diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..083a961 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,187 @@ +name: Release + +on: + push: + branches: [ master ] + +permissions: + contents: write + pull-requests: write + +jobs: + check-code: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + # Build entirely in docker + - uses: docker/setup-qemu-action@v3 + + - uses: docker/setup-buildx-action@v3 + + - uses: docker/build-push-action@v6 + with: + context: ./src + push: false + tags: oidc-server-mock:experimental + platforms: linux/amd64,linux/arm64 + cache-from: type=gha + cache-to: type=gha,mode=max + + prepare-release: + runs-on: ubuntu-latest + needs: [check-code] + outputs: + upload_url: ${{ steps.create-release.outputs.upload_url }} + version: ${{ steps.version.outputs.release }} + steps: + - uses: actions/checkout@v4 + + - name: Configure Git + run: | + git config --global user.email "actions@github.com" + git config --global user.name "GitHub Actions" + + - name: Un-SNAP + run: | + version=$(grep -oPm1 "(?<=)[^<]+" <<< cat src/OpenIdConnectServerMock.csproj) + new_version=${version::-9} + sed -i "s/\(\)[^<>]*\(<\/VersionPrefix.*\)/\1$new_version\2/" src/OpenIdConnectServerMock.csproj + + - name: Get version + id: version + run: | + version=$(grep -oPm1 "(?<=)[^<]+" <<< cat src/OpenIdConnectServerMock.csproj) + echo "release=$version" >> $GITHUB_OUTPUT + echo "releasenumber=${version//[!0-9]/}" >> $GITHUB_OUTPUT + + - name: Commit and Push + run: | + git add -A + git commit -m "Release ${{ steps.version.outputs.release }}" + git push origin + git tag v${{ steps.version.outputs.release }} + git push origin --tags + + - name: Create Release + id: create-release + uses: shogo82148/actions-create-release@v1 + with: + tag_name: v${{ steps.version.outputs.release }} + release_name: v${{ steps.version.outputs.release }} + commitish: master + body: | + ## [Changelog](https://github.com/${{ github.repository }}/blob/develop/CHANGELOG.md#${{ steps.version.outputs.releasenumber }}) + See [Changelog#v${{ steps.version.outputs.release }}](https://github.com/${{ github.repository }}/blob/develop/CHANGELOG.md#${{ steps.version.outputs.releasenumber }}) for more information. + + ## Installation + + ### Docker + Download the image from + * [DockerHub](https://hub.docker.com/r/xdevsoftware/oidc-server-mock/tags?name=${{ steps.version.outputs.release }}) + * [GitHub Packages (ghcr.io)](https://github.com/xdev-software/oidc-server-mock/pkgs/container/oidc-server-mock) + + publish-docker: + runs-on: ubuntu-latest + needs: [prepare-release] + permissions: + packages: write + contents: read + attestations: write + id-token: write + steps: + - uses: actions/checkout@v4 + + - name: Init Git and pull + run: | + git config --global user.email "actions@github.com" + git config --global user.name "GitHub Actions" + git pull + + - name: Download server JAR + uses: actions/download-artifact@v4 + with: + name: server-standalone + path: server/target + + - uses: docker/setup-qemu-action@v3 + + - uses: docker/setup-buildx-action@v3 + + - name: Login to DockerHub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Login to ghcr.io + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + with: + images: | + ${{ secrets.DOCKERHUB_USERNAME }}/oidc-server-mock + ghcr.io/${{ github.repository }} + tags: | + type=semver,pattern={{version}},value=${{ needs.prepare-release.outputs.version }} + type=semver,pattern={{major}}.{{minor}},value=${{ needs.prepare-release.outputs.version }} + type=semver,pattern={{major}},value=${{ needs.prepare-release.outputs.version }} + latest + + - uses: docker/build-push-action@v6 + id: push + with: + context: ./src + push: true + platforms: linux/amd64,linux/arm64 + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + outputs: type=image,compression=zstd,force-compression=true + + - name: Generate artifact attestation (ghcr.io) + uses: actions/attest-build-provenance@v1 + with: + subject-name: ghcr.io/${{ github.repository }} + subject-digest: ${{ steps.push.outputs.digest }} + push-to-registry: true + + after-release: + runs-on: ubuntu-latest + needs: [publish-docker] + steps: + - uses: actions/checkout@v4 + + - name: Init Git and pull + run: | + git config --global user.email "actions@github.com" + git config --global user.name "GitHub Actions" + git pull + + - name: Inc Version and SNAP + run: | + version=$(grep -oPm1 "(?<=)[^<]+" <<< cat src/OpenIdConnectServerMock.csproj) + new_version="$(echo $version | awk -F. -v OFS=. 'NF==1{print ++$NF}; NF>1{if(length($NF+1)>length($NF))$(NF-1)++; $NF=sprintf("%0*d", length($NF), ($NF+1)%(10^length($NF))); print}')-SNAPSHOT" + sed -i "s/\(\)[^<>]*\(<\/VersionPrefix.*\)/\1$new_version\2/" src/OpenIdConnectServerMock.csproj + + - name: Git Commit and Push + run: | + git add -A + git commit -m "Preparing for next development iteration" + git push origin + + - name: pull-request + env: + GH_TOKEN: ${{ github.token }} + run: | + gh_pr_up() { + gh pr create "$@" || gh pr edit "$@" + } + gh_pr_up -B "develop" \ + --title "Sync back" \ + --body "An automated PR to sync changes back"