feat(FSADT1-1307): adding search by ids (#218)

Co-authored-by: Maria Martinez <[email protected]>

.github/workflows/analysis.yml

@@ -1,10 +1,12 @@
 name: Analysis
 
 on:
-  pull_request:
-    types: [opened, reopened, synchronize, ready_for_review, converted_to_draft]
   push:
     branches: [main]
+  pull_request:
+    types: [opened, reopened, synchronize, ready_for_review, converted_to_draft]
+  schedule:
+    - cron: "0 11 * * 0" # 3 AM PST = 12 PM UDT, runs sundays
   workflow_dispatch:
 
 concurrency:
@@ -14,91 +16,9 @@ concurrency:
 jobs:
   tests:
     name: Tests
-    if: ${{ ! github.event.pull_request.draft }}
-    runs-on: ubuntu-22.04
-    steps:
-      - uses: bcgov-nr/[email protected]
-        with:
-          commands: |
-            mvn -B verify -P all-tests checkstyle:checkstyle -Dcheckstyle.skip=false
-          dir: .
-          java-cache: maven
-          java-distribution: temurin
-          java-version: "17"
-          sonar_args: >
-            -Dsonar.organization=bcgov-sonarcloud
-            -Dsonar.projectKey=bcgov_forest-client-api
-          sonar_token: ${{ secrets.SONAR_TOKEN }}
-
-      - name: Archive CycloneDX
-        continue-on-error: true
-        uses: actions/upload-artifact@v4
-        with:
-          name: cyclone
-          path: target/bom.json
-          retention-days: 5
+    if: github.event_name != 'pull_request' || !github.event.pull_request.draft
+    uses: ./.github/workflows/reusable-tests-be.yml
 
-      - name: Use Checkstyle report
-        continue-on-error: true
-        uses: jwgmeligmeyling/checkstyle-github-action@master
-        with:
-          path: "**/checkstyle-result.xml"
-
-      - name: Publish Test Report
-        uses: mikepenz/action-junit-report@v4
-        continue-on-error: true
-        if: success() || failure() # always run even if the previous step fails
-        with:
-          report_paths: "target/**/TEST-*.xml"
-          commit: ${{ github.event.pull_request.head.sha }}
-          summary: Pull Request Tests
-          detailed_summary: true
-          job_name: Tests
-
-      - name: Add coverage to PR
-        id: jacoco
-        continue-on-error: true
-        uses: madrapps/[email protected]
-        with:
-          paths: target/coverage-reports/merged-test-report/jacoco.xml
-          token: ${{ secrets.GITHUB_TOKEN }}
-          min-coverage-overall: 75
-          min-coverage-changed-files: 75
-
-  # https://github.com/marketplace/actions/aqua-security-trivy
   trivy:
-    name: Trivy Security Scan
-    if: ${{ ! github.event.pull_request.draft }}
-    runs-on: ubuntu-22.04
-    steps:
-      - uses: actions/checkout@v4
-      - uses: aquasecurity/[email protected]
-        with:
-          format: "sarif"
-          ignore-unfixed: true
-          output: "trivy-results.sarif"
-          scan-type: "fs"
-          scanners: "vuln,secret,config"
-          severity: "CRITICAL,HIGH"
-
-      - uses: github/codeql-action/upload-sarif@v3
-        with:
-          sarif_file: "trivy-results.sarif"
-
-  codeql:
-    name: CodeQL
-    runs-on: ubuntu-22.04
-    permissions:
-      actions: read
-      contents: read
-      security-events: write
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-java@v4
-        with:
-          distribution: "temurin"
-          java-version: "17"
-          cache: "maven"
-      - uses: github/codeql-action/init@v3
-      - run: ./mvnw clean package
-      - uses: github/codeql-action/analyze@v3
+    name: Repository Reports
+    uses: ./.github/workflows/reusable-tests-repo.yml

.github/workflows/pr-open.yml

@@ -17,6 +17,8 @@ jobs:
     permissions:
       contents: read
       pull-requests: write
+    outputs:
+      semver: ${{ steps.changelog.outputs.tag }}
     steps:
       - uses: actions/checkout@v4
       - name: Pull request size and stability labels
@@ -79,17 +81,21 @@ jobs:
   build:
     name: Build
     runs-on: ubuntu-latest
+    needs: [pr-validation]
     permissions:
       contents: read
       packages: write
     steps:
       - uses: bcgov-nr/[email protected]
         with:
           package: api
-          build_context: ./
-          build_file: Dockerfile
           tag: ${{ github.event.number }}
           tag_fallback: test
+          build_context: ./
+          build_file: Dockerfile
+          build_args: |
+            APP_VERSION=${{ needs.pr-validation.outputs.semver }}-${{ github.event.number }}
+          
 
