diff --git a/.github/workflows/alpha-release-manual.yml b/.github/workflows/alpha-release-manual.yml new file mode 100644 index 0000000..e9e194a --- /dev/null +++ b/.github/workflows/alpha-release-manual.yml @@ -0,0 +1,92 @@ +# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#workflow_dispatch +name: "Alpha Release: Manual" + +on: + workflow_dispatch: + +permissions: + contents: write + id-token: write + attestations: write + +env: + NEXT_VERSION: "0.0.4" + +jobs: + build: + strategy: + matrix: + include: + - os: ubuntu-latest + platform: linux/amd64 + - os: ubuntu-latest + platform: linux/arm64 + - os: macos-latest + platform: darwin/universal + - os: windows-latest + platform: windows/amd64 + runs-on: ${{ matrix.os }} + steps: + - uses: actions/checkout@v6 + + - name: Build + uses: host-uk/build@v3 + with: + build-name: core + build-platform: ${{ matrix.platform }} + build: true + package: true + sign: false + + release: + needs: build + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v6 + + - name: Download artifacts + uses: actions/download-artifact@v7 + with: + path: dist + merge-multiple: true + + - name: Prepare release files + run: | + mkdir -p release + cp dist/* release/ 2>/dev/null || true + ls -la release/ + + - name: Create alpha release + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + VERSION="v${{ env.NEXT_VERSION }}-alpha.${{ github.run_number }}" + + gh release create "$VERSION" \ + --title "Alpha: $VERSION" \ + --notes "Canary build from dev branch. + + **Version:** $VERSION + **Commit:** ${{ github.sha }} + **Built:** $(date -u +'%Y-%m-%d %H:%M:%S UTC') + **Run:** ${{ github.run_id }} + + ## Channel: Alpha (Canary) + + This is an automated pre-release for early testing. + + - Systems and early adopters can test breaking changes + - Quality scoring determines promotion to beta + - Use stable releases for production + + ## Installation + + \`\`\`bash + # macOS/Linux + curl -fsSL https://github.com/host-uk/core/releases/download/$VERSION/core-linux-amd64 -o core + chmod +x core && sudo mv core /usr/local/bin/ + \`\`\` + " \ + --prerelease \ + --target dev \ + release/* diff --git a/.github/workflows/dev-release.yml.disabled b/.github/workflows/alpha-release-push.yml similarity index 59% rename from .github/workflows/dev-release.yml.disabled rename to .github/workflows/alpha-release-push.yml index 10aeda8..674e107 100644 --- a/.github/workflows/dev-release.yml.disabled +++ b/.github/workflows/alpha-release-push.yml @@ -1,15 +1,17 @@ -name: Dev Release +# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#push +name: "Alpha Release: Push" on: push: branches: [dev] - workflow_dispatch: permissions: contents: write + id-token: write + attestations: write env: - CORE_VERSION: dev + NEXT_VERSION: "0.0.4" jobs: build: @@ -26,10 +28,10 @@ jobs: platform: windows/amd64 runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Build - uses: host-uk/build@dev + uses: host-uk/build@v3 with: build-name: core build-platform: ${{ matrix.platform }} @@ -41,10 +43,10 @@ jobs: needs: build runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Download artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v7 with: path: dist merge-multiple: true @@ -55,34 +57,37 @@ jobs: cp dist/* release/ 2>/dev/null || true ls -la release/ - - name: Delete existing dev release - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: gh release delete dev -y || true - - - name: Delete existing dev tag - run: git push origin :refs/tags/dev || true - - - name: Create dev release + - name: Create alpha release env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - gh release create dev \ - --title "Development Build" \ - --notes "Latest development build from the dev branch. + VERSION="v${{ env.NEXT_VERSION }}-alpha.