Feat: Convert Nexus IQ reusable workflow to an action

Signed-off-by: Matthew Watkins <[email protected]>

.github/actions/sonatype-lifecycle-action/README.md

@@ -0,0 +1,50 @@
+<!--
+[comment]: # SPDX-License-Identifier: Apache-2.0
+[comment]: # SPDX-FileCopyrightText: 2024 The Linux Foundation
+-->
+
+# 🎟️ Performs a Sonatype Lifecycle (Nexus IQ) Scan
+
+Performs a Sonatype Lifecycle scan and uploads the results to the server.
+
+## sonatype-lifecycle-action
+
+## Usage Example
+
+Pass the required server and authentication details/credentials.
+Other inputs are discretionary and set to useful defaults.
+
+```yaml
+steps:
+    - name: "Run Sonatype Lifecycle scan"
+      # yamllint disable-line rule:line-length
+      uses: lfit/releng-reusable-workflows/.github/actions/sonatype-lifecycle-action@main
+      with:
+          NEXUS_IQ_SERVER: "${{ vars.NEXUS_IQ_SERVER }}"
+          NEXUS_IQ_USERNAME: "${{ vars.NEXUS_IQ_USERNAME }}"
+          NEXUS_IQ_PASSWORD: "${{ secrets.NEXUS_IQ_PASSWORD }}"
+```
+
+## Inputs
+
+<!-- markdownlint-disable MD013 -->
+
+| Variable Name     | Required | Default      | Description                                 |
+| ----------------- | -------- | ------------ | ------------------------------------------- |
+| NEXUS_IQ_SERVER   | True     | N/A          | JSON array of key/value pairs               |
+| NEXUS_IQ_USERNAME | True     | N/A          | Fixed preamble/string to embed/inject       |
+| NEXUS_IQ_PASSWORD | True     | N/A          | When set false, checks for presence         |
+| JAVA_DISTRIBUTION | False    | "temurin"    | JAVA SE distribution for the Nexus CLI tool |
+| JAVA_VERSION      | False    | 17           | Java runtime for the Nexus CLI tool         |
+| IQ_CLI_VERSION    | False    | "1.179.0-01" | Specific version of Nexus CLI to setup/run  |
+| APPLICATION_ID    | False    | $org-$repo   | Organisation and project name in Nexus IQ   |
+| SCAN_TARGETS      | False    | "."          | Location of file(s) or folder(s) to scan    |
+
+<!-- markdownlint-enable MD013 -->
+
+The APPLICATION_ID default is:
+
+`${{ github.repository_owner }}-${{ github.event.repository.name }}`
+
+Note: when testing in a fork this must be manually overridden for report
+uploads to succeed.

.github/actions/sonatype-lifecycle-action/action.yaml

@@ -0,0 +1,58 @@
+---
+# SPDX-License-Identifier: Apache-2.0
+# SPDX-FileCopyrightText: 2024 The Linux Foundation
+
+# Runs a Sonatype Lifecycle (Nexus IQ) scan
+name: "Sonatype Lifecycle Action"
+
+inputs:
+  JAVA_DISTRIBUTION:
+    description: "JAVA SE distribution to setup/run for Nexus CLI tool"
+    required: false
+    type: string
+    default: "temurin"
+  JAVA_VERSION:
+    description: "Java runtime to setup/run for Nexus CLI tool"
+    required: false
+    type: number
+    default: 17
+  IQ_CLI_VERSION:
+    description: "Specific version of Nexus CLI to setup/run"
+    required: false
+    type: string
+    default: "1.179.0-01"
+  APPLICATION_ID:
+    description: "Organisation and project name in Nexus IQ"
+    required: false
+    type: string
+    default: ${{ github.repository_owner }}-${{ github.event.repository.name }}
+  SCAN_TARGETS:
+    description: "Location of file(s) or folder(s) to scan"
+    required: false
+    type: string
+    default: "."
+  NEXUS_IQ_PASSWORD:
+    description: "Nexus IQ Password"
+    required: true
+
+steps:
+  - name: Setup Sonatype CLI
+    uses: sonatype/actions/setup-iq-cli@v1
+    with:
+      iq-cli-version: ${{ inputs.IQ_CLI_VERSION }}
+
+  # Sonatype CLI requires Java to run
+  - name: Setup Java runtime
+    uses: actions/setup-java@v4
+    with:
+      distribution: ${{ inputs.JAVA_DISTRIBUTION }}
+      java-version: ${{ inputs.JAVA_VERSION }}
+
+  - name: Run Sonatype CLI
+    uses: sonatype/actions/run-iq-cli@v1
+    with:
+      iq-server-url: ${{ vars.NEXUS_IQ_SERVER }}
+      username: ${{ vars.NEXUS_IQ_USERNAME }}
+      password: ${{ secrets.NEXUS_IQ_PASSWORD }}
+      application-id: ${{ inputs.APPLICATION_ID }}
+      scan-targets: ${{ inputs.SCAN_TARGETS }}