Merge remote-tracking branch 'origin/master' into feature/acs-4460_mtls_support

.github/workflows/ci.yml

@@ -0,0 +1,186 @@
+name: Alfresco Transform Core CI
+
+on:
+  push:
+    branches:
+      - master
+      - feature/**
+      - fix/**
+      - SP/**
+      - HF/**
+      - ATS-**
+      - ACS-**
+      - MNT-**
+  pull_request:
+    branches:
+      - master
+      - feature/**
+      - fix/**
+      - SP/**
+      - HF/**
+  schedule:
+    - cron: '0 5 * * 1'
+  workflow_dispatch:
+
+env:
+  DOCKERHUB_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
+  DOCKERHUB_USERNAME: ${{ secrets.DOCKER_USERNAME }}
+  NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }}
+  NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }}
+  QUAY_PASSWORD: ${{ secrets.QUAY_PASSWORD }}
+  QUAY_USERNAME: ${{ secrets.QUAY_USERNAME }}
+  GIT_USERNAME: ${{ secrets.BOT_GITHUB_USERNAME }}
+  GIT_EMAIL: ${{ secrets.BOT_GITHUB_EMAIL }}
+  GIT_PASSWORD: ${{ secrets.BOT_GITHUB_TOKEN }}
+  GITHUB_ACTIONS_DEPLOY_TIMEOUT: 60
+
+jobs:
+  veracode:
+    name: "Veracode - Source Clear Scan (SCA)"
+    runs-on: ubuntu-latest
+    if: >
+      github.ref_name == 'master' || 
+      github.event_name == 'pull_request'
+    steps:
+      - uses: actions/checkout@v3
+      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v1.34.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v1.34.0
+      - name: "Clean-up SNAPSHOT artifacts"
+        run: find "${HOME}/.m2/repository/" -type d -name "*-SNAPSHOT*" | xargs -r -l rm -rf
+      - uses: Alfresco/alfresco-build-tools/.github/actions/veracode@v1.34.0
+        with:
+          srcclr-api-token: ${{ secrets.SRCCLR_API_TOKEN }}
+
+  build_and_test:
+    name: "Core & Base Snapshot deployment"
+    runs-on: ubuntu-latest
+    if: >
+      github.ref_name == 'master' && 
+      github.event_name != 'pull_request'
+    steps:
+      - uses: actions/checkout@v3
+      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v1.34.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v1.34.0
+      - name: "Login to Docker Hub"
+        uses: docker/login-action@v2.1.0
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+      - name: "Login to Quay.io"
+        uses: docker/login-action@v2.1.0
+        with:
+          registry: quay.io
+          username: ${{ secrets.QUAY_USERNAME }}
+          password: ${{ secrets.QUAY_PASSWORD }}
+      - name: "Enable experimental docker features"
+        run: |
+          echo '{"experimental":true}' | sudo tee /etc/docker/daemon.json
+          sudo service docker restart
+      - name: "Clean-up SNAPSHOT artifacts"
+        run: find "${HOME}/.m2/repository/" -type d -name "*-SNAPSHOT*" | xargs -r -l rm -rf
+      - name: "Build"
+        timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }}
+        run: mvn -B -U -q clean install -DadditionalOption=-Xdoclint:none -DskipTests -Dmaven.javadoc.skip=true -Dmaven.wagon.http.pool=false -Pbase
+      - name: "Cache LibreOffice"
+        run: bash _ci/cache_artifacts.sh
+      - name: "Run tests"
+        timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }}
+        run: mvn -B -U clean deploy -DadditionalOption=-Xdoclint:none -Dmaven.javadoc.skip=true -Dmaven.wagon.http.pool=false -Pbase
+
+  all_tests_matrix:
+    name: ${{ matrix.testName }}
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - testName: ImageMagick
+            buildProfile: imagemagick
+            testProfile: imagemagick
