Release/2023.11.13

.gitignore

@@ -34,3 +34,6 @@ integration.iml
 .settings/org.eclipse.core.resources.prefs
 .settings/org.eclipse.jdt.apt.core.prefs
 .settings/org.eclipse.jdt.core.prefs
+
+# Snyk Configs
+security-assistant.yml

bitbucket-pipelines.yml

@@ -0,0 +1,147 @@
+#  Pipeline for building and publishing msteams-jira-addon project
+image: atlassian/default-image:4
+
+options:
+  docker: true
+  size: 2x
+definitions:
+  services:
+    docker:
+      memory: 5000
+  steps:
+    - step: &dockerImage
+        name: Prepare custom Docker image
+        services:
+          - docker
+        caches:
+          - docker
+        script:
+          - pipe: atlassian/artifactory-sidekick:v1
+          - source .artifactory/activate.sh
+          - export IMG_TAG=docker.atl-paas.net/atlassian/netrunners/ubuntu-pwsh-mvn
+          - docker build --tag="$IMG_TAG" --file docker/Dockerfile .
+          - docker push "$IMG_TAG"
+    - step: &buildAndPack
+        name: Build package
+        image:
+          name: docker-proxy.services.atlassian.com/atlassian/netrunners/ubuntu-pwsh-mvn
+          username: netrunners
+          password: $PIPELINES_JWT_TOKEN
+        script:
+          - PACKAGE_VERSION=$(date +%Y.%m.%d)
+          - PACKAGE_ZIP_NAME=$PACKAGE_ZIP_NAME_PREFIX$PACKAGE_VERSION
+          # Remove internal servlets
+          - rm ./src/main/java/com/microsoft/teams/servlets/TeamsAtlasUserServlet.java;
+          - rm ./src/test/java/com/microsoft/teams/servlets/TeamsAtlasUserServletTest.java
+          - xmlstarlet edit -L -d "/atlassian-plugin/servlet[@key='test']" src/main/resources/atlassian-plugin.xml
+          # Replace ArtifactId Value
+          - xmlstarlet edit -L -N s=http://maven.apache.org/POM/4.0.0 -u "/s:project/s:artifactId" -v $PACKAGE_NAME pom.xml
+          - echo "`xmlstarlet sel -N s=http://maven.apache.org/POM/4.0.0 -t -v "/s:project/s:artifactId" pom.xml`"
+          # Replace Version Value
+          - xmlstarlet edit -L -N s=http://maven.apache.org/POM/4.0.0 -u "/s:project/s:version" -v $PACKAGE_VERSION pom.xml
+          - echo "`xmlstarlet sel -N s=http://maven.apache.org/POM/4.0.0 -t -v "/s:project/s:version" pom.xml`"
+          # Replace FinalName Value
+          - xmlstarlet edit -L -N s=http://maven.apache.org/POM/4.0.0 -u "/s:project/s:build/s:finalName" -v $PACKAGE_NAME-$PACKAGE_VERSION pom.xml
+          - echo "`xmlstarlet sel -N s=http://maven.apache.org/POM/4.0.0 -t -v "/s:project/s:build/s:finalName" pom.xml`"
+          # Replace ProjectName Value
+          - xmlstarlet edit -L -N s=http://maven.apache.org/POM/4.0.0 -u "/s:project/s:name" -v "$PROJECT_NAME" pom.xml
+          - echo "`xmlstarlet sel -N s=http://maven.apache.org/POM/4.0.0 -t -v "/s:project/s:name" pom.xml`"
+          # Run a powershell script
+          - pwsh ./setEnvironmentProperties.ps1 "src/main/resources/integration.properties" $APP_ID $PACKAGE_NAME "$APP_URL/JiraGateway?atlasId=%s&atlasUrl=%s&pluginVersion=%s" $PACKAGE_VERSION $APP_URL
+          - cat src/main/resources/integration.properties
+          # Build package
+          - atlas-mvn -B package --file pom.xml
+          # Zip package
+          - pushd target; zip ./../$PACKAGE_ZIP_NAME.zip $PACKAGE_NAME-$PACKAGE_VERSION.jar; popd
+        artifacts:
+          - RefAppAddon.*.zip
+    - step: &buildAndTest
+          name: Build & test
+          image:
+            name: docker-proxy.services.atlassian.com/atlassian/netrunners/ubuntu-pwsh-mvn
+            username: netrunners
+            password: $PIPELINES_JWT_TOKEN
+          script:
+            # Build package and run tests
+            - atlas-mvn test
+    - step: &createTag
