2.1.0 Release (#35)

# Improvements
* Upgrade Kafka to 2.8.1
* Upgrade JCSMP to 10.12.0

# Bug fixes
* use ephemeral ports for test infrastructure setup (#29)
* obfuscate passwords (#30)
* Fix start error propagation (#32)
* Add `sol.message_processor.error.ignore` config option to discard messages that produce message processor errors (#33)
* Fixed Gradle `integrationTest` task and added `test` task

# Misc
* Add Dependabot
* Add Jacoco code coverage
* Add static code analysis tools (CodeQL, PMD, SpotBugs)
* Upload test results to Github Action

Author: Nephery

.github/dependabot.yml

@@ -0,0 +1,9 @@
+version: 2
+updates:
+  - package-ecosystem: "gradle"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    allow:
+      - dependency-name: "org.apache.kafka:*"
+      - dependency-name: "com.solacesystems:*"

.github/workflows/build-test.yml

@@ -7,20 +7,69 @@ on:
   push:
 
 jobs:
+  dupe_check:
+    name: Check for Duplicate Workflow Run
+    runs-on: ubuntu-latest
+    outputs:
+      should_skip: ${{ steps.skip_check.outputs.should_skip }}
+    steps:
+      - id: skip_check
+        uses: fkirc/skip-duplicate-actions@v3.4.0
+        with:
+          concurrent_skipping: same_content
+          do_not_skip: '["pull_request", "workflow_dispatch", "schedule"]'
+
   build:
+    needs:
+      - dupe_check
+    if: needs.dupe_check.outputs.should_skip != 'true' || (github.event_name == 'push' && github.ref == 'refs/heads/master' && github.repository_owner == 'SolaceProducts')
 