+          - testName: LibreOffice
+            buildProfile: libreoffice
+            testProfile: libreoffice
+          - testName: Transform Misc
+            buildProfile: misc
+            testProfile: misc
+          - testName: PDF Renderer
+            buildProfile: pdf-renderer
+            testProfile: pdf-renderer
+          - testName: Tika
+            buildProfile: tika
+            testProfile: tika
+          - testName: All in One Transformer
+            buildProfile: full-build
+            testProfile: aio-test
+    steps:
+      - uses: actions/checkout@v3
+      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v1.34.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v1.34.0
+      - name: "Login to Docker Hub"
+        uses: docker/login-action@v2.1.0
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+      - name: "Login to Quay.io"
+        uses: docker/login-action@v2.1.0
+        with:
+          registry: quay.io
+          username: ${{ secrets.QUAY_USERNAME }}
+          password: ${{ secrets.QUAY_PASSWORD }}
+      - name: "Enable experimental docker features"
+        run: |
+          echo '{"experimental":true}' | sudo tee /etc/docker/daemon.json
+          sudo service docker restart
+      - name: "Clean-up SNAPSHOT artifacts"
+        run: find "${HOME}/.m2/repository/" -type d -name "*-SNAPSHOT*" | xargs -r -l rm -rf
+      - name: "Build local docker image"
+        timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }}
+        run: bash _ci/build.sh ${{ matrix.buildProfile }}
+      - name: "Cache LibreOffice"
+        run: bash _ci/cache_artifacts.sh
+      - name: "Run tests"
+        timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }}
+        run: bash _ci/test.sh ${{ matrix.testProfile }}
+
+  release:
+    name: "Release"
+    runs-on: ubuntu-latest
+    needs: [veracode, build_and_test, all_tests_matrix]
+    if: >
+      !failure() &&
+      contains(github.event.head_commit.message, '[release]') &&
+      github.event_name != 'pull_request' &&
+      (github.ref_name == 'master' || startsWith(github.ref_name, 'SP/') || startsWith(github.ref_name, 'HF/'))
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          persist-credentials: false
+      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v1.34.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v1.34.0
+      - name: "Login to Docker Hub"
+        uses: docker/login-action@v2.1.0
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+      - name: "Login to Quay.io"
+        uses: docker/login-action@v2.1.0
+        with:
+          registry: quay.io
+          username: ${{ secrets.QUAY_USERNAME }}
+          password: ${{ secrets.QUAY_PASSWORD }}
+      - name: "Enable experimental docker features"
+        run: |
+          echo '{"experimental":true}' | sudo tee /etc/docker/daemon.json
+          sudo service docker restart
+      - name: "Clean-up SNAPSHOT artifacts"
+        run: find "${HOME}/.m2/repository/" -type d -name "*-SNAPSHOT*" | xargs -r -l rm -rf
+      - uses: Alfresco/alfresco-build-tools/.github/actions/configure-git-author@v1.34.0
+        with:
+          username: ${{ env.GIT_USERNAME }}
+          email: ${{ env.GIT_EMAIL }}
+          global: true
+      - name: "Cache LibreOffice"
+        run: bash _ci/cache_artifacts.sh
+      - name: "Release"
+        timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }}
+        run: bash _ci/release.sh

