fix(ci-cd): apply new pipeline, add dependabot.yml

Author: vincejv

.github/dependabot.yml

@@ -0,0 +1,26 @@
+version: 2
+updates:
+  - package-ecosystem: "maven"
+    directory: "/"
+    target-branch: "development"
+    schedule:
+      interval: "daily"
+    assignees:
+      - "vincejv"
+    labels:
+      - "dependencies"
+    open-pull-requests-limit: 10
+
+  - package-ecosystem: "github-actions"
+    # Workflow files stored in the
+    # default location of `.github/workflows`
+    directory: "/"
+    target-branch: "development"
+    schedule:
+      interval: "daily"
+    assignees:
+      - "vincejv"
+    labels:
+      - "dependencies"
+      - "ci-cd"
+    open-pull-requests-limit: 10

.github/workflows/pr-reviewer.yml

@@ -0,0 +1,20 @@
+name: PR Reviewer
+on:
+  issue_comment:
+    types: [ created, edited ]
+env:
+  REPOSITORY_OWNER: vincejv
+  REPOSITORY_BOT: fpibot
+jobs:
+  review:
+    name: Perform review
+    if: ${{ github.event.issue.pull_request }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Approve pull request
+        if: ${{ github.actor == env.REPOSITORY_OWNER && contains(github.event.comment.body, format('@{0}', env.REPOSITORY_BOT)) }}
+        uses: hmarr/auto-approve-action@v3
+        with:
+          pull-request-number: ${{ github.event.issue.number }}
+          github-token: ${{ secrets.FPI_BOT_TOKEN }}
+          review-message: ${{ format('Hi @{0}, your code changes are approved! 🥳', github.event.issue.user.login) }}

.github/workflows/release-dev.yml

@@ -6,12 +6,14 @@ on:
 
 env:
   SONAR_PROJECT_KEY: vincejv_dtone-dvs-api-java-client
+  MVN_ARTIFACT_ID: dvs-apiclient
 
 jobs:
 
   pre_job:
     name: Duplicate checks
     runs-on: ubuntu-latest
+    if: ${{ !contains(github.event.head_commit.message, 'docs-update(') }} # skip for commits containing 'docs-update('
     outputs:
       should_skip: ${{ steps.skip_check.outputs.should_skip }}
       paths_result: ${{ steps.skip_check.outputs.paths_result }}
@@ -52,12 +54,14 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-        run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=${{ env.SONAR_PROJECT_KEY }} -Dsonar.qualitygate.wait=true
+        run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=${{ env.SONAR_PROJECT_KEY }} -Dsonar.qualitygate.wait=true -Pallow-snapshots
 
   deploy:
-    name: Release artifact
+    name: Release artifact to central
     runs-on: ubuntu-latest
     needs: code_quality_checks
+    outputs:
+      artifact_version: ${{ steps.gen_ver.outputs.artifact_version }}
     permissions:
       contents: read
       packages: write
@@ -79,9 +83,53 @@ jobs:
           gpg-private-key: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }}
           gpg-passphrase: MAVEN_GPG_PASSPHRASE
 
+      - name: Prepare artifact version
+        id: gen_ver
+        run: |
+          echo "artifact_version=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)" >> $GITHUB_OUTPUT
+
       - name: Build and release to central repo
         env:
           MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
           MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}
           MAVEN_GPG_PASSPHRASE: ${{ secrets.MAVEN_GPG_PASSPHRASE }}
-        run: mvn -B deploy -Prelease-for-oss
+        run: mvn -B deploy -Prelease-for-oss,allow-snapshots
+
+  pr_update:
+    name: Pull request update
+    if: always()
+    needs: [ pre_job, deploy ]
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: write # allows job to decorate PRs with analysis results
+    steps:
+      - name: Update PR (Skip message)
+        uses: marocchino/sticky-pull-request-comment@v2
+        if: ${{ always() && needs.pre_job.outputs.should_skip == 'true' }}
+        with:
+          message: |
+            ⚪ Skipped CI/CD as deployment was done in a previous job
+
+      - name: Update PR (Success message)
+        uses: marocchino/sticky-pull-request-comment@v2
+        if: ${{ always() && needs.pre_job.outputs.should_skip != 'true' && needs.deploy.outputs.artifact_version != '' }}
+        with:
+          message: |
+            ✅ Released version to SNAPSHOT repository: `${{ needs.deploy.outputs.artifact_version }}`
+            
+            #### Add to your POM
+            ```xml
+            <dependency>
+              <groupId>com.vincejv</groupId>
+              <artifactId>${{ env.MVN_ARTIFACT_ID }}</artifactId>
+              <version>${{ needs.deploy.outputs.artifact_version }}</version>
+            </dependency>
+            ```
+
+      - name: Update PR (Failure message)
+        uses: marocchino/sticky-pull-request-comment@v2
+        if: ${{ always() && needs.pre_job.outputs.should_skip != 'true' && needs.deploy.outputs.artifact_version == '' }}
+        with:
+          message: |
+            ❌ CI Build & Deployment failed, please check the [logs](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}) for details

.github/workflows/release-main.yml

@@ -7,6 +7,7 @@ on:
 
 env:
   SONAR_PROJECT_KEY: vincejv_dtone-dvs-api-java-client
+  DEVELOPMENT_SYNC_BRANCH: development
 
 jobs:
 
@@ -43,6 +44,24 @@ jobs:
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
 
+  rebase_dev:
+    name: Sync development branch
+    runs-on: ubuntu-latest
+    needs: versioning
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          ref: ${{ github.event.repository.default_branch }}
+          fetch-depth: 0
+
+      - name: ReSync Branch
+        uses: Joao208/[email protected]
+        with:
+          PERSONAL_TOKEN: ${{ secrets.FPI_BOT_TOKEN }}
+          BRANCH_NAME: ${{ env.DEVELOPMENT_SYNC_BRANCH }}
+          DEFAULT_BRANCH: ${{ github.event.repository.default_branch }}
+
   code_quality_checks:
     name: Code quality checks
     runs-on: ubuntu-latest
@@ -86,7 +105,7 @@ jobs:
           body: ${{ needs.versioning.outputs.changelog }}
 
   deploy:
-    name: Release artifact
+    name: Release artifact to central
     runs-on: ubuntu-latest
     needs: code_quality_checks
     permissions:

.mvn/extensions.xml

@@ -20,7 +20,7 @@
   <extension>
     <groupId>me.qoomon</groupId>
     <artifactId>maven-git-versioning-extension</artifactId>
-    <version>9.3.1</version>
+    <version>9.6.4</version>
   </extension>
 
 </extensions>

pom.xml

@@ -260,6 +260,17 @@
         </plugins>
       </build>
     </profile>
+    <profile>
+      <id>allow-snapshots</id>
+      <repositories>
+        <repository>
+          <id>${maven.deploy.nexus.snapshot.repository-id}</id>
+          <url>${maven.deploy.nexus.snapshot.repository-url}</url>
+          <releases><enabled>false</enabled></releases>
+          <snapshots><enabled>true</enabled></snapshots>
+        </repository>
+      </repositories>
+    </profile>
   </profiles>
 
 </project>