Download plugins from repository

[edwardcrichton]

Add /api/admin/providers/available to list plugins that are available to download from the repository
Add /api/admin/provider/install/{plugin} to download a plugin from the repository to the plugins directory

Docker docker-environment.sh checks whether /home/app/plugins is mounted on persistent storage and sets a flag
Docker micronaut-startup.sh does not overwrite persisted plugins with those from /opt/init/micronaut and sets -DPLUGINS_IS_MOUNTED

Move finding the plugins directory from the environment to MauroPluginUtil so that it can be shared

Add PluginRepositoryService that understands the maven repository to list, download, and install plugins

Yet to be connected to the UI, so new AdminController methods returns Map at this point rather than DTOs to allow some wiggle room

[github-actions]

✅⚠️MegaLinter analysis: Success with warnings

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ ACTION	actionlint	1		0	0	0.03s
⚠️ API	spectral	1		0	1	2.67s
⚠️ BASH	bash-exec	10		9	0	0.04s
⚠️ BASH	shellcheck	10		21	0	0.57s
⚠️ BASH	shfmt	10		10	0	0.01s
⚠️ COPYPASTE	jscpd	yes		463	no	65.22s
⚠️ GROOVY	npm-groovy-lint	559		3	13067	432.95s
✅ JSON	jsonlint	11		0	0	0.16s
⚠️ JSON	prettier	11		1	0	1.84s
✅ JSON	v8r	11		0	0	7.22s
⚠️ MARKDOWN	markdownlint	6		27	0	0.8s
✅ MARKDOWN	markdown-table-formatter	6		0	0	0.29s
⚠️ REPOSITORY	checkov	yes		5	no	63.38s
⚠️ REPOSITORY	gitleaks	yes		1	9	298.92s
✅ REPOSITORY	git_diff	yes		no	no	0.05s
⚠️ REPOSITORY	grype	yes		1	1	91.44s
✅ REPOSITORY	secretlint	yes		no	no	7.77s
✅ REPOSITORY	syft	yes		no	no	10.03s
⚠️ REPOSITORY	trivy	yes		1	no	14.09s
✅ REPOSITORY	trivy-sbom	yes		no	no	0.54s
✅ REPOSITORY	trufflehog	yes		no	no	17.29s
⚠️ SPELL	cspell	642		7456	0	246.03s
⚠️ SPELL	lychee	30		72	0	92.79s
⚠️ XML	xmllint	7		1	0	1.42s
⚠️ YAML	prettier	13		1	11	0.74s
✅ YAML	v8r	13		0	0	4.49s
⚠️ YAML	yamllint	13		38	0	1.04s

Detailed Issues

⚠️ BASH / bash-exec - 9 errors

Results of bash-exec linter (version 5.3.3)
See documentation on https://megalinter.io/9.4.0/descriptors/bash_bash_exec/
-----------------------------------------------

✅ [SUCCESS] gradlew
❌ [ERROR] mauro-api/docker/all/micronaut/micronaut-startup.sh
    Error: File:[mauro-api/docker/all/micronaut/micronaut-startup.sh] is not executable

❌ [ERROR] mauro-api/docker/all/postgres/micronaut-config-for-postgres.sh
    Error: File:[mauro-api/docker/all/postgres/micronaut-config-for-postgres.sh] is not executable

❌ [ERROR] mauro-api/docker/all/postgres/postgres-shutdown.sh
    Error: File:[mauro-api/docker/all/postgres/postgres-shutdown.sh] is not executable

❌ [ERROR] mauro-api/docker/all/postgres/postgres-startup.sh
    Error: File:[mauro-api/docker/all/postgres/postgres-startup.sh] is not executable

❌ [ERROR] mauro-api/docker/all/startup/docker-environment.sh
    Error: File:[mauro-api/docker/all/startup/docker-environment.sh] is not executable

❌ [ERROR] mauro-api/docker/all/startup/docker-startup.sh
    Error: File:[mauro-api/docker/all/startup/docker-startup.sh] is not executable

❌ [ERROR] mauro-api/docker/noDB/micronaut/micronaut-startup.sh
    Error: File:[mauro-api/docker/noDB/micronaut/micronaut-startup.sh] is not executable

