commit b346a19f9bf94df36ac6f33b0ac32e802adbe67d
from: Chaz Kettleson <chaz@pyr3x.com>
date: Mon Mar 24 17:06:05 2025 UTC

batman

commit - /dev/null
commit + b346a19f9bf94df36ac6f33b0ac32e802adbe67d
blob - /dev/null
blob + 58c7bb7b8b2a49d7f60726d5dc3d589f4d5db2cb (mode 644)
--- /dev/null
+++ .dockerignore
@@ -0,0 +1,22 @@
+#
+# Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#
+
+# dockerignore
+
+### See https://docs.docker.com/engine/reference/builder/#dockerignore-file ###
+
+**
+!/build/install/*
+!/gradle/config/docker/healthcheck.sh
blob - /dev/null
blob + c6c241789c20666d1d0b386b6cec6910c663f0b0 (mode 644)
--- /dev/null
+++ .editorconfig
@@ -0,0 +1,29 @@
+#
+# Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#
+
+# editorconfig
+
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+indent_size = 2
+indent_style = space
+insert_final_newline = true
+trim_trailing_whitespace = true
+
+[*.properties]
+trim_trailing_whitespace = false
blob - /dev/null
blob + 6c1ebdaaa33527255c44fa9a1e51c15f55a09be4 (mode 644)
--- /dev/null
+++ .gitignore
@@ -0,0 +1,15 @@
+# gitignore
+
+# Key/Truststore
+.private/
+**/etc/truststore.jks
+
+# Gradle
+.gradle/
+**/build/
+
+# IntelliJ
+.idea/
+
+# VSCode
+.vscode/
blob - /dev/null
blob + 0ee66fb2084bb206ad49d2fbf23e42e75f8d59dc (mode 644)
--- /dev/null
+++ .gitlab-ci.yml
@@ -0,0 +1,151 @@
+#
+# Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#
+
+---
+
+# Each job requires a stage name,
+# Stages run in order specified in the stages list
+stages:
+  - my-lint-stage
+  - my-build-stage
+  - my-test-stage
+  - my-publish-stage
+  - my-release-stage
+
+###################### TEMPLATES ######################
+# Templates for jobs located throughout this CI file  #
+#######################################################
+
+.my-gradle-template:
+  image:
+    name: docker.io/gradle:jdk17
+    entrypoint: [""]
+  variables:
+    # Ensure cloning and tags are pulled down,
+    # so that auto-incrementing of tags happens
+    GIT_STRATEGY: clone
+    GIT_FETCH_EXTRA_FLAGS: --tags
+    # Ensure gradle daemon opt is false since running in CI pipeline
+    GRADLE_OPTS: "-Dorg.gradle.daemon=false"
+  before_script:
+    # Ensure the gradle directory is set properly
+    - GRADLE_USER_HOME="$(pwd)/.gradle"
+    # Ensure the gradle user home directory is exported
+    - export GRADLE_USER_HOME
+  cache:
+    # Ensures the cache is scoped to the cache for this branch
+    key: "$CI_PROJECT_PATH_SLUG-$CI_COMMIT_REF_SLUG"
+    policy: $MY_CACHE_POLICY
+    paths:
+      - build
+      - .gradle
+
+.my-pre-merge-template:
+  # Only run this job on MR events,
+  # and if the MR target and default branch names match,
+  # and only if any preceeding pipeline jobs passed,
+  # else run never.
+  rules:
+    - if: $CI_PIPELINE_SOURCE == "merge_request_event" &&
+          $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == $CI_DEFAULT_BRANCH
+      when: on_success
+    - when: never
+
+.my-post-merge-template:
+  # Only run this job on a push event,
+  # and only if the push was to the default branch,
+  # and only if any preceeding pipeline jobs passed.
+  rules:
+    - if: $CI_PIPELINE_SOURCE == "push" &&
+        $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
+      when: on_success
+    - when: never
+
+############################### PRE-MERGE JOBS ###############################
+# Jobs that run only on a push to a branch associated with a merge request   #
+# where the target branch to be merged-to is also the repo's default branch  #
+##############################################################################
+
+my-commit-lint-job:
+  extends:
+    - .my-pre-merge-template
+  stage: my-lint-stage
+  image:
+    name: docker.io/commitlint/commitlint:19.3.1
+    entrypoint: [""]
+  script:
+    - cd .gitlab/
+    - commitlint --verbose --strict --from $CI_MERGE_REQUEST_DIFF_BASE_SHA --to $CI_COMMIT_SHA
+
+my-build-job:
+  extends:
+    - .my-gradle-template
+    - .my-pre-merge-template
+  stage: my-build-stage
+  variables:
+    MY_CACHE_POLICY: pull-push
+  script: gradle --build-cache assemble
+
+my-test-job:
+  extends:
+    - .my-gradle-template
+    - .my-pre-merge-template
+  stage: my-test-stage
+  variables:
+    MY_CACHE_POLICY: pull
+  script:
+    - gradle check
+
+########################## POST-MERGE JOBS ##########################
+# Jobs that run only after a push the repository's default branch   #
+#####################################################################
+
+my-publish-job:
+  extends:
+    - .my-gradle-template
+    - .my-post-merge-template
+  stage: my-publish-stage
+  script:
+    - gradle createRelease -Prelease.disableChecks
+    - gradle publish
+    - gradle jib
+    - gradle jib -PjibDist=ci
+    - gradle jib -PjibDist=dev
+    - echo "TAG=$(gradle currentVersion -q -Prelease.quiet)" >> variables.env
+  artifacts:
+    reports:
+      dotenv: variables.env
+
+my-release-job:
+  extends:
+    - .my-post-merge-template
+  stage: my-release-stage
+  image: registry.gitlab.com/gitlab-org/release-cli:latest
+  script:
+    - echo "Releasing $TAG"
+  release:
+    name: 'Release v$TAG'
+    description: $CI_COMMIT_MESSAGE
+    tag_name: v$TAG
+    ref: $CI_COMMIT_SHA
+    assets:
+      links:
+        - name: 'mycelium container'
+          url: "https://${CI_REGISTRY_IMAGE}/mycelium:$TAG"
+        - name: 'mycelium-ci container'
+          url: "https://${CI_REGISTRY_IMAGE}/mycelium-ci:$TAG"
+        - name: 'mycelium-dev container'
+          url: "https://${CI_REGISTRY_IMAGE}/mycelium-dev:$TAG"
+...
blob - /dev/null
blob + d58dfb70bab565a697e6854eb012d17e0fd39bd4 (mode 644)
--- /dev/null
+++ .mvn/wrapper/maven-wrapper.properties
@@ -0,0 +1,19 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+wrapperVersion=3.3.2
+distributionType=only-script
+distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.9.9/apache-maven-3.9.9-bin.zip
blob - /dev/null
blob + 07caf9234d6b9855d51f570b0ce4fe7be6d5902f (mode 644)
--- /dev/null
+++ LICENSE
@@ -0,0 +1,12 @@
+Copyright (C) 2024 by ${copyrightHolder} <${email}>
+
+Permission to use, copy, modify, and/or distribute this software for any
+purpose with or without fee is hereby granted.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
blob - /dev/null
blob + 7be0c30e098c29b3d6a09319e50bdb25de2b9afb (mode 644)
--- /dev/null
+++ build.gradle
@@ -0,0 +1,79 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+apply from: rootProject.file('gradle/release.gradle')
+
+allprojects {
+  version = scmVersion.version
+  apply from: rootProject.file('gradle/java.gradle')
+  apply from: rootProject.file('gradle/cyclonedx.gradle')
+  // Enable to run OWASP check
+  //apply from: rootProject.file('gradle/dependency-check.gradle')
+  apply from: rootProject.file('gradle/license.gradle')
+  apply from: rootProject.file('gradle/shadow.gradle')
+}
+
+subprojects {
+  apply plugin: 'project-report'
+  apply from: rootProject.file('gradle/bnd.gradle')
+  apply from: rootProject.file('gradle/checkstyle.gradle')
+  apply from: rootProject.file('gradle/jacoco.gradle')
+  apply from: rootProject.file('gradle/lombok.gradle')
+  apply from: rootProject.file('gradle/pmd.gradle')
+  apply from: rootProject.file('gradle/publish.gradle')
+  // Enable to extend jar task to sign output artifacts
+  // Run 'createKeyAndTruststore' first and/or customize as needed
+  //apply from: rootProject.file('gradle/signjar.gradle')
+  apply from: rootProject.file('gradle/spotbugs.gradle')
+}
+
+apply from: rootProject.file('gradle/build-dashboard.gradle')
+apply from: rootProject.file('gradle/commitlint.gradle')
+apply from: rootProject.file('gradle/changelog.gradle')
+apply from: rootProject.file('gradle/editorconfig.gradle')
+apply from: rootProject.file('gradle/githook.gradle')
+apply from: rootProject.file('gradle/jarsigner.gradle')
+apply from: rootProject.file('gradle/karaf.gradle')
+apply from: rootProject.file('gradle/maven.gradle')
+apply from: rootProject.file('gradle/distribution.gradle')
+apply from: rootProject.file('gradle/docker.gradle')
+apply from: rootProject.file('gradle/jib.gradle')
+apply from: rootProject.file('gradle/keytool.gradle')
+apply from: rootProject.file('gradle/proguard.gradle')
+apply from: rootProject.file('gradle/versions.gradle')
+
+distributions.forEach {
+  def distributionName = '';
+  def installName = project.name
+  if (it.name != 'main') {
+    distributionName = it.name.capitalize()
+    installName = "${installName}-${it.name}"
+  }
+  tasks.register("run${distributionName}", Exec) {
+    group = 'application'
+    description = "Runs ${project.name} and starts shell."
+    dependsOn "install${distributionName}Dist"
+    standardInput = System.in
+    executable = layout.buildDirectory.file("install/${installName}/bin/${project.name}").get()
+  }
+  tasks.register("debug${distributionName}", Exec) {
+    group = 'application'
+    description = "Debugs ${project.name} and waits for remote debugger."
+    dependsOn "install${distributionName}Dist"
+    standardInput = System.in
+    executable = layout.buildDirectory.file("install/${installName}/bin/${project.name}").get()
+    args = ['debugs']
+  }
+}
blob - /dev/null
blob + 2ce02a1740633df959312182e8579dae45e20264 (mode 644)
--- /dev/null
+++ gradle/bnd.gradle
@@ -0,0 +1,52 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+buildscript {
+  repositories {
+    gradlePluginPortal()
+  }
+  dependencies {
+    classpath libs.gradle.biz.aqute.bnd
+  }
+}
+
+apply plugin: aQute.bnd.gradle.BndBuilderPlugin
+
+// Set project description and manifest headers from OSGi bundle localization resource file
+sourceSets.main.resources.srcDirs.forEach {
+  try {
+    new File(it, 'OSGI-INF/l10n/bundle.properties').withInputStream {
+      description = new PropertyResourceBundle(it).getString('bundle.name')
+      jar.bundle.bnd (
+        'Bundle-Name': '%bundle.name',
+        'Bundle-Description': '%bundle.description',
+        'Bundle-Vendor': '%bundle.vendor'
+      )
+    }
+  } catch (Exception ignored) {
+    // Assume project did not follow our bundle localization convention and fail silently
+  }
+}
+
+dependencies {
+  compileOnly libs.osgi.core
+  compileOnly libs.osgi.cmpn
+  compileOnly libs.osgi.annotation
+  compileOnly libs.pax.logging.api
+  integrationTestCompileOnly libs.javax.inject
+  integrationTestImplementation libs.pax.exam.container.karaf
+  integrationTestImplementation libs.pax.exam.junit4
+  integrationTestRuntimeOnly libs.pax.exam
+}
blob - /dev/null
blob + 50d46b636295ffdf46f206c6c3da63a80d346d74 (mode 644)
--- /dev/null
+++ gradle/build-dashboard.gradle
@@ -0,0 +1,21 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+apply plugin: 'build-dashboard'
+
+buildDashboard {
+  // Always update in case reports are generated outside the normal build process
+  outputs.upToDateWhen { false }
+}
blob - /dev/null
blob + 3018406ca0fa453d0883b7ebc4b51346e05a26b2 (mode 644)
--- /dev/null
+++ gradle/changelog.gradle
@@ -0,0 +1,25 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+buildscript {
+  repositories {
+    gradlePluginPortal()
+  }
+  dependencies {
+    classpath libs.gradle.git.changelog
+  }
+}
+
+apply plugin: se.bjurr.gitchangelog.plugin.gradle.GitChangelogGradlePlugin
blob - /dev/null
blob + e0300efcfdb4e099259286c6ee55a5957f6f0be4 (mode 644)
--- /dev/null
+++ gradle/checkstyle.gradle
@@ -0,0 +1,30 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+apply plugin: 'checkstyle'
+
+checkstyle {
+  configDirectory = rootProject.file('gradle/config/checkstyle')
+  configProperties = [configDirectory: configDirectory.get().toString()]
+  maxWarnings = 0
+  toolVersion = libs.versions.checkstyle.get()
+}
+
+tasks.withType(Checkstyle).configureEach {
+  reports {
+    html.required = true
+    xml.required = true
+  }
+}
blob - /dev/null
blob + 4a44f6d2a7c26df37cbae919ead5ee00372166aa (mode 644)
--- /dev/null
+++ gradle/commitlint.gradle
@@ -0,0 +1,25 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+buildscript {
+  repositories {
+    gradlePluginPortal()
+  }
+  dependencies {
+    classpath libs.gradle.commitlint
+  }
+}
+
+apply plugin: ru.netris.commitlint.CommitlintPlugin
blob - /dev/null
blob + f29b26bb4d1de673ef10dcfbca718589f6fdd01d (mode 644)
--- /dev/null
+++ gradle/config/checkstyle/checkstyle.xml
@@ -0,0 +1,393 @@
+<?xml version="1.0"?>
+
+<!--
+
+  Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+
+  Permission to use, copy, modify, and/or distribute this software for any
+  purpose with or without fee is hereby granted.
+
+  THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+  WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+  MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+  ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+  WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+  ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+  OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+-->
+
+<!-- Checkstyle configuration -->
+
+<!DOCTYPE module PUBLIC
+          "-//Checkstyle//DTD Checkstyle Configuration 1.3//EN"
+          "https://checkstyle.org/dtds/configuration_1_3.dtd">
+
+<module name="Checker">
+  <module name="SuppressWarningsFilter"/>
+
+  <property name="charset" value="UTF-8"/>
+
+  <property name="severity" value="warning"/>
+
+  <property name="fileExtensions" value="java, properties, xml"/>
+  <!-- Excludes all 'module-info.java' files              -->
+  <!-- See https://checkstyle.org/config_filefilters.html -->
+  <module name="BeforeExecutionExclusionFileFilter">
+    <property name="fileNamePattern" value="module\-info\.java$"/>
+  </module>
+  <!-- https://checkstyle.org/config_filters.html#SuppressionFilter -->
+  <module name="SuppressionFilter">
+    <property name="file" value="${org.checkstyle.google.suppressionfilter.config}"
+           default="checkstyle-suppressions.xml" />
+    <property name="optional" value="true"/>
+  </module>
+
+  <!-- Checks for whitespace                               -->
+  <!-- See http://checkstyle.org/config_whitespace.html -->
+  <module name="FileTabCharacter">
+    <property name="eachLine" value="true"/>
+  </module>
+
+  <module name="LineLength">
+    <property name="fileExtensions" value="java"/>
+    <property name="max" value="100"/>
+    <property name="ignorePattern" value="^package.*|^import.*|a href|href|http://|https://|ftp://"/>
+  </module>
+
+  <module name="TreeWalker">
+    <module name="SuppressWarnings">
+      <property name="id" value="checkstyle:suppresswarnings"/>
+    </module>
+    <module name="OuterTypeFilename"/>
+    <module name="IllegalTokenText">
+      <property name="tokens" value="STRING_LITERAL, CHAR_LITERAL"/>
+      <property name="format"
+               value="\\u00(09|0(a|A)|0(c|C)|0(d|D)|22|27|5(C|c))|\\(0(10|11|12|14|15|42|47)|134)"/>
+      <property name="message"
+               value="Consider using special escape sequence instead of octal value or Unicode escaped value."/>
+    </module>
+    <module name="AvoidEscapedUnicodeCharacters">
+      <property name="allowEscapesForControlCharacters" value="true"/>
+      <property name="allowByTailComment" value="true"/>
+      <property name="allowNonPrintableEscapes" value="true"/>
+    </module>
+    <module name="AvoidStarImport"/>
+    <!-- Prefer top-level classes for configuration in OSGi components -->
+    <!-- <module name="OneTopLevelClass"/> -->
+    <module name="NoLineWrap">
+      <property name="tokens" value="PACKAGE_DEF, IMPORT, STATIC_IMPORT"/>
+    </module>
+    <module name="EmptyBlock">
+      <property name="option" value="TEXT"/>
+      <property name="tokens"
+               value="LITERAL_TRY, LITERAL_FINALLY, LITERAL_IF, LITERAL_ELSE, LITERAL_SWITCH"/>
+    </module>
+    <module name="NeedBraces">
+      <property name="tokens"
+               value="LITERAL_DO, LITERAL_ELSE, LITERAL_FOR, LITERAL_IF, LITERAL_WHILE"/>
+    </module>
+    <module name="LeftCurly">
+      <property name="tokens"
+               value="ANNOTATION_DEF, CLASS_DEF, CTOR_DEF, ENUM_CONSTANT_DEF, ENUM_DEF,
+                    INTERFACE_DEF, LAMBDA, LITERAL_CASE, LITERAL_CATCH, LITERAL_DEFAULT,
