chore(project): Update project configuration and add Docker publishing workflow

Author: TheMeinerLP

.github/workflows/build-pr.yml

@@ -12,12 +12,27 @@ jobs:
       matrix:
         os: [ubuntu-latest, windows-latest, macos-latest]
     steps:
-      - name: Checkout repository
+      - name: Checkout Repository
         uses: actions/checkout@v4
       - name: Setup Java
         uses: actions/setup-java@v4
         with:
           distribution: temurin
-          java-version: 21
+          java-version: 24
+      - name: Setup Gradle
+        uses: gradle/actions/setup-gradle@v4
       - name: Build on ${{ matrix.os }}
-        run: ./gradlew clean build
+        run: ./gradlew clean build test
+#      - name: Generate JaCoCo Coverage Report
+#        if: matrix.os == 'ubuntu-latest'
+#        run: ./gradlew jacocoTestReport
+#      - name: Jacoco Report to PR
+#        id: jacoco
+#        uses: madrapps/jacoco-report@v1.7.2
+#        with:
+#          paths: ${{ github.workspace }}/build/reports/jacoco/test/jacocoTestReport.xml
+#          token: ${{ secrets.GITHUB_TOKEN }}
+#          min-coverage-overall: 40
+#          min-coverage-changed-files: 60
+#          title: Code Coverage
+#          update-comment: true

.github/workflows/close_invalid_prs.yml

@@ -6,9 +6,9 @@ on:
 
 jobs:
   run:
-    if: ${{ github.repository != github.event.pull_request.head.repo.full_name && github.head_ref == 'develop' }}
+    if: ${{ github.repository != github.event.pull_request.head.repo.full_name && github.head_ref == 'main' }}
     runs-on: ubuntu-latest
     steps:
       - uses: superbrothers/close-pull-request@v3
         with:
-          comment: "Please do not open pull requests from the `develop` branch, create a new branch instead."
+          comment: "Please do not open pull requests from the `main` branch, create a new branch instead."

.github/workflows/main-build.yml

@@ -1,25 +1,130 @@
-name: Publish JAR
+name: Publish Docker Images
 
 on:
   push:
-    branches:
-      - master
-      - develop
+    tags:
+      - "v*.*.*"
+
 jobs:
-  build:
+  gradle:
     runs-on: ubuntu-latest
-    env:
-      ONELITEFEATHER_MAVEN_USERNAME: ${{ secrets.ONELITEFEATHER_MAVEN_USERNAME }}
-      ONELITEFEATHER_MAVEN_PASSWORD: ${{ secrets.ONELITEFEATHER_MAVEN_PASSWORD }}
     steps:
-      - name: Checkout repository
+      - name: Checkout
         uses: actions/checkout@v4
-      - name: Set up JDK 21
+        with:
+          fetch-depth: 0
+      - name: Validate Gradle Wrapper
+        uses: gradle/actions/wrapper-validation@v4
+      - name: Setup Java
         uses: actions/setup-java@v4
         with:
-          distribution: 'temurin'
-          java-version: '21'
-      - name: Build with Gradle
-        run: ./gradlew build
-      - name: Publish to Maven
-        run: ./gradlew publish
+          distribution: temurin
+          java-version: 24
+      - name: Setup Gradle
+        uses: gradle/actions/setup-gradle@v4
+      - name: Build on ${{ matrix.os }}
+        run: ./gradlew optimizedDockerfile optimizedDockerfileNative optimizedBuildLayers optimizedBuildNativeLayersTask
+      - name: Upload build artifacts
+        uses: actions/upload-artifact@v4
+        with:
+          name: build
+          path: backend/build
+
+  dockerNative:
+    runs-on: ubuntu-latest
+    needs:
+      - gradle
+    steps:
+      - uses: actions/checkout@v4
+        name: Checkout
+      - name: Download build artifacts
+        uses: actions/download-artifact@v5
+        with:
+          name: build
+          path: backend/build
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          # list of Docker images to use as base name for tags
+          images: |
+            ${{ secrets.HARBOR_REGISTRY }}/otis/otis-native
+          # generate Docker tags based on the following events/attributes
+          tags: |
+            type=schedule
+            type=ref,event=branch
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}}
+            type=sha
+      - name: Log in to OneLiteFeather Harbor
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.HARBOR_USERNAME }}
+          password: ${{ secrets.HARBOR_PASSWORD }}
+          registry: ${{ secrets.HARBOR_REGISTRY }}
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          context: ./backend/build/docker/native-optimized
+  docker:
+    runs-on: ubuntu-latest
+    needs:
+      - gradle
+    steps:
+      - uses: actions/checkout@v4
+        name: Checkout
+      - name: Download build artifacts
+        uses: actions/download-artifact@v5
+        with:
+          name: build
+          path: backend/build
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          # list of Docker images to use as base name for tags
+          images: |
+            ${{ secrets.HARBOR_REGISTRY }}/otis/otis
+          # generate Docker tags based on the following events/attributes
+          tags: |
+            type=schedule
+            type=ref,event=branch
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}}
+            type=sha
+      - name: Log in to OneLiteFeather Harbor
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.HARBOR_USERNAME }}
+          password: ${{ secrets.HARBOR_PASSWORD }}
+          registry: ${{ secrets.HARBOR_REGISTRY }}
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          context: ./backend/build/docker/optimized

