update project config

vegardit · Dec 5, 2023 · d9ad99a · d9ad99a
1 parent 7243f01
commit d9ad99a
Show file tree

Hide file tree

Showing 8 changed files with 115 additions and 44 deletions.
diff --git a/.ci/build.sh b/.ci/build.sh
@@ -1,7 +1,7 @@
 #!/usr/bin/env bash
 #
 # SPDX-FileCopyrightText: © Vegard IT GmbH (https://vegardit.com)
-# SPDX-FileContributor: Sebastian Thomschke
+# SPDX-FileContributor: Sebastian Thomschke (Vegard IT GmbH)
 # SPDX-License-Identifier: Apache-2.0
 # SPDX-ArtifactOfProjectHomePage: https://github.com/vegardit/vegardit-maven-parent
 

diff --git a/.ci/maven-settings.xml b/.ci/maven-settings.xml
@@ -1,7 +1,6 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
 <settings xmlns="http://maven.apache.org/SETTINGS/1.2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.2.0 https://maven.apache.org/xsd/settings-1.2.0.xsd">
-
    <servers>
       <server>
          <id>sonatype-ossrh</id>
@@ -14,5 +13,4 @@
          <password>${env.GITHUB_API_KEY}</password>
       </server>
    </servers>
-
 </settings>
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
@@ -0,0 +1,6 @@
+*Issue #, if available:*
+
+*Description of changes:*
+
+
+By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -6,28 +6,28 @@ updates:
     schedule:
       interval: weekly
       day: monday
-      time: "09:00"
+      time: "10:00"
     commit-message:
       prefix: fix
       prefix-development: chore
       include: scope
     labels:
-      - gha
-      - dependencies
       - pinned
+      - dependencies
+      - gha
   - package-ecosystem: maven
     directory: /
     schedule:
       interval: weekly
       day: monday
-      time: "09:00"
+      time: "10:00"
     commit-message:
       prefix: fix
       prefix-development: chore
       include: scope
     labels:
-      - mvn
-      - dependencies
       - pinned
+      - dependencies
+      - mvn
     ignore:
       - dependency-name: "co.leantechniques:maven-buildtime-extension"
diff --git a/.github/stale.yml b/.github/stale.yml
@@ -1,13 +1,14 @@
 # Configuration for probot-stale - https://github.com/probot/stale
 
 # Number of days of inactivity before an issue becomes stale
-daysUntilStale: 60
+daysUntilStale: 120
 
 # Number of days of inactivity before a stale issue is closed
-daysUntilClose: 7
+daysUntilClose: 14
 
 # Issues with these labels will never be considered stale
 exemptLabels:
+  - enhancement
   - pinned
   - security
 
@@ -18,7 +19,8 @@ staleLabel: wontfix
 markComment: >
   This issue has been automatically marked as stale because it has not had
   recent activity. It will be closed in 7 days if no further activity occurs.
-  Thank you for your contributions.
+  If the issue is still valid, please add a respective comment to prevent this 
+  issue from being closed automatically. Thank you for your contributions.
 
 # Comment to post when closing a stale issue. Set to `false` to disable
 closeComment: false
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -1,5 +1,5 @@
 # SPDX-FileCopyrightText: © Vegard IT GmbH (https://vegardit.com)
-# SPDX-FileContributor: Sebastian Thomschke
+# SPDX-FileContributor: Sebastian Thomschke (Vegard IT GmbH)
 # SPDX-License-Identifier: Apache-2.0
 # SPDX-ArtifactOfProjectHomePage: https://github.com/vegardit/vegardit-maven-parent
 #
@@ -19,13 +19,28 @@ on:
     - '.git*'
     - '.github/*.yml'
   pull_request:
+    paths-ignore:
+    - '**/*.adoc'
+    - '**/*.md'
+    - '.editorconfig'
+    - '.git*'
+    - '.github/*.yml'
   workflow_dispatch:
     # https://github.blog/changelog/2020-07-06-github-actions-manual-triggers-with-workflow_dispatch/
     inputs:
       additional_maven_args:
         description: 'Additional Maven Args'
         required: false
         default: ''
+      debug-with-ssh:
+        description: "Start an SSH session for debugging purposes at the end of the build:"
+        default: never
+        type: choice
+        options: [ always, on_failure, on_failure_or_cancelled, never ]
+      debug-with-ssh-only-for-actor:
+        description: "Limit access to the SSH session to the GitHub user that triggered the job."
+        default: true
+        type: boolean
 
 defaults:
   run:
@@ -34,22 +49,33 @@ defaults:
 env:
   JAVA_VERSION: 11
 
+
 jobs:
-  build:
+
+  ###########################################################
+  maven-build:
+  ###########################################################
     runs-on: ubuntu-latest
+
+    # https://docs.github.com/en/actions/using-jobs/using-concurrency
+    concurrency: ci-${{ github.ref }}
+
     steps:
     - name: Show environment variables
       run: env | sort
 
