🔥 Release v1.0.0

.dockerignore

@@ -2,6 +2,7 @@
 *
 
 # Include
+!Dockerfile
+!entrypoint.sh
 !LICENSE
 !README.md
-!entrypoint.sh

.editorconfig

@@ -0,0 +1,10 @@
+# EditorConfig helps developers define and maintain consistent coding styles
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+insert_final_newline = true
+indent_style = space
+indent_size = 2
+trim_trailing_whitespace = true

.github/dependabot.yml

@@ -2,20 +2,16 @@ version: 2
 updates:
   # Maintain dependencies for GitHub Actions
   - package-ecosystem: github-actions
-    directory: "/"
+    directory: /
     schedule:
-      interval: daily
+      interval: weekly
     assignees:
       - ChristophShyper
-    labels:
-      - automatic
 
   # Enable version updates for Docker
   - package-ecosystem: docker
-    directory: "/"
+    directory: /
     schedule:
-      interval: daily
+      interval: weekly
     assignees:
       - ChristophShyper
-    labels:
-      - automatic

.github/workflows/pull-request.yml

@@ -3,8 +3,13 @@ name: Pull Request
 on:
   push:
     branches-ignore:
-      - 'master'
-      - 'dependabot**'
+      - master
+      - dependabot/**
+
+permissions:
+  contents: read
+  packages: write
+  pull-requests: write
 
 jobs:
   lint:
@@ -13,55 +18,56 @@ jobs:
     steps:
       - name: Checkout
         uses: actions/checkout@v5
+        with:
+          fetch-depth: 0
+          fetch-tags: true
 
-      - name: Hadolint
-        uses: hadolint/hadolint-action@v3.3.0
+      - name: Install Task
+        uses: arduino/setup-task@v2.0.0
         with:
-          dockerfile: Dockerfile
+          version: 3.x
 
-  build-test:
-    name: Push test
-    if: ${{ !startsWith(github.ref, 'refs/heads/doc') && !startsWith(github.ref, 'refs/heads/test') }}
+      - name: Run linters
+        run: task lint
+
+  build-and-push:
+    name: Build and Push test
     runs-on: ubuntu-24.04-arm
+    needs: [lint]
     steps:
       - name: Checkout
         uses: actions/checkout@v5
         with:
           fetch-depth: 0
+          fetch-tags: true
+
+      - name: Install Task
+        uses: arduino/setup-task@v2.0.0
+        with:
+          version: 3.x
 
-      - name: Extract branch name
-        id: branch
-        run: |
-          if [ "${{ github.event_name }}" == "pull_request" ]; then
-            BRANCH_NAME="${{ github.head_ref }}"
-          else
-            BRANCH_NAME="${GITHUB_REF#refs/heads/}"
-          fi
-          # Sanitize branch name for Docker tag (replace special chars with -)
-          SANITIZED_BRANCH=$(echo "$BRANCH_NAME" | sed 's/[^a-zA-Z0-9._-]/-/g' | tr '[:upper:]' '[:lower:]')
-          echo "name=$SANITIZED_BRANCH" >> $GITHUB_OUTPUT
-          echo "Branch name: $BRANCH_NAME -> Docker tag: test-$SANITIZED_BRANCH"
-
-      - name: Docker Buildx
+      - name: Install Docker Buildx
         uses: docker/setup-buildx-action@v3
         with:
           install: true
 
-      - name: QEMU
+      - name: Install QEMU
         uses: docker/setup-qemu-action@v3
         with:
           image: tonistiigi/binfmt:latest
           platforms: amd64,arm64
 
+      - name: Get Docker commands
+        run: task docker:cmds
+
       - name: Build and push test image
         env:
-          DOCKER_BUILDKIT: 1
           DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          VERSION: ${{ steps.branch.outputs.name }}
-          VERSION_PREFIX: test-
-          TERM: xterm-256color
-        run: make push
+        run: task docker:push
+
+      - name: Inspect image
+        run: task docker:push:inspect
 
   pull-request:
     name: Pull Request
@@ -71,12 +77,16 @@ jobs:
         uses: actions/checkout@v5
         with:
           fetch-depth: 0
+          fetch-tags: true
+
+      - name: Install Task
+        uses: arduino/setup-task@v2.0.0
+        with:
+          version: 3.x
 
