Release/1.0.0

.github/workflows/build-pipeline.yml

@@ -0,0 +1,190 @@
+# This is the main build pipeline that verifies and publishes the software
+name: Build
+
+# Controls when the workflow will run
+on:
+  # Triggers the workflow on push events
+  push:
+    branches: [ develop, release/**, main, feature/**, issue/**, issues/** ]
+
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
+
+env:
+  POETRY_VERSION: "1.3.2"
+  PYTHON_VERSION: "3.10"
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  # The first job in the workflow confirms that the software's own tests pass.
+  run_tests:
+    uses: ./.github/workflows/run_tests.yml
+
+  # Second job in the workflow verifies the software
+  build:
+    needs: run_tests
+    runs-on: ubuntu-latest
+    steps:
+      # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
+      - name: Retrieve repository
+        uses: actions/checkout@v4
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ env.PYTHON_VERSION }}
+      - name: Install Poetry
+        uses: abatilo/actions-poetry@v3.0.0
+        with:
+          poetry-version: ${{ env.POETRY_VERSION }}
+      - name: Get version
+        id: get-version
+        run: |
+          echo "current_version=$(poetry version | awk '{print $2}')" >> $GITHUB_OUTPUT
+          echo "pyproject_name=$(poetry version | awk '{print $1}')" >> $GITHUB_ENV
+
+      # Bumps the version, based on which branch is the target.
+      - name: Bump pre-alpha version
+        # If triggered by push to a feature branch
+        if: |
+          ${{ startsWith(github.ref, 'refs/heads/issue') }}      ||
+          ${{ startsWith(github.ref, 'refs/heads/dependabot/') }} ||
+          ${{ startsWith(github.ref, 'refs/heads/feature/') }}
+        run: |
+          new_ver="${{ steps.get-version.outputs.current_version }}+$(git rev-parse --short ${GITHUB_SHA})"
+          poetry version $new_ver
+          echo "software_version=$(poetry version | awk '{print $2}')" >> $GITHUB_ENV
+      - name: Bump alpha version
+        # If triggered by push to the develop branch
+        if: ${{ github.ref == 'refs/heads/develop' }}
+        run: |
+          poetry version prerelease
+          echo "software_version=$(poetry version | awk '{print $2}')" >> $GITHUB_ENV
+          echo "venue=sit" >> $GITHUB_ENV
+      - name: Bump rc version
+        # If triggered by push to a release branch
+        if: ${{ startsWith(github.ref, 'refs/heads/release/') }}
+        env:
+          # True if the version already has a 'rc' pre-release identifier
+          BUMP_RC: ${{ contains(steps.get-version.outputs.current_version, 'rc') }}
+        run: |
+          if [ "$BUMP_RC" = true ]; then
+            poetry version prerelease
+          else
+            poetry version ${GITHUB_REF#refs/heads/release/}rc1
+          fi
+          echo "software_version=$(poetry version | awk '{print $2}')" >> $GITHUB_ENV
+          echo "venue=uat" >> $GITHUB_ENV
+      - name: Release version
+        # If triggered by push to the main branch
+        if: ${{ startsWith(github.ref, 'refs/heads/main') }}
+        env:
+          CURRENT_VERSION: ${{ steps.get-version.outputs.current_version }}
+        # Remove rc* from the end of version string
+        # The ${string%%substring} syntax below deletes the longest match of $substring from back of $string.
+        run: |
+          poetry version ${CURRENT_VERSION%%rc*}
+          echo "software_version=$(poetry version | awk '{print $2}')" >> $GITHUB_ENV
+          echo "venue=ops" >> $GITHUB_ENV
+
+      - name: Run Snyk as a blocking step
+        uses: snyk/actions/python-3.10@master
+        env:
+            SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          command: test
+          args: >
+              --org=${{ secrets.SNYK_ORG_ID }}
+              --project-name=${{ github.repository }}
+              --severity-threshold=high
+              --fail-on=all
+      - name: Run Snyk on Python
+        uses: snyk/actions/python-3.10@master
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          command: monitor
+          args: >
+            --org=${{ secrets.SNYK_ORG_ID }}
+            --project-name=${{ github.repository }}
+
+      - name: Commit Version Bump
+        # If building the `develop`, a `release` branch, or `main`,
+        # then we commit the version bump back to the repo.
+        if: |
+          github.ref == 'refs/heads/develop' ||
+          github.ref == 'refs/heads/main'    ||
+          startsWith(github.ref, 'refs/heads/release')
+        run: |
+          git config --global user.name 'stitchee bot'
+          git config --global user.email 'stitchee@noreply.github.com'
+          git commit -am "/version ${{ env.software_version }}"
+          git push
+
+      # Builds and pushes the package to the Python Package Index (PyPI)
+      - name: Build Python Artifact
+        run: |
+          poetry build
+      - uses: actions/upload-artifact@v4
+        with:
+          name: python-artifact
+          path: dist/*
+      - name: Publish to test.pypi.org
+        id: pypi-test-publish
+        if: |
+          github.ref == 'refs/heads/develop' ||
+          startsWith(github.ref, 'refs/heads/release')
+        env:
+          POETRY_PYPI_TOKEN_TESTPYPI: ${{secrets.PYPI_TOKEN_TESTPYPI}}
+        run: |
+          poetry config repositories.testpypi https://test.pypi.org/legacy/
+          poetry publish -r testpypi
+      - name: Publish to pypi.org
+        if: ${{ github.ref == 'refs/heads/main' }}
+        id: pypi-publish
+        env:
+          POETRY_PYPI_TOKEN_PYPI: ${{secrets.PYPI_TOKEN_PYPI}}
+        run: |
+          poetry publish
+
+      # Builds and pushes a Docker image
+      - name: Log in to the Container registry
+        if: ${{ !startsWith(github.ref, 'refs/heads/main/') }}
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Extract metadata (tags, labels) for Docker
+        if: ${{ !startsWith(github.ref, 'refs/heads/main/') }}
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=raw,pattern={{version}},value=${{ env.software_version }}
+            type=raw,value=${{ env.venue }}
+      - name: Build and push Docker image
+        if: ${{ !startsWith(github.ref, 'refs/heads/main/') }}
+        id: docker-push
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: Dockerfile
+          build-args: |
+            SOURCE=${{env.pyproject_name}}[harmony]==${{ env.software_version }}
+          push: true
+          pull: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+
+      - name: Push Tag
+        if: |
+          github.ref == 'refs/heads/develop' ||
+          github.ref == 'refs/heads/main'    ||
+          startsWith(github.ref, 'refs/heads/release')
+        run: |
+          git config user.name "${GITHUB_ACTOR}"
+          git config user.email "${GITHUB_ACTOR}@users.noreply.github.com"
+          git tag -a "${{ env.software_version }}" -m "Version ${{ env.software_version }}"
+          git push origin "${{ env.software_version }}"