❌ [ERROR] mauro-api/docker/noDB/startup/docker-environment.sh
    Error: File:[mauro-api/docker/noDB/startup/docker-environment.sh] is not executable

❌ [ERROR] mauro-api/docker/noDB/startup/docker-startup.sh
    Error: File:[mauro-api/docker/noDB/startup/docker-startup.sh] is not executable

⚠️ REPOSITORY / checkov - 5 errors

or resource: /mauro-api/build/docker/main/Dockerfile.
	File: /mauro-api/build/docker/main/Dockerfile:1-56
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-that-a-user-for-the-container-has-been-created

		Code lines for this resource are too many. Please use IDE of your choice to review the file.
secrets scan results:

Passed checks: 0, Failed checks: 1, Skipped checks: 0

Check: CKV_SECRET_6: "Base64 High Entropy String"
	FAILED for resource: HIDDEN_BY_MEGALINTER	File: /keycloak/docker-compose.yml:14-15
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/secrets-policies/secrets-policy-index/git-secrets-6

		14 |       KC_CLIENT_SECRET: ZBXabk**********

github_actions scan results:

Passed checks: 64, Failed checks: 0, Skipped checks: 0

openapi scan results:

Passed checks: 2, Failed checks: 3, Skipped checks: 0

Check: CKV_OPENAPI_21: "Ensure that arrays have a maximum number of items"
	FAILED for resource: paths
	File: /mauro-api/build/classes/groovy/main/META-INF/swagger/mauro-0.0.yml:201-207
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/api-policies/openapi-policies/bc-openapi-21

		201 |                 type: array
		202 |                 items:
		203 |                   type: object
		204 |                   additionalProperties:
		205 |                     type: string
		206 |   /api/admin/properties:
		207 |     get:

Check: CKV_OPENAPI_4: "Ensure that the global security field has rules defined"
	FAILED for resource: security
	File: /mauro-api/build/classes/groovy/main/META-INF/swagger/mauro-0.0.yml:1-15460
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/api-policies/openapi-policies/ensure-that-the-global-security-field-has-rules-defined

		Code lines for this resource are too many. Please use IDE of your choice to review the file.
Check: CKV_OPENAPI_5: "Ensure that security operations is not empty."
	FAILED for resource: security
	File: /mauro-api/build/classes/groovy/main/META-INF/swagger/mauro-0.0.yml:1-15460
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/api-policies/openapi-policies/ensure-that-security-operations-is-not-empty

		Code lines for this resource are too many. Please use IDE of your choice to review the file.

(Truncated to last 2352 characters out of 2521)

⚠️ SPELL / cspell - 7456 errors

"officedocument",
        "opencontainers",
        "openidprovider",
        "openxmlformats",
        "organisation",
        "overriden",
        "passwordless",
        "pathable",
        "pathsstring",
        "persistencetest",
        "picocli",
        "pkce",
        "pkgs",
        "preparadas",
        "primitivetype",
        "primitivetypes",
        "println",
        "psql",
        "rable",
        "rables",
        "rchen",
        "rcio",
        "reactivestreams",
        "readarray",
        "readlink",
        "recaptcha",
        "redirector",
        "referencefile",
        "referencetype",
        "referencetypes",
        "refreshable",
        "replstate",
        "researcherone",
        "restauration",
        "resteasy",
        "rhus",
        "rique",
        "rkte",
        "robj",
        "rosas",
        "rrez",
        "sarif",
        "sausgs",
        "sdkman",
        "sdkmanrc",
        "seladen",
        "serialisation",
        "serialising",
        "setcap",
        "setgid",
        "setuid",
        "setweight",
        "shellcheck",
        "shellness",
        "siastiques",
        "sicas",
        "slurper",
        "slurpersupport",
        "smalldatetime",
        "smallint",
        "smallmoney",
        "snabbk",
        "snakeyaml",
        "softeng",
        "soluta",
        "sonarlint",
        "spnego",
        "spockframework",
        "spreadsheetml",
        "ssle",
        "stackdump",
        "starttls",
        "stica",
        "subfolders",
        "suklaa",
        "teborg",
        "temurin",
        "terminnology",
        "termsby",
        "threadname",
        "timemachine",
        "tinyint",
        "tomillo",
        "totp",
        "tsquery",
        "tsvector",
        "tsvectors",
        "turage",
        "ugcu",
        "unauthorised",
        "uncapitalize",
        "unde",
        "unlogged",
        "usermodel",
        "vanniktech",
        "varbinary",
        "varchar",
        "versionable",
        "versionedfolder",
        "versionedfolders",
        "verte",
        "webauthn",
        "websearch",
        "whatisthis",
        "whichs",
        "wrappper",
        "xico",
        "zaxxer",
        "zoneinfo",
        "zulip"
    ]
}