.travis.yml

@@ -1,84 +0,0 @@
----
-language: java
-jdk: openjdk17
-os: linux
-dist: focal
-
-git:
-  depth: false
-  quiet: true
-
-services:
-  - docker
-
-cache:
-  directories:
-    - ${HOME}/.m2/repository
-    - ${HOME}/artifacts
-
-branches:
-  only:
-    - master
-    - /^SP\/.+$/
-    - /^HF\/.+$/
-    - /^ATS-.*$/
-    - /^ACS-.*$/
-    - /^MNT-.*$/
-
-stages:
-  - name: Veracode Scan
-    if: branch = master
-  - build and test
-  - release
-
-before_install: bash _ci/init.sh
-
-jobs:
-  include:
-    - stage: Veracode Scan
-      name: "Veracode - Source Clear Scan (SCA)"
-      install: skip
-      script: travis_wait 30 bash _ci/source_clear.sh
-
-    - stage: Build and Test
-      name: "Core & Base Snapshot deployment" # This is to separate the snapshot deployment from the following jobs, to prevent duplication on nexus
-      if: branch = master AND type != pull_request
-      before_script: travis_wait bash _ci/cache_artifacts.sh
-      install: travis_wait 20 mvn -B -U -q clean install -DadditionalOption=-Xdoclint:none -DskipTests -Dmaven.javadoc.skip=true -Dmaven.wagon.http.pool=false -Pbase
-      script: mvn -B -U clean deploy -DadditionalOption=-Xdoclint:none -Dmaven.javadoc.skip=true -Dmaven.wagon.http.pool=false -Pbase
-
-    - name: "ImageMagick"
-      before_script: travis_wait bash _ci/cache_artifacts.sh
-      install: _ci/build.sh imagemagick
-      script: bash _ci/test.sh imagemagick
-
-    - name: "LibreOffice"
-      before_script: travis_wait bash _ci/cache_artifacts.sh
-      install: _ci/build.sh libreoffice
-      script: bash _ci/test.sh libreoffice
-
-    - name: "Transform Misc"
-      before_script: travis_wait bash _ci/cache_artifacts.sh
-      install: _ci/build.sh misc
-      script: bash _ci/test.sh misc
-
-    - name: "PDF Renderer"
-      before_script: travis_wait bash _ci/cache_artifacts.sh
-      install: _ci/build.sh pdf-renderer
-      script: bash _ci/test.sh pdf-renderer
-
-    - name: "Tika"
-      before_script: travis_wait bash _ci/cache_artifacts.sh
-      install: _ci/build.sh tika
-      script: bash _ci/test.sh tika
-
-    - name: "All in One Transformer"
-      before_script: travis_wait bash _ci/cache_artifacts.sh
-      install: _ci/build.sh full-build
-      script:  travis_wait 30 bash _ci/test.sh aio-test
-
-    - name: "Release"
-      stage: release
-      if: commit_message ~= /\[release\]/ AND branch ~= /^(master|SP\/.+|HF\/.+)$/
-      before_script: travis_wait bash _ci/cache_artifacts.sh
-      script: travis_wait 55 bash _ci/release.sh

README.md

@@ -1,5 +1,5 @@
 ## Alfresco Transform Core
-[![Build Status](https://travis-ci.com/Alfresco/alfresco-transform-core.svg?branch=master)](https://travis-ci.com/Alfresco/alfresco-transform-core)
+[![Build Status](https://github.com/Alfresco/alfresco-transform-core/actions/workflows/ci.yml/badge.svg?branch=master)](https://github.com/Alfresco/alfresco-transform-core/actions/workflows/ci.yml)
 
 Contains the common transformer (T-Engine) code, plus a few implementations.
 

_ci/cache_artifacts.sh

@@ -14,7 +14,7 @@ if [ -f "${HOME}/artifacts/libreoffice-dist-${LIBREOFFICE_VERSION}-linux.gz" ];
     echo "Using cached LibreOffice distribution..."
 else
     echo "Downloading LibreOffice distribution..."
-    curl -s -S ${LIBREOFFICE_RPM_URL} -o "${HOME}/artifacts/libreoffice-dist-${LIBREOFFICE_VERSION}-linux.gz"
+    curl -s -S ${LIBREOFFICE_RPM_URL} -o "${HOME}/artifacts/libreoffice-dist-${LIBREOFFICE_VERSION}-linux.gz" --create-dirs
 fi
 cp "${HOME}/artifacts/libreoffice-dist-${LIBREOFFICE_VERSION}-linux.gz" engines/libreoffice
 

_ci/init.sh

@@ -1,20 +0,0 @@
-#!/usr/bin/env bash
-
-echo "=========================== Starting Init Script ==========================="
-PS4="\[\e[35m\]+ \[\e[m\]"
-set -vex
-pushd "$(dirname "${BASH_SOURCE[0]}")/../"
-
-mkdir -p ${HOME}/.m2 && cp -rf _ci/settings.xml ${HOME}/.m2/
-echo "${QUAY_PASSWORD}" | docker login -u="${QUAY_USERNAME}" --password-stdin quay.io
-echo "${DOCKERHUB_PASSWORD}" | docker login -u=${DOCKERHUB_USERNAME} --password-stdin docker.io
-find "${HOME}/.m2/repository/" -type d -name "*-SNAPSHOT*" | xargs -r -l rm -rf
-
-# Enable experimental docker features (e.g. squash options)
-echo '{"experimental":true}' | sudo tee /etc/docker/daemon.json
-sudo service docker restart
-
-popd
-set +vex
-echo "=========================== Finishing Init Script =========================="
-

