From: Olivier Lamy Date: Sun, 10 Apr 2022 05:55:39 +0000 (+1000) Subject: dependabot and simple gh action (#63) X-Git-Tag: archiva-2.2.8~23 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=35f52243d8ee8d1f506323547624fad38fff8034;p=archiva.git dependabot and simple gh action (#63) Signed-off-by: Olivier Lamy --- diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 000000000..1cc272f74 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,28 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +version: 2 +updates: + - package-ecosystem: "maven" + directory: "/" + schedule: + interval: "daily" + + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "daily" diff --git a/.github/release-drafter.yml b/.github/release-drafter.yml new file mode 100644 index 000000000..f4995412b --- /dev/null +++ b/.github/release-drafter.yml @@ -0,0 +1,19 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +_extends: archiva-parent +tag-template: archiva-2.x-$NEXT_MINOR_VERSION \ No newline at end of file diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml new file mode 100644 index 000000000..741c01472 --- /dev/null +++ b/.github/workflows/maven.yml @@ -0,0 +1,48 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +name: GitHub CI + +on: + push: + pull_request: + + +jobs: + build: + + strategy: + matrix: + os: [ubuntu-latest] + java: [8] + fail-fast: true + + runs-on: ${{ matrix.os }} + + steps: + - name: Checkout + uses: actions/checkout@v2 + + - name: Set up JDK + uses: actions/setup-java@v2.3.1 + with: + distribution: temurin + java-version: ${{ matrix.java }} + cache: 'maven' + + - name: Build with Maven + run: mvn -e -B -V install diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml new file mode 100644 index 000000000..11a020297 --- /dev/null +++ b/.github/workflows/release-drafter.yml @@ -0,0 +1,29 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +name: Release Drafter +on: + push: + branches: + - archiva-2.x +jobs: + update_release_draft: + runs-on: ubuntu-latest + steps: + - uses: release-drafter/release-drafter@v5 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index af5cacd71..000000000 --- a/.travis.yml +++ /dev/null @@ -1,19 +0,0 @@ -language: java -jdk: - - openjdk7 - - oraclejdk7 - - oraclejdk8 - -before_install: "mvn clean install -DskipTests=true -B -V -Pci-build" - -script: "mvn clean install -B -V -Pit-js -Pci-build" - -cache: - directories: - - $HOME/.m2 -branches: - except: - - gh-pages -notifications: - email: - - olamy@apache.org diff --git a/archiva-modules/archiva-base/archiva-maven2-model/pom.xml b/archiva-modules/archiva-base/archiva-maven2-model/pom.xml index 249f7c38d..1867413e2 100644 --- a/archiva-modules/archiva-base/archiva-maven2-model/pom.xml +++ b/archiva-modules/archiva-base/archiva-maven2-model/pom.xml @@ -59,4 +59,21 @@ + + + jdk9+ + + [1.9,) + + + + + javax.xml.bind + jaxb-api + 2.3.1 + + + + + diff --git a/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-api/pom.xml b/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-api/pom.xml index 31e93f4e1..9a1acb35a 100644 --- a/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-api/pom.xml +++ b/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-api/pom.xml @@ -113,5 +113,21 @@ + + + jdk9+ + + [1.9,) + + + + + javax.xml.bind + jaxb-api + 2.3.1 + + + + diff --git a/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-default/src/main/java/org/apache/archiva/admin/repository/managed/DefaultManagedRepositoryAdmin.java b/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-default/src/main/java/org/apache/archiva/admin/repository/managed/DefaultManagedRepositoryAdmin.java index f398bca26..8f465b8c0 100644 --- a/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-default/src/main/java/org/apache/archiva/admin/repository/managed/DefaultManagedRepositoryAdmin.java +++ b/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-default/src/main/java/org/apache/archiva/admin/repository/managed/DefaultManagedRepositoryAdmin.java @@ -78,7 +78,7 @@ public class DefaultManagedRepositoryAdmin implements ManagedRepositoryAdmin { - private Logger log = LoggerFactory.getLogger( getClass() ); + private final Logger log = LoggerFactory.getLogger( getClass() ); public