Feature/openshift support

.circleci/config.yml

@@ -0,0 +1,89 @@
+version: 2.1
+orbs:
+    docker: circleci/[email protected]
+executors:
+  openjdk_executor:
+    docker:
+      - image: cimg/openjdk:17.0.3
+    environment:
+      _JAVA_OPTIONS: "-Xmx3g"
+      GRADLE_OPTS: "-Dorg.gradle.daemon=false"
+
+jobs:
+  build_and_test:
+    executor:
+      name: docker/docker
+    working_directory: /home/circleci/mms
+    steps:
+      - checkout
+
+      - setup_remote_docker
+
+      - run: 
+          name: "Create and start all services from the docker-compose configuration"
+          command: |
+            cp example/src/main/resources/application.properties.example ./example/src/main/resources/application.properties
+            docker-compose up --build -d
+            docker run --network container:mms curlimages/curl --retry 8 --retry-delay 10 --retry-max-time 90 --retry-connrefused http://mms:8080/healthcheck
+
+      - run: 
+          name: "Run and test Postman Collection"
+          command: |
+            docker create -v /etc/newman --name mms_test_configs alpine:3.4 /bin/true
+            docker cp example/. mms_test_configs:/etc/newman
+            docker run --volumes-from mms_test_configs --network container:mms -t postman/newman run crud.postman_collection.json -e test-env.json --delay-request 500
+            docker run --volumes-from mms_test_configs --network container:mms -t postman/newman run cameo.postman_collection.json -e test-env.json --delay-request 1000
+            docker run --volumes-from mms_test_configs --network container:mms -t postman/newman run jupyter.postman_collection.json -e test-env.json --delay-request 500
+            docker run --volumes-from mms_test_configs --network container:mms -t postman/newman run localauth.postman_collection.json -e test-env.json --delay-request 500
+            docker run --volumes-from mms_test_configs --network container:mms -t postman/newman run permissions.postman_collection.json -e test-env.json --delay-request 500
+            docker run --volumes-from mms_test_configs --network container:mms -t postman/newman run search.postman_collection.json -e test-env.json --delay-request 1000
+            docker run --volumes-from mms_test_configs --network container:mms -t postman/newman run artifacts.postman_collection.json -e test-env.json --delay-request 500
+            docker run --volumes-from mms_test_configs --network container:mms -t postman/newman run elastic.postman_collection.json -e test-env.json --delay-request 500
+            docker run --volumes-from mms_test_configs --network container:mms -t postman/newman run groups.postman_collection.json -e test-env.json --delay-request 500
+
+      - persist_to_workspace:
+            root: /home/circleci/
+            paths:
+                - mms/*
+
+  deploy_snapshot:
+      executor: openjdk_executor
+      working_directory: /home/circleci/mms
+      steps:
+          - attach_workspace:
+                at: ~/
+          - run:
+                name: Deploy snapshot to sonatype
+                command: ./gradlew -PossrhUsername=$OSSRH_USERNAME -PossrhPassword=$OSSRH_PASSWORD -PsigningKey="$SIGNING_KEY" -PsigningPassword=$SIGNING_PASSWORD publish
+  deploy_release:
+      executor: openjdk_executor
+      working_directory: /home/circleci/mms
+      steps:
+          - attach_workspace:
+                at: ~/
+          - run:
+                name: Deploy release to sonatype
+                command: ./gradlew -PbuildNumber=$CIRCLE_BUILD_NUM -PbuildTag=$CIRCLE_TAG -PossrhUsername=$OSSRH_USERNAME -PossrhPassword=$OSSRH_PASSWORD -PsigningKey="$SIGNING_KEY" -PsigningPassword=$SIGNING_PASSWORD --info --stacktrace publish
+
+workflows:
+    version: 2
+    build-test-deploy:
+      jobs:
+        - build_and_test:
+              filters:
+                  tags:
+                      only: /[0-9.]+(-(a|b|rc)[0-9]+)?/
+        - deploy_snapshot:
+              requires:
+                  - build_and_test
+              filters:
+                  branches:
+                      only: /((release|hotfix|support)/[0-9.]+(-(a|b|rc)[0-9]+)?|develop)/
+        - deploy_release:
+              requires:
+                  - build_and_test
+              filters:
+                  tags:
+                      only: /[0-9.]+(-(a|b|rc)[0-9]+)?/
+                  branches:
+                      ignore: /.*/

.editorconfig

@@ -0,0 +1,19 @@
+[*]
+charset=utf-8
+end_of_line=lf
+insert_final_newline=false
+indent_style=space
+indent_size=4
+
+[{messages.*,spring.schemas,org.codehaus.groovy.runtime.ExtensionModule,spring.handlers,messages,*.properties}]
+indent_style=space
+indent_size=4
+
+[{*.gson,*.gradle,*.groovy,*.gant,*.gdsl,*.gy}]
+indent_style=space
+indent_size=4
+
+[{*.kts,*.kt}]
+indent_style=space
+indent_size=4
+

.github/FUNDING.yml

@@ -0,0 +1 @@
+custom: ['https://numfocus.salsalabs.org/supportopenmbee']

.github/codeql.yml

@@ -0,0 +1,3 @@
+query-filters:
+  - exclude:
+      id: java/spring-disabled-csrf-protection

