chore: update and align workflows (#16)

.github/dependabot.yml

@@ -0,0 +1,57 @@
+###############################################################
+# Copyright (c) 2024 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License, Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+###############################################################
+
+---
+version: 2
+updates:
+  # NuGet
+  -
+    package-ecosystem: "nuget"
+    directory: /
+    labels:
+      - "dependabot"
+      - "dependencies"
+    schedule:
+      interval: "weekly"
+    ignore:
+      - dependency-name: "*"
+        update-types: ["version-update:semver-major"]
+
+  # Github Actions
+  -
+    package-ecosystem: "github-actions"
+    directory: /
+    labels:
+      - "dependabot"
+      - "github-actions"
+    schedule:
+      interval: "weekly"
+
+  # Docker
+  -
+    package-ecosystem: "docker"
+    directory: ./docker/
+    labels:
+      - "dependabot"
+      - "docker"
+    schedule:
+      interval: "weekly"
+    ignore:
+      - dependency-name: "*"
+        update-types: ["version-update:semver-major"]

.github/pull_request_template.md

@@ -14,7 +14,7 @@ Link to Github issue.
 
 Please delete options that are not relevant.
 
-- [ ] I have followed the [contributing guidelines](https://github.com/eclipse-tractusx/ssi-authority-schema-registry/blob/main/docs/developer/Technical-Documentation/Dev-Process/How-to-contribute.md#commit-and-pr-guidelines)
+- [ ] I have followed the [contributing guidelines](https://github.com/eclipse-tractusx/ssi-authority-schema-registry/blob/main/docs/technical-documentation/dev-process/How%20to%20contribute.md)
 - [ ] I have performed [IP checks](https://eclipse-tractusx.github.io/docs/release/trg-7/trg-7-04#checking-libraries-using-the-eclipse-dash-license-tool) for added or updated 3rd party libraries
 - [ ] I have created and linked IP issues or requested their creation by a committer
 - [ ] I have performed a self-review of my own code

.github/workflows/chart-test.yml

@@ -1,5 +1,5 @@
 ###############################################################
-# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation
+# Copyright (c) 2024 Contributors to the Eclipse Foundation
 #
 # See the NOTICE file(s) distributed with this work for additional
 # information regarding copyright ownership.
@@ -23,7 +23,7 @@ on:
   push:
     paths:
       - 'charts/ssi-authority-schema-registry/**'
-    branches: [main, dev, release-candidate]
+    branches: [main]
   pull_request:
     paths:
       - 'charts/ssi-authority-schema-registry/**'
@@ -36,9 +36,9 @@ on:
         required: false
         type: string
       upgrade_from:
-        description: 'policyhub chart version to upgrade from'
+        description: 'chart version to upgrade from'
         # tbd
-        default: '0.1.0-rc.2'
+        default: 'tbd'
         required: false
         type: string
 
@@ -62,19 +62,19 @@ jobs:
 
       - name: Build migration image
         id: build-migration-image
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
         with:
           context: .
-          file: docker/Dockerfile-ssi-authority-schema-registry-migrations
+          file: ./docker/Dockerfile-ssi-asr-migrations
           push: true
           tags: kind-registry:5000/ssi-authority-schema-registry-migrations:testing
 
       - name: Build service image
         id: build-service-image
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
         with:
           context: .
-          file: docker/Dockerfile-ssi-authority-schema-registry-service
+          file: ./docker/Dockerfile-ssi-asr-service
           push: true
           tags: kind-registry:5000/ssi-authority-schema-registry-service:testing
 
@@ -102,18 +102,18 @@ jobs:
       - name: Run chart-testing (lint)
         run: ct lint --validate-maintainers=false --check-version-increment=false --target-branch ${{ github.event.repository.default_branch }}
 
-      - name: Run service chart-testing (install)
-        run: ct install --charts charts/ssi-authority-schema-registry --config charts/chart-testing-config.yaml --helm-extra-set-args "--set=policyhub.image=kind-registry:5000/ssi-authority-schema-registry-service:testing --set=policyhubmigrations.image=kind-registry:5000/ssi-authority-schema-registry-migrations:testing"
+      - name: Run chart-testing (install)
+        run: ct install --charts charts/ssi-authority-schema-registry --config charts/chart-testing-config.yaml --helm-extra-set-args "--set service.image.name=kind-registry:5000/ssi-authority-schema-registry-service --set service.image.tag=testing --set migrations.image.name=kind-registry:5000/ssi-authority-schema-registry-migrations --set migrations.image.tag=testing"
         if: github.event_name != 'pull_request' || steps.list-changed.outputs.changed == 'true'
 