+                    LITERAL_DO, LITERAL_ELSE, LITERAL_FINALLY, LITERAL_FOR, LITERAL_IF,
+                    LITERAL_SWITCH, LITERAL_SYNCHRONIZED, LITERAL_TRY, LITERAL_WHILE, METHOD_DEF,
+                    OBJBLOCK, STATIC_INIT, RECORD_DEF, COMPACT_CTOR_DEF"/>
+    </module>
+    <module name="RightCurly">
+      <property name="id" value="RightCurlySame"/>
+      <property name="tokens"
+               value="LITERAL_TRY, LITERAL_CATCH, LITERAL_FINALLY, LITERAL_IF, LITERAL_ELSE,
+                    LITERAL_DO"/>
+    </module>
+    <module name="RightCurly">
+      <property name="id" value="RightCurlyAlone"/>
+      <property name="option" value="alone"/>
+      <property name="tokens"
+               value="CLASS_DEF, METHOD_DEF, CTOR_DEF, LITERAL_FOR, LITERAL_WHILE, STATIC_INIT,
+                    INSTANCE_INIT, ANNOTATION_DEF, ENUM_DEF, INTERFACE_DEF, RECORD_DEF,
+                    COMPACT_CTOR_DEF"/>
+    </module>
+    <module name="SuppressionXpathSingleFilter">
+      <!-- suppresion is required till https://github.com/checkstyle/checkstyle/issues/7541 -->
+      <property name="id" value="RightCurlyAlone"/>
+      <property name="query" value="//RCURLY[parent::SLIST[count(./*)=1]
+                                     or preceding-sibling::*[last()][self::LCURLY]]"/>
+    </module>
+    <module name="WhitespaceAfter">
+      <property name="tokens"
+               value="COMMA, SEMI, TYPECAST, LITERAL_IF, LITERAL_ELSE, LITERAL_RETURN,
+                    LITERAL_WHILE, LITERAL_DO, LITERAL_FOR, LITERAL_FINALLY, DO_WHILE, ELLIPSIS,
+                    LITERAL_SWITCH, LITERAL_SYNCHRONIZED, LITERAL_TRY, LITERAL_CATCH, LAMBDA,
+                    LITERAL_YIELD, LITERAL_CASE"/>
+    </module>
+    <module name="WhitespaceAround">
+      <property name="allowEmptyConstructors" value="true"/>
+      <property name="allowEmptyLambdas" value="true"/>
+      <property name="allowEmptyMethods" value="true"/>
+      <property name="allowEmptyTypes" value="true"/>
+      <property name="allowEmptyLoops" value="true"/>
+      <property name="ignoreEnhancedForColon" value="false"/>
+      <property name="tokens"
+               value="ASSIGN, BAND, BAND_ASSIGN, BOR, BOR_ASSIGN, BSR, BSR_ASSIGN, BXOR,
+                    BXOR_ASSIGN, COLON, DIV, DIV_ASSIGN, DO_WHILE, EQUAL, GE, GT, LAMBDA, LAND,
+                    LCURLY, LE, LITERAL_CATCH, LITERAL_DO, LITERAL_ELSE, LITERAL_FINALLY,
+                    LITERAL_FOR, LITERAL_IF, LITERAL_RETURN, LITERAL_SWITCH, LITERAL_SYNCHRONIZED,
+                    LITERAL_TRY, LITERAL_WHILE, LOR, LT, MINUS, MINUS_ASSIGN, MOD, MOD_ASSIGN,
+                    NOT_EQUAL, PLUS, PLUS_ASSIGN, QUESTION, RCURLY, SL, SLIST, SL_ASSIGN, SR,
+                    SR_ASSIGN, STAR, STAR_ASSIGN, LITERAL_ASSERT, TYPE_EXTENSION_AND"/>
+      <message key="ws.notFollowed"
+              value="WhitespaceAround: ''{0}'' is not followed by whitespace. Empty blocks
+               may only be represented as '{}' when not part of a multi-block statement (4.1.3)"/>
+      <message key="ws.notPreceded"
+              value="WhitespaceAround: ''{0}'' is not preceded with whitespace."/>
+    </module>
+    <module name="OneStatementPerLine"/>
+    <module name="MultipleVariableDeclarations"/>
+    <module name="ArrayTypeStyle"/>
+    <module name="MissingSwitchDefault"/>
+    <module name="FallThrough"/>
+    <module name="UpperEll"/>
+    <module name="ModifierOrder"/>
+    <module name="EmptyLineSeparator">
+      <property name="tokens"
+               value="PACKAGE_DEF, IMPORT, STATIC_IMPORT, CLASS_DEF, INTERFACE_DEF, ENUM_DEF,
+                    STATIC_INIT, INSTANCE_INIT, METHOD_DEF, CTOR_DEF, VARIABLE_DEF, RECORD_DEF,
+                    COMPACT_CTOR_DEF"/>
+      <property name="allowNoEmptyLineBetweenFields" value="true"/>
+    </module>
+    <module name="SeparatorWrap">
+      <property name="id" value="SeparatorWrapDot"/>
+      <property name="tokens" value="DOT"/>
+      <property name="option" value="nl"/>
+    </module>
+    <module name="SeparatorWrap">
+      <property name="id" value="SeparatorWrapComma"/>
+      <property name="tokens" value="COMMA"/>
+      <property name="option" value="EOL"/>
+    </module>
+    <module name="SeparatorWrap">
+      <!-- ELLIPSIS is EOL until https://github.com/google/styleguide/issues/259 -->
+      <property name="id" value="SeparatorWrapEllipsis"/>
+      <property name="tokens" value="ELLIPSIS"/>
+      <property name="option" value="EOL"/>
+    </module>
+    <module name="SeparatorWrap">
+      <!-- ARRAY_DECLARATOR is EOL until https://github.com/google/styleguide/issues/258 -->
+      <property name="id" value="SeparatorWrapArrayDeclarator"/>
+      <property name="tokens" value="ARRAY_DECLARATOR"/>
+      <property name="option" value="EOL"/>
+    </module>
+    <module name="SeparatorWrap">
+      <property name="id" value="SeparatorWrapMethodRef"/>
+      <property name="tokens" value="METHOD_REF"/>
+      <property name="option" value="nl"/>
+    </module>
+    <module name="PackageName">
+      <property name="format" value="^[a-z]+(\.[a-z][a-z0-9]*)*$"/>
+      <message key="name.invalidPattern"
+             value="Package name ''{0}'' must match pattern ''{1}''."/>
+    </module>
+    <module name="TypeName">
+      <property name="tokens" value="CLASS_DEF, INTERFACE_DEF, ENUM_DEF,
+                    ANNOTATION_DEF, RECORD_DEF"/>
+      <message key="name.invalidPattern"
+             value="Type name ''{0}'' must match pattern ''{1}''."/>
+    </module>
+    <module name="MemberName">
+      <property name="format" value="^[a-z][a-z0-9][a-zA-Z0-9]*$"/>
+      <message key="name.invalidPattern"
+             value="Member name ''{0}'' must match pattern ''{1}''."/>
+    </module>
+    <module name="ParameterName">
+      <property name="format" value="^[a-z]([a-z0-9][a-zA-Z0-9]*)?$"/>
+      <message key="name.invalidPattern"
+             value="Parameter name ''{0}'' must match pattern ''{1}''."/>
+    </module>
+    <module name="LambdaParameterName">
+      <property name="format" value="^[a-z]([a-z0-9][a-zA-Z0-9]*)?$"/>
+      <message key="name.invalidPattern"
+             value="Lambda parameter name ''{0}'' must match pattern ''{1}''."/>
+    </module>
+    <module name="CatchParameterName">
+      <property name="format" value="^[a-z]([a-z0-9][a-zA-Z0-9]*)?$"/>
+      <message key="name.invalidPattern"
+             value="Catch parameter name ''{0}'' must match pattern ''{1}''."/>
+    </module>
+    <module name="LocalVariableName">
+      <property name="format" value="^[a-z]([a-z0-9][a-zA-Z0-9]*)?$"/>
+      <message key="name.invalidPattern"
+             value="Local variable name ''{0}'' must match pattern ''{1}''."/>
+    </module>
+    <module name="PatternVariableName">
+      <property name="format" value="^[a-z]([a-z0-9][a-zA-Z0-9]*)?$"/>
+      <message key="name.invalidPattern"
+             value="Pattern variable name ''{0}'' must match pattern ''{1}''."/>
+    </module>
+    <module name="ClassTypeParameterName">
+      <property name="format" value="(^[A-Z][0-9]?)$|([A-Z][a-zA-Z0-9]*[T]$)"/>
+      <message key="name.invalidPattern"
+             value="Class type name ''{0}'' must match pattern ''{1}''."/>
+    </module>
+    <module name="RecordComponentName">
+      <property name="format" value="^[a-z]([a-z0-9][a-zA-Z0-9]*)?$"/>
+      <message key="name.invalidPattern"
+               value="Record component name ''{0}'' must match pattern ''{1}''."/>
+    </module>
+    <module name="RecordTypeParameterName">
+      <property name="format" value="(^[A-Z][0-9]?)$|([A-Z][a-zA-Z0-9]*[T]$)"/>
+      <message key="name.invalidPattern"
+               value="Record type name ''{0}'' must match pattern ''{1}''."/>
+    </module>
+    <module name="MethodTypeParameterName">
+      <property name="format" value="(^[A-Z][0-9]?)$|([A-Z][a-zA-Z0-9]*[T]$)"/>
+      <message key="name.invalidPattern"
+             value="Method type name ''{0}'' must match pattern ''{1}''."/>
+    </module>
+    <module name="InterfaceTypeParameterName">
+      <property name="format" value="(^[A-Z][0-9]?)$|([A-Z][a-zA-Z0-9]*[T]$)"/>
+      <message key="name.invalidPattern"
+             value="Interface type name ''{0}'' must match pattern ''{1}''."/>
+    </module>
+    <module name="NoFinalizer"/>
+    <module name="GenericWhitespace">
+      <message key="ws.followed"
+             value="GenericWhitespace ''{0}'' is followed by whitespace."/>
+      <message key="ws.preceded"
+             value="GenericWhitespace ''{0}'' is preceded with whitespace."/>
+      <message key="ws.illegalFollow"
+             value="GenericWhitespace ''{0}'' should followed by whitespace."/>
+      <message key="ws.notPreceded"
+             value="GenericWhitespace ''{0}'' is not preceded with whitespace."/>
+    </module>
+    <module name="Indentation">
+      <property name="basicOffset" value="2"/>
+      <property name="braceAdjustment" value="2"/>
+      <property name="caseIndent" value="2"/>
+      <property name="throwsIndent" value="4"/>
+      <property name="lineWrappingIndentation" value="4"/>
+      <property name="arrayInitIndent" value="2"/>
+    </module>
+    <module name="AbbreviationAsWordInName">
+      <property name="ignoreFinal" value="false"/>
+      <property name="allowedAbbreviationLength" value="0"/>
+      <property name="tokens"
+               value="CLASS_DEF, INTERFACE_DEF, ENUM_DEF, ANNOTATION_DEF, ANNOTATION_FIELD_DEF,
+                    PARAMETER_DEF, VARIABLE_DEF, METHOD_DEF, PATTERN_VARIABLE_DEF, RECORD_DEF,
+                    RECORD_COMPONENT_DEF"/>
+    </module>
+    <module name="NoWhitespaceBeforeCaseDefaultColon"/>
+    <module name="OverloadMethodsDeclarationOrder"/>
+    <module name="VariableDeclarationUsageDistance"/>
+    <module name="CustomImportOrder">
+      <property name="sortImportsInGroupAlphabetically" value="true"/>
+      <property name="separateLineBetweenGroups" value="true"/>
+      <property name="customImportOrderRules" value="STATIC###THIRD_PARTY_PACKAGE"/>
+      <property name="tokens" value="IMPORT, STATIC_IMPORT, PACKAGE_DEF"/>
+    </module>
+    <module name="MethodParamPad">
+      <property name="tokens"
+               value="CTOR_DEF, LITERAL_NEW, METHOD_CALL, METHOD_DEF,
+                    SUPER_CTOR_CALL, ENUM_CONSTANT_DEF, RECORD_DEF"/>
+    </module>
+    <module name="NoWhitespaceBefore">
+      <property name="tokens"
+               value="COMMA, SEMI, POST_INC, POST_DEC, DOT,
+                    LABELED_STAT, METHOD_REF"/>
+      <property name="allowLineBreaks" value="true"/>
+    </module>
+    <module name="ParenPad">
+      <property name="tokens"
+               value="ANNOTATION, ANNOTATION_FIELD_DEF, CTOR_CALL, CTOR_DEF, DOT, ENUM_CONSTANT_DEF,
+                    EXPR, LITERAL_CATCH, LITERAL_DO, LITERAL_FOR, LITERAL_IF, LITERAL_NEW,
+                    LITERAL_SWITCH, LITERAL_SYNCHRONIZED, LITERAL_WHILE, METHOD_CALL,
+                    METHOD_DEF, QUESTION, RESOURCE_SPECIFICATION, SUPER_CTOR_CALL, LAMBDA,
+                    RECORD_DEF"/>
+    </module>
+    <module name="OperatorWrap">
+      <property name="option" value="NL"/>
+      <property name="tokens"
+               value="BAND, BOR, BSR, BXOR, DIV, EQUAL, GE, GT, LAND, LE, LITERAL_INSTANCEOF, LOR,
+                    LT, MINUS, MOD, NOT_EQUAL, PLUS, QUESTION, SL, SR, STAR, METHOD_REF,
+                    TYPE_EXTENSION_AND "/>
+    </module>
+    <module name="AnnotationLocation">
+      <property name="id" value="AnnotationLocationMostCases"/>
+      <property name="tokens"
+               value="CLASS_DEF, INTERFACE_DEF, ENUM_DEF, METHOD_DEF, CTOR_DEF,
+                      RECORD_DEF, COMPACT_CTOR_DEF"/>
+    </module>
+    <module name="AnnotationLocation">
+      <property name="id" value="AnnotationLocationVariables"/>
+      <property name="tokens" value="VARIABLE_DEF"/>
+      <property name="allowSamelineMultipleAnnotations" value="true"/>
+    </module>
+    <module name="NonEmptyAtclauseDescription"/>
+    <module name="InvalidJavadocPosition"/>
+    <module name="JavadocTagContinuationIndentation"/>
+    <module name="SummaryJavadoc">
+      <property name="forbiddenSummaryFragments"
+               value="^@return the *|^This method returns |^A [{]@code [a-zA-Z0-9]+[}]( is a )"/>
+    </module>
+    <module name="JavadocParagraph"/>
+    <module name="RequireEmptyLineBeforeBlockTagGroup"/>
+    <module name="AtclauseOrder">
+      <property name="tagOrder" value="@param, @return, @throws, @deprecated"/>
+      <property name="target"
+               value="CLASS_DEF, INTERFACE_DEF, ENUM_DEF, METHOD_DEF, CTOR_DEF, VARIABLE_DEF"/>
+    </module>
+    <module name="JavadocMethod">
+      <property name="accessModifiers" value="public"/>
+      <property name="allowMissingParamTags" value="true"/>
+      <property name="allowMissingReturnTag" value="true"/>
+      <property name="allowedAnnotations" value="Override, Test"/>
+      <property name="tokens" value="METHOD_DEF, CTOR_DEF, ANNOTATION_FIELD_DEF, COMPACT_CTOR_DEF"/>
+    </module>
+    <module name="MissingJavadocMethod">
+      <property name="scope" value="public"/>
+      <property name="minLineCount" value="2"/>
+      <property name="allowedAnnotations" value="Override, Test"/>
+      <property name="tokens" value="METHOD_DEF, CTOR_DEF, ANNOTATION_FIELD_DEF,
+                                   COMPACT_CTOR_DEF"/>
+    </module>
+    <module name="MissingJavadocType">
+      <property name="scope" value="protected"/>
+      <property name="tokens"
+                value="CLASS_DEF, INTERFACE_DEF, ENUM_DEF,
+                      RECORD_DEF, ANNOTATION_DEF"/>
+      <property name="excludeScope" value="nothing"/>
+    </module>
+    <module name="MethodName">
+      <property name="format" value="^[a-z][a-z0-9]\w*$"/>
+      <message key="name.invalidPattern"
+             value="Method name ''{0}'' must match pattern ''{1}''."/>
+    </module>
+    <module name="SingleLineJavadoc"/>
+    <module name="EmptyCatchBlock">
+      <property name="exceptionVariableName" value="expected"/>
+    </module>
+    <module name="CommentsIndentation">
+      <property name="tokens" value="SINGLE_LINE_COMMENT, BLOCK_COMMENT_BEGIN"/>
+    </module>
+    <!-- https://checkstyle.org/config_filters.html#SuppressionXpathFilter -->
+    <module name="SuppressionXpathFilter">
+      <property name="file" value="${org.checkstyle.google.suppressionxpathfilter.config}"
+             default="checkstyle-xpath-suppressions.xml" />
+      <property name="optional" value="true"/>
+    </module>
+    <module name="SuppressWarningsHolder" />
+    <module name="SuppressionCommentFilter">
+      <property name="offCommentFormat" value="CHECKSTYLE.OFF\: ([\w\|]+)" />
+      <property name="onCommentFormat" value="CHECKSTYLE.ON\: ([\w\|]+)" />
+      <property name="checkFormat" value="$1" />
+    </module>
+    <module name="SuppressWithNearbyCommentFilter">
+      <property name="commentFormat" value="CHECKSTYLE.SUPPRESS\: ([\w\|]+)"/>
+      <!-- $1 refers to the first match group in the regex defined in commentFormat -->
+      <property name="checkFormat" value="$1"/>
+      <!-- The check is suppressed in the next line of code after the comment -->
+      <property name="influenceFormat" value="1"/>
+    </module>
+  </module>
+</module>
blob - /dev/null
blob + 9f5a99ab904ec5eacb0ed6222e0e8e3287259c61 (mode 644)
--- /dev/null
+++ gradle/config/docker/compose.yaml
@@ -0,0 +1,28 @@
+#
+# Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#
+
+# docker-compose configuration
+
+services:
+  app:
+    image: ${IMAGE}:${TAG}
+    build:
+      context: ../../../
+      dockerfile: build/docker/Dockerfile
+    ports:
+      - 1099:1099
+      - 8101:8101
+      - 8181:8181
+      - 44444:44444
blob - /dev/null
blob + 7ea8c2a7ce2e13601ef492bd323d943a585eb2ed (mode 644)
--- /dev/null
+++ gradle/config/pmd/ruleset.xml
@@ -0,0 +1,133 @@
+<?xml version="1.0"?>
+
+<!--
+
+  Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+
+  Permission to use, copy, modify, and/or distribute this software for any
+  purpose with or without fee is hereby granted.
