Add release workflow (#23)

* Add release workflow

.github/scripts/release.sh

@@ -0,0 +1,124 @@
+#!/bin/bash
+
+# Copyright (c) 2025, WSO2 LLC. (https://www.wso2.com).
+#
+# This software is the property of WSO2 LLC. and its suppliers, if any.
+# Dissemination of any information or reproduction of any material contained
+# herein in any form is strictly forbidden, unless permitted by WSO2 expressly.
+# You may not alter or remove any copyright or other notice from copies of this content.
+#
+
+# Exit the script on any command with non-zero exit status.
+set -e
+set -o pipefail
+
+UPSTREAM_BRANCH="main"
+
+# Assign command line arguments to variables.
+GIT_TOKEN=$1
+WORK_DIR=$2
+VERSION_TYPE=$3 # possible values: major, minor, patch
+
+ Check if GIT_TOKEN is empty
+if [ -z "$GIT_TOKEN" ]; then
+  echo "❌ Error: GIT_TOKEN is not set."
+  exit 1
+fi
+
+# Check if WORK_DIR is empty
+if [ -z "$WORK_DIR" ]; then
+  echo "❌ Error: WORK_DIR is not set."
+  exit 1
+fi
+
+# Validate VERSION_TYPE
+if [[ "$VERSION_TYPE" != "major" && "$VERSION_TYPE" != "minor" && "$VERSION_TYPE" != "patch" ]]; then
+  echo "❌ Error: VERSION_TYPE must be one of: major, minor, or patch."
+  exit 1
+fi
+
+BUILD_DIRECTORY="$WORK_DIR/build"
+RELEASE_DIRECTORY="$BUILD_DIRECTORY/releases"
+
+# Navigate to the working directory.
+cd "${WORK_DIR}"
+
+# Create the release directory.
+if [ ! -d "$RELEASE_DIRECTORY" ]; then
+  mkdir -p "$RELEASE_DIRECTORY"
+else
+  rm -rf "$RELEASE_DIRECTORY"/*
+fi
+
+# Extract current version.
+CURRENT_VERSION=$(git describe --tags --abbrev=0 2>/dev/null || echo "0.0.0")
+IFS='.' read -r MAJOR MINOR PATCH <<< "${CURRENT_VERSION}"
+
+# Determine which part to increment
+case "$VERSION_TYPE" in
+  major)
+    MAJOR=$((MAJOR + 1))
+    MINOR=0
+    PATCH=0
+    ;;
+  minor)
+    MINOR=$((MINOR + 1))
+    PATCH=0
+    ;;
+  patch|*)
+    PATCH=$((PATCH + 1))
+    ;;
+esac
+
+NEW_VERSION="${MAJOR}.${MINOR}.${PATCH}"
+
+echo "Creating release packages for version $NEW_VERSION..."
+
+# List of supported OSes.
+oses=("linux" "linux-arm" "darwin")
+
+# Navigate to the release directory.
+cd "${RELEASE_DIRECTORY}"
+
+for os in "${oses[@]}"; do
+  os_dir="../$os"
+  
+  if [ -d "$os_dir" ]; then
+    release_artifact_folder="openmcpauthproxy_${os}-v${NEW_VERSION}"
+    mkdir -p "$release_artifact_folder"
+
+    cp -r $os_dir/* "$release_artifact_folder"
+
+    # Zip the release package.
+    zip_file="$release_artifact_folder.zip"
+    echo "Creating $zip_file..."
+    zip -r "$zip_file" "$release_artifact_folder"
+
+    # Delete the folder after zipping.
+    rm -rf "$release_artifact_folder"
+
+    # Generate checksum file.
+    sha256sum "$zip_file" | sed "s|target/releases/||" > "$zip_file.sha256"
+    echo "Checksum generated for the $os package."
+
+    echo "Release packages created successfully for $os."
+  else
+    echo "Skipping $os release package creation as the build artifacts are not available."
+  fi
+done
+
+echo "Release packages created successfully in $RELEASE_DIRECTORY."
+
+# Navigate back to the project root directory.
+cd "${WORK_DIR}"
+
+# Collect all ZIP and .sha256 files in the target/releases directory.
+FILES_TO_UPLOAD=$(find build/releases -type f \( -name "*.zip" -o -name "*.sha256" \))
+
+# Create a release with the current version.
+TAG_NAME="v${NEW_VERSION}"
+export GITHUB_TOKEN="${GIT_TOKEN}"
+gh release create "${TAG_NAME}" ${FILES_TO_UPLOAD} --title "${TAG_NAME}" --notes "OpenMCPAuthProxy - ${TAG_NAME}" --target "${UPSTREAM_BRANCH}" || { echo "Failed to create release"; exit 1; }
+
+
+echo "Release ${TAG_NAME} created successfully."

