From e0378b8b8d05b75368af3943b9627f59ab7d312d Mon Sep 17 00:00:00 2001 From: Craig Sawyer Date: Wed, 15 May 2024 15:28:56 +0100 Subject: [PATCH 1/8] feat(semantic-release): added semantic release to workflows --- .gitattributes | 2 + .github/workflows/cicd-1-pull-request.yaml | 9 ++++- .github/workflows/cicd-2-publish.yaml | 44 ++++++++++------------ .releaserc | 10 +++++ 4 files changed, 39 insertions(+), 26 deletions(-) create mode 100644 .releaserc diff --git a/.gitattributes b/.gitattributes index 1f160080..b190d105 100644 --- a/.gitattributes +++ b/.gitattributes @@ -5,3 +5,5 @@ scripts/terraform/** linguist-vendored scripts/tests/test.mk linguist-vendored scripts/init.mk linguist-vendored scripts/shellscript-linter.sh linguist-vendored + +*.* text eol=lf diff --git a/.github/workflows/cicd-1-pull-request.yaml b/.github/workflows/cicd-1-pull-request.yaml index cd068ec0..fcb64f1f 100644 --- a/.github/workflows/cicd-1-pull-request.yaml +++ b/.github/workflows/cicd-1-pull-request.yaml @@ -27,6 +27,13 @@ jobs: steps: - name: "Checkout code" uses: actions/checkout@v4 + - name: "Semantic Release" + uses: cycjimmy/semantic-release-action@v4.1.0 + id: semantic + with: + dry_run: true + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: "Set CI/CD variables" id: variables run: | @@ -39,7 +46,7 @@ jobs: echo "nodejs_version=$(grep "^nodejs" .tool-versions | cut -f2 -d' ')" >> $GITHUB_OUTPUT echo "python_version=$(grep "^nodejs" .tool-versions | cut -f2 -d' ')" >> $GITHUB_OUTPUT echo "terraform_version=$(grep "^terraform" .tool-versions | cut -f2 -d' ')" >> $GITHUB_OUTPUT - echo "version=$(head -n 1 .version 2> /dev/null || echo unknown)" >> $GITHUB_OUTPUT + echo "version=${{steps.semantic.outputs.new_release_version}}" >> $GITHUB_OUTPUT - name: "Check if pull request exists for this branch" id: pr_exists env: diff --git a/.github/workflows/cicd-2-publish.yaml b/.github/workflows/cicd-2-publish.yaml index 44eebbf2..5b4cb482 100644 --- a/.github/workflows/cicd-2-publish.yaml +++ b/.github/workflows/cicd-2-publish.yaml @@ -1,16 +1,17 @@ name: "CI/CD publish" on: - pull_request: - types: [closed] - branches: - - main + push: + branches: [ "main" ] + # pull_request: + # types: [closed] + # branches: [ "main" ] jobs: metadata: name: "Set CI/CD metadata" runs-on: ubuntu-latest - if: github.event.pull_request.merged == true + # if: github.event.pull_request.merged == true timeout-minutes: 1 outputs: build_datetime: ${{ steps.variables.outputs.build_datetime }} @@ -49,7 +50,7 @@ jobs: name: "Publish packages" runs-on: ubuntu-latest needs: [metadata] - if: github.event.pull_request.merged == true + # if: github.event.pull_request.merged == true timeout-minutes: 3 steps: - name: "Checkout code" @@ -58,27 +59,20 @@ jobs: run: | echo "Getting the artefacts created by the build stage ..." # TODO: Use either action/cache or action/upload-artifact - - name: "Create release" - id: create_release - uses: actions/create-release@v1 + - name: "Semantic Release" + uses: cycjimmy/semantic-release-action@v4.1.0 + id: semantic + with: + dry_run: ${{github.event_name == 'pull_request'}} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - tag_name: ${{ needs.metadata.outputs.version }} - release_name: Release ${{ needs.metadata.outputs.version }} - body: | - Release of ${{ needs.metadata.outputs.version }} - draft: false - prerelease: false - # - name: "Upload release asset" - # uses: actions/upload-release-asset@v1 - # env: - # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - # with: - # upload_url: "${{ steps.create_release.outputs.upload_url }}" - # asset_path: ./* - # asset_name: repository-template-${{ needs.metadata.outputs.version }}.tar.gz - # asset_content_type: "application/gzip" + - name: "Output new release details" + if: steps.semantic.outputs.new_release_published == 'true' + run: | + echo ${{ steps.semantic.outputs.new_release_version }} + echo ${{ steps.semantic.outputs.new_release_major_version }} + echo ${{ steps.semantic.outputs.new_release_minor_version }} + echo ${{ steps.semantic.outputs.new_release_patch_version }} success: name: "Success