diff --git a/.github/workflows/release.yml b/.github/workflows/release-miw.yml similarity index 96% rename from .github/workflows/release.yml rename to .github/workflows/release-miw.yml index 41ec6790..62bee102 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release-miw.yml @@ -16,13 +16,27 @@ # SPDX-License-Identifier: Apache-2.0 --- -name: Semantic Release +name: Semantic Release - MIW on: push: + paths: + - 'miw/src/**' + - 'miw/build.gradle/**' + - 'wallet-commons/src/**' + - 'build.gradle' + - 'gradle.properties' + - 'settings.gradle' branches: - main - develop pull_request: + paths: + - 'miw/src/**' + - 'miw/build.gradle/**' + - 'wallet-commons/src/**' + - 'build.gradle' + - 'gradle.properties' + - 'settings.gradle' branches: - main - develop diff --git a/.github/workflows/release-revocation.yml b/.github/workflows/release-revocation.yml new file mode 100644 index 00000000..290d9b52 --- /dev/null +++ b/.github/workflows/release-revocation.yml @@ -0,0 +1,265 @@ +# Copyright (c) 2021-2023 Contributors to the Eclipse Foundation + +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. + +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +# SPDX-License-Identifier: Apache-2.0 +--- + +name: Semantic Release - Revocation Service +on: + push: + paths: + - 'revocation-service/src/**' + - 'revocation-service/build.gradle/**' + - 'wallet-commons/src/**' + - 'build.gradle' + - 'gradle.properties' + - 'settings.gradle' + branches: + - main + - develop + pull_request: + paths: + - 'revocation-service/src/**' + - 'revocation-service/build.gradle/**' + - 'wallet-commons/src/**' + - 'build.gradle' + - 'gradle.properties' + - 'settings.gradle' + branches: + - main + - develop + +env: + IMAGE_NAMESPACE: "tractusx" + IMAGE_NAME: "credential-revocation-service" + +jobs: + + semantic_release: + name: Repository Release + runs-on: ubuntu-latest + permissions: + # see https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs + contents: write + pull-requests: write + packages: write + outputs: + next_release: ${{ steps.semantic-release.outputs.next_release }} + will_create_new_release: ${{ steps.semantic-release.outputs.will_create_new_release }} + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Validate Gradle wrapper + uses: gradle/wrapper-validation-action@v2 + + - name: Setup Helm + uses: azure/setup-helm@v4.1.0 + + - name: Setup JDK 17 + uses: actions/setup-java@v4 + with: + java-version: '17' + distribution: 'temurin' + + - name: Setup Node.js + uses: actions/setup-node@v4 + with: + node-version: 20 + + # setup helm-docs as it is needed during semantic-release + - uses: gabe565/setup-helm-docs-action@v1 + name: Setup helm-docs + if: github.event_name != 'pull_request' + with: + version: v1.11.3 + + - name: Run semantic release + id: semantic-release + if: github.event_name != 'pull_request' + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GIT_AUTHOR_EMAIL: ${{ github.actor }}@users.noreply.github.com + GIT_COMMITTER_EMAIL: ${{ github.actor }}@users.noreply.github.com + run: | + npx --yes -p @semantic-release/exec -p @semantic-release/changelog -p @semantic-release/git -p @semantic-release/commit-analyzer -p @semantic-release/release-notes-generator semantic-release + + - name: Run semantic release (dry run) + if: github.event_name == 'pull_request' + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GIT_AUTHOR_EMAIL: ${{ github.actor }}@users.noreply.github.com + GIT_COMMITTER_EMAIL: ${{ github.actor }}@users.noreply.github.com + run: | + npx --yes -p @semantic-release/exec -p @semantic-release/github -p @semantic-release/changelog -p @semantic-release/git -p @semantic-release/commit-analyzer -p @semantic-release/release-notes-generator semantic-release --dry-run + + - name: Execute Gradle build + run: ./gradlew build + + - name: Upload build artifact + uses: actions/upload-artifact@v4 + with: + name: build + path: ./revocation-service/build + if-no-files-found: error + retention-days: 1 + + - name: Upload Helm chart artifact + uses: actions/upload-artifact@v4 + with: + name: charts + path: ./charts + if-no-files-found: error + retention-days: 1 + + - name: Report semantic-release outputs + run: | + echo "::notice::${{ env.next_release }}" + echo "::notice::${{ env.will_create_new_release }}" + + - name: Upload jar to GitHub release + if: github.event_name != 'pull_request' && steps.semantic-release.outputs.will_create_new_release == 'true' + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + RELEASE_VERSION: ${{ steps.semantic-release.outputs.next_release }} + run: | + echo "::notice::Uploading jar to GitHub release" + gh release upload "v$RELEASE_VERSION" ./revocation-service/build/libs/revocation-service-latest.jar + + docker: + name: Docker Release + needs: semantic_release + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + - name: Download build artifact + uses: actions/download-artifact@v4 + with: + name: build + path: ./revocation-service/build + + - name: Download Helm chart artifact + uses: actions/download-artifact@v4 + with: + name: charts + path: ./charts + + # Create SemVer or ref tags dependent of trigger event + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: | + ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }} + # Automatically prepare image tags; See action docs for more examples. + # semver patter will generate tags like these for example :1 :1.2 :1.2.3 + tags: | + type=ref,event=branch + type=ref,event=pr + type=semver,pattern={{version}},value=${{ needs.semantic_release.outputs.next_release }} + type=semver,pattern={{major}},value=${{ needs.semantic_release.outputs.next_release }} + type=semver,pattern={{major}}.{{minor}},value=${{ needs.semantic_release.outputs.next_release }} + type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'main') }} + + - name: DockerHub login + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + # Use existing DockerHub credentials present as secrets + username: ${{ secrets.DOCKER_HUB_USER }} + password: ${{ secrets.DOCKER_HUB_TOKEN }} + + - name: Push image + uses: docker/build-push-action@v5 + with: + context: . + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + file: ./revocation-service/Dockerfile + + # https://github.com/peter-evans/dockerhub-description + # Important step to push image description to DockerHub + - name: Update Docker Hub description + if: github.event_name != 'pull_request' + uses: peter-evans/dockerhub-description@v3 + with: + # readme-filepath defaults to toplevel README.md, Only necessary if you have a dedicated file with your 'Notice for docker images' + readme-filepath: Docker-hub-notice.md + username: ${{ secrets.DOCKER_HUB_USER }} + password: ${{ secrets.DOCKER_HUB_TOKEN }} + repository: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }} + + helm: + name: Helm Release + needs: semantic_release + runs-on: ubuntu-latest + permissions: + contents: write + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Download Helm chart artifact + uses: actions/download-artifact@v4 + with: + name: charts + path: ./charts + + - name: Install Helm + uses: azure/setup-helm@v4.1.0 + + - name: Add Helm dependency repositories + run: | + helm repo add bitnami https://charts.bitnami.com/bitnami + + - name: Configure Git + run: | + git config user.name "$GITHUB_ACTOR" + git config user.email "$GITHUB_ACTOR@users.noreply.github.com" + + - name: Release chart + if: github.event_name != 'pull_request' && needs.semantic_release.outputs.will_create_new_release == 'true' + run: | + # Package Revocation-service chart,this will not work as we do not have any chart there + helm_package_path=$(helm package -u -d helm-charts ./charts/revocation-service | grep -o 'to: .*' | cut -d' ' -f2-) + echo "HELM_PACKAGE_PATH=$helm_package_path" >> $GITHUB_ENV + + # Commit and push to gh-pages + git add helm-charts + git stash -- helm-charts + git reset --hard + git fetch origin + git checkout gh-pages + git stash pop + + # Generate helm repo index.yaml + helm repo index . --merge index.yaml --url https://${GITHUB_REPOSITORY_OWNER}.github.io/${GITHUB_REPOSITORY#*/}/ + git add index.yaml + + git commit -s -m "Release ${{ needs.semantic_release.outputs.next_release }}" + + git push origin gh-pages + + - name: Upload chart to GitHub release + if: github.event_name != 'pull_request' && needs.semantic_release.outputs.will_create_new_release == 'true' + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + RELEASE_VERSION: ${{ needs.semantic_release.outputs.next_release }} + HELM_PACKAGE_PATH: ${{ env.HELM_PACKAGE_PATH }} + run: | + echo "::notice::Uploading chart to GitHub release" + gh release upload "v$RELEASE_VERSION" "$HELM_PACKAGE_PATH" diff --git a/revocation-service/build.gradle b/revocation-service/build.gradle index 477bbefc..185d8efa 100644 --- a/revocation-service/build.gradle +++ b/revocation-service/build.gradle @@ -79,3 +79,13 @@ build { version = "latest" } + +bootJar { + enabled = true + metaInf { + from 'DEPENDENCIES' + from '../SECURITY.md' + from '../NOTICE.md' + from '../LICENSE' + } +}