From b17b969928d8a7ab6036a1ae480641767fd073ab Mon Sep 17 00:00:00 2001
From: Nathan Martins <nathan.martins@zup.com.br>
Date: Thu, 25 Nov 2021 08:54:42 -0300
Subject: [PATCH] release/feature - upadting worklow to the new release process

Signed-off-by: Nathan Martins <nathan.martins@zup.com.br>
---
 .github/workflows/release.yaml |  88 +++++++++++++++++--------
 .gitignore                     |   1 +
 deployments/mage/go.mod        |  19 ++++++
 deployments/mage/go.sum        |  50 ++++++++++++++
 deployments/mage/magefile.go   | 117 +++++++++++++++++++++++++++++++++
 5 files changed, 247 insertions(+), 28 deletions(-)
 create mode 100644 deployments/mage/go.mod
 create mode 100644 deployments/mage/go.sum
 create mode 100644 deployments/mage/magefile.go

diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index be4c202..07bb21a 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -43,6 +43,18 @@ jobs:
         with:
           node-version: 12
 
+      - name: Set up Go
+        uses: actions/setup-go@v2
+        with:
+          go-version: 1.17
+
+      - name: Install Mage
+        run: go install github.com/magefile/mage@v1.11
+
+      # Compile a binary from the mage file and move it to the workflow go bin.
+      - name: Compile Mage
+        run: cd deployments/mage/ && mage -compile /home/runner/go/bin/mage-vscode
+
       - name: Import GPG key
         uses: crazy-max/ghaction-import-gpg@v4
         with:
@@ -51,46 +63,66 @@ jobs:
           git_user_signingkey: true
           git_commit_gpgsign: true
 
+      # Run a script contained in the devkit repository that gets the latest release version and create an output
+      # containing the next versions.
       - name: Version increment
         id: updated-version
-        run: |
-          curl https://raw.githubusercontent.com/ZupIT/horusec-devkit/main/scripts/semver.sh -o /tmp/semver.sh
-          chmod +x /tmp/semver.sh
-          /tmp/semver.sh -${{ github.event.inputs.releaseType }} ${{ github.event.repository.full_name }}
+        run: mage-vscode UpVersions ${{ github.event.inputs.releaseType }}
+        env:
+          HORUSEC_REPOSITORY_ORG: ${{ github.repository_owner }}
+          HORUSEC_REPOSITORY_NAME: ${{ github.event.repository.name }}
+
+      # Checkout into the release branch, if not exist create one.
+      - name: Checkout Release Branch
+        run: mage-vscode CheckoutReleaseBranch ${{ steps.updated-version.outputs.nextReleaseBranchName }}
 
-      - name: Update versions on package.json
-        run: |
-          npm install -g json
-          json -I -f package.json -e 'this.version="${{ steps.updated-version.outputs.strippedVersion }}"'
-          json -I -f package.json -e 'this.engines.horusecCLI="horuszup/horusec-cli:v${{ github.event.inputs.horusecCLIversion }}"'
+      # This step updates the package.json to the new vs code plugin version, also updates the cli version passed
+      # in for the input informed.
+      - name: Update versioning files
+        run: mage-vscode UpdateVersioningFiles
+        env:
+          HORUSEC_CLI_VERSION: ${{ github.event.inputs.horusecCLIversion }}
+          HORUSEC_VSCODE_VERSION: ${{ steps.updated-version.outputs.nextReleaseVersion }}
 
+      # The changes made in the last step are committed to the branch that the workflow was triggered, this commit is not
+      # going to trigger any workflow cause the skip ci in the commit message.
       - name: Commit changes
         uses: EndBug/add-and-commit@v7.4.0
         with:
           push: true
           signoff: true
           author_name: Horusec
+          branch: ${{ steps.updated-version.outputs.nextReleaseBranchName }}
           author_email: horusec@zup.com.br
           committer_name: Horusec
           committer_email: horusec@zup.com.br
-          tag: ${{ steps.updated-version.outputs.version }}
-          message: '[skip ci] Update versioning file'
-
-      - name: Create release branch
-        if: github.event.inputs.releaseType != 'p'
-        run: |
-          git branch ${{ steps.updated-version.outputs.releaseBranchName }}
-          git push origin ${{ steps.updated-version.outputs.releaseBranchName }}
+          message: "versioning:release - [skip ci] automatic commit updating versioning files"
 