${{ github.run_number }}" + gh release create "$VERSION" \ + --title "Alpha: $VERSION" \ + --notes "Canary build from dev branch. + + **Version:** $VERSION **Commit:** ${{ github.sha }} **Built:** $(date -u +'%Y-%m-%d %H:%M:%S UTC') + **Run:** ${{ github.run_id }} + + ## Channel: Alpha (Canary) + + This is an automated pre-release for early testing. + + - Systems and early adopters can test breaking changes + - Quality scoring determines promotion to beta + - Use stable releases for production ## Installation \`\`\`bash # macOS/Linux - curl -fsSL https://github.com/host-uk/core/releases/download/dev/core-linux-amd64 -o core + curl -fsSL https://github.com/host-uk/core/releases/download/$VERSION/core-linux-amd64 -o core chmod +x core && sudo mv core /usr/local/bin/ \`\`\` - - This is a pre-release for testing. Use tagged releases for production." \ + " \ --prerelease \ --target dev \ release/* diff --git a/.github/workflows/ci-manual.yml b/.github/workflows/ci-manual.yml new file mode 100644 index 0000000..fd5459c --- /dev/null +++ b/.github/workflows/ci-manual.yml @@ -0,0 +1,41 @@ +# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#workflow_dispatch +name: "CI: Manual" + +on: + workflow_dispatch: + +env: + CORE_VERSION: dev + +jobs: + qa: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v6 + + - name: Set up Go + uses: actions/setup-go@v6 + with: + go-version-file: 'go.mod' + + - name: Install system dependencies + run: | + sudo apt-get update + sudo apt-get install -y libgtk-3-dev libwebkit2gtk-4.1-dev + + - name: Build core CLI + run: | + go build -ldflags "-X github.com/host-uk/core/pkg/cli.AppVersion=${{ env.CORE_VERSION }}" -o /usr/local/bin/core . + core --version + + - name: Generate code + run: go generate ./internal/cmd/updater/... + + - name: Run QA + # Skip lint until golangci-lint supports Go 1.25 + run: core go qa --skip=lint + + - name: Verify build + run: | + core build --targets=linux/amd64 --ci + dist/linux_amd64/core --version diff --git a/.github/workflows/ci-pull-request.yml b/.github/workflows/ci-pull-request.yml new file mode 100644 index 0000000..e4cfc42 --- /dev/null +++ b/.github/workflows/ci-pull-request.yml @@ -0,0 +1,42 @@ +# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request +name: "CI: Pull Request" + +on: + pull_request: + branches: [dev, main] + +env: + CORE_VERSION: dev + +jobs: + qa: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v6 + + - name: Set up Go + uses: actions/setup-go@v6 + with: + go-version-file: 'go.mod' + + - name: Install system dependencies + run: | + sudo apt-get update + sudo apt-get install -y libgtk-3-dev libwebkit2gtk-4.1-dev + + - name: Build core CLI + run: | + go build -ldflags "-X github.com/host-uk/core/pkg/cli.AppVersion=${{ env.CORE_VERSION }}" -o /usr/local/bin/core . + core --version + + - name: Generate code + run: go generate ./internal/cmd/updater/... + + - name: Run QA + # Skip lint until golangci-lint supports Go 1.25 + run: core go qa --skip=lint + + - name: Verify build + run: | + core build --targets=linux/amd64 --ci + dist/linux_amd64/core --version diff --git a/.github/workflows/ci-push.yml b/.github/workflows/ci-push.yml new file mode 100644 index 0000000..7039b67 --- /dev/null +++ b/.github/workflows/ci-push.yml @@ -0,0 +1,42 @@ +# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#push +name: "CI: Push" + +on: + push: + branches: [dev, main] + +env: + CORE_VERSION: dev + +jobs: + qa: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v6 + + - name: Set up Go + uses: actions/setup-go@v6 + with: + go-version-file: 'go.mod' + + - name: Install system dependencies + run: | + sudo apt-get update + sudo apt-get install -y libgtk-3-dev libwebkit2gtk-4.1-dev + + - name: Build core CLI + run: | + go build -ldflags "-X github.com/host-uk/core/pkg/cli.AppVersion=${{ env.CORE_VERSION }}" -o /usr/local/bin/core . + core --version + + - name: Generate code + run: go generate ./internal/cmd/updater/... + + - name: Run QA + # Skip lint until golangci-lint supports Go 1.25 + run: core go qa --skip=lint + + - name: Verify build + run: | + core build --targets=linux/amd64 --ci + dist/linux_amd64/core --version diff --git a/.github/workflows/codeql-pull-request.yml b/.github/workflows/codeql-pull-request.yml new file mode 100644 index 0000000..4121a5b --- /dev/null +++ b/.github/workflows/codeql-pull-request.yml @@ -0,0 +1,32 @@ +# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request +name: "CodeQL: Pull Request" + +on: + pull_request: + branches: [dev, main] + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + steps: + - name: Checkout + uses: actions/checkout@v6 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v4 + with: + languages: go + + - name: Autobuild + uses: github/codeql-action/autobuild@v4 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v4 + with: + category: "/language:go" diff --git a/.github/workflows/codeql-push.yml b/.github/workflows/codeql-push.yml new file mode 100644 index 0000000..37bb3de --- /dev/null +++ b/.github/workflows/codeql-push.yml @@ -0,0 +1,32 @@ +# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#push +name: "CodeQL: Push" + +on: + push: + branches: [dev, main] + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + steps: + - name: Checkout + uses: actions/checkout@v6 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v4 + with: + languages: go + + - name: Autobuild + uses: github/codeql-action/autobuild@v4 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v4 + with: + category: "/language:go" diff --git a/.github/workflows/codeql-schedule.yml b/.github/workflows/codeql-schedule.yml new file mode 100644 index 0000000..bcb565c --- /dev/null +++ b/.github/workflows/codeql-schedule.yml @@ -0,0 +1,32 @@ +# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#schedule +name: "CodeQL: Schedule" + +on: + schedule: + - cron: "0 6 * * 1" + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + steps: + - name: Checkout + uses: actions/checkout@v6 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v4 + with: + languages: go + + - name: Autobuild + uses: github/codeql-action/autobuild@v4 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v4 + with: + category: "/language:go" diff --git a/.github/workflows/codescan-pull-request.yml b/.github/workflows/codescan-pull-request.yml new file mode 100644 index 0000000..f6c1672 --- /dev/null +++ b/.github/workflows/codescan-pull-request.yml @@ -0,0 +1,30 @@ +# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request +name: "Code Scanning: Pull Request" + +on: + pull_request: + branches: ["dev"] + +jobs: + CodeQL: + runs-on: ubuntu-latest + + permissions: + security-events: write + actions: read + contents: read + + steps: + - name: "Checkout Repository" + uses: actions/checkout@v6 + + - name: "Initialize CodeQL" + uses: github/codeql-action/init@v4 + with: + languages: go,javascript,typescript + + - name: "Autobuild" + uses: github/codeql-action/autobuild@v4 + + - name: "Perform CodeQL Analysis" + uses: github/codeql-action/analyze@v4 diff --git a/.github/workflows/codescan-push.yml b/.github/workflows/codescan-push.yml new file mode 100644 index 0000000..bf8694c --- /dev/null +++ b/.github/workflows/codescan-push.yml @@ -0,0 +1,30 @@ +# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#push +name: "Code Scanning: Push" + +on: + push: + branches: ["dev"] + +jobs: + CodeQL: + runs-on: ubuntu-latest + + permissions: + security-events: write + actions: read + contents: read + + steps: + - name: "Checkout Repository" + uses: actions/checkout@v6 + + - name: "Initialize CodeQL" + uses: github/codeql-action/init@v4 + with: + languages: go,javascript,typescript + + - name: "Autobuild" + uses: github/codeql-action/autobuild@v4 + + - name: "Perform CodeQL Analysis" + uses: github/codeql-action/analyze@v4 diff --git a/.github/workflows/codescan-schedule.yml b/.github/workflows/codescan-schedule.yml new file mode 100644 index 0000000..b9778c1 --- /dev/null +++ b/.github/workflows/codescan-schedule.yml @@ -0,0 +1,30 @@ +# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#schedule +name: "Code Scanning: Schedule" + +on: + schedule: + - cron: "0 2 * * 1-5" + +jobs: + CodeQL: + runs-on: ubuntu-latest + + permissions: + security-events: write + actions: read + contents: read + + steps: + - name: "Checkout Repository" + uses: actions/checkout@v6 + + - name: "Initialize CodeQL" + uses: github/codeql-action/init@v4 + with: + languages: go,javascript,typescript + + - name: "Autobuild" + uses: github/codeql-action/autobuild@v4 + + - name: "Perform CodeQL Analysis" + uses: github/codeql-action/analyze@v4 diff --git a/.github/workflows/coverage-manual.yml b/.github/workflows/coverage-manual.yml new file mode 100644 index 0000000..68f0b07 --- /dev/null +++ b/.github/workflows/coverage-manual.yml @@ -0,0 +1,46 @@ +# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#workflow_dispatch +name: "Coverage: Manual" + +on: + workflow_dispatch: + +env: + CORE_VERSION: dev + +jobs: + coverage: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v6 + + - name: Set up Go + uses: actions/setup-go@v6 + with: + go-version-file: 'go.mod' + + - name: Install system dependencies + run: | + sudo apt-get update + sudo apt-get install -y libgtk-3-dev libwebkit2gtk-4.1-dev + + - name: Build core CLI + run: | + go build -ldflags "-X github.com/host-uk/core/pkg/cli.AppVersion=${{ env.CORE_VERSION }}" -o /usr/local/bin/core . + core --version + + - name: Generate code + run: go generate ./internal/cmd/updater/... + + - name: Run coverage + run: core go cov + + - name: Upload coverage reports to Codecov + uses: codecov/codecov-action@v5 + with: + token: ${{ secrets.CODECOV_TOKEN }} + + - name: Upload coverage report + uses: actions/upload-artifact@v6 + with: + name: coverage-report + path: coverage.txt diff --git a/.github/workflows/coverage-pull-request.yml b/.github/workflows/coverage-pull-request.yml new file mode 100644 index 0000000..60daaaf --- /dev/null +++ b/.github/workflows/coverage-pull-request.yml @@ -0,0 +1,47 @@ +# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request +name: "Coverage: Pull Request" + +on: + pull_request: + branches: [dev, main] + +env: + CORE_VERSION: dev + +jobs: + coverage: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v6 + + - name: Set up Go + uses: actions/setup-go@v6 + with: + go-version-file: 'go.mod' + + - name: Install system dependencies + run: | + sudo apt-get update + sudo apt-get install -y libgtk-3-dev libwebkit2gtk-4.1-dev + + - name: Build core CLI + run: | + go build -ldflags "-X github.com/host-uk/core/pkg/cli.AppVersion=${{ env.CORE_VERSION }}" -o /usr/local/bin/core . + core --version + + - name: Generate code + run: go generate ./internal/cmd/updater/... + + - name: Run coverage + run: core go cov + + - name: Upload coverage reports to Codecov + uses: codecov/codecov-action@v5 + with: + token: ${{ secrets.CODECOV_TOKEN }} + + - name: Upload coverage report + uses: actions/upload-artifact@v6 + with: + name: coverage-report + path: coverage.txt diff --git a/.github/workflows/coverage-push.yml b/.github/workflows/coverage-push.yml new file mode 100644 index 0000000..3f93d97 --- /dev/null +++ b/.github/workflows/coverage-push.yml @@ -0,0 +1,47 @@ +# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#push +name: "Coverage: Push" + +on: + push: + branches: [dev, main] + +env: + CORE_VERSION: dev + +jobs: + coverage: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v6 + + - name: Set up Go + uses: actions/setup-go@v6 + with: + go-version-file: 'go.mod' + + - name: Install system dependencies + run: | + sudo apt-get update + sudo apt-get install -y libgtk-3-dev libwebkit2gtk-4.1-dev + + - name: Build core CLI + run: | + go build -ldflags "-X github.com/host-uk/core/pkg/cli.AppVersion=${{ env.CORE_VERSION }}" -o /usr/local/bin/core . + core --version + + - name: Generate code + run: go generate ./internal/cmd/updater/... + + - name: Run coverage + run: core go cov + + - name: Upload coverage reports to Codecov + uses: codecov/codecov-action@v5 + with: + token: ${{ secrets.CODECOV_TOKEN }} + + - name: Upload coverage report + uses: actions/upload-artifact@v6 + with: + name: coverage-report + path: coverage.txt diff --git a/.github/workflows/pr-build-manual.yml b/.github/workflows/pr-build-manual.yml new file mode 100644 index 0000000..2c02cfb --- /dev/null +++ b/.github/workflows/pr-build-manual.yml @@ -0,0 +1,89 @@ +# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#workflow_dispatch +name: "PR Build: Manual" + +on: + workflow_dispatch: + inputs: + pr_number: + description: 'PR number to build' + required: true + type: number + +permissions: + contents: write + pull-requests: read + +env: + NEXT_VERSION: "0.0.4" + +jobs: + build: + strategy: + matrix: + include: + - os: ubuntu-latest + platform: linux/amd64 + runs-on: ${{ matrix.os }} + steps: + - uses: actions/checkout@v6 + + - name: Build + uses: host-uk/build@v3 + with: + build-name: core + build-platform: ${{ matrix.platform }} + build: true + package: true + sign: false + + draft-release: + needs: build + runs-on: ubuntu-latest + env: + PR_NUM: ${{ inputs.pr_number }} + PR_SHA: ${{ github.sha }} + steps: + - uses: actions/checkout@v6 + + - name: Download artifacts + uses: actions/download-artifact@v7 + with: + path: dist + merge-multiple: true + + - name: Prepare release files + run: | + mkdir -p release + cp dist/* release/ 2>/dev/null || true + ls -la release/ + + - name: Create draft release + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + TAG="v${{ env.NEXT_VERSION }}.pr.${PR_NUM}.bid.${{ github.run_id }}" + + # Delete existing draft for this PR if it exists + gh release delete "$TAG" -y 2>/dev/null || true + git push origin ":refs/tags/$TAG" 2>/dev/null || true + + gh release create "$TAG" \ + --title "Draft: PR #${PR_NUM}" \ + --notes "Draft build for PR #${PR_NUM}. + + **Version:** $TAG + **PR:** #${PR_NUM} + **Commit:** ${PR_SHA} + **Built:** $(date -u +'%Y-%m-%d %H:%M:%S UTC') + **Run:** ${{ github.run_id }} + + ## Channel: Draft + + This is a draft build for testing PR changes before merge. + Not intended for production use. + + Build artifacts available for download and testing. + " \ + --draft \ + --prerelease \ + release/* diff --git a/.github/workflows/pr-build-pull-request.yml b/.github/workflows/pr-build-pull-request.yml new file mode 100644 index 0000000..66ec7c6 --- /dev/null +++ b/.github/workflows/pr-build-pull-request.yml @@ -0,0 +1,89 @@ +# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request +name: "PR Build: Pull Request" + +on: + pull_request: + types: [opened, synchronize, reopened] + +permissions: + contents: write + pull-requests: read + +env: + NEXT_VERSION: "0.0.4" + +jobs: + build: + # Only build if PR is from the same repo (not forks) + if: github.event.pull_request.head.repo.full_name == github.repository + strategy: + matrix: + include: + - os: ubuntu-latest + platform: linux/amd64 + runs-on: ${{ matrix.os }} + steps: + - uses: actions/checkout@v6 + with: + ref: ${{ github.event.pull_request.head.sha }} + + - name: Build + uses: host-uk/build@v3 + with: + build-name: core + build-platform: ${{ matrix.platform }} + build: true + package: true + sign: false + + draft-release: + needs: build + runs-on: ubuntu-latest + env: + PR_NUM: ${{ github.event.pull_request.number }} + PR_SHA: ${{ github.event.pull_request.head.sha }} + steps: + - uses: actions/checkout@v6 + + - name: Download artifacts + uses: actions/download-artifact@v7 + with: + path: dist + merge-multiple: true + + - name: Prepare release files + run: | + mkdir -p release + cp dist/* release/ 2>/dev/null || true + ls -la release/ + + - name: Create draft release + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + TAG="v${{ env.NEXT_VERSION }}.pr.${PR_NUM}.bid.${{ github.run_id }}" + + # Delete existing draft for this PR if it exists + gh release delete "$TAG" -y 2>/dev/null || true + git push origin ":refs/tags/$TAG" 2>/dev/null || true + + gh release create "$TAG" \ + --title "Draft: PR #${PR_NUM}" \ + --notes "Draft build for PR #${PR_NUM}. + + **Version:** $TAG + **PR:** #${PR_NUM} + **Commit:** ${PR_SHA} + **Built:** $(date -u +'%Y-%m-%d %H:%M:%S UTC') + **Run:** ${{ github.run_id }} + + ## Channel: Draft + + This is a draft build for testing PR changes before merge. + Not intended for production use. + + Build artifacts available for download and testing. + " \ + --draft \ + --prerelease \ + release/*