chore: update minimum deps & update release process [IDE-356] (#176)

* chore: update minimum dependencies & fix lsp4e interface call * chore: update release process * chore: bump plugin version * chore: update ci.yml github action to use newer actions * fix: use secret for sha check of keystore * refactor: enforce max number of parameters * fix: script output * fix: add recursive flag to aws cp call
snyk · May 28, 2024 · 3470750 · 3470750
1 parent 3bbd12e
commit 3470750
Show file tree

Hide file tree

Showing 16 changed files with 139 additions and 103 deletions.
diff --git a/.github/upload-to-s3.sh b/.github/upload-to-s3.sh
@@ -0,0 +1,59 @@
+#!/usr/bin/env bash
+#
+# © 2024 Snyk Limited
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+set -euo pipefail
+
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+# shellcheck disable=SC2002
+BASE="eclipse"
+AWS_REGION="${AWS_REGION:-us-east-1}"
+AWS_S3_BUCKET_NAME="${AWS_S3_BUCKET_NAME:-snyk-test}"
+DRY_RUN=
+
+if [ $# -eq 0 ]; then
+  echo "please provide a release channel as parameter (preview/stable)"
+  exit 1
+fi
+
+RELEASE_CHANNEL=$1
+
+if [ $# -eq 2 ]; then
+  DRY_RUN=--dryrun
+fi
+
+if [ $# -gt 2 ]; then
+  echo "Too many parameters"
+  echo "Usage: upload-to-s3.sh <release-channel> <dryrun>"
+  exit 1
+fi
+
+function uploadFile() {
+  FILENAME_SRC=$1
+  FILENAME_DST=$2
+  DRY_RUN=${3:-}
+
+  [ ! -d "$FILENAME_SRC" ] && echo "Directory $FILENAME_SRC does not exist." && exit 1
+
+  # shellcheck disable=SC2086
+  aws s3 cp --recursive $DRY_RUN "$FILENAME_SRC" "s3://$AWS_S3_BUCKET_NAME/$BASE/$FILENAME_DST"
+}
+
+# publish repo
+FILENAME_SRC="$SCRIPT_DIR/../update-site/target/repository"
+FILENAME_DST="$RELEASE_CHANNEL"
+# shellcheck disable=SC2086
+uploadFile $FILENAME_SRC $FILENAME_DST $DRY_RUN
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -5,58 +5,54 @@ name: Build Plugin with Maven
 
 on:
   push:
-    branches: [ main ]
+    branches: [main]
   pull_request:
-    branches: [ main ]
+    branches: [main]
 
 jobs:
   build:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        os: [ ubuntu-latest, macos-latest, windows-latest ]
+        os: [ubuntu-latest, macos-latest, windows-latest]
     steps:
-    - uses: actions/checkout@v2
-    - name: Set up JDK
-      uses: actions/setup-java@v2
-      with:
-        java-version: '17'
-        distribution: 'zulu'
-        cache: maven
-
-    - name: Decode Keystore
-      id: decode_keystore
-      if: ${{ matrix.os == 'ubuntu-latest' }}
-      env:
-        fileName: ./keystore.jks
-        encodedString: ${{ secrets.KEYSTORE }}
-      run: |
-        echo "$encodedString" | base64 -d > $fileName
-        echo "6cab9fa86689a9969097a662891fe8a1d8752ac430c18750cfa4d230744ac4a7  $fileName" > sha256.txt
-        sha256sum -c sha256.txt
-
-    - name: Build with Maven
-      if: ${{ matrix.os == 'ubuntu-latest' }}
-      run: ./mvnw clean verify -P sign -DtrimStackTrace=false
-      env:
-        KEYSTORE_PASS: ${{ secrets.KEYSTORE_PASS }}
-
-    - name: Build with Maven
-      if: ${{ matrix.os != 'ubuntu-latest' }}
-      run: |
-        ./mvnw clean verify -DtrimStackTrace=false
-
-    - name: Authenticate to GCS
-      if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' && matrix.os == 'ubuntu-latest' }}
-      id: 'auth'
-      uses: 'google-github-actions/auth@v0'
-      with:
-        credentials_json: '${{ secrets.gcp_credentials_2 }}'
-
-    - name: Publish to Marketplace bucket
-      if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' && matrix.os == 'ubuntu-latest' }}
-      uses: 'google-github-actions/upload-cloud-storage@v0'
-      with:
-        path: "./update-site/target/repository/"
-        destination: "snyk-eclipse-plugin-test/preview-2.1"
-        predefinedAcl: publicRead
+      - uses: actions/checkout@v4
+      - name: Set up JDK
+        uses: actions/setup-java@v4
+        with:
+          java-version: "17"
+          distribution: "temurin"
+          cache: maven
+
+      - name: Decode Keystore
+        id: decode_keystore
+        if: ${{ matrix.os == 'ubuntu-latest' }}
+        env:
+          fileName: ./keystore.jks
+          encodedString: ${{ secrets.KEYSTORE }}
+          sha: ${{ secrets.KEYSTORE_SHA }}
+        run: |
+          echo "$encodedString" | base64 -d > $fileName
+          echo "$sha  $fileName" > sha256.txt
+          sha256sum -c sha256.txt
+
+      - name: Build with Maven
+        if: ${{ matrix.os == 'ubuntu-latest' }}
+        run: ./mvnw clean verify -P sign -DtrimStackTrace=false
+        env:
+          KEYSTORE_PASS: ${{ secrets.KEYSTORE_PASS }}
+
+      - name: Build with Maven
+        if: ${{ matrix.os != 'ubuntu-latest' }}
+        run: |
+          ./mvnw clean verify -DtrimStackTrace=false
+
+      - name: Upload binaries to static.snyk.io
+        if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' && matrix.os == 'ubuntu-latest' }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          AWS_S3_BUCKET_NAME: ${{ secrets.AWS_S3_BUCKET_NAME }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+        run: |
+          .github/upload-to-s3.sh preview
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -3,23 +3,23 @@ name: Release
 on:
   workflow_dispatch:
   schedule:
-    - cron: '0 9 * * 2'  # every Tuesday at 9 am UTC
+    - cron: "0 9 * * 2" # every Tuesday at 9 am UTC
 
