From ace7de5f0dc7a0191111376576353653d3e543cd Mon Sep 17 00:00:00 2001
From: Julian <82032362+jurosens@users.noreply.github.com>
Date: Wed, 23 Jun 2021 08:46:42 +0200
Subject: [PATCH 1/2] feat: specific name for shedlock table

---
 .../businessrule/config/ShedLockConfig.java   |  2 +-
 .../businessrule/entity/ShedlockEntity.java   |  2 +-
 src/main/resources/application.yml            |  2 +
 .../resources/db/changelog/init_tables.xml    |  8 ++--
 src/main/resources/static/context.json        | 41 +++++++++++++++++++
 5 files changed, 49 insertions(+), 6 deletions(-)
 create mode 100644 src/main/resources/static/context.json

diff --git a/src/main/java/eu/europa/ec/dgc/businessrule/config/ShedLockConfig.java b/src/main/java/eu/europa/ec/dgc/businessrule/config/ShedLockConfig.java
index f4424d2..765295f 100644
--- a/src/main/java/eu/europa/ec/dgc/businessrule/config/ShedLockConfig.java
+++ b/src/main/java/eu/europa/ec/dgc/businessrule/config/ShedLockConfig.java
@@ -41,7 +41,7 @@ public class ShedLockConfig {
     @Bean
     public LockProvider lockProvider(DataSource dataSource) {
         return new JdbcTemplateLockProvider(builder()
-            .withTableName("shedlock")
+            .withTableName("shedlock_br")
             .withJdbcTemplate(new JdbcTemplate(dataSource))
             .usingDbTime()
             .build()
diff --git a/src/main/java/eu/europa/ec/dgc/businessrule/entity/ShedlockEntity.java b/src/main/java/eu/europa/ec/dgc/businessrule/entity/ShedlockEntity.java
index ecd1022..926548f 100644
--- a/src/main/java/eu/europa/ec/dgc/businessrule/entity/ShedlockEntity.java
+++ b/src/main/java/eu/europa/ec/dgc/businessrule/entity/ShedlockEntity.java
@@ -29,7 +29,7 @@
 import javax.persistence.Table;
 
 @Entity
-@Table(name = "shedlock")
+@Table(name = "shedlock_br")
 public class ShedlockEntity {
 
     @Id
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
index 2b7f345..a3c5cce 100644
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -14,6 +14,8 @@ spring:
       ddl-auto: create
   liquibase:
     change-log: classpath:db/changelog.xml
+    database-change-log-table: BR_CHANGELOG
+    database-change-log-lock-table: BR_CHANGELOG_LOCK
   h2:
     console:
       enabled: true
diff --git a/src/main/resources/db/changelog/init_tables.xml b/src/main/resources/db/changelog/init_tables.xml
index ddf110b..cc5b192 100644
--- a/src/main/resources/db/changelog/init_tables.xml
+++ b/src/main/resources/db/changelog/init_tables.xml
@@ -35,9 +35,9 @@
         </createTable>
     </changeSet>
     <changeSet id="1624279656451-3" author="slaurenz (generated)">
-        <createTable tableName="shedlock">
+        <createTable tableName="shedlock_br">
             <column autoIncrement="true" name="id" type="BIGINT">
-                <constraints nullable="false" primaryKey="true" primaryKeyName="PK_SHEDLOCK"/>
+                <constraints nullable="false" primaryKey="true" primaryKeyName="PK_SHEDLOCK_BR"/>
             </column>
             <column name="name" type="VARCHAR(64)">
                 <constraints nullable="false"/>
@@ -65,7 +65,7 @@
         </createTable>
     </changeSet>
     <changeSet id="1624279656451-5" author="slaurenz (generated)">
-        <addUniqueConstraint columnNames="name" constraintName="UC_SHEDLOCK_NAME" tableName="shedlock"/>
+        <addUniqueConstraint columnNames="name" constraintName="UC_SHEDLOCK_BR_NAME" tableName="shedlock_br"/>
     </changeSet>
 
-</databaseChangeLog>
\ No newline at end of file
+</databaseChangeLog>
diff --git a/src/main/resources/static/context.json b/src/main/resources/static/context.json
