Reconfigure for forgejo/woodpecker

.github/CODEOWNERS

@@ -1,2 +0,0 @@
-# https://docs.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners#codeowners-syntax
-* @sschnabe @rpahli @fabian-schlegel @jschwarze @wistefan @monotek

.github/dependabot.yml

@@ -1,14 +0,0 @@
-version: 2
-updates:
-  - package-ecosystem: maven
-    directory: /
-    schedule:
-      interval: daily
-    allow:
-      - dependency-name: io.kokuwa.maven:maven-parent
-      - dependency-name: org.keycloak:keycloak-quarkus-server
-  - package-ecosystem: github-actions
-    directory: /
-    schedule:
-      interval: monthly
-      day: monday

.github/settings.xml

@@ -1,16 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!-- https://github.com/actions/setup-java/issues/85 -->
-<settings>
-	<servers>
-		<server>
-			<id>sonatype-nexus</id>
-			<username>${env.SERVER_USERNAME}</username>
-			<password>${env.SERVER_PASSWORD}</password>
-		</server>
-		<server>
-			<id>github.com</id>
-			<username>nope</username>
-			<password>${env.GIT_ACTION_TOKEN}</password>
-		</server>
-	</servers>
-</settings>

.github/workflows/build.yaml

@@ -1,30 +0,0 @@
-name: Build
-
-on:
-  push:
-    branches: [main]
-
-jobs:
-
-  build:
-    runs-on: ubuntu-latest
-    env:
-      MAVEN_ARGS: --batch-mode --color=always --no-transfer-progress --settings=.github/settings.xml
-    steps:
-      - run: git config --global user.name "${{ vars.KOKUWA_IO_BOT_NAME }}"
-      - run: git config --global user.email "${{ vars.KOKUWA_IO_BOT_EMAIL }}"
-      - uses: actions/checkout@v4
-        with:
-          token: ${{ secrets.GIT_ACTION_TOKEN }}
-      - uses: actions/setup-java@v4
-        with:
-          distribution: temurin
-          java-version: 17
-          cache: maven
-      - run: mvn $MAVEN_ARGS deploy
-        env:
-          SERVER_USERNAME: ${{ secrets.SONATYPE_NEXUS_USERNAME }}
-          SERVER_PASSWORD: ${{ secrets.SONATYPE_NEXUS_PASSWORD }}
-      - run: mvn $MAVEN_ARGS site-deploy
-        env:
-          GIT_ACTION_TOKEN: ${{ secrets.GIT_ACTION_TOKEN }}

.github/workflows/release.yaml

@@ -1,50 +0,0 @@
-name: Release
-
-on: workflow_dispatch
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    env:
-      MAVEN_ARGS: --batch-mode --color=always --no-transfer-progress --settings=.github/settings.xml
-    steps:
-      - name: docker/login-action docker.io
-        uses: docker/login-action@v3.4.0
-        with:
-          registry: docker.io
-          username: ${{ secrets.DOCKERIO_USERNAME }}
-          password: ${{ secrets.DOCKERIO_TOKEN }}
-      - name: docker/login-action ghcr.io
-        uses: docker/login-action@v3.4.0
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GIT_ACTION_TOKEN }}
-      - run: git config --global user.name "${{ vars.KOKUWA_IO_BOT_NAME }}"
-      - run: git config --global user.email "${{ vars.KOKUWA_IO_BOT_EMAIL }}"
-      - uses: actions/checkout@v4
-        with:
-          token: ${{ secrets.GIT_ACTION_TOKEN }}
-      - uses: crazy-max/ghaction-import-gpg@v6
-        with:
-          gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
-          passphrase: ${{ secrets.GPG_PASSPHRASE }}
-          git_user_signingkey: true
-          git_commit_gpgsign: true
-      - uses: actions/setup-java@v4
-        with:
-          distribution: temurin
-          java-version: 17
-          cache: maven
-          server-id: sonatype-nexus
-          server-username: SERVER_USERNAME
-          server-password: SERVER_PASSWORD
-          gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
-          gpg-passphrase: GPG_PASSPHRASE
-      - run: mvn $MAVEN_ARGS release:prepare -Darguments="$MAVEN_ARGS"
-      - run: mvn $MAVEN_ARGS release:perform -Darguments="$MAVEN_ARGS"
-        env:
-          SERVER_USERNAME: ${{ secrets.SONATYPE_NEXUS_USERNAME }}
-          SERVER_PASSWORD: ${{ secrets.SONATYPE_NEXUS_PASSWORD }}
-          GIT_ACTION_TOKEN: ${{ secrets.GIT_ACTION_TOKEN }}
-          GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}

