Features
Logging Parent aims to deliver the following features.
Parent POM
The provided parent POM features the following conveniences:
-
apache-rat-plugin
integration for license preamble verification -
log4j-changelog-maven-plugin
integration for changelog and release note management -
maven-enforcer-plugin
checks -
spotless-maven-plugin
integration for code formatting -
jacoco-maven-plugin
integration for test coverage analysis (optionalcoverage
profile) -
bnd-maven-plugin
integration for auto-generating OSGi and JPMS descriptors -
cyclonedx-maven-plugin integration for auto-generating Software Bill of Materials (SBOM)
-
Antora-based site generation
CycloneDX Software Bill of Materials (SBOM)
Logging Parent streamlines the generation of CycloneDX Software Bill of Materials (SBOM) using cyclonedx-maven-plugin.
Plugin execution is configured and activated to generate SBOM files for each module, including the root one.
Generated SBOM files are attached as artifacts with cyclonedx
classifier and XML extensions, that is, <artifactId>-<version>-cyclonedx.xml
.
Produced SBOMs are enriched with vulnerability-assertion
references to a CycloneDX Vulnerability Disclosure Report (VDR) that Apache Logging Services uses for all projects it maintains.
This VDR is accessible through the following URL: https://logging.apache.org/cyclonedx/vdr.xml
Reusable GitHub Actions workflows
The provided reusable GitHub Actions workflows feature the following conveniences:
build-reusable.yaml
-
-
Compiles against Java 8 bytecode using the specified Java compiler version
-
Verifies reproducibility
-
deploy-release-reusable.yaml
-
-
Deploys release artifacts
-
Updates
revision
andproject.build.outputTimestamp
Maven properties -
Generates the distribution ZIP containing Git-tracked sources, binary attachments,
NOTICE.txt
, etc. -
Generates the release vote & announcement emails
-
Uploads the distribution ZIP and emails to SVN
-
deploy-site-reusable.yaml
-
-
Builds and deploys the website
-
deploy-snapshot-reusable.yaml
-
-
Deploys SNAPSHOT artifacts
-
merge-dependabot-reusable.yaml
-
-
Merges
dependabot
PRs changelog entries
-