From e2a9ef7e4cd414d285ff07310c4bf164194ac9d2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 7 Oct 2024 04:25:35 +0000 Subject: [PATCH 1/7] Bump tycho-version from 2.7.5 to 4.0.0 Bumps `tycho-version` from 2.7.5 to 4.0.0. Updates `org.eclipse.tycho:tycho-maven-plugin` from 2.7.5 to 4.0.0 - [Release notes](https://github.com/eclipse-tycho/tycho/releases) - [Changelog](https://github.com/eclipse-tycho/tycho/blob/main/RELEASE_NOTES.md) - [Commits](https://github.com/eclipse-tycho/tycho/compare/tycho-2.7.5...tycho-4.0.0) Updates `org.eclipse.tycho:tycho-versions-plugin` from 2.7.5 to 4.0.0 - [Release notes](https://github.com/eclipse-tycho/tycho/releases) - [Changelog](https://github.com/eclipse-tycho/tycho/blob/main/RELEASE_NOTES.md) - [Commits](https://github.com/eclipse-tycho/tycho/compare/tycho-2.7.5...tycho-4.0.0) Updates `org.eclipse.tycho:target-platform-configuration` from 2.7.5 to 4.0.0 - [Release notes](https://github.com/eclipse-tycho/tycho/releases) - [Changelog](https://github.com/eclipse-tycho/tycho/blob/main/RELEASE_NOTES.md) - [Commits](https://github.com/eclipse-tycho/tycho/compare/tycho-2.7.5...tycho-4.0.0) Updates `org.eclipse.tycho:tycho-compiler-plugin` from 2.7.5 to 4.0.0 - [Release notes](https://github.com/eclipse-tycho/tycho/releases) - [Changelog](https://github.com/eclipse-tycho/tycho/blob/main/RELEASE_NOTES.md) - [Commits](https://github.com/eclipse-tycho/tycho/compare/tycho-2.7.5...tycho-4.0.0) Updates `org.eclipse.tycho:tycho-p2-repository-plugin` from 2.7.5 to 4.0.0 - [Release notes](https://github.com/eclipse-tycho/tycho/releases) - [Changelog](https://github.com/eclipse-tycho/tycho/blob/main/RELEASE_NOTES.md) - [Commits](https://github.com/eclipse-tycho/tycho/compare/tycho-2.7.5...tycho-4.0.0) Updates `org.eclipse.tycho:tycho-surefire-plugin` from 2.7.5 to 4.0.0 --- updated-dependencies: - dependency-name: org.eclipse.tycho:tycho-maven-plugin dependency-type: direct:production update-type: version-update:semver-major - dependency-name: org.eclipse.tycho:tycho-versions-plugin dependency-type: direct:production update-type: version-update:semver-major - dependency-name: org.eclipse.tycho:target-platform-configuration dependency-type: direct:production update-type: version-update:semver-major - dependency-name: org.eclipse.tycho:tycho-compiler-plugin dependency-type: direct:production update-type: version-update:semver-major - dependency-name: org.eclipse.tycho:tycho-p2-repository-plugin dependency-type: direct:production update-type: version-update:semver-major - dependency-name: org.eclipse.tycho:tycho-surefire-plugin dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index cf65bf0..410435f 100644 --- a/pom.xml +++ b/pom.xml @@ -30,7 +30,7 @@ https://github.com/CROSSINGTUD/CryptSL - 2.7.5 + 4.0.0 2.35.0 2.19.0 UTF-8 From 2a0517a53c6d354449c80984c34c7b76415c1d78 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 29 Nov 2024 12:49:14 +0000 Subject: [PATCH 2/7] Bump tycho-version from 2.7.5 to 4.0.0 Bumps `tycho-version` from 2.7.5 to 4.0.0. Updates `org.eclipse.tycho:tycho-compiler-plugin` from 2.7.5 to 4.0.0 - [Release notes](https://github.com/eclipse-tycho/tycho/releases) - [Changelog](https://github.com/eclipse-tycho/tycho/blob/main/RELEASE_NOTES.md) - [Commits](https://github.com/eclipse-tycho/tycho/compare/tycho-2.7.5...tycho-4.0.0) Updates `org.eclipse.tycho:tycho-maven-plugin` from 2.7.5 to 4.0.0 - [Release notes](https://github.com/eclipse-tycho/tycho/releases) - [Changelog](https://github.com/eclipse-tycho/tycho/blob/main/RELEASE_NOTES.md) - [Commits](https://github.com/eclipse-tycho/tycho/compare/tycho-2.7.5...tycho-4.0.0) Updates `org.eclipse.tycho:tycho-versions-plugin` from 2.7.5 to 4.0.0 - [Release