From aa9443bc2b93db3d67d856376d1c0dc45b86c300 Mon Sep 17 00:00:00 2001
From: Evelyn Gurschler <evelyn.gurschler@bmw.de>
Date: Mon, 14 Oct 2024 16:30:30 +0200
Subject: [PATCH] chore: add release please workflow and docs (#204)

add release please action, prepare changelog for 4.0.0-alpha.1 and docs for dev and release process
---
 .github/workflows/release-please.yml          | 41 ++++++++
 CHANGELOG.md                                  | 31 ++++--
 .../14. How to contribute.md                  |  4 +
 docs/technical documentation/17. Dev Flow.md  | 69 +++++++++++++
 .../18. Release Process.md                    | 99 +++++++++++++++++++
 5 files changed, 237 insertions(+), 7 deletions(-)
 create mode 100644 .github/workflows/release-please.yml
 create mode 100644 docs/technical documentation/17. Dev Flow.md
 create mode 100644 docs/technical documentation/18. Release Process.md

diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml
new file mode 100644
index 00000000..de78ff57
--- /dev/null
+++ b/.github/workflows/release-please.yml
@@ -0,0 +1,41 @@
+###############################################################
+# Copyright (c) 2024 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License, Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+###############################################################
+
+name: Release Please
+
+on:
+  push:
+    branches:
+      - 'changelog/v*.*.*'
+  workflow_dispatch:
+
+permissions:
+    contents: write
+    pull-requests: write
+
+jobs:
+    prepare-release:
+        runs-on: ubuntu-latest
+        steps:
+        - uses: google-github-actions/release-please-action@v4
+          name: Prepare release
+          with:
+            target-branch: ${{ github.ref_name }}
+            release-type: simple
+            skip-github-release: true
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4697ff84..1dc6bfe5 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,15 +2,32 @@
 
 New features, fixed bugs, known defects and other noteworthy changes to each release of the Catena-X IAM * Keycloak instances.
 
-## Unreleased
+## [4.0.0-alpha.1](https://github.com/eclipse-tractusx/portal-iam/compare/v3.0.1...v4.0.0-alpha.1) (2024-10-11)
 
-### Change
 
-* created the following composite roles inside the `technical_roles_management` client:
-  * `Registration Internal` [#189](https://github.com/eclipse-tractusx/portal-iam/pull/189)
-     * With `Cl2-CX-Portal` roles:
-       * invite_new_partner
-       * view_submitted_applications 
+### ⚠ BREAKING CHANGES
+
+* **seeding-job:** enable realm import with dynamic config ([#141](https://github.com/eclipse-tractusx/portal-iam/issues/141))
+
+### Features
+
+* add BPDM authentication configuration for 24.08. release ([#155](https://github.com/eclipse-tractusx/portal-iam/issues/155)) ([5a73f46](https://github.com/eclipse-tractusx/portal-iam/commit/5a73f46868067d2518bc70e4086b6e40fd6db514))
+* improve realm seeding ([#198](https://github.com/eclipse-tractusx/portal-iam/issues/198)) ([c96973e](https://github.com/eclipse-tractusx/portal-iam/commit/c96973e2d32149ee1c9653f7fa04c27a2b97eed3))
+* **notification:** adjust create notification role ([#169](https://github.com/eclipse-tractusx/portal-iam/issues/169)) ([63dad28](https://github.com/eclipse-tractusx/portal-iam/commit/63dad288bbdb554ae6d5f35c93e37810da1bbba4)), closes [#812](https://github.com/eclipse-tractusx/portal-iam/issues/812)
+* **osp:** remove create role and assign configure role to cx admin ([#199](https://github.com/eclipse-tractusx/portal-iam/issues/199)) ([19eca8e](https://github.com/eclipse-tractusx/portal-iam/commit/19eca8e6adaf24b2ab93c9b0c0fc268e8bfefad7))
+* **roles:** add subscribe_service permission to Business Admin ([#173](https://github.com/eclipse-tractusx/portal-iam/issues/173)) ([417cd94](https://github.com/eclipse-tractusx/portal-iam/commit/417cd946539b215a8c571d7de62825472ef9a501)), closes [#172](https://github.com/eclipse-tractusx/portal-iam/issues/172)
+* **seeding-job:** enable realm import with dynamic config ([#141](https://github.com/eclipse-tractusx/portal-iam/issues/141)) ([5ed14ce](https://github.com/eclipse-tractusx/portal-iam/commit/5ed14ce23fc2c7d19e97f301cb5bb4d5fcb7361d))
+* **tech user:** add new operator invite tech user ([#189](https://github.com/eclipse-tractusx/portal-iam/issues/189)) ([3018805](https://github.com/eclipse-tractusx/portal-iam/commit/3018805f77913926061af13bb5b35cbb98835c6e))
+
+### Bug Fixes
+
+* **App Manager:** add tech_user_management roles ([#192](https://github.com/eclipse-tractusx/portal-iam/issues/192)) ([402ddb9](https://github.com/eclipse-tractusx/portal-iam/commit/402ddb9780cb534c495b191d84ff548c2bd6b93b))
+* **login:** escape quotes in names ([#171](https://github.com/eclipse-tractusx/portal-iam/issues/171)) ([4952f97](https://github.com/eclipse-tractusx/portal-iam/commit/4952f972b40d09c65f7f51b4e9c6c9b9837b7298))
+* update regex to allow special and umlaut characters ([#167](https://github.com/eclipse-tractusx/portal-iam/issues/167)) ([bf706f3](https://github.com/eclipse-tractusx/portal-iam/commit/bf706f3a35d7647e7cbe0b0778ffcce1856d4fa8))
+
+### Miscellaneous Chores
+
+* release 4.0.0-alpha.1 ([685d8a6](https://github.com/eclipse-tractusx/portal-iam/commit/685d8a65a495fe3fb565ad0903dbf3ec14077230))
 
