feat: github actions for building and publishing

Introduced the github actions for building the library, and setup for publishing the main branch with the next version number determined from the commit messages.

.github/CODEOWNERS

@@ -0,0 +1,2 @@
+*   @infonl/sbl
+

.github/ISSUE_TEMPLATE/bug-report.md

@@ -0,0 +1,19 @@
+---
+name: Bug report
+about: 'Steps to reproduce the bug. '
+title: 'BUG: '
+labels: bug
+assignees: ''
+
+---
+
+***Steps to reproduce:***
+
+1. 
+2. 
+3. 
+
+***Expected***
+
+
+***Actual***

.github/ISSUE_TEMPLATE/custom.md

@@ -0,0 +1,10 @@
+---
+name: Custom issue template
+about: Describe this issue template's purpose here.
+title: ''
+labels: ''
+assignees: ''
+
+---
+
+

.github/ISSUE_TEMPLATE/user-story.md

@@ -0,0 +1,35 @@
+---
+name: User story
+about: The user story describes the type of user, what they want and why.
+title: ''
+labels: user story
+assignees: ''
+
+---
+
+***Als*** 
+
+***Wil ik*** 
+
+***Zodat*** 
+
+***
+
+### Acceptance criteria:
+-
+
+***
+### Prioriteit
+*Verwijder wat niet van toepassing is:*
+- Must haves
+- Should haves
+- Could haves
+- Won't haves
+
+***
+### Gerealiseerd
+_Omschrijving van de op te leveren functionaliteit in deze story_
+
+***Belangrijkste functionaliteiten:***
+- 
+-

.github/dependabot.yml

@@ -0,0 +1,32 @@
+#
+# SPDX-FileCopyrightText: 2024 INFO
+# SPDX-License-Identifier: EUPL-1.2+
+#
+version: 2
+updates:
+  - package-ecosystem: "gradle"
+    directory: "/"
+    schedule:
+      interval: "daily"
+      time: "04:00"
+      timezone: "Europe/Amsterdam"
+    reviewers:
+      - "infonl/sbl"
+
+  - package-ecosystem: "maven"
+    directory: "/"
+    schedule:
+      interval: "daily"
+      time: "04:00"
+      timezone: "Europe/Amsterdam"
+    reviewers:
+      - "infonl/sbl"
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+      time: "04:00"
+      timezone: "Europe/Amsterdam"
+    reviewers:
+      - "infonl/sbl"

.github/workflows/build-test-deploy.yml

@@ -0,0 +1,132 @@
+#
+# SPDX-FileCopyrightText: 2024 INFO
+# SPDX-License-Identifier: EUPL-1.2+
+#
+name: Build, test & deploy
+
+on:
+  pull_request:
+  merge_group:
+  workflow_dispatch:
+  push:
+    branches:
+      - main
+
+# cancel any previous runs of this workflow for this branch that are still in progress
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+env:
+  JAVA_VERSION: '21'
+  CONTAINER_REGISTRY_URL: 'ghcr.io/infonl'
+  APPLICATION_NAME: 'lib-sepa'
+
+permissions:
+  contents: write
+  packages: write
+  checks: write
+  pull-requests: write
+  # Required for uploading SARIF reports
+  security-events: write
+
+jobs:
+  build:
+    runs-on: ubuntu-22.04
+    timeout-minutes: 30
+    outputs:
+      branch_name: ${{ steps.gen_branch_name.outputs.BRANCH_NAME }}
+      build_number: ${{ steps.gen_build_number.outputs.BUILD_NUMBER }}
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set branch name
+        id: gen_branch_name
+        run: echo "BRANCH_NAME=${{ github.ref_name }}" | sed 's/\//_/g; s/(//g; s/)//g' >> $GITHUB_OUTPUT
+
+      - name: Set build number
+        id: gen_build_number
+        run: echo "BUILD_NUMBER=${{ steps.gen_branch_name.outputs.BRANCH_NAME }}-${{ github.run_number }}" >> $GITHUB_OUTPUT
+
+      - name: Setup JDK
+        uses: actions/setup-java@v4
+        with:
+          java-version: ${{ env.JAVA_VERSION }}
+          distribution: 'temurin'
+          cache: 'gradle'
+
+      - name: Setup Gradle
+        uses: gradle/actions/setup-gradle@v4
+
+      - name: Validate Gradle wrapper
+        uses: gradle/actions/wrapper-validation@v4
+
+      - name: Gradle build
+        run: ./gradlew build -Pversion=${{ steps.gen_branch_name.outputs.BRANCH_NAME }}-${{ github.run_number }} --info
+
+      - name: Publish unit test results
+        uses: EnricoMi/publish-unit-test-result-action@v2
+        if: always()
+        with:
+          check_name: unit-test-results
+          files: |
+            build/test-results/**/*.xml
+
+      - name: Cache Gradle build
+        uses: actions/cache/save@v4
+        with:
+          path: |
+            build
+          key: build-${{ github.repository }}-${{ github.ref_name }}-${{ github.run_number }}
+
+  dependabot-auto-merge:
+    needs: [build]
+    runs-on: ubuntu-22.04
+    if: github.actor == 'dependabot[bot]'
+    permissions:
+      pull-requests: write
+      contents: write
+    steps:
+      - uses: fastify/github-action-merge-dependabot@v3
+        with:
+          # Our Dependabot PRs are not merged automatically because an automatically merged PR
+          # does not trigger our push workflow (and so no release would be made).
+          # see: https://github.com/fastify/github-action-merge-dependabot/issues/134
+          approve-only: true
+          target: minor
+
+  publish-release:
+    needs: [build]
+    runs-on: ubuntu-22.04
+    timeout-minutes: 30
+    if: github.ref == 'refs/heads/main'
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup JDK
+        uses: actions/setup-java@v4
+        with:
+          java-version: ${{ env.JAVA_VERSION }}
+          distribution: 'temurin'
+          cache: 'gradle'
+
+      - name: Setup Gradle
+        uses: gradle/actions/setup-gradle@v4
+
+      - name: Validate Gradle wrapper
+        uses: gradle/actions/wrapper-validation@v4
+
+      - name: Restore Gradle build
+        uses: actions/cache/restore@v4
+        with:
+          path: build
+          key: build-${{ github.repository }}-${{ github.ref_name }}-${{ github.run_number }}
+
+      # Determine the next semantic version based on the commit message tags
+      # See https://github.com/thenativeweb/get-next-version
+      - name: Get next version
+        id: get_next_version
+        uses: thenativeweb/[email protected]
+
+      - name: Gradle publish
+        run: ./gradlew publish -Pversion=${{ steps.get_next_version.outputs.version }} --info

