From bacb9475456de462da504302933b03337bcdca36 Mon Sep 17 00:00:00 2001
From: Stephan Schnabel <stephan.schnabel@posteo.de>
Date: Tue, 25 Jan 2022 11:30:00 +0100
Subject: [PATCH] Improve repository.

- add kokuwa checkstyle
- add dependabot
- add dependency documentation
- add code owners
- add codeql
- add license badge
---
 .github/CODEOWNERS                 |  2 +
 .github/dependabot.yml             | 13 ++++++
 .github/workflows/codeql.yaml      | 22 +++++++++
 .github/workflows/dependabot.yaml  | 22 +++++++++
 .github/workflows/lint.yaml        | 26 +++++++++++
 .github/workflows/pullrequest.yaml | 26 +++++++++++
 .github/workflows/release.yaml     | 12 ++---
 .github/workflows/snapshot.yaml    | 36 ++++-----------
 README.md                          | 15 +++++-
 pom.xml                            | 74 ++++++++++++++++++++++++------
 10 files changed, 200 insertions(+), 48 deletions(-)
 create mode 100644 .github/CODEOWNERS
 create mode 100644 .github/dependabot.yml
 create mode 100644 .github/workflows/codeql.yaml
 create mode 100644 .github/workflows/dependabot.yaml
 create mode 100644 .github/workflows/lint.yaml
 create mode 100644 .github/workflows/pullrequest.yaml

diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
new file mode 100644
index 0000000..04a08ef
--- /dev/null
+++ b/.github/CODEOWNERS
@@ -0,0 +1,2 @@
+# https://docs.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners#codeowners-syntax
+* @kokuwaio-bot @sschnabe @rpahli @fabian-schlegel
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..a16b8c5
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,13 @@
+version: 2
+updates:
+  - package-ecosystem: maven
+    directory: /
+    schedule:
+      interval: daily
+    ignore:
+      - dependency-name: ch.qos.logback:logback-classic
+        update-types: ["version-update:semver-major", "version-update:semver-minor"]
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: daily
diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml
new file mode 100644
index 0000000..3331a20
--- /dev/null
+++ b/.github/workflows/codeql.yaml
@@ -0,0 +1,22 @@
+name: CodeQL
+
+"on":
+  workflow_dispatch: {}
+  pull_request: {}
+  schedule:
+    - cron: '0 0 * * *'
+
+jobs:
+  codeql:
+    runs-on: ubuntu-latest
+    permissions:
+      security-events: write
+      actions: read
+      contents: read
+    steps:
+      - uses: actions/checkout@v2.4.0
+      - uses: github/codeql-action/init@v1
+        with:
+          languages: java
+      - uses: github/codeql-action/autobuild@v1
+      - uses: github/codeql-action/analyze@v1
diff --git a/.github/workflows/dependabot.yaml b/.github/workflows/dependabot.yaml
new file mode 100644
index 0000000..5e5e6f9
--- /dev/null
+++ b/.github/workflows/dependabot.yaml
@@ -0,0 +1,22 @@
+name: Dependabot
+
+"on": pull_request_target
+
+jobs:
+  auto-merge:
+    runs-on: ubuntu-latest
+    if: ${{ github.actor == 'dependabot[bot]' }}
+    steps:
+      - uses: dependabot/fetch-metadata@v1.1.1
+        id: metadata
+        with:
+          github-token: "${{ secrets.GIT_ACTION_TOKEN }}"
+      - run: gh pr review --approve "$PR_URL"
+        if: ${{ steps.dependabot-metadata.outputs.update-type != 'version-update:semver-major' }}
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GITHUB_TOKEN: ${{ secrets.GIT_ACTION_TOKEN }}
+      - run: gh pr merge --auto --squash "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GITHUB_TOKEN: ${{ secrets.GIT_ACTION_TOKEN }}
diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml
new file mode 100644
index 0000000..a5f0047
--- /dev/null
+++ b/.github/workflows/lint.yaml
@@ -0,0 +1,26 @@
+name: Lint
+
+"on":
+  workflow_dispatch: {}
+  push:
+    branches: [main]
+  pull_request: {}
+
+jobs:
+
+  yaml:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2.4.0
+      - uses: ibiqlik/action-yamllint@v3.1.0
+        with:
+          format: colored
+          strict: true
+
+  markdown:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2.4.0
+      - uses: avto-dev/markdown-lint@v1.5.0
+        with:
+          args: /github/workspace
diff --git a/.github/workflows/pullrequest.yaml b/.github/workflows/pullrequest.yaml
new file mode 100644
index 0000000..9715c00
--- /dev/null
+++ b/.github/workflows/pullrequest.yaml
@@ -0,0 +1,26 @@
+name: PullRequest
+
+"on": pull_request
+
+jobs:
+
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2.4.0
+      - uses: actions/setup-java@v3.0.0
+        with:
+          distribution: temurin
+          java-version: 11
+          cache: maven
+      - run: mvn -B dependency:go-offline
+      - run: mvn -B verify
+      - uses: dorny/test-reporter@v1.5.0
+        if: failure()
+        with:
+          name: surefire
+          path: '**/target/surefire-reports/*.xml,**/target/invoker-reports/*.xml'
+          reporter: java-junit
+          list-suites: failed
+          list-tests: failed
+          fail-on-error: false
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index 8f52669..2b260f1 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -1,31 +1,31 @@
 name: Release
 
