Skip to content
Snippets Groups Projects
Commit e6964a20 authored by Benguria Elguezabal, Gorka's avatar Benguria Elguezabal, Gorka
Browse files

Merge remote-tracking branch 'upstream/master'

# Conflicts:
#	.gitlab-ci.yml
#	CHANGELOG.md
parents 3673eb2e b6984339
Branches
Tags 7.8.3
No related merge requests found
Pipeline #169127 passed
...@@ -15,7 +15,7 @@ ...@@ -15,7 +15,7 @@
## Logs and/or screenshots ## Logs and/or screenshots
(Join any relevant logs and/or screenshot. Please use code blocks (```) to format console output, logs, and code.) (Join any relevant logs and/or screenshot. Please use code blocks (`` ``` ``) to format console output, logs, and code.)
## Context & Configuration ## Context & Configuration
......
## [3.11.2](https://git.code.tecnalia.dev/smartdatalab/public/ci-cd-components/semantic-release/compare/3.11.1...3.11.2) (2024-08-29) ## [3.11.5](https://gitlab.com/to-be-continuous/semantic-release/compare/3.11.4...3.11.5) (2024-11-17)
### Bug Fixes
* add preset to semantic-release-info ([6c074f6](https://gitlab.com/to-be-continuous/semantic-release/commit/6c074f671b3e48480f8aea04f71df00f93d54fc0))
## [3.11.4](https://gitlab.com/to-be-continuous/semantic-release/compare/3.11.3...3.11.4) (2024-11-08)
### Bug Fixes
* fix eval_secret function when using node to decode a secret ([b579199](https://gitlab.com/to-be-continuous/semantic-release/commit/b579199b53dc58b0f94681720e245163ba457bc7)), closes [#49](https://gitlab.com/to-be-continuous/semantic-release/issues/49)
## [3.11.3](https://gitlab.com/to-be-continuous/semantic-release/compare/3.11.2...3.11.3) (2024-09-29)
### Bug Fixes
* make gpg configuration to work ([97d56ed](https://gitlab.com/to-be-continuous/semantic-release/commit/97d56edde8c378ae4eefdc52c7171a11fcd555e8)), closes [#48](https://gitlab.com/to-be-continuous/semantic-release/issues/48)
## [3.11.2](https://gitlab.com/to-be-continuous/semantic-release/compare/3.11.1...3.11.2) (2024-07-25)
### Bug Fixes ### Bug Fixes
......
...@@ -20,7 +20,7 @@ Add the following to your `.gitlab-ci.yml`: ...@@ -20,7 +20,7 @@ Add the following to your `.gitlab-ci.yml`:
```yaml ```yaml
include: include:
# 1: include the component # 1: include the component
- component: $CI_SERVER_FQDN/to-be-continuous/semantic-release/gitlab-ci-semrel@3.11.2 - component: $CI_SERVER_FQDN/to-be-continuous/semantic-release/gitlab-ci-semrel@3.11.5
# 2: set/override component inputs # 2: set/override component inputs
inputs: inputs:
changelog-enabled: true # ⚠ this is only an example changelog-enabled: true # ⚠ this is only an example
...@@ -34,7 +34,7 @@ Add the following to your `.gitlab-ci.yml`: ...@@ -34,7 +34,7 @@ Add the following to your `.gitlab-ci.yml`:
include: include:
# 1: include the template # 1: include the template
- project: 'to-be-continuous/semantic-release' - project: 'to-be-continuous/semantic-release'
ref: '3.11.2' ref: '3.11.5'
file: '/templates/gitlab-ci-semrel.yml' file: '/templates/gitlab-ci-semrel.yml'
variables: variables:
...@@ -92,7 +92,7 @@ As specified in the previous chapter, these variables are only used to generated ...@@ -92,7 +92,7 @@ As specified in the previous chapter, these variables are only used to generated
| `changelog-title` / `SEMREL_CHANGELOG_TITLE` | [changelogTitle @semantic-release/changelog option](https://github.com/semantic-release/changelog#options). You might want to use markdown format (for example `# MyApp Changelog`). | _none_ | | `changelog-title` / `SEMREL_CHANGELOG_TITLE` | [changelogTitle @semantic-release/changelog option](https://github.com/semantic-release/changelog#options). You might want to use markdown format (for example `# MyApp Changelog`). | _none_ |
| `dry-run` / `SEMREL_DRY_RUN` | Activate the [dryRun semantic-release option](https://github.com/semantic-release/semantic-release/blob/master/docs/usage/configuration.md#dryrun) if present. | _none_ | | `dry-run` / `SEMREL_DRY_RUN` | Activate the [dryRun semantic-release option](https://github.com/semantic-release/semantic-release/blob/master/docs/usage/configuration.md#dryrun) if present. | _none_ |
| `auto-release-enabled` / `SEMREL_AUTO_RELEASE_ENABLED` | When set to `true` the job start automatically. When not set (default), the job is manual. | _none_ | | `auto-release-enabled` / `SEMREL_AUTO_RELEASE_ENABLED` | When set to `true` the job start automatically. When not set (default), the job is manual. | _none_ |
| `branches-ref` / `SEMREL_BRANCHES_REF` | Regular expression pattern matching branches from which releases should happen (should match your [semantic-release configuration](https://semantic-release.gitbook.io/semantic-release/usage/configuration#branches)) | `/^(master|main)$/` | | `branches-ref` / `SEMREL_BRANCHES_REF` | Regular expression pattern matching branches from which releases should happen (should match your [semantic-release configuration](https://semantic-release.gitbook.io/semantic-release/usage/configuration#branches)) | `/^(master\|main)$/` |
