Initial commit

.github/dependabot.yml

@@ -0,0 +1,18 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright Contributors to the ODPi Egeria project.
+version: 2
+updates:
+- package-ecosystem: gradle
+  directory: "/"
+  schedule:
+    interval: monthly
+  open-pull-requests-limit: 100
+  reviewers:
+  - planetf1
+- package-ecosystem: "github-actions"
+  directory: "/"
+  schedule:
+    interval: monthly
+  open-pull-requests-limit: 25
+  reviewers:
+  - planetf1

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,56 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright Contributors to the ODPi Egeria project.
+#
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+---
+name: "CodeQL Analysis v4"
+
+on:
+  push:
+    branches: [main, release-*, feature-*]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [main, release-4*, feature-*]
+  workflow_dispatch:
+
+jobs:
+  analyze:
+    if: startsWith(github.repository,'odpi/')
+    name: "CodeQL"
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+      - uses: gradle/wrapper-validation-action@v1
+      - name: Setup Java JDK
+        uses: actions/setup-java@v3
+        with:
+          distribution: 'temurin'
+          java-version: '17'
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: java
+          queries: security-and-quality
+          ram: 4096
+      - name: Build
+        uses: gradle/gradle-build-action@v2
+        with:
+          # codeQL requires a full before/after build to compare results. Caching can result in action failing
+          #cache-read-only: true
+          cache-disabled: true
+          arguments: -x javadoc -x test build
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2
+        with:
+          ram: 4096

.github/workflows/merge.yml

@@ -0,0 +1,46 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright Contributors to the ODPi Egeria project.
+name: "Merge"
+
+on:
+  push:
+    branches: [main, release-*, feature-*]
+  # Also allow for manual invocation for testing
+  workflow_dispatch:
+
+jobs:
+  build:
+    if: startsWith(github.repository,'odpi/')
+    runs-on: ubuntu-latest
+
+    name: "Merge"
+    steps:
+      - uses: actions/checkout@v3
+      - name: Set up JDK
+        uses: actions/setup-java@v3
+        with:
+          java-version: 17
+          distribution: 'temurin'
+      - uses: gradle/wrapper-validation-action@v1
+      # Only for a merge into this repo - not a fork, and just for the main branch
+      - name: Build (Publish snapshots to maven central)
+        if: ${{ github.ref == 'refs/heads/main'}}
+        run: ./gradlew publish
+        # Import secrets needed for code signing and distribution
+        env:
+          OSSRH_GPG_KEYID: ${{ secrets.OSSRH_GPG_KEYID }}
+          OSSRH_GPG_PASSPHRASE: ${{ secrets.OSSRH_GPG_PASSPHRASE }}
+          OSSRH_GPG_PRIVATE_KEY: ${{ secrets.OSSRH_GPG_PRIVATE_KEY }}
+          OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }}
+          OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }}
+      # In other cases just build but don't publish
+      - name: Build (no snapshots)
+        if: ${{ github.ref != 'refs/heads/main' }}
+        run: ./gradlew build
+      # --
+      - name: Upload Connector
+        uses: actions/upload-artifact@v3
+        with:
+          # TODO: merge - Update name & artifacts to upload
+          name: Jar
+          path: '**/build/libs/*.jar'

.github/workflows/release.yml

@@ -0,0 +1,44 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright Contributors to the ODPi Egeria project.
+---
+name: "Release"
+
+# Trigger after code is merged. only on main repo
+# - does not run on modification (may be just text)
+on:
+  # No checks for branch or repo - assuming release creation is manual, controlled
+  release:
+    types:
+      - created
+  # Also allow for manual invocation for testing
+  workflow_dispatch:
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    name: "Release"
+    steps:
+      - uses: actions/checkout@v3
+        name: Checkout source
+      - name: Set up JDK
+        uses: actions/setup-java@v3
+        with:
+          distribution: 'temurin'
+          java-version: '17'
+      - uses: gradle/wrapper-validation-action@v1
+      - name: Build with Gradle & Release artifacts
+        run: ./gradlew publish
+        # Import secrets needed for code signing and distribution
+        env:
+          OSSRH_GPG_KEYID: ${{ secrets.OSSRH_GPG_KEYID }}
+          OSSRH_GPG_PASSPHRASE: ${{ secrets.OSSRH_GPG_PASSPHRASE }}
+          OSSRH_GPG_PRIVATE_KEY: ${{ secrets.OSSRH_GPG_PRIVATE_KEY }}
+          OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }}
+          OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }}
+      # Upload the library so that build results can be viewed
+      - name: Upload Connector
+        uses: actions/upload-artifact@v3
+        with:
+          # TODO: release - Update name & artifacts to upload
+          name: Jar
+          path: '**/build/libs/*.jar'