notification" runs-on: ubuntu-latest diff --git a/.releaserc b/.releaserc new file mode 100644 index 00000000..827e5cdb --- /dev/null +++ b/.releaserc @@ -0,0 +1,10 @@ +{ + "plugins": [ + "@semantic-release/commit-analyzer", + "@semantic-release/release-notes-generator", + "@semantic-release/github" + ], + "branches": [ + "main" + ] +} \ No newline at end of file From a14f36c00b11432e3689bc1fbc9d3d1f628ceddc Mon Sep 17 00:00:00 2001 From: Craig Sawyer Date: Wed, 15 May 2024 15:30:32 +0100 Subject: [PATCH 2/8] docs: added semantic release user guide --- docs/user-guide.md | 16 ++++++++++++ docs/user-guides/Semantic_release.md | 38 ++++++++++++++++++++++++++++ 2 files changed, 54 insertions(+) create mode 100644 docs/user-guide.md create mode 100644 docs/user-guides/Semantic_release.md diff --git a/docs/user-guide.md b/docs/user-guide.md new file mode 100644 index 00000000..c133ff02 --- /dev/null +++ b/docs/user-guide.md @@ -0,0 +1,16 @@ +@ -0,0 +1,15 @@ +# User Guides + +- [Perform static analysis](./user-guides/Perform_static_analysis.md) +- [Run Git hook on commit](./user-guides/Run_Git_hooks_on_commit.md) +- [Scan dependencies](./user-guides/Scan_dependencies.md) +- [Scan secrets](./user-guides/Scan_secrets.md) +- [Semantic release](./user-guides/Semantic_release.md) +- [Sign Git commits](./user-guides/Sign_Git_commits.md) +- [Test GitHub Actions locally](./user-guides/Test_GitHub_Actions_locally.md) + +## Developer Guides + +- [Bash and Make](./developer-guides/Bash_and_Make.md) +- [Scripting Docker](./developer-guides/Scripting_Docker.md) +- [Scripting Terraform](./developer-guides/Scripting_Terraform.md) diff --git a/docs/user-guides/Semantic_release.md b/docs/user-guides/Semantic_release.md new file mode 100644 index 00000000..c1d45508 --- /dev/null +++ b/docs/user-guides/Semantic_release.md @@ -0,0 +1,38 @@ +# Guide: Semantic release + +- [Guide: Semantic release](#guide-semantic-release) + - [Overview](#overview) + - [Key files](#key-files) + - [Configuration checklist](#configuration-checklist) + - [Testing](#testing) + +## Overview + +Semantic release ([semantic-release](https://semantic-release.gitbook.io/semantic-release)) is used for automatically tagging and creating GitHub releases with change logs from commit messages. It uses the [SemVer](https://semver.org/) convention and the [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/) specification by describing the features, fixes, and breaking changes made in commit messages. + +The table below shows which commit message gets you which release type when semantic-release runs (using the default configuration): + +| Commit message | Release type | +|----------------|--------------| +| `fix(pencil): stop graphite breaking when too much pressure applied` | ~~Patch~~ Fix Release | +| `feat(pencil): add 'graphiteWidth' option` | ~~Minor~~ Feature Release | +| `perf(pencil): remove graphiteWidth option`
`BREAKING CHANGE: The graphiteWidth option has been removed. The default graphite width of 10mm is always used for performance reasons.` | ~~Major~~ Breaking Release
(Note that the BREAKING CHANGE: token must be in the footer of the commit) | + +## Key files + +- [`.releaserc`](../../.releaserc): semantic-release's configuration file, written in YAML or JSON + +## Configuration checklist + +Configuration should be made in the `.releaserc` file. + +- Adjust the [configuration settings](https://semantic-release.gitbook.io/semantic-release/usage/configuration#branches) to align with your project's branching strategy +- Configure [plugins](https://semantic-release.gitbook.io/semantic-release/usage/plugins) depending on your needs + +## Testing + +```shell +$ make runner-act workflow="cicd-1-pull-request" job="semantic-release" +``` + +This will `dry-run` a semantic release and output the variables to the console From 4c2f33941fb096fcc9b89a550a8497e3b1095481 Mon Sep 17 00:00:00 2001 From: Craig Sawyer Date: Thu, 16 May 2024 15:39:57 +0100 Subject: [PATCH 3/8] fix: removed eol formatting from gitattributes --- .gitattributes | 2 -- 1 file changed, 2 deletions(-) diff --git a/.gitattributes b/.gitattributes index b190d105..1f160080 100644 --- a/.gitattributes +++ b/.gitattributes @@ -5,5 +5,3 @@ scripts/terraform/** linguist-vendored scripts/tests/test.mk linguist-vendored scripts/init.mk linguist-vendored scripts/shellscript-linter.sh linguist-vendored - -*.