From 80ae2135e9cc640e9edd033d000f1f3ceb780d35 Mon Sep 17 00:00:00 2001
From: Esta Nagy <nagyesta@gmail.com>
Date: Sun, 9 Jan 2022 12:06:49 +0100
Subject: [PATCH] Lift configuration (#21)

- Configures repo specific rules of Sonatype Lift
- Refines OSS Index Audit configuration

{patch}
---
 .github/workflows/codeql-analysis.yml       |  6 +++++-
 .github/workflows/gradle-ci.yml             | 12 ++---------
 .github/workflows/gradle-oss-index-scan.yml |  2 +-
 .github/workflows/gradle.yml                | 12 ++---------
 .lift.toml                                  | 23 +++++++++++++++++++++
 build.gradle                                | 11 ++++++++++
 6 files changed, 44 insertions(+), 22 deletions(-)
 create mode 100644 .lift.toml

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 5e8ef06a..3dff70d0 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -18,6 +18,8 @@ on:
     paths-ignore:
       - 'README.md'
       - '**/README.md'
+      - '.lift/.toml'
+      - '**/.lift/.toml'
       - 'SECURITY.md'
       - 'LICENSE'
       - '.github/ISSUE_TEMPLATE/**'
@@ -28,6 +30,8 @@ on:
     paths-ignore:
       - 'README.md'
       - '**/README.md'
+      - '.lift/.toml'
+      - '**/.lift/.toml'
       - 'SECURITY.md'
       - 'LICENSE'
       - '.github/ISSUE_TEMPLATE/**'
@@ -64,4 +68,4 @@ jobs:
       - name: Perform CodeQL Analysis
         uses: github/codeql-action/analyze@46110c361b7e9ea1b6f9c6ba2cc941fa7a106cca
       - name: Check dependencies with Gradle
-        run: ./gradlew ossIndexAudit --info
+        run: ./gradlew ossIndexAudit -PossIndexUsername=${{ secrets.OSS_INDEX_USER }} -PossIndexPassword=${{ secrets.OSS_INDEX_PASSWORD }}
diff --git a/.github/workflows/gradle-ci.yml b/.github/workflows/gradle-ci.yml
index bc0d2c5c..2b3e930a 100644
--- a/.github/workflows/gradle-ci.yml
+++ b/.github/workflows/gradle-ci.yml
@@ -9,6 +9,8 @@ on:
     paths-ignore:
       - 'README.md'
       - '**/README.md'
+      - '.lift/.toml'
+      - '**/.lift/.toml'
       - 'SECURITY.md'
       - 'LICENSE'
       - '.github/ISSUE_TEMPLATE/**'
@@ -46,67 +48,57 @@ jobs:
           token: ${{ secrets.CODECOV_TOKEN }}
           file: ./mission-control/build/reports/jacoco/report.xml
           flags: core
-          fail_ci_if_error: false
       - name: Upload coverage to Codecov - Boosters - JUnit4
         uses: codecov/codecov-action@11d69070bf0bb19a473235e011c7890707db52de # v2.1
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           file: ./boosters/booster-junit4/build/reports/jacoco/report.xml
           flags: junit4
-          fail_ci_if_error: false
       - name: Upload coverage to Codecov - Boosters - Jupiter
         uses: codecov/codecov-action@11d69070bf0bb19a473235e011c7890707db52de # v2.1
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           file: ./boosters/booster-junit-jupiter/build/reports/jacoco/report.xml
           flags: jupiter
-          fail_ci_if_error: false
       - name: Upload coverage to Codecov - Boosters - TestNG
         uses: codecov/codecov-action@11d69070bf0bb19a473235e011c7890707db52de # v2.1
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           file: ./boosters/booster-testng/build/reports/jacoco/report.xml
           flags: testng
-          fail_ci_if_error: false
       - name: Upload coverage to Codecov - Boosters - Cucumber JVM
         uses: codecov/codecov-action@11d69070bf0bb19a473235e011c7890707db52de # v2.1
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           file: ./boosters/booster-cucumber-jvm/build/reports/jacoco/report.xml
           flags: cucumber
-          fail_ci_if_error: false
       - name: Upload coverage to Codecov - Boosters - Testkit
         uses: codecov/codecov-action@11d69070bf0bb19a473235e011c7890707db52de # v2.1
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           file: ./boosters/testkit/build/reports/jacoco/report.xml
           flags: testkit
-          fail_ci_if_error: false