     runs-on: ubuntu-latest
 
     steps:
     - uses: actions/checkout@v2
-    - name: Setup JDK 1.8
-      uses: actions/setup-java@v1
       with:
-        java-version: 1.8
+        submodules: recursive
+
+    - name: Cache Gradle
+      uses: actions/cache@v2
+      with:
+        path: |
+          ~/.gradle/caches
+          ~/.gradle/wrapper
+        key: ${{ runner.os }}-gradle-build-test-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
+        restore-keys: |
+          ${{ runner.os }}-gradle-build-test-
+
+    - name: Setup JDK 8
+      uses: actions/setup-java@v2
+      with:
+        distribution: zulu
+        java-version: 8
+
+    - name: Validate Gradle wrapper
+      uses: gradle/wrapper-validation-action@v1
+
+    - name: Install Test Support
+      working-directory: solace-integration-test-support
+      run: ./mvnw clean install -DskipTests
+
     - name: Build and test with Gradle
-      run: ./gradlew clean integrationTest --tests com.solace.connector.kafka.connect.source.it.SourceConnectorIT
+      run: ./gradlew clean test integrationTest jacocoFullReport --info
+
+    - name: Upload Test Artifacts
+      if: always()
+      uses: actions/upload-artifact@v2
+      with:
+        name: Test Results
+        path: |
+          **/build/jacoco/*.exec
+          **/build/reports/
+          **/build/test-results/**/*.xml
+
     - name: Publish artifacts
-      if: github.event_name == 'push'
+      # Security Measure: Do not publish artifacts from dependabot builds
+      if: github.event_name == 'push' && (github.actor != 'dependabot[bot]' || !contains(github.ref, 'dependabot'))
       run: |
         if [ ${{ github.ref }} == 'refs/heads/master' ] && [ ${{ github.repository_owner }} == 'SolaceProducts' ] ; then
           echo "Using master on SolaceProducts"
@@ -56,4 +105,30 @@ jobs:
           git remote add origin-pages https://${{ secrets.GH_TOKEN }}@github.com/${{ github.repository }}.git > /dev/null 2>&1;
           git push --quiet --set-upstream origin-pages gh-pages;
           echo "Updated and pushed GH pages!";
-        fi        
+        fi
+
+    - name: Cleanup Gradle Cache
+      # Remove some files from the Gradle cache, so they aren't cached by GitHub Actions.
+      # Restoring these files from a GitHub Actions cache might cause problems for future builds.
+      run: |
+        rm -f ~/.gradle/caches/modules-2/modules-2.lock
+        rm -f ~/.gradle/caches/modules-2/gc.properties
+
+    - name: Publish Unit Test Results
+      if: github.actor != 'dependabot[bot]' || (github.event_name == 'push' && !contains(github.ref, 'dependabot'))
+      uses: EnricoMi/publish-unit-test-result-action@v1
+      continue-on-error: true
+      with:
+        check_name: Unit Test Results
+        comment_mode: create new
+        fail_on: nothing
+        hide_comments: orphaned commits
+        files: |
+          **/build/test-results/**/*.xml
+
+    - name: Publish Test Coverage Results
+      if: github.event_name == 'pull_request' && github.actor != 'dependabot[bot]' && github.event.pull_request.head.repo.full_name == github.repository
+      uses: madrapps/jacoco-report@v1.2
+      with:
+        paths: build/reports/jacoco/jacocoFullReport/jacocoFullReport.xml
+        token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,96 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "Code Analysis (CodeQL)"
+
+on:
+  push:
+  pull_request:
+  schedule:
+    - cron: '38 15 * * 0'
+  workflow_dispatch:
+
+jobs:
+  dupe_check:
+    name: Check for Duplicate Workflow Run
+    runs-on: ubuntu-latest
+    outputs:
+      should_skip: ${{ steps.skip_check.outputs.should_skip }}
+    steps:
+      - id: skip_check
+        uses: fkirc/skip-duplicate-actions@v3.4.0
+        with:
+          concurrent_skipping: same_content
+          do_not_skip: '["pull_request", "workflow_dispatch", "schedule"]'
+
+  analyze:
+    name: Analyze
+    needs:
+      - dupe_check
+    if: needs.dupe_check.outputs.should_skip != 'true'
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v2
+
+      - name: Cache Gradle
+        uses: actions/cache@v2
+        with:
+          path: |
+            ~/.gradle/caches
+            ~/.gradle/wrapper
+          key: ${{ runner.os }}-gradle-codeql-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
+          restore-keys: |
+            ${{ runner.os }}-gradle-codeql-
+
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v1
+        with:
+          languages: java
+          # If you wish to specify custom queries, you can do so here or in a config file.
+          # By default, queries listed here will override any specified in a config file.
+          # Prefix the list here with "+" to use these queries and those in the config file.
+          # queries: ./path/to/local/query, your-org/your-repo/queries@main
+
+      - name: Validate Gradle wrapper
+        uses: gradle/wrapper-validation-action@v1
+
+      # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+      # If this step fails, then you should remove it and run the build manually (see below)
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v1
+
+      # ℹ️ Command-line programs to run using the OS shell.
+      # 📚 https://git.io/JvXDl
+
+      # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+      #    and modify them (or add more) to build your code if your project
+      #    uses a compiled language
+
+      #- run: |
+      #   make bootstrap
+      #   make release
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v1
+
+      - name: Cleanup Gradle Cache
+        # Remove some files from the Gradle cache, so they aren't cached by GitHub Actions.
+        # Restoring these files from a GitHub Actions cache might cause problems for future builds.
+        run: |
+          rm -f ~/.gradle/caches/modules-2/modules-2.lock
+          rm -f ~/.gradle/caches/modules-2/gc.properties

