ci: Complete CI (releases and gem push)

.github/workflows/container.yaml

@@ -0,0 +1,61 @@
+---
+name: Publish OCI Container
+on:  # yamllint disable-line rule:truthy
+  workflow_call:
+    inputs:
+      tag:
+        description: 'The tag to use for the container image'
+        required: false
+        type: string
+  workflow_dispatch:
+    inputs:
+      tag:
+        description: 'The tag to use for the container image'
+        required: false
+        type: string
+jobs:
+  publish_github:
+    name: Publish the container image to GitHub Container Registry
+    runs-on: ubuntu-latest
+    strategy:
+      # Go hard on the builders
+      max-parallel: 5
+      matrix:
+        alpine-version: ['3.20']
+        ruby-version: ['3.4.1']
+    steps:
+      -
+        name: Checkout repository
+        uses: actions/checkout@v4
+      -
+        name: Publish to ghcr.io
+        env:
+          ALPINE_VERSION: ${{ matrix.alpine-version }}
+          REGISTRY_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          RUBY_VERSION: ${{ matrix.ruby-version }}
+          TAG: ${{ github.event.inputs.tag || '' }}
+          TRACE: ${{ secrets.ACTIONS_STEP_DEBUG || 'false' }}
+        # yamllint disable rule:line-length
+        run: |
+          if [ -z "$TAG" ]
+          then
+              [ "$TRACE" = true ] && printf 'No tag provided, getting tag from .version.txt\n' >&2
+              if [ -f ".version.txt" ]
+              then
+                  version=$(<.version.txt)
+              else
+                  [ "$TRACE" = true ] && printf 'No .version.txt found, getting version from git describe --tags --abbrev=0\n' >&2
+                  version=$(git describe --tags --abbrev=0)
+              fi
+          else
+              [ "$TRACE" = true ] && printf 'Using provided tag %s\n' "$TAG" >&2
+              version=$TAG
+          fi
+          [ "$TRACE" = 'true' ] && printf 'Calling ./ci/build_image.sh -vvp "%s"\n' "$version" >&2
+          IMAGE_NAME=$(basename "$GITHUB_REPOSITORY")  \
+          GITHUB_TOKEN=$REGISTRY_TOKEN \
+          ALPINE_VERSION=$ALPINE_VERSION \
+          RUBY_VERSION=$RUBY_VERSION \
+            ./ci/build_image.sh -vvp "$version"
+        # yamllint enable rule:line-length
+        shell: bash

.github/workflows/conventional_commits.yaml

@@ -0,0 +1,63 @@
+---
+name: Conventional Commits And PR titles
+
+on:  # yamllint disable-line rule:truthy
+  pull_request_target:
+    types:
+      - opened
+      - edited
+      - synchronize
+
+jobs:
+  comventional_commits:
+    name: Validate Commit Subjects
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: webiny/[email protected]
+        name: Validate Commit Subjects
+        with:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          # All of the Angular commit types are allowed by default.
+          # Added types to this:
+          #   * eyes - For observability related changes
+          #   * sec  - For security related changes
+          allowed-commit-types: "build,chore,ci,docs,eyes,feat,fix,perf,refactor,revert,sec,style,test"  # yamllint disable-line rule:line-length
+  conventional_pr_title:
+    name: Validate PR title
+    runs-on: ubuntu-latest
+    steps:
+      -
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        id: validate-pr-title
+        name: Validate PR title
+        uses: amannn/action-semantic-pull-request@v5
+        with:
+          # All of the Angular commit types are allowed by default.
+          # Added types to this:
+          #   * eyes - For observability related changes
+          #   * sec  - For security related changes
+          types: |
+            build
+            chore
+            ci
+            docs
+            eyes
+            feat
+            fix
+            perf
+            refactor
+            revert
+            sec
+            style
+            test
+    # We don't enforce scopes
+    #      scopes:
+    #      - frontend
+    #      - backend
+    #      - ci
+    # We don't disallow any scopes
+    #      disallowScopes: |
+    #        release
+          wip: true

.github/workflows/gem.yaml

@@ -0,0 +1,36 @@
+---
+name: Publish Ruby Gem
+on:  # yamllint disable-line rule:truthy
+  workflow_call:
+  workflow_dispatch:
+jobs:
+  publish_gem:
+    name: Publish the gem to registries
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        registry:
+          - key: rubygems
+            secret: RUBYGEMS_TOKEN
+          - key: github
+            secret: GEM_TOKEN_GITHUB
+    steps:
+      -
+        name: Checkout repository
+        uses: actions/checkout@v4
+      -
+        name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: 3.4.1
+          bundler-cache: false
+      -
+        name: Publish to ${{ matrix.registry }}
+        env:
+          TRACE: ${{ secrets.ACTIONS_STEP_DEBUG || 'false' }}
+          GEM_TOKEN: ${{ secrets[matrix.registry.secret] }}
+          REGISTRY: ${{ matrix.registry.key }}
+        run: |
+          bundle install
+          TRACE="$TRACE" GEM_TOKEN="$GEM_TOKEN" ./ci/publish-gem.sh "$REGISTRY"
+        shell: bash