static final String STAGE_REPO_ID_END = "-stage"; @@ -169,7 +169,7 @@ public class DefaultManagedRepositoryAdmin return Collections.emptyList(); } - List managedRepos = new ArrayList( managedRepoConfigs.size() ); + List managedRepos = new ArrayList<>( managedRepoConfigs.size() ); for ( ManagedRepositoryConfiguration repoConfig : managedRepoConfigs ) { @@ -314,8 +314,7 @@ public class DefaultManagedRepositoryAdmin } catch ( Exception e ) { - log.warn( new StringBuilder( "Unable to scan repository [" ).append( repoId ).append( "]: " ).append( - e.getMessage() ).toString(), e ); + log.warn("Unable to scan repository [" + repoId + "]: " + e.getMessage(), e ); } return repository; @@ -377,18 +376,13 @@ public class DefaultManagedRepositoryAdmin deleteContent && context.getIndexDirectoryFile().exists() ); } } - catch ( PlexusSisuBridgeException e ) - { - throw new RepositoryAdminException( e.getMessage(), e ); - } - catch ( IOException e ) + catch ( PlexusSisuBridgeException | IOException e ) { throw new RepositoryAdminException( e.getMessage(), e ); } if ( !stagedOne ) { - RepositorySession repositorySession = getRepositorySessionFactory().createSession(); - try + try (RepositorySession repositorySession = getRepositorySessionFactory().createSession()) { MetadataRepository metadataRepository = repositorySession.getRepository(); metadataRepository.removeRepository( repository.getId() ); @@ -403,10 +397,6 @@ public class DefaultManagedRepositoryAdmin //throw new RepositoryAdminException( e.getMessage(), e ); log.warn( "skip error during removing repository from MetadataRepository:{}", e.getMessage(), e ); } - finally - { - repositorySession.close(); - } } config.removeManagedRepository( repository ); @@ -514,9 +504,8 @@ public class DefaultManagedRepositoryAdmin auditInformation, getArchivaConfiguration().getConfiguration() ); // Save the repository configuration. - RepositorySession repositorySession = getRepositorySessionFactory().createSession(); - try + try (RepositorySession repositorySession = getRepositorySessionFactory().createSession()) { triggerAuditEvent( managedRepositoryConfiguration.getId(), null, AuditEvent.MODIFY_MANAGED_REPO, auditInformation ); @@ -535,10 +524,6 @@ public class DefaultManagedRepositoryAdmin { throw new RepositoryAdminException( e.getMessage(), e ); } - finally - { - repositorySession.close(); - } if ( updateIndexContext ) { @@ -669,15 +654,7 @@ public class DefaultManagedRepositoryAdmin } return context; } - catch ( MalformedURLException e ) - { - throw new RepositoryAdminException( e.getMessage(), e ); - } - catch ( IOException e ) - { - throw new RepositoryAdminException( e.getMessage(), e ); - } - catch ( UnsupportedExistingLuceneIndexException e ) + catch ( IOException | UnsupportedExistingLuceneIndexException e ) { throw new RepositoryAdminException( e.getMessage(), e ); } @@ -736,7 +713,7 @@ public class DefaultManagedRepositoryAdmin } catch ( TaskQueueException e ) { - log.error( "failed to schedule scanning of repo with id {}", repositoryId, e ); + log.error( "failed to schedule scanning of repo with id " + repositoryId, e ); return false; } return true; diff --git a/archiva-modules/archiva-web/archiva-web-common/src/test/java/org/apache/archiva/upload/UploadArtifactsTest.java b/archiva-modules/archiva-web/archiva-web-common/src/test/java/org/apache/archiva/upload/UploadArtifactsTest.java index d55f866e7..f3d82cf97 100644 --- a/archiva-modules/archiva-web/archiva-web-common/src/test/java/org/apache/archiva/upload/UploadArtifactsTest.java +++ b/archiva-modules/archiva-web/archiva-web-common/src/test/java/org/apache/archiva/upload/UploadArtifactsTest.java @@ -19,19 +19,13 @@ package org.apache.archiva.upload; */ import com.fasterxml.jackson.jaxrs.json.JacksonJaxbJsonProvider; -import org.apache.archiva.admin.model.beans.RemoteRepository; import org.apache.archiva.redback.rest.api.model.User; -import org.apache.archiva.redback.rest.api.services.RoleManagementService; import org.apache.archiva.redback.rest.api.services.UserService; import org.apache.archiva.redback.rest.services.AbstractRestServicesTest; import org.apache.archiva.redback.rest.services.FakeCreateAdminService; -import