.github/workflows/pmd-analysis.yml

@@ -0,0 +1,71 @@
+name: Code Analysis (PMD)
+
+on:
+  pull_request:
+  push:
+  workflow_dispatch:
+
+jobs:
+  dupe_check:
+    name: Check for Duplicate Workflow Run
+    runs-on: ubuntu-latest
+    outputs:
+      should_skip: ${{ steps.skip_check.outputs.should_skip }}
+    steps:
+      - id: skip_check
+        uses: fkirc/skip-duplicate-actions@v3.4.0
+        with:
+          concurrent_skipping: same_content
+          do_not_skip: '["pull_request", "workflow_dispatch", "schedule"]'
+
+  run-analysis:
+    name: Run PMD Static Code Analysis
+    needs:
+      - dupe_check
+    if: needs.dupe_check.outputs.should_skip != 'true'
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Cache Gradle
+        uses: actions/cache@v2
+        with:
+          path: |
+            ~/.gradle/caches
+            ~/.gradle/wrapper
+          key: ${{ runner.os }}-gradle-pmd-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
+          restore-keys: |
+            ${{ runner.os }}-gradle-pmd-
+
+      - name: Setup JDK 8
+        uses: actions/setup-java@v2
+        with:
+          distribution: zulu
+          java-version: 8
+
+      - name: Validate Gradle wrapper
+        uses: gradle/wrapper-validation-action@v1
+
+      - name: Run static code analysis
+        run: ./gradlew clean pmdMainSarif --info
+
+      - name: Upload Test Artifacts
+        if: always()
+        uses: actions/upload-artifact@v2
+        with:
+          name: Static Code Analysis Results (PMD)
+          path: |
+            **/build/reports/
+
+      - name: Upload SARIF file
+        if: success() || failure()
+        uses: github/codeql-action/upload-sarif@v1
+        with:
+          sarif_file: build/reports/pmd/main.sarif
+
+      - name: Cleanup Gradle Cache
+        # Remove some files from the Gradle cache, so they aren't cached by GitHub Actions.
+        # Restoring these files from a GitHub Actions cache might cause problems for future builds.
+        run: |
+          rm -f ~/.gradle/caches/modules-2/modules-2.lock
+          rm -f ~/.gradle/caches/modules-2/gc.properties

.github/workflows/spotbugs-analysis.yml

@@ -0,0 +1,71 @@
+name: Code Analysis (SpotBugs)
+
+on:
+  pull_request:
+  push:
+  workflow_dispatch:
+
+jobs:
+  dupe_check:
+    name: Check for Duplicate Workflow Run
+    runs-on: ubuntu-latest
+    outputs:
+      should_skip: ${{ steps.skip_check.outputs.should_skip }}
+    steps:
+      - id: skip_check
+        uses: fkirc/skip-duplicate-actions@v3.4.0
+        with:
+          concurrent_skipping: same_content
+          do_not_skip: '["pull_request", "workflow_dispatch", "schedule"]'
+
+  run-analysis:
+    name: Run SpotBugs Static Code Analysis
+    needs:
+      - dupe_check
+    if: needs.dupe_check.outputs.should_skip != 'true'
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Cache Gradle
+        uses: actions/cache@v2
+        with:
+          path: |
+            ~/.gradle/caches
+            ~/.gradle/wrapper
+          key: ${{ runner.os }}-gradle-spotbugs-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
+          restore-keys: |
+            ${{ runner.os }}-gradle-spotbugs-
+
+      - name: Setup JDK 8
+        uses: actions/setup-java@v2
+        with:
+          distribution: zulu
+          java-version: 8
+
+      - name: Validate Gradle wrapper
+        uses: gradle/wrapper-validation-action@v1
+
+      - name: Run static code analysis
+        run: ./gradlew clean spotbugsMain --info
+
+      - name: Upload Test Artifacts
+        if: always()
+        uses: actions/upload-artifact@v2
+        with:
+          name: Static Code Analysis Results (SpotBugs)
+          path: |
+            **/build/reports/
+
+      - name: Upload SARIF file
+        if: success() || failure()
+        uses: github/codeql-action/upload-sarif@v1
+        with:
+          sarif_file: build/reports/spotbugs/main.sarif
+
+      - name: Cleanup Gradle Cache
+        # Remove some files from the Gradle cache, so they aren't cached by GitHub Actions.
+        # Restoring these files from a GitHub Actions cache might cause problems for future builds.
+        run: |
+          rm -f ~/.gradle/caches/modules-2/modules-2.lock
+          rm -f ~/.gradle/caches/modules-2/gc.properties

.gitignore

@@ -36,5 +36,11 @@ local.properties
 *.launch
 /build/
 
+### IntelliJ
+.idea
+*.iws
+*.iml
+*.ipr
+
 # Unzipped test connector
 src/integrationTest/resources/pubsubplus-connector-kafka*/

.gitmodules

@@ -0,0 +1,3 @@
+[submodule "solace-integration-test-support"]
+	path = solace-integration-test-support
+	url = ../../SolaceDev/solace-integration-test-support.git