From fda8ee6ae864aa86823a7ebfdce9702f372a9ded Mon Sep 17 00:00:00 2001 From: Dominik-Pinsel Date: Wed, 18 Oct 2023 13:01:39 +0200 Subject: [PATCH] feat(ci): semantic releases from develop branch (#87) --- .github/workflows/chart-lint-test.yml | 6 +- .github/workflows/chart-releaser.yaml | 61 ------ .github/workflows/docker-hub-release.yaml | 109 ----------- .github/workflows/release.yml | 209 +++++++++++++++++++++ .github/workflows/semantic-release.yml | 51 ----- .releaserc | 58 ++++-- README.md | 6 + charts/managed-identity-wallet/values.yaml | 13 +- 8 files changed, 273 insertions(+), 240 deletions(-) delete mode 100644 .github/workflows/chart-releaser.yaml delete mode 100644 .github/workflows/docker-hub-release.yaml create mode 100644 .github/workflows/release.yml delete mode 100644 .github/workflows/semantic-release.yml diff --git a/.github/workflows/chart-lint-test.yml b/.github/workflows/chart-lint-test.yml index 8d4b21e94..620586d1f 100644 --- a/.github/workflows/chart-lint-test.yml +++ b/.github/workflows/chart-lint-test.yml @@ -102,7 +102,11 @@ jobs: run: task helm:unittest - name: Build app - run: SKIP_GRADLE_TASKS_PARAM="-x jacocoTestCoverageVerification -x test" GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} task app:build + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_USERNAME: ${{ github.actor }} + SKIP_GRADLE_TASKS_PARAM: "-x jacocoTestCoverageVerification -x test" + run: task app:build - name: Kubernetes KinD Cluster uses: container-tools/kind-action@v2 diff --git a/.github/workflows/chart-releaser.yaml b/.github/workflows/chart-releaser.yaml deleted file mode 100644 index a61e99b5e..000000000 --- a/.github/workflows/chart-releaser.yaml +++ /dev/null @@ -1,61 +0,0 @@ -############################################################################# -# Copyright (c) 2021,2023 Contributors to the Eclipse Foundation -# -# See the NOTICE file(s) distributed with this work for additional -# information regarding copyright ownership. -# -# This program and the accompanying materials are made available under the -# terms of the Apache License, Version 2.0 which is available at -# https://www.apache.org/licenses/LICENSE-2.0. -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# SPDX-License-Identifier: Apache-2.0 -############################################################################# - -name: Release - Helm Charts - -on: - push: - paths: - - 'charts/**' - branches: - - main - workflow_dispatch: -jobs: - release: - # depending on default permission settings for your org (contents being read-only or read-write for workloads), you will have to add permissions - # see: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token - permissions: - contents: write - runs-on: ubuntu-latest - - steps: - # fetch-depth: 0 is required to determine differences in chart(s) - - name: Checkout - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - - name: Configure Git - run: | - git config user.name "$GITHUB_ACTOR" - git config user.email "$GITHUB_ACTOR@users.noreply.github.com" - - - name: Install Helm - uses: azure/setup-helm@v3 - with: - token: ${{ secrets.GITHUB_TOKEN }} - - - name: Add Helm dependency repositories - run: | - helm repo add bitnami https://charts.bitnami.com/bitnami - - - name: Run chart-releaser - uses: helm/chart-releaser-action@v1 - env: - CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/docker-hub-release.yaml b/.github/workflows/docker-hub-release.yaml deleted file mode 100644 index 69e083d22..000000000 --- a/.github/workflows/docker-hub-release.yaml +++ /dev/null @@ -1,109 +0,0 @@ -# /******************************************************************************** -# * Copyright (c) 2021,2023 Contributors to the Eclipse Foundation -# * -# * See the NOTICE file(s) distributed with this work for additional -# * information regarding copyright ownership. -# * -# * This program and the accompanying materials are made available under the -# * terms of the Apache License, Version 2.0 which is available at -# * https://www.apache.org/licenses/LICENSE-2.0. -# * -# * Unless required by applicable law or agreed to in writing, software -# * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# * License for the specific language governing permissions and limitations -# * under the License. -# * -# * SPDX-License-Identifier: Apache-2.0 -# ********************************************************************************/ - -name: Docker Hub Release - -on: - push: - branches: - - main - # trigger events for SemVer like tags - tags: - - 'v*.