diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index abdfc4ae..7714855f 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -34,47 +34,7 @@ jobs: - name: Upload spotbugs results uses: github/codeql-action/upload-sarif@main with: - sarif_file: lib/build/reports/spotbugs/main.sarif - - jib: - needs: [ build ] - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v3 - - name: Set up JDK - uses: actions/setup-java@v3 - with: - java-version: '17' - distribution: 'temurin' - cache: 'gradle' - - - name: Construct docker image name and tag - id: image-name - run: | - GITHUB_REPO=$(basename ${{ github.repository }}) - GIT_SHORT_HASH=$(git rev-parse --short HEAD) - echo "name=${GITHUB_REPO}:${GIT_SHORT_HASH}" >> $GITHUB_OUTPUT - - - name: Build image locally with jib - run: | - ./gradlew --build-cache :lib:jibDockerBuild \ - --image=${{ steps.image-name.outputs.name }} \ - -Djib.console=plain - - dispatch-trivy: - needs: [ build ] - runs-on: ubuntu-latest - - if: github.event_name == 'pull_request' - - steps: - - name: Fire off Trivy action - uses: broadinstitute/workflow-dispatch@v1 - with: - workflow: Trivy - token: ${{ secrets.BROADBOT_TOKEN }} - ref: ${{ github.event.pull_request.head.ref }} + sarif_file: library/build/reports/spotbugs/main.sarif source-clear: needs: [ build ] diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml deleted file mode 100644 index 60ac2fdd..00000000 --- a/.github/workflows/trivy.yml +++ /dev/null @@ -1,51 +0,0 @@ -name: Trivy -on: workflow_dispatch - -jobs: - trivy: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - - name: Set up JDK - uses: actions/setup-java@v3 - with: - java-version: '17' - distribution: 'temurin' - cache: 'gradle' - - - name: Build all projects without running tests - run: ./gradlew --build-cache build -x test -x spotlessCheck - - - name: Construct docker image name and tag - id: image-name - run: | - echo "name=trivy-local-testing-image" >> $GITHUB_OUTPUT - - - name: Build image locally with jib - run: | - ./gradlew --build-cache :service:jibDockerBuild \ - --image=${{ steps.image-name.outputs.name }} \ - -Djib.console=plain - - - name: Run Trivy vulnerability scanner - uses: broadinstitute/dsp-appsec-trivy-action@v1 - with: - image: ${{ steps.image-name.outputs.name }} - - notify-slack: - needs: [ trivy ] - runs-on: ubuntu-latest - if: failure() - steps: - - name: Notify slack on failure - uses: broadinstitute/action-slack@v3.8.0 - env: - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} - with: - channel: '#dsp-analysis-journeys-alerts' - status: failure - author_name: Trivy action - fields: workflow,message - text: 'Trivy scan failure :sadpanda:' - username: 'Java-PFB GitHub Action' diff --git a/buildSrc/build.gradle b/buildSrc/build.gradle deleted file mode 100644 index 1ba38197..00000000 --- a/buildSrc/build.gradle +++ /dev/null @@ -1,30 +0,0 @@ -plugins { - id 'groovy-gradle-plugin' -} - -repositories { - mavenCentral() - maven { - url 'https://broadinstitute.jfrog.io/broadinstitute/libs-release-local/' - } - maven { - url 'https://broadinstitute.jfrog.io/broadinstitute/libs-snapshot-local/' - } - gradlePluginPortal() -} - -dependencies { - implementation 'com.diffplug.spotless:spotless-plugin-gradle:6.11.0' - implementation 'com.felipefzdz.gradle.shellcheck:shellcheck:1.4.6' - implementation 'com.google.cloud.tools.jib:com.google.cloud.tools.jib.gradle.plugin:3.3.0' - implementation 