Merge branch 'main' into gh-3774-cors-configuration-on-redis-refresh

Author: PeterMue

.github/CONTRIBUTING.md

@@ -16,7 +16,7 @@ author credit if we do.  Active contributors might be asked to join the core tea
 given the ability to merge pull requests.
 
 ## Code of Conduct
-This project adheres to the Contributor Covenant [Code of conduct](https://github.com/spring-cloud/spring-cloud-build/blob/master/docs/src/main/asciidoc/code-of-conduct.adoc). By participating, you  are expected to uphold this code. Please report
+This project adheres to the Contributor Covenant [Code of conduct](https://github.com/spring-cloud/spring-cloud-build/blob/main/docs/modules/ROOT/partials/code-of-conduct.adoc). By participating, you  are expected to uphold this code. Please report
 unacceptable behavior to [email protected].
 
 ## Code Conventions and Housekeeping
@@ -41,4 +41,4 @@ added after the original pull request but before a merge.
   other target branch in the main project).
 * When writing a commit message please follow [these conventions](https://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html),
   if you are fixing an existing issue please add `Fixes gh-XXXX` at the end of the commit
-  message (where XXXX is the issue number).
+  message (where XXXX is the issue number).

.github/dependabot.yml

@@ -1,15 +1,10 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
 version: 2
 updates:
-  - package-ecosystem: "github-actions"
-    directory: "/"
-    target-branch: "3.1.x" # oldest OSS supported branch
-    schedule:
-      interval: "weekly"
-  - package-ecosystem: "github-actions"
-    directory: "/"
-    target-branch: "4.0.x" # oldest OSS supported branch
-    schedule:
-      interval: "weekly"
   - package-ecosystem: "github-actions"
     directory: "/"
     target-branch: "main"
@@ -19,31 +14,35 @@ updates:
     directory: /
     schedule:
       interval: daily
-    target-branch: 3.1.x
+    target-branch: main
     ignore:
-      # only upgrade patch versions for maintenance branch
+      # only upgrade by minor or patch
       - dependency-name: "*"
         update-types:
           - version-update:semver-major
-          - version-update:semver-minor
   - package-ecosystem: maven
     directory: /
     schedule:
       interval: daily
-    target-branch: 4.0.x
+    target-branch: 4.1.x
     ignore:
-      # only upgrade patch versions for maintenance branch
+      # only upgrade by minor or patch
       - dependency-name: "*"
         update-types:
           - version-update:semver-major
           - version-update:semver-minor
-  - package-ecosystem: maven
+  - package-ecosystem: npm
+    target-branch: docs-build
     directory: /
     schedule:
-      interval: daily
+      interval: weekly
+  - package-ecosystem: npm
     target-branch: main
-    ignore:
-      # only upgrade by minor or patch
-      - dependency-name: "*"
-        update-types:
-          - version-update:semver-major
+    directory: /docs
+    schedule:
+      interval: weekly
+  - package-ecosystem: npm
+    target-branch: 4.1.x
+    directory: /docs
+    schedule:
+      interval: weekly

.github/workflows/maven.yml

@@ -5,9 +5,9 @@ name: Build
 
 on:
   push:
-    branches: [ main, 4.1.x, 3.1.x ]
+    branches: [ main, 4.2.x, 4.1.x, 3.1.x ]
   pull_request:
-    branches: [ main, 4.1.x, 3.1.x ]
+    branches: [ main, 4.2.x, 4.1.x, 3.1.x ]
 
 jobs:
   build:
@@ -25,7 +25,7 @@ jobs:
       - name: Build with Maven
         run: ./mvnw clean install -B -U -Pspring -Dmaven.test.redirectTestOutputToFile=true -Dmaven.wagon.http.pool=false -Dmaven.wagon.httpconnectionManager.ttlSeconds=120
       - name: Publish Test Report
-        uses: mikepenz/action-junit-report@v4
+        uses: mikepenz/action-junit-report@v5
         if: always() # always run even if the previous step fails
         with:
           report_paths: '**/surefire-reports/TEST-*.xml'

README.adoc

@@ -27,7 +27,92 @@ image::https://codecov.io/gh/spring-cloud/spring-cloud-gateway/branch/main/graph
 [[building]]
 = Building
 