notes](https://github.com/eclipse-tycho/tycho/releases) - [Changelog](https://github.com/eclipse-tycho/tycho/blob/main/RELEASE_NOTES.md) - [Commits](https://github.com/eclipse-tycho/tycho/compare/tycho-2.7.5...tycho-4.0.0) Updates `org.eclipse.tycho:target-platform-configuration` from 2.7.5 to 4.0.0 - [Release notes](https://github.com/eclipse-tycho/tycho/releases) - [Changelog](https://github.com/eclipse-tycho/tycho/blob/main/RELEASE_NOTES.md) - [Commits](https://github.com/eclipse-tycho/tycho/compare/tycho-2.7.5...tycho-4.0.0) Updates `org.eclipse.tycho:tycho-p2-repository-plugin` from 2.7.5 to 4.0.0 - [Release notes](https://github.com/eclipse-tycho/tycho/releases) - [Changelog](https://github.com/eclipse-tycho/tycho/blob/main/RELEASE_NOTES.md) - [Commits](https://github.com/eclipse-tycho/tycho/compare/tycho-2.7.5...tycho-4.0.0) Updates `org.eclipse.tycho:tycho-surefire-plugin` from 2.7.5 to 4.0.0 --- updated-dependencies: - dependency-name: org.eclipse.tycho:tycho-compiler-plugin dependency-type: direct:production update-type: version-update:semver-major - dependency-name: org.eclipse.tycho:tycho-maven-plugin dependency-type: direct:production update-type: version-update:semver-major - dependency-name: org.eclipse.tycho:tycho-versions-plugin dependency-type: direct:production update-type: version-update:semver-major - dependency-name: org.eclipse.tycho:target-platform-configuration dependency-type: direct:production update-type: version-update:semver-major - dependency-name: org.eclipse.tycho:tycho-p2-repository-plugin dependency-type: direct:production update-type: version-update:semver-major - dependency-name: org.eclipse.tycho:tycho-surefire-plugin dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 84f8655..d2e3459 100644 --- a/pom.xml +++ b/pom.xml @@ -52,7 +52,7 @@ - 2.7.5 + 4.0.0 2.35.0 2.19.0 UTF-8 From cfe0c11994ececf46fe95f39179685b63c9348d6 Mon Sep 17 00:00:00 2001 From: Sven Meyer Date: Fri, 29 Nov 2024 14:09:51 +0100 Subject: [PATCH 3/7] Update tycho version manually --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 84f8655..37014ec 100644 --- a/pom.xml +++ b/pom.xml @@ -52,7 +52,7 @@ - 2.7.5 + 4.0.10 2.35.0 2.19.0 UTF-8 From a9034d0efeb37cf219b3a32e0763150b4385970a Mon Sep 17 00:00:00 2001 From: Sven Meyer Date: Fri, 29 Nov 2024 14:30:06 +0100 Subject: [PATCH 4/7] Set Maven version to 3.9.0 --- .github/workflows/deploy.yml | 5 +++++ .github/workflows/main_build.yml | 8 +++++--- .github/workflows/style.yml | 15 ++++++++++++--- .github/workflows/version.yml | 10 ++++++++++ 4 files changed, 32 insertions(+), 6 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index f1f52f6..987115b 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -22,6 +22,11 @@ jobs: server-password: OSSRH_PASSWORD # Env var that holds your OSSRH user pw gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} # Substituted with the value stored in the referenced secret gpg-passphrase: SIGN_KEY_PASS # Env var that holds the key's passphrase + # Tycho requires at least Maven 3.9.0 + - name: Set up Maven + uses: stCarolas/setup-maven@v5 + with: + maven-version: 3.9.0 - name: Build & Deploy CrySL run: mvn -B -U clean deploy -Pdeployment env: diff --git a/.github/workflows/main_build.yml b/.github/workflows/main_build.yml index 548d4a5..ce83d9d 100644 --- a/.github/workflows/main_build.yml +++ b/.github/workflows/main_build.yml @@ -2,9 +2,6 @@ name: CrySL build on: push: - branches-ignore: - - master - - develop pull_request: types: [opened, reopened] @@ -26,6 +23,11 @@ jobs: distribution: 'adopt' java-package: jdk java-version: '17' + # Tycho requires at least Maven 3.9.0 + - name: Set up Maven + uses: stCarolas/setup-maven@v5 + with: + maven-version: 3.9.0 # Restores Maven dependecies - name: Restore local Maven repository uses: actions/cache@v3 diff --git