ZupIT · nathanmartinszup · Mar 8, 2022 · Feb 18, 2022
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
@@ -1,4 +1,3 @@
 # GitHub code owners
 # See https://github.com/blog/2392-introducing-code-owners
-* @wiliansilvazup @matheusalcantarazup @lucasbrunozup @nathanmartinszup @iancardosozup
-
+* @wiliansilvazup @matheusalcantarazup @lucasbrunozup @nathanmartinszup @iancardosozup @oliveirafelipezup
diff --git a/.github/workflows/alpha.yml → .github/workflows/release-alpha.yml b/.github/workflows/alpha.yml → .github/workflows/release-alpha.yml
@@ -11,22 +11,22 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-name: alpha
+name: release-alpha
 on:
   push:
     branches:
       - main
 permissions: read-all
 jobs:
-  Alpha:
+  ReleaseAlpha:
     permissions:
       contents: write
       packages: write
+      issues:   write
     runs-on: ubuntu-latest
     env:
       COSIGN_KEY_LOCATION: /tmp/cosign.key
       COSIGN_PWD: ${{ secrets.COSIGN_PWD }}
-
     steps:
       - name: Checkout
         uses: actions/checkout@v3
@@ -154,7 +154,6 @@ jobs:
             ./dist/horusec_windows_arm64/horusec_win_arm64.exe.sig
             ./dist/horusec_darwin_arm64/horusec_mac_arm64
             ./dist/horusec_darwin_arm64/horusec_mac_arm64.sig
-
             ./dist/horusec-standalone_linux_amd64/horusec_linux_amd64_stand_alone
             ./dist/horusec-standalone_linux_amd64/horusec_linux_amd64_stand_alone.sig
             ./dist/horusec-standalone_linux_386/horusec_linux_x86_stand_alone

diff --git a/.github/workflows/release-beta.yml b/.github/workflows/release-beta.yml
@@ -20,15 +20,17 @@ on:
         required: true
 permissions: read-all
 jobs:
-  Beta:
+  ReleaseBeta:
     permissions:
       contents: write
       packages: write
+      issues:   write
     runs-on: ubuntu-latest
     env:
       COSIGN_KEY_LOCATION: /tmp/cosign.key
       COSIGN_PWD: ${{ secrets.COSIGN_PWD }}
 
+    if: contains('["wiliansilvazup","matheusalcantarazup","lucasbrunozup","nathanmartinszup","iancardosozup","oliveirafelipezup"]', github.actor)
     steps:
       - name: Checkout
         uses: actions/checkout@v3
@@ -82,8 +84,8 @@ jobs:
       - name: Checkout release branch
         run: mage -v checkoutReleaseBranch ${{ steps.updated-version.outputs.nextReleaseBranchName }}
 
-      - name: Create local tag
-        run: mage -v createLocalTag ${{ steps.updated-version.outputs.nextBetaVersion }}
+      - name: Create and push tag
+        run: mage -v createAndPushTag ${{ steps.updated-version.outputs.nextBetaVersion }}
 
       - name: Run GoReleaser
         uses: goreleaser/goreleaser-action@v2
@@ -95,8 +97,14 @@ jobs:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           COSIGN_PWD: ${{ secrets.COSIGN_PWD }}
           GORELEASER_CURRENT_TAG: ${{ steps.updated-version.outputs.nextBetaVersion }}
+          GORELEASER_PREVIOUS_TAG: ${{ steps.updated-version.outputs.actualBetaVersion }}
           CURRENT_DATE: ${{ steps.date.outputs.date }}
           CLI_VERSION: ${{ steps.updated-version.outputs.nextBetaVersion }}
 
       - name: Push updates
-        run: mage -v gitPushAll
+        if: ${{ success() }}
+        run: mage -v gitPushAll
+
+      - name: Remove updates
+        if: ${{ !success() }}
+        run: mage -v removeTag ${{ steps.updated-version.outputs.nextBetaVersion }}
diff --git a/.github/workflows/release-new.yml → .github/workflows/release-final.yml b/.github/workflows/release-new.yml → .github/workflows/release-final.yml
@@ -11,7 +11,7 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-name: release-new
+name: release-final
 on:
   workflow_dispatch:
     inputs:
@@ -20,16 +20,16 @@ on:
         required: true
 permissions: read-all
 jobs:
-  NewRelease:
+  ReleaseFinal:
     permissions:
       contents: write
       packages: write
+      issues:   write
     runs-on: ubuntu-latest
     env:
       COSIGN_KEY_LOCATION: /tmp/cosign.key
       COSIGN_PWD: ${{ secrets.COSIGN_PWD }}
-
-
+    if: contains('["wiliansilvazup","matheusalcantarazup","lucasbrunozup","nathanmartinszup","iancardosozup","oliveirafelipezup"]', github.actor)
     steps:
       - name: Checkout
         uses: actions/checkout@v3
@@ -84,8 +84,8 @@ jobs:
       - name: Checkout release candidate branch
         run: mage -v checkoutReleaseBranch ${{ steps.updated-version.outputs.nextReleaseBranchName }}
 
-      - name: Create local tag
-        run: mage -v createLocalTag ${{ steps.updated-version.outputs.nextReleaseVersion }}
+      - name: Create and push tag
+        run: mage -v createAndPushTag ${{ steps.updated-version.outputs.nextReleaseVersion }}
 