+
+  THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+  WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+  MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+  ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+  WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+  ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+  OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+-->
+
+<!-- PMD ruleset configuration -->
+
+<ruleset name="Ruleset"
+         xmlns="http://pmd.sourceforge.net/ruleset/2.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://pmd.sourceforge.net/ruleset/2.0.0 http://pmd.sourceforge.net/ruleset_2_0_0.xsd">
+  <description>
+    Include all categories excluding some rules and adjusting others
+  </description>
+  <rule ref="category/java/bestpractices.xml">
+    <!-- Prefer System.(out|err) in some cases -->
+    <exclude name="SystemPrintln"/>
+  </rule>
+  <rule ref="category/java/codestyle.xml">
+    <!-- OSGi bundles won't have a constructor -->
+    <exclude name="AtLeastOneConstructor"/>
+    <!-- Prefer return in multiple locations for easier code reading -->
+    <exclude name="OnlyOneReturn"/>
+  </rule>
+  <!-- Prefer standard naming convention for utility classes (default: [A-Z][a-zA-Z0-9]+(Utils?|Helper)) -->
+  <rule ref="category/java/codestyle.xml/ClassNamingConventions">
+    <properties>
+      <property name="utilityClassPattern" value="[A-Z][a-zA-Z0-9]*"/>
+    </properties>
+  </rule>
+  <!-- Prefer underscores in method names (default: [a-z][a-zA-Z0-9]*) -->
+  <rule ref="category/java/codestyle.xml/MethodNamingConventions">
+    <properties>
+      <property name="methodPattern" value="[a-z][a-zA-Z0-9_]*"/>
+    </properties>
+  </rule>
+  <!-- Prefer longer variable names in some cases (default: 17) -->
+  <rule ref="category/java/codestyle.xml/LongVariable">
+    <properties>
+      <property name="minimum" value="25"/>
+    </properties>
+  </rule>
+  <!-- Prefer shorter class names in some cases (default: 5) -->
+  <rule ref="category/java/codestyle.xml/ShortClassName">
+    <properties>
+      <property name="minimum" value="2"/>
+    </properties>
+  </rule>
+  <!-- Prefer shorter variable names in some cases (default: 3) -->
+  <rule ref="category/java/codestyle.xml/ShortVariable">
+    <properties>
+      <property name="minimum" value="2"/>
+    </properties>
+  </rule>
+  <!-- Prefer more static imports in some cases (default: 4) -->
+  <rule ref="category/java/codestyle.xml/TooManyStaticImports">
+    <properties>
+      <property name="maximumStaticImports" value="10"/>
+    </properties>
+  </rule>
+  <rule ref="category/java/design.xml">
+    <!-- Prefer to catch Exception in some cases -->
+    <exclude name="AvoidCatchingGenericException"/>
+    <!-- Prefer data classes in some cases -->
+    <exclude name="DataClass"/>
+    <!-- Prefer complex classes in some cases -->
+    <exclude name="GodClass"/>
+    <!-- Causes false positive for lambda expressions -->
+    <exclude name="LawOfDemeter"/>
+    <!-- There are no classes/packages to avoid -->
+    <exclude name="LoosePackageCoupling"/>
+    <!-- Prefer to throw Exception in some cases -->
+    <exclude name="SignatureDeclareThrowsException"/>
+  </rule>
+  <!-- Coupling in OSGi is still loose -->
+  <rule ref="category/java/design.xml/CouplingBetweenObjects">
+    <properties>
+      <property name="threshold" value="30" />
+    </properties>
+  </rule>
+  <!-- OSGi bundles may have several imports -->
+  <rule ref="category/java/design.xml/ExcessiveImports">
+    <properties>
+      <property name="minimum" value="100"/>
+    </properties>
+  </rule>
+  <!-- OSGi bundles may have several methods (default: 10) -->
+  <rule ref="category/java/design.xml/TooManyMethods">
+    <properties>
+      <property name="maxmethods" value="25"/>
+    </properties>
+  </rule>
+  <rule ref="category/java/documentation.xml"/>
+  <!-- Increase comment line number / length for headers (default: 6/80) -->
+  <rule ref="category/java/documentation.xml/CommentSize">
+    <properties>
+      <property name="maxLines" value="14"/>
+      <property name="maxLineLength" value="100"/>
+    </properties>
+  </rule>
+  <!-- Prefer no comments in public methods in some cases -->
+  <rule ref="category/java/documentation.xml/CommentRequired">
+    <properties>
+      <property name="publicMethodCommentRequirement" value="Ignored"/>
+    </properties>
+  </rule>
+  <rule ref="category/java/errorprone.xml">
+    <!-- Prefer having duplicate literals in some cases -->
+    <exclude name="AvoidDuplicateLiterals"/>
+    <!-- OSGi bundles should not use context class loader -->
+    <exclude name="UseProperClassLoader"/>
+  </rule>
+  <rule ref="category/java/multithreading.xml">
+    <!-- OSGi DS uses volatile for dynamic references -->
+    <exclude name="AvoidUsingVolatile"/>
+  </rule>
+  <rule ref="category/java/performance.xml"/>
+  <rule ref="category/java/security.xml"/>
+</ruleset>
blob - /dev/null
blob + 097b2e043dfba1196c69875ae4cde77809d07bdb (mode 644)
--- /dev/null
+++ gradle/config/proguard/proguard.pro
@@ -0,0 +1,25 @@
+#
+# Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#
+
+# ProGuard configuration
+
+### See https://www.guardsquare.com/en/products/proguard/manual/usage ###
+
+# Keep everything
+-keep class *
+# Make processed code even smaller
+-overloadaggressively
+# Additional passes for more optimization
+-optimizationpasses 5
blob - /dev/null
blob + d2553942828c1a6ff3432881e06c721916ecc364 (mode 644)
--- /dev/null
+++ gradle/config/security/jarsigner.properties
@@ -0,0 +1,52 @@
+#
+# Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#
+
+# jarsigner configuration
+
+# Method of signing (default: keystore)
+#method=keystore
+
+# Alias to sign under (default: ${rootProject.name})
+#alias=${rootProject.name}
+
+# Password for keystore integrity (default: password)
+#storepass=password
+
+# Keystore location (method=keystore(default: ${rootProject}/private/keystore.p12) method=pkcs11(default: NONE))
+#keystore=${rootProject}/.private/keystore.p12
+
+# Keystore type (method=keystore(default: PKCS12) method=pkcs11(default: PKCS11))
+#storetype=PKCS12
+
+# Cryptographic service provider's master class file (method=keystore(ignored) method=pkcs11(default: sun.security.pkcs11.SunPKCS11))
+#providerClass=sun.security.pkcs11.SunPKCS11
+
+# Path to the token configuration file (method=keystore(ignored) method=pkcs11(default: gradle/config/jarsigner/pkcs11.properties))
+#providerArg=gradle/config/jarsigner/pkcs11.properties
+
+# Password for private key (method=keystore(default: password) method=pkcs11(ignored))
+#keypass=password
+
+# Strict checking when signing (default: false)
+#strict=false
+
+# URL for a timestamp authority for timestamped JAR files (default: http://timestamp.digicert.com)
+#tsaurl=http://timestamp.digicert.com
+
+# Name of signature algorithm (method=keystore(default: Ed25519) method=pkcs11(default: SHA256withRSA))
+#sigalg=Ed25519
+
+# Name of digest algorithm (default: SHA-512)
+#digestalg=SHA-512
blob - /dev/null
blob + e3f8a66334c0bb8662032dc3de34ef977b6267e7 (mode 644)
--- /dev/null
+++ gradle/config/security/keytool.properties
@@ -0,0 +1,58 @@
+#
+# Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#
+
+# keytool configuration
+
+# Alias name of the entry to process (default: ${project.name})
+#alias=${project.name}
+
+# Key algorithm name (default: Ed25519)
+#keyalg=Ed25519
+
+# Key bit size (default: 255)
+#keysize=255
+
+# Signature algorithm name (default: Ed25519)
+#sigalg=Ed25519
+
+# Distinguished name (default: CN=${project.name})
+#dname=CN=${project.name}
+
+# Validity number of days (default: 365)
+#validity=365
+
+# Key password (default: password)
+#keypass=password
+
+# Keystore name (default: ${rootProject}/private/keystore.p12)
+#keystore=${rootProject}/.private/keystore.p12
+
+# Keystore password (default: password)
+#storepass=password
+
+# Keystore type (default: PKCS12)
+#storetype=PKCS12
+
+# Cert output file name (default: ${rootProject}/private/cert.crt)
+#cert=${rootProject}/.private/cert.crt
+
+# Truststore name (default: ${rootProject}/${project.name}-environment/etc/truststore.jks)
+#truststore=${rootProject}/${project.name}-environment/etc/truststore.jks
+
+# Truststore password (default: password)
+#truststorepass=password
+
+# Truststore type (default: JKS)
+#truststoretype=JKS
blob - /dev/null
blob + 7ab4d4db2e6c3e2d5f92fc97fb8445c4759bbbc9 (mode 644)
--- /dev/null
+++ gradle/config/security/pkcs11.properties
@@ -0,0 +1,19 @@
+#
+# Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#
+
+# PKCS11 configuration
+
+name=PKCS11
+library=/usr/lib/x86_64-linux-gnu/opensc-pkcs11.so
blob - /dev/null
blob + dc2febaaafc3db62f7189ebba930e91b6bc8f02b (mode 644)
--- /dev/null
+++ gradle/config/spotbugs/exclude_filter.xml
@@ -0,0 +1,35 @@
+<?xml version="1.0"?>
+
+<!--
+
+  Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+
+  Permission to use, copy, modify, and/or distribute this software for any
+  purpose with or without fee is hereby granted.
+
+  THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+  WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+  MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+  ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+  WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+  ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+  OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+-->
+
+<!-- Spotbugs exclude filter -->
+
+<FindBugsFilter>
+  <Match>
+    <!-- Reason: Updated log4j2 pattern layout to replace CRLF in org.ops4j.pax.logging.cfg -->
+    <Bug pattern="CRLF_INJECTION_LOGS"/>
+  </Match>
+  <Match>
+    <!-- Reason: Allow throwing Exception in some cases -->
+    <Bug pattern="THROWS_METHOD_THROWS_CLAUSE_BASIC_EXCEPTION"/>
+  </Match>
+  <Match>
+    <!-- Reason: Constructor is not entry point in OSGi-based applications -->
+    <Bug pattern="UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR"/>
+  </Match>
+</FindBugsFilter>
blob - /dev/null
blob + e863cf9f0c2eed3f68ca6d4269ec7f7afc1065a1 (mode 644)
--- /dev/null
+++ gradle/cyclonedx.gradle
@@ -0,0 +1,51 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+buildscript {
+  repositories {
+    gradlePluginPortal()
+  }
+  dependencies {
+    classpath libs.gradle.cyclonedx
+  }
+}
+
+apply plugin:org.cyclonedx.gradle.CycloneDxPlugin
+import org.cyclonedx.model.AttachmentText;
+import org.cyclonedx.model.OrganizationalContact;
+import org.cyclonedx.model.License;
+
+cyclonedxBom {
+  includeConfigs = [configurations.runtimeClasspath.name]
+  outputName = "${project.name}-${project.version}"
+  OrganizationalContact organizationalContact = new OrganizationalContact()
+  organizationalContact.setName(cyclonedx_oc_name)
+  organizationalContact.setEmail(cyclonedx_oc_email)
+  organizationalContact.setPhone(cyclonedx_oc_phone)
+  organizationalEntity { oe->
+    oe.name = cyclonedx_oe_name
+    oe.url = [cyclonedx_oe_url]
+    oe.addContact(organizationalContact)
+  }
+  AttachmentText attachmentText = new AttachmentText()
+  attachmentText.setText(rootProject.file('LICENSE').text)
+  License license = new License()
+  license.setName(cyclonedx_license_name)
+  license.setLicenseText(attachmentText);
+  license.setUrl(cyclonedx_license_url)
+  licenseChoice {lc->
+    lc.addLicense(license)
+  }
+}
blob - /dev/null
blob + a8c64917474e04d88185a8aaf6bcf9a5fd9db4e2 (mode 644)
--- /dev/null
+++ gradle/dependency-check.gradle
@@ -0,0 +1,38 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+buildscript {
+  repositories {
+    mavenCentral()
+  }
+  dependencies {
+    classpath libs.gradle.owasp.check
+  }
+}
+
+apply plugin: org.owasp.dependencycheck.gradle.DependencyCheckPlugin
+
+dependencyCheck {
+  analyzers {
+    // Disable .NET Assembly Analyzer since dotnet may not be installed
+    assemblyEnabled = false
+  }
+  // Fail build on 1 or more vulnerabilities
+  failBuildOnCVSS = 1
+  // Skip non-production configurations
+  skipConfigurations = ['integrationTest*', 'pmd*', 'spotbugs*', 'jacoco*']
+}
+
+check.dependsOn dependencyCheckAnalyze
blob - /dev/null
blob + e384bf04f35cf4d417c9f8ca6706c261c262aeec (mode 644)
--- /dev/null
+++ gradle/distribution.gradle
@@ -0,0 +1,199 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+apply plugin: 'distribution'
+apply plugin: 'maven-publish'
+
+configurations {
+  karaf
+}
+
+dependencies {
+  karaf (libs.apache.karaf) {
+    artifact {
+      type = 'zip'
+    }
+  }
+}
+
+import org.apache.tools.ant.filters.BaseFilterReader
+
+/**
+ * Filter to append text
+ */
+class AppendFilter extends BaseFilterReader {
+
+  private BufferedReader appendReader
+  String text
+
+  AppendFilter(Reader input) {
+    super(input)
+  }
+
+  @Override
+  int read() throws IOException {
+    int ch = super.read()
+    if (ch == -1) {
+      if (appendReader != null) {
+        ch = appendReader.read()
+        if (ch == -1) {
+          appendReader.close()
+          appendReader = null
+        }
+      }
+    }
+    return ch
+  }
+
+  void setText(final String text) {
+    this.text = text
+    this.appendReader = new BufferedReader(new StringReader(text))
+  }
+}
+
+tasks.register('extractKaraf', Copy) {
+  // Exclude empty directories from being copied
+  includeEmptyDirs = false
+  def outDir = layout.buildDirectory.dir("karaf/base")
+  def karafZip = configurations.karaf.filter { it.name.endsWith('zip') }.singleFile
+  def archiveRoot = karafZip.name - '.zip'
+  // Extract karaf zip and copy contents
+  from zipTree(karafZip) eachFile {
+    // Remove archive root when copying files from zip
+    it.path = it.path - "${archiveRoot}/"
+  }
+  // Keep only required top-level directories
+  filesNotMatching(['*/bin/**', '*/etc/**', '*/lib/**', '*/system/**']) {
+    it.exclude()
+  }
+  // Remove README in subdirectories
+  filesMatching('**/README') {
+    it.exclude()
+  }
+  // Use equinox which includes OSGi framework security
+  filesMatching('*/etc/custom.properties') {
+    def text = 'karaf.framework=equinox\r\n'
+    filter(AppendFilter, text: text)
+  }
+  // Enable user based on project name
+  filesMatching('*/etc/users.properties') {
+    def text = rootProject.name + ' = ' + rootProject.name + ',_g_:admingroup\r\n'
+    text += '_g_\\:admingroup = group,admin,manager,viewer,systembundles,ssh\r\n'
+    filter(AppendFilter, text: text)
+  }
+  into(outDir)
+}
+
+def provisionKaraf = {
+  // Exclude if custom files provided
+  duplicatesStrategy = DuplicatesStrategy.EXCLUDE
+  from extractKaraf
+  // Replace project name
+  filesMatching(['**/etc/custom.system.properties', '**/etc/security.policy']) {
+    filter { it.replace('${project.name}', project.name) }
+  }
+  into ('bin') {
+    def binDir = extractKaraf.outputs.files.singleFile.toPath().resolve('bin')
+    // Add project name branded executables
+    from fileTree(binDir).matching { include 'karaf*' } eachFile {
+      it.path = it.path.replace('karaf', "${project.name}")
+    }
+  }
+  into ('lib') {
+    // Console branding jar
+    from project(":${project.name}-branding-console").jar
+  }
+  into ('deploy') {
+    // Generate KAR for custom karaf distribution
+    from generateKar
+  }
+  into ('system') {
+    // Generate repo for custom karaf distribution suitable for offline deployment
+    from generateOfflineRepo
+  }
+  // Copy security jar into karaf system maven repo
+  def p = project(":${project.name}-security")
+  def pMvnPath = "system/${p.group.replaceAll("\\.", "/")}/${p.name}/${p.version}"
+  into (pMvnPath) {
+    // Security jar
+    from p.jar
+  }
+  // Start security jar as early as possible at framework boot
+  filesMatching('**/etc/startup.properties') {
+    filter {
+      if (it.contains('org.apache.karaf.features.extension')) {
+        def text = it + '\r\nmvn\\:' + p.group + '/' + p.name + '/' + p.version + ' = 2'
+        it.replace(it, text)
+      } else {
+        it
+      }
+    }
+  }
+}
+
+distributions {
+  main {
+    contents {
+      with provisionKaraf
+    }
+  }
+  nosec {
+    contents {
+      with provisionKaraf
+    }
+  }
+}
+
+// Use gzip compression when producing distribution tars
+tasks.withType(Tar).configureEach {
+  compression = Compression.GZIP
+  archiveExtension.set('tar.gz')
+}
+
+publishing {
+  repositories {
+    def gitlabCi = System.getenv('GITLAB_CI')
+    if (gitlabCi) {
+      def ciApiV4Url = System.getenv('CI_API_V4_URL')
+      def ciProjectId = System.getenv('CI_PROJECT_ID')
+      def ciJobToken = System.getenv('CI_JOB_TOKEN')
+      maven {
+        url = "${ciApiV4Url}/projects/${ciProjectId}/packages/maven"
+        credentials(HttpHeaderCredentials) {
+          name = "Job-Token"
+          value = ciJobToken
+        }
+        authentication {
+          header(HttpHeaderAuthentication)
+        }
+      }
+    }
+  }
+  publications {
+    distributions.each {
+      def distributionName = it.name
+      def distributionArtifactId = "${project.name}-${distributionName}"
+      def distributionTask = "${distributionName}DistZip"
+      if (it.name == 'main') {
+        distributionArtifactId = project.name
+        distributionTask = 'distZip'
+      }
+      "${it.name}"(MavenPublication) {
+        artifactId = distributionArtifactId
+        artifact project.getTasksByName("${distributionTask}", false)[0]
+      }
+    }
+  }
+}
blob - /dev/null
blob + 908e708d3e09b2c222b8e759a0fd2a60abe811a6 (mode 644)
--- /dev/null
+++ gradle/docker.gradle
@@ -0,0 +1,82 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+buildscript {
+  repositories {
+    gradlePluginPortal()
+  }
+  dependencies {
+    classpath libs.gradle.docker.compose
+    classpath libs.gradle.docker.plugin
+  }
+}
+
+apply plugin: com.avast.gradle.dockercompose.DockerComposePlugin
+apply plugin: com.bmuschko.gradle.docker.DockerRemoteApiPlugin
+import com.bmuschko.gradle.docker.tasks.image.Dockerfile
+import com.bmuschko.gradle.docker.tasks.image.Dockerfile.Healthcheck
+
+tasks.register('createDockerfile', Dockerfile) {
+  group 'docker'
+  description 'Creates Dockerfile for Karaf-based applications'
+  from(docker_fromImage)
+  exposePort(1099, 8101, 8181, 44444)
+  instruction("COPY --chown=${docker_copyChownUid}:${docker_copyChownUid} build/install/* /app/")
+  workingDir('/app/')
+  healthcheck(new Healthcheck('bin/status'))
+  defaultCommand("bin/${rootProject.name}", 'run')
+}
+
+dockerCompose {
+  useComposeFiles = [rootProject.file('gradle/config/docker/compose.yaml').path]
+  tcpPortsToIgnoreWhenWaiting = [1099, 8101, 8181, 44444]
+  captureContainersOutput = true
+  def gitlabCi = System.getenv('GITLAB_CI')
+  def registryImage
+  if (gitlabCi) {
+    registryImage = System.getenv('CI_REGISTRY_IMAGE')
+    def ciRegistryPassword = System.getenv('CI_REGISTRY_PASSWORD')
+    def ciRegistryUser = System.getenv('CI_REGISTRY_USER')
+    environment.put 'DOCKER_PASSWORD', ciRegistryPassword
+    environment.put 'DOCKER_USERNAME', ciRegistryUser
+  } else {
+    registryImage = docker_toBaseImage
+  }
+  registryImage = "${registryImage}/${name}"
+  environment.put 'IMAGE', registryImage
+  environment.put 'TAG', version
+
+  distributions.forEach {
+    def distributionName = it.name
+    if (distributionName == 'main') {
+      return
+    }
+    "${distributionName}" {
+      useComposeFiles = [rootProject.file('gradle/config/docker/compose.yaml').path]
+      environment.put 'IMAGE', "${registryImage}-${distributionName}"
+      tasks.named("${distributionName}ComposeBuild") {
+        dependsOn createDockerfile
+        dependsOn tasks.named("install${distributionName.capitalize()}Dist")
+      }
+      tasks.named("${distributionName}ComposePush") {
+        dependsOn tasks.named("${distributionName}ComposeBuild")
+      }
+    }
+  }
+}
+
+composeBuild.dependsOn createDockerfile
+composeBuild.dependsOn rootProject.installDist
+composePush.dependsOn composeBuild
blob - /dev/null
blob + dd526501698c24e8babedaba0d32936cb6af5040 (mode 644)
--- /dev/null
+++ gradle/editorconfig.gradle
@@ -0,0 +1,32 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+buildscript {
+  repositories {
+    gradlePluginPortal()
+  }
+  dependencies {
+    classpath libs.gradle.versions.deps
+    classpath libs.gradle.editorconfig
+  }
+}
+
+apply plugin: org.ec4j.gradle.EditorconfigGradlePlugin
+
+editorconfig {
+  excludes = ['**/*.bat', '**/*.cmd', '**/*.com']
+}
+
+check.dependsOn editorconfigCheck
blob - /dev/null
blob + 4dc39a5b62b9a902dff953df472d622ae1626143 (mode 644)
--- /dev/null
+++ gradle/githook.gradle
@@ -0,0 +1,37 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+buildscript {
+  repositories {
+    gradlePluginPortal()
+  }
+  dependencies {
+    classpath libs.gradle.githook
+  }
+}
+
+apply plugin: com.star_zero.gradle.githook.GithookPlugin
+
+githook {
+  failOnMissingHooksDir = false
+  hooks {
+    "pre-commit" {
+      task = "check"
+    }
+    "commit-msg" {
+      task = "commitlint -Dmsgfile=\$1"
+    }
+  }
+}
blob - /dev/null
blob + bacf289b991523be7922088b7bd34f08be7deadd (mode 644)
--- /dev/null
+++ gradle/gradle-daemon-jvm.properties
@@ -0,0 +1,16 @@
+#
+# Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#
+
+toolchainVersion=17
blob - /dev/null
blob + 10f34d06f728b8f7e8254ef1f9355678b3e81c96 (mode 644)
--- /dev/null
+++ gradle/jacoco.gradle
@@ -0,0 +1,46 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+apply plugin: 'jacoco'
+
+jacoco {
+  toolVersion = libs.versions.jacoco.get()
+}
+
+jacocoTestReport {
+  reports {
+    html.required = true
+    xml.required = true
+  }
+}
+
+jacocoTestCoverageVerification {
+  violationRules {
+    rule {
+      element = 'METHOD'
+      limit {
+        minimum = 1.0
+      }
+      // Exclude OSGi DS methods
+      excludes = [
+        '*activate(*Configuration*',
+        '*deactivate(*Configuration*',
+        '*modified(*Configuration*'
+      ]
+    }
+  }
+}
+
+check.finalizedBy jacocoTestReport, jacocoTestCoverageVerification
blob - /dev/null
blob + 4376ae9f69de20bbfed904641ff6a5ad0f432fb0 (mode 644)
--- /dev/null
+++ gradle/jarsigner.gradle
@@ -0,0 +1,131 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+import groovy.swing.SwingBuilder
+
+def promptInput = { inputRequested, mask ->
+  new SwingBuilder().edt {
+    dialog(modal: true,
+      title: 'Enter ' + inputRequested,
+      alwaysOnTop: true,
+      resizable: false,
+      locationRelativeTo: null,
+      pack: true,
+      show: true
+    ) {
+      vbox {
+        label(text: 'Please enter ' + inputRequested + ':')
+        if (mask) {
+          input = passwordField()
+        } else {
+          input = textField()
+        }
+        button(defaultButton: true, text: 'OK', actionPerformed: {
+            if (mask) {
+              retval = input.password
+            } else {
+              retval = input.text
+            }
+            dispose()
+          })
+      }
+    }
+  }
+  return retval
+}
+
+tasks.register('signJars') {
+  description = 'Signs jars with jarsigner.'