.github/workflows/codeql.yml

@@ -0,0 +1,48 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ "develop", "master" ]
+  pull_request:
+    branches: [ "develop" ]
+  schedule:
+    - cron: "4 23 * * 1"
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ java ]
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Setup Java
+        uses: actions/setup-java@v3
+        with:
+          distribution: temurin
+          java-version: 11
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: ${{ matrix.language }}
+          config-file: ./.github/codeql.yml
+          queries: +security-and-quality
+
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v2
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2
+        with:
+          category: "/language:${{ matrix.language }}"

.gitignore

@@ -1,9 +1,11 @@
 .gradle
 **/build/
-application.properties
+!gradle/wrapper/gradle-wrapper.jar
+#application.properties
 localhost-env.json
 .vscode
-
+*.pem
+src/main/resources/*.pem
 ### STS ###
 .apt_generated
 .classpath
@@ -27,8 +29,12 @@ localhost-env.json
 /nbdist/
 /.nb-gradle/
 
+### Sphinx ###
+_build
+
 
 **/bin
-**/_build
-*.ks
-*.jks
+
+**/.DS_Store
+/old_build/
+/generate_toc.sh

.gitlab-ci.yml

@@ -0,0 +1,81 @@
+variables:
+  DOCKER_DRIVER: overlay2
+  DOCKER_TLS_CERTDIR: "/certs"
+  SELECTOR: "openmbee-mms"
+  TAG: "latest"
+  ENVIRONMENT: "dev"
+  OC_PROJECT: $OC_DEV_NAMESPACE
+  OC_TOKEN: $OC_DEV_TOKEN
+  OC_URL: $OC_PIPELINE_URL
+
+
+stages:
+  - build
+  - deploy
+
+build:
+  image: URIHERE/docker:20.10.1
+  services:
+  - name: docker:20.10.1-dind
+    command: 
+      - /bin/sh
+      - -c
+      - apk update && apk add ca-certificates wget && wget --no-check-certificate -r -np -nd -R "index.html*" URIHERE/wcf/latest/crt/ -P /usr/local/share/ca-certificates && update-ca-certificates --fresh > /dev/null && dockerd-entrypoint.sh --insecure-registry=URIHERE --insecure-registry=URIHERE --debug || exit
+  stage: build
+  tags:
+    - dind
+    - rhel
+    - edmz
+  before_script:
+    - echo $CI_COMMIT_REF_NAME
+    - |
+      if echo $CI_COMMIT_REF_NAME | grep -E [[:digit:]]+.[[:digit:]]+.[[:digit:]]+;     
+      then
+          TAG=$CI_COMMIT_REF_NAME
+      else
+          TAG="latest"
+      fi
+    - apk -U upgrade
+    - docker info
+  script:
+    - docker login -u $NEXUS_USERNAME -p $NEXUS_PASSWORD URIHERE
+    - docker login -u $NEXUS_USERNAME -p $NEXUS_PASSWORD URIHERE
+    - docker build -f $DOCKERFILE_PATH --build-arg NEXUS_USERNAME=$NEXUS_USERNAME --build-arg NEXUS_PASSWORD=$NEXUS_PASSWORD -t URIHERE/$NEXUS_NAMESPACE/$SELECTOR:$TAG .
+    - docker push URIHERE/$NEXUS_NAMESPACE/$SELECTOR:$TAG
+
+deploy:
+  image: URIHERE/openshift/origin-cli:v3.11
+  stage: deploy
+  tags:
+    - dind
+    - rhel
+    - edmz
+  before_script:
+    - |
+      if [[ "$CI_COMMIT_REF_NAME" =~ [[:digit:]]+.[[:digit:]]+.[[:digit:]]+-RC[[:digit:]]+-SNAPSHOT ]]
+      then
+          TAG=$CI_COMMIT_REF_NAME
+          OC_PROJECT=$OC_STAGE_NAMESPACE
+          OC_TOKEN=$OC_STAGE_TOKEN
+      elif [[ "$CI_COMMIT_REF_NAME" =~ [[:digit:]]+.[[:digit:]]+.[[:digit:]]+.[[:digit:]]+-FINAL ]]     
+      then
+          TAG=$CI_COMMIT_REF_NAME
+          OC_PROJECT=$OC_PROD_NAMESPACE
+          OC_URL=$OC_PROD_URL
+          OC_TOKEN=$OC_PROD_TOKEN
+      else
+          TAG="latest"
+      fi
+  script:
+    - echo $OC_URL
+    - oc login $OC_URL --token=$OC_TOKEN --insecure-skip-tls-verify
+    - oc project $OC_PROJECT
+    - |
+      OC_PATCH_STATUS=$(oc patch deploymentconfig $SELECTOR -p "{\"spec\":{\"template\":{\"spec\":{\"containers\":[{\"name\":\"$SELECTOR\",\"image\": \"URIHERE/$NEXUS_NAMESPACE/$SELECTOR:$TAG\"}]}}}}")
+    - echo $OC_PATCH_STATUS
+    - |
+      if [[ "$OC_PATCH_STATUS" == *"not patched" ]]; then
+        oc rollout latest dc/$SELECTOR
+        oc rollout status dc/$SELECTOR
+      fi
+    - oc logout

.lgtm.yml

@@ -0,0 +1,6 @@
+extraction:
+  java:
+    index:
+      java_version: 11
+queries:
+  - exclude: java/spring-disabled-csrf-protection