From c920028bd0ba022a4a72710fb591b41382d0bf8e Mon Sep 17 00:00:00 2001
From: Ramon Petgrave <ramon.petgrave64@gmail.com>
Date: Wed, 24 Jul 2024 21:22:41 +0000
Subject: [PATCH 1/4] explitly add maven-plugin-plugin to slsa-hashing-plugin

Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
---
 actions/maven/publish/slsa-hashing-plugin/pom.xml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/actions/maven/publish/slsa-hashing-plugin/pom.xml b/actions/maven/publish/slsa-hashing-plugin/pom.xml
index bcb90123e2..bf0a12535e 100644
--- a/actions/maven/publish/slsa-hashing-plugin/pom.xml
+++ b/actions/maven/publish/slsa-hashing-plugin/pom.xml
@@ -16,6 +16,16 @@
         <maven.compiler.source>1.8</maven.compiler.source>
     </properties>
 
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-plugin-plugin</artifactId>
+                <version>3.13.1</version>
+            </plugin>
+        </plugins>
+    </build>
+
     <dependencies>
         <dependency>
             <groupId>org.apache.maven</groupId>

From 18beeb3df99567e2e26842bf1332c42a6156b8c9 Mon Sep 17 00:00:00 2001
From: Ramon Petgrave <ramon.petgrave64@gmail.com>
Date: Wed, 24 Jul 2024 21:29:45 +0000
Subject: [PATCH 2/4] add maven e2e

Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
---
 .github/workflows/pre-submit.e2e.maven.yml    |  57 ++++++
 e2e/README.md                                 |   3 +
 e2e/maven/workflow_dispatch/pom.xml           | 163 ++++++++++++++++++
 .../src/main/java/hello/Greeter.java          |   7 +
 .../src/main/java/hello/HelloWorld.java       |   8 +
 5 files changed, 238 insertions(+)
 create mode 100644 .github/workflows/pre-submit.e2e.maven.yml
 create mode 100644 e2e/README.md
 create mode 100644 e2e/maven/workflow_dispatch/pom.xml
 create mode 100644 e2e/maven/workflow_dispatch/src/main/java/hello/Greeter.java
 create mode 100644 e2e/maven/workflow_dispatch/src/main/java/hello/HelloWorld.java