You can also copy-paste megalinter-reports/.cspell.json at the root of your repository

(Truncated to last 2352 characters out of 1713733)

⚠️ REPOSITORY / gitleaks - 1 error

^^^^^^^^^^^^^^^^^^^^^

warning: 9 warnings emitted

(Truncated to last 2352 characters out of 2214072)

⚠️ REPOSITORY / grype - 1 error

note: A low vulnerability in java-archive package: logback-core, version 1.5.19 was found at: /mauro-api/build/docker/main/layers/libs/logback-core-1.5.19.jar

error: A high vulnerability in java-archive package: jackson-core, version 2.19.2 was found at: /mauro-api/build/docker/main/layers/libs/jackson-core-2.19.2.jar

error: 1 errors emitted

⚠️ COPYPASTE / jscpd - 463 errors

[117:1 - 133:5] (16 lines, 99 tokens)
   mauro-persistence/build.gradle [62:1 - 57:5]

┌────────────┬────────────────┬─────────────┬──────────────┬──────────────┬──────────────────┬───────────────────┐
│ Format     │ Files analyzed │ Total lines │ Total tokens │ Clones found │ Duplicated lines │ Duplicated tokens │
├────────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ groovy     │ 550            │ 55847       │ 463491       │ 453          │ 5149 (9.22%)     │ 52466 (11.32%)    │
├────────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ sql        │ 17             │ 915         │ 9262         │ 6            │ 108 (11.8%)      │ 1059 (11.43%)     │
├────────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ bash       │ 9              │ 566         │ 3257         │ 4            │ 155 (27.39%)     │ 908 (27.88%)      │
├────────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ properties │ 1              │ 5           │ 16           │ 0            │ 0 (0%)           │ 0 (0%)            │
├────────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ markdown   │ 1              │ 640         │ 12174        │ 0            │ 0 (0%)           │ 0 (0%)            │
├────────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ Total:     │ 578            │ 57973       │ 488200       │ 463          │ 5412 (9.34%)     │ 54433 (11.15%)    │
└────────────┴────────────────┴─────────────┴──────────────┴──────────────┴──────────────────┴───────────────────┘
Found 463 clones.
HTML report saved to megalinter-reports/copy-paste/html/
ERROR: jscpd found too many duplicates (9.34%) over threshold (0%)
Error: ERROR: jscpd found too many duplicates (9.34%) over threshold (0%)
    at ThresholdReporter.report (/node-deps/node_modules/@jscpd/finder/dist/index.js:615:13)
    at /node-deps/node_modules/@jscpd/finder/dist/index.js:109:18
    at Array.forEach (<anonymous>)
    at /node-deps/node_modules/@jscpd/finder/dist/index.js:108:22
    at async /node-deps/node_modules/jscpd/dist/bin/jscpd.js:9:5

(Truncated to last 2352 characters out of 122199)

⚠️ SPELL / lychee - 72 errors

l
[ERROR] http://localhost:9009/auth | Network error: error sending request for url (http://localhost:9009/auth) Maybe a certificate error?
[ERROR] http://localhost:8088/oauth/callback/keycloak | Network error: error sending request for url (http://localhost:8088/oauth/callback/keycloak) Maybe a certificate error?