   deploy:
     name: Deploy

.github/workflows/reusable-tests-be.yml

@@ -0,0 +1,63 @@
+name: Reusable Unit Tests and Analysis
+
+on:
+  workflow_call:
+
+jobs:
+  tests-java:
+    name: Backend Tests
+    if: github.event_name != 'pull_request' || !github.event.pull_request.draft
+    runs-on: ubuntu-22.04
+    steps:
+      - uses: bcgov-nr/[email protected]
+        name: Backend Coverage
+        with:
+          commands: |
+            mvn -B verify -P all-tests checkstyle:checkstyle -Dcheckstyle.skip=false --file pom.xml
+          dir: .
+          java-cache: maven
+          java-distribution: temurin
+          java-version: "17"
+          sonar_args: >
+            -Dsonar.organization=bcgov-sonarcloud
+            -Dsonar.projectKey=bcgov_forest-client-api
+            -Dsonar.coverage.jacoco.xmlReportPaths=target/coverage-reports/merged-test-report/jacoco.xml        
+            -Dsonar.java.checkstyle.reportPaths=target/checkstyle-result.xml
+            -Dsonar.coverage.exclusions=**/configuration/**,**/exception/**,**/dto/**,**/entity/**,**/repository/**,**/*$*Builder*,**/Application*
+          sonar_token: ${{ secrets.SONAR_TOKEN_BACKEND }}
+
+      - name: Archive CycloneDX
+        continue-on-error: true
+        uses: actions/upload-artifact@v4
+        with:
+          name: cyclone-backend
+          path: target/bom.json
+          retention-days: 5
+
+      - name: Checkstyle report
+        continue-on-error: true
+        uses: jwgmeligmeyling/checkstyle-github-action@master
+        with:
+          path: target/**/checkstyle-result.xml
+
+      - name: Publish Test Report
+        uses: mikepenz/action-junit-report@v4
+        continue-on-error: true
+        if: github.event_name == 'pull_request' && (success() || failure())
+        with:
+          report_paths: target/**/TEST-*.xml
+          commit: ${{ github.event.pull_request.head.sha }}
+          summary: Pull Request Tests for Backend
+          detailed_summary: true
+          job_name: Backend Tests
+
+      - name: Add coverage to PR
+        id: jacoco
+        continue-on-error: true
+        if: github.event_name == 'pull_request'
+        uses: madrapps/[email protected]
+        with:
+          paths: target/coverage-reports/merged-test-report/jacoco.xml
+          token: ${{ secrets.GITHUB_TOKEN }}
+          min-coverage-overall: 75
+          min-coverage-changed-files: 75

.github/workflows/reusable-tests-repo.yml

@@ -0,0 +1,54 @@
+name: Reusable Unit Tests and Analysis
+
+on:
+  workflow_call:
+
+jobs:
+  trivy:
+    name: Repository Report
+    if: github.event_name != 'pull_request' || !github.event.pull_request.draft
+    runs-on: ubuntu-22.04
+    steps:
+      - uses: actions/checkout@v4
+      - name: Run Trivy vulnerability scanner in repo mode
+        uses: aquasecurity/[email protected]
+        with:
+          format: "sarif"
+          output: "trivy-results.sarif"
+          ignore-unfixed: true
+          scan-type: "fs"
+          scanners: "vuln,secret,config"
+          severity: "CRITICAL,HIGH"
+
+      - name: Upload Trivy scan results to GitHub Security tab
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: "trivy-results.sarif"
+
+  codeql:
+    name: Semantic Code Analysis
+    runs-on: ubuntu-22.04
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+    steps:
+      - uses: actions/checkout@v4
+      - uses: github/codeql-action/init@v3
+        with:
+          languages: javascript,java
+
+      # Autobuild failed for Java, so building manually
+      - name: Set up JDK 17 and Caching maven dependencies
+        uses: actions/setup-java@v4
+        with:
+          distribution: "temurin"
+          java-version: "17"
+          cache: "maven"
+
+      # Java builds
+      - name: Build Backend
+        run: ./mvnw clean package
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v3

.gitignore

@@ -227,3 +227,4 @@ buildNumber.properties
 config/application-dev-*.yml
 .checkstyle
 config/*.jks
+/.idea/codeStyles/codeStyleConfig.xml

.mvn/wrapper/maven-wrapper.properties

@@ -15,3 +15,4 @@
 # specific language governing permissions and limitations
 # under the License.
 distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.9.6/apache-maven-3.9.6-bin.zip
+wrapperUrl=https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.2.0/maven-wrapper-3.2.0.jar

Dockerfile

@@ -1,12 +1,22 @@
 ### Builder
 FROM ghcr.io/graalvm/native-image:ol8-java17-22.3.3 AS build
 
+# Receiving app version
+ARG APP_VERSION=0.0.1
+
 # Copy
 WORKDIR /app
-COPY pom.xml mvnw ./
+COPY pom.xml ./
+COPY mvnw ./mvnw
 COPY src ./src
 COPY .mvn/ ./.mvn
 
+RUN chmod +x mvnw
+
+# Setting app version
+RUN ./mvnw versions:set -DnewVersion=${APP_VERSION} -f pom.xml -DskipTests -Dtests.skip=true -Dskip.unit.tests=true && \
+    ./mvnw versions:commit -f pom.xml -DskipTests -Dtests.skip=true -Dskip.unit.tests=true
+
 # Build
 RUN ./mvnw -Pnative native:compile
 
@@ -25,4 +35,4 @@ EXPOSE ${PORT}
 HEALTHCHECK CMD curl -f http://localhost:${PORT}/actuator/health | grep '"status":"UP"'
 
 # Startup
-ENTRYPOINT ["/app/nr-forest-client-api"]
+ENTRYPOINT ["/app/nr-forest-client-api","--spring.profiles.active=container"]