.github/workflows/release-created.yml

@@ -0,0 +1,38 @@
+name: Release Branch Created
+
+# Run whenever a ref is created https://docs.github.com/en/actions/reference/events-that-trigger-workflows#create
+on:
+  create
+
+jobs:
+  # First job in the workflow builds and verifies the software artifacts
+  bump:
+    name: Bump minor version on develop
+    # The type of runner that the job will run on
+    runs-on: ubuntu-latest
+    # Only run if ref created was a release branch
+    if:
+      ${{ startsWith(github.ref, 'refs/heads/release/') }}
+    steps:
+      # Checks-out the develop branch
+      - uses: actions/checkout@v4
+        with:
+          ref: 'refs/heads/develop'
+      - uses: actions/setup-python@v5
+        with:
+          python-version: 3.10
+      - name: Install Poetry
+        uses: abatilo/actions-poetry@v3.0.0
+        with:
+          poetry-version: 1.3.2
+      - name: Bump minor version
+        run: |
+          poetry version ${GITHUB_REF#refs/heads/release/}
+          poetry version preminor
+          echo "software_version=$(poetry version | awk '{print $2}')" >> $GITHUB_ENV
+      - name: Commit Version Bump
+        run: |
+          git config --global user.name 'stitchee bot'
+          git config --global user.email 'stitchee@noreply.github.com'
+          git commit -am "/version ${{ env.software_version }}"
+          git push