org.apache.archiva.remotedownload.AbstractDownloadTest; import org.apache.archiva.rest.api.services.ArchivaRestServiceException; -import org.apache.archiva.security.common.ArchivaRoleConstants; import org.apache.archiva.test.utils.ArchivaBlockJUnit4ClassRunner; import org.apache.archiva.web.api.FileUploadService; -import org.apache.archiva.web.api.RuntimeInfoService; -import org.apache.archiva.web.model.ApplicationRuntimeInfo; import org.apache.archiva.web.model.FileMetadata; import org.apache.catalina.Context; import org.apache.catalina.LifecycleException; @@ -48,38 +42,22 @@ import org.apache.cxf.jaxrs.ext.multipart.ContentDisposition; import org.apache.cxf.jaxrs.ext.multipart.MultipartBody; import org.apache.cxf.message.Message; import org.apache.cxf.transport.servlet.CXFServlet; -import org.apache.maven.wagon.providers.http.HttpWagon; -import org.apache.maven.wagon.repository.Repository; -import org.eclipse.jetty.server.Server; -import org.eclipse.jetty.servlet.ServletContextHandler; -import org.eclipse.jetty.servlet.ServletHolder; import org.junit.After; -import org.junit.AfterClass; import org.junit.Before; -import org.junit.BeforeClass; import org.junit.Test; import org.junit.runner.RunWith; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; import org.slf4j.bridge.SLF4JBridgeHandler; import org.springframework.web.context.ContextLoaderListener; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import javax.ws.rs.ClientErrorException; -import java.io.File; import java.io.IOException; import java.net.URLEncoder; import java.nio.file.Files; import java.nio.file.Path; import java.nio.file.Paths; import java.nio.file.StandardCopyOption; +import java.sql.DriverManager; import java.util.Collections; -import java.util.List; -import java.util.zip.ZipEntry; -import java.util.zip.ZipFile; /** * @author Olivier Lamy @@ -98,6 +76,10 @@ public class UploadArtifactsTest System.setProperty( "org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH", "true" ); System.setProperty("appserver.base", Paths.get("target/appserver-base").toAbsolutePath().toString()); Path appServerBase = Paths.get("target/appserver-base"); + // trying to shutdown derby for file leak + DriverManager.getDriver("jdbc:derby:;shutdown=true"); + // to help cleaning files on Windows.... + System.gc(); FileUtils.deleteDirectory(appServerBase.toAbsolutePath().toFile()); Path confDir = appServerBase.resolve( "conf" ); if ( !Files.exists(confDir)) @@ -154,8 +136,8 @@ public class UploadArtifactsTest if (this.tomcat != null) { try { this.tomcat.stop(); - } catch (LifecycleException e) { - // + } catch (Exception e) { + log.info("ignore fail to stop Tomcat: " + e.getMessage(), e); } } System.clearProperty( "org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH" ); @@ -305,7 +287,7 @@ public class UploadArtifactsTest final Attachment fileAttachment = new AttachmentBuilder( ).object( Files.newInputStream( file ) ).contentDisposition( new ContentDisposition( "form-data; filename=\"" + file.getFileName( ).toString( ) + "\"; name=\"files[]\"" ) ).build( ); MultipartBody body = new MultipartBody( fileAttachment ); service.post( body ); - String relativePathEncoded = URLEncoder.encode( "../target/" + relativePath.toString( ), "UTF-8" ); + String relativePathEncoded = URLEncoder.encode( "../target/" + relativePath, "UTF-8" ); log.debug( "Trying to delete with path traversal: {}, {}", relativePath, relativePathEncoded ); try { diff --git a/archiva-modules/metadata/metadata-model/pom.xml b/archiva-modules/metadata/metadata-model/pom.xml index a38a8736f..420d1bcf4 100644 --- a/archiva-modules/metadata/metadata-model/pom.xml +++ b/archiva-modules/metadata/metadata-model/pom.xml @@ -55,4 +55,22 @@ + + + + jdk9+ + + [1.9,) + + + + + javax.xml.bind + jaxb-api + 2.3.1 + + + + + diff --git a/pom.xml b/pom.xml index fbbf7d060..1b56cc018 100644 --- a/pom.xml +++ b/pom.xml @@ -1803,6 +1803,7 @@ org.apache.maven.plugins maven-surefire-plugin + false ${jacocoagent} ${surefire.redirectTestOutputToFile} alphabetical @@ -1951,6 +1952,31 @@ + + jdk9+ + + [1.9,) + + + + + + com.webcohesion.enunciate + enunciate-maven-plugin + ${enunciate.version} + + + + javax.xml.bind + jaxb-api + 2.3.1 + + + + + + +