feat: move to the spring ecosystem

* use semantic release
* provide a docker image (using github actions)
* add .editorconfig

.editorconfig

@@ -0,0 +1,22 @@
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+indent_size = 4
+indent_style = space
+insert_final_newline = true
+trim_trailing_whitespace = true
+max_line_length = 160
+tab_width = 4
+
+[*.kt]
+ij_continuation_indent_size = 4
+ij_kotlin_class_annotation_wrap = split_into_lines
+ij_kotlin_field_annotation_wrap = split_into_lines
+ij_kotlin_method_annotation_wrap = split_into_lines
+ij_kotlin_parameter_annotation_wrap = split_into_lines
+ij_kotlin_variable_annotation_wrap = split_into_lines
+
+[{*.yaml, *.yml}]
+indent_size = 2

.github/dependabot.yml

@@ -4,3 +4,8 @@ updates:
     directory: "/"
     schedule:
       interval: "daily"
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"

.github/workflows/build.yml

@@ -0,0 +1,69 @@
+name: Build
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - main
+    paths:
+      - 'src/**'
+      - 'pom.xml'
+
+permissions:
+  # used by semantic release
+  contents: write
+  issues: write
+  pull-requests: write
+  # used to publish the docker image
+  packages: write
+  # used by trivy
+  security-events: write
+
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
+
+      - name: Set up JDK 11
+        uses: actions/setup-java@v3
+        with:
+          java-version: '11'
+          distribution: 'adopt'
+
+      - name: Cache Maven packages
+        uses: actions/cache@v3
+        with:
+          path: ~/.m2/repository
+          key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+          restore-keys: ${{ runner.os }}-maven-
+
+      - name: Run Tests
+        run: mvn -B -ntp verify
+
+      - name: Create new release
+        uses: cycjimmy/semantic-release-action@v3
+        with:
+          extra_plugins: |
+            @semantic-release/git
+            @semantic-release/exec
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Get Image Name
+        id: get-image-name
+        run: echo "::set-output name=image-name::$(mvn help:evaluate -Dexpression=image.name -q -DforceStdout)"
+
+      - name: Scan Docker Image for Vulnerabilities
+        uses: aquasecurity/[email protected]
+        with:
+          image-ref: ${{ steps.get-image-name.outputs.image-name }}
+          format: sarif
+          output: trivy-results.sarif
+
+      - name: Upload Trivy Results to GitHub Security Tab
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: trivy-results.sarif

.github/workflows/pull-request-lint.yml

@@ -0,0 +1,20 @@
+name: Lint Pull Request
+on:
+  pull_request_target:
+    types:
+      - opened
+      - edited
+      - synchronize
+
+permissions:
+  pull-requests: read
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: amannn/action-semantic-pull-request@v4
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          validateSingleCommit: true

.github/workflows/pull-request.yml

@@ -0,0 +1,33 @@
+name: Verify Pull Request
+on:
+  pull_request:
+    paths:
+      - 'src/**'
+      - 'pom.xml'
+
+permissions:
+  contents: read
+
+jobs:
+  verify:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
+
+      - name: Set up JDK 11
+        uses: actions/setup-java@v3
+        with:
+          java-version: '11'
+          distribution: 'adopt'
+
+      - name: Cache Maven packages
+        uses: actions/cache@v3
+        with:
+          path: ~/.m2/repository
+          key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+          restore-keys: ${{ runner.os }}-maven-
+
+      - name: Run tests
+        run: mvn -B -ntp verify

.gitignore

@@ -1,15 +1,10 @@
+HELP.md
 target/
 !.mvn/wrapper/maven-wrapper.jar
 !**/src/main/**/target/
 !**/src/test/**/target/
 
-### IntelliJ IDEA ###
-.idea/
-*.iws
-*.iml
-*.ipr
-
-### Eclipse ###
+### STS ###
 .apt_generated
 .classpath
 .factorypath
@@ -18,6 +13,12 @@ target/
 .springBeans
 .sts4-cache
 
+### IntelliJ IDEA ###
+.idea
+*.iws
+*.iml
+*.ipr
+
 ### NetBeans ###
 /nbproject/private/
 /nbbuild/

.releaserc.json

@@ -0,0 +1,28 @@
+{
+    "branches": [
+        "main"
+    ],
+    "plugins": [
+        "@semantic-release/commit-analyzer",
+        "@semantic-release/release-notes-generator",
+        [
+            "@semantic-release/exec",
+            {
+                "prepareCmd": "mvn -B -ntp versions:set -DgenerateBackupPoms=false -DnewVersion=${nextRelease.version}",
+                "publishCmd": "mvn -B -ntp -Ppublish-ghcr -DskipTests spring-boot:build-image"
+            }
+        ],
+        [
+            "@semantic-release/git",
+            {
+                "assets": [
+                    [
+                        "**/pom.xml",
+                        "!**/target/**/*"
+                    ]
+                ]
+            }
+        ],
+        "@semantic-release/github"
+    ]
+}