diff --git a/.github/workflows/PR-Demo-Comment-with-react.yml b/.github/workflows/PR-Demo-Comment-with-react.yml index bf8323e49..2ec5c0025 100644 --- a/.github/workflows/PR-Demo-Comment-with-react.yml +++ b/.github/workflows/PR-Demo-Comment-with-react.yml @@ -153,9 +153,14 @@ jobs: - name: Set up JDK 21 uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0 with: - java-version: "17" + java-version: "21" distribution: "temurin" + - name: Setup Gradle + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + with: + gradle-version: 8.14 + - name: Run Gradle Command run: | if [ "${{ needs.check-comment.outputs.disable_security }}" == "true" ]; then @@ -163,8 +168,11 @@ jobs: else export DISABLE_ADDITIONAL_FEATURES=false fi - ./gradlew clean build + ./gradlew build env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} STIRLING_PDF_DESKTOP_UI: false - name: Set up Docker Buildx diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 90391ee4b..d3b64f5a9 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -68,9 +68,17 @@ jobs: java-version: ${{ matrix.jdk-version }} distribution: "temurin" + - name: Setup Gradle + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + with: + gradle-version: 8.14 + - name: Build with Gradle and spring security ${{ matrix.spring-security }} - run: ./gradlew clean build -PnoSpotless + run: ./gradlew build -PnoSpotless env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} DISABLE_ADDITIONAL_FEATURES: ${{ matrix.spring-security }} - name: Check Test Reports Exist @@ -135,9 +143,17 @@ jobs: java-version: "21" distribution: "temurin" + - name: Setup Gradle + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + with: + gradle-version: 8.14 + - name: Generate OpenAPI documentation run: ./gradlew :stirling-pdf:generateOpenApiDocs env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} DISABLE_ADDITIONAL_FEATURES: true - name: Upload OpenAPI Documentation @@ -199,8 +215,17 @@ jobs: java-version: "21" distribution: "temurin" + - name: Setup Gradle + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + with: + gradle-version: 8.14 + - name: check the licenses for compatibility - run: ./gradlew clean checkLicense + run: ./gradlew checkLicense + env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} - name: FAILED - check the licenses for compatibility if: failure() @@ -244,6 +269,11 @@ jobs: java-version: "21" distribution: "temurin" + - name: Setup Gradle + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + with: + gradle-version: 8.14 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 @@ -269,6 +299,10 @@ jobs: chmod +x ./testing/test.sh chmod +x ./testing/test_disabledEndpoints.sh ./testing/test.sh + env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} test-build-docker-images: if: github.event_name == 'pull_request' && needs.files-changed.outputs.project == 'true' @@ -306,9 +340,17 @@ jobs: java-version: "21" distribution: "temurin" + - name: Setup Gradle + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + with: + gradle-version: 8.14 + - name: Build application - run: ./gradlew clean build + run: ./gradlew build env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} DISABLE_ADDITIONAL_FEATURES: true STIRLING_PDF_DESKTOP_UI: false diff --git a/.github/workflows/frontend-backend-licenses-update.yml b/.github/workflows/frontend-backend-licenses-update.yml index ce345bfe5..b0d6f3f3a 100644 --- a/.github/workflows/frontend-backend-licenses-update.yml +++ b/.github/workflows/frontend-backend-licenses-update.yml @@ -336,11 +336,19 @@ jobs: java-version: "21" distribution: "temurin" + - name: Setup Gradle + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + with: + gradle-version: 8.14 + - name: Check licenses and generate report id: license-check run: | - ./gradlew clean checkLicense generateLicenseReport || echo "LICENSE_CHECK_FAILED=true" >> $GITHUB_ENV + ./gradlew checkLicense generateLicenseReport || echo "LICENSE_CHECK_FAILED=true" >> $GITHUB_ENV env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} DISABLE_ADDITIONAL_FEATURES: false STIRLING_PDF_DESKTOP_UI: true diff --git a/.github/workflows/multiOSReleases.yml b/.github/workflows/multiOSReleases.yml index b06f86de2..a1da75d0b 100644 --- a/.github/workflows/multiOSReleases.yml +++ b/.github/workflows/multiOSReleases.yml @@ -50,7 +50,8 @@ jobs: java-version: "21" distribution: "temurin" - - uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + - name: Setup Gradle + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 with: gradle-version: 8.14 @@ -62,6 +63,10 @@ jobs: VERSION=$(./gradlew printVersion --quiet | tail -1) echo "Extracted version: $VERSION" echo "versionNumber=$VERSION" >> $GITHUB_OUTPUT + env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} - name: Determine build matrix id: set-matrix @@ -118,7 +123,8 @@ jobs: java-version: "21" distribution: "temurin" - - uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + - name: Setup Gradle + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 with: gradle-version: 8.14 @@ -131,8 +137,11 @@ jobs: cache-dependency-path: frontend/package-lock.json - name: Build JAR - run: ./gradlew clean build ${{ matrix.variant.build_frontend && '-PbuildWithFrontend=true' || '' }} -x spotlessApply -x spotlessCheck -x test -x sonarqube + run: ./gradlew build ${{ matrix.variant.build_frontend && '-PbuildWithFrontend=true' || '' }} -x spotlessApply -x spotlessCheck -x test -x sonarqube env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} DISABLE_ADDITIONAL_FEATURES: ${{ matrix.variant.disable_security }} STIRLING_PDF_DESKTOP_UI: false @@ -194,13 +203,18 @@ jobs: java-version: "21" distribution: "temurin" + - name: Setup Gradle + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + with: + gradle-version: 8.14 + - name: Build Java backend with JLink working-directory: ./ shell: bash run: | chmod +x ./gradlew echo "🔧 Building Stirling-PDF JAR..." - ./gradlew clean build -x spotlessApply -x spotlessCheck -x test -x sonarqube + ./gradlew build -x spotlessApply -x spotlessCheck -x test -x sonarqube # Find the built JAR STIRLING_JAR=$(ls app/core/build/libs/stirling-pdf-*.jar | head -n 1) @@ -264,6 +278,9 @@ jobs: RUNTIME_SIZE=$(du -sh ./frontend/src-tauri/runtime/jre | cut -f1) echo "📊 Custom JRE size: $RUNTIME_SIZE" env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} DISABLE_ADDITIONAL_FEATURES: true - name: Install frontend dependencies diff --git a/.github/workflows/pre_commit.yml b/.github/workflows/pre_commit.yml index 4e4665a56..d8389e9df 100644 --- a/.github/workflows/pre_commit.yml +++ b/.github/workflows/pre_commit.yml @@ -57,8 +57,17 @@ jobs: java-version: 21 distribution: "temurin" + - name: Setup Gradle + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + with: + gradle-version: 8.14 + - name: Build with Gradle - run: ./gradlew clean build + run: ./gradlew build + env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} - name: git add run: | diff --git a/.github/workflows/push-docker.yml b/.github/workflows/push-docker.yml index af3d3afe5..1896af8ce 100644 --- a/.github/workflows/push-docker.yml +++ b/.github/workflows/push-docker.yml @@ -45,7 +45,8 @@ jobs: java-version: "21" distribution: "temurin" - - uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + - name: Setup Gradle + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 with: gradle-version: 8.14 @@ -56,6 +57,16 @@ jobs: - name: Get version number id: versionNumber run: echo "versionNumber=$(./gradlew printVersion --quiet | tail -1)" >> $GITHUB_OUTPUT + env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} + + - name: Install cosign + if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/V2-master' + uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0 + with: + cosign-release: "v2.4.1" - name: Install cosign if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/V2-master' diff --git a/.github/workflows/swagger.yml b/.github/workflows/swagger.yml index 2b0c946cd..3fa7fb14d 100644 --- a/.github/workflows/swagger.yml +++ b/.github/workflows/swagger.yml @@ -39,7 +39,10 @@ jobs: java-version: "21" distribution: "temurin" - - uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + - name: Setup Gradle + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + with: + gradle-version: 8.14 - name: Generate Swagger documentation run: ./gradlew :stirling-pdf:generateOpenApiDocs @@ -47,12 +50,19 @@ jobs: - name: Upload Swagger Documentation to SwaggerHub run: ./gradlew swaggerhubUpload env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} SWAGGERHUB_API_KEY: ${{ secrets.SWAGGERHUB_API_KEY }} SWAGGERHUB_USER: "Frooodle" - name: Get version number id: versionNumber run: echo "versionNumber=$(./gradlew printVersion --quiet | tail -1)" >> $GITHUB_OUTPUT + env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} - name: Set API version as published and default on SwaggerHub run: | diff --git a/.github/workflows/sync_files_v2.yml b/.github/workflows/sync_files_v2.yml index 25bbb2326..2e94080df 100644 --- a/.github/workflows/sync_files_v2.yml +++ b/.github/workflows/sync_files_v2.yml @@ -7,6 +7,9 @@ on: - main paths: - "build.gradle" + - "app/common/build.gradle" + - "app/core/build.gradle" + - "app/proprietary/build.gradle" - "README.md" - "frontend/public/locales/*/translation.toml" - "app/core/src/main/resources/static/3rdPartyLicenses.json" diff --git a/.github/workflows/tauri-build.yml b/.github/workflows/tauri-build.yml index 8894d61c8..d2aae298a 100644 --- a/.github/workflows/tauri-build.yml +++ b/.github/workflows/tauri-build.yml @@ -99,14 +99,19 @@ jobs: java-version: "21" distribution: "temurin" + - name: Setup Gradle + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + with: + gradle-version: 8.14 + - name: Build Java backend with JLink working-directory: ./ shell: bash run: | chmod +x ./gradlew echo "🔧 Building Stirling-PDF JAR..." - # STIRLING_PDF_DESKTOP_UI=false ./gradlew clean bootJar --no-daemon - ./gradlew clean build -x spotlessApply -x spotlessCheck -x test -x sonarqube + # STIRLING_PDF_DESKTOP_UI=false ./gradlew bootJar --no-daemon + ./gradlew build -x spotlessApply -x spotlessCheck -x test -x sonarqube # Find the built JAR STIRLING_JAR=$(ls app/core/build/libs/stirling-pdf-*.jar | head -n 1) @@ -170,6 +175,9 @@ jobs: RUNTIME_SIZE=$(du -sh ./frontend/src-tauri/runtime/jre | cut -f1) echo "📊 Custom JRE size: $RUNTIME_SIZE" env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} DISABLE_ADDITIONAL_FEATURES: true - name: Install frontend dependencies diff --git a/.github/workflows/testdriver.yml b/.github/workflows/testdriver.yml index b16484b0b..6168f8bf6 100644 --- a/.github/workflows/testdriver.yml +++ b/.github/workflows/testdriver.yml @@ -44,8 +44,11 @@ jobs: gradle-version: 8.14 - name: Build with Gradle - run: ./gradlew clean build + run: ./gradlew build env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} DISABLE_ADDITIONAL_FEATURES: true - name: Set up Docker Buildx diff --git a/app/core/build.gradle b/app/core/build.gradle index 34a2f1304..b4153a665 100644 --- a/app/core/build.gradle +++ b/app/core/build.gradle @@ -2,11 +2,6 @@ apply plugin: 'org.springframework.boot' import org.apache.tools.ant.taskdefs.condition.Os -repositories { - maven { url = 'https://build.shibboleth.net/maven/releases' } - maven { url = 'https://maven.pkg.github.com/jcefmaven/jcefmaven' } -} - configurations { developmentOnly runtimeClasspath { diff --git a/app/proprietary/build.gradle b/app/proprietary/build.gradle index a8d3a5859..e9aea411f 100644 --- a/app/proprietary/build.gradle +++ b/app/proprietary/build.gradle @@ -1,5 +1,5 @@ repositories { - maven { url = "https://build.shibboleth.net/maven/releases" } + maven { url "https://build.shibboleth.net/maven/releases" } } ext { @@ -53,7 +53,7 @@ dependencies { implementation 'com.bucket4j:bucket4j_jdk17-core:8.15.0' // https://mvnrepository.com/artifact/com.bucket4j/bucket4j_jdk17 - implementation 'org.bouncycastle:bcprov-jdk18on:1.83' + implementation "org.bouncycastle:bcprov-jdk18on:$bouncycastleVersion" implementation 'org.thymeleaf.extras:thymeleaf-extras-springsecurity5:3.1.3.RELEASE' api 'io.micrometer:micrometer-registry-prometheus' diff --git a/build.gradle b/build.gradle index af191a0e5..47ce2ba21 100644 --- a/build.gradle +++ b/build.gradle @@ -38,6 +38,16 @@ ext.isSecurityDisabled = { -> System.getProperty('DISABLE_ADDITIONAL_FEATURES') == 'true') } +ext.mavenUrl = System.getenv("MAVEN_PUBLIC_URL") ?: "" +ext.username = System.getenv('MAVEN_USER') ?: "" +ext.password = System.getenv('MAVEN_PASSWORD') ?: "" + +if (rootProject.ext.mavenUrl.isEmpty()) { + println "No custom MAVEN_PUBLIC_URL set, defaulting to Maven Central" +} else { + println "MAVEN_PUBLIC_URL set" +} + jar { enabled = false manifest { @@ -55,11 +65,6 @@ springBoot { mainClass = 'stirling.software.SPDF.SPDFApplication' } -repositories { - mavenCentral() - maven { url = 'https://build.shibboleth.net/maven/releases' } -} - allprojects { group = 'stirling.software' version = '2.3.0' @@ -135,13 +140,27 @@ subprojects { sourceCompatibility = JavaVersion.VERSION_17 } - if (project.name != "stirling-pdf") { + if (project.name != "stirling-pdf") { bootJar { enabled = false } - } + } repositories { + if (!rootProject.ext.mavenUrl.isEmpty()) { + maven { + url rootProject.ext.mavenUrl + '/releases' + credentials(PasswordCredentials) { + username rootProject.ext.username + password rootProject.ext.password + } + authentication { + basic(BasicAuthentication) + } + allowInsecureProtocol true + } + } + maven { url "https://build.shibboleth.net/maven/releases" } mavenCentral() } diff --git a/settings.gradle b/settings.gradle index 3c6363f77..14de3e0aa 100644 --- a/settings.gradle +++ b/settings.gradle @@ -1,7 +1,28 @@ +pluginManagement { + repositories { + var gradlePluginPortalUrl = System.getenv("MAVEN_PUBLIC_URL") ?: "" + if (!gradlePluginPortalUrl.isEmpty()){ + maven { + url gradlePluginPortalUrl + "/gradle" + credentials(PasswordCredentials) { + username System.getenv('MAVEN_USER') ?: "" + password System.getenv('MAVEN_PASSWORD') ?: "" + } + authentication { + basic(BasicAuthentication) + } + allowInsecureProtocol true + } + } + gradlePluginPortal() + } +} + plugins { // Apply the foojay-resolver plugin to allow automatic download of JDKs id 'org.gradle.toolchains.foojay-resolver-convention' version '1.0.0' } + rootProject.name = 'Stirling PDF' include 'stirling-pdf', 'common', 'proprietary'