Auto tag

.github/workflows/auto_label.yml

@@ -0,0 +1,21 @@
+name: :rocket: to adjust
+
+on:
+  pull_request:
+
+permissions:
+  pull-requests: write
+  contents: read
+
+jobs:
+  conventional-commits:
+    if: (!contains(split('foo,bar', ','), github.actor))
+    name: Report Conventional Commits
+    runs-on: ubuntu-latest
+    steps:
+        - name: Report Conventional Commits
+          uses: nichtsfrei/actions/pr-conventional-commit-labeler@v3
+          with:
+            token: ${{ github.token }}
+            configuration_toml: release_tag.toml
+

.github/workflows/control.yml

@@ -103,3 +103,5 @@ jobs:
       token: ${{ secrets.GREENBONE_BOT_TOKEN }}
       name: ${{ secrets.GREENBONE_BOT }}
       email: ${{ secrets.GREENBONE_BOT_MAIL }}
+      gpg_key: ${{ secrets.GPG_KEY }}
+      gpg_pass: ${{ secrets.GPG_PASSPHRASE }}

.github/workflows/release.yml

@@ -27,6 +27,10 @@ on:
         required: true
       email:
         required: true
+      gpg_key:
+        required: true
+      gpg_pass:
+        required: true
 
 
 # This job first determines the target branch of the closed pull request. If the target branch is "main",
@@ -62,6 +66,7 @@ jobs:
         with:
           token: ${{ secrets.token }}
           fetch-depth: '0'
+
       - name: set git credentials
         run: |
              git config --global user.email "${{ secrets.email }}"
@@ -73,15 +78,13 @@ jobs:
           git checkout "v${{ env.LATEST_VERSION }}"
           # get just the major version of latest version 
           export BRANCH_NAME=$(echo "${{ env.LATEST_VERSION }}" | sed 's/^\([0-9]*\).*/v\1/')
-          git checkout -b "$BRANCH_NAME"
-          git push origin "$BRANCH_NAME"
+          git checkout -b "$BRANCH_NAME" && git push origin "$BRANCH_NAME" || true
       # create branch of version
+      - uses: greenbone/actions/setup-pontos@v3
       - name: prepare project version ${{ env.RELEASE_REF }} ${{ env.LATEST_VERSION }} -> ${{ env.NEW_VERSION }}
         run: |
           # jump back for the case that we switched to a tag
           git checkout "${{ env.RELEASE_REF }}"
-          # change version
-          python3 -m pip install pontos
           # ignore failure on setting version
           pontos-version update ${{ env.NEW_VERSION }} || true
           # set app version on chart
@@ -103,7 +106,6 @@ jobs:
         with:
           name: rs-binaries
           path: assets
-      - uses: greenbone/actions/setup-pontos@v3
       - name: release ${{ env.PROJECT }} ${{ env.LATEST_VERSION }} -> ${{ env.NEW_VERSION }}
         run: |
           pontos-changelog \
@@ -121,16 +123,21 @@ jobs:
           echo "${{ secrets.token }}" | gh auth login --with-token
           export nrn="v${{ env.NEW_VERSION }}"
           gh release create "$nrn" -F /tmp/changelog.md
+
+      - run: mv assets/linux/arm64/openvasd assets/openvasd-aarch64-unknown-linux-gnu
+      - run: mv assets/linux/amd64/openvasd assets/openvasd-x86_64-unknown-linux-gnu
+      - run: mv assets/linux/arm64/scannerctl assets/scannerctl-aarch64-unknown-linux-gnu
+      - run: mv assets/linux/amd64/scannerctl assets/scannerctl-x86_64-unknown-linux-gnu
+      - run: rm -rf assets/linux
+      - run: ls -las assets/
       - name: "sign ${{ env.PROJECT }}"
         run: |
-          mkdir -p assets
-          ls -las assets/
           export nrn="v${{ env.NEW_VERSION }}"
           export filename="$PROJECT-$nrn"
           curl -sfSL --retry 3 --retry-connrefused --retry-delay 2 -o assets/$filename.zip https://github.com/${{ github.repository }}/archive/refs/tags/$nrn.zip
           curl -sfSL --retry 3 --retry-connrefused --retry-delay 2 -o assets/$filename.tar.gz https://github.com/${{ github.repository }}/archive/refs/tags/$nrn.tar.gz
-          echo -e "${{ secrets.GPG_KEY }}" > private.pgp
-          echo ${{ secrets.GPG_PASSPHRASE }} | bash .github/sign-assets.sh private.pgp
+          echo -e "${{ secrets.gpg_key }}" > private.pgp
+          echo ${{ secrets.gpg_pass }} | bash .github/sign-assets.sh private.pgp
           rm assets/$filename.zip
           rm assets/$filename.tar.gz
           gh release upload $nrn assets/*

release_tag.toml

@@ -0,0 +1,22 @@
+# the name functions as a key and should be unique.
+# The priority is used when only_highest_priority is set to true
+labels = [
+  { name = "patch_release", priority = 1 },
+  { name = "minor_release", priority = 2 },
+  { name = "major_release", priority = 3 },
+]
+
+# group within groups must be defined in `changelog.toml`
+# label within groups must be defined in `labels`
+groups = [
+  { group = "Added", label = "minor_release" },
+  { group = "Changed", label = "major_release" }, # maybe minor?
+  { group = "Removed", label = "major_release" }, # maybe minor?
+  { group = "Bug Fixes", label = "patch_reelase" },
+]
+
+# when set to false all unique labels will be set
+# otherwise only one label with the highest priority
+# will be set
+only_highest_priority = true
+