| `tag-format` / `SEMREL_TAG_FORMAT` | [tagFormat semantic-release option](https://github.com/semantic-release/semantic-release/blob/master/docs/usage/configuration.md#tagformat). :warning: don't forget to double the `$` character so it is not interpreted by GitLab. | `$${version}` | | `tag-format` / `SEMREL_TAG_FORMAT` | [tagFormat semantic-release option](https://github.com/semantic-release/semantic-release/blob/master/docs/usage/configuration.md#tagformat). :warning: don't forget to double the `$` character so it is not interpreted by GitLab. | `$${version}` |
| `hooks-dir` / `SEMREL_HOOKS_DIR` | [Hook scripts](#hook_scripts) folder. | `.` | | `hooks-dir` / `SEMREL_HOOKS_DIR` | [Hook scripts](#hook_scripts) folder. | `.` |
| `commit-message` / `SEMREL_COMMIT_MESSAGE` | Add a custom commit message based on [semantic-release/git option](https://github.com/semantic-release/git#message). | _none_ (uses semantic-release default commit message) | | `commit-message` / `SEMREL_COMMIT_MESSAGE` | Add a custom commit message based on [semantic-release/git option](https://github.com/semantic-release/git#message). | _none_ (uses semantic-release default commit message) |
...@@ -161,7 +161,7 @@ Parameters: ...@@ -161,7 +161,7 @@ Parameters:
#### Signing release commits with GPG #### Signing release commits with GPG
For an introduction on commit signing, see [GitLab documentation](https://docs.gitlab.com/ee/user/project/repository/gpg_signed_commits/). For an introduction on commit signing, see [GitLab documentation](https://docs.gitlab.com/ee/user/project/repository/signed_commits/gpg.html).
To make semantic-release sign its commits, use the following variable. To make semantic-release sign its commits, use the following variable.
...@@ -171,7 +171,7 @@ To make semantic-release sign its commits, use the following variable. ...@@ -171,7 +171,7 @@ To make semantic-release sign its commits, use the following variable.
### `semantic-release-info` job ### `semantic-release-info` job
This job (disabled by default) runs `semantic-release` with `dry-run` mode in `.pre` stage to save the following variables as [dotenv artifact](https://docs.gitlab.com/ee/ci/pipelines/job_artifacts.html#artifactsreportsdotenv) making them available for the next pipeline stages: This job (disabled by default) runs `semantic-release` with `dry-run` mode in `.pre` stage to save the following variables as [dotenv artifact](https://docs.gitlab.com/ee/ci/yaml/artifacts_reports.html#artifactsreportsdotenv) making them available for the next pipeline stages:
* `SEMREL_INFO_LAST_VERSION`: latest released version * `SEMREL_INFO_LAST_VERSION`: latest released version
* `SEMREL_INFO_NEXT_VERSION`: next release version (based on actual commits and comments) * `SEMREL_INFO_NEXT_VERSION`: next release version (based on actual commits and comments)
...@@ -355,10 +355,12 @@ In order to be able to communicate with the Vault server, the variant requires t ...@@ -355,10 +355,12 @@ In order to be able to communicate with the Vault server, the variant requires t
| Input / Variable | Description | Default value | | Input / Variable | Description | Default value |
| ----------------------------------- | ------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------- | | ----------------------------------- | ------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------- |
| `TBC_VAULT_IMAGE` | The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use (can be overridden) | `registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest` | | `TBC_VAULT_IMAGE` | The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use (can be overridden) | `registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest` |
| `vault-base-url` / `VAULT_BASE_URL` | The Vault server base API url | _none_ | | `vault-base-url` / `VAULT_BASE_URL` | The Vault server base API url | **must be defined** |
| `vault-oidc-aud` / `VAULT_OIDC_AUD` | The `aud` claim for the JWT | `$CI_SERVER_URL` | | `vault-oidc-aud` / `VAULT_OIDC_AUD` | The `aud` claim for the JWT | `$CI_SERVER_URL` |
| :lock: `VAULT_ROLE_ID` | The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID | **must be defined** | | :lock: `VAULT_ROLE_ID` | The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID | _none_ |
| :lock: `VAULT_SECRET_ID` | The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID | **must be defined** | | :lock: `VAULT_SECRET_ID` | The [AppRole](https://www.vaultproject.io/docs/auth/approle) SecretID | _none_ |
By default, the variant will authentifacte using a [JWT ID token](https://docs.gitlab.com/ee/ci/secrets/id_token_authentication.html). To use [AppRole](https://www.vaultproject.io/docs/auth/approle) instead the `VAULT_ROLE_ID` and `VAULT_SECRET_ID` should be defined as secret project variables.