diff --git a/.github/workflows/pre-submit.e2e.maven.yml b/.github/workflows/pre-submit.e2e.maven.yml
new file mode 100644
index 0000000000..92e23ccc48
--- /dev/null
+++ b/.github/workflows/pre-submit.e2e.maven.yml
@@ -0,0 +1,57 @@
+# Copyright 2023 SLSA Authors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+name: pre-submit e2e maven
+
+on:
+  # builder_maven_slsa3.yml relies on .github/actions/verify-token, which does not support merge_group and pull_request events.
+  push:
+  workflow_dispatch:
+
+permissions: read-all
+
+env:
+  GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+jobs:
+  build:
+    permissions:
+      id-token: write # For signing.
+      contents: read # For repo checkout of private repos.
+      actions: read # For getting workflow run on private repos.
+    uses: slsa-framework/slsa-github-generator/.github/workflows/builder_maven_slsa3.yml@main
+    with:
+      directory: ./e2e/maven/workflow_dispatch
+
+  verify:
+    runs-on: ubuntu-latest
+    needs: [build]
+    steps:
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - uses: slsa-framework/slsa-github-generator/actions/maven/secure-download-attestations@main
+        with:
+          name: "${{ needs.build.outputs.provenance-download-name }}"
+          sha256: "${{ needs.build.outputs.provenance-download-sha256 }}"
+          path: ./
+      - uses: slsa-framework/slsa-github-generator/actions/maven/secure-download-target@main
+        with:
+          name: "${{ needs.build.outputs.target-download-name }}"
+          sha256: "${{ needs.build.outputs.target-download-sha256 }}"
+          path: ./
+      - uses: slsa-framework/slsa-verifier/actions/installer@v2.6.0
+      - name: Verify artifact
+        env:
+          PROVENANCE_PATH: ${{ needs.build.outputs.provenance-download-name }}
+          TARGET_PATH: ${{ needs.build.outputs.target-download-name }}
+        run: slsa-verifier verify-artifact "$TARGET_PATH" --provenance-path "$PROVENANCE_PATH"
diff --git a/e2e/README.md b/e2e/README.md
new file mode 100644
index 0000000000..09531bd576
--- /dev/null
+++ b/e2e/README.md
@@ -0,0 +1,3 @@
+# E2E Tests
+
+This folder contains test data for some end-to-end (E2E) tests.
\ No newline at end of file
diff --git a/e2e/maven/workflow_dispatch/pom.xml b/e2e/maven/workflow_dispatch/pom.xml
new file mode 100644
index 0000000000..ce94d1dc40
--- /dev/null
+++ b/e2e/maven/workflow_dispatch/pom.xml
@@ -0,0 +1,163 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
+   <modelVersion>4.0.0</modelVersion>
+   <groupId>io.github.adamkorcz</groupId>
+   <artifactId>test-java-project</artifactId>
+   <version>1.21.96</version>
+   <packaging>jar</packaging>
+   <name>Adams test java project</name>
+   <description>A test java project.</description>
+   <url>https://github.com/AdamKorcz/test-java-project</url>
+   <properties>
+      <maven.compiler.source>1.8</maven.compiler.source>
+      <maven.compiler.target>1.8</maven.compiler.target>
+   </properties>
+   <distributionManagement>
+      <snapshotRepository>
+         <id>ossrh</id>
+         <url>https://s01.oss.sonatype.org/content/repositories/snapshots</url>
+      </snapshotRepository>
+      <repository>
+         <id>ossrh</id>
+         <url>https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/</url>
+      </repository>
+   </distributionManagement>
+   <licenses>
+      <license>
+         <name>MIT License</name>
+         <url>http://www.opensource.org/licenses/mit-license.php</url>
+      </license>
+   </licenses>
+   <developers>
+      <developer>
+         <name>Adam K</name>
+         <email>Adam@adalogics.com</email>
+         <organization>Ada Logics</organization>
+         <organizationUrl>http://www.adalogics.com</organizationUrl>
+      </developer>
+   </developers>
+   <scm>
+      <connection>scm:git:git://github.com/adamkorcz/test-java-project.git</connection>
+      <developerConnection>scm:git:ssh://github.com:simpligility/test-java-project.git</developerConnection>
+      <url>http://github.com/adamkorcz/test-java-project/tree/main</url>
+   </scm>
+   <build>
+      <plugins>
+         <plugin>
+            <groupId>org.apache.maven.plugins</groupId>
+            <artifactId>maven-source-plugin</artifactId>
+            <version>3.3.1</version>
+            <executions>
+               <execution>
+                  <id>attach-sources</id>
+                  <phase>package</phase>
+                  <goals>
+                     <goal>jar-no-fork</goal>
+                  </goals>
+               </execution>
+            </executions>
+         </plugin>
+         <plugin>
+            <groupId>org.apache.maven.plugins</groupId>
+            <artifactId>maven-javadoc-plugin</artifactId>
+            <version>3.6.3</version>
+            <configuration>
+               <javadocExecutable>${java.home}/bin/javadoc</javadocExecutable>
+            </configuration>
+            <executions>
+               <execution>
+                  <id>attach-javadocs</id>
+                  <goals>
+                     <goal>jar</goal>
+                  </goals>
+               </execution>
+            </executions>
+         </plugin>
+         <plugin>
+            <groupId>org.apache.maven.plugins</groupId>
+            <artifactId>maven-shade-plugin</artifactId>
+            <version>3.5.1</version>
+            <executions>
+               <execution>
+                  <phase>package</phase>
+                  <goals>
+                     <goal>shade</goal>
+                  </goals>
+                  <configuration>
+                     <transformers>
+                        <transformer implementation="org.apache.maven.plugins.shade.resource.ManifestResourceTransformer">
+                           <mainClass>hello.HelloWorld</mainClass>
+                        </transformer>
+                     </transformers>
+                  </configuration>
+               </execution>
+            </executions>
+         </plugin>
+         <plugin>
+            <groupId>org.sonatype.plugins</groupId>
+            <artifactId>nexus-staging-maven-plugin</artifactId>
+            <version>1.6.13</version>
+            <extensions>true</extensions>
+            <configuration>
+               <serverId>ossrh</serverId>
+               <nexusUrl>https://s01.oss.sonatype.org/</nexusUrl>
+               <autoReleaseAfterClose>false</autoReleaseAfterClose>
+            </configuration>
+         </plugin>
+         <plugin>
+            <groupId>org.apache.maven.plugins</groupId>
+            <artifactId>maven-gpg-plugin</artifactId>
+            <version>3.1.0</version>
+            <executions>
+               <execution>
+                  <id>sign-artifacts</id>
+                  <phase>verify</phase>
+                  <goals>
+                     <goal>sign</goal>
+                  </goals>
+               </execution>
+            </executions>
+            <configuration>
+               <gpgArguments>
+                  <argument>--pinentry-mode</argument>
+                  <argument>loopback</argument>
+               </gpgArguments>
+            </configuration>
+         </plugin>
+         <plugin>
+            <groupId>org.apache.maven.plugins</groupId>
+            <artifactId>maven-deploy-plugin</artifactId>
+            <version>3.1.2</version>
+            <executions>
+              <execution>
+                  <id>deploy-file</id>
+                  <phase>deploy</phase>
+                  <goals>
+                      <goal>deploy-file</goal>
+                  </goals>
+                  <configuration>
+                      <file>textfile.txt</file>
+                      <url>https://s01.oss.sonatype.org/</url>
+                      <repositoryId>io.github.adamkorcz</repositoryId>
+                  </configuration>
+              </execution>
+          </executions>
+         </plugin>         
+         <plugin>
+             <groupId>io.github.slsa-framework.slsa-github-generator</groupId>
+             <artifactId>hash-maven-plugin</artifactId>
+             <version>0.0.1</version>
+             <executions>
+                 <execution>
+                     <goals>
+                         <goal>hash-jarfile</goal>
+                     </goals>
+                 </execution>
+             </executions>
+             <configuration>
+                 <outputJsonPath>${SLSA_OUTPUTS_ARTIFACTS_FILE}</outputJsonPath>
+             </configuration>
+         </plugin>
+      </plugins>
+   </build>
+</project>
diff --git a/e2e/maven/workflow_dispatch/src/main/java/hello/Greeter.java b/e2e/maven/workflow_dispatch/src/main/java/hello/Greeter.java
new file mode 100644
index 0000000000..f92a442354
--- /dev/null
+++ b/e2e/maven/workflow_dispatch/src/main/java/hello/Greeter.java
@@ -0,0 +1,7 @@
+package hello;
+
+public class Greeter {
+  public String sayHello() {
+    return "Hello world!";
+  }
+}
diff --git a/e2e/maven/workflow_dispatch/src/main/java/hello/HelloWorld.java b/e2e/maven/workflow_dispatch/src/main/java/hello/HelloWorld.java
new file mode 100644
index 0000000000..1626b45cbd
--- /dev/null
+++ b/e2e/maven/workflow_dispatch/src/main/java/hello/HelloWorld.java
@@ -0,0 +1,8 @@
+package hello;
+
+public class HelloWorld {
+  public static void main(String[] args) {
+    Greeter greeter = new Greeter();
+    System.out.println(greeter.sayHello());
+  }
+}