-      # TODO: re-add the step after the first version release  
+      # TODO: uncomment the step after the first stable release
       # Upgrade the released chart version with the locally available chart
       # default value for event_name != workflow_dispatch
       # - name: Run helm upgrade
       #   run: |
       #     helm repo add bitnami https://charts.bitnami.com/bitnami
       #     helm repo add tractusx-dev https://eclipse-tractusx.github.io/charts/dev
-      #     helm install ssi-authority-schema-registry tractusx-dev/ssi-authority-schema-registry --version ${{ github.event.inputs.upgrade_from || '0.1.0-rc.2' }} --namespace upgrade --create-namespace
-      #     helm dependency update charts/ssi-authority-schema-registry
-      #     helm upgrade ssi-authority-schema-registry charts/ssi-authority-schema-registry --set policyhub.image=kind-registry:5000/ssi-authority-schema-registry-service:testing --set=policyhubmigrations.image=kind-registry:5000/ssi-authority-schema-registry-migrations:testing --namespace upgrade
-      #   if: github.event_name != 'pull_request' || steps.list-changed.outputs.changed == 'true'
+      #     helm install ssi-asr tractusx-dev/ssi-authority-schema-registry --version ${{ github.event.inputs.upgrade_from || '1.0.0' }} --namespace upgrade --create-namespace
+      #     helm dependency update charts/ssi-asr
+      #     helm upgrade ssi-asr charts/ssi-asr --set service.image.name=kind-registry:5000/ssi-authority-schema-registry-service --set service.image.tag=testing --set migrations.image.name=kind-registry:5000/ssi-authority-schema-registry-migrations --set migrations.image.tag=testing --namespace upgrade
+      #   if: github.event_name != 'pull_request' || steps.list-changed.outputs.changed == 'true'

.github/workflows/codeql.yml

@@ -102,4 +102,4 @@ jobs:
       - name: Perform CodeQL Analysis
         uses: github/codeql-action/analyze@66b90a5db151a8042fa97405c6cf843bbe433f7b # v2.227
         with:
-          category: "/language:${{matrix.language}}"
+          category: "/language:${{matrix.language}}"

.github/workflows/dependencies.yml

@@ -21,7 +21,7 @@ name: Check Dependencies
 
 on:
   push:
-    branches: [main, dev]
+    branches: [main]
   pull_request:
     types: [opened, synchronize, reopened]
   workflow_dispatch:
@@ -57,10 +57,13 @@ jobs:
         run: dotnet restore src
 
       - name: List packages
-        run: dotnet list src package --include-transitive --interactive | grep ">" | grep -Pv "\s(Org|Microsoft|NuGet|System|runtime|docker|Docker|NETStandard)" | sed -E -e "s/\s+> ([a-zA-Z\.\-]+).+\s([0-9]+\.[0-9]+\.[0-9]+)\s*/nuget\/nuget\/\-\/\1\/\2/g" | awk '!seen[$0]++' > PACKAGES
+        run: dotnet list src package --include-transitive --interactive | grep ">" | grep -Pv "\s(Org.Eclipse.TractusX|Microsoft|NuGet|System|runtime|docker|Docker|NETStandard)" | sed -E -e "s/\s+> ([a-zA-Z\.\-]+).+\s([0-9]+\.[0-9]+\.[0-9]+)\s*/nuget\/nuget\/\-\/\1\/\2/g" | awk '!seen[$0]++' > PACKAGES
+
+      - name: Download Eclipse Dash Tool
+        run: curl -L --output ./org.eclipse.dash.licenses.jar 'https://repo.eclipse.org/service/local/artifact/maven/redirect?r=dash-licenses&g=org.eclipse.dash&a=org.eclipse.dash.licenses&v=LATEST'
 
       - name: Generate Dependencies file
-        run: java -jar ./scripts/download/org.eclipse.dash.licenses-1.0.2.jar PACKAGES -project automotive.tractusx -summary DEPENDENCIES || true
+        run: java -jar ./org.eclipse.dash.licenses.jar PACKAGES -project automotive.tractusx -summary DEPENDENCIES || true
 