new file mode 100644
index 0000000..646c89a
--- /dev/null
+++ b/src/main/resources/static/context.json
@@ -0,0 +1,41 @@
+{
+  "origin": "DE",
+  "versions": {
+    "default": {
+      "privacyUrl": "https://publications.europa.eu/en/web/about-us/legal-notices/eu-mobile-apps",
+      "context": {
+        "url": "https://issuance-dgca-test.cfapps.eu10.hana.ondemand.com/dgca-businessrule-service/context",
+        "pubKeys": [
+          "lKdU1EbQubxyDDm2q3N8KclZ2C94Num3xXjG0pk+3eI=",
+          "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="
+        ]
+      },
+      "endpoints": {
+        "rules": {
+          "url": "https://issuance-dgca-test.cfapps.eu10.hana.ondemand.com/dgca-businessrule-service/rules",
+          "pubKeys": [
+            "lKdU1EbQubxyDDm2q3N8KclZ2C94Num3xXjG0pk+3eI=",
+            "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="
+          ]
+        },
+        "countryList": {
+          "url": "https://issuance-dgca-test.cfapps.eu10.hana.ondemand.com/dgca-businessrule-service/countryList",
+          "pubKeys": [
+            "lKdU1EbQubxyDDm2q3N8KclZ2C94Num3xXjG0pk+3eI=",
+            "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="
+          ]
+        },
+        "valuesets": {
+          "url": "https://issuance-dgca-test.cfapps.eu10.hana.ondemand.com/dgca-businessrule-service/valuesets",
+          "pubKeys": [
+            "lKdU1EbQubxyDDm2q3N8KclZ2C94Num3xXjG0pk+3eI=",
+            "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="
+          ]
+        }
+      }
+    },
+    "0.1.0": {
+      "outdated": true
+    }
+  }
+}

From 5eb5310808805191688dd539813ebda142dd688b Mon Sep 17 00:00:00 2001
From: Julian <82032362+jurosens@users.noreply.github.com>
Date: Wed, 23 Jun 2021 08:53:52 +0200
Subject: [PATCH 2/2] feat: github actions and issue templates

---
 .github/ISSUE_TEMPLATE/01_bug.md             | 43 +++++++++
 .github/ISSUE_TEMPLATE/02_feature_request.md | 31 +++++++
 .github/ISSUE_TEMPLATE/03_enhancement.md     | 30 +++++++
 .github/ISSUE_TEMPLATE/04_question.md        | 20 +++++
 .github/workflows/ci-dependency-check.yml    | 40 +++++++++
 .github/workflows/ci-deploy.yml              | 37 ++++++++
 .github/workflows/ci-main.yml                | 56 ++++++++++++
 .github/workflows/ci-openapi.yml             | 67 ++++++++++++++
 .github/workflows/ci-pull-request.yml        | 38 ++++++++
 .github/workflows/ci-release-notes.yml       | 19 ++++
 .github/workflows/ci-release.yml             | 93 ++++++++++++++++++++
 .github/workflows/ci-sonar.yml               | 39 ++++++++
 12 files changed, 513 insertions(+)
 create mode 100644 .github/ISSUE_TEMPLATE/01_bug.md
 create mode 100644 .github/ISSUE_TEMPLATE/02_feature_request.md
 create mode 100644 .github/ISSUE_TEMPLATE/03_enhancement.md
 create mode 100644 .github/ISSUE_TEMPLATE/04_question.md
 create mode 100644 .github/workflows/ci-dependency-check.yml
 create mode 100644 .github/workflows/ci-deploy.yml
 create mode 100644 .github/workflows/ci-main.yml
 create mode 100644 .github/workflows/ci-openapi.yml
 create mode 100644 .github/workflows/ci-pull-request.yml
 create mode 100644 .github/workflows/ci-release-notes.yml
 create mode 100644 .github/workflows/ci-release.yml
 create mode 100644 .github/workflows/ci-sonar.yml

diff --git a/.github/ISSUE_TEMPLATE/01_bug.md b/.github/ISSUE_TEMPLATE/01_bug.md
new file mode 100644
index 0000000..0c12e2d
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/01_bug.md
@@ -0,0 +1,43 @@
+---
+name: "\U0001F6A8 Bug"
+about: Did you come across a bug or unexpected behaviour differing from the docs?
