.github/workflows/release.yml

name: 'Release'

on:
  push:
    tags:
      - "v*"
    branches-ignore:
      - "**"

jobs:
  build:
    runs-on: ubuntu-latest
    env:
      MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version"

    services:
      zookeeper:
        image: zookeeper:3.9.1-jre-17
        ports:
          - 2181:2181
      solr:
        image: solr:9
        ports:
          - 8983:8983
        env:
          ZK_HOST: zookeeper:2181
        options: -e cloud

    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0
      - name: Set up JDK 21
        uses: actions/setup-java@v4
        with:
          java-version: 21
          distribution: "temurin"
      - name: Set up Maven
        uses: hb0730/maven-action@v1
        with:
          maven-version: 3.9.6
      - name: Cache
        uses: actions/cache@v4
        with:
          path: ~/.m2/repository
          key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
          restore-keys: ${{ runner.os }}-maven-
      - name: Set up GO
        uses: actions/setup-go@v5
        with:
          go-version: '^1.22.1'
          check-latest: true
      - name: Install siegfried
        run: |
          go install github.com/richardlehane/siegfried/cmd/sf@latest
          sf -update
      - name: Install clamdscan mock
        run: |
          sudo cp .github/workflows/bin/clamscan /usr/bin/clamscan
          sudo cp .github/workflows/bin/clamscan /usr/bin/clamdscan
          sudo chmod a+rx /usr/bin/clamscan /usr/bin/clamdscan
      - name: Get release version
        run: echo "release_version=${GITHUB_REF/refs\/tags\/v/}" >> $GITHUB_ENV
      - name: Run tests & install
        run:
          mvn $MAVEN_CLI_OPTS -Dtestng.groups="travis" -Denforcer.skip=true clean org.jacoco:jacoco-maven-plugin:prepare-agent install
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          RODA_CORE_SOLR_TYPE: CLOUD
          RODA_CORE_SOLR_CLOUD_URLS: localhost:2181
      - name: Deploy to GitHub packages
        run: mvn $MAVEN_CLI_OPTS clean deploy -Dmaven.test.skip=true -Pcore
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      - name: Copy target to docker context
        run: |
          mkdir -p docker/target
          cp -r roda-ui/roda-wui/target/roda-wui-${{ env.release_version }}/* docker/target
      - name: Docker meta
        id: meta
        uses: docker/metadata-action@v5
        with:
          images: |
            ghcr.io/keeps/roda
            keeps/roda
          tags: |
            type=semver,pattern=v{{version}}
            type=semver,pattern=v{{major}}.{{minor}}
            type=semver,pattern=v{{major}}
          flavor: |
            latest=false
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
      - name: Login to GitHub Container Registry
        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Login to DockerHub container registry
        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_PASSWORD }}
      - name: Build docker image
        uses: docker/build-push-action@v5
        with:
          push: true
          context: docker
          tags: ${{ steps.meta.outputs.tags }}
          sbom: true
          provenance: mode=max
      - name: Upload artifact to release
        uses: svenstaro/upload-release-action@v2
        with:
          repo_token: ${{ secrets.GITHUB_TOKEN }}
          file: roda-ui/roda-wui/target/roda-wui-${{ env.release_version }}.war
          asset_name: roda-wui-${{ env.release_version }}.war
          tag: ${{ github.ref }}
          release_name: ${{ github.ref_name }}
          draft: true
          body: |
            #### New features 
            
            #### Enhancements 
            
            #### Bug fixes
            
            #### Security
            - Several dependency major upgrades to fix security vulnerabilities
            
            ---
            
            To try out this version, check the [install instructions](https://github.com/keeps/roda/blob/master/deploys/standalone/README.md).
      - name: Trigger KEEPS GitLab CI/CD
        run: |
          curl --progress-bar -o /dev/null -L --request POST \
               --form ref=master \
               --form token=${{ secrets.GITLAB_RODA_DEV_TRIGGER_TOKEN }} \
               --form "variables[DOCKER_TAG]=${{ github.ref_name }}" \
               ${{ secrets.GITLAB_RODA_DEV_TRIGGER }}