Merge branch 'main' into docs/linking-remote-data-ressources

Author: sven1103

.github/workflows/build_package.yml

@@ -2,6 +2,8 @@ name: Build Maven Package
 
 on:
   pull_request:
+    types:
+      - ready_for_review
   push:
     branches:
       - '**'

.github/workflows/codeql-analysis.yml

@@ -15,6 +15,9 @@ on:
   push:
     branches: [ main, master, development, release/*, hotfix/* ]
   pull_request:
+    types:
+      - opened
+      - ready_for_review
     # The branches below must be a subset of the branches above
     branches: [ main, master, development ]
   schedule:

.github/workflows/create-release.yml

@@ -8,14 +8,16 @@ on:
         required: true
 permissions:
   id-token: write # This is required for requesting the JWT
-  contents: read # This is required for actions/checkout
+  contents: write # This is required for branch creation
+  pull-requests: write # required for opening pull requests
   attestations: write   # required for provenance
 jobs:
   release:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
+
       - name: Set up JDK 21
         uses: actions/setup-java@v5
         with:
@@ -39,45 +41,16 @@ jobs:
             core.setSecret(token);
             console.log('OIDC token acquired. Length:', token.length);
 
-      - name: Set up git
-        run: |
-          git config --global user.email "support@qbic.zendesk.com"
-          git config --global user.name "JohnnyQ5"
-
       - name: Set version in Maven project
         run: mvn versions:set -DnewVersion=${{ github.event.inputs.versionTag }} -DprocessAllModules
 
       - name: Build with Maven
-        run: VAADIN_OFFLINE_KEY=${{ secrets.VAADIN_SERVER_23_2 }} mvn -B package -Pproduction -Dvaadin.force.production.build=true --file pom.xml
-
-      - name: Create Release Notes
-        if: ${{ !startsWith(github.ref, 'refs/tags/')
-          && !( contains(github.event.inputs.versionTag, 'alpha')
-          || contains(github.event.inputs.versionTag, 'beta')
-          || contains(github.event.inputs.versionTag, 'rc')) }}
-        uses: actions/github-script@v7
-        with:
-          github-token: ${{secrets.JOHNNY_Q5_REPORTS_TOKEN}}
-          script: |
-            await github.request(`POST /repos/${{ github.repository }}/releases`, {
-              tag_name: "${{ github.event.inputs.versionTag }}",
-              generate_release_notes: true
-            });
+        run: mvn -B package -Pproduction -Dvaadin.force.production.build=true --file pom.xml
 
-      - name: Create Pre-Release Notes
-        if: ${{ !startsWith(github.ref, 'refs/tags/')
-          && ( contains(github.event.inputs.versionTag, 'alpha')
-          || contains(github.event.inputs.versionTag, 'beta')
-          || contains(github.event.inputs.versionTag, 'rc')) }}
-        uses: actions/github-script@v7
-        with:
-          github-token: ${{secrets.JOHNNY_Q5_REPORTS_TOKEN}}
-          script: |
-            await github.request(`POST /repos/${{ github.repository }}/releases`, {
-              tag_name: "${{ github.event.inputs.versionTag }}",
-              generate_release_notes: true,
-              prerelease: true
-            });
+      - name: Create GitHub Release
+        run: gh release create ${{ github.event.inputs.versionTag }} --generate-notes --fail-on-no-commits
+        env:
+          GH_TOKEN: ${{ github.token }}
 
       # Generate provenance (SLSA attestation) for all JARs
       - name: Generate SLSA build provenance
@@ -91,25 +64,21 @@ jobs:
           MAVEN_REPO_USERNAME: ${{ secrets.NEXUS_USERNAME }}
           MAVEN_REPO_PASSWORD: ${{ secrets.NEXUS_PASSWORD }}
 
+      - name: Configure Git Credentials
+        run: |
+          git config user.name github-actions
+          git config user.email github-actions@github.com
+
       - name: Switch to new branch
         run: git checkout -b release/set-version-to-${{ github.event.inputs.versionTag }}
 