+labels: bug
+---
+
+<!--
+Thanks for reporting a bug!
+Before opening a new issue, please make sure that we do not have any duplicates already open. 
+You can ensure this by searching the issue list for this repository. 
+If there is a duplicate, please close your issue and add a comment to the existing issue instead.
+-->
+
+## Describe the bug
+
+<!-- Describe your issue, but please be descriptive! Thanks again -->
+
+## Expected behaviour
+
+<!-- A clear and concise description of what you expected to happen. -->
+
+## Steps to reproduce the issue
+
+<!-- include screenshots, logs, code or other info to help explain your problem -->
+
+<!--
+1. Go to '...'
+2. Click on '....'
+3. Scroll down to '....'
+4. See error
+-->
+
+## Technical details
+
+- Host Machine OS (Windows/Linux/Mac):
+
+## Possible Fix
+
+<!-- Not obligatory, but suggest a fix or reason for the bug -->
+
+## Additional context
+
+<!-- Add any other context about the problem here. -->
diff --git a/.github/ISSUE_TEMPLATE/02_feature_request.md b/.github/ISSUE_TEMPLATE/02_feature_request.md
new file mode 100644
index 0000000..ad11b6b
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/02_feature_request.md
@@ -0,0 +1,31 @@
+---
+name: "\U0001F381 Feature Request"
+about: Do you have an idea for a new feature?
+labels: feature request
+---
+
+<!--
+Thanks for requesting a feature!
+Before opening a new issue, please make sure that we do not have any duplicates already open. 
+You can ensure this by searching the issue list for this repository. 
+If there is a duplicate, please close your issue and add a comment to the existing issue instead.
+-->
+
+## Feature description
+
+<!--
+Provide a detailed description of the feature or improvement you are proposing. 
+What specific solution would you like? What is the expected behaviour?
+Add any other context, screenshots, or code snippets about the feature request here as well.
+-->
+
+## Problem and motivation
+
+<!--
+Why is this change important to you? What is the problem this feature would solve? 
+How would you use it? How can it benefit other users?
+-->
+
+## Is this something you're interested in working on
+
+<!-- Yes or No -->
diff --git a/.github/ISSUE_TEMPLATE/03_enhancement.md b/.github/ISSUE_TEMPLATE/03_enhancement.md
new file mode 100644
index 0000000..bbdc3b7
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/03_enhancement.md
@@ -0,0 +1,30 @@
+---
+name: "\u23F1\uFE0F Enhancement"
+about: Do you have an idea for an enhancement?
+labels: enhancement
+---
+
+<!--
+Thanks for proposing an enhancement!
+Before opening a new issue, please make sure that we do not have any duplicates already open. 
+You can ensure this by searching the issue list for this repository. 
+If there is a duplicate, please close your issue and add a comment to the existing issue instead.
+-->
+
+## Current Implementation
+
+<!-- Describe or point to the current implementation that you would like to see improved -->
+
+## Suggested Enhancement
+
+<!-- 
+Outline the idea of your enhancement, by e.g., describing the algorithm you propose. 
+You can also create a Pull Request to outline your idea 
+-->
+
+## Expected Benefits
+
+<!-- 
+Summarize how your enhancement could aid the implementation (performance, readability, memory consumption, battery consumption, etc.). 
+Please also back up with measurements or give detailed explanations for reduced runtime, memory consumption, etc.
+-->
diff --git a/.github/ISSUE_TEMPLATE/04_question.md b/.github/ISSUE_TEMPLATE/04_question.md
new file mode 100644
index 0000000..2be9b92
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/04_question.md
@@ -0,0 +1,20 @@
+---
+name: "\U00002753 Question"
+about: If you have questions about pieces of the code or documentation for this component, please post them here.