-      - name: Template
+      - name: Get template
         shell: bash
-        run: |
-          mkdir -p .tmp
-          curl -LsS https://raw.githubusercontent.com/devops-infra/.github/master/PULL_REQUEST_TEMPLATE.md -o .tmp/PULL_REQUEST_TEMPLATE.md
+        run: task git:get-pr-template
 
       - name: Create Pull Request
         uses: devops-infra/action-pull-request@v0.6

.github/workflows/release.yml

@@ -4,9 +4,14 @@ on:
   workflow_dispatch:
     inputs:
       version:
-        description: 'Release version (e.g., v1.2.3)'
+        description: Release version (e.g., v1.2.3)
         required: true
         type: string
+        default: __TAKEN_FROM_ACTION_YML__
+
+permissions:
+  contents: write
+  packages: write
 
 jobs:
   release:
@@ -17,109 +22,69 @@ jobs:
         uses: actions/checkout@v5
         with:
           fetch-depth: 0
+          fetch-tags: true
 
-      - name: Validate version format
-        run: |
-          VERSION="${{ github.event.inputs.version }}"
-          if [[ ! $VERSION =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
-            echo "❌ Invalid version format. Use format: v1.2.3"
-            exit 1
-          fi
-          echo "✅ Version format is valid: $VERSION"
-
-      - name: Check if version already exists
-        run: |
-          VERSION="${{ github.event.inputs.version }}"
-          if git tag -l | grep -q "^${VERSION}$"; then
-            echo "❌ Version $VERSION already exists"
-            exit 1
-          fi
-          echo "✅ Version $VERSION is available"
-
-      - name: Create and push full tag
-        run: |
-          VERSION="${{ github.event.inputs.version }}"
-          git config user.name "github-actions[bot]"
-          git config user.email "github-actions[bot]@users.noreply.github.com"
-          git tag -a "$VERSION" -m "$VERSION"
-          git push origin "$VERSION"
+      - name: Install Task
+        uses: arduino/setup-task@v2.0.0
+        with:
+          version: 3.x
 
-      - name: Extract version components
+      - name: Create and push git tags
         id: version
+        env:
+          VERSION_OVERRIDE: ${{ github.event.inputs.version }}
+          VERSION_SUFFIX: ""
         run: |
-          VERSION="${{ github.event.inputs.version }}"
-          # Remove 'v' prefix and split version
-          VERSION_NO_V="${VERSION#v}"
-          MAJOR=$(echo "$VERSION_NO_V" | cut -d. -f1)
-          MINOR=$(echo "$VERSION_NO_V" | cut -d. -f2)
-
-          echo "major=v$MAJOR" >> $GITHUB_OUTPUT
-          echo "minor=v$MAJOR.$MINOR" >> $GITHUB_OUTPUT
-          echo "✅ Extracted versions - Major: v$MAJOR, Minor: v$MAJOR.$MINOR"
-
-      - name: Create/update major version tag
-        run: |
-          MAJOR_TAG="${{ steps.version.outputs.major }}"
-
-          # Check if major tag exists
-          if git tag -l | grep -q "^${MAJOR_TAG}$"; then
-            echo "ℹ️ Major tag $MAJOR_TAG exists, updating it"
-            git tag -d "$MAJOR_TAG" || true
-            git push origin ":refs/tags/$MAJOR_TAG" || true
-          else
-            echo "✅ Major tag $MAJOR_TAG is new"
-          fi
-
-          # Create/update major tag
-          git tag -a "$MAJOR_TAG" -m "Major version $MAJOR_TAG"
-          git push origin "$MAJOR_TAG"
-          echo "✅ Created/updated major tag: $MAJOR_TAG"
-
-      - name: Create/update minor version tag
-        run: |
-          MINOR_TAG="${{ steps.version.outputs.minor }}"
-
-          # Check if minor tag exists
-          if git tag -l | grep -q "^${MINOR_TAG}$"; then
-            echo "ℹ️ Minor tag $MINOR_TAG exists, updating it"
-            git tag -d "$MINOR_TAG" || true
-            git push origin ":refs/tags/$MINOR_TAG" || true
-          else
-            echo "✅ Minor tag $MINOR_TAG is new"
-          fi
-
-          # Create/update minor tag
-          git tag -a "$MINOR_TAG" -m "Minor version $MINOR_TAG"
-          git push origin "$MINOR_TAG"
-          echo "✅ Created/updated minor tag: $MINOR_TAG"
+          task git:set-config
+          task version:tag-release
+          echo "REL_VERSION=$(task version:get)" >> "$GITHUB_OUTPUT"
 