Errors in mauro-api/src/test/resources/mauroJsonPublishedModels.json
[TIMEOUT] https://maurosandbox.com/sandbox/api/dataModels/0b97751d-b6bf-476c-a9e6-95d3352e8008/export/uk.ac.ox.softeng.maurodatamapper.datamodel.provider.exporter/DataModelXmlExporterService/5.2 | Timeout
[TIMEOUT] https://maurosandbox.com/sandbox/api/dataModels/0b97751d-b6bf-476c-a9e6-95d3352e8008/export/uk.ac.ox.softeng.maurodatamapper.plugins.fhir.datamodel/FhirDataModelExporterProviderService/2.4.0-SNAPSHOT | Timeout
[TIMEOUT] https://maurosandbox.com/sandbox/api/dataModels/0b97751d-b6bf-476c-a9e6-95d3352e8008/export/uk.ac.ox.softeng.maurodatamapper.datamodel.provider.exporter/DataModelJsonExporterService/3.2 | Timeout
[TIMEOUT] https://maurosandbox.com/sandbox/api/dataModels/0b97751d-b6bf-476c-a9e6-95d3352e8008/export/uk.ac.ox.softeng.maurodatamapper.plugins.xsd.datamodel.provider.exporter/XsdExporterProviderService/1.3.0-SNAPSHOT | Timeout
[TIMEOUT] https://maurosandbox.com/sandbox/api/dataModels/0b97751d-b6bf-476c-a9e6-95d3352e8008/export/uk.ac.ox.softeng.maurodatamapper.plugins.excel.datamodel/SimpleExcelDataModelExporterProviderService/5.3.0-SNAPSHOT | Timeout
[TIMEOUT] https://maurosandbox.com/sandbox/api/dataModels/0b97751d-b6bf-476c-a9e6-95d3352e8008/export/uk.ac.ox.softeng.maurodatamapper.plugins.explorer.provider.exporter/DataModelPdfExporterService/1.0 | Timeout
[TIMEOUT] https://maurosandbox.com/sandbox/api/dataModels/0b97751d-b6bf-476c-a9e6-95d3352e8008/export/uk.ac.ox.softeng.maurodatamapper.plugins.excel.datamodel/ExcelDataModelExporterProviderService/5.3.0-SNAPSHOT | Timeout
[TIMEOUT] https://maurosandbox.com/sandbox/api/dataModels/0b97751d-b6bf-476c-a9e6-95d3352e8008/export/uk.ac.ox.softeng.maurodatamapper.plugins.excel.openclinica/OpenClinicaV3CrfDataModelExporterProviderService/1.0.0-SNAPSHOT | Timeout
[TIMEOUT] https://maurosandbox.com/sandbox/api/dataModels/0b97751d-b6bf-476c-a9e6-95d3352e8008/export/uk.ac.ox.softeng.maurodatamapper.plugins.explorer.provider.exporter/DataModelSqlExporterService/1.0 | Timeout

(Truncated to last 2352 characters out of 44087)

⚠️ MARKDOWN / markdownlint - 27 errors

Actual: 1]
README.md:2:1 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:3:59 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:7:68 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:8:74 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:13:92 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:16:86 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:18:94 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:20:88 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:22:90 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:24:86 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:34:90 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:36:87 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:38:95 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:40:86 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:45:89 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:46:96 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:49:100 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:52:93 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:55 error MD040/fenced-code-language Fenced code blocks should have a language specified [Context: "```"]
README.md:61 error MD040/fenced-code-language Fenced code blocks should have a language specified [Context: "```"]
README.md:64:91 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
ready-configuration/index.md:1 error MD041/first-line-heading/first-line-h1 First line in a file should be a top-level heading [Context: "| Configuration | Description ..."]
ready-configuration/README.md:1 error MD041/first-line-heading/first-line-h1 First line in a file should be a top-level heading [Context: "Docker configurations are held..."]

(Truncated to last 2352 characters out of 2770)

⚠️ GROOVY / npm-groovy-lint - 3 errors

finition is preceded by javadoc. Enum definitions are not checked, due to strange behavior in the Groovy AST.

note: The opening brace for interface org.maurodata.persistence.SecuredContainerizedTest is not followed by a space or whitespace
   ┌─ mauro-persistence/src/testFixtures/groovy/org/maurodata/persistence/SecuredContainerizedTest.groovy:16:37
   │
16 │ @interface SecuredContainerizedTest {}
   │                                     ^
   │
   = Check that there is at least one space (blank) or whitespace after each opening brace ("{") for method/class/interface declarations, closure expressions and block statements.

note: The closing brace for interface org.maurodata.persistence.SecuredContainerizedTest is not preceded by a space or whitespace
   ┌─ mauro-persistence/src/testFixtures/groovy/org/maurodata/persistence/SecuredContainerizedTest.groovy:16:38
   │
16 │ @interface SecuredContainerizedTest {}
   │                                      ^
   │
   = Check that there is at least one space (blank) or whitespace before each closing brace ("}") for method/class/interface declarations, closure expressions and block statements.