*.*' - - 'v*.*.*-*' - pull_request: - branches: - - main - paths: - - 'Dockerfile' - - 'src/main/**' - -env: - IMAGE_NAMESPACE: "tractusx" - IMAGE_NAME: "managed-identity-wallet" - -jobs: - docker: - runs-on: ubuntu-latest - permissions: - packages: write - - steps: - - name: Checkout - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - - name: Set up Taskfile - uses: arduino/setup-task@v1 - - - name: Set up Java 17 - uses: actions/setup-java@v3 - with: - distribution: 'temurin' - java-version: '17' - - - name: Build app - run: GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} task app:build - - # Create SemVer or ref tags dependent of trigger event - - name: Docker meta - id: meta - uses: docker/metadata-action@v4 - with: - images: | - ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }} - # Automatically prepare image tags; See action docs for more examples. - # semver patter will generate tags like these for example :1 :1.2 :1.2.3 - tags: | - type=ref,event=branch - type=ref,event=pr - type=semver,pattern={{version}} - type=semver,pattern={{major}} - type=semver,pattern={{major}}.{{minor}} - type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'main') }} - - - name: DockerHub login - if: github.event_name != 'pull_request' - uses: docker/login-action@v2 - with: - # Use existing DockerHub credentials present as secrets - username: ${{ secrets.DOCKER_HUB_USER }} - password: ${{ secrets.DOCKER_HUB_TOKEN }} - - - name: Build and push - uses: docker/build-push-action@v3 - with: - context: . - # Build image for verification purposes on every trigger event. Only push if event is not a PR - push: ${{ github.event_name != 'pull_request' }} - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - - # https://github.com/peter-evans/dockerhub-description - # Important step to push image description to DockerHub - - name: Update Docker Hub description - if: github.event_name != 'pull_request' - uses: peter-evans/dockerhub-description@v3 - with: - # readme-filepath defaults to toplevel README.md, Only necessary if you have a dedicated file with your 'Notice for docker images' - readme-filepath: Docker-hub-notice.md - username: ${{ secrets.DOCKER_HUB_USER }} - password: ${{ secrets.DOCKER_HUB_TOKEN }} - repository: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 000000000..ec2dab0ea --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,209 @@ +# Copyright (c) 2021-2023 Contributors to the Eclipse Foundation + +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. + +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +# SPDX-License-Identifier: Apache-2.0 +--- + +name: Semantic Release +on: + push: + branches: + - main + - develop + pull_request: + branches: + - main + - develop + +env: + IMAGE_NAMESPACE: "tractusx" + IMAGE_NAME: "managed-identity-wallet" + +jobs: + + semantic_release: + name: Repository Release + runs-on: ubuntu-latest + permissions: + # see https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs + contents: write + pull-requests: write + packages: write + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Setup Helm + uses: azure/setup-helm@v3 + with: + token: ${{ secrets.GITHUB_TOKEN }} + + - name: Setup JDK 17 + uses: actions/setup-java@v3 + with: + java-version: '17' + distribution: 'temurin' + + - name: Setup Node.js + uses: actions/setup-node@v2 + with: + node-version: 18 # Replace with your desired Node.js version + + - name: Run semantic release + if: github.event_name != 'pull_request' + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + npx --yes -p @semantic-release/exec -p @semantic-release/changelog -p @semantic-release/git -p @semantic-release/commit-analyzer -p @semantic-release/release-notes-generator semantic-release + + - name: Run semantic release (dry run) + if: github.event_name == 'pull_request' + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + npx --yes -p @semantic-release/exec -p @semantic-release/github -p @semantic-release/changelog -p @semantic-release/git -p @semantic-release/commit-analyzer -p @semantic-release/release-notes-generator semantic-release --dry-run + + - name: Execute Gradle build + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_USERNAME: ${{ github.actor }} + run: ./gradlew build + + - name: Upload build artifact + uses: actions/upload-artifact@v2 + with: + name: build + path: ./build + if-no-files-found: error + retention-days: 1 + + - name: Upload Helm chart artifact + uses: actions/upload-artifact@v2 + with: + name: charts + path: ./charts + if-no-files-found: error + retention-days: 1 + + docker: + name: Docker Release + needs: semantic_release + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + - name: Download build artifact + uses: actions/download-artifact@v2 + with: + name: build + path: ./build + + - name: Download Helm chart artifact + uses: actions/download-artifact@v2 + with: + name: charts + path: ./charts + + - name: Extract new app version from Chart.yaml + run: | + chart_yaml_path="./charts/managed-identity-wallet/Chart.yaml" + + # Use grep to find the line containing appVersion, awk to split by ":" and cut to remove leading/trailing spaces + app_version=$(grep 'appVersion:' "$chart_yaml_path" | awk -F: '{gsub(/^[ \t]+|[ \t]+$/,"", $2); print $2}') + + echo "RELEASE_VERSION=$app_version" >> $GITHUB_ENV + + # Create SemVer or ref tags dependent of trigger event + - name: Docker meta + id: meta + uses: docker/metadata-action@v4 + with: + images: | + ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }} + # Automatically prepare image tags; See action docs for more examples. + # semver patter will generate tags like these for example :1 :1.2 :1.2.3 + tags: | + type=ref,event=branch + type=ref,event=pr + type=semver,pattern={{version}},value=${{ env.RELEASE_VERSION }} + type=semver,pattern={{major}},value=${{ env.RELEASE_VERSION }} + type=semver,pattern={{major}}.{{minor}},value=${{ env.RELEASE_VERSION }} + type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'main') }} + + - name: DockerHub login + if: github.event_name != 'pull_request' + uses: docker/login-action@v2 + with: + # Use existing DockerHub credentials present as secrets + username: ${{ secrets.DOCKER_HUB_USER }} + password: ${{ secrets.DOCKER_HUB_TOKEN }} + + - name: Push image + uses: docker/build-push-action@v2 + with: + context: . + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + + # https://github.com/peter-evans/dockerhub-description + # Important step to push image description to DockerHub + - name: Update Docker Hub description + if: github.event_name != 'pull_request' + uses: peter-evans/dockerhub-description@v3 + with: + # readme-filepath defaults to toplevel README.md, Only necessary if you have a dedicated file with your 'Notice for docker images' + readme-filepath: Docker-hub-notice.md + username: ${{ secrets.DOCKER_HUB_USER }} + password: ${{ secrets.DOCKER_HUB_TOKEN }} + repository: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }} + + helm: + name: Helm Release + needs: semantic_release + runs-on: ubuntu-latest + permissions: + contents: write + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Download Helm chart artifact + uses: actions/download-artifact@v2 + with: + name: charts + path: ./charts + + - name: Install Helm + uses: azure/setup-helm@v3 + with: + token: ${{ secrets.GITHUB_TOKEN }} + + - name: Add Helm dependency repositories + run: | + helm repo add bitnami https://charts.bitnami.com/bitnami + + - name: Configure Git + run: | + git config user.name "$GITHUB_ACTOR" + git config user.email "$GITHUB_ACTOR@users.noreply.github.com" + + - name: Run chart-releaser + if: github.event_name != 'pull_request' + uses: helm/chart-releaser-action@v1.4.1 + env: + CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + with: + packages_with_index: true diff --git a/.github/workflows/semantic-release.yml b/.github/workflows/semantic-release.yml deleted file mode 100644 index d74b55f49..000000000 --- a/.github/workflows/semantic-release.yml +++ /dev/null @@ -1,51 +0,0 @@ -name: Semantic Release -on: - push: - branches: - - main - -jobs: - semantic_release: - name: Semantic