feat/con-x-edc-initial

.github/CODEOWNERS

@@ -1,3 +1,3 @@
 # Identify the committers responsible for the repository as standard reviewers
 
-* @rafaelmag110 @lgblaumeiser @bmg13 @AndrYurk
+* @lgblaumeiser @bmg13 @AndrYurk

.github/actions/generate-and-publish-allure-report/action.yml

@@ -35,7 +35,7 @@ runs:
   using: "composite"
   steps:
     - name: Download Allure results
-      uses: actions/download-artifact@v6
+      uses: actions/download-artifact@v7
       with:
         pattern: ${{ inputs.allure_results }}-*
         merge-multiple: true

.github/actions/publish-docker-image/action.yml

@@ -46,7 +46,7 @@ inputs:
 runs:
   using: "composite"
   steps:
-    - uses: actions/checkout@v5
+    - uses: actions/checkout@v6
 
     ###############################################
     # Enable emulation for cross-arch builds

.github/actions/run-deployment-test/action.yml

@@ -48,7 +48,7 @@ inputs:
 runs:
   using: "composite"
   steps:
-    - uses: actions/checkout@v5
+    - uses: actions/checkout@v6
     - uses: ./.github/actions/setup-java
 
     - uses: ./.github/actions/setup-helm

.github/actions/setup-java/action.yml

@@ -20,15 +20,15 @@
 
 
 ---
-name: "Setup JDK 17"
-description: "Setup JDK 17"
+name: "Setup JDK"
+description: "Setup JDK"
 runs:
   using: "composite"
   steps:
-    - name: Setup JDK 17
-      uses: actions/setup-java@v5.0.0
+    - name: Setup JDK 21
+      uses: actions/setup-java@v5.2.0
       with:
-        java-version: '17'
+        java-version: '21'
         distribution: 'temurin'
     - name: Setup Gradle
       uses: gradle/actions/setup-gradle@v5

.github/actions/update-version-and-charts/action.yml

@@ -42,7 +42,7 @@ runs:
         fi
         echo "version=$VERSION" >> "$GITHUB_OUTPUT"
     - name: Bump version in /charts
-      uses: mikefarah/yq@v4.48.2
+      uses: mikefarah/yq@v4.52.2
       with:
         cmd: |
           find charts -name Chart.yaml -maxdepth 3 | xargs -n1 yq -i '.appVersion = "${{ steps.resolver.outputs.version }}" 

.github/workflows/codeql.yaml

@@ -55,7 +55,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL

.github/workflows/deployment-test.yaml

@@ -32,7 +32,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Cache ContainerD Image Layers
-        uses: actions/cache@v4
+        uses: actions/cache@v5
         with:
           path: /var/lib/containerd/io.containerd.snapshotter.v1.overlayfs
           key: ${{ runner.os }}-io.containerd.snapshotter.v1.overlayfs
@@ -41,7 +41,7 @@ jobs:
     runs-on: ubuntu-latest
     needs: test-prepare
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - uses: ./.github/actions/run-deployment-test
         name: "Run deployment test using KinD and Helm"
         with:
@@ -70,7 +70,7 @@ jobs:
                        "v1.31.9" ]
     steps:
       - name: Checkout
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
       - uses: ./.github/actions/run-deployment-test
         name: "Run deployment test using KinD and Helm"
         with:

.github/workflows/draft-release.yaml

@@ -40,7 +40,7 @@ jobs:
       branch_name: ${{ steps.resolve_branch.outputs.branch_name }}
       is_official_release: ${{ steps.validation.outputs.is_official_release }}
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           fetch-depth: 0
       - id: validation
@@ -106,20 +106,34 @@ jobs:
       packages: write
       pages: write
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - name: Create Release branch
         run: git checkout -b ${{ needs.validate-and-prepare.outputs.branch_name }}
       - uses: ./.github/actions/setup-java
-      - name: Check dependencies before release
-        uses: ./.github/actions/generate-and-check-dependencies
-        with:
-          run: ${{ needs.validate-and-prepare.outputs.is_official_release == true && 'strict' || 'standard' }}
-      - name: Replace published DEPENDENCIES file link in NOTICE with the one just created
-        run: sed -i "s#\[DEPENDENCIES\]\(.*\)#\[DEPENDENCIES\]\(DEPENDENCIES\)#g" NOTICE.md
       - name: Version and Chart Updates
         uses: ./.github/actions/update-version-and-charts
         with:
           version: ${{ inputs.version }}
           bump_version: "false"
       - name: Push new branch
         run: git push origin ${{ needs.validate-and-prepare.outputs.branch_name }}
+      - name: Check dependencies before release
+        uses: ./.github/actions/generate-and-check-dependencies
+        with:
+          run: ${{ needs.validate-and-prepare.outputs.is_official_release == 'true' && 'strict' || 'standard' }}
+      - name: Replace published DEPENDENCIES file link in NOTICE with the one just created
+        run: sed -i "s#\[DEPENDENCIES\]\(.*\)#\[DEPENDENCIES\]\(DEPENDENCIES\)#g" NOTICE.md
+      - name: Commit DEPENDENCIES changes
+        shell: bash
+        run: |
+          if git diff --quiet -- DEPENDENCIES; then
+            echo "No changes in DEPENDENCIES, skipping commit."
+            exit 0
+          fi
+
+          git add DEPENDENCIES
+          git config user.name "eclipse-tractusx-bot"
+          git config user.email "tractusx-bot@eclipse.org"
+          git commit --message "Update DEPENDENCIES file"
+          git push origin ${{ needs.validate-and-prepare.outputs.branch_name }}
+          echo "commit=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT

.github/workflows/generate-and-publish-dependencies.yaml

@@ -25,6 +25,7 @@ on:
   push:
     branches:
       - main
+      - release/*
 
 permissions:
   contents: write
@@ -33,17 +34,51 @@ jobs:
   check-dependencies:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - uses: ./.github/actions/setup-java
+      - name: Output release type
+        id: release_type
+        shell: bash
+        run: |
+          VERSION=$(grep "version" gradle.properties  | awk -F= '{print $2}')
+          IFS=.- read -r MAJOR MINOR PATCH SNAPSHOT<<<"$VERSION"
+
+          if [[ ! -z $SNAPSHOT ]] then
+            echo "is_official_release=false" >> "$GITHUB_OUTPUT"
+          else
+            echo "is_official_release=true" >> "$GITHUB_OUTPUT"
+          fi
       - uses: ./.github/actions/generate-and-check-dependencies
+        with:
+          run: ${{ steps.release_type.outputs.is_official_release == 'true' && 'strict' || 'standard' }}
       - name: Prepare to publish
+        if: ${{ github.ref_name == 'main' }}
         shell: bash
         run: |
           mkdir public
           cp DEPENDENCIES public/
       - name: Publish to GitHub Pages
+        if: ${{ github.ref_name == 'main' }}
         uses: peaceiris/actions-gh-pages@v4
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           publish_dir: public
           keep_files: true
+      - name: Replace published DEPENDENCIES file link in NOTICE with the one just created
+        if: ${{ startsWith(github.ref_name, 'release/') }}
+        run: sed -i "s#\[DEPENDENCIES\]\(.*\)#\[DEPENDENCIES\]\(DEPENDENCIES\)#g" NOTICE.md
+      - name: Commit DEPENDENCIES changes
+        if: ${{ startsWith(github.ref_name, 'release/') }}
+        shell: bash
+        run: |
+          if git diff --quiet -- DEPENDENCIES; then
+           echo "No changes in DEPENDENCIES, skipping commit."
+           exit 0
+          fi
+
+          git add DEPENDENCIES
+          git config user.name "eclipse-tractusx-bot"
+          git config user.email "tractusx-bot@eclipse.org"
+          git commit --message "Update DEPENDENCIES file"
+          git push origin ${{ github.ref_name }}
+          echo "commit=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT

.github/workflows/helm-lint.yaml

@@ -45,7 +45,7 @@ jobs:
       ##############
       ### Set-Up ###
       ##############
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           fetch-depth: 0
       - uses: ./.github/actions/setup-helm

.github/workflows/kics.yml

@@ -41,10 +41,10 @@ jobs:
       security-events: write
 
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
 
       - name: KICS scan
-        uses: checkmarx/kics-github-action@v2.1.15
+        uses: checkmarx/kics-github-action@v2.1.19
         with:
           path: "."
           fail_on: high

.github/workflows/publish-context.yaml

@@ -34,7 +34,7 @@ jobs:
       contents: write
       pages: write
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - name: copy contexts into public folder
         run: |
           mkdir -p public/context

.github/workflows/publish-new-snapshot.yaml

@@ -75,7 +75,7 @@ jobs:
       VERSION: ${{ steps.get-version.outputs.VERSION }}
       DATED: ${{ steps.get-version.outputs.DATED }}
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - name: "Get version"
         id: get-version
         run: |
@@ -123,6 +123,7 @@ jobs:
     secrets: inherit
     with:
       version: ${{ needs.determine-version.outputs.VERSION }}
+      latest: false
 
   publish-latest-versioned-snapshot:
     name: "Publish latest versioned snapshot in GitHub Pages"
@@ -132,7 +133,7 @@ jobs:
     needs: [ determine-version ]
     if: ${{ needs.determine-version.outputs.DATED == 'true' }}
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - uses: ./.github/actions/publish-latest-versioned-snapshot
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/publish-openapi-ui.yml

@@ -28,26 +28,36 @@ on:
         required: false
         description: "Version of the Tractus-X EDC API to be should be published"
         type: string
+      latest:
+        description: "Latest release"
+        required: true
+        type: boolean
+        default: false
 
   workflow_call:
     inputs:
       version:
         required: false
         description: "Version of the Tractus-X EDC API to be should be published"
         type: string
+      latest:
+        description: "Latest release"
+        required: true
+        type: boolean
+        default: false
 
 jobs:
   generate-openapi-spec:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - uses: ./.github/actions/setup-java
 
       - name: Generate openapi spec
         run: ./gradlew resolve
         env:
           DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_API_TOKEN }}
-      - uses: actions/upload-artifact@v5
+      - uses: actions/upload-artifact@v6
         with:
           name: openapi-spec
           path: resources/openapi/yaml
@@ -62,9 +72,9 @@ jobs:
           { name: "data-plane", folder: "edc-dataplane/edc-dataplane-base" }
         ]
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - uses: eclipse-edc/.github/.github/actions/setup-build@main
-      - uses: actions/download-artifact@v6
+      - uses: actions/download-artifact@v7
         with:
           name: openapi-spec
           path: resources/openapi/yaml
@@ -101,13 +111,13 @@ jobs:
 
       - name: Generate Swagger UI stable version
         uses: Legion2/swagger-ui-action@v1
-        if: ${{ !endsWith( env.VERSION, '-SNAPSHOT') }}
+        if: ${{ inputs.latest }}
         with:
           output: dist
           spec-file: ${{ matrix.apiGroup.name }}.yaml
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
-      - uses: actions/upload-artifact@v5
+      - uses: actions/upload-artifact@v6
         with:
           name: ${{ matrix.apiGroup.name }}-api
           path: dist
@@ -118,7 +128,7 @@ jobs:
     permissions:
       contents: write
     steps:
-      - uses: actions/download-artifact@v6
+      - uses: actions/download-artifact@v7
         with:
           path: openapi
           pattern: "*-api"