 ## 3.0.1
 
diff --git a/docs/technical documentation/14. How to contribute.md b/docs/technical documentation/14. How to contribute.md
index 13acedae..3fa8f39e 100644
--- a/docs/technical documentation/14. How to contribute.md	
+++ b/docs/technical documentation/14. How to contribute.md	
@@ -96,6 +96,10 @@ The suggested naming convention is '{type}{(function)}: {short summary}'
 Add details to the change, fix or feature in the PR description.
 What was changed, why was it changed (e.g. which issue was fixed or which requirement was implemented), and how was it changed.
 
+### Additional information
+
+Please refer to the [Development Flow](./17.%20Dev%20Flow.md).
+
 ## NOTICE
 
 This work is licensed under the [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0).
diff --git a/docs/technical documentation/17. Dev Flow.md b/docs/technical documentation/17. Dev Flow.md
new file mode 100644
index 00000000..47f05895
--- /dev/null
+++ b/docs/technical documentation/17. Dev Flow.md	
@@ -0,0 +1,69 @@
+# Dev flow (git diagram)
+
+```mermaid
+%%{init: { 'logLevel': 'debug', 'theme': 'base' } }%%
+gitGraph
+    commit id: "chore: initial commit"
+    branch feature/feature1 order: 1
+    checkout feature/feature1
+    commit id:"feat(function): add feature1"
+    checkout main
+    merge feature/feature1
+    branch feature/feature2 order: 3
+    checkout feature/feature2
+    commit id:"feat(function)!: WIP enable feature2"
+    checkout main
+    branch bug/bug1 order: 2
+    commit id: "fix(function): change bug1"
+    checkout main
+    merge bug/bug1
+    checkout feature/feature2
+    commit id:"feat(function)!: finalize feature2"
+    checkout main
+    merge feature/feature2
+    branch feature/feature3 order: 4
+    commit id:"feat(function)!: WIP enable feature3"
+    checkout main
+    branch release/v1.0.0-rc.1 order: 5
+    commit id: "build(v1.0.0-rc.1): bump version" tag: "v1.0.0-rc.1"
+    checkout main
+    merge release/v1.0.0-rc.1
+    checkout release/v1.0.0-rc.1
+    branch bug/bug2 order: 7
+    checkout bug/bug2
+    commit id: "fix(function): change bug2"
+    checkout release/v1.0.0-rc.1
+    branch release/v1.0.0-rc.2 order: 8
+    checkout release/v1.0.0-rc.2
+    merge bug/bug2
+    commit id: "build(v1.0.0-rc.2): bump version" tag: "v1.0.0-rc.2"
+    checkout main
+    merge release/v1.0.0-rc.2
+    checkout feature/feature3
+    commit id:"feat(function)!: finalize feature3"
+    checkout main
+    merge feature/feature3
+    checkout release/v1.0.0-rc.2
+    branch release/v1.0.0 order: 8
+    checkout release/v1.0.0
+    commit id: "build(v1.0.0): bump version" tag: "v1.0.0"
+    checkout main
+    merge release/v1.0.0
+    checkout release/v1.0.0
+    branch hotfix/v1.0.1 order: 9
+    checkout hotfix/v1.0.1
+    branch bug/bug3 order: 10
+    checkout bug/bug3
+    commit id: "fix(function): change bug3"
+    checkout hotfix/v1.0.1
+    merge bug/bug3
+    commit id: "build(v1.0.1): bump version" tag: "v1.0.1"
+```
+
+## NOTICE
+
+This work is licensed under the [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0).
+
+- SPDX-License-Identifier: Apache-2.0
+- SPDX-FileCopyrightText: 2024 Contributors to the Eclipse Foundation
+- Source URL: https://github.com/eclipse-tractusx/portal-iam
diff --git a/docs/technical documentation/18. Release Process.md b/docs/technical documentation/18. Release Process.md
new file mode 100644
index 00000000..d9764a90
--- /dev/null
+++ b/docs/technical documentation/18. Release Process.md	
@@ -0,0 +1,99 @@
+# Release Process
+
+The release process for a new version can roughly be divided into the following steps:
+
+- [Release Process](#release-process)
+  - [Preparations on the release branch](#preparations-on-the-release-branch)
+    - [1. Version bump](#1-version-bump)
+    - [2. Update README (on chart level)](#2-update-readme-on-chart-level)
+  - [Update CHANGELOG.md](#update-changelogmd)
+  - [Merge release branch](#merge-release-branch)
