chore: initial release updates

.github/actions/e2e/action.yml

@@ -86,7 +86,7 @@ runs:
       run: echo "tf_version=$(grep 'terraform ' .tool-versions)" >> $GITHUB_OUTPUT
 
     - name: Configure AWS Credentials for Commercial
-      uses: aws-actions/configure-aws-credentials@v2
+      uses: aws-actions/configure-aws-credentials@v4
       with:
         role-to-assume: ${{ inputs.role-to-assume }}
         role-session-name: ${{ github.event.client_payload.pull_request.head.sha || github.sha }}

.github/workflows/publish.yml → .github/workflows/publish-dev-deps.yml

@@ -1,37 +1,49 @@
-name: build-and-publish
+name: build-and-publish-dev-deps
 
 concurrency:
     cancel-in-progress: true
-    group: build-and-publish
+    group: build-and-publish-dev-deps
 
 on:
   push:
     branches: [ "main" ]
-  workflow_dispatch:
-  schedule:
-    - cron: '0 0 * * *'
 
 jobs:
   build-and-publish-package:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v3
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          token: ${{ secrets.PAT }}
+          repository: ${{ github.repository }}
+          ref: ${{ github.ref_name }}
 
       - name: Init zarf cache
         uses: actions/cache@v3
         with:
           path: "~/.zarf-cache"
           key: zarf-cache
 
+      - name: Free GH runner build space
+        run: |
+          df -h
+          sudo rm -rf /usr/share/dotnet
+          sudo rm -rf /usr/local/lib/android
+          sudo rm -rf /opt/ghc
+          sudo rm -rf /opt/hostedtoolcache/CodeQL
+          sudo docker image prune --all --force
+          df -h
+
       - name: Install zarf
         uses: supplypike/setup-bin@v3
         with:
           # renovate: zarf-uri datasource=github-tags depName=defenseunicorns/zarf
-          uri: 'https://github.com/defenseunicorns/zarf/releases/download/v0.29.2/zarf_v0.29.2_Linux_amd64'
+          uri: 'https://github.com/defenseunicorns/zarf/releases/download/v0.31.2/zarf_v0.31.2_Linux_amd64'
           name: 'zarf'
           # renovate: datasource=github-tags depName=defenseunicorns/zarf versioning=semver
-          version: 'v0.29.2'
+          version: 'v0.31.2'
 
       - name: Login to GHCR
         uses: docker/login-action@v2
@@ -40,13 +52,6 @@ jobs:
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Login to registry1
-        uses: docker/login-action@v2
-        with:
-          registry: registry1.dso.mil
-          username: ${{ secrets.REGISTRY1_USERNAME }}
-          password: ${{ secrets.REGISTRY1_PASSWORD }}
-
       ####
       # Build and publish dependency packages to use in a dev UDS Bundle
       ####
@@ -55,15 +60,3 @@ jobs:
 
       - name: Build and publish dev-dependency mattermost-minio package
         run: cd utils/pkg-deps/mattermost/minio && zarf package create --confirm --no-progress --output oci://ghcr.io/defenseunicorns/uds-capability/mattermost/dev-dependency
-
-      ####
-      # Build and publish capability package and skeleton
-      ####
-      - name: Build mattermost package
-        run: zarf package create --confirm --no-progress
-
-      - name: Publish mattermost package
-        run: zarf package publish zarf-package-mattermost-amd64-*.tar.zst oci://ghcr.io/defenseunicorns/uds-capability --no-progress
-
-      - name: Publish mattermost skeleton
-        run: zarf package publish . oci://ghcr.io/defenseunicorns/uds-capability --no-progress

.github/workflows/publish-package.yml

@@ -0,0 +1,80 @@
+name: Publish Zarf Package
+
+on:
+  workflow_call:
+
+permissions:
+  contents: read
+  packages: write
+  id-token: write
+
+jobs:
+  build-and-publish-package:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          token: ${{ secrets.PAT }}
+          repository: ${{ github.repository }}
+          ref: ${{ github.ref_name }}
+
+      - name: Login to Registry1
+        uses: docker/login-action@v3
+        with:
+          registry: registry1.dso.mil
+          username: ${{ secrets.REGISTRY1_USERNAME }}
+          password: ${{ secrets.REGISTRY1_PASSWORD }}
+
+      - name: Init zarf cache
+        uses: actions/cache@v3
+        with:
+          path: "~/.zarf-cache"
+          key: zarf-cache
+
+      - name: Free GH runner build space
+        run: |
+          df -h
+          sudo rm -rf /usr/share/dotnet
+          sudo rm -rf /usr/local/lib/android
+          sudo rm -rf /opt/ghc
+          sudo rm -rf /opt/hostedtoolcache/CodeQL
+          sudo docker image prune --all --force
+          df -h
+
+      - name: Install zarf
+        uses: supplypike/setup-bin@v3
+        with:
+          # renovate: zarf-uri datasource=github-tags depName=defenseunicorns/zarf
+          uri: 'https://github.com/defenseunicorns/zarf/releases/download/v0.31.2/zarf_v0.31.2_Linux_amd64'
+          name: 'zarf'
+          # renovate: datasource=github-tags depName=defenseunicorns/zarf versioning=semver
+          version: 'v0.31.2'
+
+      - name: Build mattermost package
+        run: zarf package create --confirm --no-progress
+
+      - name: Run E2E Tests
+        uses: ./.github/actions/e2e
+        with:
+          token: ${{ secrets.PAT }}
+          role-to-assume: ${{ secrets.AWS_COMMERCIAL_ROLE_TO_ASSUME }}
+          region: ${{ vars.AWS_REGION }}
+          github-context: "test / e2e (${{github.event_name}})"
+          aws-availability-zone: ${{ vars.AWS_AVAILABILITY_ZONE }}
+          registry1-username: ${{ secrets.REGISTRY1_USERNAME }}
+          registry1-password: ${{ secrets.REGISTRY1_PASSWORD }}
+
+      - name: Login to GHCR
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Publish mattermost package
+        run: zarf package publish zarf-package-mattermost-amd64-*.tar.zst oci://ghcr.io/defenseunicorns/uds-capability --no-progress
+
+      - name: Publish mattermost skeleton
+        run: zarf package publish . oci://ghcr.io/defenseunicorns/uds-capability --no-progress