.github/workflows/publish.yml

@@ -0,0 +1,50 @@
+name: Release
+"on":
+  push:
+    branches:
+      - main
+      - next
+      - beta
+      - "*.x"
+
+permissions:
+  contents: read # for checkout
+
+jobs:
+  release:
+    name: Release
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write # to be able to publish a GitHub release
+      issues: write # to be able to comment on released issues
+      pull-requests: write # to be able to comment on released pull requests
+      id-token: write # to enable use of OIDC for npm provenance
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: "lts/*"
+      - name: Validate Gradle Wrapper
+        uses: gradle/actions/wrapper-validation@v4
+      - name: Setup Java
+        uses: actions/setup-java@v4
+        with:
+          distribution: temurin
+          java-version: 24
+      - name: Setup Gradle
+        uses: gradle/actions/setup-gradle@v4
+      - name: Install dependencies
+        run: npm clean-install
+      - name: Verify the integrity of provenance attestations and registry signatures for installed dependencies
+        run: npm audit signatures
+      - name: Release
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+          ONELITEFEATHER_MAVEN_USERNAME: ${{ secrets.ONELITEFEATHER_MAVEN_USERNAME }}
+          ONELITEFEATHER_MAVEN_PASSWORD: ${{ secrets.ONELITEFEATHER_MAVEN_PASSWORD }}
+        run: npx semantic-release

.github/workflows/sematic-releases.yml

@@ -0,0 +1,31 @@
+{
+  "plugins": [
+    [
+      "@semantic-release/commit-analyzer",
+      {
+        "preset": "conventionalcommits"
+      }
+    ],
+    "@semantic-release/release-notes-generator",
+    [
+      "@semantic-release/exec",
+      {
+        "verifyConditionsCmd": "./gradlew check",
+        "publishCmd": "./gradlew -Pversion=${nextRelease.version} publish"
+      }
+    ],
+    "@semantic-release/git",
+    [
+      "@semantic-release/github",
+      {
+        "assets": [],
+        "labels": false,
+        "failTitle": false,
+        "failComment": false,
+        "successComment": false,
+        "releasedLabels": false,
+        "addReleases": false
+      }
+    ]
+  ]
+}

.releaserc.json

@@ -2,14 +2,6 @@ plugins {
     alias(libs.plugins.micronaut.application)
     alias(libs.plugins.micronaut.aot)
 }
-
-version = "0.1"
-group = "net.onelitefeather"
-
-repositories {
-    mavenCentral()
-}
-
 dependencies {
     annotationProcessor(mn.micronaut.serde.processor)
     annotationProcessor(mn.micronaut.http.validation)