          labels: ${{ steps.meta-private.outputs.labels }}
+
+      # PUBLIC: DOCKER HUB
+      - name: Docker login [public]
+        if: github.event_name == 'push' && env.DOCKER_HUB_USERNAME != ''
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_PASSWORD }}
+
+      - name: Docker meta [public]
+        id: meta-public
+        if: github.event_name == 'push' && env.DOCKER_HUB_USERNAME != ''
+        uses: docker/metadata-action@v4
+        with:
+          images: |
+            ${{ env.PUBLIC_IMAGE }}
+          tags: |
+            type=raw,value=develop,enable=${{ github.ref == format('refs/heads/{0}', 'develop') }}
+            type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'master') }}
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}},enable=${{ !startsWith(github.ref, 'refs/tags/v0.') }}
+
+      - name: Docker build+push [public]
+        uses: docker/build-push-action@v4
+        if: github.event_name == 'push' && env.DOCKER_HUB_USERNAME != '' && steps.meta-public.outputs.tags != ''
+        with:
+          context: .
+          file: ./Dockerfile
+          platforms: linux/amd64,linux/arm64
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta-public.outputs.tags }}
+          labels: ${{ steps.meta-public.outputs.labels }}

.github/workflows/code-style.yml

@@ -0,0 +1,76 @@
+name: "Code Style"
+
+on:
+  push:
+  pull_request:
+
+jobs:
+
+  checkstyle:
+    name: Checkstyle
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Setup Java
+        uses: actions/setup-java@v3
+        with:
+          distribution: 'temurin'
+          java-version: '17'
+          cache: 'maven'
+
+      - name: Verify Maven and Java
+        run: |
+          mvn --version
+
+      - name: Run Checkstyle
+        run: |
+          mvn -B checkstyle:checkstyle
+
+  spotbugs:
+    name: SpotBugs
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Setup Java
+        uses: actions/setup-java@v3
+        with:
+          distribution: 'temurin'
+          java-version: '17'
+          cache: 'maven'
+
+      - name: Verify Maven and Java
+        run: |
+          mvn --version
+
+      - name: Run SpotBugs
+        run: |
+          mvn -B spotbugs:check
+
+  license-head:
+    name: License Headers
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Setup Java
+        uses: actions/setup-java@v3
+        with:
+          distribution: 'temurin'
+          java-version: '17'
+          cache: 'maven'
+
+      - name: Verify Maven and Java
+        run: |
+          mvn --version
+
+      - name: Check license
+        run: |
+          mvn -B license:check

.github/workflows/security.yml

@@ -0,0 +1,93 @@
+name: "Security Audit"
+
+on:
+  push:
+    branches: [ develop, master ]
+  pull_request:
+    branches: [ develop ]
+  schedule:
+    - cron: '23 4 * * 1'
+
+jobs:
+  codeql:
+    name: CodeQL
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Setup Java
+        uses: actions/setup-java@v2
+        with:
+          distribution: 'temurin'
+          java-version: '17'
+          cache: 'maven'
+
+      - name: Verify Maven and Java
+        run: |
+          mvn --version
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: 'java'
+
+      - name: Build package
+        run: |
+          mvn --quiet -B -U --fail-fast -DskipTests package
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2
+
+  snyk:
+    name: Snyk (Maven)
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    steps:
+
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Perform Snyk Check (Maven)
+        uses: snyk/actions/maven@master
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          args: --severity-threshold=critical
+
+  snyk-docker:
+    name: Snyk (Docker)
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    steps:
+
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Docker build
+        run: |
+          docker build -t fdp:snyk-test -f Dockerfile .
+
+      - name: Perform Snyk Check (Docker)
+        uses: snyk/actions/docker@master
+        continue-on-error: true
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          image: fdp:snyk-test
+          args: --severity-threshold=critical

.gitignore

@@ -0,0 +1,36 @@
+HELP.md
+target/
+!.mvn/wrapper/maven-wrapper.jar
+!**/src/main/**/target/
+!**/src/test/**/target/
+
+### STS ###
+.apt_generated
+.classpath
+.factorypath
+.project
+.settings
+.springBeans
+.sts4-cache
+
+### IntelliJ IDEA ###
+.idea
+*.iws
+*.iml
+*.ipr
+
+### NetBeans ###
+/nbproject/private/
+/nbbuild/
+/dist/
+/nbdist/
+/.nb-gradle/
+build/
+!**/src/main/**/build/
+!**/src/test/**/build/
+
+### VS Code ###
+.vscode/
+
+### Custom ###
+logs/

CHANGELOG.md

@@ -7,9 +7,13 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
 
+
+## [0.1.0]
+
 ### Added
 
 - Initiated FAIR Data Station project
 
 
 [Unreleased]: /../../compare/master...develop
+[0.1.0]: /../../tree/v0.1.0