+labels: question
+---
+
+<!--
+Thanks for submitting your question!
+Before opening a new issue, please make sure that we do not have any duplicates already open. 
+You can ensure this by searching the issue list for this repository. If there is a duplicate, please close your issue and add a comment to the existing issue instead. 
+Also, please, have a look at our FAQs and existing questions before opening a new question.
+-->
+
+## Your Question
+
+<!-- Include details about your question. -->
+
+* Source File:
+* Line(s):
+* Question:
diff --git a/.github/workflows/ci-dependency-check.yml b/.github/workflows/ci-dependency-check.yml
new file mode 100644
index 0000000..cdf7da4
--- /dev/null
+++ b/.github/workflows/ci-dependency-check.yml
@@ -0,0 +1,40 @@
+name: ci-dependency-check
+on:
+  schedule:
+    - cron: '0 1 * * 0' # Each Sunday at 01:00 UTC
+  push:
+    branches:
+      - main
+jobs:
+  build:
+    runs-on: ubuntu-20.04
+    steps:
+    - uses: actions/setup-java@v2
+      with:
+        java-version: 11
+        distribution: adopt
+    - uses: actions/checkout@v2
+      with:
+        fetch-depth: 0
+    - uses: actions/cache@v2
+      with:
+        path: |
+          ~/.m2/repository
+        key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
+    - name: version
+      run: |-
+        APP_SHA=$(git rev-parse --short ${GITHUB_SHA})
+        APP_LATEST_REV=$(git rev-list --tags --max-count=1)
+        APP_LATEST_TAG=$(git describe --tags ${APP_LATEST_REV} 2> /dev/null || echo 0.0.0)
+        echo "APP_VERSION=${APP_LATEST_TAG}-${APP_SHA}" >> ${GITHUB_ENV}
+    - name: mvn
+      run: |-
+        mvn dependency-check:check \
+        --batch-mode \
+        --file ./pom.xml \
+        --settings ./settings.xml \
+        --define app.packages.username="${APP_PACKAGES_USERNAME}" \
+        --define app.packages.password="${APP_PACKAGES_PASSWORD}" \
+      env:
+        APP_PACKAGES_USERNAME: ${{ github.actor }}
+        APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/ci-deploy.yml b/.github/workflows/ci-deploy.yml
new file mode 100644
index 0000000..f12998d
--- /dev/null
+++ b/.github/workflows/ci-deploy.yml
@@ -0,0 +1,37 @@
+name: ci-deploy
+on:
+  workflow_dispatch:
+    inputs:
+      version:
+        required: true
+        description: Version to deploy
+jobs:
+  deploy:
+    runs-on: ubuntu-20.04
+    environment: dev
+    env:
+      APP_VERSION: ${{ github.event.inputs.version }}
+    steps:
+    - name: cf setup
+      run: |-
+        curl -sL "https://packages.cloudfoundry.org/stable?release=${CF_RELEASE}&version=${CF_VERSION}" | \
+        sudo tar -zx -C /usr/local/bin
+      env:
+        CF_VERSION: 7.2.0
+        CF_RELEASE: linux64-binary
+    - name: cf push
+      run: |-
+        cf api ${CF_API}
+        cf auth
+        cf target -o ${CF_ORG} -s ${CF_SPACE}
+        cf push ${APP_NAME} --docker-image ${APP_IMAGE}:${APP_VERSION} --docker-username ${CF_DOCKER_USERNAME}
+      env:
+        APP_NAME: dgca-businessrule-service
+        APP_IMAGE: docker.pkg.github.com/${{ github.repository }}/dgca-businessrule-service
+        CF_API: ${{ secrets.CF_API }}
+        CF_ORG: ${{ secrets.CF_ORG }}
+        CF_SPACE: ${{ secrets.CF_SPACE }}
+        CF_USERNAME: ${{ secrets.CF_USERNAME }}
+        CF_PASSWORD: ${{ secrets.CF_PASSWORD }}
+        CF_DOCKER_USERNAME: ${{ secrets.CF_DOCKER_USERNAME }}
+        CF_DOCKER_PASSWORD: ${{ secrets.CF_DOCKER_PASSWORD }}
diff --git a/.github/workflows/ci-main.yml b/.github/workflows/ci-main.yml
new file mode 100644
index 0000000..ba2bbde