+  def jarsignerProperties = new Properties()
+  def jarsignerPropertiesFile = rootProject.file('gradle/config/security/jarsigner.properties')
+  // Load properties if they exist
+  if (jarsignerPropertiesFile.exists()) {
+    jarsignerProperties.load(new FileInputStream(jarsignerPropertiesFile))
+  }
+  // Prefer environment variables over property file
+  def method = System.getenv('JARSIGNER_METHOD') ?: jarsignerProperties.method ?: 'keystore'
+  def alias = System.getenv('JARSIGNER_ALIAS') ?: jarsignerProperties.alias
+  def storepass = System.getenv('JARSIGNER_STOREPASS') ?: jarsignerProperties.storepass
+  def keypass = System.getenv('JARSIGNER_KEYPASS') ?: jarsignerProperties.keypass ?: 'password'
+  def strict = System.getenv('JARSIGNER_STRICT') ?: jarsignerProperties.strict ?: 'false'
+  def tsaurl = System.getenv('JARSIGNER_TSAURL') ?: jarsignerProperties.tsaurl ?: 'http://timestamp.digicert.com'
+  def digestalg = System.getenv('JARSIGNER_DIGESTALG') ?: jarsignerProperties.digestalg ?: 'SHA-512'
+  def keystore
+  def storetype
+  def providerClass
+  def providerArg
+  def sigalg
+  if (method == 'keystore') {
+    alias = System.getenv('JARSIGNER_ALIAS') ?: jarsignerProperties.alias ?: rootProject.name
+    storepass = System.getenv('JARSIGNER_STOREPASS') ?: jarsignerProperties.storepass ?: 'password'
+    keystore = System.getenv('JARSIGNER_KEYSTORE') ?: jarsignerProperties.keystore ?: \
+      rootProject.file('.private/keystore.p12').path
+    storetype = System.getenv('JARSIGNER_STORETYPE') ?: jarsignerProperties.storetype ?: 'PKCS12'
+    sigalg = System.getenv('JARSIGNER_SIGALG') ?: jarsignerProperties.sigalg ?: 'Ed25519'
+  } else {
+    keystore = System.getenv('JARSIGNER_KEYSTORE') ?: jarsignerProperties.keystore ?: 'NONE'
+    storetype = System.getenv('JARSIGNER_STORETYPE') ?: jarsignerProperties.storetype ?: 'PKCS11'
+    providerClass = System.getenv('JARSIGNER_PROVIDER_CLASS') ?: jarsignerProperties.providerClass ?: \
+      'sun.security.pkcs11.SunPKCS11'
+    providerArg = System.getenv('JARSIGNER_PROVIDER_ARG') ?: jarsignerProperties.providerArg ?: \
+      'gradle/config/jarsigner/pkcs11.properties'
+    sigalg = System.getenv('JARSIGNER_SIGALG') ?: jarsignerProperties.sigalg ?: 'SHA256withRSA'
+  }
+  // Prompt if not set by properties and/or environment variables
+  def console = System.console()
+  if (console) {
+    if (!storepass) {
+      storepass = console.readLine('> Please enter storepass/pin: ')
+    }
+    if (!alias) {
+      alias = console.readLine('> Please enter alias: ')
+    }
+  } else {
+    if (!storepass) {
+      storepass = String.valueOf(promptInput('storepass/pin', true))
+    }
+    if (!alias) {
+      alias = String.valueOf(promptInput('alias', false))
+    }
+  }
+  doLast {
+    signJars.ext.jars.parallelStream().forEach {
+      def command = ['jarsigner' \
+      , '-storepass', storepass \
+      , '-keystore', keystore \
+      , '-storetype', storetype \
+      , '-providerClass', providerClass \
+      , '-providerArg', providerArg \
+      , '-keypass', keypass \
+      , '-strict' \
+      , '-tsa', tsaurl \
+      , '-sigalg', sigalg \
+      , '-digestalg', digestalg \
+      , it \
+      , alias]
+      if (method == 'keystore') {
+        command.removeAll(['-providerClass', providerClass, '-providerArg', providerArg])
+      } else {
+        command.removeAll(['-keypass', keypass])
+      }
+      if (!strict.toBoolean()) {
+        command.removeAll('-strict')
+      }
+      exec {
+        commandLine command
+      }
+    }
+  }
+}
blob - /dev/null
blob + 805ad8dfec3d7a8e3e109bba25f7ce6619b907ee (mode 644)
--- /dev/null
+++ gradle/java.gradle
@@ -0,0 +1,81 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+apply plugin: 'java-library'
+
+sourceSets {
+  integrationTest {
+    java {
+      compileClasspath += main.output + test.output
+      runtimeClasspath += main.output + test.output
+      srcDir file('src/itest/java')
+    }
+    resources.srcDir file('src/itest/resources')
+  }
+}
+
+configurations {
+  testImplementation.extendsFrom compileOnly
+  integrationTestImplementation.extendsFrom testImplementation
+}
+
+dependencies {
+  annotationProcessor libs.autoservice
+  compileOnly libs.autoservice.annotations
+  testImplementation libs.junit.jupiter.api
+  testRuntimeOnly libs.junit.jupiter.engine
+}
+
+java {
+  toolchain {
+    languageVersion = JavaLanguageVersion.of(17)
+  }
+  withJavadocJar()
+  withSourcesJar()
+}
+
+jar.manifest.attributes (
+  "Implementation-Title": project.name,
+  "Implementation-Vendor": project.vendor,
+  "Implementation-Version": project.version
+)
+
+test {
+  useJUnitPlatform()
+}
+
+tasks.withType(Javadoc).configureEach {
+  options {
+    addStringOption('Xdoclint:all,-missing', '-quiet')
+  }
+}
+
+tasks.withType(JavaCompile).configureEach {
+  options.encoding = 'UTF-8'
+  options.compilerArgs << '-Xlint:unchecked' << '-Xlint:deprecation' << '-Werror'
+}
+
+tasks.register('integrationTest', Test) {
+  group = 'verification'
+  description = 'Run the integration tests.'
+  // Don't run integration tests if unit tests fail
+  shouldRunAfter test
+  testClassesDirs = sourceSets.integrationTest.output.classesDirs
+  classpath = sourceSets.integrationTest.runtimeClasspath
+  // Always run integration tests
+  outputs.upToDateWhen { false }
+}
+
+check.dependsOn integrationTest
blob - /dev/null
blob + bac98e15e0ac82b6cd638b4b9664ff3834c4c165 (mode 644)
--- /dev/null
+++ gradle/jib.gradle
@@ -0,0 +1,89 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+buildscript {
+  repositories {
+    gradlePluginPortal()
+  }
+  dependencies {
+    classpath libs.gradle.jib
+    classpath libs.gradle.jib.ownership.extension
+  }
+}
+
+apply plugin: com.google.cloud.tools.jib.gradle.JibPlugin
+
+configurations {
+  dummy
+}
+
+// JibTask cannot be extended so use a property to select distribution
+def jibDist = project.hasProperty('jibDist') ? project.jibDist.capitalize() : ''
+
+jib {
+  from {
+    image docker_fromImage
+  }
+  def gitlabCi = System.getenv('GITLAB_CI')
+  def registryImage
+  if (gitlabCi) {
+    registryImage = System.getenv('CI_REGISTRY_IMAGE')
+    def appName = jibDist.empty ? name : "${name}-" + jibDist.toLowerCase()
+    registryImage = "${registryImage}/${appName}"
+    def ciRegistryPassword = System.getenv('CI_REGISTRY_PASSWORD')
+    def ciRegistryUser = System.getenv('CI_REGISTRY_USER')
+    to {
+      image "${registryImage}:${version}"
+      auth {
+        username = ciRegistryUser
+        password = ciRegistryPassword
+      }
+    }
+  } else {
+    registryImage = docker_toBaseImage
+    def appName = jibDist.empty ? name : "${name}-" + jibDist.toLowerCase()
+    registryImage = "${registryImage}/${appName}"
+    to {
+      image "${registryImage}:${version}"
+    }
+  }
+  // Hack for empty configuration
+  configurationName = "dummy"
+  container {
+    args = ['run']
+    creationTime = 'USE_CURRENT_TIMESTAMP'
+    entrypoint = "bin/${name}"
+    // Hack for no main class
+    mainClass = "Dummy"
+    ports = ['1099', '8101', '8181', '44444']
+    workingDirectory = '/app'
+  }
+  // Hack since no (exploded) jars
+  containerizingMode = 'packaged'
+  extraDirectories {
+    paths {
+      path {
+        from = project.provider { project.tasks."install${jibDist}Dist".outputs.files.asPath }
+        into = project.provider { '/app' }
+      }
+      // Hack to change owner permissions
+      path { from = project.provider { 'src/main/jib' } }
+    }
+    permissions = [ '/app/bin/**': '755' ]
+  }
+}
+
+tasks.jib.dependsOn "install${jibDist}Dist"
+tasks.jibDockerBuild.dependsOn "install${jibDist}Dist"
blob - /dev/null
blob + cc4f8c7b7a14d50c8acad9cdf919d9dfe4ea165d (mode 644)
--- /dev/null
+++ gradle/karaf.gradle
@@ -0,0 +1,98 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+buildscript {
+  repositories {
+    gradlePluginPortal()
+  }
+  dependencies {
+    classpath libs.gradle.karaf
+  }
+}
+
+apply plugin: com.github.lburgazzoli.gradle.plugin.karaf.KarafPlugin
+
+configurations {
+  bundles
+}
+
+dependencies {
+  subprojects.each {
+    if (it != project(":${project.name}-branding-console")
+      && it != project(":${project.name}-security")) {
+      bundles it
+    }
+    // Hack to include jar left out of features xml
+    bundles (libs.cxf.karaf.commands) { transitive = false }
+  }
+}
+
+karaf {
+  features {
+    xsdVersion = '1.6.0'
+    repository 'mvn:org.keycloak/keycloak-osgi-features/18.0.2/xml/features'
+    repository 'mvn:io.hawt/hawtio-karaf/2.17.7/xml/features'
+    repository 'mvn:org.apache.aries.jax.rs/org.apache.aries.jax.rs.features/2.0.2/xml'
+    repository 'mvn:org.apache.camel.karaf/apache-camel/4.8.1/xml/features'
+    repository 'mvn:org.apache.cxf.karaf/apache-cxf/3.6.5/xml/features'
+    feature {
+      name = project.name
+      description = project.description
+      feature('wrap') { prerequisite = true }
+      feature('aries-jax-rs-whiteboard-jackson')
+      feature('aries-jax-rs-whiteboard-openapi')
+      feature('aries-jax-rs-whiteboard-shiro')
+      feature('camel')
+      feature('cxf-rs-description-openapi-v3')
+      feature('hawtio')
+      feature('jaas-deployer')
+      feature('keycloak-jaas')
+      feature('service-wrapper')
+      feature('scr')
+      feature('webconsole')
+      // Start our bundles last
+      bundle (project.group) { attribute 'start-level', '90' }
+      configurations project.configurations.bundles
+    }
+  }
+  repo {
+  }
+  kar {
+  }
+}
+
+tasks.register('generateOfflineRepo') {
+  dependsOn generateKar
+  def descriptor = layout.buildDirectory.file("karaf/features/${project.name}-${project.version}-features.xml")
+  def repository = layout.buildDirectory.dir('karaf/repo-offline')
+  def url = layout.buildDirectory.dir('karaf/repo')
+  doLast {
+    mavenexec {
+      goals 'clean', 'install'
+      define([
+        'groupId'            : project.group,
+        'artifactId'         : project.name,
+        'version'            : project.version,
+        'karafVersion'       : libs.versions.apache.karaf.get(),
+        'url'                : url.get().toString(),
+        'descriptor'         : descriptor.get().toString(),
+        'feature'            : project.name,
+        'repository'         : repository.get().toString()
+      ])
+      quiet true
+    }
+  }
+  outputs.dir(repository)
+}
blob - /dev/null
blob + e8e2a0a8a61924825fa2a6f233713a2b6bb1248c (mode 644)
--- /dev/null
+++ gradle/keytool.gradle
@@ -0,0 +1,146 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+import java.nio.file.Files
+
+tasks.register('createKeystore') {
+  group = 'security'
+  description = 'Create keystore.'
+  doLast {
+    def keytoolProperties = new Properties()
+    def keytoolPropertiesFile = rootProject.file('gradle/config/security/keytool.properties')
+    // Load properties if they exist
+    if (keytoolPropertiesFile.exists()) {
+      keytoolProperties.load(new FileInputStream(keytoolPropertiesFile))
+    }
+    // Prefer environment variables over property file
+    def alias = System.getenv('KEYTOOL_ALIAS') ?: keytoolProperties.alias ?: project.name
+    def keyalg = System.getenv('KEYTOOL_KEYALG') ?: keytoolProperties.keyalg ?: 'Ed25519'
+    def keysize = System.getenv('KEYTOOL_KEYSIZE') ?: keytoolProperties.keysize ?: '255'
+    def sigalg = System.getenv('KEYTOOL_SIGALG') ?: keytoolProperties.sigalg ?: 'Ed25519'
+    def dname = System.getenv('KEYTOOL_DNAME') ?: keytoolProperties.dname ?: "CN=${project.name}"
+    def validity = System.getenv('KEYTOOL_VALIDITY') ?: keytoolProperties.validity ?: '365'
+    def keypass = System.getenv('KEYTOOL_KEYPASS') ?: keytoolProperties.keypass ?: 'password'
+    def keystore = System.getenv('KEYTOOL_KEYSTORE') ?: keytoolProperties.keystore ?: \
+      rootProject.file('.private/keystore.p12').path
+    def storepass = System.getenv('KEYTOOL_STOREPASS') ?: keytoolProperties.storepass ?: 'password'
+    def storetype = System.getenv('KEYTOOL_STORETYPE') ?: keytoolProperties.storetype ?: 'PKCS12'
+    def command = ['keytool' \
+      , '-genkeypair' \
+      , '-alias', alias \
+      , '-keyalg', keyalg \
+      , '-keysize', keysize \
+      , '-sigalg', sigalg \
+      , '-dname', dname \
+      , '-validity', validity \
+      , '-keypass', keypass \
+      , '-keystore', keystore \
+      , '-storepass', storepass \
+      , '-storetype', storetype]
+    def keystoreFile = file(keystore).toPath()
+    // Create keystore parent directories
+    Files.createDirectories(keystoreFile.parent)
+    // Delete keystore if it exists
+    Files.deleteIfExists(keystoreFile)
+    exec {
+      commandLine command
+    }
+  }
+}
+
+tasks.register('exportCert') {
+  group = 'security'
+  description = 'Export certificate from keystore.'
+  shouldRunAfter createKeystore
+  doLast {
+    def keytoolProperties = new Properties()
+    def keytoolPropertiesFile = rootProject.file('gradle/config/security/keytool.properties')
+    // Load properties if they exist
+    if (keytoolPropertiesFile.exists()) {
+      keytoolProperties.load(new FileInputStream(keytoolPropertiesFile))
+    }
+    // Prefer environment variables over property file
+    def alias = System.getenv('KEYTOOL_ALIAS') ?: keytoolProperties.alias ?: project.name
+    def cert = System.getenv('KEYTOOL_CERT') ?: keytoolProperties.cert ?: rootProject.file('.private/cert.crt').path
+    def keystore = System.getenv('KEYTOOL_KEYSTORE') ?: keytoolProperties.keystore ?: \
+      rootProject.file('.private/keystore.p12').path
+    def storepass = System.getenv('KEYTOOL_STOREPASS') ?: keytoolProperties.storepass ?: 'password'
+    def storetype = System.getenv('KEYTOOL_STORETYPE') ?: keytoolProperties.storetype ?: 'PKCS12'
+    def command = ['keytool' \
+      , '-exportcert' \
+      , '-rfc' \
+      , '-alias', alias \
+      , '-file', cert \
+      , '-keystore', keystore \
+      , '-storepass', storepass \
+      , '-storetype', storetype]
+    def certFile = file(cert).toPath()
+    // Create cert parent directories
+    Files.createDirectories(certFile.parent)
+    // Delete cert if it exists
+    Files.deleteIfExists(certFile)
+    exec {
+      commandLine command
+    }
+  }
+}
+
+tasks.register('createTruststore') {
+  group = 'security'
+  description = 'Create truststore.'
+  shouldRunAfter exportCert
+  doLast {
+    def keytoolProperties = new Properties()
+    def keytoolPropertiesFile = rootProject.file('gradle/config/security/keytool.properties')
+    // Load properties if they exist
+    if (keytoolPropertiesFile.exists()) {
+      keytoolProperties.load(new FileInputStream(keytoolPropertiesFile))
+    }
+    // Prefer environment variables over property file
+    def alias = System.getenv('KEYTOOL_ALIAS') ?: keytoolProperties.alias ?: project.name
+    def cert = System.getenv('KEYTOOL_CERT') ?: keytoolProperties.cert ?: rootProject.file('.private/cert.crt').path
+    def keypass = System.getenv('KEYTOOL_KEYPASS') ?: keytoolProperties.keypass ?: 'password'
+    def truststore = System.getenv('KEYTOOL_TRUSTSTORE') ?: keytoolProperties.truststore ?: \
+      rootProject.file("${project.name}-environment/etc/truststore.jks").path
+    def truststorepass = System.getenv('KEYTOOL_TRUSTSTOREPASS') ?: keytoolProperties.truststorepass ?: 'password'
+    def truststoretype = System.getenv('KEYTOOL_TRUSTSTORETYPE') ?: keytoolProperties.truststoretype ?: 'JKS'
+    def command = ['keytool' \
+      , '-importcert' \
+      , '-noprompt' \
+      , '-alias', alias \
+      , '-file', cert \
+      , '-keypass', keypass \
+      , '-keystore', truststore \
+      , '-storepass', truststorepass \
+      , '-storetype', truststoretype]
+    def truststoreFile = file(truststore).toPath()
+    // Create truststore parent directories
+    Files.createDirectories(truststoreFile.parent)
+    // Delete truststore if it exists
+    Files.deleteIfExists(truststoreFile)
+    exec {
+      commandLine command
+    }
+    def certFile = file(cert).toPath()
+    // Delete cert if it exists
+    Files.deleteIfExists(certFile)
+  }
+}
+
+tasks.register('createKeyAndTruststore') {
+  group = 'security'
+  description = 'Create keystore, export certificate, import certificate and create truststore.'