 jobs:
   release:
     name: release
     runs-on: ubuntu-latest
     steps:
       - name: Fetch Sources
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
 
       - name: Set up JDK
-        uses: actions/setup-java@v2
+        uses: actions/setup-java@v4
         with:
-          java-version: '17'
-          distribution: 'zulu'
+          java-version: "17"
+          distribution: "temurin"
           cache: maven
 
       - name: Decode Keystore
@@ -49,43 +49,16 @@ jobs:
           git push --tags
           echo "::set-output name=tagName::$TAG_NAME"
 
-      - name: Authenticate to GCS
-        id: 'auth'
-        uses: 'google-github-actions/auth@v0'
-        with:
-          credentials_json: '${{ secrets.gcp_credentials_2 }}'
-
-      - name: Publish to Marketplace bucket
-        uses: 'google-github-actions/upload-cloud-storage@v0'
-        with:
-          path: "./update-site/target/repository/"
-          destination: "snyk-eclipse-plugin/weekly-2.1"
-          predefinedAcl: publicRead
-
-      - name: Extract release notes
-        id: extract-release-notes
-        uses: ffurrer2/extract-release-notes@v1
-
       - name: Create release
-        id: create_release
         if: ${{ !env.ACT }}
-        uses: actions/create-release@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          tag_name: "${{ steps.createTag.outputs.tagName }}"
-          release_name: "${{ steps.createTag.outputs.tagName }}"
-          draft: false
-          prerelease: false
-          body: '${{ steps.extract-release-notes.outputs.release_notes }}'
+        id: create_release
+        run: gh release create ${{ steps.createTag.outputs.tagName }} --generate-notes $(find . -name 'update-site-*.zip')
 
-      - name: Upload Release Asset
-        id: upload-release-asset
-        uses: actions/upload-release-asset@v1
+      - name: Upload binaries to static.snyk.io
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          upload_url: ${{ steps.create_release.outputs.upload_url }} # This pulls from the CREATE RELEASE step above, referencing it's ID to get its outputs object, which include a `upload_url`. See this blog post for more info: https://jasonet.co/posts/new-features-of-github-actions/#passing-data-to-future-steps
-          asset_path: ./update-site/target/update-site-2.1.0-SNAPSHOT.zip
-          asset_name: "update-site-2.1.0-${{ steps.createTag.outputs.tagName }}.zip"
-          asset_content_type: application/zip
+          AWS_S3_BUCKET_NAME: ${{ secrets.AWS_S3_BUCKET_NAME }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+        run: |
+          .github/upload-to-s3.sh stable
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,7 +1,15 @@
 # Snyk Security Changelog
 
+## [2.2.0] - Unreleased
+### Changes
+- require lsp4e 0.18.9 and lsp4j 0.23.1 as minimum versions
+- update release process & update sites to https://static.snyk.io/eclipse/preview and https://static.snyk.io/eclipse/stable
 
-## [2.1.0] - Unreleased
+## [2.1.0] - v20240412.114323
+### Changes
+- bumped the LS protocol version to 11 to support new commands introduced for global ignores
+
+## [2.1.0] - v20240313.174439
 
 ### Changes
 - bumped the LS protocol version to 11 to support new commands introduced for global ignores

diff --git a/feature/category.xml b/feature/category.xml
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <site>
-  <feature url="features/io.snyk.scanner_2.1.0.qualifier.jar" id="io.snyk.scanner" version="2.1.0.qualifier">
+  <feature url="features/io.snyk.scanner_2.2.0.qualifier.jar" id="io.snyk.scanner" version="2.2.0.qualifier">
     <category name="io.snyk.scanner"/>
   </feature>
   <category-def name="io.snyk.scanner" label="Snyk Security">

diff --git a/feature/feature.xml b/feature/feature.xml
@@ -2,7 +2,7 @@
 <feature
       id="io.snyk.scanner"
       label="Snyk Security"
-      version="2.1.0.qualifier"
+      version="2.2.0.qualifier"
       provider-name="Snyk">
 