.github/workflows/verify.yaml

@@ -1,44 +1,43 @@
-name: PullRequest
+name: Verify
 
-on: pull_request
+on:
+  - pull_request
+  - push:
+      branches: [main]
 
 env:
   MAVEN_ARGS: --batch-mode --color=always --no-transfer-progress -Dmaven.test.redirectTestOutputToFile=false
 
 jobs:
 
-  yaml:
+  renovate:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@main
-      - uses: ibiqlik/action-yamllint@v3
+      - uses: docker://kokuwaio/renovate-config-validator
-        with:
-          format: colored
-          strict: true
 
-  markdown:
+  markdownlint:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@main
-      - uses: avto-dev/markdown-lint@v1
+      - uses: docker://kokuwaio/markdownlint
-        with:
+
-          args: /github/workspace
+  yamllint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@main
+      - uses: docker://kokuwaio/yamllint
 
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@main
-      - uses: actions/setup-java@v4
+      - uses: actions/setup-java@main
         with:
           distribution: temurin
           java-version: 17
           cache: maven
       - run: mvn $MAVEN_ARGS verify
-      - run: mvn $MAVEN_ARGS site
-      - uses: actions/upload-artifact@v4
-        if: always()
-        with:
-          path: target/site
 
   versions:
     runs-on: ubuntu-latest
@@ -54,8 +53,8 @@ jobs:
           - 26.1.5
           - 26.2.1
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@main
-      - uses: actions/setup-java@v4
+      - uses: actions/setup-java@main
         with:
           distribution: temurin
           java-version: 17

.woodpecker/build.yaml

@@ -0,0 +1,17 @@
+when:
+  event: [manual, push]
+  branch: main
+  path: [.woodpecker/build.yaml, pom.xml, src/**]
+
+services:
+  - name: dockerd
+    image: kokuwaio/dockerd
+    ports: [2375, 8080]
+
+steps:
+  build:
+    image: maven:3.9.9-eclipse-temurin-17
+    commands: mvn deploy --settings=.woodpecker/maven/settings.xml
+    environment:
+      NEXUS_USERNAME: {from_secret: nexus_username}
+      NEXUS_PASSWORD: {from_secret: nexus_password}

.woodpecker/lint.yaml

@@ -0,0 +1,21 @@
+when:
+  event: [manual, pull_request, push]
+  branch: main
+  path: [.woodpecker/lint.yaml, renovate.json, "**/*.y*ml", "**/*.md"]
+
+steps:
+
+  renovate:
+    image: kokuwaio/renovate-config-validator
+    depends_on: []
+    when: [path: [.woodpecker/lint.yaml, renovate.json]]
+
+  yaml:
+    image: kokuwaio/yamllint
+    depends_on: []
+    when: [path: [.woodpecker/lint.yaml, .yamllint.yaml, "**/*.y*ml"]]
+
+  markdown:
+    image: kokuwaio/markdownlint
+    depends_on: []
+    when: [path: [.woodpecker/lint.yaml, .markdownlint.yaml, "**/*.md"]]

.woodpecker/maven/settings.xml

@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 https://maven.apache.org/xsd/settings-1.0.0.xsd">
+	<interactiveMode>false</interactiveMode>
+	<localRepository>/woodpecker/.m2</localRepository>
+	<servers>
+		<server>
+			<id>sonatype-nexus</id>
+			<username>${env.NEXUS_USERNAME}</username>
+			<password>${env.NEXUS_PASSWORD}</password>
+		</server>
+	</servers>
+	<mirrors>
+		<mirror>
+			<url>http://mirror.woodpecker.svc/maven2</url>
+			<mirrorOf>central</mirrorOf>
+		</mirror>
+	</mirrors>
+</settings>