-"on":
-  workflow_dispatch: {}
+"on": workflow_dispatch
 
 jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v2.4.0
         with:
           token: ${{ secrets.GIT_ACTION_TOKEN }}
-      - uses: crazy-max/ghaction-import-gpg@v4
+      - uses: crazy-max/ghaction-import-gpg@v4.2.0
         with:
           gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
           passphrase: ${{ secrets.GPG_PASSPHRASE }}
           git_user_signingkey: true
           git_commit_gpgsign: true
-      - uses: actions/setup-java@v2
+      - uses: actions/setup-java@v3.0.0
         with:
           distribution: temurin
           java-version: 11
+          cache: maven
           server-id: sonatype-nexus
           server-username: SERVER_USERNAME
           server-password: SERVER_PASSWORD
           gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
           gpg-passphrase: GPG_PASSPHRASE
-      - run: mvn -B dependency:go-offline -q
+      - run: mvn -B dependency:go-offline
       - run: mvn -B release:prepare
       - run: mvn -B release:perform
         env:
diff --git a/.github/workflows/snapshot.yaml b/.github/workflows/snapshot.yaml
index a8d4226..77a8038 100644
--- a/.github/workflows/snapshot.yaml
+++ b/.github/workflows/snapshot.yaml
@@ -2,32 +2,16 @@ name: Snapshot
 
 "on":
   workflow_dispatch: {}
-  push: {}
+  push:
+    branches: [main]
+    paths-ignore: ['**.md']
 
 jobs:
-
-  lint-yaml:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - uses: ibiqlik/action-yamllint@v3
-        with:
-          format: colored
-          strict: true
-
-  lint-markdown:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - uses: docker://avtodev/markdown-lint:v1
-        with:
-          args: /github/workspace
-
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-java@v2
+      - uses: actions/checkout@v2.4.0
+      - uses: actions/setup-java@v3.0.0
         with:
           distribution: temurin
           java-version: 11
@@ -35,19 +19,17 @@ jobs:
           server-id: sonatype-nexus
           server-username: SERVER_USERNAME
           server-password: SERVER_PASSWORD
-      - run: mvn -B dependency:go-offline -q
-      - run: mvn -B verify
-        if: github.ref != 'refs/heads/main'
+      - run: mvn -B dependency:go-offline
       - run: mvn -B deploy
-        if: github.ref == 'refs/heads/main'
         env:
           SERVER_USERNAME: ${{ secrets.SONATYPE_NEXUS_USERNAME }}
           SERVER_PASSWORD: ${{ secrets.SONATYPE_NEXUS_PASSWORD }}
-      - uses: dorny/test-reporter@v1
+      - uses: dorny/test-reporter@v1.5.0
         if: failure()
         with:
           name: surefire
-          path: '*/target/surefire-reports/*.xml'
+          path: '**/target/surefire-reports/*.xml'
           reporter: java-junit
           list-suites: failed
           list-tests: failed
+          fail-on-error: false
diff --git a/README.md b/README.md
index c2bae4d..d60bdc3 100644
--- a/README.md
+++ b/README.md
@@ -1,7 +1,20 @@
 # Micronaut Logging support
 