_ci/release.sh

@@ -5,17 +5,11 @@ PS4="\[\e[35m\]+ \[\e[m\]"
 set -vex
 pushd "$(dirname "${BASH_SOURCE[0]}")/../"
 
-# For PR builds only execute a Dry Run of the release
-[ "${TRAVIS_PULL_REQUEST}" = "false" ] && DRY_RUN="" || DRY_RUN="-DdryRun"
-
-# Travis CI runner work on DETACHED HEAD, so we need to checkout the release branch
-git checkout -B "${TRAVIS_BRANCH}"
-
-git config user.email "build@alfresco.com"
+# GitHub Actions CI runner work on DETACHED HEAD, so we need to checkout the release branch
+git checkout -B "${BRANCH_NAME}"
 
 # Run the release plugin - with "[skip ci]" in the release commit message
 mvn -B -Dmaven.wagon.http.pool=false \
-    ${DRY_RUN} \
     -Prelease \
     "-Darguments=-Prelease -DskipTests -Dmaven.javadoc.skip -Dadditionalparam=-Xdoclint:none" \
     release:clean release:prepare release:perform \

_ci/source_clear.sh

@@ -1,26 +0,0 @@
-#!/usr/bin/env bash
-
-echo "=========================== Starting SourceClear Script ==========================="
-PS4="\[\e[35m\]+ \[\e[m\]"
-set +e -v -x
-pushd "$(dirname "${BASH_SOURCE[0]}")/../"
-
-mvn -B -U -q clean install \
-    -DskipTests \
-    -Dmaven.javadoc.skip=true \
-    com.srcclr:srcclr-maven-plugin:scan \
-    -Dcom.srcclr.apiToken=${SRCCLR_API_TOKEN} > scan.log
-
-SUCCESS=$?   # this will read exit code of the previous command
-
-if [ -z "$VERACODE_FAILS_BUILD" ] || [ "$VERACODE_FAILS_BUILD" = false ] ; then
-    SUCCESS=0
-fi
-
-cat scan.log | grep -e 'Full Report Details' -e 'Failed'
-
-popd
-set +vex
-echo "=========================== Finishing SourceClear Script =========================="
-
-exit ${SUCCESS}

_ci/test.sh

@@ -6,10 +6,10 @@ set -vex
 pushd "$(dirname "${BASH_SOURCE[0]}")/../"
 
 # Always build the image, but only publish from the "master" branch
-[ "${TRAVIS_PULL_REQUEST}" = "false" ] && [ "${TRAVIS_BRANCH}" = "master" ] && PROFILE="internal" || PROFILE="local"
+[ "${PULL_REQUEST}" = "false" ] && [ "${BRANCH_NAME}" = "master" ] && PROFILE="internal" || PROFILE="local"
 
 # If the branch is "master" and the commit is not a Pull Request then deploy the JAR SNAPSHOT artifacts
-[ "${TRAVIS_PULL_REQUEST}" = "false" ] && [ "${TRAVIS_BRANCH}" = "master" ] && DEPLOY="deploy" || DEPLOY="verify"
+[ "${PULL_REQUEST}" = "false" ] && [ "${BRANCH_NAME}" = "master" ] && DEPLOY="deploy" || DEPLOY="verify"
 
 # Do not deploy snapshots for alfresco-transform-core, alfresco-transformer-base and alfresco-base-t-engine
 mvn -B -U -Dmaven.wagon.http.pool=false \

