Feat: Add a release workflow

.github/gen-changelog.sh

@@ -0,0 +1,101 @@
+#!/bin/sh
+
+set -e
+branch=""
+tag=""
+prev_tag=""
+opt_dry_run=0
+opt_help=0
+gh_repo="regclient/actions"
+gh_auth=""
+
+# CLI options to override image, platform, base digest, and comma separated list of tags to push
+opt_c=0
+opt_h=0
+while getopts 'dhp:' option; do
+  case $option in
+    d) opt_dry_run=1;;
+    h) opt_help=1;;
+    p) prev_tag="$OPTARG";;
+  esac
+done
+set +e
+shift $(expr $OPTIND - 1)
+if [ $# -gt 0 ] || [ "$opt_help" = "1" ]; then
+  echo "Usage: $0 [opts]"
+  echo " -d: dry run"
+  echo " -h: this help message"
+  echo " -p tag: previous tag for generating change list"
+  exit 1
+fi
+set -e
+
+# cd to base of the git repo this script is located within
+cd "$(dirname $0)"
+cd "$(git rev-parse --show-toplevel)"
+
+generate_changelog() {
+  hashes="$(git log --reverse --merges --format="%h" ${prev_tag:+${prev_tag}..HEAD})"
+  prs=""
+  users=""
+  for hash in ${hashes}; do
+    subj="$(git show --format=%s ${hash})"
+    pr="${subj#Merge pull request #}"
+    if [ "$pr" != "$subj" ]; then
+      pr="${pr%% *}"
+      inc_pr=0
+      msg="$(get_pr_changelog "${pr}")"
+      if [ -n "$msg" ]; then
+        echo "$msg"
+        prs="${prs} ${pr}"
+      fi
+      users="${users}\n$(get_pr_user "${pr}")"
+      # msg="$(git show --format=%b ${hash})"
+      # echo "- $msg ([PR ${pr}][pr-${pr}])"
+    fi
+  done
+  echo "\nContributors:\n"
+  for user in $(echo "$users" | sort -u); do
+    if [ -n "$user" ]; then
+      echo "- @${user}"
+    fi
+  done
+  echo
+  for pr in ${prs}; do
+    echo "[pr-${pr}]: https://github.com/${gh_repo}/pull/${pr}"
+  done
+}
+
+if [ -x "$(command -v gh-token)" ]; then
+  gh_auth="Authorization: Bearer $(gh-token)"
+fi
+get_pr_changelog() {
+  # the greps are ugly, better parsing options are welcome
+  curl -sL ${gh_auth:+-H "${gh_auth}"} \
+    -H "Accept: application/vnd.github+json" \
+    -H "X-GitHub-Api-Version: 2022-11-28" \
+    "https://api.github.com/repos/${gh_repo}/pulls/${1}" \
+  | jq -r .body \
+  | grep -A 99 '### Changelog text' \
+  | grep -B 99 '### Please verify' \
+  | grep -v -e '^###' -e '<!--' -e '^\s*$' \
+  | sed -e 's/^- //' -e 's/^/- /' -e 's/\r//' -e "s/\$/ ([PR ${1}][pr-${1}])/"
+}
+
+get_pr_user() {
+  curl -sL ${gh_auth:+-H "${gh_auth}"} \
+    -H "Accept: application/vnd.github+json" \
+    -H "X-GitHub-Api-Version: 2022-11-28" \
+    "https://api.github.com/repos/${gh_repo}/pulls/${1}" \
+  | jq -r .user.login
+}
+
+# lookup previous tag
+if [ -z "$prev_tag" ]; then
+  prev_tag="$(git tag --sort=version:refname -l | tail -1)"
+fi
+
+# query for all logs since last tag, extract PR list with PR number and title
+# look into pulling PR text from GH and extracting change log message
+# format the log output to extract the PR number and commit id, don't show local branches
+generate_changelog