       - name: Upload coverage to Codecov - Reporting - Flight Evaluation Report
         uses: codecov/codecov-action@11d69070bf0bb19a473235e011c7890707db52de # v2.1
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           file: ./mission-report/flight-evaluation-report/build/reports/jacoco/report.xml
           flags: flighteval
-          fail_ci_if_error: false
       - name: Upload coverage to Codecov - Strongback - Base
         uses: codecov/codecov-action@11d69070bf0bb19a473235e011c7890707db52de # v2.1
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           file: ./strongback/strongback-base/build/reports/jacoco/report.xml
           flags: strongback
-          fail_ci_if_error: false
       - name: Upload coverage to Codecov - Strongback - H2 Supplier
         uses: codecov/codecov-action@11d69070bf0bb19a473235e011c7890707db52de # v2.1
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           file: ./strongback/strongback-h2-supplier/build/reports/jacoco/report.xml
           flags: h2
-          fail_ci_if_error: false
       - name: Upload coverage to Codecov - Strongback - RMI Supplier
         uses: codecov/codecov-action@11d69070bf0bb19a473235e011c7890707db52de # v2.1
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           file: ./strongback/strongback-rmi-supplier/build/reports/jacoco/report.xml
           flags: rmi
-          fail_ci_if_error: false
diff --git a/.github/workflows/gradle-oss-index-scan.yml b/.github/workflows/gradle-oss-index-scan.yml
index 2c24e618..e9ca907a 100644
--- a/.github/workflows/gradle-oss-index-scan.yml
+++ b/.github/workflows/gradle-oss-index-scan.yml
@@ -20,4 +20,4 @@ jobs:
         with:
           java-version: 8
       - name: Check dependencies with Gradle
-        run: ./gradlew ossIndexAudit --info
+        run: ./gradlew ossIndexAudit -PossIndexUsername=${{ secrets.OSS_INDEX_USER }} -PossIndexPassword=${{ secrets.OSS_INDEX_PASSWORD }}
diff --git a/.github/workflows/gradle.yml b/.github/workflows/gradle.yml
index 3e087fbb..e583015c 100644
--- a/.github/workflows/gradle.yml
+++ b/.github/workflows/gradle.yml
@@ -10,6 +10,8 @@ on:
     paths-ignore:
       - 'README.md'
       - '**/README.md'
+      - '.lift/.toml'
+      - '**/.lift/.toml'
       - 'SECURITY.md'
       - 'LICENSE'
       - '.github/ISSUE_TEMPLATE/**'
@@ -61,67 +63,57 @@ jobs:
           token: ${{ secrets.CODECOV_TOKEN }}
           file: ./mission-control/build/reports/jacoco/report.xml
           flags: core
-          fail_ci_if_error: false
       - name: Upload coverage to Codecov - Boosters - JUnit4
         uses: codecov/codecov-action@11d69070bf0bb19a473235e011c7890707db52de # v2.1
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           file: ./boosters/booster-junit4/build/reports/jacoco/report.xml
           flags: junit4
-          fail_ci_if_error: false
       - name: Upload coverage to Codecov - Boosters - Jupiter
         uses: codecov/codecov-action@11d69070bf0bb19a473235e011c7890707db52de # v2.1
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           file: ./boosters/booster-junit-jupiter/build/reports/jacoco/report.xml
           flags: jupiter
-          fail_ci_if_error: false
       - name: Upload coverage to Codecov - Boosters - TestNG
         uses: codecov/codecov-action@11d69070bf0bb19a473235e011c7890707db52de # v2.1
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           file: ./boosters/booster-testng/build/reports/jacoco/report.xml
           flags: testng
-          fail_ci_if_error: false
       - name: Upload coverage to Codecov - Boosters - Cucumber JVM
         uses: codecov/codecov-action@11d69070bf0bb19a473235e011c7890707db52de # v2.1
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           file: ./boosters/booster-cucumber-jvm/build/reports/jacoco/report.xml
           flags: cucumber
-          fail_ci_if_error: false
       - name: Upload coverage to Codecov - Boosters - Testkit