deprecated/alfresco-transformer-base/README.md

@@ -231,7 +231,7 @@ and the Alfresco Maven repository:
 </repository>
 ~~~
 
-The build plan is available in [TravisCI](https://travis-ci.com/Alfresco/alfresco-transform-core).
+The build plan is available in [GitHub Actions CI](https://github.com/Alfresco/alfresco-transform-core/actions).
 
 ## Contributing guide
 

deprecated/alfresco-transformer-base/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-transform-core</artifactId>
-        <version>3.0.1-SNAPSHOT</version>
+        <version>3.0.1-A2-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 

docs/build-and-release.md

@@ -1,6 +1,6 @@
 # Build
-The `alfresco-transform-core` project uses _Travis CI_. \
-The `.travis.yml` config file can be found in the root of the repository.
+The `alfresco-transform-core` project uses _GitHub Actions CI_. \
+The `ci.yml` config file can be found in the `.github/workflows` directory of the project.
 
 
 ## Stages and Jobs
@@ -9,7 +9,7 @@ The `.travis.yml` config file can be found in the root of the repository.
 
 
 ## Branches
-Travis CI builds differ by branch:
+GitHub Actions CI builds differ by branch:
 * `master` / `SP/*` / `HF/*` branches:
   - regular builds which include the _Build_ stage;
     > On the `master` branch only the _Build_ stage updates the `latest` T-Engines images on 
@@ -22,8 +22,6 @@ Travis CI builds differ by branch:
     > - alfresco/alfresco-transform-core-aio
   - if the commit message contains the `[release]` tag, the builds will also 
   include the _Release_ stage;
-  - PR builds where the latest commit contains the `[release]` tag will execute dry runs 
-  of the release jobs (no artifacts will be published until the PR is actually merged).
 * `ATS-*` / `ACS-*` branches:
   - regular builds which include only the _Build_ and _Tests_ stages;
 
@@ -53,11 +51,8 @@ been generated by steps (2) and (3), then an empty commit should be created - e.
  
      > The location of the `[release]` tag in the commit message is irrelevant.
 
-     > If for any reason your PR contains multiple commits, the commit with the `[release]`
-     tag should be the last (newest) one. This will trigger the Release dry runs.
 5. Open a new Pull Request from the `ATS-###_release_version` branch into the original
-`master` / `SP/*` / `HF/*` branch and wait for a green build; the **Release** stage on the PR build
- will only execute a _Dry_Run_ of the release.
+`master` / `SP/*` / `HF/*` branch and wait for a green build.
 6. Once it is approved, merge the PR, preferably through the **Rebase and merge** option. If the 
 **Create a merge commit** (_Merge pull request_) or **Squash and merge** options are used, you 
 need to ensure that the _commit message_ contains the `[release]` tag (sub-string).

engines/aio/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-transform-core</artifactId>
-        <version>3.0.1-SNAPSHOT</version>
+        <version>3.0.1-A2-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 

engines/base/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-transform-core</artifactId>
-        <version>3.0.1-SNAPSHOT</version>
+        <version>3.0.1-A2-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 

engines/example/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-transform-core</artifactId>
-        <version>3.0.1-SNAPSHOT</version>
+        <version>3.0.1-A2-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 

engines/imagemagick/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-transform-core</artifactId>
-        <version>3.0.1-SNAPSHOT</version>
+        <version>3.0.1-A2-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 

engines/libreoffice/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-transform-core</artifactId>
-        <version>3.0.1-SNAPSHOT</version>
+        <version>3.0.1-A2-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 

engines/misc/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-transform-core</artifactId>
-        <version>3.0.1-SNAPSHOT</version>
+        <version>3.0.1-A2-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 

engines/pdfrenderer/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-transform-core</artifactId>
-        <version>3.0.1-SNAPSHOT</version>
+        <version>3.0.1-A2-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 

engines/tika/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-transform-core</artifactId>
-        <version>3.0.1-SNAPSHOT</version>
+        <version>3.0.1-A2-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 

model/pom.xml

@@ -8,7 +8,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-transform-core</artifactId>
-        <version>3.0.1-SNAPSHOT</version>
+        <version>3.0.1-A2-SNAPSHOT</version>
     </parent>
 
     <properties>

pom.xml

@@ -3,7 +3,7 @@
     <modelVersion>4.0.0</modelVersion>
     <groupId>org.alfresco</groupId>
     <artifactId>alfresco-transform-core</artifactId>
-    <version>3.0.1-SNAPSHOT</version>
+    <version>3.0.1-A2-SNAPSHOT</version>
     <name>Alfresco Transform Core</name>
     <packaging>pom</packaging>