ARC-2003: Genesis

.github/dependabot.yml

@@ -0,0 +1,28 @@
+version: 2
+updates:
+  - package-ecosystem: maven
+    registries: "*"
+    directory: "/"
+    schedule:
+      interval: monthly
+    commit-message:
+      prefix: "NA:"
+    groups:
+      maven-non-breaking-changes:
+        update-types:
+          - 'minor'
+          - 'patch'
+  - package-ecosystem: docker
+    registries: "*"
+    directory: "/"
+    schedule:
+      interval: monthly
+    commit-message:
+      prefix: "NA:"
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: monthly
+    registries: '*'
+    commit-message:
+      prefix: 'NA:'

.github/workflows/latest.yml

@@ -0,0 +1,38 @@
+name: Build and Publish the latest and greatest Application Image
+
+on:
+  push:
+    branches:
+      - main
+
+env:
+  REGISTRY: ghcr.io
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Setup Java
+        uses: actions/setup-java@v4
+        with:
+          java-version: 21
+          distribution: 'temurin'
+          cache: 'maven'
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      - id: buildx
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Build and push Image
+        run: |
+          make dist RELEASE_TAG=latest
+    permissions:
+      contents: read
+      packages: write

.github/workflows/notify-github-issues.yml

@@ -0,0 +1,19 @@
+name: Send Google Chat notification when an issue is opened
+
+on:
+  issues:
+    types: [opened, reopened]
+
+jobs:
+  notify-google-chat:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: 'read'
+      id-token: 'write'
+    steps:
+      - id: 'notify_google_chat'
+        uses: 'google-github-actions/send-google-chat-webhook@v0.0.2'
+        with:
+          webhook_url: '${{ secrets.GOOGLE_CHAT_GAIA_SUPPORT_CHANNEL }}'
+          mention: "<users/all>"
+

.github/workflows/release.yml

@@ -0,0 +1,62 @@
+name: Build and Publish a tagged Application Image
+
+on:
+  push:
+    tags:
+      - 'v[0-9]+.[0-9]+.[0-9]+-[a-z]+.[0-9]+'
+      - 'v[0-9]+.[0-9]+.[0-9]+'
+
+env:
+  REGISTRY: ghcr.io
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      packages: write
+    steps:
+      - uses: actions/checkout@v4
+      - name: Setup Java
+        uses: actions/setup-java@v4
+        with:
+          java-version: 21
+          distribution: 'temurin'
+          cache: 'maven'
+      - name: Get version
+        id: version
+        run: |
+          echo "parsing version from ref '$GITHUB_REF'"
+          VERSION=$(echo "$GITHUB_REF" | sed -e 's|.*/v\(.*\)|\1|g')
+          echo "version=$VERSION" >> $GITHUB_OUTPUT
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      - id: buildx
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Update Version
+        env:
+          VERSION: ${{ steps.version.outputs.version }}
+        run: |
+          echo "updating version to '$VERSION'"
+          make update-version "VERSION=$VERSION"
+      - name: Build and push Image
+        env:
+          VERSION: ${{ steps.version.outputs.version }}
+        run: |
+          make dist RELEASE_TAG=v$VERSION
+      - name: Release
+        uses: softprops/action-gh-release@v2
+        if: startsWith(github.ref, 'refs/tags/')
+        with:
+          name: ${{ steps.version.outputs.version }}
+          body: |
+            Docker image: `ghcr.io/oviva-ag/epa-fm-watchdog:v${{ steps.version.outputs.version }}`
+          files: |
+            target/epa-fm-watchdog-jar-with-dependencies.jar

.github/workflows/spotless.yml

@@ -0,0 +1,31 @@
+name: Spotless Linter
+
+on:
+  push:
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: read
+      checks: write
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v4
+      - name: Setup Java
+        uses: actions/setup-java@v4
+        with:
+          java-version: 21
+          distribution: 'temurin'
+          cache: 'maven'
+      - name: run spotless
+        id: spotless
+        run: ./mvnw -B spotless:check
+      - name: check spotless
+        if: always()
+        uses: oviva-ag/checks-action@v2.0.0
+        with:
+          name: Check spotless output
+          token: ${{ secrets.GITHUB_TOKEN }}
+          conclusion: ${{ steps.spotless.outcome }}

.github/workflows/unit-tests.yml

@@ -0,0 +1,41 @@
+name: Unit Tests
+
+on:
+  push:
+    branches:
+      - 'main'
+  pull_request:
+    types: [ opened, synchronize, reopened ]
+    paths-ignore:
+      - '.github/**'
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: Setup Java
+        uses: actions/setup-java@v4
+        with:
+          java-version: 21
+          distribution: 'temurin'
+          cache: 'maven'
+      - name: Run unit tests
+        run: ./mvnw -B verify
+#      - name: Cache SonarCloud packages
+#        if: ${{ github.event.pull_request == null || github.event.pull_request.head.repo.full_name == 'oviva-ag/epa-fm-watchdog' }}
+#        uses: actions/cache@v4
+#        with:
+#          path: ~/.sonar/cache
+#          key: ${{ runner.os }}-sonar
+#          restore-keys: ${{ runner.os }}-sonar
+#      - name: Run Sonar
+#        if: ${{ github.event.pull_request == null || github.event.pull_request.head.repo.full_name == 'oviva-ag/epa-fm-watchdog' }}
+#        env:
+#          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+#          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+#        run: ./mvnw -B org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
+
+

.gitignore

@@ -0,0 +1,11 @@
+.idea/
+.vscode/
+*.iml
+target/
+.flattened-pom.xml
+*_jwks.json
+env.properties
+*.pem
+*.p12
+dependency-reduced-pom.xml
+.DS_Store

.java-version

@@ -0,0 +1 @@
+21

.mvn/wrapper/maven-wrapper.properties

@@ -0,0 +1,19 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+wrapperVersion=3.3.2
+distributionType=only-script
+distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.9.8/apache-maven-3.9.8-bin.zip

CODEOWNERS

@@ -0,0 +1 @@
+*       thomas.richner@oviva.com franco.grbac@oviva.com

Dockerfile

@@ -0,0 +1,52 @@
+FROM registry.access.redhat.com/ubi9/ubi-minimal:9.4
+
+LABEL org.opencontainers.image.source="https://github.com/oviva-ag/epa-fm-watchdog"
+
+ARG JAVA_PACKAGE=java-21-openjdk-headless
+ARG RUN_JAVA_VERSION=1.3.8
+ARG OTEL_AGENT_VERSION=v2.6.0
+
+ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en'
+
+# Install java and the run-java script
+# Also set up permissions for user `1001`
+RUN <<EOF
+microdnf -y update
+microdnf -y install ca-certificates ${JAVA_PACKAGE}
+microdnf clean all
+mkdir /deployments
+chown 1001 /deployments
+chmod "g+rwX" /deployments
+chown 1001:root /deployments
+curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh
+chown 1001 /deployments/run-java.sh
+chmod 540 /deployments/run-java.sh
+curl "https://github.com/open-telemetry/opentelemetry-java-instrumentation/releases/download/${OTEL_AGENT_VERSION}/opentelemetry-javaagent.jar" -o opentelemetry-javaagent.jar -L
+echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/conf/security/java.security
+echo "securerandom.strongAlgorithms=NativePRNGNonBlocking:SUN,DRBG:SUN" >> /etc/alternatives/jre/conf/security/java.security
+EOF
+
+# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size.
+ENV JAVA_OPTIONS="-javaagent:/opentelemetry-javaagent.jar"
+
+# Configure OpenTelemetry
+ENV OTEL_JAVAAGENT_DEBUG=false
+ENV OTEL_JAVAAGENT_ENABLED=false
+ENV OTEL_METRICS_EXPORTER=none
+ENV OTEL_LOGS_EXPORTER=none
+ENV OTEL_TRACES_EXPORTER=otlp
+ENV OTEL_EXPORTER_OTLP_TRACES_PROTOCOL=grpc
+
+## Allowlist instrumented components for faster startup
+ENV OTEL_INSTRUMENTATION_COMMON_DEFAULT_ENABLED=false
+ENV OTEL_INSTRUMENTATION_JAVA_HTTP_CLIENT_ENABLED=true
+ENV OTEL_INSTRUMENTATION_JAXRS_ENABLED=false
+ENV OTEL_INSTRUMENTATION_UNDERTOW_ENABLED=true
+
+COPY --chown=1001 target/epa-fm-watchdog-jar-with-dependencies.jar /deployments/
+
+USER 1001
+
+EXPOSE 8080
+
+ENTRYPOINT [ "/deployments/run-java.sh" ]