warning: Class should be marked with one of @GrailsCompileStatic, @CompileStatic or @CompileDynamic
 = Check that classes are explicitely annotated with either @GrailsCompileStatic, @CompileStatic or @CompileDynamic

note: The operator "=" within class None is not preceded by a space or whitespace
  ┌─ settings.gradle:2:17
  │
2 │ rootProject.name="mauro-micronaut"
  │                 ^
  │
  = Check that there is at least one space (blank) or whitespace around each binary operator.

note: The operator "=" within class None is not followed by a space or whitespace
  ┌─ settings.gradle:2:17
  │
2 │ rootProject.name="mauro-micronaut"
  │                 ^
  │
  = Check that there is at least one space (blank) or whitespace around each binary operator.

note: The String 'mauro-micronaut' can be wrapped in single quotes instead of double quotes
  ┌─ settings.gradle:2:19
  │
2 │ rootProject.name="mauro-micronaut"
  │                   ^^^^^^^^^^^^^^^
  │
  = String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.

warning: 5282 warnings emitted
error: 3 errors emitted

(Truncated to last 2352 characters out of 5505986)

⚠️ JSON / prettier - 1 error

Checking formatting...
[warn] .groovylintrc.json
[warn] mauro-api/src/test/resources/federatedPublishedModelsBytesAsText.json
[warn] mauro-api/src/test/resources/keycloak/realm.json
[warn] mauro-api/src/test/resources/mauroJsonPublishedModels.json
[warn] mauro-api/src/test/resources/publishedModels.json
[warn] mauro-api/src/test/resources/publishedModelsNewerVersions.json
[warn] mauro-api/src/test/resources/subscribedCataloguePublishedModels.json
[warn] mauro-api/src/test/resources/subscribedCataloguePublishedModelsNewerVersions.json
[warn] mauro-domain/src/main/resources/ProfileSpecificationFieldProfile.json
[warn] Code style issues found in 9 files. Run Prettier with --write to fix.

⚠️ YAML / prettier - 1 error

Checking formatting...
[warn] .github/workflows/gradle.yml
[warn] keycloak/docker-compose.yml
[warn] mauro-api/micronaut-cli.yml
[warn] mauro-api/src/main/resources/application-docker.yml
[warn] mauro-api/src/main/resources/application-test.yml
[warn] mauro-api/src/main/resources/application.yml
[warn] mauro-api/src/test/resources/application-secured.yml
[warn] mauro-client/src/main/resources/application.yml
[warn] mauro-persistence/src/test/resources/application-test.yml
[warn] ready-configuration/quick-start/init/micronaut/application-mauro.yml
[warn] Code style issues found in 10 files. Run Prettier with --write to fix.

⚠️ BASH / shellcheck - 21 errors

DB/micronaut/micronaut-startup.sh line 91:
echo ${JAVA_BIN} "${JAVA_OPTS}" -cp "/home/app/application.jar" -DPLUGINS_IS_MOUNTED=${PLUGINS_IS_MOUNTED} "${APPLICATION_MAIN_CLASS}"
     ^---------^ SC2086 (info): Double quote to prevent globbing and word splitting.
                                                                                     ^-------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.

Did you mean:
echo "${JAVA_BIN}" "${JAVA_OPTS}" -cp "/home/app/application.jar" -DPLUGINS_IS_MOUNTED="${PLUGINS_IS_MOUNTED}" "${APPLICATION_MAIN_CLASS}"


In mauro-api/docker/noDB/micronaut/micronaut-startup.sh line 92:
gosu micronaut ${JAVA_BIN} ${JAVA_OPTS} -cp /home/app/application.jar -DPLUGINS_IS_MOUNTED=${PLUGINS_IS_MOUNTED} "${APPLICATION_MAIN_CLASS}"
               ^---------^ SC2086 (info): Double quote to prevent globbing and word splitting.
                           ^----------^ SC2086 (info): Double quote to prevent globbing and word splitting.
                                                                                           ^-------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.

