pre-release

.github/workflows/release.yml

@@ -41,50 +41,33 @@ jobs:
       - name: Generate changelog
         id: changelog
         run: |
-          git log $(git describe --tags --abbrev=0)..HEAD -- . \
-            --pretty=format:"- %s" > changelog.txt
+          git log $(git describe --tags --abbrev=0)..HEAD -- . --pretty=format:"- %s" > changelog.txt
           CHANGELOG=$(cat changelog.txt | jq -sRr @uri)
-          echo "changelog<<EOF" >> $GITHUB_ENV
-          echo "$CHANGELOG" >> $GITHUB_ENV
-          echo "EOF" >> $GITHUB_ENV
+          echo "CHANGELOG=$CHANGELOG" >> $GITHUB_ENV
 
       - name: Log in to Docker Hub
         uses: docker/login-action@v3
         with:
           username: ${{ vars.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_TOKEN }}
 
-      # Temporarily comment out the build and push step to save time during testing
-      # - name: Multi-arch build and push to Docker Hub
-      #   id: build-push
-      #   uses: docker/build-push-action@v6
-      #   with:
-      #     context: .
-      #     file: ./Dockerfile
-      #     platforms: linux/amd64,linux/arm64
-      #     push: true
-      #     tags: |
-      #       usabilitydynamics/udx-worker:${{ steps.gitversion.outputs.semVer }}
-      #       usabilitydynamics/udx-worker:latest
+      - name: Multi-arch build and push to Docker Hub
+        id: build-push
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          file: ./Dockerfile
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: |
+            usabilitydynamics/udx-worker:${{ steps.gitversion.outputs.semVer }}
+            usabilitydynamics/udx-worker:latest
 
       - name: Install Trivy
         run: |
           curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | \
             sudo sh -s -- -b /usr/local/bin
 
-      - name: Pull Docker Image for SBOM Generation
-        id: pull-image
-        run: |
-          docker pull usabilitydynamics/udx-worker:${{ steps.gitversion.outputs.semVer }}
-          docker images  # List images to verify the image is present locally
-
-      - name: Get Image Digest
-        id: get-digest
-        run: |
-          IMAGE_DIGEST=$(docker inspect --format='{{index .RepoDigests 0}}' usabilitydynamics/udx-worker:${{ steps.gitversion.outputs.semVer }})
-          echo "IMAGE_DIGEST=${IMAGE_DIGEST}" >> $GITHUB_ENV
-          echo "::set-output name=image_digest::${IMAGE_DIGEST}"
-
       - name: Generate SBOM with Retry Logic
         id: generate-sbom
         run: |
@@ -147,7 +130,7 @@ jobs:
         run: |
           cosign sign -y \
             --key env://COSIGN_PRIVATE_KEY \
-            "$IMAGE_DIGEST"
+            usabilitydynamics/udx-worker@${{ steps.build-push.outputs.digest }}
 
       - name: Sign SBOM with Cosign
         env:
@@ -157,51 +140,49 @@ jobs:
             --key env://COSIGN_PRIVATE_KEY \
             --predicate sbom.json \
             --type https://spdx.dev/spdx-specification-2-2-pdf \
-            "$IMAGE_DIGEST"
-
+            usabilitydynamics/udx-worker@${{ steps.build-push.outputs.digest }}
 
       - name: Log out from Docker Hub
         run: docker logout
 
-  # Temporarily comment out GitHub release job to avoid duplicate releases
-  # github-release:
-  #   runs-on: ubuntu-latest
-  #   needs: docker-release
-  #   permissions:
-  #     contents: write
-  #   steps:
-  #     - name: Checkout code
-  #       uses: actions/checkout@v4
-  #       with:
-  #         fetch-depth: 0
-
-  #     - name: Configure git for pushing
-  #       run: |
-  #         git config --global user.email "[email protected]"
-  #         git config --global user.name "UDX Worker"
-
-  #     - name: Create GitHub Tag
-  #       env:
-  #         GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
-  #       run: |
-  #         git tag ${{ needs.docker-release.outputs.semVer }}
-  #         git push origin ${{ needs.docker-release.outputs.semVer }}
-
-  #     - name: Download SBOM Artifact
-  #       uses: actions/download-artifact@v4
-  #       with:
-  #         name: sbom
-
-  #     - name: Create GitHub release
-  #       uses: softprops/action-gh-release@v2
-  #       with:
-  #         tag_name: ${{ needs.docker-release.outputs.semVer }}
-  #         body: |
-  #           Release version ${{ needs.docker-release.outputs.semVer }}.
-  #           [View on Docker Hub](https://hub.docker.com/r/usabilitydynamics/udx-worker/tags?page=1&ordering=last_updated).
-  #           ${{ needs.docker-release.outputs.changelog }}
-  #         draft: false
-  #         prerelease: false
-  #         files: sbom.json
-  #       env:
-  #         GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
+  github-release:
+    runs-on: ubuntu-latest
+    needs: docker-release
+    permissions:
+      contents: write
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Configure git for pushing
+        run: |
+          git config --global user.email "[email protected]"
+          git config --global user.name "UDX Worker"
+
+      - name: Create GitHub Tag
+        env:
+          GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
+        run: |
+          git tag ${{ needs.docker-release.outputs.semVer }}
+          git push origin ${{ needs.docker-release.outputs.semVer }}
+
+      - name: Download SBOM Artifact
+        uses: actions/download-artifact@v4
+        with:
+          name: sbom
+
+      - name: Create GitHub release
+        uses: softprops/action-gh-release@v2
+        with:
+          tag_name: ${{ needs.docker-release.outputs.semVer }}
+          body: |
+            Release version ${{ needs.docker-release.outputs.semVer }}.
+            [View on Docker Hub](https://hub.docker.com/r/usabilitydynamics/udx-worker/tags?page=1&ordering=last_updated).
+            ${{ needs.docker-release.outputs.changelog }}
+          draft: false
+          prerelease: false
+          files: sbom.json
+        env:
+          GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}