#### Usage #### Usage
...@@ -380,9 +382,9 @@ With: ...@@ -380,9 +382,9 @@ With:
```yaml ```yaml
include: include:
# main template # main template
- component: $CI_SERVER_FQDN/to-be-continuous/semantic-release/gitlab-ci-semrel@3.11.2 - component: $CI_SERVER_FQDN/to-be-continuous/semantic-release/gitlab-ci-semrel@3.11.5
# Vault variant # Vault variant
- component: $CI_SERVER_FQDN/to-be-continuous/semantic-release/gitlab-ci-semrel-vault@3.11.2 - component: $CI_SERVER_FQDN/to-be-continuous/semantic-release/gitlab-ci-semrel-vault@3.11.5
inputs: inputs:
vault-base-url: "https://vault.acme.host/v1" vault-base-url: "https://vault.acme.host/v1"
# audience claim for JWT # audience claim for JWT
...@@ -391,5 +393,4 @@ include: ...@@ -391,5 +393,4 @@ include:
variables: variables:
# Secrets managed by Vault # Secrets managed by Vault
GITLAB_TOKEN: "@url@http://vault-secrets-provider/api/secrets/b7ecb6ebabc231/semantic-release/token?field=group-access-token" GITLAB_TOKEN: "@url@http://vault-secrets-provider/api/secrets/b7ecb6ebabc231/semantic-release/token?field=group-access-token"
# $VAULT_ROLE_ID and $VAULT_SECRET_ID defined as a secret CI/CD variable
``` ```
...@@ -27,7 +27,7 @@ if [[ "$curVer" ]]; then ...@@ -27,7 +27,7 @@ if [[ "$curVer" ]]; then
log_info "Bump version from \\e[33;1m${curVer}\\e[0m to \\e[33;1m${nextVer}\\e[0m (release type: $relType)..." log_info "Bump version from \\e[33;1m${curVer}\\e[0m to \\e[33;1m${nextVer}\\e[0m (release type: $relType)..."
# replace in README # replace in README
sed -e "s/ref: *'$curVer'/ref: '$nextVer'/" -e "s/ref: *\"$curVer\/ref: \$nextVer\/" -e "s/component: *\(.*\)@$curVer/component: \1@$nextVer/" README.md > README.md.next sed -e "s/ref: *'$curVer'/ref: '$nextVer'/" -e "s/ref: *\"$curVer\"/ref: \"$nextVer\"/" -e "s/component: *\(.*\)@$curVer/component: \1@$nextVer/" README.md > README.md.next
mv -f README.md.next README.md mv -f README.md.next README.md
# replace in template and variants # replace in template and variants
......
...@@ -22,7 +22,7 @@ variables: ...@@ -22,7 +22,7 @@ variables:
.semrel-base: .semrel-base:
services: services:
- name: "$TBC_TRACKING_IMAGE" - name: "$TBC_TRACKING_IMAGE"
command: ["--service", "semrel", "3.11.2"] command: ["--service", "semrel", "3.11.5"]
- name: "$TBC_VAULT_IMAGE" - name: "$TBC_VAULT_IMAGE"
alias: "vault-secrets-provider" alias: "vault-secrets-provider"
variables: variables:
......