.github/workflows/release.yml

@@ -0,0 +1,79 @@
+name: Release
+
+on:
+  push:
+    branches: [ "main" ]
+    paths: [ "RELEASE.md" ]
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+jobs:
+  release:
+    name: Release
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+
+    steps:
+    - name: Checkout
+      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      with:
+        fetch-tags: true
+        persist-credentials: true
+
+    - name: Tag release
+      id: tag_release
+      env:
+        RELEASE_FILE: RELEASE.md
+        TMP_FILE: /tmp/release.md
+        RELEASE_PREFIX: "## Release "
+      run: |
+        # parse file to get the tag, and write current release notes to a temp file
+        awk "/^${RELEASE_PREFIX}/{if(++c>1)exit} c==1" <"${RELEASE_FILE}" >"${TMP_FILE}"
+        TAG="$(grep "${RELEASE_PREFIX}" "${TMP_FILE}")"
+        TAG="${TAG#${RELEASE_PREFIX}}"
+        # validate tag syntax
+        if [[ ! $TAG =~ ^v[0-9]+\.[0-9]+\.[0-9]+(-.*|$) ]]; then
+          echo "Unexpected tag syntax: \"${TAG}\"" >&2
+          exit 1
+        fi
+        # verify git tag is not already used
+        if git show "refs/tags/${TAG}" >/dev/null 2>&1; then
+          echo "Tag \"${TAG}\" already exists" >&2
+          exit 1
+        fi
+        # impersonate the last committer
+        if ! git config get user.name >/dev/null 2>&1 || ! git config get user.email >/dev/null 2>&1; then
+          git config set user.email "$(git log -q --format=format:%ae)"
+          git config set user.name "$(git log -q --format=format:%an)"
+        fi
+        # run git tag for requested tag
+        git tag -am "${TAG}" "${TAG}"
+        # for non-rc releases, compute and force create major and minor tags
+        if [[ $TAG =~ [0-9\.]+-.+$ ]]; then
+          PRERELEASE=true
+        else
+          TAG_MINOR="${TAG%.*}"
+          TAG_MAJOR="${TAG_MINOR%.*}"
+          git tag -afm "${TAG_MINOR}" "${TAG_MINOR}"
+          git tag -afm "${TAG_MAJOR}" "${TAG_MAJOR}"
+          PRERELEASE=false
+        fi
+        # push all tags
+        git push origin --tags --force
+        # track pre-release status to an output variable
+        echo "pre_release=${PRERELEASE}" >>$GITHUB_OUTPUT
+        echo "release_file=${TMP_FILE}" >>$GITHUB_OUTPUT
+        echo "tag=${TAG}" >>$GITHUB_OUTPUT
+
+    - name: Create release
+      uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2.5.0
+      with:
+        tag_name: ${{ steps.tag_release.outputs.tag }}
+        body_path: ${{ steps.tag_release.outputs.release_file }}
+        draft: false
+        prerelease: ${{ steps.tag_release.outputs.pre_release }}
+
+

.version-bump.lock

@@ -2,6 +2,8 @@
 {"name":"gha-uses-commit","key":"https://github.com/actions/checkout.git:v6.0.1","version":"8e8c483db84b4bee98b60c0593521ed34d9990e8"}
 {"name":"gha-uses-commit","key":"https://github.com/actions/setup-go.git:v6.1.0","version":"4dc6199c7b1a012772edbd06daecab0f50c9053c"}
 {"name":"gha-uses-commit","key":"https://github.com/sigstore/cosign-installer.git:v4.0.0","version":"faadad0cce49287aee09b3a48701e75088a2c6ad"}
+{"name":"gha-uses-commit","key":"https://github.com/softprops/action-gh-release.git:v2.5.0","version":"a06a81a03ee405af7f2048a818ed3f03bbf83c7b"}
 {"name":"gha-uses-semver","key":"https://github.com/actions/checkout.git","version":"v6.0.1"}
 {"name":"gha-uses-semver","key":"https://github.com/actions/setup-go.git","version":"v6.1.0"}
 {"name":"gha-uses-semver","key":"https://github.com/sigstore/cosign-installer.git","version":"v4.0.0"}
+{"name":"gha-uses-semver","key":"https://github.com/softprops/action-gh-release.git","version":"v2.5.0"}

RELEASE.md

@@ -0,0 +1,27 @@
+# Release Notes
+
+## Release v0.1.0-rc1
+
+- Fix: Handle special characters in the inputs. ([PR 20][pr-20])
+- Feat: Support passing additional options to `regctl registry login` like `--skip-check`. ([PR 20][pr-20])
+- Chore: Pin cosign to v2. ([PR 29][pr-29])
+- Feat: Add installers for each regclient command. ([PR 32][pr-32])
+- Fix: Fixing installer for separate commands. ([PR 34][pr-34])
+- Feat: Add support for cosign v3 bundles. ([PR 35][pr-35])
+- Chore: Allow action to be manually tested. ([PR 37][pr-37])
+- Fix: Expand $HOME variable in default install directory. ([PR 41][pr-41])
+- Fix: Add the path to main releases. ([PR 42][pr-42])
+
+Contributors:
+
+- @soult
+- @sudo-bmitch
+
+[pr-20]: https://github.com/regclient/actions/pull/20
+[pr-29]: https://github.com/regclient/actions/pull/29
+[pr-32]: https://github.com/regclient/actions/pull/32
+[pr-34]: https://github.com/regclient/actions/pull/34
+[pr-35]: https://github.com/regclient/actions/pull/35
+[pr-37]: https://github.com/regclient/actions/pull/37
+[pr-41]: https://github.com/regclient/actions/pull/41
+[pr-42]: https://github.com/regclient/actions/pull/42