Did you mean:
gosu micronaut "${JAVA_BIN}" "${JAVA_OPTS}" -cp /home/app/application.jar -DPLUGINS_IS_MOUNTED="${PLUGINS_IS_MOUNTED}" "${APPLICATION_MAIN_CLASS}"


In mauro-api/docker/noDB/startup/docker-environment.sh line 24:
export CPU_COUNT=$(nproc --all)
       ^-------^ SC2155 (warning): Declare and assign separately to avoid masking return values.


In mauro-api/docker/noDB/startup/docker-environment.sh line 27:
export DOCKER_SUBNET="$(ip -o -4 addr show 2>/dev/null | awk '/scope global/ {split($4,a,"/");split(a[1],b,".");printf "%d.%d.%d.0/%s\n",b[1],b[2],b[3],a[2];exit}')"
       ^-----------^ SC2155 (warning): Declare and assign separately to avoid masking return values.


In mauro-api/docker/noDB/startup/docker-startup.sh line 32:
source "$(which docker-environment.sh)"
       ^-- SC1090 (warning): ShellCheck can't follow non-constant source. Use a directive to specify location.

For more information:
  https://www.shellcheck.net/wiki/SC1087 -- Use braces when expanding arrays,...
  https://www.shellcheck.net/wiki/SC1090 -- ShellCheck can't follow non-const...
  https://www.shellcheck.net/wiki/SC2155 -- Declare and assign separately to ...

(Truncated to last 2352 characters out of 7343)

⚠️ BASH / shfmt - 10 errors

1 ) / 1024 / 1024 / 1024 ))
+	MEM_LIMIT=$(cat /sys/fs/cgroup/memory/memory.limit_in_bytes)
+else
+	MEM_LIMIT="max"
+fi
+
+if [ "$MEM_LIMIT" = "max" ]; then
+	MEM_LIMIT_KB=$(grep MemTotal /proc/meminfo | awk '{print $2}')
+	MEM_LIMIT=$((MEM_LIMIT_KB * 1024))
+fi
+
+export MEMORY_AVAILABLE_GB=$(((MEM_LIMIT + (1024 * 1024 * 1024) - 1) / 1024 / 1024 / 1024))
 echo "Detected memory limit: ${MEMORY_AVAILABLE_GB}GB"
 export CPU_COUNT=$(nproc --all)
 echo "Detected ${CPU_COUNT} cores"
@@ -28,16 +26,14 @@
 
 echo "Docker subnet ${DOCKER_SUBNET}"
 
-if [ -e /home/app/plugins ];
-then
-  MOUNTED_PLUGINS_AT=$(df -T "/home/app/plugins" | awk 'NR==2 {print $NF}')
-
-  if [ "${MOUNTED_PLUGINS_AT}" = "/" ];
-  then
-    export PLUGINS_IS_MOUNTED="false"
-  else
-    export PLUGINS_IS_MOUNTED="true"
-  fi
-else
-    export PLUGINS_IS_MOUNTED="false"
+if [ -e /home/app/plugins ]; then
+	MOUNTED_PLUGINS_AT=$(df -T "/home/app/plugins" | awk 'NR==2 {print $NF}')
+
+	if [ "${MOUNTED_PLUGINS_AT}" = "/" ]; then
+		export PLUGINS_IS_MOUNTED="false"
+	else
+		export PLUGINS_IS_MOUNTED="true"
+	fi
+else
+	export PLUGINS_IS_MOUNTED="false"
 fi
diff mauro-api/docker/noDB/startup/docker-startup.sh.orig mauro-api/docker/noDB/startup/docker-startup.sh
--- mauro-api/docker/noDB/startup/docker-startup.sh.orig
+++ mauro-api/docker/noDB/startup/docker-startup.sh
@@ -2,31 +2,31 @@
 set -e
 
 if ! capsh --print | awk '/^Current:/ {print}' | grep -q cap_net_bind_service; then
-  echo "ERROR: CAP_NET_BIND_SERVICE is required"
-  echo
-  capsh --print
-  exit 1
+	echo "ERROR: CAP_NET_BIND_SERVICE is required"
+	echo
+	capsh --print
+	exit 1
 fi
 
