From 6f464584a8eca941797862e1d871dc2e50bb342e Mon Sep 17 00:00:00 2001 From: ndr_brt Date: Tue, 1 Oct 2024 10:53:17 +0200 Subject: [PATCH] build: backport release workflows --- .../publish-tag-and-release/action.yml | 92 +++++++++++ .github/actions/setup-helm/action.yml | 29 ++++ .github/workflows/manual-release-bugfix.yml | 38 +++++ .github/workflows/release.yml | 145 ++++++++++++++++++ .github/workflows/trigger-docker-publish.yaml | 78 ++++++++++ .github/workflows/trigger-maven-publish.yaml | 84 ++++++++++ 6 files changed, 466 insertions(+) create mode 100644 .github/actions/publish-tag-and-release/action.yml create mode 100644 .github/actions/setup-helm/action.yml create mode 100644 .github/workflows/manual-release-bugfix.yml create mode 100644 .github/workflows/release.yml create mode 100644 .github/workflows/trigger-docker-publish.yaml create mode 100644 .github/workflows/trigger-maven-publish.yaml diff --git a/.github/actions/publish-tag-and-release/action.yml b/.github/actions/publish-tag-and-release/action.yml new file mode 100644 index 000000000..7499ccb27 --- /dev/null +++ b/.github/actions/publish-tag-and-release/action.yml @@ -0,0 +1,92 @@ +################################################################################# +# Copyright (c) 2024 Bayerische Motoren Werke Aktiengesellschaft (BMW AG) +# Copyright (c) 2024 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +################################################################################# + + +--- +name: "Publish Github release and tag" +description: "Publish Github release and tag" +inputs: + version: + required: true + description: "The version to be used in the tag and release publication" + token: + required: true + description: "Github token" + is_latest: + required: true + description: "Boolean that defines if a release is latest or not" + +runs: + using: "composite" + steps: + - uses: actions/checkout@v4 + - name: Prepare Git Config + shell: bash + run: | + # Prepare git env + git config user.name "eclipse-tractusx-bot" + git config user.email "tractusx-bot@eclipse.org" + - name: Create Release Tag + id: create_release_tag + shell: bash + run: | + # informative + git branch -a + git tag + + # Create & push tag + git tag ${{ inputs.version }} + git push origin ${{ inputs.version }} + - name: Create GitHub Release + uses: ncipollo/release-action@v1 + with: + generateReleaseNotes: true + tag: ${{ inputs.version }} + token: ${{ inputs.token }} + makeLatest: ${{ inputs.is_latest }} + removeArtifacts: true + - uses: ./.github/actions/setup-java + - name: Set new snapshot version + if: ${{ inputs.is_latest }} + shell: bash + run: | + # Extract release version + IFS=.- read -r RELEASE_VERSION_MAJOR RELEASE_VERSION_MINOR RELEASE_VERSION_PATCH SNAPSHOT<<<"${{ inputs.version}}" + INC=0 + # Compute new snapshot version, do not increment snapshot on non-final releases, e.g. -rc1 + if [ -z $SNAPSHOT ]; then + # snapshot + echo "${{ inputs.version }} is a final release version, increase patch for next snapshot" + INC=1 + else + echo "${{ inputs.version }} is not a final release version (contains \"$SNAPSHOT\"), will not increase patch" + fi + + VERSION="$RELEASE_VERSION_MAJOR.$((RELEASE_VERSION_MINOR+$INC)).0-SNAPSHOT" + SNAPSHOT_VERSION=$VERSION + + # Persist the "version" in the gradle.properties + sed -i "s/version=.*/version=$SNAPSHOT_VERSION/g" gradle.properties + + # Commit and push to origin main + git add gradle.properties + git commit --message "Introduce new snapshot version $SNAPSHOT_VERSION" + + git push diff --git a/.github/actions/setup-helm/action.yml b/.github/actions/setup-helm/action.yml new file mode 100644 index 000000000..02d868f9f --- /dev/null +++ b/.github/actions/setup-helm/action.yml @@ -0,0 +1,29 @@ +################################################################################# +# Copyright (c) 2024 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +################################################################################# + + +--- +name: "Setup Helm" +description: "Setup Helm" +runs: + using: "composite" + steps: + - uses: azure/setup-helm@v4 + with: + version: v3.16.1 diff --git a/.github/workflows/manual-release-bugfix.yml b/.github/workflows/manual-release-bugfix.yml new file mode 100644 index 000000000..a96199587 --- /dev/null +++ b/.github/workflows/manual-release-bugfix.yml @@ -0,0 +1,38 @@ +################################################################################# +# Copyright (c) 2024 Bayerische Motoren Werke Aktiengesellschaft (BMW AG) +# Copyright (c) 