.github/workflows/stale.yml

@@ -0,0 +1,33 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright Contributors to the ODPi Egeria project.
+---
+name: Mark stale issues and pull requests
+
+on:
+  schedule:
+    - cron: "0 0 * * *"
+
+jobs:
+  stale:
+    if: startsWith(github.repository,'odpi/')
+    runs-on: ubuntu-latest
+    steps:
+      - name: check stale issues and prs
+        uses: actions/stale@v7
+        with:
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+          stale-issue-message: >
+            This issue has been automatically marked as stale because it has
+            not had recent activity. It will be closed in 20 days if no
+            further activity occurs. Thank you for your contributions.
+          stale-pr-message: >
+            This PR has been automatically marked as stale because it has not
+            had recent activity. It will be closed in 20 days if no further
+            activity occurs. Thank you for your contributions.
+          stale-issue-label: 'no-issue-activity'
+          stale-pr-label: 'no-pr-activity'
+          days-before-stale: 60
+          days-before-close: 20
+          exempt-issue-label: 'pinned'
+          exempt-pr-label: 'pinned'
+          operations-per-run: 30

.github/workflows/verify.yml

@@ -0,0 +1,30 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright Contributors to the ODPi Egeria project.
+name: "PR Verification"
+
+on:
+  pull_request:
+    branches: [main, release-*, feature-*]
+
+jobs:
+  build:
+    if: startsWith(github.repository,'odpi/')
+    runs-on: ubuntu-latest
+    name: "PR Verification"
+    steps:
+      - uses: actions/checkout@v3
+      - name: Set up JDK
+        uses: actions/setup-java@v3
+        with:
+          java-version: 17
+          distribution: 'temurin'
+      - uses: gradle/wrapper-validation-action@v1
+      - name: Build
+        run: ./gradlew build
+      # --
+      - name: Upload Connector
+        uses: actions/upload-artifact@v3
+        with:
+          # TODO: verify - Update name & artifacts to upload
+          name:  Jar
+          path: '**/build/libs/*.jar'

.gitignore

@@ -0,0 +1,106 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright Contributors to the ODPi Egeria project.
+#
+# Link to help info - https://git-scm.com/docs/gitignore
+#
+
+# Compiled class file
+*.class
+
+# Log file
+*.log
+
+# BlueJ files
+*.ctxt
+
+# Mobile Tools for Java (J2ME)
+.mtj.tmp/
+
+# Package Files #
+*.jar
+*.war
+*.nar
+*.ear
+*.zip
+*.tar.gz
+*.rar
+
+# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
+hs_err_pid*
+
+# Maven
+target*
+dependency-reduced-pom.xml
+core*.dmp
+pom.xml.releaseBackup
+
+# IntelliJ
+*.iml
+**.iml
+*.ipr
+*.iws
+.idea
+venv
+
+# Eclipse
+.cache
+.classpath
+.project
+.checkstyle
+.settings
+.externalToolBuilders
+maven-eclipse.xml
+
+# Python
+*.pyc
+
+# review board
+.reviewboardrc
+
+# Scala-IDE specific
+.cache-main
+.cache-tests
+
+# emacs files
+*#
+*~
+
+# Mac OS
+__MACOSX
+
+# other files
+.DS_Store
+*.swp
+.java-version
+*.graphml
+
+# Ignore private maven repo 
+.repository
+
+# exclude temporary lock files
+*.lock
+log
+
+# m2 repo used by linux foundation build
+**/m2repo*/**
+
+# ignore github pages build file and site.
+Gemfile
+
+# vscode editor
+**/.vscode*/**
+**/.factorypath
+**/**.code-workspace
+
+# Jupyter notebook temp/update files
+**/.ipynb_checkpoints
+
+# Java core files
+Snap*.trc
+javacore*.txt
+jitdump*dmp
+
+# gradle
+!gradle/**
+.gradle/
+build/

CODEOWNERS

@@ -0,0 +1,10 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright Contributors to the ODPi Egeria project.
+
+# Code ownership for Egeria - see https://help.github.com/articles/about-codeowners/
+# Note that the LAST matching pattern will be effective so please more generic paths towards the top
+
+# Top level
+
+# TODO: Update with new owners of files added
+/* @mandy-chessell @planetf1