       - name: Check if dependencies were changed
         id: dependencies-changed

.github/workflows/kics.yml

@@ -21,7 +21,7 @@ name: "KICS"
 
 on:
   push:
-    branches: [main, dev]
+    branches: [main]
   # pull_request:
   # The branches below must be a subset of the branches above
   # branches: [main, dev]

.github/workflows/lint-pull-request.yml

@@ -58,4 +58,4 @@ jobs:
         uses: marocchino/sticky-pull-request-comment@331f8f5b4215f0445d3c07b4967662a32a2d3e31 # v2.9.0
         with:
           header: pr-title-lint-error
-          delete: true
+          delete: true

.github/workflows/migrations-docker.yml

@@ -17,7 +17,7 @@
 # SPDX-License-Identifier: Apache-2.0
 ###############################################################
 
-name: Migrations
+name: Build Migrations Image
 
 on: 
   push:
@@ -28,10 +28,10 @@ on:
       # workflow file
       - '.github/workflows/ssi-authority-schema-registry-migrations.yml'
       # dockerfile
-      - 'docker/Dockerfile-ssi-authority-schema-registry-migrations'
+      - 'docker/Dockerfile-ssi-asr-migrations'
 
     branches:
-      - 'dev'
+      - 'main'
   workflow_dispatch:
 
 env:
@@ -67,14 +67,14 @@ jobs:
         with:
           images: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}
           tags: |
-            type=raw,value=dev
+            type=raw,value=main
             type=raw,value=${{ github.sha }}
 
       - name: Build and push Docker image
         uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
         with:
           context: .
-          file: docker/Dockerfile-ssi-authority-schema-registry-migrations
+          file: ./docker/Dockerfile-ssi-asr-migrations
           platforms: linux/amd64, linux/arm64
           pull: true
           push: ${{ github.event_name != 'pull_request' }}
@@ -89,4 +89,4 @@ jobs:
           username: ${{ secrets.DOCKER_HUB_USER }}
           password: ${{ secrets.DOCKER_HUB_TOKEN }}
           repository: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}
-          readme-filepath: "./docker/notice-ssi-authority-schema-registry-migrations.md"
+          readme-filepath: ./docker/notice-ssi-asr-migrations.md

.github/workflows/owasp-zap.yml

@@ -65,7 +65,7 @@ jobs:
         uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
         with:
           context: .
-          file: docker/Dockerfile-policy-hub-migrations
+          file: ./docker/Dockerfile-ssi-asr-migrations
           push: true
           tags: kind-registry:5000/ssi-authority-schema-registry-migrations:testing
 
@@ -74,7 +74,7 @@ jobs:
         uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
         with:
           context: .
-          file: docker/Dockerfile-ssi-authority-schema-registry-service
+          file: ./docker/Dockerfile-ssi-asr-service
           push: true
           tags: kind-registry:5000/ssi-authority-schema-registry-service:testing
 
@@ -89,7 +89,7 @@ jobs:
           helm dependency build
 
       - name: Install the chart on KinD cluster
-        run: helm install testing -n apps --create-namespace --wait --set registryservice.image=kind-registry:5000/ssi-authority-schema-registry-service:testing --set=registrymigrations.image=kind-registry:5000/ssi-authority-schema-registry-migrations:testing --set=registry.swaggerEnabled=true charts/ssi-authority-schema-registry
+        run: helm install testing -n apps --create-namespace --wait --set service.image.name=kind-registry:5000/ssi-authority-schema-registry-service --set service.image.tag=testing --set migrations.image.name=kind-registry:5000/ssi-authority-schema-registry-migrations --set migrations.image.tag=testing
 
       - name: Configure port forward to app in KinD
         run: |
@@ -124,15 +124,10 @@ jobs:
           
           echo "... done."
 
-      - name: Add Summary
-        if: success() || failure()
-        run: |
-          echo "Publishing Job summary... "
-          cat report_md.md >> $GITHUB_STEP_SUMMARY
-
       - name: Upload HTML report
         if: success() || failure()
         uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
         with:
           name: ZAP scan report
-          path: ./report_html.html
+          path: ./report_html.html
+          retention-days: 1

.github/workflows/release-please.yml

@@ -22,7 +22,7 @@ name: Release Please
 on:
   push:
     branches:
-      - 'v*.*.*'
+      - 'changelog/v*.*.*'
   workflow_dispatch:
 
 permissions: