Skip to content

Commit

Permalink
Code cleanup (#156)
Browse files Browse the repository at this point in the history 
* Code adjustments to resolve Java compile and PMD warnings.

* Updating to latest OSCAL development build.

* Advancing the common POM version.

* Improvements to GHA workflows to speed up the build.
Configured the toolchains plugin to provide consistent build toolchains.

* Synced workflows with latest metaschema-java build improvements.

* Fixed GHA syntax error.

* Completed more build cleanup.

* Silenced some minor spotbugs errors.
Some code reformatting.
  • Loading branch information
@david-waltermire
david-waltermire authored Jul 14, 2023
1 parent c3958e9 commit 1e62f84
Show file tree
Hide file tree
Showing 54 changed files with 415 additions and 380 deletions.
77 changes: 36 additions & 41 deletions .github/workflows/build.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,85 +3,80 @@ on:
branches:
- main
- develop
- release-*
pull_request:
types: [opened, synchronize, reopened]
branches:
- main
- develop
- release-*
workflow_dispatch:
name: Build and Test Code
jobs:
build-artifacts:
name: Build and Test Java Artifacts
name: Build Java Artifacts
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.0.2
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9
with:
token: ${{ github.token }}
submodules: recursive
fetch-depth: 0
# -------------------------
# Java JDK 11
- name: Set up JDK 11
uses: actions/setup-java@5ffc13f4174014e2d4d4572b3d74c3fa61aeb2c2 # v3.3.0
# Java
# -------------------------
- name: Set up Maven
uses: stCarolas/setup-maven@07fbbe97d97ef44336b7382563d66743297e442f
with:
maven-version: 3.9.3
- name: Set up JDK 11 (build only)
if: ${{ !((github.event_name == 'push' || github.event_name == 'workflow_dispatch') && github.ref_name == 'develop') }}
uses: actions/setup-java@5ffc13f4174014e2d4d4572b3d74c3fa61aeb2c2
with:
java-version: 11
distribution: 'temurin'
cache: 'maven'
- name: Set up JDK 11 (deploy)
if: (github.event_name == 'push' || github.event_name == 'workflow_dispatch') && github.ref_name == 'develop'
uses: actions/setup-java@5ffc13f4174014e2d4d4572b3d74c3fa61aeb2c2
with:
java-version: 11
distribution: 'temurin'
cache: 'maven'
server-id: ossrh # Value of the distributionManagement/repository/id field of the pom.xml
server-username: MAVEN_USERNAME # env variable for username in deploy
server-password: MAVEN_CENTRAL_TOKEN # env variable for token in deploy
gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} # Value of the GPG private key to import
gpg-passphrase: MAVEN_GPG_PASSPHRASE # env variable for GPG private key passphrase
- name: Initialize CodeQL
if: github.event_name == 'push'
uses: github/codeql-action/init@46ed16ded91731b2df79a2893d3aea8e9f03b5c4 # v2.1.12
uses: github/codeql-action/init@46ed16ded91731b2df79a2893d3aea8e9f03b5c4
with:
languages: java
# -------------------------
# Maven Build
- name: Build and run tests (develop)
id: maven-build-develop
if: ((github.event_name == 'push' || github.event_name == 'workflow_dispatch') && github.ref_name == 'develop') || (github.event_name == 'pull_request' && github.base_ref == 'develop')
# -------------------------
- name: Build and Test Code
run: |
mvn -Preporting verify
- name: Build and run tests (main)
if: steps.maven-build-develop.conclusion == 'skipped'
mvn -B -e -Prelease -Preporting install
- name: Test Website
run: |
mvn -Prelease -Preporting verify
# this needs to be run as a second build to ensure source is fully generated by the previous step
mvn -B -e -Prelease -Preporting install site site:stage
- name: Perform CodeQL Analysis
if: github.event_name == 'push'
uses: github/codeql-action/analyze@46ed16ded91731b2df79a2893d3aea8e9f03b5c4 # v2.1.12
deploy-snapshot:
name: Deploy SNAPSHOT Release
if: (github.event_name == 'push' || github.event_name == 'workflow_dispatch') && github.ref_name == 'develop'
needs: build-artifacts
runs-on: ubuntu-latest
permissions:
actions: read
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.0.2
with:
token: ${{ github.token }}
submodules: recursive
# -------------------------
# Java JDK 11
- name: Set up JDK 11
uses: actions/setup-java@5ffc13f4174014e2d4d4572b3d74c3fa61aeb2c2 # v3.3.0
with:
java-version: 11
distribution: 'temurin'
cache: 'maven'
server-id: ossrh # Value of the distributionManagement/repository/id field of the pom.xml
server-username: MAVEN_USERNAME # env variable for username in deploy
server-password: MAVEN_CENTRAL_TOKEN # env variable for token in deploy
gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} # Value of the GPG private key to import
gpg-passphrase: MAVEN_GPG_PASSPHRASE # env variable for GPG private key passphrase
uses: github/codeql-action/analyze@46ed16ded91731b2df79a2893d3aea8e9f03b5c4
# -------------------------
# Maven Deploy
# -------------------------
- name: Deploy Maven Artifact SNAPSHOTs
- name: Deploy SNAPSHOTs
if: (github.event_name == 'push' || github.event_name == 'workflow_dispatch') && github.ref_name == 'develop'
run: |
mvn -Pgpg -Preporting deploy
mvn -B -e -Pgpg -Prelease -Preporting deploy -Dmaven.deploy.skip=releases
env:
MAVEN_USERNAME: ${{ secrets.SONATYPE_USERNAME }}
MAVEN_CENTRAL_TOKEN: ${{ secrets.SONATYPE_PASSWORD }}
Expand Down
25 changes: 15 additions & 10 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ on:
push:
tags:
- "v*"
workflow_dispatch:
name: Deploy Tagged Release
jobs:
deploy-to-nexus:
Expand All @@ -17,7 +18,12 @@ jobs:
submodules: recursive
fetch-depth: 0
# -------------------------
# Java JDK 11
# Java
# -------------------------
- name: Set up Maven
uses: stCarolas/setup-maven@07fbbe97d97ef44336b7382563d66743297e442f
with:
maven-version: 3.9.3
- name: Set up JDK 11
uses: actions/setup-java@5ffc13f4174014e2d4d4572b3d74c3fa61aeb2c2 # v3.3.0
with:
Expand All @@ -33,20 +39,19 @@ jobs:
# -------------------------
# Maven Site
# -------------------------
# - name: Build Website
# run: |
# mvn -Preporting -Prelease package site site:stage
# working-directory: ${{ env.REPO_PATH }}
# - name: Run deploy script
# run: |
# touch target/staging/.nojekyll
# bash .github/workflows/deploy.sh --push-only -v -m "Deploying website [ci skip]"
- name: Build Website
run: |
mvn -B -e -Pgpg -Prelease -Preporting install site site:stage
- name: Run Website Deploy Script
run: |
touch target/staging/.nojekyll
bash .github/workflows/deploy.sh --push-only -v -m "Deploying website [ci skip]"
# -------------------------
# Maven Deploy
# -------------------------
- name: Deploy Maven Artifacts
run: |
mvn -s $GITHUB_WORKSPACE/settings.xml -Pgpg -Prelease -Preporting deploy
mvn -B -e -Pgpg -Prelease -Preporting deploy
# mvn -Pgpg -Prelease nexus-staging:close -DstagingDescription="closing to release"
env:
MAVEN_USERNAME: ${{ secrets.SONATYPE_USERNAME }}
Expand Down
5 changes: 3 additions & 2 deletions .gitignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
.factorypath
.pmd
.pmdruleset.xml
/target/
target/
pom.xml.releaseBackup
/release.properties
release.properties
.fbExcludeFilterFile
83 changes: 28 additions & 55 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<parent>
<groupId>gov.nist.secauto</groupId>
<artifactId>oss-parent</artifactId>
<version>24-SNAPSHOT</version>
<version>25-SNAPSHOT</version>
</parent>