         uses: codecov/codecov-action@11d69070bf0bb19a473235e011c7890707db52de # v2.1
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           file: ./boosters/testkit/build/reports/jacoco/report.xml
           flags: testkit
-          fail_ci_if_error: false
       - name: Upload coverage to Codecov - Reporting - Flight Evaluation Report
         uses: codecov/codecov-action@11d69070bf0bb19a473235e011c7890707db52de # v2.1
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           file: ./mission-report/flight-evaluation-report/build/reports/jacoco/report.xml
           flags: flighteval
-          fail_ci_if_error: false
       - name: Upload coverage to Codecov - Strongback - Base
         uses: codecov/codecov-action@11d69070bf0bb19a473235e011c7890707db52de # v2.1
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           file: ./strongback/strongback-base/build/reports/jacoco/report.xml
           flags: strongback
-          fail_ci_if_error: false
       - name: Upload coverage to Codecov - Strongback - H2 Supplier
         uses: codecov/codecov-action@11d69070bf0bb19a473235e011c7890707db52de # v2.1
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           file: ./strongback/strongback-h2-supplier/build/reports/jacoco/report.xml
           flags: h2
-          fail_ci_if_error: false
       - name: Upload coverage to Codecov - Strongback - RMI Supplier
         uses: codecov/codecov-action@11d69070bf0bb19a473235e011c7890707db52de # v2.1
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           file: ./strongback/strongback-rmi-supplier/build/reports/jacoco/report.xml
           flags: rmi
-          fail_ci_if_error: false
diff --git a/.lift.toml b/.lift.toml
new file mode 100644
index 00000000..195c2ace
--- /dev/null
+++ b/.lift.toml
@@ -0,0 +1,23 @@
+# Lift configuration
+# Reference https://help.sonatype.com/lift/configuration-reference
+
+# setup = <path to setup script>
+# build = ENV= <env> <build option> [target]
+build = "./gradlew build -x test"
+
+# importantRules = <exclusive list of issues to report back to user>
+# ignoreRules = <list of issues never to report to the user>
+# ignoreFiles = <gitignore format string of files to ignore>
+
+## tools = <infer | errorprone | eslint | hlint | findsecbugs >
+tools = ["infer", "findsecbugs", "open source vulnerabilities", "bill of materials"]
+
+# disableTools = <list of tools to not run on the project>
+disableTools = ["errorprone"]
+
+# customTools = <list of user-provided tools conforming to a tool API>
+# allow = <list of users whose pull requests can trigger analysis>
+# jdkVersion = <jdk version>
+
+# summaryComments = <true or false (defaults to false)
+summaryComments = false
diff --git a/build.gradle b/build.gradle
index 9c27237b..357d486d 100644
--- a/build.gradle
+++ b/build.gradle
@@ -11,6 +11,8 @@ project.ext {
     gitUser = project.hasProperty('githubUser') ? (project.property('githubUser') as String) : ''
     ossrhUser = project.hasProperty('ossrhUsername') ? (project.property('ossrhUsername') as String) : ''
     ossrhPass = project.hasProperty('ossrhPassword') ? (project.property('ossrhPassword') as String) : ''
+    ossIndexUser = project.hasProperty('ossIndexUsername') ? (project.property('ossIndexUsername') as String) : ''
+    ossIndexPass = project.hasProperty('ossIndexPassword') ? (project.property('ossIndexPassword') as String) : ''
     repoUrl = 'https://github.com/nagyesta/abort-mission'
     licenseName = 'MIT License'
     licenseUrl = 'https://raw.githubusercontent.com/nagyesta/abort-mission/main/LICENSE'
@@ -202,6 +204,15 @@ configure(subprojects.findAll({
     tasks.withType(GenerateModuleMetadata) {
         enabled = false
     }
+
+    ossIndexAudit {
+        username = rootProject.ext.ossIndexUser
+        password = rootProject.ext.ossIndexPass
+        printBanner = false
+        colorEnabled = true
+        showAll = false
+        dependencyGraph = true
+    }
 }
 
 repositories {