.github/workflows/main.yml → .github/workflows/main.yaml

@@ -1,11 +1,9 @@
 name: Ruby
 
 on:
-  push:
-    branches:
-      - main
+  workflow_call:
 
-  pull_request:
+  workflow_dispatch:
 
 jobs:
   build:

.github/workflows/publish.yaml

@@ -0,0 +1,17 @@
+---
+name: Publish
+
+on:  # yamllint disable-line rule:truthy
+  workflow_dispatch:
+  workflow_call:
+
+jobs:
+  gem:
+    name: Build and publish gem
+    uses: ./.github/workflows/gem.yaml
+    secrets: inherit
+
+  containers:
+    name: Build and publish OCI container images
+    uses: ./.github/workflows/container.yaml
+    secrets: inherit

.github/workflows/release.yaml

@@ -0,0 +1,51 @@
+---
+name: Release
+
+on:  # yamllint disable-line rule:truthy
+  push:
+    branches:
+      - main
+  workflow_dispatch:
+  workflow_call:
+
+jobs:
+  validate:
+    name: Validations
+    uses: ./.github/workflows/validations.yaml
+
+  release:
+    needs: [validate]
+    name: Create a release
+    runs-on: ubuntu-latest
+    outputs:
+      release_created: ${{ steps.release.outputs.release_created }}
+    steps:
+      -
+        uses: actions/checkout@v4
+        id: git-checkout
+        with:
+          fetch-tags: true
+      -
+        uses: googleapis/release-please-action@v4
+        id: release
+        with:
+          config-file: .release-please-config.json
+          manifest-file: .release-please-manifest.json
+          token: ${{ secrets.RELEASE_PLEASE_TOKEN }}
+      -
+        id: debug
+        env:
+          RELEASE_CREATED: ${{ steps.release.outputs.release_created }}
+          TRACE: ${{ secrets.ACTIONS_STEP_DEBUG || 'false' }}
+        run: |
+          if [ "$TRACE" != 'false' ]
+          then
+              printf 'Release created: %s\n' "$RELEASE_CREATED"
+          fi
+
+  publish:
+    if: needs.release.outputs.release_created
+    needs: release
+    name: Build and publish artifacts
+    uses: ./.github/workflows/publish.yaml
+    secrets: inherit

.github/workflows/validations.yaml

@@ -0,0 +1,12 @@
+---
+name: Validations
+
+on:  # yamllint disable-line rule:truthy
+  workflow_dispatch:
+  workflow_call:
+  pull_request:
+
+jobs:
+  validate_ruby:
+    name: Ruby Tests
+    uses: ./.github/workflows/main.yaml

.gitignore

@@ -8,3 +8,4 @@
 /tmp/
 Gemfile.lock
 *.swp
+*.gem

.release-please-config.json

@@ -0,0 +1,32 @@
+{
+  "packages": {
+    ".": {
+      "changelog-path": "CHANGELOG.md",
+      "release-type": "simple",
+      "bump-minor-pre-major": true,
+      "bump-patch-for-minor-pre-major": true,
+      "draft": false,
+      "prerelease": false,
+      "version-file": ".version.txt",
+      "extra-files": [
+        {
+          "type": "generic",
+          "path": "lib/sequel/pgt_outbox/version.rb"
+        },
+        {
+          "type": "generic",
+          "path": "oci/Gemfile"
+        }
+      ],
+      "exclude-paths": [
+        ".release-please-manifest.json",
+        ".version.txt",
+        "lib/sequel/pgt_outbox/version.rb",
+        ".rubocop.yml",
+        ".overcommit.yml",
+        "coverage/coverage.json"
+      ]
+    }
+  },
+  "$schema": "https://raw.githubusercontent.com/googleapis/release-please/main/schemas/config.json"
+}

.release-please-manifest.json

@@ -0,0 +1,3 @@
+{
+  ".": "0.2.0"
+}

.version.txt

@@ -0,0 +1 @@
+0.2.0

Rakefile

@@ -12,4 +12,20 @@ task :spec do
   sh 'bundle exec ./test/sequel/test_pgt_outbox.rb'
 end
 
+desc 'Create the test database'
+task :createdb do
+  require 'uri'
+  uri = URI.parse(ENV.fetch('PGT_SPEC_DB', 'postgres:///spgt_test'))
+  sh "createdb '#{File.basename(uri.path)}'"
+end
+
+desc 'Drop the test database'
+task :dropdb do
+  require 'uri'
+  uri = URI.parse(ENV.fetch('PGT_SPEC_DB', 'postgres:///spgt_test'))
+  sh "dropdb --if-exists '#{File.basename(uri.path)}'"
+end
+
+task resetdb: %i[dropdb createdb]
+
 task default: %i[rubocop spec]