* text eol=lf From 33f167b0e54560d62471e5ed022f2c692327cf6a Mon Sep 17 00:00:00 2001 From: Craig Sawyer Date: Thu, 16 May 2024 15:56:38 +0100 Subject: [PATCH 4/8] fix: ci/cd pipeline issues --- .releaserc | 2 +- docs/user-guide.md | 1 - docs/user-guides/Semantic_release.md | 2 ++ 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.releaserc b/.releaserc index 827e5cdb..6b17bfed 100644 --- a/.releaserc +++ b/.releaserc @@ -7,4 +7,4 @@ "branches": [ "main" ] -} \ No newline at end of file +} diff --git a/docs/user-guide.md b/docs/user-guide.md index c133ff02..83b8e7be 100644 --- a/docs/user-guide.md +++ b/docs/user-guide.md @@ -1,4 +1,3 @@ -@ -0,0 +1,15 @@ # User Guides - [Perform static analysis](./user-guides/Perform_static_analysis.md) diff --git a/docs/user-guides/Semantic_release.md b/docs/user-guides/Semantic_release.md index c1d45508..ec0ce9e2 100644 --- a/docs/user-guides/Semantic_release.md +++ b/docs/user-guides/Semantic_release.md @@ -33,6 +33,8 @@ Configuration should be made in the `.releaserc` file. ```shell $ make runner-act workflow="cicd-1-pull-request" job="semantic-release" + +# Output to go here ``` This will `dry-run` a semantic release and output the variables to the console From f874219b1651d6978ae22cdde53e4965644b875c Mon Sep 17 00:00:00 2001 From: Craig Sawyer Date: Thu, 16 May 2024 17:01:44 +0100 Subject: [PATCH 5/8] docs: updated testing guidelines for semver --- docs/user-guides/Semantic_release.md | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/docs/user-guides/Semantic_release.md b/docs/user-guides/Semantic_release.md index ec0ce9e2..809d509f 100644 --- a/docs/user-guides/Semantic_release.md +++ b/docs/user-guides/Semantic_release.md @@ -31,10 +31,4 @@ Configuration should be made in the `.releaserc` file. ## Testing -```shell -$ make runner-act workflow="cicd-1-pull-request" job="semantic-release" - -# Output to go here -``` - -This will `dry-run` a semantic release and output the variables to the console +It is recommended that any config changes are tested in a simple repository before committing to your main one From ff4305dd9e9bfa4ba1bc9c4ba39fbb30a497a43e Mon Sep 17 00:00:00 2001 From: Craig Sawyer Date: Thu, 16 May 2024 17:04:11 +0100 Subject: [PATCH 6/8] docs: updated the word "config" to "configuration"! --- docs/user-guides/Semantic_release.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/user-guides/Semantic_release.md b/docs/user-guides/Semantic_release.md index 809d509f..a52fcc53 100644 --- a/docs/user-guides/Semantic_release.md +++ b/docs/user-guides/Semantic_release.md @@ -31,4 +31,4 @@ Configuration should be made in the `.releaserc` file. ## Testing -It is recommended that any config changes are tested in a simple repository before committing to your main one +It is recommended that any configuration changes are tested in a simple repository before committing to your main one From d790db0ab382535eaa009357f356b3782ff6a46b Mon Sep 17 00:00:00 2001 From: Craig Sawyer Date: Thu, 30 May 2024 13:01:25 +0100 Subject: [PATCH 7/8] updated dependabot to use semantic commits --- .github/dependabot.yaml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml index 17ef311a..3ee95e5c 100644 --- a/.github/dependabot.yaml +++ b/.github/dependabot.yaml @@ -6,23 +6,38 @@ updates: directory: "/" schedule: interval: "daily" + commit-message: + # Prefix all commit messages with "chore: " + prefix: "chore" - package-ecosystem: "github-actions" directory: "/" schedule: interval: "daily" + commit-message: + # Prefix all commit messages with "chore: " + prefix: "chore" - package-ecosystem: "npm" directory: "/" schedule: interval: "daily" + commit-message: + # Prefix all commit messages with "chore: " + prefix: "chore" - package-ecosystem: "pip" directory: "/" schedule: interval: "daily" + commit-message: + # Prefix all commit messages