diff --git a/.github/renovate.json b/.github/renovate.json index 09c2a5983..99eeec105 100644 --- a/.github/renovate.json +++ b/.github/renovate.json @@ -1,24 +1,32 @@ { "extends": [ - "config:base" + "config:recommended" + ], + "addLabels": [ + "type: dependency-upgrade" ], - "addLabels": ["type: dependency-upgrade"], "schedule": [ - "after 10pm every day" + "after 10pm" ], "prHourlyLimit": 1, "prConcurrentLimit": 20, "timezone": "Europe/Prague", "packageRules": [ { - "matchPackagePatterns": ["actions.*"], "dependencyDashboardApproval": true, - "matchUpdateTypes": ["patch"], + "matchUpdateTypes": [ + "patch" + ], "matchCurrentVersion": "!/^0/", - "automerge": true + "automerge": true, + "matchPackageNames": [ + "/actions.*/" + ] }, { - "matchUpdateTypes": ["patch"], + "matchUpdateTypes": [ + "patch" + ], "matchCurrentVersion": "!/^0/", "automerge": true } diff --git a/.github/workflows/central-sync.yml b/.github/workflows/central-sync.yml index 23b80ba2e..5945f4478 100644 --- a/.github/workflows/central-sync.yml +++ b/.github/workflows/central-sync.yml @@ -31,9 +31,9 @@ jobs: GPG_KEY_ID: ${{ secrets.GPG_KEY_ID }} GPG_PASSWORD: ${{ secrets.GPG_PASSWORD }} GPG_FILE: ${{ secrets.GPG_FILE }} - GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} - GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} + DEVELOCITY_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} + DEVELOCITY_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} + DEVELOCITY_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} run: | echo $GPG_FILE | base64 -d > secring.gpg ./gradlew publishToSonatype closeAndReleaseSonatypeStagingRepository diff --git a/.github/workflows/graalvm-dev.yml b/.github/workflows/graalvm-dev.yml index eb0203b21..fcb66c1f6 100644 --- a/.github/workflows/graalvm-dev.yml +++ b/.github/workflows/graalvm-dev.yml @@ -12,9 +12,9 @@ jobs: if: github.repository != 'micronaut-projects/micronaut-project-template' runs-on: ubuntu-latest env: - GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} - GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} + DEVELOCITY_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} + DEVELOCITY_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} + DEVELOCITY_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} outputs: matrix: ${{ steps.build-matrix.outputs.matrix }} steps: @@ -38,9 +38,9 @@ jobs: - java: 'latest-ea' distribution: 'graalvm-community' env: - GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} - GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} + DEVELOCITY_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} + DEVELOCITY_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} + DEVELOCITY_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} steps: - uses: actions/checkout@v4 - name: Pre-Build Steps diff --git a/.github/workflows/graalvm-latest.yml b/.github/workflows/graalvm-latest.yml index d150aa606..e3053b0dc 100644 --- a/.github/workflows/graalvm-latest.yml +++ b/.github/workflows/graalvm-latest.yml @@ -18,9 +18,9 @@ jobs: if: github.repository != 'micronaut-projects/micronaut-project-template' runs-on: ubuntu-latest env: - GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} - GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} + DEVELOCITY_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} + DEVELOCITY_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} + DEVELOCITY_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} outputs: matrix: ${{ steps.build-matrix.outputs.matrix }} steps: @@ -38,9 +38,9 @@ jobs: java: ['17', '21'] native_test_task: ${{ fromJson(needs.build_matrix.outputs.matrix).native_test_task }} env: - GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} - GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} + DEVELOCITY_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} + DEVELOCITY_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} + DEVELOCITY_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} steps: - uses: actions/checkout@v4 - name: Pre-Build Steps diff --git a/.github/workflows/gradle.yml b/.github/workflows/gradle.yml index c9791dada..1b6c51c61 100644 --- a/.github/workflows/gradle.yml +++ b/.github/workflows/gradle.yml @@ -21,15 +21,17 @@ jobs: matrix: java: ['17', '21'] env: - GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} - GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} + DEVELOCITY_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} + DEVELOCITY_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} + DEVELOCITY_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} GH_TOKEN_PUBLIC_REPOS_READONLY: ${{ secrets.GH_TOKEN_PUBLIC_REPOS_READONLY }} GH_USERNAME: ${{ secrets.GH_USERNAME }} TESTCONTAINERS_RYUK_DISABLED: true PREDICTIVE_TEST_SELECTION: "${{ github.event_name == 'pull_request' && 'true' || 'false' }}" SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + OSS_INDEX_USERNAME: ${{ secrets.OSS_INDEX_USERNAME }} + OSS_INDEX_PASSWORD: ${{ secrets.OSS_INDEX_PASSWORD }} steps: # https://github.com/actions/virtual-environments/issues/709 - name: "🗑 Free disk space" @@ -58,6 +60,11 @@ jobs: run: | [ -f ./setup.sh ] && ./setup.sh || [ ! -f ./setup.sh ] + - name: "🚔 Sonatype Scan" + id: sonatypescan + run: | + ./gradlew ossIndexAudit --no-parallel --info + - name: "🛠 Build with Gradle" id: gradle run: | diff --git a/.github/workflows/publish-snapshot.yml b/.github/workflows/publish-snapshot.yml index 0875db922..fdfadd590 100644 --- a/.github/workflows/publish-snapshot.yml +++ b/.github/workflows/publish-snapshot.yml @@ -27,7 +27,7 @@ jobs: env: SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }} SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }} - GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} - GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} + DEVELOCITY_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} + DEVELOCITY_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} + DEVELOCITY_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} run: ./gradlew publishToSonatype --no-daemon diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 6c4ffab24..7a8b46b1d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -40,9 +40,9 @@ jobs: GPG_KEY_ID: ${{ secrets.GPG_KEY_ID }} GPG_PASSWORD: ${{ secrets.GPG_PASSWORD }} GPG_FILE: ${{ secrets.GPG_FILE }} - GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} - GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} + DEVELOCITY_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} + DEVELOCITY_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} + DEVELOCITY_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} run: | echo $GPG_FILE | base64 -d > secring.gpg # Publish both locally and to Sonatype. @@ -80,9 +80,9 @@ jobs: - name: Generate docs run: ./gradlew docs env: - GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} - GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} + DEVELOCITY_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} + DEVELOCITY_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} + DEVELOCITY_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} GH_TOKEN_PUBLIC_REPOS_READONLY: ${{ secrets.GH_TOKEN_PUBLIC_REPOS_READONLY }} GH_USERNAME: ${{ secrets.GH_USERNAME }} - name: Export Gradle Properties @@ -97,9 +97,9 @@ jobs: FOLDER: build/docs VERSION: ${{ steps.release_version.outputs.release_version }} TARGET_REPOSITORY: ${{ github.repository == 'micronaut-projects/micronaut-core' && env.docsRepository || github.repository }} - GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} - GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} + DEVELOCITY_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} + DEVELOCITY_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} + DEVELOCITY_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} - name: Run post-release if: success() uses: micronaut-projects/github-actions/post-release@master diff --git a/buildSrc/build.gradle b/buildSrc/build.gradle index ec7f82d43..f3c2d00a9 100644 --- a/buildSrc/build.gradle +++ b/buildSrc/build.gradle @@ -8,4 +8,5 @@ repositories { dependencies { implementation libs.micronaut.gradle.plugin + implementation(libs.sonatype.scan) } diff --git a/buildSrc/src/main/groovy/io.micronaut.build.internal.tracing-module.gradle b/buildSrc/src/main/groovy/io.micronaut.build.internal.tracing-module.gradle index eb98efa7c..b909508d4 100644 --- a/buildSrc/src/main/groovy/io.micronaut.build.internal.tracing-module.gradle +++ b/buildSrc/src/main/groovy/io.micronaut.build.internal.tracing-module.gradle @@ -1,6 +1,16 @@ plugins { id 'io.micronaut.build.internal.tracing-base' id 'io.micronaut.build.internal.module' + id("org.sonatype.gradle.plugins.scan") +} +String ossIndexUsername = System.getenv("OSS_INDEX_USERNAME") ?: project.properties["ossIndexUsername"] +String ossIndexPassword = System.getenv("OSS_INDEX_PASSWORD") ?: project.properties["ossIndexPassword"] +boolean sonatypePluginConfigured = ossIndexUsername != null && ossIndexPassword != null +if (sonatypePluginConfigured) { + ossIndexAudit { + username = ossIndexUsername + password = ossIndexPassword + } } dependencies { diff --git a/gradle.properties b/gradle.properties index d9f043807..13bb48d7b 100644 --- a/gradle.properties +++ b/gradle.properties @@ -1,4 +1,4 @@ -projectVersion=6.9.1-SNAPSHOT +projectVersion=6.10.0-SNAPSHOT projectGroup=io.micronaut.tracing title=Micronaut Tracing diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 89ec29736..f111123e8 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -1,10 +1,10 @@ [versions] micronaut = "4.7.11" -micronaut-test = "4.4.0" -micronaut-logging = "1.3.0" -micronaut-platform = "4.2.3" +micronaut-test = "4.6.2" +micronaut-logging = "1.5.1" +micronaut-platform = "4.7.4" micronaut-docs = '2.0.0' -groovy = "4.0.17" +groovy = "4.0.22" spock = "2.3-groovy-4.0" managed-brave-instrumentation = '6.0.3' @@ -12,7 +12,7 @@ managed-opentelemetry = '1.43.0' managed-opentelemetry-alpha = '1.40.0-alpha' managed-opentelemetry-instrumentation = '1.33.6' managed-opentelemetry-instrumentation-alpha = '1.33.5-alpha' -managed-opentelemetry-contrib-aws-xray = '1.40.0' +managed-opentelemetry-contrib-aws-xray = '1.42.0' managed-opentelemetry-contrib-aws-xray-propagation = '1.37.0-alpha' managed-opentelemetry-contrib-aws-resources = '1.37.0-alpha' managed-opentelemetry-api-events = '1.36.0-alpha' @@ -30,19 +30,20 @@ managed-brave-opentracing = '1.0.1' javax-annotation = '1.3.2' kotlin = '2.0.21' -grpc = '1.68.2' +grpc = '1.69.0' protobuf = '3.25.5' -micronaut-aws = "4.7.1" -micronaut-data = "4.9.6" -micronaut-grpc = '4.7.1' +micronaut-aws = "4.8.0" +micronaut-data = "4.11.0" +micronaut-grpc = '4.8.0' micronaut-reactor = '3.6.0' -micronaut-rxjava2 = '2.5.0' +micronaut-rxjava2 = '2.6.0' micronaut-serde = '2.11.2' -micronaut-sql = "5.8.3" -micronaut-test-resources = "2.6.2" +micronaut-sql = "6.0.2" +micronaut-test-resources = "2.7.2" micronaut-kafka = '5.7.0' micronaut-gradle-plugin = "4.4.5" +sonatype-scan = "3.0.0" [libraries] # Core @@ -111,6 +112,7 @@ boms-zipkin-reporter = { module = 'io.zipkin.reporter2:zipkin-reporter-bom', ver #plugins micronaut-gradle-plugin = { module = "io.micronaut.gradle:micronaut-gradle-plugin", version.ref="micronaut-gradle-plugin" } +sonatype-scan = { module = "org.sonatype.gradle.plugins:scan-gradle-plugin", version.ref = "sonatype-scan" } [plugins] kotlinjvm = { id = 'org.jetbrains.kotlin.jvm', version.ref = 'kotlin' } diff --git a/tracing-bom/build.gradle b/tracing-bom/build.gradle index 18d31c1f3..aa42ffa08 100644 --- a/tracing-bom/build.gradle +++ b/tracing-bom/build.gradle @@ -45,7 +45,7 @@ micronautBom { ] as Set ) dependencies.add("io.opentelemetry:opentelemetry-bom:1.41.0") - dependencies.add("io.opentelemetry.instrumentation:opentelemetry-instrumentation-bom:1.33.5") + dependencies.add("io.opentelemetry.instrumentation:opentelemetry-instrumentation-bom:1.33.6") dependencies.add("io.opentelemetry:opentelemetry-bom:1.40.0") dependencies.add("io.opentelemetry:opentelemetry-bom-alpha:1.40.0-alpha") dependencies.add("io.opentelemetry.instrumentation:opentelemetry-instrumentation-bom:1.33.6")