+  dependsOn createTruststore, exportCert, createKeystore
+}
blob - /dev/null
blob + 991d8f00d3c1f1b026eb50e441cd1ea3abc1e89a (mode 644)
--- /dev/null
+++ gradle/libs.versions.toml
@@ -0,0 +1,158 @@
+#
+# Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#
+
+[versions]
+auto-service = '1.1.1'
+apache-aries-jaxrs-shiro = '2.0.2'
+apache-felix-configadmin = '1.9.26'
+apache-felix-eventadmin = '1.6.4'
+apache-felix-fileinstall = '3.7.4'
+apache-felix-framework = '7.0.5'
+apache-felix-gogo-command = '1.1.2'
+apache-felix-gogo-jline = '1.1.8'
+apache-felix-gogo-runtime = '1.1.4'
+apache-felix-metatype = '1.2.4'
+apache-felix-scr = '2.2.12'
+apache-karaf = '4.4.7'
+checkstyle = '10.21.2'
+commons-io = '2.18.0'
+cxf = '3.6.5'
+findsecbugs = '1.13.0'
+gradle-axion-release = '1.17.2'
+gradle-biz-aqute-bnd = '7.0.0'
+gradle-commitlint = '1.4.3'
+gradle-cyclonedx = '1.8.2'
+gradle-editorconfig = '0.1.0'
+gradle-githook = '1.2.1'
+gradle-git-changelog = '2.1.2'
+gradle-openapi-generator = '7.11.0'
+gradle-owasp-check = '9.1.0'
+gradle-docker-compose = '0.17.6'
+gradle-docker-plugin = '9.4.0'
+gradle-jib = '3.4.4'
+gradle-jib-ownership-extension = '0.1.0'
+gradle-karaf = '0.5.6'
+gradle-license = '0.16.1'
+gradle-lombok = '8.6'
+gradle-proguard = '7.4.0'
+gradle-spotbugs = '6.1.2'
+gradle-versions-deps = '0.51.0'
+hawtio = '2.17.7'
+jacoco = '0.8.12'
+jackson = '2.18.2'
+jline = '3.21.0'
+jansi = '2.4.1'
+jakarta-validation-api = '3.1.0'
+javax-inject = '1'
+javax-servlet-api = '4.0.1'
+javax-ws-rs-api = '2.1.1'
+jfiglet = '0.0.9'
+junit-jupiter = '5.11.4'
+lombok = '1.18.36'
+maven-exec = '4.0.0'
+osgi-annotation = '2.0.0'
+osgi-cmpn = '7.0.0'
+osgi-core = '8.0.0'
+osgi-service-componenet = '1.5.1'
+osgi-util-converter = '1.0.9'
+osgi-util-function = '1.2.0'
+osgi-util-promise = '1.3.0'
+pax-exam = '4.14.0'
+pax-logging-api = '2.2.8'
+pmd = '7.9.0'
+shadow = '8.1.1'
+shiro = '1.10.1'
+slf4j-api = '2.0.13'
+spotbugs = '4.9.0'
+swagger = '2.2.28'
+swagger-ui = '4.1.2'
+
+[libraries]
+autoservice = { module = 'com.google.auto.service:auto-service', version.ref = 'auto-service' }
+autoservice-annotations = { module = 'com.google.auto.service:auto-service-annotations', version.ref = 'auto-service' }
+apache-aries-jaxrs-shiro-authc = { module = 'org.apache.aries.jax.rs:org.apache.aries.jax.rs.shiro.authc', version.ref = 'apache-aries-jaxrs-shiro' }
+apache-felix-configadmin = { module = 'org.apache.felix:org.apache.felix.configadmin', version.ref = 'apache-felix-configadmin' }
+apache-felix-eventadmin = { module = 'org.apache.felix:org.apache.felix.eventadmin', version.ref = 'apache-felix-eventadmin' }
+apache-felix-fileinstall = { module = 'org.apache.felix:org.apache.felix.fileinstall', version.ref = 'apache-felix-fileinstall' }
+apache-felix-framework = { module = 'org.apache.felix:org.apache.felix.framework', version.ref = 'apache-felix-framework' }
+apache-felix-gogo-command = { module = 'org.apache.felix:org.apache.felix.gogo.command', version.ref = 'apache-felix-gogo-command' }
+apache-felix-gogo-jline = { module = 'org.apache.felix:org.apache.felix.gogo.jline', version.ref = 'apache-felix-gogo-jline' }
+apache-felix-gogo-runtime = { module = 'org.apache.felix:org.apache.felix.gogo.runtime', version.ref = 'apache-felix-gogo-runtime' }
+apache-felix-metatype = { module = 'org.apache.felix:org.apache.felix.metatype', version.ref = 'apache-felix-metatype' }
+apache-felix-scr = { module = 'org.apache.felix:org.apache.felix.scr', version.ref = 'apache-felix-scr' }
+apache-karaf = { module = 'org.apache.karaf:apache-karaf', version.ref = 'apache-karaf' }
+apache-karaf-jaas-config = { module = 'org.apache.karaf.jaas:org.apache.karaf.jaas.config', version.ref = 'apache-karaf' }
+apache-karaf-shell-core = { module = 'org.apache.karaf.shell:org.apache.karaf.shell.core', version.ref = 'apache-karaf' }
+apache-karaf-webconsole-console = { module = 'org.apache.karaf.webconsole:org.apache.karaf.webconsole.console', version.ref = 'apache-karaf' }
+commons-io = { module = 'commons-io:commons-io', version.ref = 'commons-io' }
+cxf-karaf-commands = { module = 'org.apache.cxf.karaf:cxf-karaf-commands', version.ref = 'cxf' }
+cxf-rt-rs-service-description-openapi-v3 = { module = 'org.apache.cxf:cxf-rt-rs-service-description-openapi-v3', version.ref = 'cxf' }
+findsecbugs = { module = 'com.h3xstream.findsecbugs:findsecbugs-plugin', version.ref = 'findsecbugs' }
+gradle-axion-release = { module = 'pl.allegro.tech.build:axion-release-plugin', version.ref = 'gradle-axion-release' }
+gradle-biz-aqute-bnd = { module = 'biz.aQute.bnd:biz.aQute.bnd.gradle', version.ref = 'gradle-biz-aqute-bnd' }
+gradle-commitlint = { module = 'ru.netris:commitlint-plugin', version.ref = 'gradle-commitlint' }
+gradle-cyclonedx = { module = 'org.cyclonedx:cyclonedx-gradle-plugin', version.ref = 'gradle-cyclonedx' }
+gradle-editorconfig = { module = 'org.ec4j.editorconfig:org.ec4j.editorconfig.gradle.plugin', version.ref = 'gradle-editorconfig' }
+gradle-githook = { module = 'com.star-zero.gradle:githook', version.ref = 'gradle-githook' }
+gradle-git-changelog = { module = 'se.bjurr.gitchangelog:git-changelog-gradle-plugin', version.ref = 'gradle-git-changelog' }
+gradle-owasp-check = { module = 'org.owasp:dependency-check-gradle', version.ref = 'gradle-owasp-check' }
+gradle-docker-compose = { module = 'com.avast.gradle:gradle-docker-compose-plugin', version.ref = 'gradle-docker-compose' }
+gradle-docker-plugin = { module = 'com.bmuschko:gradle-docker-plugin', version.ref = 'gradle-docker-plugin' }
+gradle-jib = { module = 'com.google.cloud.tools:jib-gradle-plugin', version.ref = 'gradle-jib' }
+gradle-jib-ownership-extension = { module = 'com.google.cloud.tools:jib-ownership-extension-gradle', version.ref = 'gradle-jib-ownership-extension' }
+gradle-karaf = { module = 'gradle.plugin.com.github.lburgazzoli:gradle-karaf-plugin', version.ref = 'gradle-karaf' }
+gradle-license = { module = 'gradle.plugin.com.hierynomus.gradle.plugins:license-gradle-plugin', version.ref = 'gradle-license' }
+gradle-lombok = { module = 'io.freefair.gradle:lombok-plugin', version.ref = 'gradle-lombok' }
+gradle-openapi-generator = { module = 'org.openapi.generator:org.openapi.generator.gradle.plugin', version.ref = 'gradle-openapi-generator' }
+gradle-proguard = { module = 'com.guardsquare:proguard-gradle', version.ref = 'gradle-proguard' }
+gradle-spotbugs = { module = 'com.github.spotbugs.snom:spotbugs-gradle-plugin', version.ref = 'gradle-spotbugs' }
+gradle-swagger = { module = 'io.swagger.core.v3.swagger-gradle-plugin:io.swagger.core.v3.swagger-gradle-plugin.gradle.plugin', version.ref = 'swagger' }
+gradle-versions-deps = { module = 'com.github.ben-manes:gradle-versions-plugin', version.ref = 'gradle-versions-deps' }
+hawtio-plugin-mbean = { module = 'io.hawt:hawtio-plugin-mbean', version.ref = 'hawtio' }
+jackson-annotations = { module = 'com.fasterxml.jackson.core:jackson-annotations', version.ref = 'jackson' }
+jackson-databind = { module = 'com.fasterxml.jackson.core:jackson-databind', version.ref = 'jackson' }
+jackson-jaxrs-json-provider = { module = 'com.fasterxml.jackson.jaxrs:jackson-jaxrs-json-provider', version.ref = 'jackson' }
+jansi = { module = 'org.fusesource.jansi:jansi', version.ref = 'jansi' }
+jakarta-validation-api = { module = 'jakarta.validation:jakarta.validation-api', version.ref = 'jakarta-validation-api' }
+jline = { module = 'org.jline:jline', version.ref = 'jline' }
+javax-inject = { module = 'javax.inject:javax.inject', version.ref = 'javax-inject' }
+javax-servlet-api = { module = 'javax.servlet:javax.servlet-api', version.ref = 'javax-servlet-api' }
+javax-ws-rs-api = { module = 'javax.ws.rs:javax.ws.rs-api', version.ref = 'javax-ws-rs-api' }
+jfiglet = { module = 'com.github.lalyos:jfiglet', version.ref = 'jfiglet' }
+junit-jupiter-api = { module = 'org.junit.jupiter:junit-jupiter-api', version.ref = 'junit-jupiter' }
+junit-jupiter-engine = { module = 'org.junit.jupiter:junit-jupiter-engine', version.ref = 'junit-jupiter' }
+maven-exec = { module = 'com.github.dkorotych.gradle-maven-exec:com.github.dkorotych.gradle-maven-exec.gradle.plugin', version.ref = 'maven-exec' }
+pax-exam = { module = 'org.ops4j.pax.exam:pax-exam', version.ref = 'pax-exam' }
+pax-exam-container-karaf = { module = 'org.ops4j.pax.exam:pax-exam-container-karaf', version.ref = 'pax-exam' }
+pax-exam-junit4 = { module = 'org.ops4j.pax.exam:pax-exam-junit4', version.ref = 'pax-exam' }
+pax-logging-api = { module = 'org.ops4j.pax.logging:pax-logging-api', version.ref = 'pax-logging-api' }
+osgi-annotation = { module = 'org.osgi:org.osgi.annotation.bundle', version.ref = 'osgi-annotation' }
+osgi-cmpn = { module = 'org.osgi:osgi.cmpn', version.ref = 'osgi-cmpn' }
+osgi-core = { module = 'org.osgi:osgi.core', version.ref = 'osgi-core' }
+osgi-service-component = { module = 'org.osgi:org.osgi.service.component', version.ref = 'osgi-service-componenet' }
+osgi-util-converter = { module = 'org.osgi:org.osgi.util.converter', version.ref = 'osgi-util-converter' }
+osgi-util-function = { module = 'org.osgi:org.osgi.util.function', version.ref = 'osgi-util-function' }
+osgi-util-promise = { module = 'org.osgi:org.osgi.util.promise', version.ref = 'osgi-util-promise' }
+shadow = { module = 'com.github.johnrengelman:shadow', version.ref = 'shadow' }
+shiro-core = { module = 'org.apache.shiro:shiro-core', version.ref = 'shiro' }
+slf4j-api = { module = 'org.slf4j:slf4j-api', version.ref = 'slf4j-api' }
+spotbugs = { module = 'com.github.spotbugs:spotbugs', version.ref = 'spotbugs' }
+swagger-annotations = { module = 'io.swagger.core.v3:swagger-annotations', version.ref = 'swagger' }
+swagger-models = { module = 'io.swagger.core.v3:swagger-models', version.ref = 'swagger' }
+swagger-ui = { module = 'org.webjars:swagger-ui', version.ref = 'swagger-ui' }
+
+[bundles]
+
+[plugins]
blob - /dev/null
blob + 9aff3c12e93b14e87dfd8b3e978531077e36dc59 (mode 644)
--- /dev/null
+++ gradle/license.gradle
@@ -0,0 +1,118 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+buildscript {
+  repositories {
+    gradlePluginPortal()
+  }
+  dependencies {
+    classpath libs.gradle.license
+  }
+}
+
+apply plugin: nl.javadude.gradle.plugins.license.LicensePlugin
+import com.hierynomus.gradle.license.tasks.LicenseFormat
+
+license {
+  ext.year = Calendar.getInstance().get(Calendar.YEAR)
+  ext.copyrightHolder = license_copyrightHolder
+  ext.email = license_email
+  def licenseFile = project.file('LICENSE')
+  if (!licenseFile.exists()) {
+    header rootProject.file('LICENSE')
+  }
+  strictCheck true
+  include '**/*.java'
+  include '**/*.perm'
+  include '**/*.properties'
+  mapping ('java', 'SLASHSTAR_STYLE')
+  mapping ('perm', 'SCRIPT_STYLE')
+}
+
+// Task only for root project
+if (project == rootProject) {
+  tasks.register('licenseFormatRoot', LicenseFormat) {
+    group = 'license'
+    description = 'Applies the license from the root directory.'
+    // Always update in case changes are created outside the build process
+    outputs.upToDateWhen { false }
+    ext.year = Calendar.getInstance().get(Calendar.YEAR)
+    ext.copyrightHolder = license_copyrightHolder
+    ext.email = license_email
+    source = fileTree(rootDir)
+    strictCheck true
+    include '**/*'
+    exclude '**/*.json'
+    exclude 'LICENSE'
+    // Exclude gitignore entries
+    def gitignoreFile = new File(rootDir, '.gitignore')
+    if (gitignoreFile.exists()) {
+      gitignoreFile.readLines().forEach {
+        if (!it.startsWith('#') && !it.empty) {
+          exclude it
+        }
+      }
+    }
+    exclude 'gradle/wrapper'
+    exclude 'gradlew*'
+    // Override SLASHSTAR_STYLE to add newline
+    headerDefinitions {
+      SLASHSTAR_STYLE {
+        firstLine = '/*'
+        beforeEachLine = ' * '
+        endLine = ' */\n'
+        afterEachLine = ''
+        firstLineDetectionPattern = '(\\s|\\t)*/\\*.*$'
+        lastLineDetectionPattern = '.*\\*/(\\s|\\t)*$'
+        allowBlankLines = false
+        isMultiline = true
+        padLines = false
+      }
+      XML_STYLE {
+        firstLine = '\n<!--EOL'
+        beforeEachLine = '  '
+        endLine = 'EOL-->\n'
+        afterEachLine = ""
+        skipLinePattern = '^<\\?xml.*>$'
+        firstLineDetectionPattern = '(\\s|\\t)*<!--.*$'
+        lastLineDetectionPattern = '.*-->(\\s|\\t)*$'
+        allowBlankLines = true
+        isMultiline = true
+        padLines = false
+      }
+      POM_XML_STYLE {
+        firstLine = '<!--EOL'
+        beforeEachLine = '  '
+        endLine = 'EOL-->\n'
+        afterEachLine = ""
+        skipLinePattern = '^<\\?xml.*>$'
+        firstLineDetectionPattern = '(\\s|\\t)*<!--.*$'
+        lastLineDetectionPattern = '.*-->(\\s|\\t)*$'
+        allowBlankLines = true
+        isMultiline = true
+        padLines = false
+      }
+    }
+    mapping ('css', 'SLASHSTAR_STYLE')
+    mapping ('dockerfile', 'SCRIPT_STYLE')
+    mapping ('dockerignore', 'SCRIPT_STYLE')
+    mapping ('gradle', 'SLASHSTAR_STYLE')
+    mapping ('java', 'SLASHSTAR_STYLE')
+    mapping ('policy', 'SCRIPT_STYLE')
+    mapping ('pom', 'POM_XML_STYLE')
+    mapping ('pro', 'SCRIPT_STYLE')
+    mapping ('toml', 'SCRIPT_STYLE')
+  }
+}
blob - /dev/null
blob + 19957c0c3b3b03775a70763d91f3fe09d1c84ecd (mode 644)
--- /dev/null
+++ gradle/lombok.gradle
@@ -0,0 +1,29 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+buildscript {
+  repositories {
+    gradlePluginPortal()
+  }
+  dependencies {
+    classpath libs.gradle.lombok
+  }
+}
+
+apply plugin: io.freefair.gradle.plugins.lombok.LombokPlugin
+
+lombok {
+  version = libs.versions.lombok.get()
+}
blob - /dev/null
blob + 731ecf8cf4b3e6c86a2355b26158f1278964c0ff (mode 644)
--- /dev/null
+++ gradle/maven.gradle
@@ -0,0 +1,25 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+buildscript {
+  repositories {
+    gradlePluginPortal()
+  }
+  dependencies {
+    classpath libs.maven.exec
+  }
+}
+
+apply plugin: com.github.dkorotych.gradle.maven.exec.MavenExecPlugin
blob - /dev/null
blob + db7e15e7b00db1bb8d0bfdadf2bd139ab162be6f (mode 644)
--- /dev/null
+++ gradle/openapi-generator.gradle
@@ -0,0 +1,25 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+buildscript {
+  repositories {
+    gradlePluginPortal()
+  }
+  dependencies {
+    classpath libs.gradle.openapi.generator
+  }
+}
+
+apply plugin: org.openapitools.generator.gradle.plugin.OpenApiGeneratorPlugin
blob - /dev/null
blob + 6324b43fe433c8a51a0b39f8ab551825d88c97f2 (mode 644)
--- /dev/null
+++ gradle/pmd.gradle
@@ -0,0 +1,27 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+apply plugin: 'pmd'
+
+pmd {
+  consoleOutput = true
+  ruleSetFiles = files(rootProject.file('gradle/config/pmd/ruleset.xml'))
+  ruleSets = []
+  toolVersion = libs.versions.pmd.get()
+}
+
+tasks.withType(Pmd).configureEach {
+  reports.html.required = true
+}
blob - /dev/null
blob + 01bcfc72c9fdc8412ba0baab0f60b2c052d100a9 (mode 644)
--- /dev/null
+++ gradle/proguard.gradle
@@ -0,0 +1,34 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+buildscript {
+  repositories {
+    gradlePluginPortal()
+  }
+  dependencies {
+    classpath libs.gradle.proguard
+  }
+}
+
+tasks.register('obfuscateJars', proguard.gradle.ProGuardTask) {
+  description = 'Obfuscates jars with ProGuard.'