<groupId>gov.nist.secauto.oscal</groupId>
Expand Down Expand Up @@ -121,7 +121,7 @@
<project.build.resourceEncoding>UTF-8</project.build.resourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>

<dependency.metaschema-framework.version>0.11.0-SNAPSHOT</dependency.metaschema-framework.version>
<dependency.metaschema-framework.version>0.12.0-SNAPSHOT</dependency.metaschema-framework.version>

<dependency.auto-service.version>1.0.1</dependency.auto-service.version>
<dependency.commons-lang3.version>3.12.0</dependency.commons-lang3.version>
Expand All @@ -133,11 +133,11 @@
<dependency.spotbugs-annotations.version>4.7.3</dependency.spotbugs-annotations.version>
<dependency.xmlresolver.version>4.6.0</dependency.xmlresolver.version>

<plugin.license.version>4.0.rc1</plugin.license.version>
<cyclonedx.schema.version>1.3</cyclonedx.schema.version>
<plugin.cyclonedx.version>2.7.3</plugin.cyclonedx.version>
<plugin.maven-toolchains.version>3.1.0</plugin.maven-toolchains.version>
<plugin.spotbugs.version>4.7.3.4</plugin.spotbugs.version>

<cyclonedx.schema.version>1.3</cyclonedx.schema.version>
<oscal-content.commit>main</oscal-content.commit>
</properties>