 if ! capsh --print | awk '/^Current:/ {print}' | grep -q cap_setuid; then
-  echo "ERROR: CAP_SETUID is required"
-  echo
-  capsh --print
-  exit 1
+	echo "ERROR: CAP_SETUID is required"
+	echo
+	capsh --print
+	exit 1
 fi
 
 if ! capsh --print | awk '/^Current:/ {print}' | grep -q cap_setgid; then
-  echo "ERROR: CAP_SETGID is required"
-  echo
-  capsh --print
-  exit 1
+	echo "ERROR: CAP_SETGID is required"
+	echo
+	capsh --print
+	exit 1
 fi
 
 if ! capsh --print | awk '/^Current:/ {print}' | grep -q cap_chown; then
-  echo "ERROR: CAP_CHOWN is required"
-  echo
-  capsh --print
-  exit 1
+	echo "ERROR: CAP_CHOWN is required"
+	echo
+	capsh --print
+	exit 1
 fi
 
 source "$(which docker-environment.sh)"

(Truncated to last 2352 characters out of 44209)

⚠️ API / spectral - 1 warning

warning: The provided document does not match any of the registered formats [AsyncAPI 2.0.x, AsyncAPI 2.1.x, AsyncAPI 2.2.x, AsyncAPI 2.3.x, AsyncAPI 2.4.x, AsyncAPI 2.5.x, AsyncAPI 2.6.x, AsyncAPI 3.0.x, AsyncAPI 2.x, AsyncAPI 3.x, OpenAPI 2.0 (Swagger), OpenAPI 3.x, OpenAPI 3.0.x, OpenAPI 3.1.x]
    ┌─ mauro-api/src/main/resources/application.yml:1:1
    │  
  1 │ ╭ micronaut:
  2 │ │   application:
  3 │ │     name: sandbox
  4 │ │     client:
    · │
118 │ │   audit:
119 │ │     scope: ALL
    │ ╰──────────────^

warning: 1 warnings emitted

⚠️ REPOSITORY / trivy - 1 error

error: Artifact: mauro-api/build/docker/main/Dockerfile
Type: dockerfile
Vulnerability DS-0002
Severity: HIGH
Message: Specify at least 1 USER command in Dockerfile with non-root user as argument
Link: [DS-0002](https://avd.aquasec.com/misconfig/ds-0002)
  ┌─ mauro-api/build/docker/main/Dockerfile:1:1
  │
1 │ FROM eclipse-temurin:21-jre-noble
  │ ^
  │
  = Image user should not be 'root'
  = Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.

error: 1 errors emitted

⚠️ XML / xmllint - 1 error

blished>2024-11-01T12:08:51Z</published>
		<summary>test summary</summary>
		<link href="https//localhost:8088/test/entry/D77476A1-8654-4B69-B579-93DB3467FDC1/artefact.json" rel="alternate" type="application/fhir+json"/>

		<onto:permission code="restricted.read"/>
		<source>
			<title>NHS Digital data load feed</title>
			<id>urn:uuid:b4484456-366a-4430-a8ae-56248003fc5a</id>
			<link href="https://ontology.nhs.uk/syndication/feed/20241101_001_EXT_RC/syndication.xml" length="0" rel="alternate"/>
		</source>
	</entry>
</feed>
<?xml version="1.0"?>
<configuration>

    <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
        <!--<withJansi>true</withJansi>-->
        <!-- encoders are assigned the type
             ch.qos.logback.classic.encoder.PatternLayoutEncoder by default -->
        <encoder>
            <pattern>%cyan(%d{HH:mm:ss.SSS}) %green([%thread]) %highlight(%-5level) %magenta(%logger{36}) - %msg%n</pattern>
        </encoder>
    </appender>

    <root level="debug">
        <appender-ref ref="STDOUT"/>
    </root>

    <logger name="io.micronaut.cache" level="info"/>
</configuration>
<?xml version="1.0"?>
<configuration>

    <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
        <!--<withJansi>true</withJansi>-->
        <!-- encoders are assigned the type
             ch.qos.logback.classic.encoder.PatternLayoutEncoder by default -->
        <encoder>
            <pattern>%cyan(%d{HH:mm:ss.SSS}) %green([%thread]) %highlight(%-5level) %magenta(%logger{36}) - %msg%n</pattern>
        </encoder>
    </appender>