.woodpecker/verify.yaml

@@ -0,0 +1,24 @@
+when:
+  event: [manual, pull_request, push]
+  branch: main
+  path: [.woodpecker/verify.yaml, pom.xml, src/**]
+
+matrix:
+  KEYCLOAK_VERSION:
+    # - 22.0.5
+    # - 23.0.7
+    # - 24.0.5
+    # - 25.0.6
+    # - 26.0.8
+    # - 26.1.5
+    - 26.2.1
+
+services:
+  - name: dockerd
+    image: kokuwaio/dockerd
+    ports: [2375, 8080]
+
+steps:
+  verify:
+    image: maven:3.9.9-eclipse-temurin-17
+    commands: mvn verify --settings=.woodpecker/maven/settings.xml -Dversion.org.keycloak.test=$KEYCLOAK_VERSION

renovate.json

@@ -0,0 +1,33 @@
+{
+	"$schema": "https://docs.renovatebot.com/renovate-schema.json",
+	"labels": ["renovate", "renovate-manager/{{{manager}}}", "renovate-type/{{{updateType}}}"],
+	"dependencyDashboard": true,
+	"dependencyDashboardLabels": ["renovate"],
+	"dependencyDashboardApproval": true,
+	"dependencyDashboardOSVVulnerabilitySummary": "all",
+	"separateMajorMinor": true,
+	"separateMinorPatch": true,
+	"separateMultipleMinor": true,
+	"separateMultipleMajor": true,
+	"pinDigests": true,
+	"automerge": false,
+	"automergeStrategy": "fast-forward",
+	"rebaseWhen": "behind-base-branch",
+	"packageRules": [
+		{
+			"matchUpdateTypes": ["digest"],
+			"dependencyDashboardApproval": false,
+			"automergeType": "branch"
+		},{
+			"matchUpdateTypes": ["patch"],
+			"dependencyDashboardApproval": false,
+			"automerge": true
+		},{
+			"matchUpdateTypes": ["minor"],
+			"dependencyDashboardApproval": false
+		},{
+			"matchManagers": ["woodpecker"],
+			"pinDigests": false
+		}
+	]
+}

src/test/java/io/kokuwa/keycloak/metrics/junit/KeycloakExtension.java

@@ -13,6 +13,7 @@ import org.junit.jupiter.api.extension.ParameterContext;
 import org.junit.jupiter.api.extension.ParameterResolver;
 import org.keycloak.admin.client.Keycloak;
 import org.keycloak.admin.client.token.TokenService;
+import org.testcontainers.containers.FixedHostPortGenericContainer;
 import org.testcontainers.containers.GenericContainer;
 import org.testcontainers.containers.wait.strategy.Wait;
 import org.testcontainers.utility.MountableFile;
@@ -45,13 +46,16 @@ public class KeycloakExtension implements BeforeAllCallback, ParameterResolver {
 			throw new Exception("Failed to read properties", e);
 		}
 		var version = properties.getProperty("version");
+		var image = "quay.io/keycloak/keycloak:" + version;
 		var jar = properties.getProperty("jar");
 		var timeout = properties.getProperty("timeout");
 
 		// create and start container
 
-		@SuppressWarnings("resource")
+		@SuppressWarnings({ "resource", "deprecation" })
-		var container = new GenericContainer<>("quay.io/keycloak/keycloak:" + version)
+		var container = (System.getenv("CI") == null
+			? new GenericContainer<>(image).withExposedPorts(8080)
+			: new FixedHostPortGenericContainer<>(image).withFixedExposedPort(8080, 8080))
 				.withEnv("KEYCLOAK_ADMIN", "admin")
 				.withEnv("KEYCLOAK_ADMIN_PASSWORD", "password")
 				.withEnv("KC_LOG_LEVEL", "io.kokuwa:trace")
@@ -63,7 +67,6 @@ public class KeycloakExtension implements BeforeAllCallback, ParameterResolver {
 				.withEnv("KC_METRICS_STATS_INTERVAL", "PT1s")
 				.withCopyFileToContainer(MountableFile.forHostPath(jar), "/opt/keycloak/providers/metrics.jar")
 				.withLogConsumer(out -> System.out.print(out.getUtf8String()))
-				.withExposedPorts(8080)
 				.withStartupTimeout(Duration.parse(timeout))
 				.waitingFor(Wait.forHttp("/health").forPort(8080))
 				.withCommand("start-dev");