-Unresolved directive in <stdin> - include::https:///raw.githubusercontent.com/spring-cloud/spring-cloud-build/main/docs/modules/ROOT/partials/building.adoc[]
+:jdkversion: 17
+
+[[basic-compile-and-test]]
+== Basic Compile and Test
+
+To build the source you will need to install JDK {jdkversion}.
+
+Spring Cloud uses Maven for most build-related activities, and you
+should be able to get off the ground quite quickly by cloning the
+project you are interested in and typing
+
+----
+$ ./mvnw install
+----
+
+NOTE: You can also install Maven (>=3.3.3) yourself and run the `mvn` command
+in place of `./mvnw` in the examples below. If you do that you also
+might need to add `-P spring` if your local Maven settings do not
+contain repository declarations for spring pre-release artifacts.
+
+NOTE: Be aware that you might need to increase the amount of memory
+available to Maven by setting a `MAVEN_OPTS` environment variable with
+a value like `-Xmx512m -XX:MaxPermSize=128m`. We try to cover this in
+the `.mvn` configuration, so if you find you have to do it to make a
+build succeed, please raise a ticket to get the settings added to
+source control.
+
+The projects that require middleware (i.e. Redis) for testing generally
+require that a local instance of [Docker](https://www.docker.com/get-started) is installed and running.
+
+[[documentation]]
+== Documentation
+
+The spring-cloud-build module has a "docs" profile, and if you switch
+that on it will try to build asciidoc sources using https://docs.antora.org/antora/latest/[Antora] from
+`modules/ROOT/`.
+
+As part of that process it will look for a
+`docs/src/main/asciidoc/README.adoc` and process it by loading all the includes, but not
+parsing or rendering it, just copying it to `${main.basedir}`
+(defaults to `$\{basedir}`, i.e. the root of the project). If there are
+any changes in the README it will then show up after a Maven build as
+a modified file in the correct place. Just commit it and push the change.
+
+[[working-with-the-code]]
+== Working with the code
+If you don't have an IDE preference we would recommend that you use
+https://www.springsource.com/developer/sts[Spring Tools Suite] or
+https://eclipse.org[Eclipse] when working with the code. We use the
+https://eclipse.org/m2e/[m2eclipse] eclipse plugin for maven support. Other IDEs and tools
+should also work without issue as long as they use Maven 3.3.3 or better.
+
+[[activate-the-spring-maven-profile]]
+=== Activate the Spring Maven profile
+Spring Cloud projects require the 'spring' Maven profile to be activated to resolve
+the spring milestone and snapshot repositories. Use your preferred IDE to set this
+profile to be active, or you may experience build errors.
+
+[[importing-into-eclipse-with-m2eclipse]]
+=== Importing into eclipse with m2eclipse
+We recommend the https://eclipse.org/m2e/[m2eclipse] eclipse plugin when working with
+eclipse. If you don't already have m2eclipse installed it is available from the "eclipse
+marketplace".
+
+NOTE: Older versions of m2e do not support Maven 3.3, so once the
+projects are imported into Eclipse you will also need to tell
+m2eclipse to use the right profile for the projects.  If you
+see many different errors related to the POMs in the projects, check
+that you have an up to date installation.  If you can't upgrade m2e,
+add the "spring" profile to your `settings.xml`. Alternatively you can
+copy the repository settings from the "spring" profile of the parent
+pom into your `settings.xml`.
+
+[[importing-into-eclipse-without-m2eclipse]]
+=== Importing into eclipse without m2eclipse
+If you prefer not to use m2eclipse you can generate eclipse project metadata using the
+following command:
+
+[indent=0]
+----
+	$ ./mvnw eclipse:eclipse
+----
+
+The generated eclipse projects can be imported by selecting `import existing projects`
+from the `file` menu.
+
 
 [[contributing]]
 = Contributing

SECURITY.md

@@ -2,4 +2,4 @@
 
 ## Reporting a Vulnerability
 
-To report security vulnerabilities, please go to https://pivotal.io/security.
+To report security vulnerabilities, please go to https://spring.io/security-policy.