-      - name: Docker Buildx
+      - name: Install Docker Buildx
         uses: docker/setup-buildx-action@v3
         with:
           install: true
 
-      - name: QEMU
+      - name: Install QEMU
         uses: docker/setup-qemu-action@v3
         with:
           image: tonistiigi/binfmt:latest
           platforms: amd64,arm64
 
+      - name: Get Docker commands
+        env:
+          VERSION_OVERRIDE: ${{ github.event.inputs.version }}
+          VERSION_SUFFIX: ""
+        run: task docker:cmds
+
       - name: Build and push Docker images
         env:
-          DOCKER_BUILDKIT: 1
           DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          VERSION: ${{ github.event.inputs.version }}
-          TERM: xterm-256color
-        run: make push
+          VERSION_OVERRIDE: ${{ github.event.inputs.version }}
+          VERSION_SUFFIX: ""
+        run: task docker:push
+
+      - name: Inspect image
+        env:
+          VERSION_OVERRIDE: ${{ github.event.inputs.version }}
+          VERSION_SUFFIX: ""
+        run: task docker:push:inspect
 
       - name: Create GitHub Release
         uses: softprops/action-gh-release@v2
         with:
-          tag_name: ${{ github.event.inputs.version }}
-          name: ${{ github.event.inputs.version }}
+          tag_name: ${{ steps.version.outputs.REL_VERSION }}
+          name: ${{ steps.version.outputs.REL_VERSION }}
           draft: false
           prerelease: false
           generate_release_notes: true
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Update Docker Hub description
+        uses: peter-evans/dockerhub-description@v5
+        with:
+          username: ${{ vars.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_TOKEN }}
+          repository: ${{ vars.DOCKER_ORG_NAME }}/${{ github.event.repository.name }}
+          short-description: ${{ github.event.repository.description }}

.github/workflows/weekly-dependency-check.yml

@@ -3,7 +3,11 @@ name: Weekly Dependency Check
 on:
   schedule:
     # Run every Monday at 08:00 UTC
-    - cron: '0 8 * * 1'
+    - cron: 0 8 * * 1
+
+permissions:
+  contents: read
+  packages: write
 
 jobs:
   dependency-check:
@@ -14,36 +18,29 @@ jobs:
         uses: actions/checkout@v5
         with:
           fetch-depth: 0
+          fetch-tags: true
+
+      - name: Install Task
+        uses: arduino/setup-task@v2.0.0
+        with:
+          version: 3.x
 
-      - name: Get latest release tag
-        id: latest-tag
-        run: |
-          LATEST_TAG=$(git describe --tags --abbrev=0 2>/dev/null)
-          if [ -z "$LATEST_TAG" ]; then
-            echo "❌ No release tags found in repository"
-            echo "Please create at least one release before running dependency checks"
-            exit 1
-          fi
-          echo "tag=$LATEST_TAG" >> $GITHUB_OUTPUT
-          echo "Testing dependencies for tag: $LATEST_TAG"
-
-      - name: Docker Buildx
+      - name: Install Docker Buildx
         uses: docker/setup-buildx-action@v3
         with:
           install: true
 
-      - name: QEMU
+      - name: Install QEMU
         uses: docker/setup-qemu-action@v3
         with:
           image: tonistiigi/binfmt:latest
           platforms: amd64,arm64
 
-      - name: Build & push test image
-        env:
-          DOCKER_BUILDKIT: 1
-          DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          VERSION: ${{ steps.latest-tag.outputs.tag }}
-          VERSION_PREFIX: test-
-          TERM: xterm-256color
-        run: make push
+      - name: Get Docker commands
+        run: task docker:cmds
+
+      - name: Build and push test image
+        run: task docker:push
+
+      - name: Inspect image
+        run: task docker:push:inspect