Dynatrace
diff --git a/‎.github/actions/build-push-images/action.yaml‎
Lines changed: 33 additions & 1 deletion b/‎.github/actions/build-push-images/action.yaml‎
Lines changed: 33 additions & 1 deletion
diff --git a/‎.github/actions/calc-version/action.yaml‎
Lines changed: 107 additions & 0 deletions b/‎.github/actions/calc-version/action.yaml‎
Lines changed: 107 additions & 0 deletions
diff --git a/‎.github/workflows/build-on-main.yaml‎
Lines changed: 34 additions & 88 deletions b/‎.github/workflows/build-on-main.yaml‎
Lines changed: 34 additions & 88 deletions
diff --git a/‎.github/workflows/build-on-branch.yaml‎ ‎.github/workflows/build-pr.yaml‎.github/workflows/build-on-branch.yaml renamed to .github/workflows/build-pr.yaml
Lines changed: 13 additions & 16 deletions b/‎.github/workflows/build-on-branch.yaml‎ ‎.github/workflows/build-pr.yaml‎.github/workflows/build-on-branch.yaml renamed to .github/workflows/build-pr.yaml
Lines changed: 13 additions & 16 deletions
@@ -20,11 +20,22 @@ inputs:
     description: "Path to docker compose file"
     required: false
     default: "compose.build.yaml"
-
+  artifact-dir:
+    description: "Directory to store build artifacts"
+    required: false
+  artifact-name:
+    description: "Name of the uploaded artifact"
+    required: false
 outputs:
   images:
     description: "List of built images"
     value: ${{ steps.build.outputs.images }}
+  artifact-dir:
+    description: "Directory containing build artifacts"
+    value: ${{ steps.artifacts.outputs.artifact-dir }}
+  artifact-name:
+    description: "Name of the uploaded artifact"
+    value: ${{ inputs.artifact-name }}
 