2021,2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +################################################################################# + + +--- +name: "Bugfix Release" +run-name: "Release bugfix from ${{ github.ref_name }}" + +on: + workflow_dispatch: + +jobs: + # Gate: Skip if base is not bugfix branch + check-head: + name: "Check if head is bugfix and delegate to release workflow" + if: startsWith(github.ref_name, 'bugfix/') + uses: ./.github/workflows/release.yml + permissions: + contents: write + pages: write + secrets: inherit diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 000000000..10a908b4e --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,145 @@ +################################################################################# +# Copyright (c) 2024 Bayerische Motoren Werke Aktiengesellschaft (BMW AG) +# Copyright (c) 2021,2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +################################################################################# + + +--- +name: "Release" + +on: + pull_request: + branches: + - main + types: + - closed + + workflow_call: + + +jobs: + # Gate + validation: + name: "Check if repository is not fork AND head is release OR base is bugfix" + runs-on: ubuntu-latest + if: ${{ github.repository == 'eclipse-tractusx/tractusx-edc' && (startsWith(github.ref_name, 'bugfix/') || startsWith(github.event.pull_request.head.ref, 'release/')) }} + outputs: + RELEASE_VERSION: ${{ steps.release-version.outputs.RELEASE_VERSION }} + steps: + - uses: actions/checkout@v4 + - name: Output release version + id: release-version + run: | + VERSION=$(grep "version" gradle.properties | awk -F= '{print $2}') + echo "RELEASE_VERSION=$VERSION" >> $GITHUB_OUTPUT + + # Release: Maven Artifacts + maven-release: + name: Publish extension's release version to maven repository + needs: [ validation ] + permissions: + contents: read + if: needs.validation.outputs.RELEASE_VERSION + uses: ./.github/workflows/trigger-maven-publish.yaml + secrets: inherit + with: + version: ${{ needs.validation.outputs.RELEASE_VERSION }} + + # Release: docker images + docker-release: + name: Publish Docker images + needs: [ validation ] + if: needs.validation.outputs.RELEASE_VERSION + uses: ./.github/workflows/trigger-docker-publish.yaml + secrets: inherit + with: + docker_tag: ${{ needs.validation.outputs.RELEASE_VERSION }} + + # Release: Helm charts + helm-release: + name: Publish helm charts + needs: [ validation ] + runs-on: ubuntu-latest + permissions: + contents: write + pages: write + + if: needs.validation.outputs.RELEASE_VERSION + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - uses: ./.github/actions/setup-helm + - name: Package helm, update index.yaml and push to gh-pages + run: | + # Prepare git env + git config user.name "eclipse-tractusx-bot" + git config user.email "tractusx-bot@eclipse.org" + + # Package all charts + find charts -name Chart.yaml -not -path "./edc-tests/*" | xargs -n1 dirname | xargs -n1 helm package -u -d helm-charts + + git checkout gh-pages || git checkout -b gh-pages + git pull --rebase origin gh-pages + + # Generate helm repo index.yaml + helm repo index . --merge index.yaml --url https://${GITHUB_REPOSITORY_OWNER}.github.io/${GITHUB_REPOSITORY#*/}/ + + # Commit and push to gh-pages + git add index.yaml helm-charts + git commit -s -m "Release ${{ needs.validation.outputs.RELEASE_VERSION }}" + + git push origin gh-pages + + # Release: GitHub tag & release; Starts a new development cycle if latest release; + github-release: + name: Publish new github release + needs: [ validation, maven-release, docker-release, helm-release ] + runs-on: ubuntu-latest + permissions: + contents: write + if: needs.validation.outputs.RELEASE_VERSION + steps: + - uses: actions/checkout@v4 + - uses: ./.github/actions/publish-tag-and-release + with: + version: ${{ needs.validation.outputs.RELEASE_VERSION }} + token: ${{ secrets.GITHUB_TOKEN }} + is_latest: ${{ github.ref_name == 'main' }} + + # Release: Publish specs to SwaggerHub + publish-to-swaggerhub: + name: "Publish OpenAPI spec to Swaggerhub" + permissions: + contents: read + needs: [ validation ] + uses: ./.github/workflows/publish-swaggerhub.yaml + with: + downstream-version: ${{ needs.validation.outputs.RELEASE_VERSION }} + secrets: inherit + + # Release: Publish specs to GitHub Pages + publish-openapi-to-gh-pages: + name: "Publish OpenAPI UI spec GitHub Pages" + permissions: + contents: write + needs: [ validation ] + uses: ./.github/workflows/publish-openapi-ui.yml + secrets: inherit + with: + version: ${{ needs.validation.outputs.RELEASE_VERSION }} diff --git a/.github/workflows/trigger-docker-publish.yaml