Merge pull request #1 from leanix/feature/CID-2729/create-boiler-plat…

…e-code

Feature/cid 2729/create boiler plate code

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,35 @@
+---
+name: Bug report
+about: Create a report to help us improve
+title: ''
+labels: bug
+assignees: ''
+
+---
+
+**Describe the bug**
+A clear and concise description of what the bug is.
+
+**To Reproduce**
+Steps to reproduce the behavior:
+1. Run the following command '...'
+2. Go to '....'
+4. See error
+
+**Expected behavior**
+A clear and concise description of what you expected to happen.
+
+**Screenshots**
+If applicable, add screenshots to help explain your problem.
+
+**Setup (please complete the following information):**
+ - OS: [e.g. iOS]
+ - Version [e.g. 22]
+
+**Additional context**
+Add any other context about the problem here.
+
+TIPS: 
+- If you open a PR, please make sure to link it to this issue.
+- You can always edit your issue if it isn't formatted correctly.
+     See https://guides.github.com/features/mastering-markdown

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,25 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+title: ''
+labels: enhancement
+assignees: ''
+
+---
+
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+**Describe the solution you'd like**
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you've considered**
+A clear and concise description of any alternative solutions or features you've considered.
+
+**Additional context**
+Add any other context or screenshots about the feature request here.
+
+TIPS: 
+- If you open a PR, please make sure to link it to this issue.
+- You can always edit your issue if it isn't formatted correctly.
+     See https://guides.github.com/features/mastering-markdown

.github/release-drafter.yml

@@ -0,0 +1,30 @@
+name-template: 'v$RESOLVED_VERSION 🌈'
+tag-template: 'v$RESOLVED_VERSION'
+categories:
+  - title: '🚀 Features'
+    labels:
+      - 'feature'
+      - 'enhancement'
+  - title: '🐛 Bug Fixes'
+    labels:
+      - 'fix'
+      - 'bugfix'
+      - 'bug'
+  - title: '🧰 Maintenance'
+    label: 'chore'
+change-template: '- $TITLE (#$NUMBER)'
+change-title-escapes: '\<*_&'
+version-resolver:
+  major:
+    labels:
+      - 'major'
+  minor:
+    labels:
+      - 'minor'
+  patch:
+    labels:
+      - 'patch'
+  default: patch
+template: |
+  ## Changes
+  $CHANGES

.github/workflows/gradle-build.yml

@@ -0,0 +1,42 @@
+name: Build and test
+
+concurrency:
+  group: gradle-build-${{ github.ref }}
+  cancel-in-progress: true
+
+on:
+  push:
+  workflow_dispatch:
+
+jobs:
+  validation:
+    name: Branch name validation
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check branch name
+        run: |
+          if [[ "${{ github.ref }}" == "refs/heads/main" ]] || [[ "${{ github.ref }}" =~ ^refs/heads/feature/.*$ ]] || [[ "${{ github.ref }}" =~ ^refs/heads/release/v.*$ ]] || [[ "${{ github.ref }}" =~ ^refs/heads/bug/.*$ ]] ; then
+            echo "Branch naming is correct!"
+          else
+            echo "Invalid branch name! Correct format: 'feature/<branch-name>' or 'bug/<branch-name>' or release/vx.x.x"
+            exit 1
+          fi
+  gradle-ci:
+    name: Build and test
+    needs: validation
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Setup Java
+        uses: actions/setup-java@v3
+        with:
+          distribution: 'temurin'
+          java-version: '21'
+
+      - name: Build with Gradle
+        uses: gradle/gradle-build-action@v2
+        continue-on-error: false
+        with:
+          arguments: build

.github/workflows/leanix-github-agent-code-coverage.yml

@@ -0,0 +1,48 @@
+name: leanix-github-agent-code-coverage
+
+concurrency:
+  group: leanix-github-agent-code-coverage-${{ github.ref }}
+  cancel-in-progress: true
+
+on:
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  leanix-github-agent-connector-ci:
+    name: Build and test LeanIX GitHub Agent
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Setup Java
+        uses: actions/setup-java@v3
+        with:
+          distribution: 'temurin'
+          java-version: '21'
+
+      - name: Build with Gradle
+        uses: gradle/gradle-build-action@v2
+        id: gradle-build
+        continue-on-error: false
+        with:
+          arguments: build
+          build-root-directory: .
+
+      - name: Add coverage to PR
+        id: jacoco
+        uses: madrapps/jacoco-report@v1.3
+        with:
+          paths: ${{ github.workspace }}/build/jacocoXml/jacocoTestReport.xml
+          token: ${{secrets.GITHUB_TOKEN}}
+          min-coverage-overall: 40
+          min-coverage-changed-files: 60
+          title: LeanIX GitHub Agent Code Coverage
+          update-comment: true
+
+      - name: Get the Coverage info
+        run: |
+          echo "Total coverage ${{ steps.jacoco.outputs.coverage-overall }}"
+          echo "Changed Files coverage ${{ steps.jacoco.outputs.coverage-changed-files }}"