    <description url="https://snyk.io">

diff --git a/feature/pom.xml b/feature/pom.xml
@@ -4,7 +4,7 @@
   <parent>
     <groupId>io.snyk</groupId>
     <artifactId>parent</artifactId>
-    <version>2.1.0-SNAPSHOT</version>
+    <version>2.2.0-SNAPSHOT</version>
   </parent>
 
   <artifactId>io.snyk.scanner</artifactId>

diff --git a/plugin/META-INF/MANIFEST.MF b/plugin/META-INF/MANIFEST.MF
@@ -3,18 +3,18 @@ Bundle-ManifestVersion: 2
 Bundle-Name: %Bundle-Name
 Bundle-RequiredExecutionEnvironment: JavaSE-17
 Bundle-SymbolicName: io.snyk.eclipse.plugin;singleton:=true
-Bundle-Version: 2.1.0.qualifier
+Bundle-Version: 2.2.0.qualifier
 Bundle-Activator: io.snyk.eclipse.plugin.Activator
 Bundle-Vendor: %Bundle-Vendor
 Require-Bundle: org.eclipse.ui,
  org.eclipse.core.runtime,
  org.eclipse.jdt.core,
  org.eclipse.core.resources,
- org.eclipse.lsp4e;bundle-version="0.17.0",
- org.eclipse.lsp4e.jdt,
+ org.eclipse.lsp4e;bundle-version="0.18.9",
+ org.eclipse.lsp4e.jdt;bundle-version="0.13.0",
  org.eclipse.equinox.security,
  org.eclipse.equinox.security.ui,
- org.eclipse.lsp4j,
+ org.eclipse.lsp4j;bundle-version="0.23.1",
  org.eclipse.core.filebuffers,
  org.eclipse.ui.workbench.texteditor,
  org.eclipse.jface.text,

diff --git a/plugin/pom.xml b/plugin/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>io.snyk</groupId>
     <artifactId>parent</artifactId>
-    <version>2.1.0-SNAPSHOT</version>
+    <version>2.2.0-SNAPSHOT</version>
   </parent>
 
 

diff --git a/plugin/src/main/java/io/snyk/eclipse/plugin/SnykStartup.java b/plugin/src/main/java/io/snyk/eclipse/plugin/SnykStartup.java
@@ -86,7 +86,7 @@ private void startLanguageServer() {
         var definition = LanguageServersRegistry.getInstance().getDefinition(SnykLanguageServer.LANGUAGE_SERVER_ID);
         try {
           LanguageServiceAccessor.startLanguageServer(definition);
-        } catch (IOException e) {
+        } catch (RuntimeException e) {
           logError(e);
         }
       }

diff --git a/pom.xml b/pom.xml
@@ -3,7 +3,7 @@
   <modelVersion>4.0.0</modelVersion>
   <groupId>io.snyk</groupId>
   <artifactId>parent</artifactId>
-  <version>2.1.0-SNAPSHOT</version>
+  <version>2.2.0-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <properties>

diff --git a/target-platform/pom.xml b/target-platform/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <groupId>io.snyk</groupId>
         <artifactId>parent</artifactId>
-        <version>2.1.0-SNAPSHOT</version>
+        <version>2.2.0-SNAPSHOT</version>
     </parent>
     <packaging>eclipse-target-definition</packaging>
 </project>
diff --git a/tests/META-INF/MANIFEST.MF b/tests/META-INF/MANIFEST.MF
@@ -2,7 +2,7 @@ Manifest-Version: 1.0
 Bundle-ManifestVersion: 2
 Bundle-Name: io.snyk.eclipse.plugin.tests
 Bundle-SymbolicName: io.snyk.eclipse.plugin.tests;singleton:=true
-Bundle-Version: 2.1.0.qualifier
+Bundle-Version: 2.2.0.qualifier
 Bundle-Vendor: Snyk
 Fragment-Host: io.snyk.eclipse.plugin
 Automatic-Module-Name: io.snyk

diff --git a/tests/pom.xml b/tests/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <groupId>io.snyk</groupId>
         <artifactId>parent</artifactId>
-        <version>2.1.0-SNAPSHOT</version>
+        <version>2.2.0-SNAPSHOT</version>
     </parent>
     <artifactId>io.snyk.eclipse.plugin.tests</artifactId>
     <packaging>eclipse-test-plugin</packaging>

diff --git a/update-site/category.xml b/update-site/category.xml
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <site>
-  <feature url="features/io.snyk.scanner_2.1.0.qualifier.jar" id="io.snyk.scanner" version="2.1.0.qualifier">
+  <feature url="features/io.snyk.scanner_2.2.0.qualifier.jar" id="io.snyk.scanner" version="2.2.0.qualifier">
     <category name="io.snyk.scanner"/>
   </feature>
   <category-def name="io.snyk.scanner" label="Snyk Security">

diff --git a/update-site/pom.xml b/update-site/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>io.snyk</groupId>
     <artifactId>parent</artifactId>
-    <version>2.1.0-SNAPSHOT</version>
+    <version>2.2.0-SNAPSHOT</version>
   </parent>
   <packaging>eclipse-repository</packaging>