--- /dev/null
+++ b/.github/workflows/ci-main.yml
@@ -0,0 +1,56 @@
+name: ci-main
+on:
+  push:
+    branches:
+    - main
+jobs:
+  build:
+    runs-on: ubuntu-20.04
+    steps:
+    - uses: actions/setup-java@v2
+      with:
+        java-version: 11
+        distribution: adopt
+    - uses: actions/checkout@v2
+      with:
+        fetch-depth: 0
+    - uses: actions/cache@v2
+      with:
+        path: |
+          ~/.m2/repository
+        key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
+    - name: version
+      run: |-
+        APP_SHA=$(git rev-parse --short ${GITHUB_SHA})
+        APP_LATEST_REV=$(git rev-list --tags --max-count=1)
+        APP_LATEST_TAG=$(git describe --tags ${APP_LATEST_REV} 2> /dev/null || echo 0.0.0)
+        echo "APP_VERSION=${APP_LATEST_TAG}-${APP_SHA}" >> ${GITHUB_ENV}
+    - name: mvn
+      run: |-
+        mvn versions:set \
+        --batch-mode \
+        --file ./pom.xml \
+        --settings ./settings.xml \
+        --define newVersion="${APP_VERSION}"
+        mvn clean verify \
+        --batch-mode \
+        --file ./pom.xml \
+        --settings ./settings.xml \
+        --define app.packages.username="${APP_PACKAGES_USERNAME}" \
+        --define app.packages.password="${APP_PACKAGES_PASSWORD}"
+      env:
+        APP_PACKAGES_USERNAME: ${{ github.actor }}
+        APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
+    - name: docker
+      run: |-
+        echo "${APP_PACKAGES_PASSWORD}" | docker login "${APP_PACKAGES_URL}" \
+        --username "${APP_PACKAGES_USERNAME}" \
+        --password-stdin
+        docker build . \
+        --file ./Dockerfile \
+        --tag "${APP_PACKAGES_URL}:${APP_VERSION}"
+        docker push "${APP_PACKAGES_URL}:${APP_VERSION}"
+      env:
+        APP_PACKAGES_URL: docker.pkg.github.com/${{ github.repository }}/dgca-businessrule-service
+        APP_PACKAGES_USERNAME: ${{ github.actor }}
+        APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/ci-openapi.yml b/.github/workflows/ci-openapi.yml
new file mode 100644
index 0000000..af39673
--- /dev/null
+++ b/.github/workflows/ci-openapi.yml
@@ -0,0 +1,67 @@
+name: ci-openapi
+on:
+  workflow_dispatch:
+  release:
+    types:
+      - created
+jobs:
+  release:
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/setup-java@v2
+        with:
+          java-version: 11
+          distribution: adopt
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      - uses: actions/cache@v2
+        with:
+          path: |
+            ~/.m2/repository
+          key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
+      - name: version
+        run: >-
+          APP_SHA=$(git rev-parse --short ${GITHUB_SHA});
+          APP_TAG=${GITHUB_REF/refs\/tags\/}
+          APP_VERSION=${APP_TAG};
+          echo "APP_SHA=${APP_SHA}" >> ${GITHUB_ENV};
+          echo "APP_TAG=${APP_TAG}" >> ${GITHUB_ENV};
+          echo "APP_VERSION=${APP_VERSION}" >> ${GITHUB_ENV};
+      - name: mvn
+        run: >-
+          mvn versions:set
+          --batch-mode
+          --file ./pom.xml
+          --settings ./settings.xml
+          --define newVersion="${APP_VERSION}";
+          mvn clean verify
+          --batch-mode
+          --file ./pom.xml
+          --settings ./settings.xml
+          --define app.packages.username="${APP_PACKAGES_USERNAME}"
+          --define app.packages.password="${APP_PACKAGES_PASSWORD}";
+        env:
+          APP_PACKAGES_USERNAME: ${{ github.actor }}
+          APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
+      - name: Upload Artifact