Release - runs-on: ubuntu-latest - permissions: - # see https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs - contents: write - pull-requests: write - packages: write - - steps: - - name: Checkout repository - uses: actions/checkout@v2 - - - name: Setup Node.js - uses: actions/setup-node@v2 - with: - node-version: 18 # Replace with your desired Node.js version - - - name: Set up JDK 17 - uses: actions/setup-java@v3 - with: - distribution: 'temurin' - java-version: '17' - - - name: Validate Gradle wrapper - uses: gradle/wrapper-validation-action@ccb4328a959376b642e027874838f60f8e596de3 - - - name: Build with Gradle - uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629 - with: - arguments: build - - - name: Run semantic release - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - npx \ - -p @semantic-release/changelog \ - -p @semantic-release/git \ - -p @semantic-release/commit-analyzer \ - -p gradle-semantic-release-plugin \ - -p @semantic-release/release-notes-generator \ - -p semantic-release-helm \ - semantic-release diff --git a/.releaserc b/.releaserc index 4d781385d..8c2a180d6 100644 --- a/.releaserc +++ b/.releaserc @@ -1,20 +1,50 @@ { - "branches": ["main"], - + "branches": [ + "main", + { + "name": "develop", + "prerelease": true + } + ], "plugins": [ - "gradle-semantic-release-plugin", - ["semantic-release-helm", { - chartPath: './charts/managed-identity-wallet', - onlyUpdateVersion: true, - }], "@semantic-release/commit-analyzer", + [ + "@semantic-release/exec", + { + "prepareCmd": "sed -i 's/applicationVersion=.*/applicationVersion=${nextRelease.version}/g' gradle.properties" + } + ], + [ + "@semantic-release/exec", + { + "prepareCmd": "sed -i 's/appVersion:.*/appVersion: ${nextRelease.version}/g' ./charts/managed-identity-wallet/Chart.yaml" + } + ], + [ + "@semantic-release/exec", + { + "prepareCmd": "./gradlew dashLicenseCheck" + } + ], "@semantic-release/release-notes-generator", - ["@semantic-release/changelog", { - "changelogFile": "CHANGELOG.md" - }], - ["@semantic-release/git", { - "assets": ["CHANGELOG.md", "gradle.properties", "./charts/managed-identity-wallet/Chart.yaml"], - "message": "chore(release): ${nextRelease.version} [skip ci]\n\n${nextRelease.notes}" - }] + [ + "@semantic-release/changelog", + { + "changelogFile": "CHANGELOG.md" + } + ], + [ + "@semantic-release/git", + { + "assets": [ + "CHANGELOG.md", + "DEPENDENCIES", + "gradle.properties", + "./charts/managed-identity-wallet/Chart.yaml" + ], + "message": "chore(release): ${nextRelease.version} [skip ci]\n\n${nextRelease.notes}" + } + ], + "@semantic-release/github" ] } diff --git a/README.md b/README.md index b8aa10392..97b62258a 100644 --- a/README.md +++ b/README.md @@ -339,3 +339,9 @@ role ``manage_app``. We can add this role to authority wallet client using keycl ## Notice for Docker image See [Docker-hub-notice.md](./Docker-hub-notice.md) + +## Acknowledgments + +We would like to give credit to these projects, which we use in our project. + +[![semantic-release: angular](https://img.shields.io/badge/semantic--release-angular-e10079?logo=semantic-release)](https://github.com/semantic-release/semantic-release) \ No newline at end of file diff --git a/charts/managed-identity-wallet/values.yaml b/charts/managed-identity-wallet/values.yaml index cb65cd23a..414099293 100644 --- a/charts/managed-identity-wallet/values.yaml +++ b/charts/managed-identity-wallet/values.yaml @@ -164,10 +164,10 @@ miw: keycloak: # -- Enable to deploy Keycloak enabled: true - extraEnvVars: - # - Extra environment variables. (default 'KEYCLOAK_HOSTNAME :{{ .Release.Name }}-keycloak') - - name: KEYCLOAK_HOSTNAME - value: "{{ .Release.Name }}-keycloak" + extraEnvVars: [] + # - Extra environment variables. (default 'KEYCLOAK_HOSTNAME :{{ .Release.Name }}-keycloak') + # - name: KEYCLOAK_HOSTNAME + # value: "{{ .Release.Name }}-keycloak" postgresql: # -- Name of the PostgreSQL chart to deploy. Mandatory when the MIW deploys a PostgreSQL chart, too. nameOverride: "keycloak-postgresql" @@ -180,6 +180,11 @@ keycloak: password: "" # -- Database name database: "miw_keycloak" + ingress: + enabled: false + annotations: {} + hosts: [] + tls: [] auth: # -- Keycloak admin user adminUser: "admin"