+
     - name: Git Checkout
-      uses: actions/checkout@v4 #https://github.com/actions/checkout
+      uses: actions/checkout@v4 # https://github.com/actions/checkout
 
-    - name: Set up JDK ${{ env.JAVA_VERSION }}
-      uses: actions/setup-java@v4 #https://github.com/actions/setup-java
+
+    - name: "Install: JDK ${{ env.JAVA_VERSION }}"
+      uses: actions/setup-java@v4 # https://github.com/actions/setup-java
       with:
         distribution: temurin
         java-version: ${{ env.JAVA_VERSION }}
 
+
     # reusing CDS archives of the same JVM randomly fails in GitHub Actions with
     # "An error has occurred while processing the shared archive file. shared class paths mismatch"
     #- name: Calculate Java version checksum
@@ -63,6 +89,7 @@ jobs:
     #      ~/.xshare/${{ steps.java-version-checksum.outputs.md5sum }}
     #    key: ${{ runner.os }}-xshare-${{ steps.java-version-checksum.outputs.md5sum }}
 
+
     - name: "Cache: Restore"
       id: cache-restore
       if: ${{ !env.ACT }} # https://github.com/nektos/act#skipping-steps
@@ -74,6 +101,7 @@ jobs:
           !~/.m2/repository/com/vegardit/maven
         key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
 
+
     - name: Test with Maven
       id: maven-test
       if: ${{ github.ref_name != 'main' || env.ACT }}
@@ -84,6 +112,7 @@ jobs:
       run: |
         bash .ci/build.sh ${{ github.event.inputs.additional_maven_args }}
 
+
     - name: Build with Maven
       id: maven-build
       if: ${{ github.ref_name == 'main' && !env.ACT }}
@@ -107,7 +136,7 @@ jobs:
 
     ##################################################
     # Cache Update
-    # See https://github.com/actions/cache/issues/342
+    # See https://github.com/actions/cache/issues/342#issuecomment-1399442670
     ##################################################
     - name: "Cache: Delete Previous"
       if: ${{ steps.cache-restore.outputs.cache-hit && !env.ACT }}
@@ -126,11 +155,41 @@ jobs:
           ~/.m2/bin
           ~/.m2/repository
           !~/.m2/repository/com/vegardit/maven
+          !~/.m2/repository/*SNAPSHOT*
         key: ${{ steps.cache-restore.outputs.cache-primary-key }}
 
 
+    ##################################################
+    # Setup SSH debug session
+    ##################################################
+    - name: "SSH session for debugging: check"
+      id: DEBUG_SSH_SESSSION_CHECK
+      if: always()
+      run: |
+        set -eu
+
+        when="${{ inputs.debug-with-ssh }}"
+
+        if [[ $when == "always" ]] || case "${{ job.status }}" in
+          success)   [[ $when == "always" ]] ;;
+          cancelled) [[ $when == "on_failure_or_cancelled" ]] ;;
+          failure)   [[ $when == "on_failure"* ]] ;;
+        esac; then
+          echo "start_ssh_session=true" | tee -a "$GITHUB_OUTPUT"
+        fi
+
+
+    - name: "SSH session for debugging: start"
+      uses: mxschmitt/action-tmate@v3 # https://github.com/mxschmitt/action-tmate
+      if: always() && steps.DEBUG_SSH_SESSSION_CHECK.outputs.start_ssh_session
+      with:
+        limit-access-to-actor: ${{ inputs.debug-with-ssh-only-for-actor }}
+
+
+  ###########################################################
   dependabot-pr-auto-merge:
-    needs: build
+  ###########################################################
+    needs: maven-build
     if: ${{ github.event_name == 'pull_request' && github.actor == 'dependabot[bot]' }}
     runs-on: ubuntu-latest
 
@@ -147,6 +206,7 @@ jobs:
       with:
         github-token: "${{ secrets.GITHUB_TOKEN }}"
 
+
     - name: Enable auto-merge for Dependabot PRs
       if: |
         ${{

diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md
@@ -6,8 +6,8 @@ We as members, contributors, and leaders pledge to make participation in our
 community a harassment-free experience for everyone, regardless of age, body
 size, visible or invisible disability, ethnicity, sex characteristics, gender
 identity and expression, level of experience, education, socio-economic status,
-nationality, personal appearance, race, religion, or sexual identity
-and orientation.
+nationality, personal appearance, race, caste, color, religion, or sexual
+identity and orientation.
 