-      - name: Set remote branch
-        run: git push --set-upstream origin release/set-version-to-${{ github.event.inputs.versionTag }}
-
       - name: Checkin commit
         run: git commit . -m 'Set version to ${{ github.event.inputs.versionTag }}'
 
       - name: Push to Github
-        run: git push
+        run: git push --set-upstream origin release/set-version-to-${{ github.event.inputs.versionTag }}
 
       - name: Open PR with version bump
-        uses: actions/github-script@v7
-        with:
-          github-token: ${{secrets.JOHNNY_Q5_REPORTS_TOKEN}}
-          script: |
-            await github.request(`POST /repos/${{ github.repository }}/pulls`, {
-              title: 'Update version to ${{ github.event.inputs.versionTag }}',
-              head: 'release/set-version-to-${{ github.event.inputs.versionTag }}',
-              base: 'main'
-            });
+        run: gh pr create --base main --title "Update version to ${{ github.event.inputs.versionTag }}" --body "Updates the project version after a release to ${{ github.event.inputs.versionTag }}"
+        env:
+          GH_TOKEN: ${{ github.token }}

.github/workflows/run_tests.yml

@@ -2,6 +2,9 @@ name: Run Maven Tests
 
 on:
   pull_request:
+    types:
+      - opened
+      - ready_for_review
   push:
     branches:
       - '**'

application-commons/pom.xml

@@ -5,7 +5,7 @@
   <parent>
     <groupId>life.qbic.datamanager</groupId>
     <artifactId>datamanager</artifactId>
-    <version>1.11.0</version>
+    <version>1.12.7</version>
   </parent>
   <modelVersion>4.0.0</modelVersion>
   <artifactId>application-commons</artifactId>

broadcasting/pom.xml

@@ -5,7 +5,7 @@
   <parent>
     <groupId>life.qbic.datamanager</groupId>
     <artifactId>datamanager</artifactId>
-    <version>1.11.0</version>
+    <version>1.12.7</version>
   </parent>
   <modelVersion>4.0.0</modelVersion>
   <artifactId>broadcasting</artifactId>

datamanager-app/pom.xml

@@ -11,7 +11,7 @@
   <parent>
     <groupId>life.qbic.datamanager</groupId>
     <artifactId>datamanager</artifactId>
-    <version>1.11.0</version>
+    <version>1.12.7</version>
   </parent>
 
   <repositories>

datamanager-app/src/main/resources/application.properties

@@ -224,3 +224,11 @@ spring.messages.basename=messages.error-messages, messages.toast-notifications,
 # you always have to escape single quotes by another single quote ' -> ''
 # https://www.mscharhag.com/java/resource-bundle-single-quote-escaping for reference
 spring.messages.always-use-message-format=true
+###############################################################################
+################### Raw Data Sync #############################################
+# Batch size for each remote sync query iteration.
+# Reduce (e.g. to 200) during large backlog re-syncs to lower database lock contention.
+qbic.sync.raw-data.batch-size=${SYNC_RAW_DATA_BATCH_SIZE:1000}
+# Maximum wall-clock duration in milliseconds for a single scheduled sync job execution.
+# Must remain smaller than the ShedLock lockAtMostFor value (currently PT40S = 40000ms).
+qbic.sync.raw-data.max-duration-ms=${SYNC_RAW_DATA_MAX_DURATION_MS:10000}

datamanager-bom/pom.xml

@@ -5,7 +5,7 @@
 
   <groupId>life.qbic.datamanager</groupId>
   <artifactId>datamanager-bom</artifactId>
-  <version>1.11.0</version>
+  <version>1.12.7</version>
   <packaging>pom</packaging>
   <name>DataManager BOM</name>
   <description>Bill of Materials for DataManager artifacts</description>

domain-concept/pom.xml

@@ -6,7 +6,7 @@
   <parent>
     <groupId>life.qbic.datamanager</groupId>
     <artifactId>datamanager</artifactId>
-    <version>1.11.0</version>
+    <version>1.12.7</version>
   </parent>
 
   <artifactId>domain-concept</artifactId>