[DEVOPS-1751] Pipeline for publishing java sdk to gradle

[michalchecinski]

Type of change

- [ ] Bug fix
- [ ] New feature development
- [ ] Tech debt (refactoring, code cleanup, dependency upgrades, etc)
- [x] Build/deploy pipeline (DevOps)
- [ ] Other

Objective

Code changes

• .github/workflows/build-java.yml: Run build on rc and hotfix-rc and on PR. Change Publish task to package.
• .github/workflows/publish-java.yml Add Publish workflow
• .github/workflows/version-bump.yml Add Java SDK to version bump workflow
• languages/java/build.gradle Change name of the package to sdk-secrets. Add https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/ as repository to publish.

Before you submit

• Please add unit tests where it makes sense to do so

[github-actions]

Checkmarx One – Scan Summary & Details – ce1aa135-8a69-4008-8ca8-ed4226f20709

New Issues

Severity	Issue	Source File / Package	Checkmarx Insight
	Unpinned Actions Full Length Commit SHA	/version-bump.yml: 54	Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
	Unpinned Actions Full Length Commit SHA	/publish-java.yml: 60	Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...

Fixed Issues

Severity	Issue	Source File / Package
	Unpinned Actions Full Length Commit SHA	/version-bump.yml: 53

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 58.69%. Comparing base (37dc5d3) to head (9116ee0).

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #740   +/-   ##
=======================================
  Coverage   58.69%   58.69%           
=======================================
  Files         177      177           
  Lines       11501    11501           
=======================================
  Hits         6751     6751           
  Misses       4750     4750           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[mzieniukbw]

I don't think the intention was to make this Java sdk to be Secrets Manager specific.
See below for my other comments

[mzieniukbw]

i don't think we need the token here anymore

[michalchecinski]

Right! Good catch.

[mzieniukbw]

this is probably unsupported by this action, since it's more for setup of gradle, rather than execution.
You need a separate step like: (also there is no "package" in gradle, but there is "build"

    - name: Build Maven
      run: ./gradlew build

[michalchecinski]

Fixed 😃

[mzieniukbw]

We should publish with java docs (and optionally source code), maybe add:

java {
    withJavadocJar()
    withSourcesJar()
}

[mzieniukbw]

i though this sdk repo is not specific to secrets manager, but it's for everyone ?
I did not know the Bitwarden SDK / this repo is just for secrets manager, so this change make sense now.

[mimartin12]

Nothing from my side that @mzieniukbw hasn't already by brought up 👍

[mzieniukbw]

lgtm