+        uses: actions/upload-artifact@v2
+        with:
+          name: openapi.json
+          path: target/openapi.json
+      - name: Checkout OpenApi Doc Branch
+        uses: actions/checkout@v2
+        with:
+          ref: openapi-doc
+      - name: Delete existing openapi.json
+        run: rm -f openapi.json
+      - name: Download openapi.json
+        uses: actions/download-artifact@v2
+        with:
+          name: openapi.json
+      - name: Commit and Push changes
+        run: |
+          git config user.name github-actions
+          git config user.email github-actions@github.com
+          git commit -a --allow-empty -m "Update OpenAPI JSON"
+          git push
diff --git a/.github/workflows/ci-pull-request.yml b/.github/workflows/ci-pull-request.yml
new file mode 100644
index 0000000..980c831
--- /dev/null
+++ b/.github/workflows/ci-pull-request.yml
@@ -0,0 +1,38 @@
+name: ci-pull-request
+on:
+  pull_request:
+    types:
+    - opened
+    - synchronize
+    - reopened
+jobs:
+  build:
+    runs-on: ubuntu-20.04
+    steps:
+    - uses: actions/setup-java@v2
+      with:
+        java-version: 11
+        distribution: adopt
+    - uses: actions/checkout@v2
+      with:
+        fetch-depth: 0
+    - uses: actions/cache@v2
+      with:
+        path: |
+          ~/.m2/repository
+        key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
+    - name: mvn
+      run: |-
+        mvn clean package \
+        --batch-mode \
+        --file ./pom.xml \
+        --settings ./settings.xml \
+        --define app.packages.username="${APP_PACKAGES_USERNAME}" \
+        --define app.packages.password="${APP_PACKAGES_PASSWORD}"
+      env:
+        APP_PACKAGES_USERNAME: ${{ github.actor }}
+        APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
+    - name: docker
+      run: |-
+        docker build . \
+        --file ./Dockerfile
diff --git a/.github/workflows/ci-release-notes.yml b/.github/workflows/ci-release-notes.yml
new file mode 100644
index 0000000..c2de5b9
--- /dev/null
+++ b/.github/workflows/ci-release-notes.yml
@@ -0,0 +1,19 @@
+name: ci-release-notes
+on:
+  release:
+    types:
+    - created
+jobs:
+  release-notes:
+    runs-on: ubuntu-20.04
+    env:
+      APP_VERSION: ${{ github.event.release.tag_name }}
+    steps:
+    - uses: actions/checkout@v2
+      with:
+        fetch-depth: 0
+    - name: release-notes
+      run: npx github-release-notes release --override --tags ${APP_VERSION}
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        GREN_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml
new file mode 100644
index 0000000..62fe975
--- /dev/null
+++ b/.github/workflows/ci-release.yml
@@ -0,0 +1,93 @@
+name: ci-release
+on:
+  release:
+    types:
+    - created
+jobs:
+  build:
+    runs-on: ubuntu-20.04
+    env:
+      APP_VERSION: ${{ github.event.release.tag_name }}
+    steps:
+    - uses: actions/setup-java@v2
+      with:
+        java-version: 11
+        distribution: adopt
+    - uses: actions/checkout@v2
+      with:
+        fetch-depth: 0
+    - uses: actions/cache@v2
+      with:
+        path: |
+          ~/.m2/repository
+        key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
+    - name: mvn
+      run: |-
+        mvn versions:set \
+        --batch-mode \
+        --file ./pom.xml \
+        --settings ./settings.xml \
+        --define newVersion="${APP_VERSION}"
+        mvn clean deploy \
+        --batch-mode \
+        --file ./pom.xml \
+        --settings ./settings.xml \
+        --define app.packages.username="${APP_PACKAGES_USERNAME}" \