+  configuration rootProject.file('gradle/config/proguard/proguard.pro')
+  doLast {
+    obfuscateJars.ext.jars.parallelStream().forEach {
+      injars it
+      outjars it.toPath().resolveSibling('obfuscated-' + it.name).toFile()
+    }
+  }
+}
blob - /dev/null
blob + 426d9eab8c00bf2c7bf049301f5911f64b153b6c (mode 644)
--- /dev/null
+++ gradle/publish.gradle
@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+apply plugin: 'maven-publish'
+
+publishing {
+  repositories {
+    def gitlabCi = System.getenv('GITLAB_CI')
+    if (gitlabCi) {
+      def ciApiV4Url = System.getenv('CI_API_V4_URL')
+      def ciProjectId = System.getenv('CI_PROJECT_ID')
+      def ciJobToken = System.getenv('CI_JOB_TOKEN')
+      maven {
+        url = "${ciApiV4Url}/projects/${ciProjectId}/packages/maven"
+        credentials(HttpHeaderCredentials) {
+          name = "Job-Token"
+          value = ciJobToken
+        }
+        authentication {
+          header(HttpHeaderAuthentication)
+        }
+      }
+    }
+  }
+  publications {
+    maven(MavenPublication) {
+      from components.java
+    }
+  }
+}
blob - /dev/null
blob + 282f059945b98ee6ae7bc68d954ea6681b06b1ee (mode 644)
--- /dev/null
+++ gradle/release.gradle
@@ -0,0 +1,25 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+buildscript {
+  repositories {
+    gradlePluginPortal()
+  }
+  dependencies {
+    classpath libs.gradle.axion.release
+  }
+}
+
+apply plugin: pl.allegro.tech.build.axion.release.ReleasePlugin
blob - /dev/null
blob + 81dc6d14b342505f5c3c1e3b81b820c86a8226d3 (mode 644)
--- /dev/null
+++ gradle/shadow.gradle
@@ -0,0 +1,25 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+buildscript {
+  repositories {
+    gradlePluginPortal()
+  }
+  dependencies {
+    classpath libs.shadow
+  }
+}
+
+apply plugin: com.github.jengelman.gradle.plugins.shadow.ShadowPlugin
blob - /dev/null
blob + 1bf09fa6386b7b514decf21a644c938b2e545fe8 (mode 644)
--- /dev/null
+++ gradle/signjar.gradle
@@ -0,0 +1,95 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+jar {
+  def jarsignerProperties = new Properties()
+  def jarsignerPropertiesFile = rootProject.file('gradle/config/security/jarsigner.properties')
+  // Load properties if they exist
+  if (jarsignerPropertiesFile.exists()) {
+    jarsignerProperties.load(new FileInputStream(jarsignerPropertiesFile))
+  }
+  // Prefer environment variables over property file
+  def method = System.getenv('JARSIGNER_METHOD') ?: jarsignerProperties.method ?: 'keystore'
+  def alias = System.getenv('JARSIGNER_ALIAS') ?: jarsignerProperties.alias
+  def storepass = System.getenv('JARSIGNER_STOREPASS') ?: jarsignerProperties.storepass
+  def keypass = System.getenv('JARSIGNER_KEYPASS') ?: jarsignerProperties.keypass ?: 'password'
+  def strict = System.getenv('JARSIGNER_STRICT') ?: jarsignerProperties.strict ?: 'false'
+  def tsaurl = System.getenv('JARSIGNER_TSAURL') ?: jarsignerProperties.tsaurl ?: 'http://timestamp.digicert.com'
+  def digestalg = System.getenv('JARSIGNER_DIGESTALG') ?: jarsignerProperties.digestalg ?: 'SHA-512'
+  def keystore
+  def storetype
+  def providerClass
+  def providerArg
+  def sigalg
+  if (method == 'keystore') {
+    alias = System.getenv('JARSIGNER_ALIAS') ?: jarsignerProperties.alias ?: rootProject.name
+    storepass = System.getenv('JARSIGNER_STOREPASS') ?: jarsignerProperties.storepass ?: 'password'
+    keystore = System.getenv('JARSIGNER_KEYSTORE') ?: jarsignerProperties.keystore ?: \
+        rootProject.file('.private/keystore.p12').path
+    storetype = System.getenv('JARSIGNER_STORETYPE') ?: jarsignerProperties.storetype ?: 'PKCS12'
+    sigalg = System.getenv('JARSIGNER_SIGALG') ?: jarsignerProperties.sigalg ?: 'Ed25519'
+  } else {
+    keystore = System.getenv('JARSIGNER_KEYSTORE') ?: jarsignerProperties.keystore ?: 'NONE'
+    storetype = System.getenv('JARSIGNER_STORETYPE') ?: jarsignerProperties.storetype ?: 'PKCS11'
+    providerClass = System.getenv('JARSIGNER_PROVIDER_CLASS') ?: jarsignerProperties.providerClass ?: \
+        'sun.security.pkcs11.SunPKCS11'
+    providerArg = System.getenv('JARSIGNER_PROVIDER_ARG') ?: jarsignerProperties.providerArg ?: \
+        'gradle/config/jarsigner/pkcs11.properties'
+    sigalg = System.getenv('JARSIGNER_SIGALG') ?: jarsignerProperties.sigalg ?: 'SHA256withRSA'
+  }
+  // Prompt if not set by properties and/or environment variables
+  def console = System.console()
+  if (console) {
+    if (!storepass) {
+      storepass = console.readLine('> Please enter storepass/pin: ')
+    }
+    if (!alias) {
+      alias = console.readLine('> Please enter alias: ')
+    }
+  } else {
+    if (!storepass) {
+      storepass = String.valueOf(promptInput('storepass/pin', true))
+    }
+    if (!alias) {
+      alias = String.valueOf(promptInput('alias', false))
+    }
+  }
+  doLast {
+    def command = ['jarsigner' \
+    , '-storepass', storepass \
+    , '-keystore', keystore \
+    , '-storetype', storetype \
+    , '-providerClass', providerClass \
+    , '-providerArg', providerArg \
+    , '-keypass', keypass \
+    , '-strict' \
+    , '-tsa', tsaurl \
+    , '-sigalg', sigalg \
+    , '-digestalg', digestalg \
+    , jar.outputs.files.singleFile \
+    , alias]
+    if (method == 'keystore') {
+      command.removeAll(['-providerClass', providerClass, '-providerArg', providerArg])
+    } else {
+      command.removeAll(['-keypass', keypass])
+    }
+    if (!strict.toBoolean()) {
+      command.removeAll('-strict')
+    }
+    exec {
+      commandLine command
+    }
+  }
+}
blob - /dev/null
blob + 25339462db77fb1b442ce442ed25925fe64c5a72 (mode 644)
--- /dev/null
+++ gradle/spotbugs.gradle
@@ -0,0 +1,44 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+buildscript {
+  repositories {
+    gradlePluginPortal()
+  }
+  dependencies {
+    classpath libs.gradle.spotbugs
+  }
+}
+
+apply plugin: com.github.spotbugs.snom.SpotBugsPlugin
+
+dependencies {
+  spotbugsPlugins libs.findsecbugs
+  spotbugs libs.spotbugs
+}
+
+import com.github.spotbugs.snom.Confidence
+import com.github.spotbugs.snom.Effort
+import com.github.spotbugs.snom.SpotBugsTask
+
+spotbugs {
+  effort = Effort.valueOf('MAX')
+  excludeFilter = rootProject.file('gradle/config/spotbugs/exclude_filter.xml')
+  reportLevel = Confidence.valueOf('LOW')
+}
+
+tasks.withType(SpotBugsTask).configureEach {
+  reports.create("html") { required = true }
+}
blob - /dev/null
blob + ab6aa27326d64e2f6a15399eaf3bfec124cd14c8 (mode 644)
--- /dev/null
+++ gradle/swagger.gradle
@@ -0,0 +1,25 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+buildscript {
+  repositories {
+    gradlePluginPortal()
+  }
+  dependencies {
+    classpath libs.gradle.swagger
+  }
+}
+
+apply plugin: io.swagger.v3.plugins.gradle.SwaggerPlugin
blob - /dev/null
blob + 6a483d3f94deb3f93979e13575c21ad745f6fee2 (mode 644)
--- /dev/null
+++ gradle/versions.gradle
@@ -0,0 +1,25 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+buildscript {
+  repositories {
+    gradlePluginPortal()
+  }
+  dependencies {
+    classpath libs.gradle.versions.deps
+  }
+}
+
+apply plugin: com.github.benmanes.gradle.versions.VersionsPlugin
blob - /dev/null
blob + a4b76b9530d66f5e68d973ea569d8e19de379189 (mode 644)
Binary files /dev/null and gradle/wrapper/gradle-wrapper.jar differ
blob - /dev/null
blob + e18bc253b857cc9614e63c8975b677f496755957 (mode 644)
--- /dev/null
+++ gradle/wrapper/gradle-wrapper.properties
@@ -0,0 +1,7 @@
+distributionBase=GRADLE_USER_HOME
+distributionPath=wrapper/dists
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.12.1-bin.zip
+networkTimeout=10000
+validateDistributionUrl=true
+zipStoreBase=GRADLE_USER_HOME
+zipStorePath=wrapper/dists
blob - /dev/null
blob + 9a8a0e09059c2b05b44193d1ccb06e80c07c894e (mode 644)
--- /dev/null
+++ gradle.properties
@@ -0,0 +1,50 @@
+#
+# Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#
+
+# Global configuration
+
+# Gradle properties
+org.gradle.caching=true
+org.gradle.configuration-cache.parallel=true
+org.gradle.configureondemand=true
+org.gradle.console=plain
+org.gradle.jvmargs=-Xmx4096m
+org.gradle.parallel=true
+
+# Project properties
+description=Template
+group=com.pyr3x.template
+vendor=PyR3X, LLC
+
+# Branding properties
+branding_figlet=Template
+
+# CycloneDX properties
+cyclonedx_oc_name=Chaz Kettleson
+cyclonedx_oc_email=chaz@pyr3x.com
+cyclonedx_oc_phone=000-000-0000
+cyclonedx_oe_name=Chaz Kettleson
+cyclonedx_oe_url=https://www.pyr3x.com
+cyclonedx_license_name=0BSD
+cyclonedx_license_url=https://opensource.org/license/0bsd
+
+# Docker properties
+docker_copyChownUid=185
+docker_fromImage=eclipse-temurin:17-jdk-ubi9-minimal@sha256:7915d89f4f4fd4f5bb83aeecbb84a28a740eef29d028f071f3270916912daafd
+docker_toBaseImage=registry.gitlab.pyr3x.com/projects/template
+
+# License properties
+license_copyrightHolder=Chaz Kettleson
+license_email=chaz@pyr3x.com
blob - /dev/null
blob + 1aa94a4269074199e6ed2c37e8db3e0826030965 (mode 755)
--- /dev/null
+++ gradlew
@@ -0,0 +1,249 @@
+#!/bin/sh
+
+#
+# Copyright © 2015-2021 the original authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+##############################################################################
+#
+#   Gradle start up script for POSIX generated by Gradle.
+#
+#   Important for running:
+#
+#   (1) You need a POSIX-compliant shell to run this script. If your /bin/sh is
+#       noncompliant, but you have some other compliant shell such as ksh or
+#       bash, then to run this script, type that shell name before the whole
+#       command line, like:
+#
+#           ksh Gradle
+#
+#       Busybox and similar reduced shells will NOT work, because this script
+#       requires all of these POSIX shell features:
+#         * functions;
+#         * expansions «$var», «${var}», «${var:-default}», «${var+SET}»,
+#           «${var#prefix}», «${var%suffix}», and «$( cmd )»;
+#         * compound commands having a testable exit status, especially «case»;
+#         * various built-in commands including «command», «set», and «ulimit».
+#
+#   Important for patching:
+#
+#   (2) This script targets any POSIX shell, so it avoids extensions provided
+#       by Bash, Ksh, etc; in particular arrays are avoided.
+#
+#       The "traditional" practice of packing multiple parameters into a
+#       space-separated string is a well documented source of bugs and security
+#       problems, so this is (mostly) avoided, by progressively accumulating
+#       options in "$@", and eventually passing that to Java.
+#
+#       Where the inherited environment variables (DEFAULT_JVM_OPTS, JAVA_OPTS,
+#       and GRADLE_OPTS) rely on word-splitting, this is performed explicitly;
+#       see the in-line comments for details.
+#
+#       There are tweaks for specific operating systems such as AIX, CygWin,
+#       Darwin, MinGW, and NonStop.
+#
+#   (3) This script is generated from the Groovy template
+#       https://github.com/gradle/gradle/blob/HEAD/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
+#       within the Gradle project.
+#
+#       You can find Gradle at https://github.com/gradle/gradle/.
+#
+##############################################################################
+
+# Attempt to set APP_HOME
+
+# Resolve links: $0 may be a link
+app_path=$0
+
+# Need this for daisy-chained symlinks.
+while
+    APP_HOME=${app_path%"${app_path##*/}"}  # leaves a trailing /; empty if no leading path
+    [ -h "$app_path" ]
+do
+    ls=$( ls -ld "$app_path" )
+    link=${ls#*' -> '}
+    case $link in             #(
+      /*)   app_path=$link ;; #(
+      *)    app_path=$APP_HOME$link ;;
+    esac
+done
+
+# This is normally unused
+# shellcheck disable=SC2034
+APP_BASE_NAME=${0##*/}
+# Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036)
+APP_HOME=$( cd "${APP_HOME:-./}" > /dev/null && pwd -P ) || exit
+
+# Use the maximum available, or set MAX_FD != -1 to use that value.
+MAX_FD=maximum
+
+warn () {
+    echo "$*"
+} >&2
+
+die () {
+    echo
+    echo "$*"
+    echo
+    exit 1
+} >&2
+
+# OS specific support (must be 'true' or 'false').
+cygwin=false
+msys=false
+darwin=false
+nonstop=false
+case "$( uname )" in                #(
+  CYGWIN* )         cygwin=true  ;; #(
+  Darwin* )         darwin=true  ;; #(
+  MSYS* | MINGW* )  msys=true    ;; #(
+  NONSTOP* )        nonstop=true ;;
+esac
+
+CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
+
+
+# Determine the Java command to use to start the JVM.
+if [ -n "$JAVA_HOME" ] ; then
+    if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
+        # IBM's JDK on AIX uses strange locations for the executables
+        JAVACMD=$JAVA_HOME/jre/sh/java
+    else
+        JAVACMD=$JAVA_HOME/bin/java
+    fi
+    if [ ! -x "$JAVACMD" ] ; then
+        die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
+
+Please set the JAVA_HOME variable in your environment to match the
+location of your Java installation."
+    fi
+else
+    JAVACMD=java
+    if ! command -v java >/dev/null 2>&1
+    then
+        die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+
+Please set the JAVA_HOME variable in your environment to match the
+location of your Java installation."
+    fi
+fi
+
+# Increase the maximum file descriptors if we can.
+if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then
+    case $MAX_FD in #(
+      max*)
+        # In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked.
+        # shellcheck disable=SC2039,SC3045
+        MAX_FD=$( ulimit -H -n ) ||
+            warn "Could not query maximum file descriptor limit"
+    esac
+    case $MAX_FD in  #(
+      '' | soft) :;; #(
+      *)
+        # In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked.
+        # shellcheck disable=SC2039,SC3045
+        ulimit -n "$MAX_FD" ||
+            warn "Could not set maximum file descriptor limit to $MAX_FD"
+    esac
+fi
+
+# Collect all arguments for the java command, stacking in reverse order:
+#   * args from the command line
+#   * the main class name
+#   * -classpath
+#   * -D...appname settings
+#   * --module-path (only if needed)
+#   * DEFAULT_JVM_OPTS, JAVA_OPTS, and GRADLE_OPTS environment variables.
+
+# For Cygwin or MSYS, switch paths to Windows format before running java
+if "$cygwin" || "$msys" ; then
+    APP_HOME=$( cygpath --path --mixed "$APP_HOME" )
+    CLASSPATH=$( cygpath --path --mixed "$CLASSPATH" )
+
+    JAVACMD=$( cygpath --unix "$JAVACMD" )
+
+    # Now convert the arguments - kludge to limit ourselves to /bin/sh
+    for arg do
+        if
+            case $arg in                                #(
+              -*)   false ;;                            # don't mess with options #(
+              /?*)  t=${arg#/} t=/${t%%/*}              # looks like a POSIX filepath
+                    [ -e "$t" ] ;;                      #(
+              *)    false ;;
+            esac
+        then
+            arg=$( cygpath --path --ignore --mixed "$arg" )
+        fi
+        # Roll the args list around exactly as many times as the number of
+        # args, so each arg winds up back in the position where it started, but
+        # possibly modified.
+        #
+        # NB: a `for` loop captures its iteration list before it begins, so
+        # changing the positional parameters here affects neither the number of
+        # iterations, nor the values presented in `arg`.
+        shift                   # remove old arg
+        set -- "$@" "$arg"      # push replacement arg
+    done
+fi
+
+
+# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
+DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
+
+# Collect all arguments for the java command:
+#   * DEFAULT_JVM_OPTS, JAVA_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments,
+#     and any embedded shellness will be escaped.
+#   * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be
+#     treated as '${Hostname}' itself on the command line.
+
+set -- \
+        "-Dorg.gradle.appname=$APP_BASE_NAME" \
+        -classpath "$CLASSPATH" \
+        org.gradle.wrapper.GradleWrapperMain \
+        "$@"
+
+# Stop when "xargs" is not available.
+if ! command -v xargs >/dev/null 2>&1
+then
+    die "xargs is not available"
+fi
+
+# Use "xargs" to parse quoted args.
+#
+# With -n1 it outputs one arg per line, with the quotes and backslashes removed.
+#
+# In Bash we could simply go:
+#
+#   readarray ARGS < <( xargs -n1 <<<"$var" ) &&
+#   set -- "${ARGS[@]}" "$@"
+#
+# but POSIX shell has neither arrays nor command substitution, so instead we
+# post-process each arg (as a line of input to sed) to backslash-escape any
+# character that might be a shell metacharacter, then use eval to reverse
+# that process (while maintaining the separation between arguments), and wrap
+# the whole thing up as a single "set" statement.
+#
+# This will of course break if any of these variables contains a newline or
+# an unmatched quote.
+#
+
+eval "set -- $(
+        printf '%s\n' "$DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS" |
+        xargs -n1 |
+        sed ' s~[^-[:alnum:]+,./:=@_]~\\&~g; ' |
+        tr '\n' ' '
+    )" '"$@"'
+
+exec "$JAVACMD" "$@"
blob - /dev/null
blob + 7101f8e4676fcad8adc961e929ea3bcb37b5262f (mode 644)
--- /dev/null
+++ gradlew.bat
@@ -0,0 +1,92 @@
+@rem
+@rem Copyright 2015 the original author or authors.
+@rem
+@rem Licensed under the Apache License, Version 2.0 (the "License");
+@rem you may not use this file except in compliance with the License.
+@rem You may obtain a copy of the License at
+@rem
+@rem      https://www.apache.org/licenses/LICENSE-2.0
+@rem
+@rem Unless required by applicable law or agreed to in writing, software
+@rem distributed under the License is distributed on an "AS IS" BASIS,
+@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+@rem See the License for the specific language governing permissions and
+@rem limitations under the License.
+@rem
+
+@if "%DEBUG%"=="" @echo off
+@rem ##########################################################################
+@rem
+@rem  Gradle startup script for Windows
+@rem
+@rem ##########################################################################
+
+@rem Set local scope for the variables with windows NT shell
+if "%OS%"=="Windows_NT" setlocal
+
+set DIRNAME=%~dp0
+if "%DIRNAME%"=="" set DIRNAME=.
+@rem This is normally unused
+set APP_BASE_NAME=%~n0
+set APP_HOME=%DIRNAME%
+
+@rem Resolve any "." and ".." in APP_HOME to make it shorter.
+for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi
+
+@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
+set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m"
+
+@rem Find java.exe
+if defined JAVA_HOME goto findJavaFromJavaHome
+
+set JAVA_EXE=java.exe
+%JAVA_EXE% -version >NUL 2>&1
+if %ERRORLEVEL% equ 0 goto execute
+
+echo. 1>&2
+echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 1>&2
+echo. 1>&2
+echo Please set the JAVA_HOME variable in your environment to match the 1>&2
+echo location of your Java installation. 1>&2
+
+goto fail
+
+:findJavaFromJavaHome
+set JAVA_HOME=%JAVA_HOME:"=%
+set JAVA_EXE=%JAVA_HOME%/bin/java.exe
+
+if exist "%JAVA_EXE%" goto execute
+
+echo. 1>&2
+echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 1>&2
+echo. 1>&2
+echo Please set the JAVA_HOME variable in your environment to match the 1>&2
+echo location of your Java installation. 1>&2
+
+goto fail
+
+:execute
+@rem Setup the command line
+
+set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
+
+
+@rem Execute Gradle
+"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %*
+
+:end
+@rem End local scope for the variables with windows NT shell
+if %ERRORLEVEL% equ 0 goto mainEnd
+
+:fail
+rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
+rem the _cmd.exe /c_ return code!
+set EXIT_CODE=%ERRORLEVEL%
+if %EXIT_CODE% equ 0 set EXIT_CODE=1
+if not ""=="%GRADLE_EXIT_CONSOLE%" exit %EXIT_CODE%
+exit /b %EXIT_CODE%
+
+:mainEnd
+if "%OS%"=="Windows_NT" endlocal
+
+:omega
blob - /dev/null
blob + 19529ddf8c6eaa08c5c75ff80652d21ce4b72f8c (mode 755)
--- /dev/null
+++ mvnw
@@ -0,0 +1,259 @@
+#!/bin/sh
+# ----------------------------------------------------------------------------
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+# ----------------------------------------------------------------------------
+
+# ----------------------------------------------------------------------------
+# Apache Maven Wrapper startup batch script, version 3.3.2
+#
+# Optional ENV vars
+# -----------------
+#   JAVA_HOME - location of a JDK home dir, required when download maven via java source
+#   MVNW_REPOURL - repo url base for downloading maven distribution
+#   MVNW_USERNAME/MVNW_PASSWORD - user and password for downloading maven
+#   MVNW_VERBOSE - true: enable verbose log; debug: trace the mvnw script; others: silence the output
+# ----------------------------------------------------------------------------
+
+set -euf
+[ "${MVNW_VERBOSE-}" != debug ] || set -x
+
+# OS specific support.