.github/workflows/tag-test-and-release.yml

@@ -0,0 +1,56 @@
+name: Tag, Test and Publish UDS Capability
+
+on:
+  push:
+    branches:
+      - main
+
+permissions:
+  contents: read
+  packages: write
+  id-token: write
+
+jobs:
+  tag-new-version:
+    permissions: write-all
+    runs-on: ubuntu-latest
+    outputs:
+      release_created: ${{ steps.release-flag.outputs.release_created }}
+    steps:
+      - name: Create Release Tag
+        id: tag
+        uses: google-github-actions/release-please-action@v3
+        with:
+          command: manifest # use configs in release-please-config.json
+      - id: release-flag
+        run: echo "release_created=${{ steps.tag.outputs.release_created || false }}" >> $GITHUB_OUTPUT
+
+  # Testing non release pushes to main
+  test-uds-capability:
+    runs-on: ubuntu-latest
+    needs: tag-new-version
+    if: ${{ needs.tag-new-version.outputs.release_created == 'false'}}
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          token: ${{ secrets.PAT }}
+          repository: ${{ github.repository }}
+          ref: ${{ github.ref_name }}
+      - name: Run E2E Tests
+        uses: ./.github/actions/e2e
+        with:
+          token: ${{ secrets.PAT }}
+          role-to-assume: ${{ secrets.AWS_COMMERCIAL_ROLE_TO_ASSUME }}
+          region: ${{ vars.AWS_REGION }}
+          github-context: "test / e2e (${{github.event_name}})"
+          aws-availability-zone: ${{ vars.AWS_AVAILABILITY_ZONE }}
+          registry1-username: ${{ secrets.REGISTRY1_USERNAME }}
+          registry1-password: ${{ secrets.REGISTRY1_PASSWORD }}
+
+  # Testing and publishing release pushes to main
+  test-and-publish-uds-capability:
+    needs: tag-new-version
+    if: ${{ needs.tag-new-version.outputs.release_created == 'true'}}
+    uses: ./.github/workflows/publish-package.yml
+    secrets: inherit

.github/workflows/test-command.yml

@@ -5,9 +5,6 @@ name: test
 on:
   repository_dispatch:
     types: [test-command]
-  push:
-    branches:
-      - main
 
 permissions:
   id-token: write
@@ -28,7 +25,7 @@ jobs:
       run-e2e: ${{ steps.parse.outputs.run-e2e }}
     steps:
       - name: Checkout Repo
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           token: ${{ secrets.PAT }}
           repository: ${{ github.event.client_payload.pull_request.head.repo.full_name || github.repository }}
@@ -43,7 +40,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Repo
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           token: ${{ secrets.PAT }}
           repository: ${{ github.event.client_payload.pull_request.head.repo.full_name || github.repository }}
@@ -60,7 +57,7 @@ jobs:
     if: needs.parse.outputs.run-ping == 'true'
     steps:
       - name: Checkout Repo
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           token: ${{ secrets.PAT }}
           repository: ${{ github.event.client_payload.pull_request.head.repo.full_name || github.repository }}
@@ -77,7 +74,7 @@ jobs:
     if: needs.parse.outputs.run-e2e == 'true'
     steps:
       - name: Checkout Repo
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           token: ${{ secrets.PAT }}
           repository: ${{ github.event.client_payload.pull_request.head.repo.full_name || github.repository }}

.release-please-manifest.json

@@ -0,0 +1,3 @@
+{
+    ".": "0.1.0"
+}

release-please-config.json

@@ -0,0 +1,18 @@
+{
+  "packages": {
+    ".": {
+      "release-type": "simple",
+      "draft": false,
+      "changelog-path": "CHANGELOG.md",
+      "changelog-sections": [
+        { "type": "feat", "section": "Features", "hidden": false },
+        { "type": "fix", "section": "Bug Fixes", "hidden": false },
+        { "type": "chore", "section": "Miscellaneous", "hidden": false }
+      ],
+      "versioning": "always-bump-patch",
+      "extra-files": [
+        "zarf.yaml"
+      ]
+    }
+  }
+}