.github/workflows/check-for-conventional-commits.yml

@@ -0,0 +1,18 @@
+#
+# SPDX-FileCopyrightText: 2024 INFO
+# SPDX-License-Identifier: EUPL-1.2+
+#
+name: Check for conventional commits
+
+on:
+  pull_request:
+    types: [opened, edited, synchronize]
+  merge_group:
+
+jobs:
+  check-for-conventional-commits:
+    runs-on: ubuntu-latest
+    steps:
+      - name: check-for-cc
+        id: check-for-cc
+        uses: agenthunt/[email protected]

.github/workflows/clean-up-cache-on-pr-close.yml

@@ -0,0 +1,19 @@
+#
+# SPDX-FileCopyrightText: 2024 INFO
+# SPDX-License-Identifier: EUPL-1.2+
+#
+name: Cleanup cache after PR close
+
+on:
+  pull_request:
+    types:
+      - closed
+
+jobs:
+  cleanup-branch-cache:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: snnaplab/delete-branch-cache-action@v1
+        with:
+          # Specify explicitly because the ref at the time of merging will be a branch name such as 'main', 'develop'
+          ref: refs/pull/${{ github.event.pull_request.number }}/merge

.github/workflows/codeql.yml

@@ -0,0 +1,62 @@
+#
+# SPDX-FileCopyrightText: 2024 INFO
+# SPDX-License-Identifier: EUPL-1.2+
+#
+name: "CodeQL"
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+    # ignore code analysis when only Markdown files have changed
+    paths-ignore:
+      - '**/*.md'
+  merge_group:
+  schedule:
+    - cron: "21 11 * * 0"
+
+env:
+  JAVA_VERSION: "21"
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: ["java-kotlin", "javascript-typescript"]
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Setup JDK
+        if: matrix.language == 'java-kotlin'
+        uses: actions/setup-java@v4
+        with:
+          java-version: ${{ env.JAVA_VERSION }}
+          distribution: "temurin"
+
+      - name: Setup Gradle
+        if: matrix.language == 'java-kotlin'
+        uses: gradle/actions/setup-gradle@v4
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          languages: ${{ matrix.language }}
+
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v3
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v3
+        with:
+          category: "/language:${{matrix.language}}"

.github/workflows/update-gradle-wrapper.yml

@@ -0,0 +1,28 @@
+#
+# SPDX-FileCopyrightText: 2024 INFO
+# SPDX-License-Identifier: EUPL-1.2+
+#
+name: Update Gradle Wrapper
+
+# This workflow uses the Update Gradle Wrapper action to create a Pull Request if there is a new Gradle Wrapper version available.
+# Do note that this PR does _not_ automatically trigger any other workflows.
+# As a workaround to trigger our normal PR workflows you can manually close and then immediately reopen the PR. See:
+# https://github.com/gradle-update/update-gradle-wrapper-action#running-ci-workflows-in-pull-requests-created-by-the-action
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: "0 0 * * *"
+
+jobs:
+  update-gradle-wrapper:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Update Gradle Wrapper
+        uses: gradle-update/update-gradle-wrapper-action@v1
+        with:
+          team-reviewers: 'infonl/sbl'
+          pr-title-template: 'chore(deps): Bump Gradle Wrapper from %sourceVersion% to %targetVersion%'