+[![Apache License, Version 2.0, January 2004](https://img.shields.io/github/license/kokuwaio/micronaut-logging.svg?label=License)](http://www.apache.org/licenses/)
 [![Maven Central](https://img.shields.io/maven-central/v/io.kokuwa.micronaut/micronaut-logging.svg?label=Maven%20Central)](https://search.maven.org/search?q=g:%22io.kokuwa.micronaut%22%20AND%20a:%22micronaut-logging%22)
-[![CI](https://github.com/kokuwaio/micronaut-logging/actions/workflows/snapshot.yaml/badge.svg)](https://github.com/kokuwaio/micronaut-logging/actions/workflows/snapshot.yaml)
+[![Build](https://img.shields.io/github/workflow/status/kokuwaio/micronaut-logging/Snapshot?label=Build)](https://github.com/kokuwaio/micronaut-logging/actions/workflows/snapshot.yaml?label=Build)
+[![Lint](https://img.shields.io/github/workflow/status/kokuwaio/micronaut-logging/Lint?label=Lint)](https://github.com/kokuwaio/micronaut-logging/actions/workflows/lint.yaml?label=Lint)
+
+Include in your `pom.xml`:
+
+```xml
+<dependency>
+  <groupId>io.kokuwa.micronaut</groupId>
+  <artifactId>micronaut-logging</artifactId>
+  <version>${version.io.kokuwa.micronaut.logging}</version>
+  <scope>runtime</scope>
+</dependency>
+```
 
 ## Features
 
diff --git a/pom.xml b/pom.xml
index f1e0419..051daa5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -23,12 +23,12 @@
 
 	<developers>
 		<developer>
-			<id>stephanschnabel</id>
+			<id>sschnabe</id>
 			<name>Stephan Schnabel</name>
-			<url>https://github.com/stephanschnabel</url>
+			<url>https://github.com/sschnabe</url>
 			<email>stephan@grayc.de</email>
 			<organization>GrayC GmbH</organization>
-			<organizationUrl>http://grayc.de</organizationUrl>
+			<organizationUrl>https://grayc.de</organizationUrl>
 		</developer>
 	</developers>
 
@@ -73,31 +73,41 @@
 		<maven.compiler.showDeprecation>true</maven.compiler.showDeprecation>
 		<maven.compiler.showWarnings>true</maven.compiler.showWarnings>
 
+		<maven.test.redirectTestOutputToFile>true</maven.test.redirectTestOutputToFile>
+
+		<checkstyle.config.location>checkstyle.xml</checkstyle.config.location>
+		<checkstyle.suppressions.location>checkstyle-suppression.xml</checkstyle.suppressions.location>
+		<checkstyle.includeTestSourceDirectory>true</checkstyle.includeTestSourceDirectory>
+
 		<!-- ===================================================================== -->
 		<!-- ============================= Versions ============================== -->
 		<!-- ===================================================================== -->
 
-		<!-- dependencies -->
-
-		<version.ch.qos.logback>1.2.10</version.ch.qos.logback>
-		<version.ch.qos.logback.contrib>0.1.5</version.ch.qos.logback.contrib>
-		<version.io.micronaut>3.2.6</version.io.micronaut>
-
 		<!-- plugins -->
 
