From ca8dc35a269c2b8c2dde22528266904380298eb7 Mon Sep 17 00:00:00 2001
From: Dominic Burger <dominic.burger@geowerkstatt.ch>
Date: Tue, 19 Nov 2024 15:29:36 +0100
Subject: [PATCH 1/2] Add Dockerfile

---
 Dockerfile        | 31 +++++++++++++++++++++++++++++++
 build.gradle      |  1 -
 gradle.properties |  1 +
 3 files changed, 32 insertions(+), 1 deletion(-)
 create mode 100644 Dockerfile
 create mode 100644 gradle.properties

diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..efa3335
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,31 @@
+FROM gradle:8-jdk21 AS build
+WORKDIR /src
+ARG VERSION=0.0.1
+
+# Copy project files
+COPY *.gradle gradle.* .
+COPY gradle/ gradle/
+COPY config/ config/
+COPY src/ src/
+
+# Build project
+RUN gradle -Pversion=$VERSION build installDist
+
+
+FROM eclipse-temurin:21-jre AS final
+ENV HOME=/app
+WORKDIR ${HOME}
+
+# Set default locale
+ENV LANG=C.UTF-8
+ENV LC_ALL=C.UTF-8
+
+# Create non-root user
+ENV APP_UID=1234
+RUN groupadd --gid=$APP_UID app && useradd --uid=$APP_UID --gid=$APP_UID --create-home app
+
+USER $APP_UID
+
+# Copy distribution from build stage
+COPY --from=build /src/build/install/lk2dxf ${HOME}
+ENTRYPOINT ["./bin/lk2dxf"]
diff --git a/build.gradle b/build.gradle
index e75ab52..fd3ad0a 100644
--- a/build.gradle
+++ b/build.gradle
@@ -5,7 +5,6 @@ plugins {
 }
 
 group = 'ch.geowerkstatt.lk2dxf'
-version = '1.0-SNAPSHOT'
 
 repositories {
     mavenCentral()
diff --git a/gradle.properties b/gradle.properties
new file mode 100644
index 0000000..40cc1bb
--- /dev/null
+++ b/gradle.properties
@@ -0,0 +1 @@
+version=1.0-SNAPSHOT

From 3ec9322263cad40cb3f79be9c46dc5e0974ce706 Mon Sep 17 00:00:00 2001
From: Dominic Burger <dominic.burger@geowerkstatt.ch>
Date: Tue, 19 Nov 2024 16:17:21 +0100
Subject: [PATCH 2/2] Add pre-release and release workflows

---
 .github/workflows/pre-release.yml | 105 ++++++++++++++++++++++++++++++
 .github/workflows/release.yml     |  40 ++++++++++++
 VERSION                           |   1 +
 3 files changed, 146 insertions(+)
 create mode 100644 .github/workflows/pre-release.yml
 create mode 100644 .github/workflows/release.yml
 create mode 100644 VERSION

diff --git a/.github/workflows/pre-release.yml b/.github/workflows/pre-release.yml
new file mode 100644
index 0000000..013a21c
--- /dev/null
+++ b/.github/workflows/pre-release.yml
@@ -0,0 +1,105 @@
+name: Pre-release
+
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch:
+
+env:
+  REGISTRY: ghcr.io
+  GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+jobs:
+  create-pre-release:
+    runs-on: ubuntu-latest
+    name: Build and push Docker image and create a new GitHub pre-release
+    permissions:
+      id-token: write
+      contents: write
+      attestations: write
+      packages: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up JDK 21
+        uses: actions/setup-java@v4
+        with:
+          java-version: 21
+          distribution: temurin
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Set environment variables
+        run: |
+          echo VERSION=$(cat VERSION).$GITHUB_RUN_NUMBER >> $GITHUB_ENV
+          echo IMAGE_NAME=$REGISTRY/$(echo ${GITHUB_REPOSITORY,,}) >> $GITHUB_ENV
+          echo COMMITED_AT=$(git show -s --format=%cI `git rev-parse HEAD`) >> $GITHUB_ENV
+
+      - name: Build zip distribution with gradle
+        run: ./gradlew -Pversion='${{ env.VERSION }}' distZip
+
+      - name: Collect Docker image metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.IMAGE_NAME }}
+          labels: |
+            org.opencontainers.image.created=${{ env.COMMITED_AT }}
+            org.opencontainers.image.version=v${{ env.VERSION }}
+            org.opencontainers.image.maintainer=GeoWerkstatt GmbH <support@geowerkstatt.ch>
+          flavor: |
+            latest=false
+          tags: |
+            type=edge
+            type=semver,pattern=v{{version}},value=${{ env.VERSION }}
+
+      - name: Log in to the GitHub container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and push Docker image
+        id: push
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          push: true
+          build-args: |
+            VERSION=${{ env.VERSION }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          sbom: true
+          provenance: mode=max
+
+      - name: Generate docker image attestation
+        uses: actions/attest-build-provenance@v1
+        with:
+          subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          subject-digest: ${{ steps.push.outputs.digest }}
+          push-to-registry: true
+
+      - name: Generate SBOM file
+        uses: anchore/sbom-action@v0
+        with:
+          image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:edge
+          format: 'cyclonedx-json'
+          output-file: 'sbom.cyclonedx.json'
+
+      - name: Generate SBOM attestation
+        uses: actions/attest-sbom@v1
+        with:
+          subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          subject-digest: ${{ steps.push.outputs.digest }}
+          sbom-path: 'sbom.cyclonedx.json'
+          push-to-registry: true
+
+      - name: Create GitHub pre-release
+        run: gh release create "v${{ env.VERSION }}" --title "v${{ env.VERSION }}" --prerelease --target ${{ github.ref }} ./build/distributions/*.zip
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
new file mode 100644
index 0000000..c5279d2
--- /dev/null
+++ b/.github/workflows/release.yml
@@ -0,0 +1,40 @@
+name: Release
+
+on:
+  release:
+    types: [released]
+  workflow_dispatch:
+    inputs:
+      TAG_NAME:
+        description: "Tag name"
+        required: true
+
+env:
+  REGISTRY: ghcr.io
+  GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  TAG_NAME: ${{ github.event.inputs.TAG_NAME || github.event.release.tag_name }}
+
+jobs:
+  retag-docker-image:
+    runs-on: ubuntu-latest
+    name: Retag Docker image as latest
+    permissions:
+      packages: write
+
+    steps:
+      - name: Set environment variables
+        run: |
+          echo VERSION=${TAG_NAME#v} >> $GITHUB_ENV
+          echo IMAGE_NAME=$REGISTRY/$(echo ${GITHUB_REPOSITORY,,}) >> $GITHUB_ENV
+
+      - name: Log in to the GitHub container registry
+        run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ${{ env.REGISTRY }} -u ${{ github.repository_owner }} --password-stdin
+
+      - name: Pull docker image
+        run: docker pull ${{ env.IMAGE_NAME }}:v${{ env.VERSION }}
+
+      - name: Tag docker image
+        run: docker tag ${{ env.IMAGE_NAME }}:v${{ env.VERSION }} ${{ env.IMAGE_NAME }}:latest
+
+      - name: Push docker image
+        run: docker push ${{ env.IMAGE_NAME }}:latest
diff --git a/VERSION b/VERSION
new file mode 100644
index 0000000..9f8e9b6
--- /dev/null
+++ b/VERSION
@@ -0,0 +1 @@
+1.0
\ No newline at end of file