b/.github/workflows/trigger-docker-publish.yaml new file mode 100644 index 000000000..8e0655e5c --- /dev/null +++ b/.github/workflows/trigger-docker-publish.yaml @@ -0,0 +1,78 @@ +################################################################################# +# Copyright (c) 2023 Bayerische Motoren Werke Aktiengesellschaft (BMW AG) +# Copyright (c) 2021,2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +################################################################################# + + +--- +name: "Create and publish Docker images" + +on: + workflow_dispatch: + inputs: + namespace: + description: 'The namespace (=repo) in DockerHub' + required: false + default: "tractusx" + docker_tag: + description: 'Explicitly specify the Docker tag. Note that SHA and latest are added automatically.' + required: false + type: string + + workflow_call: + inputs: + namespace: + type: string + description: 'The namespace (=repo) in DockerHub' + required: false + default: "tractusx" + docker_tag: + type: string + description: 'Explicitly specify the Docker tag. Note that SHA and latest are added automatically.' + required: false + +jobs: + create-docker-image: + name: "Build and push images" + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + variant: [ { dir: edc-controlplane, img: edc-runtime-memory }, + { dir: edc-controlplane, img: edc-controlplane-postgresql-hashicorp-vault }, + { dir: edc-controlplane, img: edc-controlplane-postgresql-azure-vault }, + { dir: edc-dataplane, img: edc-dataplane-azure-vault }, + { dir: edc-dataplane, img: edc-dataplane-hashicorp-vault }, + { dir: edc-tests/runtime, img: mock-connector }] + permissions: + contents: write + steps: + - uses: actions/checkout@v4 + - name: Log inputs + run: | + echo "Input Version: ${{ inputs.docker_tag }}, Input namespace: ${{ inputs.namespace}}" + - uses: ./.github/actions/publish-docker-image + name: Publish ${{ matrix.variant.img }} + with: + docker_tag: ${{ inputs.docker_tag }} + rootDir: ${{ matrix.variant.dir }}/${{ matrix.variant.img }} + imagename: ${{ matrix.variant.img }} + namespace: ${{ inputs.namespace }} + docker_user: ${{ secrets.DOCKER_HUB_USER }} + docker_token: ${{ secrets.DOCKER_HUB_TOKEN }} + do_push: 'true' diff --git a/.github/workflows/trigger-maven-publish.yaml b/.github/workflows/trigger-maven-publish.yaml new file mode 100644 index 000000000..94cd7594f --- /dev/null +++ b/.github/workflows/trigger-maven-publish.yaml @@ -0,0 +1,84 @@ +################################################################################# +# Copyright (c) 2023 Bayerische Motoren Werke Aktiengesellschaft (BMW AG) +# Copyright (c) 2021,2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +################################################################################# + + +--- +name: "Publish Maven Artefacts to OSSRH" + +on: + workflow_dispatch: + inputs: + version: + required: false + description: 'a semver string denoting the version. Append -SNAPSHOT for snapshots. If omitted, the version is taken from gradle.properties' + workflow_call: + inputs: + version: + type: string + required: false + description: 'a semver string denoting the version. Append -SNAPSHOT for snapshots. If omitted, the version is taken from gradle.properties' + +jobs: + maven-release: + name: 'Publish all artefacts to Sonatype/MavenCentral' + runs-on: ubuntu-latest + permissions: + contents: read + steps: + # Set-Up + - uses: actions/checkout@v4 + - uses: ./.github/actions/setup-java + + # Import GPG Key + - uses: ./.github/actions/import-gpg-key + name: "Import GPG Key" + with: + gpg-private-key: ${{ secrets.ORG_GPG_PRIVATE_KEY }} + + # publish releases + - name: Publish version + env: + OSSRH_PASSWORD: ${{ secrets.ORG_OSSRH_PASSWORD }} + OSSRH_USER: ${{ secrets.ORG_OSSRH_USERNAME }} + run: |- + + echo "Input Version: ${{ inputs.version }}" + + # check if version input was specified, else read from gradle.properties + + if [ ! -z ${{ inputs.version }} ]; + then + VERSION=${{ inputs.version }} + echo "Publishing using version from parameter: $VERSION" + else + VERSION=$(./gradlew properties -q | grep "version:" | awk '{print $2}') + echo "Publishing using version from gradle.properties: $VERSION" + fi + + # check if the version is a SNAPSHOT, and if not, append command to close staging repo + + cmd="" + if [[ $VERSION != *-SNAPSHOT ]] + then + cmd="closeAndReleaseSonatypeStagingRepository"; + fi + echo "Publishing Version $VERSION to Sonatype" + + ./gradlew publishToSonatype ${cmd} --no-parallel -Pversion=$VERSION -Psigning.gnupg.executable=gpg -Psigning.gnupg.passphrase="${{ secrets.ORG_GPG_PASSPHRASE }}"