+native_path() { printf %s\\n "$1"; }
+case "$(uname)" in
+CYGWIN* | MINGW*)
+  [ -z "${JAVA_HOME-}" ] || JAVA_HOME="$(cygpath --unix "$JAVA_HOME")"
+  native_path() { cygpath --path --windows "$1"; }
+  ;;
+esac
+
+# set JAVACMD and JAVACCMD
+set_java_home() {
+  # For Cygwin and MinGW, ensure paths are in Unix format before anything is touched
+  if [ -n "${JAVA_HOME-}" ]; then
+    if [ -x "$JAVA_HOME/jre/sh/java" ]; then
+      # IBM's JDK on AIX uses strange locations for the executables
+      JAVACMD="$JAVA_HOME/jre/sh/java"
+      JAVACCMD="$JAVA_HOME/jre/sh/javac"
+    else
+      JAVACMD="$JAVA_HOME/bin/java"
+      JAVACCMD="$JAVA_HOME/bin/javac"
+
+      if [ ! -x "$JAVACMD" ] || [ ! -x "$JAVACCMD" ]; then
+        echo "The JAVA_HOME environment variable is not defined correctly, so mvnw cannot run." >&2
+        echo "JAVA_HOME is set to \"$JAVA_HOME\", but \"\$JAVA_HOME/bin/java\" or \"\$JAVA_HOME/bin/javac\" does not exist." >&2
+        return 1
+      fi
+    fi
+  else
+    JAVACMD="$(
+      'set' +e
+      'unset' -f command 2>/dev/null
+      'command' -v java
+    )" || :
+    JAVACCMD="$(
+      'set' +e
+      'unset' -f command 2>/dev/null
+      'command' -v javac
+    )" || :
+
+    if [ ! -x "${JAVACMD-}" ] || [ ! -x "${JAVACCMD-}" ]; then
+      echo "The java/javac command does not exist in PATH nor is JAVA_HOME set, so mvnw cannot run." >&2
+      return 1
+    fi
+  fi
+}
+
+# hash string like Java String::hashCode
+hash_string() {
+  str="${1:-}" h=0
+  while [ -n "$str" ]; do
+    char="${str%"${str#?}"}"
+    h=$(((h * 31 + $(LC_CTYPE=C printf %d "'$char")) % 4294967296))
+    str="${str#?}"
+  done
+  printf %x\\n $h
+}
+
+verbose() { :; }
+[ "${MVNW_VERBOSE-}" != true ] || verbose() { printf %s\\n "${1-}"; }
+
+die() {
+  printf %s\\n "$1" >&2
+  exit 1
+}
+
+trim() {
+  # MWRAPPER-139:
+  #   Trims trailing and leading whitespace, carriage returns, tabs, and linefeeds.
+  #   Needed for removing poorly interpreted newline sequences when running in more
+  #   exotic environments such as mingw bash on Windows.
+  printf "%s" "${1}" | tr -d '[:space:]'
+}
+
+# parse distributionUrl and optional distributionSha256Sum, requires .mvn/wrapper/maven-wrapper.properties
+while IFS="=" read -r key value; do
+  case "${key-}" in
+  distributionUrl) distributionUrl=$(trim "${value-}") ;;
+  distributionSha256Sum) distributionSha256Sum=$(trim "${value-}") ;;
+  esac
+done <"${0%/*}/.mvn/wrapper/maven-wrapper.properties"
+[ -n "${distributionUrl-}" ] || die "cannot read distributionUrl property in ${0%/*}/.mvn/wrapper/maven-wrapper.properties"
+
+case "${distributionUrl##*/}" in
+maven-mvnd-*bin.*)
+  MVN_CMD=mvnd.sh _MVNW_REPO_PATTERN=/maven/mvnd/
+  case "${PROCESSOR_ARCHITECTURE-}${PROCESSOR_ARCHITEW6432-}:$(uname -a)" in
+  *AMD64:CYGWIN* | *AMD64:MINGW*) distributionPlatform=windows-amd64 ;;
+  :Darwin*x86_64) distributionPlatform=darwin-amd64 ;;
+  :Darwin*arm64) distributionPlatform=darwin-aarch64 ;;
+  :Linux*x86_64*) distributionPlatform=linux-amd64 ;;
+  *)
+    echo "Cannot detect native platform for mvnd on $(uname)-$(uname -m), use pure java version" >&2
+    distributionPlatform=linux-amd64
+    ;;
+  esac
+  distributionUrl="${distributionUrl%-bin.*}-$distributionPlatform.zip"
+  ;;
+maven-mvnd-*) MVN_CMD=mvnd.sh _MVNW_REPO_PATTERN=/maven/mvnd/ ;;
+*) MVN_CMD="mvn${0##*/mvnw}" _MVNW_REPO_PATTERN=/org/apache/maven/ ;;
+esac
+
+# apply MVNW_REPOURL and calculate MAVEN_HOME
+# maven home pattern: ~/.m2/wrapper/dists/{apache-maven-<version>,maven-mvnd-<version>-<platform>}/<hash>
+[ -z "${MVNW_REPOURL-}" ] || distributionUrl="$MVNW_REPOURL$_MVNW_REPO_PATTERN${distributionUrl#*"$_MVNW_REPO_PATTERN"}"
+distributionUrlName="${distributionUrl##*/}"
+distributionUrlNameMain="${distributionUrlName%.*}"
+distributionUrlNameMain="${distributionUrlNameMain%-bin}"
+MAVEN_USER_HOME="${MAVEN_USER_HOME:-${HOME}/.m2}"
+MAVEN_HOME="${MAVEN_USER_HOME}/wrapper/dists/${distributionUrlNameMain-}/$(hash_string "$distributionUrl")"
+
+exec_maven() {
+  unset MVNW_VERBOSE MVNW_USERNAME MVNW_PASSWORD MVNW_REPOURL || :
+  exec "$MAVEN_HOME/bin/$MVN_CMD" "$@" || die "cannot exec $MAVEN_HOME/bin/$MVN_CMD"
+}
+
+if [ -d "$MAVEN_HOME" ]; then
+  verbose "found existing MAVEN_HOME at $MAVEN_HOME"
+  exec_maven "$@"
+fi
+
+case "${distributionUrl-}" in
+*?-bin.zip | *?maven-mvnd-?*-?*.zip) ;;
+*) die "distributionUrl is not valid, must match *-bin.zip or maven-mvnd-*.zip, but found '${distributionUrl-}'" ;;
+esac
+
+# prepare tmp dir
+if TMP_DOWNLOAD_DIR="$(mktemp -d)" && [ -d "$TMP_DOWNLOAD_DIR" ]; then
+  clean() { rm -rf -- "$TMP_DOWNLOAD_DIR"; }
+  trap clean HUP INT TERM EXIT
+else
+  die "cannot create temp dir"
+fi
+
+mkdir -p -- "${MAVEN_HOME%/*}"
+
+# Download and Install Apache Maven
+verbose "Couldn't find MAVEN_HOME, downloading and installing it ..."
+verbose "Downloading from: $distributionUrl"
+verbose "Downloading to: $TMP_DOWNLOAD_DIR/$distributionUrlName"
+
+# select .zip or .tar.gz
+if ! command -v unzip >/dev/null; then
+  distributionUrl="${distributionUrl%.zip}.tar.gz"
+  distributionUrlName="${distributionUrl##*/}"
+fi
+
+# verbose opt
+__MVNW_QUIET_WGET=--quiet __MVNW_QUIET_CURL=--silent __MVNW_QUIET_UNZIP=-q __MVNW_QUIET_TAR=''
+[ "${MVNW_VERBOSE-}" != true ] || __MVNW_QUIET_WGET='' __MVNW_QUIET_CURL='' __MVNW_QUIET_UNZIP='' __MVNW_QUIET_TAR=v
+
+# normalize http auth
+case "${MVNW_PASSWORD:+has-password}" in
+'') MVNW_USERNAME='' MVNW_PASSWORD='' ;;
+has-password) [ -n "${MVNW_USERNAME-}" ] || MVNW_USERNAME='' MVNW_PASSWORD='' ;;
+esac
+
+if [ -z "${MVNW_USERNAME-}" ] && command -v wget >/dev/null; then
+  verbose "Found wget ... using wget"
+  wget ${__MVNW_QUIET_WGET:+"$__MVNW_QUIET_WGET"} "$distributionUrl" -O "$TMP_DOWNLOAD_DIR/$distributionUrlName" || die "wget: Failed to fetch $distributionUrl"
+elif [ -z "${MVNW_USERNAME-}" ] && command -v curl >/dev/null; then
+  verbose "Found curl ... using curl"
+  curl ${__MVNW_QUIET_CURL:+"$__MVNW_QUIET_CURL"} -f -L -o "$TMP_DOWNLOAD_DIR/$distributionUrlName" "$distributionUrl" || die "curl: Failed to fetch $distributionUrl"
+elif set_java_home; then
+  verbose "Falling back to use Java to download"
+  javaSource="$TMP_DOWNLOAD_DIR/Downloader.java"
+  targetZip="$TMP_DOWNLOAD_DIR/$distributionUrlName"
+  cat >"$javaSource" <<-END
+	public class Downloader extends java.net.Authenticator
+	{
+	  protected java.net.PasswordAuthentication getPasswordAuthentication()
+	  {
+	    return new java.net.PasswordAuthentication( System.getenv( "MVNW_USERNAME" ), System.getenv( "MVNW_PASSWORD" ).toCharArray() );
+	  }
+	  public static void main( String[] args ) throws Exception
+	  {
+	    setDefault( new Downloader() );
+	    java.nio.file.Files.copy( java.net.URI.create( args[0] ).toURL().openStream(), java.nio.file.Paths.get( args[1] ).toAbsolutePath().normalize() );
+	  }
+	}
+	END
+  # For Cygwin/MinGW, switch paths to Windows format before running javac and java
+  verbose " - Compiling Downloader.java ..."
+  "$(native_path "$JAVACCMD")" "$(native_path "$javaSource")" || die "Failed to compile Downloader.java"
+  verbose " - Running Downloader.java ..."
+  "$(native_path "$JAVACMD")" -cp "$(native_path "$TMP_DOWNLOAD_DIR")" Downloader "$distributionUrl" "$(native_path "$targetZip")"
+fi
+
+# If specified, validate the SHA-256 sum of the Maven distribution zip file
+if [ -n "${distributionSha256Sum-}" ]; then
+  distributionSha256Result=false
+  if [ "$MVN_CMD" = mvnd.sh ]; then
+    echo "Checksum validation is not supported for maven-mvnd." >&2
+    echo "Please disable validation by removing 'distributionSha256Sum' from your maven-wrapper.properties." >&2
+    exit 1
+  elif command -v sha256sum >/dev/null; then
+    if echo "$distributionSha256Sum  $TMP_DOWNLOAD_DIR/$distributionUrlName" | sha256sum -c >/dev/null 2>&1; then
+      distributionSha256Result=true
+    fi
+  elif command -v shasum >/dev/null; then
+    if echo "$distributionSha256Sum  $TMP_DOWNLOAD_DIR/$distributionUrlName" | shasum -a 256 -c >/dev/null 2>&1; then
+      distributionSha256Result=true
+    fi
+  else
+    echo "Checksum validation was requested but neither 'sha256sum' or 'shasum' are available." >&2
+    echo "Please install either command, or disable validation by removing 'distributionSha256Sum' from your maven-wrapper.properties." >&2
+    exit 1
+  fi
+  if [ $distributionSha256Result = false ]; then
+    echo "Error: Failed to validate Maven distribution SHA-256, your Maven distribution might be compromised." >&2
+    echo "If you updated your Maven version, you need to update the specified distributionSha256Sum property." >&2
+    exit 1
+  fi
+fi
+
+# unzip and move
+if command -v unzip >/dev/null; then
+  unzip ${__MVNW_QUIET_UNZIP:+"$__MVNW_QUIET_UNZIP"} "$TMP_DOWNLOAD_DIR/$distributionUrlName" -d "$TMP_DOWNLOAD_DIR" || die "failed to unzip"
+else
+  tar xzf${__MVNW_QUIET_TAR:+"$__MVNW_QUIET_TAR"} "$TMP_DOWNLOAD_DIR/$distributionUrlName" -C "$TMP_DOWNLOAD_DIR" || die "failed to untar"
+fi
+printf %s\\n "$distributionUrl" >"$TMP_DOWNLOAD_DIR/$distributionUrlNameMain/mvnw.url"
+mv -- "$TMP_DOWNLOAD_DIR/$distributionUrlNameMain" "$MAVEN_HOME" || [ -d "$MAVEN_HOME" ] || die "fail to move MAVEN_HOME"
+
+clean || :
+exec_maven "$@"
blob - /dev/null
blob + b150b91ed5005191af94bd95320b04d8148b8a53 (mode 644)
--- /dev/null
+++ mvnw.cmd
@@ -0,0 +1,149 @@
+<# : batch portion
+@REM ----------------------------------------------------------------------------
+@REM Licensed to the Apache Software Foundation (ASF) under one
+@REM or more contributor license agreements.  See the NOTICE file
+@REM distributed with this work for additional information
+@REM regarding copyright ownership.  The ASF licenses this file
+@REM to you under the Apache License, Version 2.0 (the
+@REM "License"); you may not use this file except in compliance
+@REM with the License.  You may obtain a copy of the License at
+@REM
+@REM    http://www.apache.org/licenses/LICENSE-2.0
+@REM
+@REM Unless required by applicable law or agreed to in writing,
+@REM software distributed under the License is distributed on an
+@REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+@REM KIND, either express or implied.  See the License for the
+@REM specific language governing permissions and limitations
+@REM under the License.
+@REM ----------------------------------------------------------------------------
+
+@REM ----------------------------------------------------------------------------
+@REM Apache Maven Wrapper startup batch script, version 3.3.2
+@REM
+@REM Optional ENV vars
+@REM   MVNW_REPOURL - repo url base for downloading maven distribution
+@REM   MVNW_USERNAME/MVNW_PASSWORD - user and password for downloading maven
+@REM   MVNW_VERBOSE - true: enable verbose log; others: silence the output
+@REM ----------------------------------------------------------------------------
+
+@IF "%__MVNW_ARG0_NAME__%"=="" (SET __MVNW_ARG0_NAME__=%~nx0)
+@SET __MVNW_CMD__=
+@SET __MVNW_ERROR__=
+@SET __MVNW_PSMODULEP_SAVE=%PSModulePath%
+@SET PSModulePath=
+@FOR /F "usebackq tokens=1* delims==" %%A IN (`powershell -noprofile "& {$scriptDir='%~dp0'; $script='%__MVNW_ARG0_NAME__%'; icm -ScriptBlock ([Scriptblock]::Create((Get-Content -Raw '%~f0'))) -NoNewScope}"`) DO @(
+  IF "%%A"=="MVN_CMD" (set __MVNW_CMD__=%%B) ELSE IF "%%B"=="" (echo %%A) ELSE (echo %%A=%%B)
+)
+@SET PSModulePath=%__MVNW_PSMODULEP_SAVE%
+@SET __MVNW_PSMODULEP_SAVE=
+@SET __MVNW_ARG0_NAME__=
+@SET MVNW_USERNAME=
+@SET MVNW_PASSWORD=
+@IF NOT "%__MVNW_CMD__%"=="" (%__MVNW_CMD__% %*)
+@echo Cannot start maven from wrapper >&2 && exit /b 1
+@GOTO :EOF
+: end batch / begin powershell #>
+
+$ErrorActionPreference = "Stop"
+if ($env:MVNW_VERBOSE -eq "true") {
+  $VerbosePreference = "Continue"
+}
+
+# calculate distributionUrl, requires .mvn/wrapper/maven-wrapper.properties
+$distributionUrl = (Get-Content -Raw "$scriptDir/.mvn/wrapper/maven-wrapper.properties" | ConvertFrom-StringData).distributionUrl
+if (!$distributionUrl) {
+  Write-Error "cannot read distributionUrl property in $scriptDir/.mvn/wrapper/maven-wrapper.properties"
+}
+
+switch -wildcard -casesensitive ( $($distributionUrl -replace '^.*/','') ) {
+  "maven-mvnd-*" {
+    $USE_MVND = $true
+    $distributionUrl = $distributionUrl -replace '-bin\.[^.]*$',"-windows-amd64.zip"
+    $MVN_CMD = "mvnd.cmd"
+    break
+  }
+  default {
+    $USE_MVND = $false
+    $MVN_CMD = $script -replace '^mvnw','mvn'
+    break
+  }
+}
+
+# apply MVNW_REPOURL and calculate MAVEN_HOME
+# maven home pattern: ~/.m2/wrapper/dists/{apache-maven-<version>,maven-mvnd-<version>-<platform>}/<hash>
+if ($env:MVNW_REPOURL) {
+  $MVNW_REPO_PATTERN = if ($USE_MVND) { "/org/apache/maven/" } else { "/maven/mvnd/" }
+  $distributionUrl = "$env:MVNW_REPOURL$MVNW_REPO_PATTERN$($distributionUrl -replace '^.*'+$MVNW_REPO_PATTERN,'')"
+}
+$distributionUrlName = $distributionUrl -replace '^.*/',''
+$distributionUrlNameMain = $distributionUrlName -replace '\.[^.]*$','' -replace '-bin$',''
+$MAVEN_HOME_PARENT = "$HOME/.m2/wrapper/dists/$distributionUrlNameMain"
+if ($env:MAVEN_USER_HOME) {
+  $MAVEN_HOME_PARENT = "$env:MAVEN_USER_HOME/wrapper/dists/$distributionUrlNameMain"
+}
+$MAVEN_HOME_NAME = ([System.Security.Cryptography.MD5]::Create().ComputeHash([byte[]][char[]]$distributionUrl) | ForEach-Object {$_.ToString("x2")}) -join ''
+$MAVEN_HOME = "$MAVEN_HOME_PARENT/$MAVEN_HOME_NAME"
+
+if (Test-Path -Path "$MAVEN_HOME" -PathType Container) {
+  Write-Verbose "found existing MAVEN_HOME at $MAVEN_HOME"
+  Write-Output "MVN_CMD=$MAVEN_HOME/bin/$MVN_CMD"
+  exit $?
+}
+
+if (! $distributionUrlNameMain -or ($distributionUrlName -eq $distributionUrlNameMain)) {
+  Write-Error "distributionUrl is not valid, must end with *-bin.zip, but found $distributionUrl"
+}
+
+# prepare tmp dir
+$TMP_DOWNLOAD_DIR_HOLDER = New-TemporaryFile
+$TMP_DOWNLOAD_DIR = New-Item -Itemtype Directory -Path "$TMP_DOWNLOAD_DIR_HOLDER.dir"
+$TMP_DOWNLOAD_DIR_HOLDER.Delete() | Out-Null
+trap {
+  if ($TMP_DOWNLOAD_DIR.Exists) {
+    try { Remove-Item $TMP_DOWNLOAD_DIR -Recurse -Force | Out-Null }
+    catch { Write-Warning "Cannot remove $TMP_DOWNLOAD_DIR" }
+  }
+}
+
+New-Item -Itemtype Directory -Path "$MAVEN_HOME_PARENT" -Force | Out-Null
+
+# Download and Install Apache Maven
+Write-Verbose "Couldn't find MAVEN_HOME, downloading and installing it ..."
+Write-Verbose "Downloading from: $distributionUrl"
+Write-Verbose "Downloading to: $TMP_DOWNLOAD_DIR/$distributionUrlName"
+
+$webclient = New-Object System.Net.WebClient
+if ($env:MVNW_USERNAME -and $env:MVNW_PASSWORD) {
+  $webclient.Credentials = New-Object System.Net.NetworkCredential($env:MVNW_USERNAME, $env:MVNW_PASSWORD)
+}
+[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
+$webclient.DownloadFile($distributionUrl, "$TMP_DOWNLOAD_DIR/$distributionUrlName") | Out-Null
+
+# If specified, validate the SHA-256 sum of the Maven distribution zip file
+$distributionSha256Sum = (Get-Content -Raw "$scriptDir/.mvn/wrapper/maven-wrapper.properties" | ConvertFrom-StringData).distributionSha256Sum
+if ($distributionSha256Sum) {
+  if ($USE_MVND) {
+    Write-Error "Checksum validation is not supported for maven-mvnd. `nPlease disable validation by removing 'distributionSha256Sum' from your maven-wrapper.properties."
+  }
+  Import-Module $PSHOME\Modules\Microsoft.PowerShell.Utility -Function Get-FileHash
+  if ((Get-FileHash "$TMP_DOWNLOAD_DIR/$distributionUrlName" -Algorithm SHA256).Hash.ToLower() -ne $distributionSha256Sum) {
+    Write-Error "Error: Failed to validate Maven distribution SHA-256, your Maven distribution might be compromised. If you updated your Maven version, you need to update the specified distributionSha256Sum property."