 We pledge to act and interact in ways that contribute to an open, welcoming,
 diverse, inclusive, and healthy community.
@@ -22,17 +22,17 @@ community include:
 * Giving and gracefully accepting constructive feedback
 * Accepting responsibility and apologizing to those affected by our mistakes,
   and learning from the experience
-* Focusing on what is best not just for us as individuals, but for the
-  overall community
+* Focusing on what is best not just for us as individuals, but for the overall
+  community
 
 Examples of unacceptable behavior include:
 
-* The use of sexualized language or imagery, and sexual attention or
-  advances of any kind
+* The use of sexualized language or imagery, and sexual attention or advances of
+  any kind
 * Trolling, insulting or derogatory comments, and personal or political attacks
 * Public or private harassment
-* Publishing others' private information, such as a physical or email
-  address, without their explicit permission
+* Publishing others' private information, such as a physical or email address,
+  without their explicit permission
 * Other conduct which could reasonably be considered inappropriate in a
   professional setting
 
@@ -60,7 +60,7 @@ representative at an online or offline event.
 
 Instances of abusive, harassing, or otherwise unacceptable behavior may be
 reported to the community leaders responsible for enforcement at
-https://vegardit.com/about/legal/.
+https://vegardit.com/en/legal/
 All complaints will be reviewed and investigated promptly and fairly.
 
 All community leaders are obligated to respect the privacy and security of the
@@ -82,15 +82,15 @@ behavior was inappropriate. A public apology may be requested.
 
 ### 2. Warning
 
-**Community Impact**: A violation through a single incident or series
-of actions.
+**Community Impact**: A violation through a single incident or series of
+actions.
 
 **Consequence**: A warning with consequences for continued behavior. No
 interaction with the people involved, including unsolicited interaction with
 those enforcing the Code of Conduct, for a specified period of time. This
 includes avoiding interactions in community spaces as well as external channels
-like social media. Violating these terms may lead to a temporary or
-permanent ban.
+like social media. Violating these terms may lead to a temporary or permanent
+ban.
 
 ### 3. Temporary Ban
 
@@ -106,23 +106,27 @@ Violating these terms may lead to a permanent ban.
 ### 4. Permanent Ban
 
 **Community Impact**: Demonstrating a pattern of violation of community
-standards, including sustained inappropriate behavior,  harassment of an
+standards, including sustained inappropriate behavior, harassment of an
 individual, or aggression toward or disparagement of classes of individuals.
 
-**Consequence**: A permanent ban from any sort of public interaction within
-the community.
+**Consequence**: A permanent ban from any sort of public interaction within the
+community.
 
 ## Attribution
 
 This Code of Conduct is adapted from the [Contributor Covenant][homepage],
-version 2.0, available at
-https://www.contributor-covenant.org/version/2/0/code_of_conduct.html.
+version 2.1, available at
+[https://www.contributor-covenant.org/version/2/1/code_of_conduct.html][v2.1].
 
-Community Impact Guidelines were inspired by [Mozilla's code of conduct
-enforcement ladder](https://github.com/mozilla/diversity).
-
-[homepage]: https://www.contributor-covenant.org
+Community Impact Guidelines were inspired by
+[Mozilla's code of conduct enforcement ladder][Mozilla CoC].
 
 For answers to common questions about this code of conduct, see the FAQ at
-https://www.contributor-covenant.org/faq. Translations are available at
-https://www.contributor-covenant.org/translations.
+[https://www.contributor-covenant.org/faq][FAQ]. Translations are available at
+[https://www.contributor-covenant.org/translations][translations].
+
+[homepage]: https://www.contributor-covenant.org
+[v2.1]: https://www.contributor-covenant.org/version/2/1/code_of_conduct.html
+[Mozilla CoC]: https://github.com/mozilla/diversity
+[FAQ]: https://www.contributor-covenant.org/faq
+[translations]: https://www.contributor-covenant.org/translations
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -8,6 +8,7 @@ We want to make contributing as easy and transparent as possible.
 ## Code of Conduct
 
 Our code of conduct is described in [CODE_OF_CONDUCT.md](CODE_OF_CONDUCT.md).
+Please follow it in all your interactions with the project.
 
 
 ## Issues
@@ -20,6 +21,6 @@ We use GitHub issues to track bugs and feature requests. Please ensure your desc
 Before you make a substantial pull request, please file an issue and make sure someone from the team agrees that there is a problem or room for improvement.
 
 
-## License
+### License
 
 By contributing your code, you agree to license your contribution under the [Apache License 2.0](LICENSE.txt).