+        name: Create tag
+        script:
+          - TAG_NAME=$(date +%Y.%m.%d)
+          - echo "Creating new tag ${TAG_NAME}"
+          - git tag -am "Tag ${TAG_NAME}" $TAG_NAME
+          - git push origin $TAG_NAME
+    - step: &snyk-scan
+        name: Run Snyk scan
+        image:
+          name: docker-proxy.services.atlassian.com/atlassian/netrunners/ubuntu-pwsh-mvn
+          username: netrunners
+          password: $PIPELINES_JWT_TOKEN
+        script:
+          - pipe: atlassian/artifactory-sidekick:v1
+          - source .artifactory/activate.sh
+          # Build package and skip tests
+          - atlas-mvn package -DskipTests
+          # Add mvn to PATH
+          - export MAVEN_HOME=$(echo "`atlas-version`" | grep -oP '(?<=ATLAS Maven Home:\ )(.)+$')/bin
+          - export PATH=${PATH}:${MAVEN_HOME}
+          # Install Snyk
+          - npm install -g snyk
+          # Run Snyk monitor and skip all provided dependencies
+          - snyk monitor . -- -Dscope=runtime
+    - step: &pushToGithub
+        name: Push changes to Github repo
+        script:
+          - git remote add github [email protected]:atlassian-labs/msteams-jira-server-addon.git
+          - git push -u github ${BITBUCKET_BRANCH}
+          - git push github --follow-tags
+pipelines:
+  default:
+    - step:
+          <<: *dockerImage
+          condition:
+            changesets:
+              includePaths:
+                - 'docker/**'
+    - step: *buildAndTest
+  custom:
+    buildDockerImage:
+      - step:
+          *dockerImage
+    createNewTag:
+      - step:
+          *createTag
+    runSnyk:
+      - step: *snyk-scan
+  branches:
+    master:
+      - step:
+          <<: *buildAndPack
+          name: Build integration package
+          deployment: Integration
+      - step:
+          <<: *buildAndPack
+          name: Build staging package
+          deployment: Staging
+      - step:
+          <<: *buildAndPack
+          name: Build production package
+          deployment: Production
+    release/*:
+      - step:
+          <<: *buildAndPack
+          name: Build integration package
+          deployment: Integration
+      - step:
+          <<: *buildAndPack
+          name: Build staging package
+          deployment: Staging
+      - step:
+          <<: *buildAndPack
+          name: Build production package
+          deployment: Production
+      - step:
+          <<: *createTag
+          trigger: manual
+      - step:
+          <<: *pushToGithub

checkstyle/sun_checks.xml

@@ -0,0 +1,227 @@
+<?xml version="1.0"?>
+<!DOCTYPE module PUBLIC
+        "-//Checkstyle//DTD Checkstyle Configuration 1.3//EN"
+        "https://checkstyle.org/dtds/configuration_1_3.dtd">
+
+<!--
+
+  Checkstyle configuration that checks the sun coding conventions from:
+
+    - the Java Language Specification at
+      https://docs.oracle.com/javase/specs/jls/se11/html/index.html
+
+    - the Sun Code Conventions at https://www.oracle.com/technetwork/java/codeconvtoc-136057.html
+
+    - the Javadoc guidelines at
+      https://www.oracle.com/technetwork/java/javase/documentation/index-137868.html
+
+    - the JDK Api documentation https://docs.oracle.com/en/java/javase/11/
+
+    - some best practices
+
+  Checkstyle is very configurable. Be sure to read the documentation at
+  https://checkstyle.org (or in your downloaded distribution).
+
+  Most Checks are configurable, be sure to consult the documentation.
+
+  To completely disable a check, just comment it out or delete it from the file.
+  To suppress certain violations please review suppression filters.
+
+  Finally, it is worth reading the documentation.