+  - [RC: provide successive rc branch and change base of open PRs](#rc-provide-successive-rc-branch-and-change-base-of-open-prs)
+  - [NOTICE](#notice)
+
+The process builds on the [Development Flow](./17.%20Dev%20Flow.md) which, usually, takes place within forks and leads to merged pull requests in the repositories of the eclipse-tractusx organization.
+
+For assigning and incrementing **version** numbers [Semantic Versioning](https://semver.org) is followed.
+
+## Preparations on the release branch
+
+Checking out from the main branch a release branch (release/{to be released version} e.g. release/v1.2.0, or respectively release/v1.2.0-rc.1 for a release candidate).
+On the release branch the following steps are executed:
+
+### 1. Version bump
+
+Bump the chart and app version in the `Chart.yaml` files.
+
+- [centralidp/Chart.yaml](../../charts/centralidp/Chart.yaml)
+- [sharedidp/Chart.yaml](../../charts/sharedidp/Chart.yaml)
+
+And bump the version of the images for the init container and realm seeding job in the `values.yaml` files:
+
+- [centralidp/values.yaml](../../charts/centralidp/values.yaml)
+- [sharedidp/values.yaml](../../charts/sharedidp/values.yaml)
+
+_environment relevant: Update the version of the targetRevision tag in the [argocd-app-templates](../../environments/argocd-app-templates/), used for hosted environments._
+
+Example for commit message:
+
+_build: bump version for vx.x.x_
+
+### 2. Update README (on chart level)
+
+Use [helm-docs](https://github.com/norwoodj/helm-docs) (gotemplate driven) for updating the README file.
+
+```bash
+helm-docs --chart-search-root [charts-dir] --sort-values-order file
+```
+
+Example for commit message:
+
+_build: update readme for vx.x.x_
+
+## Update CHANGELOG.md
+
+The changelog file tracks all notable changes since the last released version.
+Once a new version is ready to be released, the changelog can get updated via an automatically created pull request using the [release-please workflow](../../../.github/workflows/release-please.yml) which can be triggered manually or by pushing a _changelog/v*.*.*_ branch.
+
+Please see:
+
+- [How release please works](https://github.com/google-github-actions/release-please-action/tree/v4.0.2?tab=readme-ov-file#how-release-please-works)
+- [How do I change the version number?](https://github.com/googleapis/release-please/tree/v16.7.0?tab=readme-ov-file#how-do-i-change-the-version-number)
+- [How can I fix release notes?](https://github.com/googleapis/release-please/tree/v16.7.0?tab=readme-ov-file#how-can-i-fix-release-notes)
+
+## Merge release branch
+
+The release branch must be merged into main.
+Those merges need to happen via PRs.
+
+Example for PR titles:
+
+_build(1.2.0): merge release into main_
+
+> Be aware that the merge into main triggers the workflow with the [helm chart releaser action](../../.github/workflows/release.yaml).
+>
+> The workflow creates a 'centralidp-x.x.x' and 'sharedidp-x.x.x' tags and according releases. The release contains the new chart.
+>
+> This workflow also pushes the version tag that triggers the [release workflow](../../.github/workflows/release.yaml) which creates the versioned docker image/s.
+
+_environment relevant: The 'vx.x.x' tag is used to install (with the convenience of the argocd-app-templates) or upgrade the version via AgroCD on the hosted K8s clusters._
+
+## RC: provide successive rc branch and change base of open PRs
+
+During a release candidate phase, checkout the successive 'rc' branch and push it to the server, so that it can be used for further bugfixes.
+
+Example:
+
+```bash
+git checkout tags/v0.1.0-rc.2 -b release/v0.1.0-rc.3
+```
+
+Also make sure to change the base of all open pull requests still pointing to the previous 'rc' branch to the newly pushed 'rc' branch.
+
+## NOTICE
+
+This work is licensed under the [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0).
+
+- SPDX-License-Identifier: Apache-2.0
+- SPDX-FileCopyrightText: 2024 Contributors to the Eclipse Foundation
+- Source URL: https://github.com/eclipse-tractusx/portal-iam