Expand Down Expand Up @@ -307,6 +307,26 @@
</resources>
<pluginManagement>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-toolchains-plugin</artifactId>
<version>${plugin.maven-toolchains.version}</version>
<executions>
<execution>
<goals>
<goal>toolchain</goal>
</goals>
</execution>
</executions>
<configuration>
<toolchains>
<jdk>
<version>11</version>
<vendor>temurin</vendor>
</jdk>
</toolchains>
</configuration>
</plugin>
<plugin>
<groupId>com.mycila</groupId>
<artifactId>license-maven-plugin</artifactId>
Expand Down Expand Up @@ -387,6 +407,10 @@
</plugins>
</pluginManagement>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-toolchains-plugin</artifactId>
</plugin>
<plugin>
<groupId>io.github.git-commit-id</groupId>
<artifactId>git-commit-id-maven-plugin</artifactId>
Expand Down Expand Up @@ -647,59 +671,8 @@
<groupId>org.cyclonedx</groupId>
<artifactId>cyclonedx-maven-plugin</artifactId>
</plugin>
<plugin>
<groupId>com.github.spotbugs</groupId>
<artifactId>spotbugs-maven-plugin</artifactId>
<configuration>
<effort>Max</effort>
<threshold>Normal</threshold>
<xmlOutput>true</xmlOutput>
</configuration>
<executions>
<execution>
<goals>
<goal>check</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>

<profile>
<id>reporting</id>
<reporting>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-project-info-reports-plugin</artifactId>
<reportSets>
<reportSet>
<reports>
<report>summary</report>
<report>licenses</report>
<report>modules</report>
<report>team</report>
<report>mailing-lists</report>
<report>scm</report>
<report>issue-management</report>
<report>dependencies</report>
<report>dependency-info</report>
<report>dependency-convergence</report>
<report>dependency-management</report>
<report>plugins</report>
</reports>
</reportSet>
</reportSets>
</plugin>
<plugin>
<groupId>com.github.spotbugs</groupId>
<artifactId>spotbugs-maven-plugin</artifactId>
<version>${plugin.spotbugs.version}</version>
</plugin>
</plugins>
</reporting>
</profile>
</profiles>
</project>
8 changes: 1 addition & 7 deletions spotbugs-exclude.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,16 +4,10 @@
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="https://github.com/spotbugs/filter/3.0.0 https://raw.githubusercontent.com/spotbugs/spotbugs/3.1.0/spotbugs/etc/findbugsfilter.xsd">
<Match>
<Or>
<Package name="gov.nist.secauto.oscal.lib.model" />
<Package name="~gov\.nist\.secauto\.oscal\.lib\.model\..*" />
</Or>
<Or>
<Bug pattern="EI_EXPOSE_REP" />
<Bug pattern="EI_EXPOSE_REP2" />
<Bug pattern="RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT" />
</Or>
</Match>
<Match>
<Bug pattern="RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT" />
</Match>
</FindBugsFilter>
2 changes: 1 addition & 1 deletion src/main/java/gov/nist/secauto/oscal/lib/OscalBindingContext.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ public static OscalBindingContext instance() {

/**
* Construct a new OSCAL-flavored binding context with custom constraints.
*
*
* @param constraintSets
* a set of additional constraints to apply
*/
Expand Down
9 changes: 5 additions & 4 deletions src/main/java/gov/nist/secauto/oscal/lib/OscalUtils.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,7 @@ private OscalUtils() {
// disable construction
}

@SuppressWarnings("PMD.OnlyOneReturn") // readability
public static boolean isInternalReference(@NonNull URI uri) {
if (uri.isAbsolute()) {
return false;
Expand All @@ -68,7 +69,7 @@ public static boolean isInternalReference(@NonNull URI uri) {

/**
* Get the id based on a URI's fragment.
*
*
* @param fragment
* the URI to extract the identifier from
* @return the identifier
Expand All @@ -77,12 +78,12 @@ public static boolean isInternalReference(@NonNull URI uri) {
*/
@NonNull
public static String internalReferenceFragmentToId(@NonNull URI fragment) {
return internalReferenceFragmentToId(fragment.toString());
return internalReferenceFragmentToId(ObjectUtils.notNull(fragment.toString()));
}

/**
* Get the id based on a URI's fragment.
*
*
* @param fragment
* the URI to extract the identifier from
* @return the identifier
Expand Down Expand Up @@ -156,7 +157,7 @@ public static Rlink findMatchingRLink(@NonNull Resource resource, @Nullable Stri
@Nullable
public static InputSource newInputSource(@NonNull Resource resource, @NonNull EntityResolver resolver,
@Nullable String preferredMediaType) throws IOException {
URI uri = getResourceURI(resource, null);
URI uri = getResourceURI(resource, preferredMediaType);
if (uri == null) {
throw new IOException(String.format("unable to determine URI for resource '%s'", resource.getUuid()));
}
Expand Down
Loading

0 comments on commit 1e62f84

Please sign in to comment.