+
+-->
+
+<module name="Checker">
+    <property name="charset" value="UTF-8" />
+    <module name="SuppressWarningsFilter" />
+
+    <!--
+        If you set the basedir property below, then all reported file
+        names will be relative to the specified directory. See
+        https://checkstyle.org/5.x/config.html#Checker
+
+        <property name="basedir" value="${basedir}"/>
+    -->
+    <property name="severity" value="error"/>
+
+    <property name="fileExtensions" value="java, properties, xml"/>
+
+    <!-- Excludes all 'module-info.java' files              -->
+    <!-- See https://checkstyle.org/config_filefilters.html -->
+    <module name="BeforeExecutionExclusionFileFilter">
+        <property name="fileNamePattern" value="module\-info\.java$"/>
+    </module>
+
+    <!-- https://checkstyle.org/config_filters.html#SuppressionFilter -->
+    <module name="SuppressionFilter">
+        <property name="file" value="${org.checkstyle.sun.suppressionfilter.config}"
+                  default="checkstyle-suppressions.xml" />
+        <property name="optional" value="true"/>
+    </module>
+
+    <!-- Checks that a package-info.java file exists for each package.     -->
+    <!-- See https://checkstyle.org/config_javadoc.html#JavadocPackage -->
+    <!--<module name="JavadocPackage"/>-->
+
+    <!-- Checks whether files end with a new line.                        -->
+    <!-- See https://checkstyle.org/config_misc.html#NewlineAtEndOfFile -->
+    <!--<module name="NewlineAtEndOfFile"/>-->
+
+    <!-- Checks that property files contain the same keys.         -->
+    <!-- See https://checkstyle.org/config_misc.html#Translation -->
+    <module name="Translation"/>
+
+    <!-- Checks for Size Violations.                    -->
+    <!-- See https://checkstyle.org/config_sizes.html -->
+    <module name="FileLength">
+        <property name="max" value="5000"/>
+    </module>
+    <!--<module name="LineLength">
+        <property name="max" value="120"/>
+        <property name="fileExtensions" value="java"/>
+    </module>-->
+
+    <!-- Checks for whitespace                               -->
+    <!-- See https://checkstyle.org/config_whitespace.html -->
+    <module name="FileTabCharacter"/>
+
+    <!-- Miscellaneous other checks.                   -->
+    <!-- See https://checkstyle.org/config_misc.html -->
+    <!--<module name="RegexpSingleline">
+        <property name="format" value="\s+$"/>
+        <property name="minimum" value="0"/>
+        <property name="maximum" value="0"/>
+        <property name="message" value="Line has trailing spaces."/>
+    </module>-->
+
+    <!-- Checks for Headers                                -->
+    <!-- See https://checkstyle.org/config_header.html   -->
+    <!-- <module name="Header"> -->
+    <!--   <property name="headerFile" value="${checkstyle.header.file}"/> -->
+    <!--   <property name="fileExtensions" value="java"/> -->
+    <!-- </module> -->
+
+    <module name="TreeWalker">
+        <module name="SuppressionCommentFilter"/>
+        <module name="SuppressWarningsHolder" />
+
+        <!-- Checks for Javadoc comments.                     -->
+        <!-- See https://checkstyle.org/config_javadoc.html -->
+        <module name="InvalidJavadocPosition"/>
+        <!--<module name="JavadocMethod"/>-->
+        <!--<module name="JavadocType"/>-->
+        <!--<module name="JavadocVariable"/>-->
+        <!--<module name="JavadocStyle"/>-->
+        <!--<module name="MissingJavadocMethod"/>-->
+
+        <!-- Checks for Naming Conventions.                  -->
+        <!-- See https://checkstyle.org/config_naming.html -->
+        <!--<module name="ConstantName"/>-->
+        <!--<module name="LocalFinalVariableName"/>-->
+        <!--<module name="LocalVariableName"/>-->
+        <!--<module name="MemberName"/>-->
+        <!--<module name="MethodName"/>-->
+        <module name="PackageName"/>
+        <!--<module name="ParameterName"/>-->
+        <!--<module name="StaticVariableName"/>-->
+        <module name="TypeName"/>
+
+        <!-- Checks for imports                              -->
+        <!-- See https://checkstyle.org/config_import.html -->
+        <!--<module name="AvoidStarImport"/>-->
+        <module name="IllegalImport"/> <!-- defaults to sun.* packages -->
+        <module name="IllegalImport">
+            <property name="illegalPkgs" value="clover,org.jetbrains.annotations"/>
+        </module>
+        <module name="RedundantImport"/>
+        <module name="UnusedImports">
+            <property name="processJavadoc" value="true"/>
+        </module>
+
+        <!-- Checks for Size Violations.                    -->
+        <!-- See https://checkstyle.org/config_sizes.html -->
+        <!--<module name="MethodLength"/>-->
+        <!--<module name="ParameterNumber"/>-->
+
+        <!-- Checks for whitespace                               -->
+        <!-- See https://checkstyle.org/config_whitespace.html -->
+        <module name="EmptyForIteratorPad"/>
+        <module name="GenericWhitespace"/>
+        <module name="MethodParamPad"/>
+        <module name="NoWhitespaceAfter">
+            <!-- removes ARRAY_DECLARATOR from default -->
+            <property name="tokens" value="ARRAY_INIT, BNOT, DEC, DOT, INC, LNOT, UNARY_MINUS, UNARY_PLUS"/>
+        </module>
+        <module name="NoWhitespaceBefore"/>
+        <!--<module name="OperatorWrap"/>-->
+        <module name="ParenPad"/>
+        <module name="TypecastParenPad"/>
+        <module name="WhitespaceAfter"/>
+        <module name="WhitespaceAround">
+            <!-- removed these from default: GENERIC_START  GENERIC_END, WILDCARD_TYPE -->
+            <!-- TMP TODO remove ASSIGN because of use in annotation assignment -->
+            <!-- TMP TODO remove RCURLY becauuse of annotations like
+             @Consumes({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON})
+            -->
+            <!-- Tom Davies: removed LCURLY to allow empty interfaces, e.g.