a/.github/workflows/style.yml b/.github/workflows/style.yml index 894f163..53c102b 100644 --- a/.github/workflows/style.yml +++ b/.github/workflows/style.yml @@ -3,9 +3,6 @@ description: Check the formatting. Use "mvn spotless:apply" to format the code. on: push: - branches-ignore: - - master - - develop jobs: check-formatting: @@ -14,6 +11,18 @@ jobs: steps: - name: Checkout source code uses: actions/checkout@v4 + # Sets up Java version + - name: Set up Java + uses: actions/setup-java@v4 + with: + distribution: 'adopt' + java-package: jdk + java-version: '17' + # Tycho requires at least Maven 3.9.0 + - name: Set up Maven + uses: stCarolas/setup-maven@v5 + with: + maven-version: 3.9.0 # Restores Maven dependecies - name: Restore local Maven repository uses: actions/cache@v4 diff --git a/.github/workflows/version.yml b/.github/workflows/version.yml index 267a316..8f17bcc 100644 --- a/.github/workflows/version.yml +++ b/.github/workflows/version.yml @@ -25,6 +25,11 @@ jobs: distribution: 'adopt' java-package: jdk java-version: '17' + # Tycho requires at least Maven 3.9.0 + - name: Set up Maven + uses: stCarolas/setup-maven@v5 + with: + maven-version: 3.9.0 # Semantic versioning - name: Semantic versioning id: versioning @@ -83,6 +88,11 @@ jobs: uses: actions/checkout@v4 with: fetch-depth: 0 + # Tycho requires at least Maven 3.9.0 + - name: Set up Maven + uses: stCarolas/setup-maven@v5 + with: + maven-version: 3.9.0 # Semantic versioning - name: Semantic versioning id: versioning From 5aca7f6c11d4fb2646be86d1b226a6f27b76d402 Mon Sep 17 00:00:00 2001 From: Sven Meyer Date: Fri, 29 Nov 2024 14:41:33 +0100 Subject: [PATCH 5/7] Add automatic release job after deployment --- .github/workflows/deploy.yml | 35 ----------- .github/workflows/deploy_and_release.yml | 76 ++++++++++++++++++++++++ 2 files changed, 76 insertions(+), 35 deletions(-) delete mode 100644 .github/workflows/deploy.yml create mode 100644 .github/workflows/deploy_and_release.yml diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml deleted file mode 100644 index 987115b..0000000 --- a/.github/workflows/deploy.yml +++ /dev/null @@ -1,35 +0,0 @@ -name: Deploy CrySL - -on: [workflow_dispatch] - -jobs: - deployment: - runs-on: ubuntu-latest - environment: Deploy - name: Deploy CrySL - steps: - - name: Checkout source code - uses: actions/checkout@v4 - # Sets up Java version - - name: Set up Java - uses: actions/setup-java@v4 - with: - distribution: 'adopt' - java-package: 'jdk' - java-version: '17' - server-id: 'ossrh' # must match the serverId configured for the nexus-staging-maven-plugin - server-username: OSSRH_USERNAME # Env var that holds your OSSRH user name - server-password: OSSRH_PASSWORD # Env var that holds your OSSRH user pw - gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} # Substituted with the value stored in the referenced secret - gpg-passphrase: SIGN_KEY_PASS # Env var that holds the key's passphrase - # Tycho requires at least Maven 3.9.0 - - name: Set up Maven - uses: stCarolas/setup-maven@v5 - with: - maven-version: 3.9.0 - - name: Build & Deploy CrySL - run: mvn -B -U clean deploy -Pdeployment - env: - SIGN_KEY_PASS: ${{ secrets.GPG_PRIVATE_KEY_PASSPHRASE }} - OSSRH_USERNAME: ${{ secrets.SONATYPE_USER }} - OSSRH_PASSWORD: ${{ secrets.SONATYPE_PW }} diff --git a/.github/workflows/deploy_and_release.yml b/.github/workflows/deploy_and_release.yml new file mode 100644 index 0000000..7bce294 --- /dev/null +++ b/.github/workflows/deploy_and_release.yml @@ -0,0 +1,76 @@ +name: Deploy CrySL + +on: [workflow_dispatch] + +jobs: + deployment: + runs-on: ubuntu-latest + environment: Deploy + steps: + - name: Checkout source code + uses: actions/checkout@v4 + # Sets up Java version + - name: Set up Java + uses: actions/setup-java@v4 + with: + distribution: 'adopt' + java-package: 'jdk' + java-version: '17' + server-id: 'ossrh' # must match the serverId configured for the nexus-staging-maven-plugin + server-username: OSSRH_USERNAME # Env var that holds your OSSRH user name + server-password: OSSRH_PASSWORD # Env var that holds your OSSRH user pw + gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} # Substituted with the value stored in the referenced secret + gpg-passphrase: SIGN_KEY_PASS # Env var that holds the key's passphrase + # Tycho requires at least Maven 3.9.0 + - name: Set up Maven + uses: stCarolas/setup-maven@v5 + with: + maven-version: 3.9.0 + - name: Build & Deploy CrySL + run: mvn -B -U clean deploy -Pdeployment + env: + SIGN_KEY_PASS: ${{ secrets.GPG_PRIVATE_KEY_PASSPHRASE }} + OSSRH_USERNAME: ${{ secrets.SONATYPE_USER }} + OSSRH_PASSWORD: ${{ secrets.SONATYPE_PW }} + + release: + runs-on: ubuntu-latest + needs: deployment + - name: Checkout source code + uses: actions/checkout@v4 + + - name: Fetch all tags + run: git fetch --tags + + - name: Extract Version from pom.xml + id: extract_version + run: | + VERSION=$(sed -n 's/.*\(.*\)<\/version>.*/\1/p' pom.xml | head -n 1) + echo "VERSION=$VERSION" >> $GITHUB_ENV + + - name: Generate Release Notes + id: generate_notes + run: | + LATEST_TAG=$(git tag --sort=-creatordate | head -n 1) + git log $LATEST_TAG..HEAD --merges --pretty=format:"%h" > merged_prs.txt + + RELEASE_NOTES="Release Notes:\n\n" + + while IFS= read -r commit_hash; do + if git log -1 --pretty=format:"%s" $commit_hash | grep -iq "dependabot"; then + continue + fi + + PR_NUMBER=$(git log -1 --pretty=format:"%s" $commit_hash | grep -oE "([Pp][Rr]|pull request) #[0-9]+" | grep -oE "[0-9]+" | head -n 1) + + FIRST_COMMENT=$(gh pr view $PR_NUMBER --json body --jq '.body') + + if [ -n "$FIRST_COMMENT" ]; then + RELEASE_NOTES+="- PR #$PR_NUMBER: $FIRST_COMMENT\n" + fi + done < merged_prs.txt + + echo -e "$RELEASE_NOTES" > release_notes.txt + cat release_notes.txt + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From 40bbbf794fbc632bfaaaa04e0867ea910b48630e Mon Sep 17 00:00:00 2001 From: Sven Meyer Date: Fri, 29 Nov 2024 14:47:05 +0100 Subject: [PATCH 6/7] Update README and (MAJOR) version update --- README.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/README.md b/README.md index f7f6c64..0f52460 100644 --- a/README.md +++ b/README.md @@ -2,6 +2,13 @@ CrySL is a domain-specific language that allows to specify the correct usage of APIs. Example specifications for the JavaCryptographicArchitecture (JCA), BouncyCastle and Tink can be found [here](https://github.com/CROSSINGTUD/Crypto-API-Rules). +## Build +CrySL uses Maven as build tool. You can install this project via + +```mvn clean install -DskipTests``` + +Installing requires at least Java 17 and Maven 3.9.0. + ## Parsing CrySL files We implemented a parser that reads a set of `.crysl` files and parses them into Java objects. Include the following dependency in your project (replace `x.y.z` with the latest version): From ff43b5593bbb5655c3cfcf858d2c705e5ec928d0 Mon Sep 17 00:00:00 2001 From: Sven Meyer Date: Fri, 29 Nov 2024 14:55:50 +0100 Subject: [PATCH 7/7] Update deploy_and_release.yml --- .github/workflows/deploy_and_release.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/deploy_and_release.yml b/.github/workflows/deploy_and_release.yml index 7bce294..ddee79e 100644 --- a/.github/workflows/deploy_and_release.yml +++ b/.github/workflows/deploy_and_release.yml @@ -74,3 +74,9 @@ jobs: cat release_notes.txt env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Create GitHub Release + run: | + gh release create "$VERSION" --title "$VERSION" --notes-file release_notes.txt + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}