    <root level="warn">
        <appender-ref ref="STDOUT"/>
    </root>

<!--    <logger name="io.micronaut.cache" level="info" /> -->

</configuration>
<?xml version="1.0"?>
<configuration>

    <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
        <!--<withJansi>true</withJansi>-->
      <!-- encoders are assigned the type
           ch.qos.logback.classic.encoder.PatternLayoutEncoder by default -->
      <encoder>
            <pattern>%cyan(%d{HH:mm:ss.SSS}) %green([%thread]) %highlight(%-5level) %magenta(%logger{36}) - %msg%n</pattern>
        </encoder>
    </appender>

    <root level="warn">
        <appender-ref ref="STDOUT"/>
    </root>

<!--    <logger name="io.micronaut.cache" level="info" /> -->

</configuration>

(Truncated to last 2352 characters out of 22666)

⚠️ YAML / yamllint - 38 errors

32:80    error    trailing spaces  (trailing-spaces)
  152:258   error    no new line character at the end of file  (new-line-at-end-of-file)

keycloak/docker-compose.yml
  1:1       warning  missing document start "---"  (document-start)
  29:1      error    too many blank lines (1 > 0)  (empty-lines)

mauro-api/micronaut-cli.yml
  1:1       warning  missing document start "---"  (document-start)

mauro-api/src/main/resources/application-docker.yml
  1:1       warning  missing document start "---"  (document-start)

mauro-api/src/main/resources/application-test.yml
  1:1       warning  missing document start "---"  (document-start)
  8:1       warning  comment not indented like content  (comments-indentation)

mauro-api/src/main/resources/application.yml
  1:1       warning  missing document start "---"  (document-start)
  47:1      warning  comment not indented like content  (comments-indentation)

mauro-api/src/test/resources/application-secured.yml
  1:1       warning  missing document start "---"  (document-start)
  34:33     error    no new line character at the end of file  (new-line-at-end-of-file)

mauro-client/src/main/resources/application.yml
  1:1       warning  missing document start "---"  (document-start)
  8:24      error    no new line character at the end of file  (new-line-at-end-of-file)

mauro-persistence/src/main/resources/application.yml
  1:1       warning  missing document start "---"  (document-start)

mauro-persistence/src/test/resources/application-test.yml
  1:1       warning  missing document start "---"  (document-start)
  19:1      warning  comment not indented like content  (comments-indentation)
  21:31     error    no new line character at the end of file  (new-line-at-end-of-file)

ready-configuration/quick-start/init/micronaut/application-datasources.yml
  1:1       warning  missing document start "---"  (document-start)

ready-configuration/quick-start/init/micronaut/application-javamail.yml
  1:1       warning  missing document start "---"  (document-start)

ready-configuration/quick-start/init/micronaut/application-mauro.yml
  1:1       warning  missing document start "---"  (document-start)
  3:8       error    too many spaces after hyphen  (hyphens)
  8:8       error    too many spaces after hyphen  (hyphens)
  13:8      error    too many spaces after hyphen  (hyphens)

(Truncated to last 2352 characters out of 3392)

See detailed reports in MegaLinter artifacts

You could have the same capabilities but better runtime performances if you use a MegaLinter flavor:

• oxsecurity/megalinter/flavors/documentation@v9.4.0 (51 linters)
• oxsecurity/megalinter/flavors/ruby@v9.4.0 (52 linters)
• oxsecurity/megalinter/flavors/rust@v9.4.0 (52 linters)

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

• Documentation: Custom Flavors
• Command: npx mega-linter-runner@9.4.0 --custom-flavor-setup --custom-flavor-linters ACTION_ACTIONLINT,API_SPECTRAL,BASH_EXEC,BASH_SHELLCHECK,BASH_SHFMT,COPYPASTE_JSCPD,GROOVY_NPM_GROOVY_LINT,JSON_JSONLINT,JSON_V8R,JSON_PRETTIER,MARKDOWN_MARKDOWNLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER,REPOSITORY_CHECKOV,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,SPELL_CSPELL,SPELL_LYCHEE,XML_XMLLINT,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R

Show us your support by starring ⭐ the repository

[github-advanced-security]

npm-groovy-lint (MegaLinter GROOVY_NPM_GROOVY_LINT) found more than 20 potential problems in the proposed changes. Check the Files changed tab for more details.