From 7af2de29b31b9b0f5bf730a8138a419dcae06887 Mon Sep 17 00:00:00 2001
From: Ramon Petgrave <ramon.petgrave64@gmail.com>
Date: Wed, 24 Jul 2024 21:36:48 +0000
Subject: [PATCH 3/4] lint

Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
---
 e2e/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/e2e/README.md b/e2e/README.md
index 09531bd576..99f7cbb53a 100644
--- a/e2e/README.md
+++ b/e2e/README.md
@@ -1,3 +1,3 @@
 # E2E Tests
 
-This folder contains test data for some end-to-end (E2E) tests.
\ No newline at end of file
+This folder contains test data for some end-to-end (E2E) tests.

From a804574c6edcbbbb2fc5782c9a71d532f64ac147 Mon Sep 17 00:00:00 2001
From: Ramon Petgrave <ramon.petgrave64@gmail.com>
Date: Wed, 24 Jul 2024 21:37:01 +0000
Subject: [PATCH 4/4] explicit maven-plugin-plugin in e2e

Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
---
 e2e/maven/workflow_dispatch/pom.xml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/e2e/maven/workflow_dispatch/pom.xml b/e2e/maven/workflow_dispatch/pom.xml
index ce94d1dc40..fe51de5d89 100644
--- a/e2e/maven/workflow_dispatch/pom.xml
+++ b/e2e/maven/workflow_dispatch/pom.xml
@@ -43,6 +43,11 @@
    </scm>
    <build>
       <plugins>
+         <plugin>
+            <groupId>org.apache.maven.plugins</groupId>
+            <artifactId>maven-plugin-plugin</artifactId>
+            <version>3.13.1</version>
+         </plugin>
          <plugin>
             <groupId>org.apache.maven.plugins</groupId>
             <artifactId>maven-source-plugin</artifactId>