From 260165c9f9ed5a1431b50bbce99d59f01eb90b17 Mon Sep 17 00:00:00 2001
From: wkoot <3715211+wkoot@users.noreply.github.com>
Date: Thu, 7 Nov 2024 23:37:22 +0100
Subject: [PATCH] Workflow publish container images

---
 .circleci/config.yml                 | 40 ----------------------------
 .github/workflows/docker-release.yml | 37 +++++++++++++++++++++++++
 .github/workflows/helm-release.yml   |  5 ++--
 MAINTENANCE.md                       | 12 +++------
 4 files changed, 43 insertions(+), 51 deletions(-)
 delete mode 100644 .circleci/config.yml
 create mode 100644 .github/workflows/docker-release.yml

diff --git a/.circleci/config.yml b/.circleci/config.yml
deleted file mode 100644
index e2603a4..0000000
--- a/.circleci/config.yml
+++ /dev/null
@@ -1,40 +0,0 @@
-version: 2
-
-jobs:
-  build_and_push_tag:
-    machine: true
-    steps:
-      - checkout
-      - run:
-          shell: /bin/bash
-          command: |
-            docker build -t ictu/sonar:${CIRCLE_TAG} .
-            docker login -u $DOCKER_USER -p $DOCKER_PASS
-            docker push ictu/sonar:${CIRCLE_TAG}
-  build_and_push_de_tag:
-    machine: true
-    steps:
-      - checkout
-      - run:
-          shell: /bin/bash
-          command: |
-            docker build --build-arg="IMAGE_EDITION=developer" -t ictu/sonar:${CIRCLE_TAG} .
-            docker login -u $DOCKER_USER -p $DOCKER_PASS
-            docker push ictu/sonar:${CIRCLE_TAG}
-
-workflows:
-  version: 2
-  build_and_push:
-    jobs:
-      - build_and_push_tag:
-          filters:
-            tags:
-              only: /^[0-9]+\.[0-9]+(\.[0-9])*(-[0-9]+)*$/
-            branches:
-              ignore: /.*/
-      - build_and_push_de_tag:
-          filters:
-            tags:
-              only: /^[0-9]+\.[0-9]+(\.[0-9])*(-[0-9]+)*-developer$/
-            branches:
-              ignore: /.*/
diff --git a/.github/workflows/docker-release.yml b/.github/workflows/docker-release.yml
new file mode 100644
index 0000000..afaac69
--- /dev/null
+++ b/.github/workflows/docker-release.yml
@@ -0,0 +1,37 @@
+---
+name: Publish container images to Docker Hub
+
+on: workflow_dispatch  # Only triggered manually, must be done from a semantic version tag
+
+jobs:
+  push_to_registry:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        include:
+          - env:
+              IMAGE_EDITION: community
+              IMAGE_SUFFIX:
+          - env:
+              IMAGE_EDITION: developer
+              IMAGE_SUFFIX: -developer
+    steps:
+      - uses: actions/checkout@v4
+
+      - id: semver
+        name: Ensure that selected tag is a semantic version
+        uses: matt-usurp/validate-semver@v2
+        with:
+          version: ${{ github.ref }}
+
+      - uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Package and push container to Docker Hub
+        if: ${{ github.ref_type == "tag" }}
+        run: |
+          export CONTAINER_TAG="${{ steps.semver.outputs.version }}${{ matrix.env.IMAGE_SUFFIX }}"
+          docker build --build-arg="IMAGE_EDITION=${{ matrix.env.IMAGE_EDITION }}" -t ictu/sonar:${CONTAINER_TAG} .
+          docker push ictu/sonar:${CONTAINER_TAG}
diff --git a/.github/workflows/helm-release.yml b/.github/workflows/helm-release.yml
index d32ca19..7afe3c5 100644
--- a/.github/workflows/helm-release.yml
+++ b/.github/workflows/helm-release.yml
@@ -1,5 +1,5 @@
 ---
-name: Release Helm chart
+name: Release Helm chart to Docker Hub
 
 on: workflow_dispatch  # Only triggered manually
 
@@ -9,8 +9,7 @@ jobs:
     steps:
       - uses: actions/checkout@v4
 
-      - name: Login to Docker Hub
-        uses: docker/login-action@v3
+      - uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
diff --git a/MAINTENANCE.md b/MAINTENANCE.md
index 341d090..64f8127 100644
--- a/MAINTENANCE.md
+++ b/MAINTENANCE.md
@@ -9,14 +9,10 @@
     1. Obtain the base version numbers from the vanilla SonarQube image directory `/opt/sonarqube/lib/extensions`, excluding build number
     1. Update the config rules version number `rules_version` if the rules have been changed
 1. Check for any runtime errors and warnings in the container logs
-1. Create new version tags on github
-    1. `MAJOR.MINOR.PATCH`
-    1. `MAJOR.MINOR.PATCH-developer`
-1. Build and push new images to docker hub with [CircleCI](https://app.circleci.com/pipelines/github/ICTU/sonar)
-1. Update helm `Chart.yaml` with the new chart versions, corresponding with the new `appVersion`
-1. Update the helm `values.yaml` with the new `ictu/sonar` image tag
-1. Push the new chart as OCI artifact to docker hub `ictu/ictu-sonarqube`, with the GitHub action
-
+1. Create new version tag on github, following semantic versioning as: `MAJOR.MINOR.PATCH`
+1. Build and push new container images to Docker Hub `ictu/sonar`, with the [docker release GitHub action](https://github.com/ICTU/sonar/actions/workflows/docker-release.yml)
+1. Push the updated helm chart as OCI artifact to Docker Hub `ictu/ictu-sonarqube`, with the [helm release GitHub action](https://github.com/ICTU/sonar/actions/workflows/helm-release.yml)
+1. Update the Docker Hub overview pages if README content has changed
 
 ## Adding plugins