Add AWS-Core POM file with dependencies and build configuration

[JaninduRSD]

Purpose

Describe the problems, issues, or needs driving this feature/fix and include links to related issues in the following format: Resolves issue1, issue2, etc.

Goals

Describe the solutions that this feature/fix will introduce to resolve the problems described above

Approach

Describe how you are implementing the solutions. Include an animated GIF or screenshot if the change affects the UI (email documentation@wso2.com to review all UI text). Include a link to a Markdown file or Google doc if the feature write-up is too long to paste here.

User stories

Summary of user stories addressed by this change>

Release note

Brief description of the new feature or bug fix as it will appear in the release notes

Documentation

Link(s) to product documentation that addresses the changes of this PR. If no doc impact, enter “N/A” plus brief explanation of why there’s no doc impact

Training

Link to the PR for changes to the training content in https://github.com/wso2/WSO2-Training, if applicable

Certification

Type “Sent” when you have provided new/updated certification questions, plus four answers for each question (correct answer highlighted in bold), based on this change. Certification questions/answers should be sent to certification@wso2.com and NOT pasted in this PR. If there is no impact on certification exams, type “N/A” and explain why.

Marketing

Link to drafts of marketing content that will describe and promote this feature, including product page changes, technical articles, blog posts, videos, etc., if applicable

Automation tests

• Unit tests

  Code coverage information

• Integration tests

  Details about the test cases and coverage

Security checks

• Followed secure coding standards in http://wso2.com/technical-reports/wso2-secure-engineering-guidelines? yes/no
• Ran FindSecurityBugs plugin and verified report? yes/no
• Confirmed that this PR doesn't commit any keys, passwords, tokens, usernames, or other secrets? yes/no

Samples

Provide high-level details about the samples related to this feature

Related PRs

List any other related PRs

Migrations (if applicable)

Describe migration steps and platforms on which migration has been tested

Test environment

List all JDK versions, operating systems, databases, and browser/versions on which this feature/fix was tested

Learning

Describe the research phase and any blog posts, patterns, libraries, or add-ons you used to solve the problem.

Summary by CodeRabbit

• Chores
  • Added new module configuration with AWS SDK integration and build packaging settings.

[coderabbitai]

Walkthrough

Adds a new Maven POM file for the aws-core module that packages AWS SDK dependencies into an OSGi-compliant bundle with explicit versioning, export configuration, and WSO2 repository distribution settings.

Changes

Cohort / File(s)	Summary
AWS Core POM Configuration aws-core/2.30.22.wso2v3/pom.xml	New Maven POM file defining OSGi bundle configuration for AWS SDK dependencies. Includes Maven Bundle Plugin setup with package exports, embeddings, and imports. Configures AWS SDK and related dependency versions, distribution management pointing to WSO2 repositories, and comprehensive bundle metadata.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~15 minutes

Poem

🐰 A bundle of clouds, wrapped up so tight,
Dependencies nested, each one just right,
OSGi magic makes all paths align,
AWS riches in POM design! ✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description contains only the template structure with no substantive content filled in any required sections such as Purpose, Goals, Approach, or test details.	Complete the PR description by filling in all required sections with actual details about the change: purpose, goals, approach, testing, security checks, and other relevant sections.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change: adding a POM file with AWS dependencies and build configuration, matching the changeset.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

🧹 Nitpick comments (1)

aws-core/2.30.22.wso2v3/pom.xml (1)

213-216: Redundant Export-Package entry: auth.credentials.* is already matched by auth.*.

software.amazon.awssdk.auth.* uses a recursive wildcard that covers all sub-packages, so software.amazon.awssdk.auth.credentials.* on the following line is superfluous.

♻️ Proposed fix

                             software.amazon.awssdk.auth.*; version="${awscore.orbit.version}",
                             software.amazon.awssdk.awscore.*; version="${awscore.orbit.version}",
-                            software.amazon.awssdk.auth.credentials.*; version="${awscore.orbit.version}",
                             software.amazon.awssdk.http.*; version="${awscore.orbit.version}",

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@aws-core/2.30.22.wso2v3/pom.xml` around lines 213 - 216, The Export-Package
list contains a redundant entry: software.amazon.awssdk.auth.credentials.* is
already covered by the recursive software.amazon.awssdk.auth.* entry; remove the
explicit software.amazon.awssdk.auth.credentials.* line from the pom.xml
Export-Package configuration so only the broader software.amazon.awssdk.auth.*
remains to avoid duplication.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@aws-core/2.30.22.wso2v3/pom.xml`:
- Around line 238-248: The Embed-Dependency list in the POM contains a
duplicated entry "metrics-spi" which triggers BND warnings; open the
Embed-Dependency block and remove the redundant
"metrics-spi;scope=compile|runtime;inline=false" entry so it only appears once
(leave the other dependency lines unchanged), ensuring the manifest no longer
contains duplicate metrics-spi entries.
- Around line 224-226: The Embed-Dependency line is malformed and causes
software.amazon.awssdk:utils to be treated as an attribute rather than a
separate clause; update the Embed-Dependency entries so each artifact is its own
comma-separated clause with its attributes, e.g. split the current single clause
that reads like "aws-core;utils,scope=..." into two explicit clauses such as
"aws-core;scope=compile|runtime;inline=false" and
"software.amazon.awssdk:utils;scope=compile|runtime;inline=false" so that the
utils artifact is correctly matched and embedded by the maven-bundle-plugin.
- Line 29: The pom property awscore.orbit.version is incorrectly set to
2.30.22.wso2v2 while the module directory and intended release are wso2v3;
update the property value from 2.30.22.wso2v2 to 2.30.22.wso2v3 so the
artifact/version metadata (including Export-Package headers) matches the module
directory and prevents collision with the previous wso2v2 release, and then
verify other poms or CI variable references for awscore.orbit.version to ensure
consistency across the module.