 runs:
   using: composite
@@ -73,3 +84,24 @@ runs:
           docker push "${image_name}":latest
         done
         echo "Push $TAG as new latest completed."
+
+    - name: Prepare build artifacts
+      if: inputs.artifact-dir
+      id: artifacts
+      shell: bash
+      env:
+        TAG: ${{ inputs.tag }}
+        REGISTRY: ${{ inputs.registry }}
+        ARTIFACT_DIR: ${{ inputs.artifact-dir }}
+      run: |
+        mkdir -p $ARTIFACT_DIR
+        envsubst < compose.yaml > $ARTIFACT_DIR/compose.yaml
+        echo "artifact-dir=$ARTIFACT_DIR" >> $GITHUB_OUTPUT
+
+    - name: Upload build artifacts
+      if: inputs.artifact-dir
+      uses: actions/upload-artifact@v6
+      with:
+        name: ${{ inputs.artifact-name }}
+        path: ${{ inputs.artifact-dir }}
+        if-no-files-found: error
@@ -0,0 +1,107 @@
+name: "Calculate Version"
+description: "Calculate semantic version from git history and determine if it is a release"
+inputs:
+  release-branch:
+    description: "Branch name that triggers releases"
+    required: false
+    default: "main"
+
+outputs:
+  version:
+    description: "Calculated semantic version"
+    value: ${{ steps.final-version.outputs.version }}
+  is-release:
+    description: "Whether this is a release build (true/false)"
+    value: ${{ steps.check-release.outputs.is-release }}
+  already-released:
+    description: "Whether this version has already been released (true/false). If true, further build/publish steps can be skipped."
+    value: ${{ steps.check-tag.outputs.already-released }}
+
+runs:
+  using: composite
+  steps:
+    - name: Install GitVersion
+      uses: gittools/actions/gitversion/[email protected]
+      with:
+        versionSpec: "6.x"
+
+    - name: Create GitVersion config
+      shell: bash
+      run: |
+        CONFIG_FILE="/tmp/GitVersion.yml"
+        cat > "$CONFIG_FILE" << 'EOF'
+        assembly-informational-format: "{MajorMinorPatch}-{PreReleaseLabel}-{ShortSha}"
+        label: "{BranchName:l}"
+        major-version-bump-message: '\+semver:\s?(breaking|major)'
+        minor-version-bump-message: '\+semver:\s?(feature|minor)'
+        patch-version-bump-message: '.*'
+        no-bump-message: '\+semver:\s?(none|skip)'
+        branches:
+          main:
+            label: main
+            increment: None
+          pull-request:
+            label: pr{Number}
+        EOF
+        echo "GITVERSION_CONFIG=$CONFIG_FILE" >> $GITHUB_ENV
+        echo "Created GitVersion config:"
+        cat "$CONFIG_FILE"
+
+    - name: Determine Version
+      id: version
+      uses: gittools/actions/gitversion/[email protected]
+      with:
+        configFilePath: ${{ env.GITVERSION_CONFIG }}
+
+    - name: Check if release
+      id: check-release
+      shell: bash
+      run: |
+        CURRENT_BRANCH="${GITHUB_REF#refs/heads/}"
+        if [ "$CURRENT_BRANCH" = "${{ inputs.release-branch }}" ]; then
+          echo "is-release=true" >> $GITHUB_OUTPUT
+          echo "This is a release build from ${{ inputs.release-branch }}"
+        else
+          echo "is-release=false" >> $GITHUB_OUTPUT
+          echo "This is not a release build (current branch: $CURRENT_BRANCH)"
+        fi
+
+    - name: Set final version
+      id: final-version
+      shell: bash
+      run: |
+        if [ "${{ steps.check-release.outputs.is-release }}" = "true" ]; then
+          # If on release branch, use major.minor.patch to create new release
+          VERSION="${{ steps.version.outputs.majorMinorPatch }}"
+        elif [[ "${GITHUB_REF}" == refs/tags/* ]]; then
+          # If on tag, return that tag as current version
+          VERSION="${{ steps.version.outputs.majorMinorPatch }}"
+        else
+          # For other branches, use informational version
+          VERSION="${{ steps.version.outputs.informationalVersion }}"
+        fi
+        echo "version=$VERSION" >> $GITHUB_OUTPUT
+        echo "Final version: $VERSION"
+
+    - name: Check if version already released
+      id: check-tag
+      shell: bash
+      run: |
+        VERSION="${{ steps.final-version.outputs.version }}"
+        if git rev-parse "v$VERSION" >/dev/null 2>&1; then
+          echo "already-released=true" >> $GITHUB_OUTPUT
+          echo "Version $VERSION has already been released. Build will be skipped."
+        else
+          echo "already-released=false" >> $GITHUB_OUTPUT
+          echo "Version $VERSION has not been released yet."
+        fi
+
+    - name: Show version
+      shell: bash
+      run: |
+        echo "Version: ${{ steps.final-version.outputs.version }}"
+        echo "Is release: ${{ steps.check-release.outputs.is-release }}"
+        echo "Version already released: ${{ steps.check-tag.outputs.already-released }}"
+        echo "### Version: ${{ steps.final-version.outputs.version }}" >> $GITHUB_STEP_SUMMARY
+        echo "**Is release:** ${{ steps.check-release.outputs.is-release }}" >> $GITHUB_STEP_SUMMARY
+        echo "**Version already released:** ${{ steps.check-tag.outputs.already-released }}" >> $GITHUB_STEP_SUMMARY
@@ -1,4 +1,4 @@
-name: Build easytrade on main
+name: Build and push easytrade
 on:
   push:
     branches:
@@ -10,12 +10,6 @@ on:
       - src/**
       - helm/**
   workflow_dispatch:
-    inputs:
-      run-tests:
-        description: "Run integration tests after deployment?"
-        required: false
-        type: boolean
-        default: true
 