       - name: Run GoReleaser
         uses: goreleaser/goreleaser-action@v2
@@ -97,8 +97,14 @@ jobs:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           COSIGN_PWD: ${{ secrets.COSIGN_PWD }}
           GORELEASER_CURRENT_TAG: ${{ steps.updated-version.outputs.nextReleaseVersion }}
+          GORELEASER_PREVIOUS_TAG: ${{ steps.updated-version.outputs.actualReleaseVersion }}
           CURRENT_DATE: ${{ steps.date.outputs.date }}
           CLI_VERSION: ${{ steps.updated-version.outputs.nextReleaseVersion }}
 
       - name: Push updates
-        run: mage -v gitPushAll
+        if: ${{ success() }}
+        run: mage -v gitPushAll
+
+      - name: Remove updates
+        if: ${{ !success() }}
+        run: mage -v removeTag ${{ steps.updated-version.outputs.nextReleaseVersion }}
diff --git a/.github/workflows/release-rc.yml b/.github/workflows/release-rc.yml
@@ -20,16 +20,16 @@ on:
         required: true
 permissions: read-all
 jobs:
-  Rc:
+  ReleaseRc:
     permissions:
       contents: write
       packages: write
+      issues:   write
     runs-on: ubuntu-latest
     env:
       COSIGN_KEY_LOCATION: /tmp/cosign.key
       COSIGN_PWD: ${{ secrets.COSIGN_PWD }}
-
-
+    if: contains('["wiliansilvazup","matheusalcantarazup","lucasbrunozup","nathanmartinszup","iancardosozup","oliveirafelipezup"]', github.actor)
     steps:
       - name: Checkout
         uses: actions/checkout@v3
@@ -82,9 +82,9 @@ jobs:
           HORUSEC_REPOSITORY_NAME: ${{ github.event.repository.name }}
       - name: Checkout release branch
         run: mage -v checkoutReleaseBranch ${{ steps.updated-version.outputs.nextReleaseBranchName }}
-        
-      - name: Create local tag
-        run: mage -v createLocalTag ${{ steps.updated-version.outputs.nextRCVersion }}
+
+      - name: Create and push tag
+        run: mage -v createAndPushTag ${{ steps.updated-version.outputs.nextRCVersion }}
 
       - name: Run GoReleaser
         uses: goreleaser/goreleaser-action@v2
@@ -96,8 +96,14 @@ jobs:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           COSIGN_PWD: ${{ secrets.COSIGN_PWD }}
           GORELEASER_CURRENT_TAG: ${{ steps.updated-version.outputs.nextRCVersion }}
+          GORELEASER_PREVIOUS_TAG: ${{ steps.updated-version.outputs.actualRCVersion }}
           CURRENT_DATE: ${{ steps.date.outputs.date }}
           CLI_VERSION: ${{ steps.updated-version.outputs.nextRCVersion }}
 
       - name: Push updates
-        run: mage -v gitPushAll
+        if: ${{ success() }}
+        run: mage -v gitPushAll
+
+      - name: Remove updates
+        if: ${{ !success() }}
+        run: mage -v removeTag ${{ steps.updated-version.outputs.nextRCVersion }}
diff --git a/goreleaser.yml b/goreleaser.yml
@@ -30,7 +30,7 @@ builds:
     goarch:
       - amd64
       - arm64
-      - 386
+      - "386"
     binary: horusec_{{ replace (replace .Os "windows" "win") "darwin" "mac" }}_{{ replace .Arch "386" "x86" }}
   - id: horusec-standalone
     env: [ CGO_ENABLED=0 ]
@@ -48,10 +48,30 @@ builds:
     goarch:
       - amd64
       - arm64
-      - 386
+      - "386"
     binary: horusec_{{ replace (replace .Os "windows" "win") "darwin" "mac" }}_{{ replace .Arch "386" "x86" }}_stand_alone
 changelog:
-  skip: true
+  skip: false
+  use: github
+  groups:
+  - title: 'Features'
+    regexp: "^.*:(feature|feat)\\s-.*$"
+    order: 0
+  - title: 'Bug fixes'
+    regexp: "^.*:(bugfix|fix)\\s-.*$"
+    order: 1
+  - title: 'Hotfixes'
+    regexp: "^.*:hotfix\\s-.*$"
+    order: 2
+  - title: 'Chores'
+    regexp: "^.*:chore\\s-.*$"
+    order: 3
+  - title: Others
+    order: 999
+  filters:
+    exclude:
+      - '^deps:chore.*$'
+      - '^build(deps):.*$'
 snapshot:
   name_template: '{{ incpatch .Tag }}'
 archives:
@@ -80,7 +100,13 @@ archives:
 checksum:
   name_template: 'checksums.txt'
 release:
-  draft: true
+  draft: false
+  mode: append
+  footer: |
+    ## Docker images
+    - `docker pull horuszup/horusec-cli:{{ .Tag }}`
+
+    **Full Changelog**: https://github.com/ZupIT/horusec/compare/{{ .PreviousTag }}...{{ .Tag }}
   extra_files:
     - glob: deployments/cosign.pub
 nfpms:
@@ -120,7 +146,7 @@ docker_signs:
 dockers:
   - image_templates:
       - 'horuszup/horusec-cli:{{ .Tag }}-amd64'
-    skip_push: false
+    skip_push: "false"
     goos: linux
     goarch: amd64
     dockerfile: ./deployments/Dockerfile-gorelease-amd64
@@ -136,7 +162,7 @@ dockers:
       - --tls-verify=false
   - image_templates:
       - 'horuszup/horusec-cli:{{ .Tag }}-arm64'
-    skip_push: false
+    skip_push: "false"
     goos: linux
     goarch: arm64
     dockerfile: ./deployments/Dockerfile-gorelease-arm64