diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index fc76a4c2..81cb9fd1 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -27,6 +27,7 @@ jobs: if: github.repository_owner == 'RHEcosystemAppEng' && startsWith(github.head_ref, 'release/') outputs: project_version: ${{ steps.project.outputs.version }} + last_release_tag: ${{ steps.last-release.outputs.tag-name }} steps: - name: Checkout sources uses: actions/checkout@v3 @@ -42,6 +43,17 @@ jobs: java-version: 11 cache: maven + - name: setup Python + uses: actions/setup-python@v4 + with: + python-version: '3.9' + cache: 'pip' + - name: get Python location + id: python-location + run: | + echo "python-bin-location=$(echo $pythonLocation)/bin" >> $GITHUB_OUTPUT + + - name: create ssh agent uses: webfactory/ssh-agent@v0.7.0 with: @@ -53,12 +65,19 @@ jobs: git config user.email "${{ github.actor }}@users.noreply.github.com" + - name: get previous released annotated tag + id: last-release + run: | + echo "tag-name=$(git describe | awk -F '-' '{print $1}')" >> "$GITHUB_OUTPUT" + - name: Deploy release to GitHub run: | mvn -DskipTests -Darguments=-DskipTests release:prepare -B -ff mvn release:perform -B -ff env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + EXHORT_PYTHON3_PATH: "${{steps.python-location.outputs.python-bin-location}}/python3" + EXHORT_PIP3_PATH: "${{steps.python-location.outputs.python-bin-location}}/pip3" - name: Get pom version of released artifact id: project @@ -75,6 +94,20 @@ jobs: environment: staging needs: deploy steps: + + - name: Create release notes for ${{ needs.deploy.outputs.project_version }} release + uses: actions/github-script@v6 + id: release-notes + with: + github-token: ${{ secrets.STAGING_PAT }} + script: | + const repo_name = context.payload.repository.full_name + const response = await github.request('POST /repos/' + repo_name + '/releases' + '/generate-notes', { + tag_name: '${{ needs.deploy.outputs.project_version }}', + previous_tag_name: '${{ needs.deploy.outputs.last_release_tag }}' + }) + return response.body + - name: Create new ${{ needs.deploy.outputs.project_version }} release uses: actions/github-script@v6 with: @@ -84,10 +117,10 @@ jobs: const response = await github.request('POST /repos/' + repo_name + '/releases', { tag_name: '${{ needs.deploy.outputs.project_version }}', name: '${{ needs.deploy.outputs.project_version }}', + body: '${{ steps.release-notes.outputs.result }}', draft: false, - prerelease: true, - generate_release_notes: true, - make_latest: 'false' + prerelease: false, + make_latest: 'true' }) - name: Checkout sources @@ -104,6 +137,7 @@ jobs: - name: Get pom version of new snapshot artifact id: project_snapshot run: | + git pull echo "version=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)" >> "$GITHUB_OUTPUT" @@ -115,7 +149,6 @@ jobs: - name: Push modifications run: | - git pull git add README.md git commit -m "docs: updated usage section with version ${{ steps.project_snapshot.outputs.version }} [skip ci]" git push diff --git a/README.md b/README.md index 0063a9f7..e3d72855 100644 --- a/README.md +++ b/README.md @@ -397,7 +397,7 @@ following keys for setting custom paths for the said executables. #### Python Support -By default Python support assumes that the package is installed using the pip/pip3 binary on the system PATH, of in the customized +By default, Python support assumes that the package is installed using the pip/pip3 binary on the system PATH, or of the customized Binaries passed to environment variables. If the package is not installed , then an error will be thrown. There is an experimental feature of installing the requirement.txt on a virtual env(only python3 or later is supported for this feature) - in this case, diff --git a/src/main/java/com/redhat/exhort/providers/JavaMavenProvider.java b/src/main/java/com/redhat/exhort/providers/JavaMavenProvider.java index 3bd94b7a..9b7978b3 100644 --- a/src/main/java/com/redhat/exhort/providers/JavaMavenProvider.java +++ b/src/main/java/com/redhat/exhort/providers/JavaMavenProvider.java @@ -102,7 +102,7 @@ public Content provideStack(final Path manifestPath) throws IOException { } private Sbom buildSbomFromTextFormat(Path textFormatFile) throws IOException { - var sbom = SbomFactory.newInstance(Sbom.BelongingCondition.PURL,"insensitive"); + var sbom = SbomFactory.newInstance(Sbom.BelongingCondition.PURL,"sensitive"); List lines = Files.readAllLines(textFormatFile); var root = lines.get(0); var rootPurl = parseDep(root); diff --git a/src/test/resources/tst_manifests/maven/deps_no_trivial_with_ignore/expected_stack_sbom.json b/src/test/resources/tst_manifests/maven/deps_no_trivial_with_ignore/expected_stack_sbom.json index ed0eeec7..e02f6211 100644 --- a/src/test/resources/tst_manifests/maven/deps_no_trivial_with_ignore/expected_stack_sbom.json +++ b/src/test/resources/tst_manifests/maven/deps_no_trivial_with_ignore/expected_stack_sbom.json @@ -3,6 +3,7 @@ "specVersion" : "1.4", "version" : 1, "metadata" : { + "timestamp" : "2023-10-17T09:00:56Z", "component" : { "group" : "pom-no-trivial-with-deps-and-ignore", "name" : "demo", @@ -317,6 +318,14 @@ "type" : "library", "bom-ref" : "pkg:maven/io.quarkus/quarkus-core@2.13.5.Final" }, + { + "group" : "io.quarkus", + "name" : "quarkus-arc", + "version" : "2.13.6.Final", + "purl" : "pkg:maven/io.quarkus/quarkus-arc@2.13.6.Final", + "type" : "library", + "bom-ref" : "pkg:maven/io.quarkus/quarkus-arc@2.13.6.Final" + }, { "group" : "io.quarkus", "name" : "quarkus-resteasy-common", @@ -1044,6 +1053,14 @@ "purl" : "pkg:maven/io.vertx/vertx-uri-template@4.3.4", "type" : "library", "bom-ref" : "pkg:maven/io.vertx/vertx-uri-template@4.3.4" + }, + { + "group" : "org.postgresql", + "name" : "postgresql", + "version" : "42.5.1", + "purl" : "pkg:maven/org.postgresql/postgresql@42.5.1", + "type" : "library", + "bom-ref" : "pkg:maven/org.postgresql/postgresql@42.5.1" } ], "dependencies" : [ @@ -1297,6 +1314,7 @@ "ref" : "pkg:maven/io.quarkus/quarkus-resteasy-server-common@2.7.7.Final", "dependsOn" : [ "pkg:maven/io.quarkus/quarkus-core@2.13.5.Final", + "pkg:maven/io.quarkus/quarkus-arc@2.13.6.Final", "pkg:maven/io.quarkus/quarkus-resteasy-common@2.7.7.Final", "pkg:maven/jakarta.validation/jakarta.validation-api@2.0.2" ] @@ -1322,11 +1340,20 @@ "pkg:maven/io.quarkus/quarkus-fs-util@0.0.9" ] }, + { + "ref" : "pkg:maven/io.quarkus/quarkus-arc@2.13.6.Final", + "dependsOn" : [ + "pkg:maven/io.quarkus.arc/arc@2.13.5.Final", + "pkg:maven/io.quarkus/quarkus-core@2.13.5.Final", + "pkg:maven/org.eclipse.microprofile.context-propagation/microprofile-context-propagation-api@1.2" + ] + }, { "ref" : "pkg:maven/io.quarkus/quarkus-resteasy-common@2.7.7.Final", "dependsOn" : [ "pkg:maven/io.quarkus/quarkus-core@2.13.5.Final", "pkg:maven/org.jboss.resteasy/resteasy-core@4.7.5.Final", + "pkg:maven/io.quarkus/quarkus-arc@2.13.6.Final", "pkg:maven/com.sun.activation/jakarta.activation@1.2.1" ] }, @@ -1608,7 +1635,8 @@ "dependsOn" : [ "pkg:maven/io.smallrye/smallrye-context-propagation@1.2.2", "pkg:maven/jakarta.enterprise/jakarta.enterprise.cdi-api@2.0.2", - "pkg:maven/io.quarkus/quarkus-core@2.13.5.Final" + "pkg:maven/io.quarkus/quarkus-core@2.13.5.Final", + "pkg:maven/io.quarkus/quarkus-arc@2.13.6.Final" ] }, { @@ -1799,6 +1827,7 @@ { "ref" : "pkg:maven/io.quarkus/quarkus-vertx@2.13.5.Final", "dependsOn" : [ + "pkg:maven/io.quarkus/quarkus-arc@2.13.6.Final", "pkg:maven/io.quarkus/quarkus-netty@2.13.5.Final", "pkg:maven/io.netty/netty-codec-haproxy@4.1.82.Final", "pkg:maven/io.smallrye.common/smallrye-common-annotation@1.13.1", @@ -1815,6 +1844,7 @@ "pkg:maven/io.netty/netty-codec@4.1.82.Final", "pkg:maven/io.netty/netty-codec-http@4.1.78.Final", "pkg:maven/io.netty/netty-codec-http2@4.1.78.Final", + "pkg:maven/io.quarkus/quarkus-arc@2.13.6.Final", "pkg:maven/io.netty/netty-handler@4.1.78.Final", "pkg:maven/jakarta.enterprise/jakarta.enterprise.cdi-api@2.0.2", "pkg:maven/com.aayushatharva.brotli4j/brotli4j@1.7.1" @@ -1940,6 +1970,10 @@ "dependsOn" : [ "pkg:maven/io.vertx/vertx-core@4.3.3" ] + }, + { + "ref" : "pkg:maven/org.postgresql/postgresql@42.5.1", + "dependsOn" : [ ] } ] }