+                interface Binder extends UiBinder<Widget, ChangesetDiscussionPanel> {}
+            -->
+            <property name="tokens" value="BAND, BAND_ASSIGN, BOR, BOR_ASSIGN, BSR, BSR_ASSIGN, BXOR, BXOR_ASSIGN, COLON, DIV, DIV_ASSIGN, EQUAL, GE, GT, LAND, LE, LITERAL_ASSERT, LITERAL_CATCH, LITERAL_DO, LITERAL_ELSE, LITERAL_FINALLY, LITERAL_FOR, LITERAL_IF, LITERAL_RETURN, LITERAL_SYNCHRONIZED, LITERAL_TRY, LITERAL_WHILE, LOR, LT, MINUS, MINUS_ASSIGN, MOD, MOD_ASSIGN, NOT_EQUAL, PLUS, PLUS_ASSIGN, QUESTION, SL, SLIST, SL_ASSIGN, SR, SR_ASSIGN, STAR, STAR_ASSIGN, TYPE_EXTENSION_AND"/>
+            <property name="allowEmptyLambdas" value="true"/>
+        </module>
+
+        <!-- Modifier Checks                                    -->
+        <!-- See https://checkstyle.org/config_modifiers.html -->
+        <module name="ModifierOrder"/>
+        <module name="RedundantModifier">
+            <property name="tokens" value="METHOD_DEF, VARIABLE_DEF, ANNOTATION_FIELD_DEF, INTERFACE_DEF, CLASS_DEF, ENUM_DEF"/>
+        </module>
+
+        <!-- Checks for blocks. You know, those {}'s         -->
+        <!-- See https://checkstyle.org/config_blocks.html -->
+        <!--<module name="AvoidNestedBlocks"/>-->
+        <module name="EmptyBlock">
+            <property name="option" value="text"/>
+        </module>
+        <module name="LeftCurly"/>
+        <module name="NeedBraces"/>
+        <module name="RightCurly"/>
+
+        <!-- Checks for common coding problems               -->
+        <!-- See https://checkstyle.org/config_coding.html -->
+        <module name="EmptyStatement"/>
+        <module name="EqualsHashCode"/>
+        <!--<module name="HiddenField"/>-->
+        <module name="IllegalInstantiation"/>
+        <!--<module name="InnerAssignment"/>-->
+        <!--<module name="MagicNumber"/>-->
+        <!--<module name="MissingSwitchDefault"/>-->
+        <module name="MultipleVariableDeclarations"/>
+        <module name="SimplifyBooleanExpression"/>
+        <!--<module name="SimplifyBooleanReturn"/>-->
+
+        <!-- Checks for class design                         -->
+        <!-- See https://checkstyle.org/config_design.html -->
+        <!--<module name="DesignForExtension"/>-->
+        <!--<module name="FinalClass"/>-->
+        <!--<module name="HideUtilityClassConstructor"/>-->
+        <!--<module name="InterfaceIsType"/>-->
+        <!--<module name="VisibilityModifier"/>-->
+
+        <!-- Miscellaneous other checks.                   -->
+        <!-- See https://checkstyle.org/config_misc.html -->
+        <module name="ArrayTypeStyle"/>
+        <!--<module name="FinalParameters"/>-->
+        <!--<module name="TodoComment"/>-->
+        <module name="UpperEll"/>
+
+        <!-- https://checkstyle.org/config_filters.html#SuppressionXpathFilter -->
+        <module name="SuppressionXpathFilter">
+            <property name="file" value="${org.checkstyle.sun.suppressionxpathfilter.config}"
+                      default="checkstyle-xpath-suppressions.xml" />
+            <property name="optional" value="true"/>
+        </module>
+
+    </module>
+
+</module>