   workflow_call:
     secrets:
@@ -42,39 +36,49 @@ env:
   CONTAINER_REGISTRY: europe-docker.pkg.dev/dynatrace-demoability/docker/easytrade
   HELM_REGISTRY: oci://europe-docker.pkg.dev/dynatrace-demoability/helm
   HELM_CHART_PATH: helm/easytrade
-  VERSION: 1.2.${{ github.run_number }}
+  ARTIFACT_DIR: ./release-artifacts/
 
 jobs:
   snyk:
-    uses: ./.github/workflows/snyk.yaml
+    uses: ./.github/workflows/reusable-snyk.yaml
     permissions:
       security-events: write
       contents: read
       actions: read
     secrets:
       SNYK_API_TOKEN: ${{ secrets.SNYK_API_TOKEN }}
 
-  build-easytrade:
+  calc-version:
+    uses: ./.github/workflows/reusable-calc-version.yaml
+
+  build-push-easytrade:
+    if: needs.calc-version.outputs.already-released == 'false'
     runs-on: ubuntu-24.04
+    needs: calc-version
+    outputs:
+      artifact-dir: ${{ steps.build-and-push.outputs.artifact-dir }}
+      artifact-name: ${{ steps.build-and-push.outputs.artifact-name }}
     steps:
       - name: Checkout repository
         uses: actions/checkout@v6
 
-      - name: Retrieve gar credentials
+      - name: Login to Google Artifact Registry
         run: |
-          echo "${{ secrets.GAR_CREDENTIALS }}" | docker login -u _json_key_base64 --password-stdin "${{ env.GAR_ADDRESS }}"
+          echo "${{ secrets.GAR_CREDENTIALS }}" | \
+            docker login -u _json_key_base64 --password-stdin "${{ env.GAR_ADDRESS }}"
 
       - name: Set application version
         uses: ./.github/actions/set-version
         with:
-          version: ${{ env.VERSION }}
+          version: ${{ needs.calc-version.outputs.version }}
 
       - name: Build and push easytrade to docker repository
+        id: build-and-push
         uses: ./.github/actions/build-push-images
         with:
           push: true
-          push-latest: true
-          tag: ${{ env.VERSION }}
+          push-latest: ${{ needs.calc-version.outputs.is-release }}
+          tag: ${{ needs.calc-version.outputs.version }}
           registry: ${{ env.CONTAINER_REGISTRY }}
 
       - name: Build and push Helm chart
@@ -83,78 +87,20 @@ jobs:
           chart-path: ${{ env.HELM_CHART_PATH }}
           push: true
           registry-url: oci://europe-docker.pkg.dev/dynatrace-demoability/helm
-          version: ${{ env.VERSION }}
+          version: ${{ needs.calc-version.outputs.version }}
           credentials: ${{ secrets.GAR_CREDENTIALS }}
 