.github/workflows/release-docker-image.yml

@@ -0,0 +1,99 @@
+name: Release Docker Image
+
+on:
+  pull_request:
+    types: [closed]
+  workflow_dispatch:
+
+jobs:
+  release_draft:
+    permissions:
+      contents: write
+      pull-requests: write
+    runs-on: ubuntu-latest
+    steps:
+      - uses: release-drafter/release-drafter@v5
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+  build:
+    runs-on: ubuntu-latest
+
+    if: github.event.pull_request.merged
+
+    steps:
+      - name: Tag next version
+        id: tag-action
+        uses: K-Phoen/semver-release-action@master
+        with:
+          release_branch: main
+          release_strategy: tag
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Publish Release Draft
+        uses: actions/github-script@v6.4.1
+        if: (steps.tag-action.outputs.tag != '')
+        with:
+          github-token: ${{secrets.GITHUB_TOKEN}}
+          script: |
+            const tag = "${{ steps.tag-action.outputs.tag }}";
+            const { data: releases } = await github.rest.repos.listReleases({
+              owner: context.repo.owner,
+              repo: context.repo.repo
+            });
+            const draftRelease = releases.find(release => release.tag_name === tag && release.draft === true);
+            if (!draftRelease) {
+              console.log(`No draft release found for tag ${tag}`);
+              return;
+            }
+            await github.rest.repos.updateRelease({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              release_id: draftRelease.id,
+              draft: false
+            });
+            console.log(`Published draft release for tag ${tag}`);     
+
+      - name: Checkout
+        uses: actions/checkout@v3
+        if: (steps.tag-action.outputs.tag != '')
+
+      - name: Setup Java
+        uses: actions/setup-java@v3
+        if: (steps.tag-action.outputs.tag != '')
+        with:
+          distribution: 'temurin'
+          java-version: '21'
+
+      - name: Build with Gradle
+        uses: gradle/gradle-build-action@v2
+        if: (steps.tag-action.outputs.tag != '')
+        continue-on-error: false
+        with:
+          arguments: build
+
+      - name: Login to Azure registry
+        uses: azure/docker-login@v1
+        if: (steps.tag-action.outputs.tag != '')
+        with:
+          login-server: ${{ secrets.ACR_PUBLIC_LOGIN }}
+          username: ${{ secrets.ACR_PUBLIC_USERNAME }}
+          password: ${{ secrets.ACR_PUBLIC_PASSWORD }}
+
+      - name: Setup ssh
+        uses: webfactory/ssh-agent@v0.4.1
+        if: (steps.tag-action.outputs.tag != '')
+        with:
+          ssh-private-key: ${{ secrets.CI_GITHUB_SSH_PRIVATE_KEY }}
+          ssh-auth-sock: ${{ env.SSH_AUTH_SOCK }}
+
+      - name: Build and push image to Azure public registry
+        if: (steps.tag-action.outputs.tag != '')
+        uses: docker/build-push-action@v2
+        with:
+          context: ./
+          file: Dockerfile
+          tags: ${{ secrets.ACR_PUBLIC_LOGIN }}/leanix-github-agent:${{ steps.tag-action.outputs.tag }}, ${{ secrets.ACR_PUBLIC_LOGIN }}/leanix-github-agent:latest
+          push: true
+          ssh: default=${{ env.SSH_AUTH_SOCK }}

.github/workflows/snyk-scan.yml

@@ -0,0 +1,20 @@
+name: Snyk vulnerability scan
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: '0 1 * * *'
+  push:
+    branches:
+      - main
+jobs:
+  security:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@master
+
+      - uses: snyk/actions/gradle@master
+        with:
+          command: monitor
+          args: -d --severity-threshold=high --org=leanix --project-name=leanix-github-agent --project-tags=Team=Cider
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}

.gitignore

@@ -0,0 +1,54 @@
+.idea
+.vscode
+
+# Connectors
+**/node_modules
+**/dist
+**/.env
+**/combined.log
+**/error.log
+**/coverage
+
+### OSX ###
+.DS_Store
+
+### Server ###
+HELP.md
+.gradle
+build/
+!gradle/wrapper/gradle-wrapper.jar
+!**/src/main/**/build/
+!**/src/test/**/build/
+
+### STS ###
+.apt_generated
+.classpath
+.factorypath
+.project
+.settings
+.springBeans
+.sts4-cache
+bin/
+!**/src/main/**/bin/
+!**/src/test/**/bin/
+
+### IntelliJ IDEA ###
+*.iws
+*.iml
+*.ipr
+out/
+!**/src/main/**/out/
+!**/src/test/**/out/
+
+
+### K8s ###
+k8s/*.d.ts
+k8s/*.js
+!k8s/jest.config.js
+k8s/node_modules
+k8s/dist/
+k8s/imports
+k8s/k8s-deployment
+k8s/__snapshots__
+
+

CODEOWNERS

@@ -0,0 +1,4 @@
+# These owners will be the default owners for everything in
+# the repo. Unless a later match takes precedence,
+# they will be requested for review when someone opens a pull request.
+* @leanix/team-cider

Dockerfile

@@ -0,0 +1,9 @@
+FROM --platform=linux/x86_64 eclipse-temurin:21-jre-alpine
+
+RUN apk --no-cache upgrade && apk --no-cache add curl ca-certificates
+
+USER 65534
+EXPOSE 8080
+
+COPY build/libs/*.jar app.jar
+ENTRYPOINT ["sh", "-c", "java ${JAVA_OPTS} -jar /app.jar"]

SECURITY.md

@@ -0,0 +1,14 @@
+# Security Policy
+
+## Supported Versions
+
+The following table details the versions of leanix-github-agent that are currently being supported with security updates.
+
+| Version | Supported          |
+|---------| ------------------ |
+| 0.0.1   | :white_check_mark: |
+
+## Reporting a Vulnerability
+
+If you think you have found a security vulnerability, please DO NOT disclose it publicly until we’ve had a chance to fix it.
+Please don’t report security vulnerabilities using GitHub issues, instead email us with the details.