DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Please enter at least three characters to search
Refcards Trend Reports
Events Video Library
Refcards
Trend Reports

Events

View Events Video Library

Zones

Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks

Because the DevOps movement has redefined engineering responsibilities, SREs now have to become stewards of observability strategy.

Apache Cassandra combines the benefits of major NoSQL databases to support data management needs not covered by traditional RDBMS vendors.

The software you build is only as secure as the code that powers it. Learn how malicious code creeps into your software supply chain.

Generative AI has transformed nearly every industry. How can you leverage GenAI to improve your productivity and efficiency?

Related

  • Using Python Libraries in Java
  • Using Lombok Library With JDK 23
  • Bridging JavaScript and Java Packages: An Introduction to Npm2Mvn
  • IntelliJ and Java Spring Microservices: Productivity Tips With GitHub Copilot

Trending

  • Designing AI Multi-Agent Systems in Java
  • Data Lake vs. Warehouse vs. Lakehouse vs. Mart: Choosing the Right Architecture for Your Business
  • Intro to RAG: Foundations of Retrieval Augmented Generation, Part 1
  • Endpoint Security Controls: Designing a Secure Endpoint Architecture, Part 2
  1. DZone
  2. Coding
  3. Java
  4. Java Library Development

Java Library Development

The 'java-library-template' is a comprehensive solution for Java library developers that simplifies every aspect of library creation and maintenance.

By 
Hartmut Armbruster user avatar
Hartmut Armbruster
·
Nov. 09, 23 · Presentation
Likes (1)
Comment
Save
Tweet
Share
4.6K Views

Join the DZone community and get the full member experience.

Join For Free

The 'java-library-template' is a comprehensive solution for Java library developers that simplifies every aspect of library creation and maintenance.

This blog post explores the template's array of features, including one-click project setup, automated releases, security scans, and effortless Javadoc generation. Discover how to keep dependencies up to date with Renovate and ensure seamless publication to Maven Central.

Whether you're a seasoned developer or new to Java, this template empowers you to create high-quality libraries efficiently and with confidence.

Drake Hotline Bling Meme | creating a new java library; creating a new java-library-template'

Features

  • One-click automated initial project migration workflow (GitHub Action)
  • Java 21 (corretto) Gradle Kotlin DSL, version catalog
  • GitHub Actions CI/CD pipeline, efficient build pipeline, caching, integration tests, test report & failed test annotations
  • One-click release process + publish to Maven Central
  • Security & vulnerability scan with trivy and GitHub CodeQL Analysis
  • Automated dependency updates with Renovate 
  • Javadoc deployed with GitHub Pages
  • Open Source Community ready (Code of Conduct, Contribution guidelines, Issue & PR Templates)

'java-library-template' in '60s

If you prefer a video over reading this post, there's a '60s intro available on the @thriving_dev YouTube Channel!

Quick Start

Use the template to create your own repository and follow the instructions in the README.md.

CI/CD Pipeline

The heart of this template is the 'Main GitHub Actions CI/CD Pipeline'. See it in Actions.

CI/CD Pipeline

The workflow encompasses multiple jobs, modeled and linked with dependencies and conditions. Based on the context (trigger, ref, input arguments), it meets different use cases:

  1. Check: Build, test, integration test; code quality andvulnerability scans.
    Runs for active PRs - as well as part of all subsequent listed use cases.
  2. Latest: Publish SNAPSHOT version to Maven Central and Javadoc (GitHub Pages).
    Runs on pushes to the main branch.
  3. Release (Process): Executes (major|minor|patch) release process via Gradle plugin.
    Manually triggered workflow via GitHub UI/API.
  4. Release: Publish RELEASE version to Maven Central and Javadoc (GitHub Pages).
    Runs for pushed tags.

Project Structure

The project template consists of three top-level folders:

  • .github/: Defines the GitHub Actions CI tasks and templates for new pull requests, issues, etc.
  • gradle/: Contains Gradle Configuration files such as the Gradle Version Catalog and the Gradle Wrapper.
  • java-library-template/: The library source code (Gradle sub-project).

In addition, the following files are worth highlighting:

  • gradle/libs.versions.toml: A conventional file to declare a version catalog.
  • settings.gradle.kts: The multi-project Gradle settings file. Here are all the sub-projects defined.
  • gradle.properties: Holds the library version needed and maintained by the CI/CD pipeline release process.
  • **/build.gradle.kts: Gradle build file

Publish to Maven Central

The Maven publish process is fully automated and does not require manual action.

  • The main branch (per process definition) is always set to the next SNAPSHOT version and is published to the Sonatype snapshot repository with each main CI/CD pipeline run. The pipeline runs, e.g., when a PR is merged, but can also be triggered manually.
  • Release deployment happens when a new tag is pushed to GitHub. (Part of the release process)

Release Process

To release a new version via the CI/CD Pipeline, please follow the instructions below.

  • Navigate to Actions (1)
  • > Main Pipeline (2)
  • Click the 'Run workflow' button (3)
  • Select a semver release type with the 'Release Library' dropdown (4)
  • 'Run the workflow' (5)

release process

The release process includes

  • Pipeline run (incl. build and tests) that executes the release plugin (6)
  • The release plugin first sets and commits the new version (7a)
  • Creates and pushes a new tag (7b)
  • Sets the main branch to the next SNAPSHOT version (7c)

main pipeline

The new version is automatically published to Maven Central!

new version

Security and CodeQL Analysis

Common Vulnerabilities and Exposures (CVE)

The library's gradle dependencies are scanned for known CVE with Trivy. The scan results can be reviewed and managed under 'Security > Vulnerability alerts > Code scanning.'

ℹ Trivy is an open-source vulnerability scanner that quickly identifies security vulnerabilities in container images and applications, making it a valuable tool for enhancing the security of containerized environments.

Scans are triggered:

  1. With each main CI/CD pipeline run
  2. Scheduled (weekly) (ref)

code scanning

Please refer to the official GitHub documentation for more details.

GitHub CodeQL Analysis

Further, the codebase is analyzed with GitHub CodeQL. Please refer to the official docs to learn more about CodeQL.

Javadoc

A Javadoc website of your library, generated by gradle, is 'published' to GitHub Pages by the CI/CD pipeline. In addition to each released version, the current snapshot version (main branch) is published as current.

-> Live preview

javadoc

Automated Dependency Updates with Renovate

The recommended way to enable renovate is to use the Renovate GitHub App.
This template ships with a prepared renovate.json.

ℹ Renovate (RenovateBot) is an open-source tool that automates the process of keeping software dependencies up-to-date by scanning code repositories, identifying outdated dependencies, and generating automated pull/merge requests to update them.

Apache Maven GitHub Java (programming language)

Published at DZone with permission of Hartmut Armbruster. See the original article here.

Opinions expressed by DZone contributors are their own.

Related

  • Using Python Libraries in Java
  • Using Lombok Library With JDK 23
  • Bridging JavaScript and Java Packages: An Introduction to Npm2Mvn
  • IntelliJ and Java Spring Microservices: Productivity Tips With GitHub Copilot

Partner Resources

×

Comments
Oops! Something Went Wrong

The likes didn't load as expected. Please refresh the page and try again.

ABOUT US

  • About DZone
  • Support and feedback
  • Community research
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Core Program
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 3343 Perimeter Hill Drive
  • Suite 100
  • Nashville, TN 37211
  • support@dzone.com

Let's be friends:

Likes
There are no likes...yet! 👀
Be the first to like this post!
It looks like you're not logged in.
Sign in to see who liked this post!