---

Nitpick comments:
In `@aws-core/2.30.22.wso2v3/pom.xml`:
- Around line 213-216: The Export-Package list contains a redundant entry:
software.amazon.awssdk.auth.credentials.* is already covered by the recursive
software.amazon.awssdk.auth.* entry; remove the explicit
software.amazon.awssdk.auth.credentials.* line from the pom.xml Export-Package
configuration so only the broader software.amazon.awssdk.auth.* remains to avoid
duplication.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

Critical: awscore.orbit.version is pinned to wso2v2 but the module directory is wso2v3.

The property on Line 270 reads 2.30.22.wso2v2, yet this file lives under aws-core/2.30.22.wso2v3/. The artifact will be published (and all Export-Package headers versioned) as 2.30.22.wso2v2, colliding with the artifact from the previous wso2v2 release (PR #1266) and leaving the wso2v3 path in Nexus with an internally inconsistent version.

🐛 Proposed fix

-        <awscore.orbit.version>2.30.22.wso2v2</awscore.orbit.version>
+        <awscore.orbit.version>2.30.22.wso2v3</awscore.orbit.version>

Also applies to: 270-270

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@aws-core/2.30.22.wso2v3/pom.xml` at line 29, The pom property
awscore.orbit.version is incorrectly set to 2.30.22.wso2v2 while the module
directory and intended release are wso2v3; update the property value from
2.30.22.wso2v2 to 2.30.22.wso2v3 so the artifact/version metadata (including
Export-Package headers) matches the module directory and prevents collision with
the previous wso2v2 release, and then verify other poms or CI variable
references for awscore.orbit.version to ensure consistency across the module.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Malformed Embed-Dependency clause leaves utils un-embedded.

Line 225 reads aws-core;utils,scope=compile|runtime;inline=false. In the maven-bundle-plugin DSL, each entry in Embed-Dependency is a comma-delimited clause of the form MATCH;attribute=value. The semicolon after aws-core begins the attribute list, so utils is parsed as a bare (valueless) attribute name on the aws-core clause, not as a second artifact to embed. The comma then starts a new clause whose MATCH text would be scope=compile|runtime (no real artifact ID), and inline=false becomes its only attribute. The software.amazon.awssdk:utils jar is therefore never embedded.

🐛 Proposed fix — split into two explicit entries

-                            aws-core;utils,scope=compile|runtime;inline=false,
+                            aws-core;scope=compile|runtime;inline=false,
+                            utils;scope=compile|runtime;inline=false,

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@aws-core/2.30.22.wso2v3/pom.xml` around lines 224 - 226, The Embed-Dependency
line is malformed and causes software.amazon.awssdk:utils to be treated as an
attribute rather than a separate clause; update the Embed-Dependency entries so
each artifact is its own comma-separated clause with its attributes, e.g. split
the current single clause that reads like "aws-core;utils,scope=..." into two
explicit clauses such as "aws-core;scope=compile|runtime;inline=false" and
"software.amazon.awssdk:utils;scope=compile|runtime;inline=false" so that the
utils artifact is correctly matched and embedded by the maven-bundle-plugin.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

metrics-spi is listed twice in Embed-Dependency (lines 238 and 247).

The duplicate is a no-op at runtime but will trigger a BND warning during the build and makes the manifest harder to audit.

🐛 Proposed fix

                             metrics-spi;scope=compile|runtime;inline=false,
                             protocol-core;scope=compile|runtime;inline=false,
                             json-utils;scope=compile|runtime;inline=false,
                             third-party-jackson-core;scope=compile|runtime;inline=false,
                             checksums;scope=compile|runtime;inline=false,
                             checksums-spi;scope=compile|runtime;inline=false,
                             http-auth;scope=compile|runtime;inline=false,
                             lambda;scope=compile|runtime;inline=false,
                             http-client-spi;scope=compile|runtime;inline=false,
-                            metrics-spi;scope=compile|runtime;inline=false,
                             retries;scope=compile|runtime;inline=false,

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	metrics-spi;scope=compile|runtime;inline=false,
	protocol-core;scope=compile|runtime;inline=false,
	json-utils;scope=compile|runtime;inline=false,
	third-party-jackson-core;scope=compile|runtime;inline=false,
	checksums;scope=compile|runtime;inline=false,
	checksums-spi;scope=compile|runtime;inline=false,
	http-auth;scope=compile|runtime;inline=false,
	lambda;scope=compile|runtime;inline=false,
	http-client-spi;scope=compile|runtime;inline=false,
	metrics-spi;scope=compile|runtime;inline=false,
	retries;scope=compile|runtime;inline=false,
	metrics-spi;scope=compile|runtime;inline=false,
	protocol-core;scope=compile|runtime;inline=false,
	json-utils;scope=compile|runtime;inline=false,
	third-party-jackson-core;scope=compile|runtime;inline=false,
	checksums;scope=compile|runtime;inline=false,
	checksums-spi;scope=compile|runtime;inline=false,
	http-auth;scope=compile|runtime;inline=false,
	lambda;scope=compile|runtime;inline=false,
	http-client-spi;scope=compile|runtime;inline=false,
	retries;scope=compile|runtime;inline=false,

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@aws-core/2.30.22.wso2v3/pom.xml` around lines 238 - 248, The Embed-Dependency
list in the POM contains a duplicated entry "metrics-spi" which triggers BND
warnings; open the Embed-Dependency block and remove the redundant
"metrics-spi;scope=compile|runtime;inline=false" entry so it only appears once
(leave the other dependency lines unchanged), ensuring the manifest no longer
contains duplicate metrics-spi entries.