'com.srcclr.gradle:com.srcclr.gradle.gradle.plugin:3.1.12' - implementation 'de.undercouch.download:de.undercouch.download.gradle.plugin:5.2.0' - implementation 'com.github.spotbugs.snom:spotbugs-gradle-plugin:5.0.12' - implementation 'io.spring.dependency-management:io.spring.dependency-management.gradle.plugin:1.0.14.RELEASE' - implementation 'org.hidetake.swagger.generator:org.hidetake.swagger.generator.gradle.plugin:2.19.2' - implementation 'org.sonarqube:org.sonarqube.gradle.plugin:3.4.0.2513' - implementation 'org.springframework.boot:spring-boot-gradle-plugin:2.7.0' - implementation 'bio.terra:terra-test-runner:0.1.5-SNAPSHOT' - // This is required due to a dependency conflict between jib and srcclr. Removing it will cause jib to fail. - implementation 'org.apache.commons:commons-compress:1.21' -} diff --git a/buildSrc/src/main/groovy/bio.terra.java-application-conventions.gradle b/buildSrc/src/main/groovy/bio.terra.java-application-conventions.gradle deleted file mode 100644 index 329b117c..00000000 --- a/buildSrc/src/main/groovy/bio.terra.java-application-conventions.gradle +++ /dev/null @@ -1,6 +0,0 @@ -plugins { - // Apply the common convention plugin for shared build configuration between library and application projects. - id 'bio.terra.java-common-conventions' - - id 'application' -} diff --git a/buildSrc/src/main/groovy/bio.terra.java-common-conventions.gradle b/buildSrc/src/main/groovy/bio.terra.java-common-conventions.gradle deleted file mode 100644 index d0f33742..00000000 --- a/buildSrc/src/main/groovy/bio.terra.java-common-conventions.gradle +++ /dev/null @@ -1,99 +0,0 @@ -plugins { - id 'idea' - id 'jacoco' - id 'java' - - id 'com.diffplug.spotless' - id 'com.github.spotbugs' - id 'org.hidetake.swagger.generator' -} - -boolean isCiServer = System.getenv().containsKey("CI") - -if (!isCiServer) { - tasks.withType(JavaExec).configureEach { - systemProperty 'spring.profiles.include', 'human-readable-logging' - } - tasks.withType(Test).configureEach { - systemProperty 'spring.profiles.include', 'human-readable-logging' - } -} - -java { - toolchain { - languageVersion = JavaLanguageVersion.of(17) - } -} - -repositories { - maven { - // Terra proxy for maven central - url 'https://broadinstitute.jfrog.io/broadinstitute/maven-central/' - } - mavenCentral() - maven { - url 'https://broadinstitute.jfrog.io/broadinstitute/libs-release/' - } - maven { - url 'https://broadinstitute.jfrog.io/broadinstitute/libs-snapshot-local/' - } -} - -dependencies { - compileOnly 'com.github.spotbugs:spotbugs-annotations:4.7.2' - implementation 'io.swagger.core.v3:swagger-annotations:2.2.0' - swaggerCodegen 'io.swagger.codegen.v3:swagger-codegen-cli:3.0.31' - - implementation 'org.slf4j:slf4j-api' - - testImplementation 'org.hamcrest:hamcrest:2.2' - - implementation 'bio.terra:terra-common-lib:0.0.75-SNAPSHOT' - implementation 'bio.terra:datarepo-client:1.349.0-SNAPSHOT' -} - -tasks.named('test') { - useJUnitPlatform() -} - -version = gradle.releaseVersion -group = 'bio.terra' - -spotless { - java { - targetExclude "${buildDir}/**" - targetExclude "**/swagger-code/**" - googleJavaFormat() - } -} - -// Run spotless check when running in github actions, otherwise run spotless apply. -compileJava { - if (isCiServer) { - dependsOn(spotlessCheck) - } else { - dependsOn(spotlessApply) - } -} - -// Spotbugs configuration -spotbugs { - reportLevel = 'high' - effort = 'max' -} -spotbugsMain { - reports { - if (isCiServer) { - sarif.enabled = true - } else { - html.enabled = true - } - } -} - -jacocoTestReport { - reports { - // sonarqube requires XML coverage output to upload coverage data - xml.required = true - } -} diff --git a/buildSrc/src/main/groovy/bio.terra.java-library-conventions.gradle b/buildSrc/src/main/groovy/bio.terra.java-library-conventions.gradle deleted file mode 100644 index 81623b76..00000000 --- a/buildSrc/src/main/groovy/bio.terra.java-library-conventions.gradle +++ /dev/null @@ -1,4 +0,0 @@ -plugins { - id 'bio.terra.java-common-conventions' - id 'java-library' -} diff --git a/buildSrc/src/main/groovy/bio.terra.java-spring-conventions.gradle b/buildSrc/src/main/groovy/bio.terra.java-spring-conventions.gradle deleted file mode 100644 index df2a4be5..00000000 --- a/buildSrc/src/main/groovy/bio.terra.java-spring-conventions.gradle +++ /dev/null @@ -1,7 +0,0 @@ -plugins { - // Apply the common convention plugin for shared build configuration between library and application projects. - id 'bio.terra.java-common-conventions' - - id 'io.spring.dependency-management' - id 'org.springframework.boot' -} diff --git a/java-pfb-cli/README.md b/cli/README.md similarity index 100% rename from java-pfb-cli/README.md rename to cli/README.md diff --git a/java-pfb-cli/build.gradle b/cli/build.gradle similarity index 100% rename from java-pfb-cli/build.gradle rename to cli/build.gradle diff --git a/java-pfb-cli/src/main/java/JavaPfbCommand.java b/cli/src/main/java/JavaPfbCommand.java similarity index 100% rename from java-pfb-cli/src/main/java/JavaPfbCommand.java rename to cli/src/main/java/JavaPfbCommand.java diff --git a/client/artifactory.gradle b/client/artifactory.gradle deleted file mode 100644 index 008de4d5..00000000 --- a/client/artifactory.gradle +++ /dev/null @@ -1,49 +0,0 @@ -// This and the test below makes sure the build will fail reasonably if you try -// to publish without the environment variables defined. -def artifactory_username = System.getenv("ARTIFACTORY_USERNAME") -def artifactory_password = System.getenv("ARTIFACTORY_PASSWORD") -def artifactory_repo_key = System.getenv("ARTIFACTORY_REPO_KEY") - -gradle.taskGraph.whenReady { taskGraph -> - if (taskGraph.hasTask(artifactoryPublish) && - (artifactory_username == null || artifactory_password == null)) { - throw new GradleException("Set env vars ARTIFACTORY_USERNAME and ARTIFACTORY_PASSWORD to publish") - } -} - -java { - // Builds sources into the published package as part of the 'assemble' task. - withSourcesJar() -} - -publishing { - publications { - javaPfbClientLibrary(MavenPublication) { - artifactId = "javapfb-client" - from components.java - versionMapping { - usage("java-runtime") { - fromResolutionResult() - } - } - } - } -} - -artifactory { - publish { - contextUrl = "https://broadinstitute.jfrog.io/broadinstitute/" - repository { - repoKey = "${artifactory_repo_key}" // The Artifactory repository key to publish to - username = "${artifactory_username}" // The publisher user name - password = "${artifactory_password}" // The publisher password - } - defaults { - // This is how we tell the Artifactory Plugin which artifacts should be published to Artifactory. - // Reference to Gradle publications defined in the build script. - publications("javapfbClientLibrary") - publishArtifacts = true - publishPom = true - } - } -} diff --git a/client/build.gradle b/client/build.gradle deleted file mode 100644 index ffc6d230..00000000 --- a/client/build.gradle +++ /dev/null @@ -1,18 +0,0 @@ -import org.springframework.boot.gradle.plugin.SpringBootPlugin - -plugins { - id 'bio.terra.java-library-conventions' - id 'maven-publish' - id 'io.spring.dependency-management' - id 'com.jfrog.artifactory' version '4.32.0' - // required by java-library-conventions - id 'org.hidetake.swagger.generator' -} - -dependencyManagement { - imports { - mavenBom(SpringBootPlugin.BOM_COORDINATES) - } -} - -apply from: 'artifactory.gradle' diff --git a/lib/build.gradle b/lib/build.gradle deleted file mode 100644 index f4fabc34..00000000 --- a/lib/build.gradle +++ /dev/null @@ -1,52 +0,0 @@ -plugins { - id 'bio.terra.java-spring-conventions' - id 'de.undercouch.download' - id 'com.google.cloud.tools.jib' - id 'com.srcclr.gradle' - id 'org.sonarqube' - - id 'com.gorylenko.gradle-git-properties' version '2.3.1' - id 'org.liquibase.gradle' version '2.1.0' -} - -apply from: 'generators.gradle' -apply from: 'publishing.gradle' - -dependencies { - implementation 'bio.terra:terra-common-lib' - implementation 'org.apache.commons:commons-dbcp2' - implementation 'org.springframework.boot:spring-boot-starter-data-jdbc' - implementation 'org.springframework.boot:spring-boot-starter-web' - implementation 'org.springframework.retry:spring-retry' - implementation 'org.broadinstitute.dsde.workbench:sam-client_2.13:0.1-9867891-SNAP' - implementation 'javax.ws.rs:javax.ws.rs-api:2.1.1' - implementation 'org.postgresql:postgresql' - implementation 'org.springframework.boot:spring-boot-starter-thymeleaf' - implementation 'org.springframework.boot:spring-boot-starter-actuator:3.0.2' - implementation 'io.micrometer:micrometer-registry-prometheus:1.10.4' - - liquibaseRuntime 'org.liquibase:liquibase-core' - liquibaseRuntime 'info.picocli:picocli:4.6.1' - liquibaseRuntime 'org.postgresql:postgresql' - liquibaseRuntime 'ch.qos.logback:logback-classic' - - testImplementation 'org.junit.jupiter:junit-jupiter-api' - testImplementation('org.springframework.boot:spring-boot-starter-test') { - // Fixes warning about multiple occurrences of JSONObject on the classpath - exclude group: 'com.vaadin.external.google', module: 'android-json' - } - testImplementation 'org.mockito:mockito-inline' -} - -test { - useJUnitPlatform () -} - -sonarqube { - properties { - property 'sonar.projectName', 'terra-java-project-template' - property 'sonar.projectKey', 'terra-java-project-template' - property 'sonar.organization', 'broad-databiosphere' - property 'sonar.host.url', 'https://sonarcloud.io' - } -} diff --git a/lib/publishing.gradle b/lib/publishing.gradle deleted file mode 100644 index d104842a..00000000 --- a/lib/publishing.gradle +++ /dev/null @@ -1,45 +0,0 @@ -import java.time.ZonedDateTime - -// Download and extract the Cloud Profiler Java Agent -ext { - // where to place the Cloud Profiler agent in the container - cloudProfilerLocation = "/opt/cprof" - - // location for jib extras, including the Java agent - jibExtraDirectory = "${buildDir}/jib-agents" -} -task downloadProfilerAgent(type: Download) { - // where to download the Cloud Profiler agent https://cloud.google.com/profiler/docs/profiling-java - src "https://storage.googleapis.com/cloud-profiler/java/latest/profiler_java_agent.tar.gz" - dest "${buildDir}/cprof_java_agent_gce.tar.gz" -} -task extractProfilerAgent(dependsOn: downloadProfilerAgent, type: Copy) { - from tarTree(downloadProfilerAgent.dest) - into "${jibExtraDirectory}/${cloudProfilerLocation}" -} - -jib { - from { - // see https://github.com/broadinstitute/dsp-appsec-blessed-images/tree/main/jre - image = "us.gcr.io/broad-dsp-gcr-public/base/jre:17-distroless" - } - extraDirectories { - paths = [file(jibExtraDirectory)] - } - container { - filesModificationTime = ZonedDateTime.now().toString() // to prevent ui caching - mainClass = 'bio.terra.javapfb.App' - jvmFlags = [ - "-agentpath:" + cloudProfilerLocation + "/profiler_java_agent.so=" + - "-cprof_service=bio.terra.javapfb" + - ",-cprof_service_version=" + version + - ",-cprof_enable_heap_sampling=true" + - ",-logtostderr" + - ",-minloglevel=2" - ] - } -} - -tasks.jib.dependsOn extractProfilerAgent -tasks.jibDockerBuild.dependsOn extractProfilerAgent -tasks.jibBuildTar.dependsOn extractProfilerAgent diff --git a/lib/src/main/java/bio/terra/javapfb/Library.java b/lib/src/main/java/bio/terra/javapfb/Library.java deleted file mode 100644 index d57cb29c..00000000 --- a/lib/src/main/java/bio/terra/javapfb/Library.java +++ /dev/null @@ -1,45 +0,0 @@ -package bio.terra.javapfb; - -import bio.terra.common.logging.LoggingInitializer; -import com.fasterxml.jackson.annotation.JsonInclude; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.datatype.jdk8.Jdk8Module; -import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule; -import com.fasterxml.jackson.module.paramnames.ParameterNamesModule; -import org.springframework.boot.autoconfigure.SpringBootApplication; -import org.springframework.boot.builder.SpringApplicationBuilder; -import org.springframework.boot.context.properties.ConfigurationPropertiesScan; -import org.springframework.boot.context.properties.EnableConfigurationProperties; -import org.springframework.context.annotation.Bean; -import org.springframework.retry.annotation.EnableRetry; -import org.springframework.transaction.annotation.EnableTransactionManagement; - -@SpringBootApplication( - scanBasePackages = { - // Scan for logging-related components & configs - "bio.terra.common.logging", - // Scan for tracing-related components & configs - "bio.terra.common.tracing", - // Scan all service-specific packages beneath the current package - "bio.terra.javapfb" - }) -@ConfigurationPropertiesScan("bio.terra.javapfb") -@EnableRetry -@EnableTransactionManagement -@EnableConfigurationProperties -public class Library { - public static void main(String[] args) { - new SpringApplicationBuilder(Library.class).initializers(new LoggingInitializer()).run(args); - } - - public Library() {} - - @Bean("objectMapper") - public ObjectMapper objectMapper() { - return new ObjectMapper() - .registerModule(new ParameterNamesModule()) - .registerModule(new Jdk8Module()) - .registerModule(new JavaTimeModule()) - .setDefaultPropertyInclusion(JsonInclude.Include.NON_ABSENT); - } -} diff --git a/lib/src/test/java/bio/terra/javapfb/LibraryTest.java b/lib/src/test/java/bio/terra/javapfb/LibraryTest.java deleted file mode 100644 index 4ce54e1c..00000000 --- a/lib/src/test/java/bio/terra/javapfb/LibraryTest.java +++ /dev/null @@ -1,14 +0,0 @@ -package bio.terra.javapfb; - -import org.junit.jupiter.api.Test; -import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.test.context.ActiveProfiles; - -@SpringBootTest -@ActiveProfiles({"test", "human-readable-logging"}) -public abstract class LibraryTest { - @Test - public void testHelloWorld() { - System.out.println("Hello World"); - } -} diff --git a/library/build.gradle b/library/build.gradle new file mode 100644 index 00000000..7cd63091 --- /dev/null +++ b/library/build.gradle @@ -0,0 +1,42 @@ +plugins { + id 'groovy-gradle-plugin' + id 'com.gorylenko.gradle-git-properties' version '2.3.1' +} + +apply from: 'generators.gradle' + + +test { + useJUnitPlatform () +} + +//sonarqube { +// properties { +// property 'sonar.projectName', 'terra-java-project-template' +// property 'sonar.projectKey', 'terra-java-project-template' +// property 'sonar.organization', 'broad-databiosphere' +// property 'sonar.host.url', 'https://sonarcloud.io' +// } +//} + +repositories { + mavenCentral() + maven { + url 'https://broadinstitute.jfrog.io/broadinstitute/libs-release-local/' + } + maven { + url 'https://broadinstitute.jfrog.io/broadinstitute/libs-snapshot-local/' + } + gradlePluginPortal() +} + +dependencies { + implementation 'com.diffplug.spotless:spotless-plugin-gradle:6.11.0' + implementation 'com.felipefzdz.gradle.shellcheck:shellcheck:1.4.6' + implementation 'com.srcclr.gradle:com.srcclr.gradle.gradle.plugin:3.1.12' + implementation 'com.github.spotbugs.snom:spotbugs-gradle-plugin:5.0.12' + implementation 'org.sonarqube:org.sonarqube.gradle.plugin:3.4.0.2513' + + testImplementation 'org.junit.jupiter:junit-jupiter-api:5.8.1' +} + diff --git a/lib/generators.gradle b/library/generators.gradle similarity index 51% rename from lib/generators.gradle rename to library/generators.gradle index 6b39c52c..5c0ed6a1 100644 --- a/lib/generators.gradle +++ b/library/generators.gradle @@ -1,15 +1,3 @@ -dependencies { - implementation 'io.swagger.core.v3:swagger-annotations' - runtimeOnly 'org.webjars.npm:swagger-ui-dist:4.9.0' - swaggerCodegen 'io.swagger.codegen.v3:swagger-codegen-cli' - - // Versioned by Spring: - implementation 'javax.validation:validation-api' - implementation 'org.webjars:webjars-locator-core' - - annotationProcessor 'org.springframework.boot:spring-boot-configuration-processor' -} - def artifactGroup = "${group}.javapfb" // see https://github.com/n0mer/gradle-git-properties diff --git a/library/src/main/java/bio/terra/javapfb/Library.java b/library/src/main/java/bio/terra/javapfb/Library.java new file mode 100644 index 00000000..ccd7d0e9 --- /dev/null +++ b/library/src/main/java/bio/terra/javapfb/Library.java @@ -0,0 +1,6 @@ +package bio.terra.javapfb; + +public class Library { + public static void main(String[] args) { + } +} diff --git a/lib/src/main/java/bio/terra/javapfb/model/Example.java b/library/src/main/java/bio/terra/javapfb/model/Example.java similarity index 100% rename from lib/src/main/java/bio/terra/javapfb/model/Example.java rename to library/src/main/java/bio/terra/javapfb/model/Example.java diff --git a/library/src/test/java/bio/terra/javapfb/LibraryTest.java b/library/src/test/java/bio/terra/javapfb/LibraryTest.java new file mode 100644 index 00000000..86f108ef --- /dev/null +++ b/library/src/test/java/bio/terra/javapfb/LibraryTest.java @@ -0,0 +1,11 @@ +package bio.terra.javapfb; + +import org.junit.jupiter.api.Test; + +public class LibraryTest { + + @Test + public void testHelloWorld() { + System.out.println("Hello World"); + } +} diff --git a/settings.gradle b/settings.gradle index 5f5df76f..215ed775 100644 --- a/settings.gradle +++ b/settings.gradle @@ -1,6 +1,6 @@ rootProject.name = 'javapfb' -include('lib', 'client', 'java-pfb-cli') +include('library', 'cli') gradle.ext.releaseVersion = '0.1.0'