.github/workflows/release.yml

@@ -0,0 +1,64 @@
+#
+# Copyright (c) 2025, WSO2 LLC. (https://www.wso2.com).
+#
+# This software is the property of WSO2 LLC. and its suppliers, if any.
+# Dissemination of any information or reproduction of any material contained
+# herein in any form is strictly forbidden, unless permitted by WSO2 expressly.
+# You may not alter or remove any copyright or other notice from copies of this content.
+#
+
+name: Release
+
+on:
+  workflow_dispatch:
+    inputs:
+      version_type:
+        type: choice
+        description: Choose the type of version update
+        options:
+            - 'major'
+            - 'minor'
+            - 'patch'
+        required: true
+
+jobs:
+  update-and-release:
+    runs-on: ubuntu-latest
+    env:
+      GOPROXY: https://proxy.golang.org
+    if: github.event.pull_request.merged == true || github.event_name == 'workflow_dispatch'
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          ref: 'main'
+          fetch-depth: 0
+          token: ${{ secrets.GIT_BOT_PAT }}
+      - uses: actions/checkout@v2
+
+      - name: Set up Go 1.x
+        uses: actions/setup-go@v3
+        with:
+          go-version: "^1.x"
+
+      - name: Cache Go modules
+        id: cache-go-modules
+        uses: actions/cache@v3
+        with:
+          path: |
+            ~/.cache/go-build
+            ~/go/pkg/mod
+          key: ${{ runner.os }}-go-modules-${{ hashFiles('**/go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-go-modules-
+
+      - name: Install dependencies
+        run: go mod download
+
+      - name: Build and test
+        run: make build
+        working-directory: .
+
+      - name: Update artifact version, package, commit, and create release.
+        env:
+          GITHUB_TOKEN: ${{ secrets.GIT_BOT_PAT }}
+        run: bash ./.github/scripts/release.sh $GITHUB_TOKEN ${{ github.workspace }} ${{ github.event.inputs.version_type }}

.gitignore

@@ -24,14 +24,11 @@
 hs_err_pid*
 replay_pid*
 
-# Go module cache files
-go.sum
-
 # OS generated files
 .DS_Store
 
 # builds
-openmcpauthproxy
+build
 
 # test out files
 coverage.out

Makefile

@@ -1,6 +1,7 @@
 # Makefile for open-mcp-auth-proxy
 
 # Variables
+PROJECT_ROOT := $(realpath $(dir $(abspath $(lastword $(MAKEFILE_LIST)))))
 BINARY_NAME := openmcpauthproxy
 GO := go
 GOFMT := gofmt
@@ -20,16 +21,30 @@ BUILD_OPTS := -v
 # Set test options
 TEST_OPTS := -v -race
 
-.PHONY: all build clean test fmt lint vet coverage help
+.PHONY: all clean test fmt lint vet coverage help
 
 # Default target
-all: lint test build
+all: lint test build-linux build-linux-arm build-darwin
 
-# Build the application
+build: clean test build-linux build-linux-arm build-darwin
-build: 
+
-	@echo "Building $(BINARY_NAME)..."
+build-linux:
-	@mkdir -p $(BUILD_DIR)
+	mkdir -p $(BUILD_DIR)/linux
-	$(GO) build $(BUILD_OPTS) -o $(BUILD_DIR)/$(BINARY_NAME) ./cmd/proxy
+	GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -x -ldflags "-X main.version=$(BUILD_VERSION) \
+	-o $(BUILD_DIR)/linux/openmcpauthproxy $(PROJECT_ROOT)/cmd/proxy
+	cp config.yaml $(BUILD_DIR)/linux
+
+build-linux-arm:
+	mkdir -p $(BUILD_DIR)/linux-arm
+	GOOS=linux GOARCH=arm CGO_ENABLED=0 go build -x -ldflags "-X main.version=$(BUILD_VERSION) \
+	-o $(BUILD_DIR)/linux-arm/openmcpauthproxy $(PROJECT_ROOT)/cmd/proxy
+	cp config.yaml $(BUILD_DIR)/linux-arm
+
+build-darwin:
+	mkdir -p $(BUILD_DIR)/darwin
+	GOOS=darwin GOARCH=amd64 CGO_ENABLED=0 go build -x -ldflags "-X main.version=$(BUILD_VERSION) \
+	-o $(BUILD_DIR)/darwin/openmcpauthproxy $(PROJECT_ROOT)/cmd/proxy
+	cp config.yaml $(BUILD_DIR)/darwin
 
 # Clean build artifacts
 clean:

go.mod

@@ -1,6 +1,6 @@
 module github.com/wso2/open-mcp-auth-proxy
 
-go 1.22.3
+go 1.21
 
 require (
 	github.com/golang-jwt/jwt/v4 v4.5.2

go.sum

@@ -0,0 +1,6 @@
+github.com/golang-jwt/jwt/v4 v4.5.2 h1:YtQM7lnr8iZ+j5q71MGKkNw9Mn7AjHM68uc9g5fXeUI=
+github.com/golang-jwt/jwt/v4 v4.5.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
+gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=