with "chore: " + prefix: "chore" - package-ecosystem: "terraform" directory: "/" schedule: interval: "daily" + commit-message: + # Prefix all commit messages with "chore: " + prefix: "chore" From 3aac866dfd2f9f77041bc3ed9f07b22aabbc7f86 Mon Sep 17 00:00:00 2001 From: Craig Sawyer Date: Fri, 7 Jun 2024 14:27:33 +0100 Subject: [PATCH 8/8] removed old version mechanism from the workflows --- .github/workflows/cicd-2-publish.yaml | 8 ++++---- .github/workflows/cicd-3-deploy.yaml | 2 +- docs/adr/ADR-XXX_Agree_CICD_pipeline_structure.md | 1 - 3 files changed, 5 insertions(+), 6 deletions(-) diff --git a/.github/workflows/cicd-2-publish.yaml b/.github/workflows/cicd-2-publish.yaml index 5b4cb482..b2b1612a 100644 --- a/.github/workflows/cicd-2-publish.yaml +++ b/.github/workflows/cicd-2-publish.yaml @@ -20,7 +20,6 @@ jobs: nodejs_version: ${{ steps.variables.outputs.nodejs_version }} python_version: ${{ steps.variables.outputs.python_version }} terraform_version: ${{ steps.variables.outputs.terraform_version }} - version: ${{ steps.variables.outputs.version }} steps: - name: "Checkout code" uses: actions/checkout@v4 @@ -34,8 +33,6 @@ jobs: echo "nodejs_version=$(grep "^nodejs" .tool-versions | cut -f2 -d' ')" >> $GITHUB_OUTPUT echo "python_version=$(grep "^nodejs" .tool-versions | cut -f2 -d' ')" >> $GITHUB_OUTPUT echo "terraform_version=$(grep "^terraform" .tool-versions | cut -f2 -d' ')" >> $GITHUB_OUTPUT - # TODO: Get the version, but it may not be the .version file as this should come from the CI/CD Pull Request Workflow - echo "version=$(head -n 1 .version 2> /dev/null || echo unknown)" >> $GITHUB_OUTPUT - name: "List variables" run: | export BUILD_DATETIME="${{ steps.variables.outputs.build_datetime }}" @@ -44,7 +41,6 @@ jobs: export NODEJS_VERSION="${{ steps.variables.outputs.nodejs_version }}" export PYTHON_VERSION="${{ steps.variables.outputs.python_version }}" export TERRAFORM_VERSION="${{ steps.variables.outputs.terraform_version }}" - export VERSION="${{ steps.variables.outputs.version }}" make list-variables publish: name: "Publish packages" @@ -52,6 +48,8 @@ jobs: needs: [metadata] # if: github.event.pull_request.merged == true timeout-minutes: 3 + outputs: + version: ${{ steps.semantic.outputs.new_release_version }} steps: - name: "Checkout code" uses: actions/checkout@v4 @@ -73,6 +71,8 @@ jobs: echo ${{ steps.semantic.outputs.new_release_major_version }} echo ${{ steps.semantic.outputs.new_release_minor_version }} echo ${{ steps.semantic.outputs.new_release_patch_version }} + export VERSION="${{ steps.semantic.outputs.new_release_version }}" + make list-variables success: name: "Success notification" runs-on: ubuntu-latest diff --git a/.github/workflows/cicd-3-deploy.yaml b/.github/workflows/cicd-3-deploy.yaml index 2745b380..a27aa5c5 100644 --- a/.github/workflows/cicd-3-deploy.yaml +++ b/.github/workflows/cicd-3-deploy.yaml @@ -36,7 +36,7 @@ jobs: echo "python_version=$(grep "^nodejs" .tool-versions | cut -f2 -d' ')" >> $GITHUB_OUTPUT echo "terraform_version=$(grep "^terraform" .tool-versions | cut -f2 -d' ')" >> $GITHUB_OUTPUT # TODO: Get the version, but it may not be the .version file as this should come from the CI/CD Pull Request Workflow - echo "version=$(head -n 1 .version 2> /dev/null || echo unknown)" >> $GITHUB_OUTPUT + echo "version=${{ github.event.ref }}" >> $GITHUB_OUTPUT echo "tag=${{ github.event.inputs.tag }}" >> $GITHUB_OUTPUT - name: "List variables" run: | diff --git a/docs/adr/ADR-XXX_Agree_CICD_pipeline_structure.md b/docs/adr/ADR-XXX_Agree_CICD_pipeline_structure.md index 979f879a..c0353f3f 100644 --- a/docs/adr/ADR-XXX_Agree_CICD_pipeline_structure.md +++ b/docs/adr/ADR-XXX_Agree_CICD_pipeline_structure.md @@ -43,7 +43,6 @@ Requirements: - Implement good CI/CD practices, such as: - Setting the build time variables at the start of the process - Storing the tooling versions like Terraform, Python and Node.js in the `./.tools-version` file - - Storing the software/project version in the `./VERSION` file - Keeping the main workflow modular - Ensuring a timeout is set for each job - Listing environment variables