Update release step to use GitHub Action

.github/workflows/ci.yml

@@ -6,7 +6,7 @@ on:
       - main
       - release-*
     tags:
-      - 'v[0-9]+.[0-9]+.[0-9]+*'
+      - "v[0-9]+.[0-9]+.[0-9]+*"
   pull_request:
     branches:
       - main
@@ -28,7 +28,6 @@ env:
   platforms: "linux/arm64, linux/amd64"
 
 jobs:
-
   vars:
     name: Checks and variables
     runs-on: ubuntu-20.04
@@ -45,12 +44,10 @@ jobs:
 
       - name: Output Variables
         id: vars
-        run: |
-          echo "go_path=$(go env GOPATH)" >> $GITHUB_OUTPUT
+        run: echo "go_path=$(go env GOPATH)" >> $GITHUB_OUTPUT
 
       - name: Check if go.mod and go.sum are up to date
-        run: |
-          go mod tidy && git diff --exit-code -- go.mod go.sum
+        run: go mod tidy && git diff --exit-code -- go.mod go.sum
 
   unit-tests:
     name: Unit Tests
@@ -88,6 +85,26 @@ jobs:
           node-version: 18
       - run: npm --prefix ${{ github.workspace }}/internal/nginx/modules install-ci-test
 
+  release:
+    name: Release
+    runs-on: ubuntu-20.04
+    needs: [unit-tests, njs-unit-tests]
+    if: ${{ github.event_name == 'push' && github.ref != 'refs/heads/main' }}
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
+
+      - name: Create/Update Draft
+        uses: lucacome/draft-release@b79be3ff634f771230b2b6ee9f47308c5793671a # v0.2.0
+        with:
+          minor-label: "enhancement"
+          major-label: "change"
+          publish: ${{ startsWith(github.ref, 'refs/tags/') }}
+          collapse-after: 20
+          notes-header: |
+            *Below is the auto-generated changelog, which includes all PRs that went into the release.
+            For a shorter version that highlights only important changes, see [CHANGELOG.md](https://github.com/nginxinc/nginx-kubernetes-gateway/blob/{{version}}/CHANGELOG.md).*
+
   binary:
     name: Build Binary
     runs-on: ubuntu-20.04
@@ -103,32 +120,6 @@ jobs:
         with:
           go-version-file: go.mod
 
-      - name: Publish release on tag
-        uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6.4.1
-        continue-on-error: true
-        with:
-          github-token: ${{secrets.GITHUB_TOKEN}}
-          script: |
-              const ref = context.ref.split("/")[2]
-
-              const releases = (await github.rest.repos.listReleases({
-                owner: context.payload.repository.owner.login,
-                repo: context.payload.repository.name,
-                per_page: 100,
-              })).data
-
-              const draft_release = releases.find(release => release.draft && release.tag_name === ref)
-
-              const update = await github.rest.repos.updateRelease({
-                owner: context.payload.repository.owner.login,
-                repo: context.payload.repository.name,
-                release_id: draft_release.id,
-                draft: false
-              });
-              console.log(`Release published: ${update.data.html_url}`)
-              console.log(`Release notes: ${update.data.body}`)
-        if: startsWith(github.ref, 'refs/tags/')
-
       - name: Download Syft
         uses: anchore/sbom-action/download-syft@4d571ad1038a9cc29d676154ef265ab8f9027042 # v0.14.2
         if: startsWith(github.ref, 'refs/tags/')
@@ -158,24 +149,29 @@ jobs:
     steps:
       - name: Checkout Repository
         uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
+
       - name: Fetch Cached Artifacts
         uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
         with:
           path: ${{ github.workspace }}/dist
           key: nginx-kubernetes-gateway-${{ github.run_id }}-${{ github.run_number }}
+
       - name: Docker Buildx
         uses: docker/setup-buildx-action@4b4e9c3e2d4531116a6f8ba8e71fc6e2cb6e6c8c # v2.5.0
+
       - name: Setup QEMU
         uses: docker/setup-qemu-action@e81a89b1732b9c48d79cd809d8d81d79c4647a18 # v2.1.0
         with:
           platforms: arm64
+
       - name: Login to GitHub Container Registry
         uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0
         if: ${{ github.event_name != 'pull_request' }}
         with:
           registry: ghcr.io
           username: ${{ github.repository_owner }}
           password: ${{ secrets.GITHUB_TOKEN }}
+
       - name: Docker meta
         id: meta
         uses: docker/metadata-action@c4ee3adeed93b1fa6a762f209fb01608c1a22f1e # v4.4.0
@@ -192,7 +188,7 @@ jobs:
         uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671 # v4.0.0
         with:
           file: build/Dockerfile
-          context: '.'
+          context: "."
           target: goreleaser
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
@@ -209,18 +205,20 @@ jobs:
         continue-on-error: true
         with:
           image-ref: ghcr.io/nginxinc/nginx-kubernetes-gateway:${{ steps.meta.outputs.version }}
-          format: 'sarif'
-          output: 'trivy-results-nginx-kubernetes-gateway.sarif'
-          ignore-unfixed: 'true'
+          format: "sarif"
+          output: "trivy-results-nginx-kubernetes-gateway.sarif"
+          ignore-unfixed: "true"
+
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@0225834cc549ee0ca93cb085b92954821a145866 # v2.3.5
         continue-on-error: true
         with:
-          sarif_file: 'trivy-results-nginx-kubernetes-gateway.sarif'
+          sarif_file: "trivy-results-nginx-kubernetes-gateway.sarif"
+
       - name: Upload Scan Results
         uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
         continue-on-error: true
         with:
-          name: 'trivy-results-nginx-kubernetes-gateway.sarif'
-          path: 'trivy-results-nginx-kubernetes-gateway.sarif'
+          name: "trivy-results-nginx-kubernetes-gateway.sarif"
+          path: "trivy-results-nginx-kubernetes-gateway.sarif"
         if: always()