-  deploy-easytrade:
-    runs-on: ubuntu-24.04
-    needs: build-easytrade
-    steps:
-      - name: Retrieve kubeconfig
-        run: |
-          mkdir ~/.kube
-          echo "${{ secrets.KUBECONFIG }}" > ~/.kube/config
-
-      - name: Checkout infrastructure repo
-        uses: actions/checkout@v6
-        with:
-          ssh-key: ${{ secrets.SSH_PRIVATE_KEY }}
-          repository: dynatrace/easytrade-infrastructure
-          path: easytrade-infrastructure
-
-      - name: Deploy easytrade
-        shell: bash
-        env:
-          HELM_CHART_VERSION: ${{ env.VERSION }}
-          BASE_VALUES_FILE: "./helm-values/aws-base.yaml"
-          OVERRIDES_VALUES_FILE: "./helm-values/aws-staging.yaml"
-          DRY_RUN: "false"
-          DEBUG_MODE: "false"
-        run: ./deploy.sh
-        working-directory: ${{ github.workspace }}/easytrade-infrastructure
-
-  run-tests:
-    if: ${{ inputs.run-tests == 'true' }}
-    runs-on: ubuntu-24.04
-    needs: deploy-easytrade
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v6
-
-      - name: Retrieve kubeconfig
-        run: |
-          mkdir ~/.kube
-          echo "${{ secrets.KUBECONFIG }}" > ~/.kube/config
-
-      - name: Enable test environment
-        run: |
-          kubectl -n ${{ env.NAMESPACE }} set env deployment/easytrade-credit-card-order-service WORK_DELAY=10 WORK_RATE=10
-          kubectl -n ${{ env.NAMESPACE }} set env deployment/easytrade-third-party-service COURIER_DELAY=10 COURIER_RATE=10 MANUFACTURE_DELAY=10 MANUFACTURE_RATE=10
-
-      - name: Wait 3 minutes
-        run: sleep 3m
-
-      - name: Order credit card
-        uses: ./.github/actions/order-credit-card
-        with:
-          namespace: ${{ env.NAMESPACE }}
-
-      - name: Wait 12 minutes
-        run: sleep 12m
-
-      - name: Check credit card order
-        uses: ./.github/actions/check-credit-card-order
-        with:
-          namespace: ${{ env.NAMESPACE }}
-
-      - name: Run validation
-        uses: ./.github/actions/run-validation
-        with:
-          client_id: ${{ secrets.OQR_CLIENT_ID }}
-          client_secret: ${{ secrets.OQR_CLIENT_SECRET }}
-          sso_url: ${{ secrets.SSO_URL }}
-          tenant_url: ${{ secrets.OQR_URL }}
-
-      - name: Disable test environment
-        run: |
-          kubectl -n ${{ env.NAMESPACE }} rollout undo deployment/easytrade-credit-card-order-service deployment/easytrade-third-party-service
+  promote:
+    if: needs.calc-version.outputs.is-release == 'true'
+    needs:
+      - calc-version
+      - build-push-easytrade
+    permissions:
+      contents: write
+      actions: write
+    uses: ./.github/workflows/reusable-promote-release.yaml
+    with:
+      version: ${{ needs.calc-version.outputs.version }}
+      trigger-deploy: true
+      artifact-name: ${{ needs.build-push-easytrade.outputs.artifact-name }}
+      artifact-dir: ${{ needs.build-push-easytrade.outputs.artifact-dir }}
@@ -1,39 +1,34 @@
-name: Build easytrade on branch
+name: Build easytrade on PR
+
 on:
-  push:
+  pull_request:
     branches:
-      - "**"
-      - "!main"
-    paths:
-      - .github/**
-      - kubernetes-manifests/**
-      - skaffold.yaml
-      - src/**
-      - helm/**
-
+      - main
   workflow_call:
     secrets:
       SNYK_API_TOKEN:
         required: true
-      GAR_CREDENTIALS:
-        required: true
 
 env:
   CONTAINER_REGISTRY: europe-docker.pkg.dev/dynatrace-demoability/docker/easytrade
   HELM_CHART_PATH: helm/easytrade
 
 jobs:
   snyk:
-    uses: ./.github/workflows/snyk.yaml
+    uses: ./.github/workflows/reusable-snyk.yaml
     permissions:
       security-events: write
       contents: read
       actions: read
     secrets:
       SNYK_API_TOKEN: ${{ secrets.SNYK_API_TOKEN }}
 
+  calc-version:
+    uses: ./.github/workflows/reusable-calc-version.yaml
+
   build-easytrade:
     runs-on: ubuntu-24.04
+    needs: calc-version
     steps:
       - name: Checkout repository
         uses: actions/checkout@v6
@@ -42,17 +37,19 @@ jobs:
         uses: ./.github/actions/build-push-images
         with:
           push: false
-          tag: dev
+          tag: ${{ needs.calc-version.outputs.version }}
           registry: ${{ env.CONTAINER_REGISTRY }}
 
   build-helm-chart:
     runs-on: ubuntu-24.04
+    needs: calc-version
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Build Helm chart
         uses: ./.github/actions/build-push-helm
         with:
           chart-path: ${{ env.HELM_CHART_PATH }}
           push: false
+          version: ${{ needs.calc-version.outputs.version }}