...@@ -383,6 +383,8 @@ stages: ...@@ -383,6 +383,8 @@ stages:
fi fi
elif command -v node > /dev/null elif command -v node > /dev/null
then then
decoded=$(mktemp)
errors=$(mktemp)
if node -e "const fs=require('fs');function dlFile(url,file,maxRedir=5){return new Promise((resolve,reject)=>{let redirCount=0;const req=require(url.split(':')[0]).get(url,res=>{res.statusCode>=300&&res.statusCode<400&&res.headers.location&&redirCount<maxRedir?(redirCount++,console.log('Follow redirect ('+redirCount+'): '+res.headers.location),dlFile(res.headers.location,file,maxRedir).then(resolve).catch(reject)):200===res.statusCode?(res.pipe(fs.createWriteStream(file)).on('finish',()=>resolve()),res.on('error',reject)):reject(new Error('HTTP error: '+res.statusCode))});req.on('error',reject)})}dlFile('$url','$decoded').then(()=>{console.log('Download complete'),process.exit(0)}).catch(e=>{console.error('Error:',e),process.exit(1)});" 2> "${errors}" if node -e "const fs=require('fs');function dlFile(url,file,maxRedir=5){return new Promise((resolve,reject)=>{let redirCount=0;const req=require(url.split(':')[0]).get(url,res=>{res.statusCode>=300&&res.statusCode<400&&res.headers.location&&redirCount<maxRedir?(redirCount++,console.log('Follow redirect ('+redirCount+'): '+res.headers.location),dlFile(res.headers.location,file,maxRedir).then(resolve).catch(reject)):200===res.statusCode?(res.pipe(fs.createWriteStream(file)).on('finish',()=>resolve()),res.on('error',reject)):reject(new Error('HTTP error: '+res.statusCode))});req.on('error',reject)})}dlFile('$url','$decoded').then(()=>{console.log('Download complete'),process.exit(0)}).catch(e=>{console.error('Error:',e),process.exit(1)});" 2> "${errors}"
then then
# shellcheck disable=SC2086 # shellcheck disable=SC2086
...@@ -698,7 +700,7 @@ stages: ...@@ -698,7 +700,7 @@ stages:
# Generating the hook scripts that will generate the dotenv file # Generating the hook scripts that will generate the dotenv file
# The dotenv file is generated in $TMPDIR so it will survive the git reset # The dotenv file is generated in $TMPDIR so it will survive the git reset
dotenv_tmp="$(mktemp -t semrel-info-XXXXXXXXXX.dotenv)" dotenv_tmp="$(mktemp -t semrel-info-XXXXXXXXXX.dotenv)"
commitPresetConfig=$(generate_commit_preset_conf)
export_last_version_hook_script="./export-last-version.sh" export_last_version_hook_script="./export-last-version.sh"
{ {
echo "#!/bin/bash" echo "#!/bin/bash"
...@@ -730,16 +732,13 @@ stages: ...@@ -730,16 +732,13 @@ stages:
echo "" echo ""
echo "# injected (replace your plugins) plugins by the template to generate dotenv" echo "# injected (replace your plugins) plugins by the template to generate dotenv"
echo "" echo ""
echo "plugins: [" echo "plugins:"
echo " \"@semantic-release/commit-analyzer\"," echo " - - '@semantic-release/commit-analyzer'"
echo " [" echo "${commitPresetConfig}"
echo " \"@semantic-release/exec\"," echo " - - '@semantic-release/exec'"
echo " {" echo " - analyzeCommitsCmd: '\"${export_last_version_hook_script}\" \"\${lastRelease.version}\"'"
echo " \"analyzeCommitsCmd\": \"${export_last_version_hook_script} \\\"\${lastRelease.version}\\\"\"", echo " verifyReleaseCmd: '\"${export_next_version_hook_script}\" \"\${nextRelease.version}\" \"\${nextRelease.type}\"'"
echo " \"verifyReleaseCmd\": \"${export_next_version_hook_script} \\\"\${nextRelease.version}\\\" \\\"\${nextRelease.type}\\\"\"" echo ""
echo " }"
echo " ],"
echo "]"
} >> "${releaserc_file}.new" } >> "${releaserc_file}.new"
mv -f "${releaserc_file}.new" ".releaserc" mv -f "${releaserc_file}.new" ".releaserc"
...@@ -804,12 +803,12 @@ stages: ...@@ -804,12 +803,12 @@ stages:
image: $SEMREL_IMAGE image: $SEMREL_IMAGE
services: services:
- name: "$TBC_TRACKING_IMAGE" - name: "$TBC_TRACKING_IMAGE"
command: ["--service", "semrel", "3.11.2"] command: ["--service", "semrel", "3.11.5"]
before_script: before_script:
- !reference [.semrel-scripts] - !reference [.semrel-scripts]
- install_ca_certs "${CUSTOM_CA_CERTS:-$DEFAULT_CA_CERTS}" - install_ca_certs "${CUSTOM_CA_CERTS:-$DEFAULT_CA_CERTS}"
# install git and OpenSSH # install git and OpenSSH
- maybe_install_packages ca-certificates git openssh-client gpg - maybe_install_packages ca-certificates git openssh-client gpg gpg-agent
- maybe_install_yq - maybe_install_yq
- cd "${SEMREL_CONFIG_DIR}" - cd "${SEMREL_CONFIG_DIR}"
- prepare_semantic_release - prepare_semantic_release
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment