diff --git a/.github/release-drafter.yml b/.github/release-drafter.yml index 784eb7d..fb2ec4b 100644 --- a/.github/release-drafter.yml +++ b/.github/release-drafter.yml @@ -5,7 +5,7 @@ template: | # Changelog $CHANGES - See details of [all code changes](https://github.com/github/automatic-contrib-prs/compare/$PREVIOUS_TAG...v$RESOLVED_VERSION) since previous release + See details of [all code changes](https://github.com/$OWNER/$REPOSITORY/compare/$PREVIOUS_TAG...v$RESOLVED_VERSION) since previous release categories: - title: "🚀 Features" @@ -32,14 +32,17 @@ version-resolver: major: labels: - "breaking" + - "major" minor: labels: - "enhancement" - "fix" + - "minor" patch: labels: - "documentation" - "maintenance" + - "patch" default: patch autolabeler: - label: "automation" diff --git a/.github/workflows/auto-labeler.yml b/.github/workflows/auto-labeler.yml index 9fe305e..a684390 100644 --- a/.github/workflows/auto-labeler.yml +++ b/.github/workflows/auto-labeler.yml @@ -1,24 +1,18 @@ --- name: Auto Labeler - on: # pull_request_target event is required for autolabeler to support all PRs including forks pull_request_target: types: [opened, reopened, edited, synchronize] - permissions: contents: read - jobs: main: permissions: contents: write pull-requests: write - name: Auto label pull requests - runs-on: ubuntu-latest - steps: - - uses: release-drafter/release-drafter@3f0f87098bd6b5c5b9a36d49c41d998ea58f9348 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - config-name: release-drafter.yml + uses: jmeridth/reusable-workflows/.github/workflows/auto-labeler.yaml@1406afbf7a795f706f04644059cecbb3b2f0c1a0 + with: + config-name: release-drafter.yml + secrets: + github-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml index 7fb238c..9445318 100644 --- a/.github/workflows/pr-title.yml +++ b/.github/workflows/pr-title.yml @@ -1,38 +1,17 @@ ## Reference: https://github.com/amannn/action-semantic-pull-request --- name: "Lint PR Title" - on: pull_request_target: - types: [opened, edited, edited, synchronize] - + types: [opened, reopened, edited, synchronize] permissions: contents: read - jobs: main: permissions: + contents: read pull-requests: read statuses: write - name: Validate PR title - runs-on: ubuntu-latest - steps: - - uses: amannn/action-semantic-pull-request@0723387faaf9b38adef4775cd42cfd5155ed6017 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - # Configure which types are allowed (newline-delimited). - # From: https://github.com/commitizen/conventional-commit-types/blob/master/index.json - # listing all below - types: | - build - chore - ci - docs - feat - fix - perf - refactor - revert - style - test + uses: jmeridth/reusable-workflows/.github/workflows/pr-title.yaml@1406afbf7a795f706f04644059cecbb3b2f0c1a0 + secrets: + github-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 17fc558..356a3d2 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,92 +1,50 @@ --- name: Release - on: workflow_dispatch: pull_request_target: types: [closed] branches: [main] - permissions: contents: read - jobs: - create_release: - # release if - # manual deployment OR - # merged to main and labelled with release labels - if: | - (github.event_name == 'workflow_dispatch') || - (github.event.pull_request.merged == true && - (contains(github.event.pull_request.labels.*.name, 'breaking') || - contains(github.event.pull_request.labels.*.name, 'release') || - contains(github.event.pull_request.labels.*.name, 'vuln') || - contains(github.event.pull_request.labels.*.name, 'release'))) - outputs: - full-tag: ${{ steps.release-drafter.outputs.tag_name }} - short-tag: ${{ steps.get_tag_name.outputs.SHORT_TAG }} - body: ${{ steps.release-drafter.outputs.body }} - runs-on: ubuntu-latest + release: permissions: contents: write pull-requests: read - steps: - - uses: release-drafter/release-drafter@3f0f87098bd6b5c5b9a36d49c41d998ea58f9348 - id: release-drafter - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - config-name: release-drafter.yml - publish: true - - name: Get the short tag - id: get_tag_name - run: | - short_tag=$(echo ${{ steps.release-drafter.outputs.tag_name }} | cut -d. -f1) - echo "SHORT_TAG=$short_tag" >> "$GITHUB_OUTPUT" - create_action_images: - needs: create_release - runs-on: ubuntu-latest + uses: jmeridth/reusable-workflows/.github/workflows/release.yaml@53a9c808122ffaae9af948f72139fb4bd44ab74c + with: + publish: true + release-config-name: release-drafter.yml + secrets: + github-token: ${{ secrets.GITHUB_TOKEN }} + release_image: + needs: release permissions: + contents: write + discussions: write packages: write - env: - REGISTRY: ghcr.io - IMAGE_NAME: ${{ github.repository }} - steps: - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 - - name: Log in to the Container registry - uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - uses: actions/checkout@v4.2.2 - - name: Push Docker Image - if: ${{ success() }} - uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 - with: - context: . - file: ./Dockerfile - push: true - tags: | - ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest - ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.create_release.outputs.full-tag }} - ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.create_release.outputs.short-tag }} - platforms: linux/amd64 - provenance: false - sbom: false - create_discussion: - needs: create_release - runs-on: ubuntu-latest + pull-requests: read + uses: jmeridth/reusable-workflows/.github/workflows/release-image.yaml@53a9c808122ffaae9af948f72139fb4bd44ab74c + with: + image-name: ${{ github.repository }} + full-tag: ${{ needs.release.outputs.full-tag }} + short-tag: ${{ needs.release.outputs.short-tag }} + secrets: + github-token: ${{ secrets.GITHUB_TOKEN }} + image-registry: ghcr.io + image-registry-username: ${{ github.actor }} + image-registry-password: ${{ secrets.GITHUB_TOKEN }} + release_discussion: + needs: release permissions: + contents: read discussions: write - steps: - - name: Create an announcement discussion for release - uses: abirismyname/create-discussion@6e6ef67e5eeb042343ef8b3d8d0f5d545cbdf024 - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - title: ${{ needs.create_release.outputs.full-tag }} - body: ${{ needs.create_release.outputs.body }} - repository-id: ${{ secrets.RELEASE_DISCUSSION_REPOSITORY_ID }} - category-id: ${{ secrets.RELEASE_DISCUSSION_CATEGORY_ID }} + uses: jmeridth/reusable-workflows/.github/workflows/release-discussion.yaml@53a9c808122ffaae9af948f72139fb4bd44ab74c + with: + full-tag: ${{ needs.release.outputs.full-tag }} + body: ${{ needs.release.outputs.body }} + secrets: + github-token: ${{ secrets.GITHUB_TOKEN }} + discussion-repository-id: ${{ secrets.RELEASE_DISCUSSION_REPOSITORY_ID }} + discussion-category-id: ${{ secrets.RELEASE_DISCUSSION_CATEGORY_ID }}