+        --define app.packages.password="${APP_PACKAGES_PASSWORD}"
+      env:
+        APP_PACKAGES_USERNAME: ${{ github.actor }}
+        APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
+    - name: docker
+      run: |-
+        echo "${APP_PACKAGES_PASSWORD}" | docker login "${APP_PACKAGES_URL}" \
+        --username "${APP_PACKAGES_USERNAME}" \
+        --password-stdin
+        docker build . \
+        --file ./Dockerfile \
+        --tag "${APP_PACKAGES_URL}:latest" \
+        --tag "${APP_PACKAGES_URL}:${APP_VERSION}"
+        docker push "${APP_PACKAGES_URL}:latest"
+        docker push "${APP_PACKAGES_URL}:${APP_VERSION}"
+      env:
+        APP_PACKAGES_URL: docker.pkg.github.com/${{ github.repository }}/dgca-businessrule-service
+        APP_PACKAGES_USERNAME: ${{ github.actor }}
+        APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
+    - name: assets
+      run: |-
+        gh release upload ${APP_VERSION} \
+        --clobber \
+        ./target/openapi.json#openapi-${APP_VERSION}.json \
+        ./target/generated-resources/licenses.xml#licenses-${APP_VERSION}.xml
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  deploy:
+    runs-on: ubuntu-20.04
+    environment: dev
+    needs:
+    - build
+    env:
+      APP_VERSION: ${{ github.event.release.tag_name }}
+    steps:
+    - name: cf setup
+      run: |-
+        curl -sL "https://packages.cloudfoundry.org/stable?release=${CF_RELEASE}&version=${CF_VERSION}" | \
+        sudo tar -zx -C /usr/local/bin
+      env:
+        CF_VERSION: 7.2.0
+        CF_RELEASE: linux64-binary
+    - name: cf push
+      run: |-
+        cf api ${CF_API}
+        cf auth
+        cf target -o ${CF_ORG} -s ${CF_SPACE}
+        cf push ${APP_NAME} --docker-image ${APP_IMAGE}:${APP_VERSION} --docker-username ${CF_DOCKER_USERNAME}
+      env:
+        APP_NAME: dgca-businessrule-service
+        APP_IMAGE: docker.pkg.github.com/${{ github.repository }}/dgca-businessrule-service
+        CF_API: ${{ secrets.CF_API }}
+        CF_ORG: ${{ secrets.CF_ORG }}
+        CF_SPACE: ${{ secrets.CF_SPACE }}
+        CF_USERNAME: ${{ secrets.CF_USERNAME }}
+        CF_PASSWORD: ${{ secrets.CF_PASSWORD }}
+        CF_DOCKER_USERNAME: ${{ secrets.CF_DOCKER_USERNAME }}
+        CF_DOCKER_PASSWORD: ${{ secrets.CF_DOCKER_PASSWORD }}
diff --git a/.github/workflows/ci-sonar.yml b/.github/workflows/ci-sonar.yml
new file mode 100644
index 0000000..f278a1e
--- /dev/null
+++ b/.github/workflows/ci-sonar.yml
@@ -0,0 +1,39 @@
+name: ci-sonar
+on:
+  push:
+    branches:
+    - main
+  pull_request:
+    types:
+    - opened
+    - synchronize
+    - reopened
+jobs:
+  sonar:
+    runs-on: ubuntu-20.04
+    steps:
+    - uses: actions/setup-java@v2
+      with:
+        java-version: 11
+        distribution: adopt
+    - uses: actions/checkout@v2
+      with:
+        fetch-depth: 0
+    - uses: actions/cache@v2
+      with:
+        path: |
+          ~/.m2/repository
+        key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
+    - name: mvn
+      run: |-
+        mvn verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar \
+        --batch-mode \
+        --file ./pom.xml \
+        --settings ./settings.xml \
+        --define app.packages.username="${APP_PACKAGES_USERNAME}" \
+        --define app.packages.password="${APP_PACKAGES_PASSWORD}"
+      env:
+        SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        APP_PACKAGES_USERNAME: ${{ github.actor }}
+        APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}