+		<version.org.apache.maven.plugins.checkstyle>3.1.2</version.org.apache.maven.plugins.checkstyle>
 		<version.org.apache.maven.plugins.clean>3.1.0</version.org.apache.maven.plugins.clean>
-		<version.org.apache.maven.plugins.compiler>3.8.1</version.org.apache.maven.plugins.compiler>
+		<version.org.apache.maven.plugins.compiler>3.10.0</version.org.apache.maven.plugins.compiler>
+		<version.org.apache.maven.plugins.dependency_>3.2.0</version.org.apache.maven.plugins.dependency_>
 		<version.org.apache.maven.plugins.deploy>3.0.0-M2</version.org.apache.maven.plugins.deploy>
 		<version.org.apache.maven.plugins.gpg>3.0.1</version.org.apache.maven.plugins.gpg>
 		<version.org.apache.maven.plugins.install>3.0.0-M1</version.org.apache.maven.plugins.install>
-		<version.org.apache.maven.plugins.javadoc>3.3.1</version.org.apache.maven.plugins.javadoc>
-		<version.org.apache.maven.plugins.jar>3.2.1</version.org.apache.maven.plugins.jar>
+		<version.org.apache.maven.plugins.javadoc>3.3.2</version.org.apache.maven.plugins.javadoc>
+		<version.org.apache.maven.plugins.jar>3.2.2</version.org.apache.maven.plugins.jar>
 		<version.org.apache.maven.plugins.release>3.0.0-M5</version.org.apache.maven.plugins.release>
 		<version.org.apache.maven.plugins.resources>3.2.0</version.org.apache.maven.plugins.resources>
 		<version.org.apache.maven.plugins.source>3.2.1</version.org.apache.maven.plugins.source>
 		<version.org.apache.maven.plugins.surefire>3.0.0-M5</version.org.apache.maven.plugins.surefire>
 		<version.org.codehaus.mojo.tidy>1.1.0</version.org.codehaus.mojo.tidy>
-		<version.org.sonatype.plugins.nexus-staging>1.6.8</version.org.sonatype.plugins.nexus-staging>
+		<version.org.sonatype.plugins.nexus-staging>1.6.12</version.org.sonatype.plugins.nexus-staging>
+		<version.com.puppycrawl.tools.checkstyle>10.0</version.com.puppycrawl.tools.checkstyle>
+		<version.io.kokuwa.checkstyle>0.5.6</version.io.kokuwa.checkstyle>
+
+		<!-- dependencies -->
+
+		<version.ch.qos.logback>1.2.10</version.ch.qos.logback>
+		<version.ch.qos.logback.contrib>0.1.5</version.ch.qos.logback.contrib>
+		<version.io.micronaut>3.3.4</version.io.micronaut>
 
 	</properties>
 
@@ -191,6 +201,25 @@
 	<build>
 		<pluginManagement>
 			<plugins>
+				<plugin>
+					<groupId>org.apache.maven.plugins</groupId>
+					<artifactId>maven-checkstyle-plugin</artifactId>
+					<version>${version.org.apache.maven.plugins.checkstyle}</version>
+					<dependencies>
+						<dependency>
+							<groupId>com.puppycrawl.tools</groupId>
+							<artifactId>checkstyle</artifactId>
+							<version>${version.com.puppycrawl.tools.checkstyle}</version>
+						</dependency>
+						<dependency>
+							<groupId>io.kokuwa</groupId>
+							<artifactId>maven-parent</artifactId>
+							<version>${version.io.kokuwa.checkstyle}</version>
+							<type>zip</type>
+							<classifier>checkstyle</classifier>
+						</dependency>
+					</dependencies>
+				</plugin>
 				<plugin>
 					<groupId>org.apache.maven.plugins</groupId>
 					<artifactId>maven-clean-plugin</artifactId>
@@ -210,6 +239,11 @@
 						</annotationProcessorPaths>
 					</configuration>
 				</plugin>
+				<plugin>
+					<groupId>org.apache.maven.plugins</groupId>
+					<artifactId>maven-dependency-plugin</artifactId>
+					<version>${version.org.apache.maven.plugins.dependency_}</version>
+				</plugin>
 				<plugin>
 					<groupId>org.apache.maven.plugins</groupId>
 					<artifactId>maven-deploy-plugin</artifactId>
@@ -261,7 +295,6 @@
 					<artifactId>maven-surefire-plugin</artifactId>
 					<version>${version.org.apache.maven.plugins.surefire}</version>
 					<configuration>
-						<redirectTestOutputToFile>true</redirectTestOutputToFile>
 						<failIfNoTests>true</failIfNoTests>
 					</configuration>
 				</plugin>
@@ -305,6 +338,19 @@
 				</executions>
 			</plugin>
 
+			<!-- fail if checkstyle reports problems -->
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-checkstyle-plugin</artifactId>
+				<executions>
+					<execution>
+						<goals>
+							<goal>check</goal>
+						</goals>
+					</execution>
+				</executions>
+			</plugin>
+
 		</plugins>
 	</build>