ci: introduce semantic versioning (#97)

* refactor: undo unnecessary changes * docs: list all config values * refactor: rename config file * refactor: remove example files from docker image * refactor: merge config files * refactor: update .dockerignore to include all Dockerfiles and .env files * WIP: migrate from config macro to config function * refactor: configs for `log_format` and `event_store` * refactor: remove unused macros calls * refactor: migrate `url` config * refactor: `secret_manager` config * refactor: `credential_configurations` config * refactor: rename `DidMethodOptions`, add config for `signing_algorithms_supported` * refactor: determine default DID method * refactor: remove comments, load env variables * WIP: refactor `event_publishers` config * refactor: remove `metadata` * refactor: remove `config!` macro * refactor: rename `config_2` to `config` * chore: change example logo, disable `event_publisher`, respect `default_did_method` * chore: resolve clippy issues * refactor: remove `set_metadata_configuration` * refactor: remove `TEST_METADATA` * WIP * test: fix tests * ci: update docker-compose * fix: replace `localhost` with container name * refactor: clean up code * chore: fix unused import * feat: install `@commitlint` and `semantic-release` * feat: check PR title with `commitlint` * refactor: move `commitlint` to separate workflow * refactor: only check PR title for `dev` * chore: disable `types` (temporarily) * ci: add default `semantic-release` workflow (for Node projects) * docs: add reference to "Twelve-Factor App" * docs: add badge for DockerHub pulls * refactor: remove unused node dependencies * docs: describe branches and tags * ci: trigger release on push --------- Co-authored-by: Nander Stabel <nander.stabel@impierce.com>
impierce · Nov 19, 2024 · bae282b · bae282b
1 parent 731032a
commit bae282b
Show file tree

Hide file tree

Showing 5 changed files with 106 additions and 0 deletions.
diff --git a/.github/workflows/lint-pr-title.yaml b/.github/workflows/lint-pr-title.yaml
@@ -0,0 +1,35 @@
+# The title of the pull request is used as the commit message when working with a squash-based merging style.
+# This project also follows semantic versioning, so it is important that the title follows conventional commits and should therefore be checked.
+
+name: Lint PR title
+
+on:
+  pull_request:
+    branches:
+      - main
+      - next
+      - beta
+      - alpha
+    # https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request
+    # types: [opened, synchronize, reopened, edited]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - uses: actions/setup-node@v4
+        with:
+          node-version: "lts/*"
+
+      - run: npm ci
+
+      - run: echo $TITLE | npx commitlint
+        env:
+          # Security: we mitigate script injections by using an intermediate environment variable
+          # https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable
+          TITLE: ${{ github.event.pull_request.title }}
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -0,0 +1,37 @@
+name: Release
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - main
+      - next
+      - beta
+      - alpha
+
+permissions:
+  contents: read # for checkout
+
+jobs:
+  release:
+    name: release
+    runs-on: ubuntu-latest
+
+    permissions:
+      contents: write # to be able to publish a GitHub release
+      issues: write # to be able to comment on released issues
+      pull-requests: write # to be able to comment on released pull requests
+
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - uses: actions/setup-node@v3
+        with:
+          node-version: "lts/*"
+
+      - name: Release
+        run: npx semantic-release@24
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.releaserc.yaml b/.releaserc.yaml
@@ -0,0 +1,4 @@
+plugins:
+  - "@semantic-release/commit-analyzer"
+  - "@semantic-release/release-notes-generator"
+  - "@semantic-release/github"
diff --git a/README.md b/README.md
@@ -1,5 +1,15 @@
 # SSI Agent
 
+[![semantic-release: angular](https://img.shields.io/badge/semantic--release-angular-e10079?logo=semantic-release)](https://github.com/semantic-release/semantic-release)
+[![GitHub License](https://img.shields.io/github/license/impierce/ssi-agent)](https://github.com/impierce/ssi-agent/blob/HEAD/LICENSE)
+[![Docker Pulls](https://img.shields.io/docker/pulls/impiercetechnologies/ssi-agent)](https://hub.docker.com/r/impiercetechnologies/ssi-agent)
+
+<!-- This is a playful reference to the "Twelve-Factor App" conventions that we try to follow. -->
+
+[![twelve-factor-app](https://img.shields.io/badge/factors-twelve-blue)](https://12factor.net)
+
+---
+
 ## API specification
 
 [Follow these instructions](./agent_api_rest/README.md) to inspect the REST API.
@@ -161,3 +171,20 @@ OpenID4VCI Pre-Authorized Code Flow
 30-31: See steps 4-5.
    32: The API returns a `200 OK` response with the credential(s) in the response body.
 ```
+
+## Releases
+
+This project uses [semantic-release](https://semantic-release.gitbook.io) - plain and simple, without noteworthy custom configuration.
+
+### Branches
+
+| Branch name | Description                                                                                                  | Example tag      |
+| ----------- | ------------------------------------------------------------------------------------------------------------ | ---------------- |
+| `main`      | Current stable releases. Default version when pulling the `latest` Docker image.                             | `v1.2.1`         |
+| `next`      | Upcoming major version (containing breaking changes). Can be considered a stable preview of coming features. | `v2.0.8`         |
+| `beta`      | Pre-releases that are fully implemented, but require testing, validation and feedback.                       | `v2.0.8-beta.2`  |
+| `alpha`     | Experimental early-stage testing and development.                                                            | `v2.1.2-alpha.4` |
+
+### Merging strategy
+
+All PRs to any of the branches defined above are squashed to preserve a clean history. Since the PR title is used as the commit message, it is important to follow a conventional commit style in order to allow semantic releases (next version is determined by the commits since the last version). Therefore, the PR title is automatically linted by a GitHub Action.
diff --git a/commitlint.config.mjs b/commitlint.config.mjs
@@ -0,0 +1,3 @@
+export default {
+  extends: ["@commitlint/config-angular"],
+};