+      # Create a GitHub release for the repository using mage.
       - name: Create github release
-        run: |
-          curl --request POST \
-          --url https://api.github.com/repos/${{ github.event.repository.full_name }}/releases \
-          --header 'authorization: Bearer ${{ secrets.GITHUB_TOKEN }}' \
-          --header 'content-type: application/json' \
-          --header 'Accept: application/vnd.github.v3+json' \
-          --data '{
-              "tag_name": "${{ steps.updated-version.outputs.version }}",
-              "draft": true
-            }' \
-          --fail
+        run: mage-vscode CreateRelease
+        env:
+          HORUSEC_REPOSITORY_ORG: ${{ github.repository_owner }}
+          HORUSEC_REPOSITORY_NAME: ${{ github.event.repository.name }}
+          GITHUB_TOKEN: ${{ secrets.HORUSEC_PUSH_TOKEN }}
+          HORUSEC_VSCODE_VERSION: ${{ steps.updated-version.outputs.nextReleaseVersion }}
+
+      # This step gets the sha of last commit made, witch is the updating versioning files commit, after that creates a
+      # branch from the origin main and cherry pick this commit on it. This process need to occur only when the release
+      # workflow is started from a branch that isn't the main branch, for example a release branch.
+      # When the workflow it's triggered to run on main, the commit it's going to be made directly to the main branch.
+      - name: Cherry pick
+        id: cherry-pick
+        run: mage-vscode CherryPick
+
+      # This step utilizes an action to create a pull request with the branch that was cherry picked on the last step
+      # into the main branch. As the last commit, this also needs to run only when the release workflow is started from a
+      # branch that isn't the main branch. Others workflows should be skipped cause of the skip ci in the pull request title.
+      - name: Create Pull Request
+        uses: repo-sync/pull-request@v2
+        with:
+          source_branch: "${{ steps.cherry-pick.outputs.cherryPickBranchName }}"
+          destination_branch: "main"
+          pr_title: "versioning:release - [skip ci] automatic pull request updating versioning files"
+          pr_body: "This is a automatic pull request that contains changes to files that need to be updated with the new release version. Where the commit ${{ steps.cherry-pick.outputs.commitShaToPick }} was cherry picked from the release branch, which already contains all the necessary changes."
+          github_token: ${{ secrets.HORUSEC_PUSH_TOKEN }}
diff --git a/.gitignore b/.gitignore
index 02cae47..3acc038 100644
--- a/.gitignore
+++ b/.gitignore
@@ -7,3 +7,4 @@ node_modules
 *.vsix
 .horusec/
 tmp
+.idea
\ No newline at end of file
diff --git a/deployments/mage/go.mod b/deployments/mage/go.mod
new file mode 100644
index 0000000..0d14a1c
--- /dev/null
+++ b/deployments/mage/go.mod
@@ -0,0 +1,19 @@
+module github.com/ZupIT/horusec-vscode-plugin/deployments/mage
+
+go 1.17
+
+require (
+	github.com/ZupIT/horusec-devkit v1.0.20-0.20211123113450-7a39e9acf0bb
+	github.com/google/go-github/v40 v40.0.0
+	github.com/magefile/mage v1.11.0
+	golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be
+)
+
+require (
+	github.com/golang/protobuf v1.5.2 // indirect
+	github.com/google/go-querystring v1.1.0 // indirect
+	golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 // indirect
+	golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d // indirect
+	google.golang.org/appengine v1.6.7 // indirect
+	google.golang.org/protobuf v1.27.1 // indirect
+)
diff --git a/deployments/mage/go.sum b/deployments/mage/go.sum
new file mode 100644
index 0000000..bad8756
--- /dev/null
+++ b/deployments/mage/go.sum
@@ -0,0 +1,50 @@
+github.com/ZupIT/horusec-devkit v1.0.20-0.20211123113450-7a39e9acf0bb h1:we0cC6OhOlepGApaq1mCIblkyVEMAlla2snRbT+dwcA=
+github.com/ZupIT/horusec-devkit v1.0.20-0.20211123113450-7a39e9acf0bb/go.mod h1:OyD/c5VGmmIxZamErINJJZ3ZFVFQJKRnh6/5a69n1J4=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
+github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw=
+github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
+github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.6 h1:BKbKCqvP6I+rmFHt06ZmyQtvB8xAkWdhFyr0ZUNZcxQ=