+  }
+}
+
+# unzip and move
+Expand-Archive "$TMP_DOWNLOAD_DIR/$distributionUrlName" -DestinationPath "$TMP_DOWNLOAD_DIR" | Out-Null
+Rename-Item -Path "$TMP_DOWNLOAD_DIR/$distributionUrlNameMain" -NewName $MAVEN_HOME_NAME | Out-Null
+try {
+  Move-Item -Path "$TMP_DOWNLOAD_DIR/$MAVEN_HOME_NAME" -Destination $MAVEN_HOME_PARENT | Out-Null
+} catch {
+  if (! (Test-Path -Path "$MAVEN_HOME" -PathType Container)) {
+    Write-Error "fail to move MAVEN_HOME"
+  }
+} finally {
+  try { Remove-Item $TMP_DOWNLOAD_DIR -Recurse -Force | Out-Null }
+  catch { Write-Warning "Cannot remove $TMP_DOWNLOAD_DIR" }
+}
+
+Write-Output "MVN_CMD=$MAVEN_HOME/bin/$MVN_CMD"
blob - /dev/null
blob + df91fc9dc5a8d4210e16102d533cfff554e7125b (mode 644)
--- /dev/null
+++ pom.xml
@@ -0,0 +1,83 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+
+  <!--
+
+  Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+
+  Permission to use, copy, modify, and/or distribute this software for any
+  purpose with or without fee is hereby granted.
+
+  THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+  WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+  MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+  ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+  WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+  ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+  OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+  -->
+
+  <!-- Karaf Features POM -->
+
+  <modelVersion>4.0.0</modelVersion>
+
+  <groupId>${groupId}</groupId>
+  <artifactId>${artifactId}</artifactId>
+  <version>${version}</version>
+  <packaging>pom</packaging>
+
+  <repositories>
+    <repository>
+      <id>local-repo</id>
+      <url>file:${url}</url>
+    </repository>
+  </repositories>
+
+  <build>
+    <plugins>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-dependency-plugin</artifactId>
+        <version>3.8.1</version>
+        <executions>
+          <execution>
+            <phase>clean</phase>
+            <goals>
+              <goal>purge-local-repository</goal>
+            </goals>
+            <configuration>
+              <resolutionFuzziness>groupId</resolutionFuzziness>
+              <manualIncludes>
+                <manualInclude>${groupId}</manualInclude>
+              </manualIncludes>
+            </configuration>
+          </execution>
+        </executions>
+      </plugin>
+      <plugin>
+        <groupId>org.apache.karaf.tooling</groupId>
+        <artifactId>karaf-maven-plugin</artifactId>
+        <version>${karafVersion}</version>
+        <executions>
+          <execution>
+            <goals>
+              <goal>features-add-to-repository</goal>
+            </goals>
+            <configuration>
+              <descriptors>
+                <descriptor>mvn:org.apache.karaf.features/standard/${karafVersion}/xml/features</descriptor>
+                <descriptor>${descriptor}</descriptor>
+              </descriptors>
+              <features>
+                <feature>${feature}</feature>
+              </features>
+              <repository>${repository}</repository>
+            </configuration>
+          </execution>
+        </executions>
+      </plugin>
+    </plugins>
+  </build>
+</project>
blob - /dev/null
blob + 71251a3cbb5c6b82c9d45791f3f4e3185bba47f6 (mode 644)
--- /dev/null
+++ settings.gradle
@@ -0,0 +1,46 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+// Central declaration of repositories
+dependencyResolutionManagement {
+  // Force global repositories on projects
+  repositoriesMode.set(RepositoriesMode.FAIL_ON_PROJECT_REPOS)
+  // Use our local repository and Maven Central only
+  repositories {
+    maven {
+      url new File(rootDir, 'gradle/repository')
+    }
+    mavenCentral()
+  }
+  // Force global rules on projects
+  rulesMode.set(RulesMode.FAIL_ON_PROJECT_RULES)
+}
+// Find the directories containing a "build.gradle" file in the root directory
+// of the project. That is, every directory containing a "build.gradle" will
+// be automatically the subproject of this project.
+def subDirs = rootDir.listFiles(new FileFilter() {
+    boolean accept(File file) {
+      if (!file.isDirectory()) {
+        return false
+      }
+      if (file.name == 'buildSrc') {
+        return false
+      }
+      return new File(file, 'build.gradle').isFile()
+    }
+  })
+subDirs.each {
+  include it.name
+}
blob - /dev/null
blob + 74e45a41ee246aa30a933aefe07f03ea29a60c2d (mode 644)
--- /dev/null
+++ src/main/dist/etc/custom.system.properties
@@ -0,0 +1,27 @@
+#
+# Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#
+
+# Custom system configuration
+
+# Karaf properties
+karaf.name=${project.name}
+karaf.local.user=${project.name}
+karaf.require.successful.features.boot=true
+karaf.secured.command.compulsory.roles=admin
+
+# OSGi Security
+java.security.policy=${karaf.etc}/all.policy
+org.osgi.framework.security=osgi
+org.osgi.framework.trust.repositories=${karaf.etc}/truststore.jks
blob - /dev/null
blob + 371e70dbc7056d374017581872c93e0e5cd49af0 (mode 644)
--- /dev/null
+++ src/main/dist/etc/security.policy
@@ -0,0 +1,25 @@
+#
+# Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#
+
+# Conditional Permission Admin security configuration
+
+ALLOW {
+  [ org.osgi.service.condpermadmin.BundleSignerCondition "CN=${project.name}" ]
+  ( java.security.AllPermission "*" "*" )
+} "Signed Bundles"
+
+ALLOW {
+  ( java.security.AllPermission "*" "*" )
+} "Other Bundles"
blob - /dev/null
blob + 3fe79fb849537ae2c83c4aba4491ba186cb23869 (mode 644)
--- /dev/null
+++ src/nosec/dist/etc/custom.system.properties
@@ -0,0 +1,27 @@
+#
+# Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#
+
+# Custom system configuration
+
+# Karaf properties
+karaf.name=${project.name}
+karaf.local.user=${project.name}
+karaf.require.successful.features.boot=true
+karaf.secured.command.compulsory.roles=admin
+
+# OSGi Security
+#java.security.policy=${karaf.etc}/all.policy
+#org.osgi.framework.security=osgi
+#org.osgi.framework.trust.repositories=${karaf.etc}/truststore.jks
blob - /dev/null
blob + 371e70dbc7056d374017581872c93e0e5cd49af0 (mode 644)
--- /dev/null
+++ src/nosec/dist/etc/security.policy
@@ -0,0 +1,25 @@
+#
+# Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#
+
+# Conditional Permission Admin security configuration
+
+ALLOW {
+  [ org.osgi.service.condpermadmin.BundleSignerCondition "CN=${project.name}" ]
+  ( java.security.AllPermission "*" "*" )
+} "Signed Bundles"
+
+ALLOW {
+  ( java.security.AllPermission "*" "*" )
+} "Other Bundles"
blob - /dev/null
blob + 5a68b4ac8ce974cd87bc7569b7fe2ae56142f80b (mode 644)
--- /dev/null
+++ template-branding-console/build.gradle
@@ -0,0 +1,49 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+buildscript {
+  repositories {
+    mavenCentral()
+  }
+  dependencies {
+    classpath libs.jfiglet
+  }
+}
+
+import com.github.lalyos.jfiglet.FigletFont
+
+processResources {
+  filesMatching('**/branding.properties') {
+    // Construct ascii art branding based on figlet property
+    def asciiArt = FigletFont.convertOneLine(branding_figlet)
+    def lines = asciiArt.split(System.lineSeparator())
+    def sb = new StringBuilder()
+    for (int i = 0; i < lines.length; ++i) {
+      def line = lines[i]
+      line = line.replace('\\', '\\\\')
+      line = '\\u001b[36m    ' + line
+      if (i != 0) {
+        line = '\r\n' + line
+      }
+      line = line + '\\u001b[0m\\r\\n\\'
+      sb.append(line)
+    }
+    filter {
+      it.replace('${project.branding_figlet}', sb.toString())
+        .replace('${project.name}', rootProject.name)
+        .replace('${project.version}', rootProject.version)
+    }
+  }
+}
blob - /dev/null
blob + 7bf760ca9fc834caa167910ea0002f0a5cd31451 (mode 644)
--- /dev/null
+++ template-branding-console/src/main/resources/OSGI-INF/l10n/bundle.properties
@@ -0,0 +1,18 @@
+#
+# Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#
+
+bundle.name = Template Console Branding
+bundle.description = Branding for Karaf Console.
+bundle.vendor = charlie
blob - /dev/null
blob + 83d9399cb9f99867c038985b49d968209c03bd1c (mode 644)
--- /dev/null
+++ template-branding-console/src/main/resources/org/apache/karaf/branding/branding.properties
@@ -0,0 +1,26 @@
+#
+# Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#
+
+# branding properties
+
+welcome = \
+${project.branding_figlet}
+\r\n\
+\u001B[1m  ${project.name}\u001B[0m (${project.version})\r\n \
+\r\n\
+Hit '\u001B[1m<tab>\u001B[0m' for a list of available commands\r\n\
+and '\u001B[1m[cmd] --help\u001B[0m' for help on a specific command.\r\n\
+Hit '\u001B[1m<ctrl-d>\u001B[0m' or type '\u001B[1msystem:shutdown\u001B[0m' \
+or '\u001B[1mlogout\u001b[0m' to shutdown ${project.name}.\r\n
blob - /dev/null
blob + 30383a868f30a99d9442e74672a47faad9994cb9 (mode 644)
--- /dev/null
+++ template-core/build.gradle
@@ -0,0 +1,16 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+dependencies {}
blob - /dev/null
blob + 2b786fc8cc083711bd936330879a85cd084bf00c (mode 644)
--- /dev/null
+++ template-core/src/main/java/com/pyr3x/template/core/Main.java
@@ -0,0 +1,84 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+package com.pyr3x.template.core;
+
+import java.util.Locale;
+import java.util.ResourceBundle;
+import lombok.extern.slf4j.Slf4j;
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.Constants;
+import org.osgi.service.component.ComponentContext;
+import org.osgi.service.component.annotations.Activate;
+import org.osgi.service.component.annotations.Component;
+import org.osgi.service.component.annotations.Deactivate;
+import org.osgi.service.component.annotations.Modified;
+
+/**
+ * Template class.
+ */
+@Slf4j
+@Component(immediate = true)
+public class Main {
+
+  /**
+   * Localization for bundle, configuration, log, and other strings.
+   */
+  protected transient ResourceBundle bundle;
+
+  /**
+   * DS method to activate the component.
+   *
+   * @param componentContext {@link ComponentContext} for this component.
+   * @param bundleContext    {@link BundleContext} for this bundle.
+   * @throws Exception If there was an error activating this component.
+   */
+  @Activate
+  protected void activate(final ComponentContext componentContext,
+      final BundleContext bundleContext) throws Exception {
+    bundle = ResourceBundle.getBundle(Constants.BUNDLE_LOCALIZATION_DEFAULT_BASENAME,
+        Locale.getDefault(), this.getClass().getClassLoader());
+    if (log.isInfoEnabled()) {
+      log.info(bundle.getString("log.starting"));
+    }
+  }
+
+  /**
+   * DS method to deactivate the component.
+   *
+   * @param componentContext {@link ComponentContext} for this component.
+   * @param bundleContext    {@link BundleContext} for this bundle.
+   * @throws Exception If there was an error deactivating this component.
+   */
+  @Deactivate
+  protected void deactivate(final ComponentContext componentContext,
+      final BundleContext bundleContext) throws Exception {
+    if (log.isInfoEnabled()) {
+      log.info(bundle.getString("log.stopping"));
+    }
+  }
+
+  /**
+   * DS method to modify the component.
+   *
+   * @throws Exception If there was an error modifying this component.
+   */
+  @Modified
+  protected void modified() throws Exception {
+    if (log.isInfoEnabled()) {
+      log.info(bundle.getString("log.changing_configuration"));
+    }
+  }
+}
blob - /dev/null
blob + 5a05aff67d53f82519ceb6108f89a27b9f84016d (mode 644)
--- /dev/null
+++ template-core/src/main/resources/OSGI-INF/l10n/bundle.properties
@@ -0,0 +1,21 @@
+#
+# Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#
+
+bundle.name = Template Core
+bundle.description = Template Core Description
+bundle.vendor = charlie
+log.starting = Template Core Starting
+log.stopping = Template Core Stopping
+log.changing_configuration = Template Core Changing Configuration
blob - /dev/null
blob + a8ec5d353043f3d22ddb1c020d8b1b8b4990ea56 (mode 644)
--- /dev/null
+++ template-core/src/main/resources/OSGI-INF/permissions.perm
@@ -0,0 +1,21 @@
+#
+# Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#
+
+# Permissions
+
+(org.osgi.framework.PackagePermission "org.slf4j" "import")
+(org.osgi.framework.PackagePermission "org.osgi.framework" "import")
+(org.osgi.framework.PackagePermission "org.osgi.service.component" "import")
+(org.osgi.framework.CapabilityPermission "osgi.extender" "require")
blob - /dev/null
blob + 30383a868f30a99d9442e74672a47faad9994cb9 (mode 644)
--- /dev/null
+++ template-security/build.gradle
@@ -0,0 +1,16 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+dependencies {}
blob - /dev/null
blob + a73f04ce61b2eb1c16cecf312a778f1aa3a494cb (mode 644)
--- /dev/null
+++ template-security/src/main/java/com/pyr3x/template/security/Activator.java
@@ -0,0 +1,172 @@
+/*
+ * Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+package com.pyr3x.template.security;
+
+import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
+import java.io.IOException;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.util.ArrayList;
+import java.util.ConcurrentModificationException;
+import java.util.List;
+import java.util.Locale;
+import java.util.Optional;
+import java.util.ResourceBundle;
+import lombok.extern.slf4j.Slf4j;
+import org.osgi.annotation.bundle.Header;
+import org.osgi.framework.BundleActivator;
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.Constants;
+import org.osgi.framework.ServiceReference;
+import org.osgi.service.condpermadmin.ConditionalPermissionAdmin;
+import org.osgi.service.condpermadmin.ConditionalPermissionInfo;
+import org.osgi.service.condpermadmin.ConditionalPermissionUpdate;
+
+/**
+ * Enable OSGi {@link ConditionalPermissionAdmin} reading from a security policy file from the
+ * environment.
+ */
+@Slf4j
+@Header(name = Constants.BUNDLE_ACTIVATOR, value = "${@class}")
+public class Activator implements BundleActivator {
+
+  /**
+   * Property for security policy file path.
+   */
+  protected static final String PROPERTY_POLICY_PATH
+      = Activator.class.getPackageName() + ".policy.path";
+
+  /**
+   * Default security policy file path.
+   */
+  protected static final String DEFAULT_POLICY_PATH = "etc/security.policy";
+
+  /**
+   * Constant for ignoring line of security policy.
+   */
+  protected static final char HASH = '#';
+
+  /**
+   * Localization for bundle, configuration, log, and other strings.
+   */
+  protected transient ResourceBundle bundle;
+
+  @Override
+  public void start(final BundleContext bundleContext) throws Exception {
+    bundle = ResourceBundle.getBundle(Constants.BUNDLE_LOCALIZATION_DEFAULT_BASENAME,
+        Locale.getDefault(), this.getClass().getClassLoader());
+    if (log.isInfoEnabled()) {
+      log.info(bundle.getString("log.starting"));
+    }
+    final Optional<ConditionalPermissionAdmin> cpa = getConditionalPermissionAdmin(bundleContext);
+    if (cpa.isPresent()) {
+      if (log.isInfoEnabled()) {
+        log.info(bundle.getString("log.security_enabled"));
+      }
+    } else {
+      if (log.isWarnEnabled()) {
+        log.warn(bundle.getString("log.security_disabled"));
+      }
+      return;
+    }
+    final Path policyFile = getPolicyFile(bundleContext);
+    final List<String> encodedInfos = readPolicyFile(policyFile);
+    encodedInfos.add(0, "ALLOW {"
+        + "[org.osgi.service.condpermadmin.BundleLocationCondition \""
+        + bundleContext.getBundle().getLocation() + "\"]"
+        + "(java.security.AllPermission \"*\" \"*\")"
+        + "} \"" + bundle.getString("log.management_agent") + "\"");
+    final ConditionalPermissionUpdate cpu = cpa.get().newConditionalPermissionUpdate();
+    final List<ConditionalPermissionInfo> infos = cpu.getConditionalPermissionInfos();
+    infos.clear();
+    for (final String encodedInfo : encodedInfos) {
+      if (log.isInfoEnabled()) {
+        log.info("{}\n{}", bundle.getString("log.adding_cpi"), encodedInfo);
+      }
+      infos.add(cpa.get().newConditionalPermissionInfo(encodedInfo));
+    }
+    if (!cpu.commit()) {
+      throw new ConcurrentModificationException(bundle.getString("log.commit_failed"));
+    }
+  }
+
+  @Override
+  public void stop(final BundleContext context) throws Exception {
+    if (log.isInfoEnabled()) {
+      log.info(bundle.getString("log.stopping"));
+    }
+  }
+
+  /**
+   * Return {@link Path} to security policy file.
+   *
+   * @param bundleContext {@link BundleContext} to get policy path property from (if present).
+   * @return {@link Path} to the security policy file.
+   */
+  @SuppressFBWarnings(value = "PATH_TRAVERSAL_IN", justification
+      = "Intended behavior to read policy from property if set")
+  public Path getPolicyFile(final BundleContext bundleContext) {
+    String policyFilePath = bundleContext.getProperty(PROPERTY_POLICY_PATH);
+    if (policyFilePath == null) {
+      policyFilePath = DEFAULT_POLICY_PATH;
+    }
+    return Paths.get(policyFilePath);
+  }
+
+  /**
+   * Return {@link List} of string encoded {@link ConditionalPermissionInfo}'s read from the policy
+   * file.
+   *
+   * @param policyFile {@link Path} to read policy from.
+   * @return {@link List} of encoded strings.
+   * @throws IOException If there was an error reading the policy file.
+   */
+  public List<String> readPolicyFile(final Path policyFile) throws IOException {
+    final List<String> policyLines = Files.readAllLines(policyFile);
+    final StringBuilder stringBuilder = new StringBuilder();
+    final List<String> encodedInfos = new ArrayList<>();
+    for (final String policyLine : policyLines) {
+      final String policyLineTrim = policyLine.trim();
+      if (policyLineTrim.isEmpty() || policyLineTrim.charAt(0) == HASH) {
+        continue;
+      }
+      stringBuilder.append(policyLineTrim);
+      if (policyLineTrim.contains("}")) {
+        encodedInfos.add(stringBuilder.toString());
+        stringBuilder.setLength(0);
+      }
+    }
+    return encodedInfos;
+  }
+
+  /**
+   * Get {@link ConditionalPermissionAdmin} {@link ServiceReference}, or null if unavailable.
+   *
+   * @param bundleContext {@link BundleContext} to get {@link ServiceReference} from.
+   * @return {@link ConditionalPermissionAdmin} {@link ServiceReference}.
+   */
+  public Optional<ConditionalPermissionAdmin> getConditionalPermissionAdmin(
+      final BundleContext bundleContext) {
+    final ServiceReference<ConditionalPermissionAdmin> cpaRef
+        = bundleContext.getServiceReference(ConditionalPermissionAdmin.class);
+    if (cpaRef == null) {
+      return Optional.empty();
+    } else {
+      return Optional.ofNullable(bundleContext.getService(cpaRef));
+    }
+  }
+}
blob - /dev/null
blob + 92e0a9c988e72d92c2da0e0299a8fa5b4cbb8a42 (mode 644)
--- /dev/null
+++ template-security/src/main/resources/OSGI-INF/l10n/bundle.properties
@@ -0,0 +1,25 @@
+#
+# Copyright (C) 2024 by Chaz Kettleson <chaz@pyr3x.com>
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#
+
+bundle.name = Template Security
+bundle.description = Management agent to update Conditional Permission Admin policy table from file.
+bundle.vendor = charlie
+log.starting = Template Security Starting
+log.stopping = Template Security Stopping
+log.management_agent = Management Agent
+log.security_enabled = Conditional Permission Admin found, security is enabled
+log.security_disabled = Conditional Permission Admin not found, security is disabled
+log.adding_cpi = Adding conditional permission info:
+log.commit_failed = Unable to commit, permissions changed during update