+github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-github/v37 v37.0.0 h1:rCspN8/6kB1BAJWZfuafvHhyfIo5fkAulaP/3bOQ/tM=
+github.com/google/go-github/v40 v40.0.0 h1:oBPVDaIhdUmwDWRRH8XJ/dZG+Rn755i08+Hp1uJHlR0=
+github.com/google/go-github/v40 v40.0.0/go.mod h1:G8wWKTEjUCL0zdbaQvpwDk0hqf6KZgPQH+ssJa+/NVc=
+github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8=
+github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU=
+github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI=
+github.com/magefile/mage v1.11.0 h1:C/55Ywp9BpgVVclD3lRnSYCwXTYxmSppIgLeDYlNuls=
+github.com/magefile/mage v1.11.0/go.mod h1:z5UZb/iS3GoOSn0JgWuiw7dxlurVYTu+/jHXqQg881A=
+github.com/migueleliasweb/go-github-mock v0.0.5 h1:oCUwIPIknszT0DkjGT3VfILe1FgUDaNgEnj4w8mTZZA=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 h1:7I4JAnoQBe7ZtJcBaYHi5UtiO8tQHbUSXxL+pnGRANg=
+golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
+golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
+golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d h1:20cMwl2fHAzkJMEA+8J4JgqBQcQGzbisXo31MIeenXI=
+golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
+golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be h1:vEDujvNQGv4jgYKudGeI/+DAX4Jffq6hpD55MmoEvKs=
+golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c=
+google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
+google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
+google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
+google.golang.org/protobuf v1.27.1 h1:SnqbnDw1V7RiZcXPx5MEeqPv2s79L9i7BJUlG/+RurQ=
+google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
+gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo=
diff --git a/deployments/mage/magefile.go b/deployments/mage/magefile.go
new file mode 100644
index 0000000..9211538
--- /dev/null
+++ b/deployments/mage/magefile.go
@@ -0,0 +1,117 @@
+// Copyright 2021 ZUP IT SERVICOS EM TECNOLOGIA E INOVACAO SA
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//go:build mage
+// +build mage
+
+package main
+
+import (
+	"context"
+	"fmt"
+	"os"
+
+	"github.com/magefile/mage/sh"
+	// mage:import
+	_ "github.com/ZupIT/horusec-devkit/pkg/utils/mageutils"
+	"github.com/google/go-github/v40/github"
+	"golang.org/x/oauth2"
+)
+
+const (
+	replaceVscodeVersion = "this.version=\"%s\""
+	replaceCLIVersion    = "this.engines.horusecCLI=\"horuszup/horusec-cli:%s\""
+	packageJsonPath      = "package.json"
+)
+
+const (
+	envCLIVersion     = "HORUSEC_CLI_VERSION"
+	envVsCodePlugin   = "HORUSEC_VSCODE_VERSION"
+	envRepositoryOrg  = "HORUSEC_REPOSITORY_ORG"
+	envRepositoryName = "HORUSEC_REPOSITORY_NAME"
+	envGithubToken    = "GITHUB_TOKEN"
+)
+
+func UpdateVersioningFiles() error {
+	if err := sh.RunV("npm", "install", "-g", "json"); err != nil {
+		return err
+	}
+
+	if err := replacePlatformVersion(getCLIVersion()); err != nil {
+		return err
+	}
+
+	if err := replacePlatformVersion(getGetVsCodePluginVersion()); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func replacePlatformVersion(value string) error {
+	return sh.RunV("json", "-I", "-f", packageJsonPath, "-e", value)
+}
+
+func getCLIVersion() string {
+	return fmt.Sprintf(replaceCLIVersion, os.Getenv(envCLIVersion))
+}
+
+func getGetVsCodePluginVersion() string {
+	return fmt.Sprintf(replaceVscodeVersion, os.Getenv(envVsCodePlugin))
+}
+
+func CreateRelease() error {
+	ctx := context.Background()
+
+	token := oauth2.StaticTokenSource(&oauth2.Token{AccessToken: getGithubToken()})
+	githubClient := github.NewClient(oauth2.NewClient(ctx, token))
+
+	_, resp, err := githubClient.Repositories.CreateRelease(ctx, getRepositoryOrg(), getRepositoryName(),
+		getRepositoryRelease())
+	if github.CheckResponse(resp.Response) != nil {
+		return err
+	}
+
+	return nil
+}
+
+func getRepositoryRelease() *github.RepositoryRelease {
+	return &github.RepositoryRelease{
+		Draft:   getDraft(),
+		TagName: getTagName(),
+		Name:    getTagName(),
+	}
+}
+
+func getTagName() *string {
+	tag := os.Getenv(envVsCodePlugin)
+	return &tag
+}
+
+func getDraft() *bool {
+	draft := true
+	return &draft
+}
+
+func getRepositoryOrg() string {
+	return os.Getenv(envRepositoryOrg)
+}
+
+func getRepositoryName() string {
+	return os.Getenv(envRepositoryName)
+}
+
+func getGithubToken() string {
+	return os.Getenv(envGithubToken)
+}