Revert "temporarily remove other workflow for fast running"

This reverts commit 68200dcbe9.

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,41 @@
+name: "Code scanning - action"
+
+on:
+  push:
+    branches: 
+    -  'main'
+    paths-ignore:
+    - 'docs/**'
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: 
+    -  'main'
+    paths-ignore:
+    - 'docs/**'
+
+jobs:
+  CodeQL-Build:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v2
+      # Override language selection by uncommenting this and choosing your languages
+      with:
+        languages: go, javascript
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v2
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 https://git.io/JvXDl
+    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+    #    and modify them (or add more) to build your code if your project
+    #    uses a compiled language
+    #- run: |
+    #   make bootstrap
+    #   make release
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v2

.github/workflows/e2e.yml

@@ -0,0 +1,66 @@
+name: "ZITADEL e2e Tests"
+
+on:
+  workflow_run:
+    workflows: [ZITADEL Release]
+    types:
+      - completed
+  workflow_dispatch:
+    inputs:
+      releaseversion:
+        description: 'Release version to test'
+        required: true
+        default: 'latest'
+
+jobs:
+  test:
+    strategy:
+      matrix:
+        browser: [firefox, chrome]
+    runs-on: ubuntu-20.04
+    env:
+      ZITADEL_IMAGE_REGISTRY: 'ghcr.io/zitadel/zitadel'
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v3
+      - name: Set TAG env manual trigger
+        if: github.event_name == 'workflow_dispatch'
+        run: echo "ZITADEL_IMAGE=${ZITADEL_IMAGE_REGISTRY}:${{ github.event.inputs.releaseversion }}" >> $GITHUB_ENV
+      - name: get latest tag
+        uses: actions-ecosystem/action-get-latest-tag@v1
+        id: get-latest-tag
+        with: 
+           semver_only: true  
+      - name: Set TAG env on ZITADEL release
+        if: github.event_name == 'workflow_run'
+        run: echo "ZITADEL_IMAGE=${ZITADEL_IMAGE_REGISTRY}:${{ steps.get-latest-tag.outputs.tag }}" >> $GITHUB_ENV
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+        with:
+          driver: docker
+          install: true
+      - name: Test ${{ matrix.browser }}
+        run: docker compose run --service-ports e2e --browser ${{ matrix.browser }}
+        working-directory: e2e/config/host.docker.internal
+      - name: Ensure Artifacts Directory Exists
+        run: mkdir -p ./.artifacts
+      - name: Save ZITADEL Logs
+        if: always()
+        run: docker compose logs zitadel > ../../../.artifacts/e2e-compose-zitadel.log
+        working-directory: e2e/config/host.docker.internal
+      - name: Save Prepare Logs
+        if: always()
+        run: docker compose logs prepare > ../../../.artifacts/e2e-compose-prepare.log
+        working-directory: e2e/config/host.docker.internal
+      - name: Archive production tests ${{ matrix.browser }}
+        if: always()
+        uses: actions/upload-artifact@v3
+        with:
+          name: production-tests-${{ matrix.browser }}
+          path: |
+            e2e/cypress/results
+            e2e/cypress/videos
+            e2e/cypress/screenshots
+            .artifacts/e2e-compose-zitadel.log
+            .artifacts/e2e-compose-prepare.log
+          retention-days: 30

.github/workflows/issues.yml

@@ -0,0 +1,20 @@
+name: Add new issues to product management project
+
+on:
+  issues:
+    types:
+      - opened
+
+jobs:
+  add-to-project:
+    name: Add issue to project
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/add-to-project@v0.3.0
+        with:
+          # You can target a repository in a different organization
+          # to the issue
+          project-url: https://github.com/orgs/zitadel/projects/2
+          github-token: ${{ secrets.ADD_TO_PROJECT_PAT }}
+          labeled: OKR
+          label-operator: NOT

.github/workflows/release-channels.yml

@@ -0,0 +1,52 @@
+name: ZITADEL Release tags
+
+on:
+  push:
+    branches:
+      - "main"
+    paths:
+      - 'release-channels.yaml'
+  workflow_dispatch:
+
+permissions:
+  contents: write
+  packages: write
+
+jobs:
+  Build:
+    runs-on: ubuntu-20.04
+    env:
+      DOCKER_BUILDKIT: 1
+    steps:
+      - name: Source checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - name: get stable tag
+        run: echo STABLE_RELEASE=$(yq eval '.stable' release-channels.yaml) >> $GITHUB_ENV
+      - name: checkout stable tag
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+          ref: ${{ env.STABLE_RELEASE }}
+      - name: GitHub Container Registry Login
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - uses: tibdex/github-app-token@v1
+        id: generate-token
+        with:
+          app_id: ${{ secrets.APP_ID }}
+          private_key: ${{ secrets.APP_PRIVATE_KEY }}
+      - name: Google Artifact Registry Login
+        uses: docker/login-action@v2
+        with:
+          registry: europe-docker.pkg.dev
+          username: _json_key_base64
+          password: ${{ secrets.GCR_JSON_KEY_BASE64 }}
+      - name: copy release to stable
+        run: |    
+          skopeo --version
+          skopeo copy --all  docker://ghcr.io/zitadel/zitadel:$STABLE_RELEASE docker://ghcr.io/zitadel/zitadel:stable

.github/workflows/test-code.yml

@@ -0,0 +1,75 @@
+name: ZITADEL PR
+
+on:
+  pull_request:
+    paths-ignore:
+      - 'docs/**'
+      - 'guides/**'
+      - '**.md'
+      - 'release-channels.yaml'
+
+jobs:
+  Build-ZITADEL:
+    runs-on: ubuntu-20.04
+    env:
+      DOCKER_BUILDKIT: 1
+    steps:
+      - name: Set up Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: 1.19
+      - name: Source checkout
+        uses: actions/checkout@v3
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+        with:
+          driver: docker
+          install: true
+      - name: Install GoReleaser
+        uses: goreleaser/goreleaser-action@v3
+        with:
+          install-only: true
+          version: v1.10.3
+      - name: Build and Unit Test
+        run: GOOS="linux" GOARCH="amd64" goreleaser build --id prod --snapshot --single-target --rm-dist --output .artifacts/zitadel/zitadel
+      - name: linting
+        uses: golangci/golangci-lint-action@v3
+        with:
+          version: v1.52
+          only-new-issues: true
+          skip-pkg-cache: true
+      - name: Publish go coverage
+        uses: codecov/codecov-action@v3.1.0
+        with:
+          file: .artifacts/codecov/profile.cov
+          name: go-codecov
+      # As goreleaser doesn't build a dockerfile in snapshot mode, we have to build it here
+      - name: Build Docker Image
+        run: docker build -t zitadel:pr --file build/Dockerfile .artifacts/zitadel
+      - name: Run E2E Tests
+        run: docker compose run --service-ports e2e --browser chrome
+        working-directory: e2e/config/host.docker.internal
+        env:
+          ZITADEL_IMAGE: zitadel:pr
+      - name: Save ZITADEL Logs
+        if: always()
+        run: docker compose logs zitadel > ../../../.artifacts/e2e-compose-zitadel.log
+        working-directory: e2e/config/host.docker.internal
+      - name: Save Prepare Logs
+        if: always()
+        run: docker compose logs prepare > ../../../.artifacts/e2e-compose-prepare.log
+        working-directory: e2e/config/host.docker.internal
+      - name: Archive Test Results
+        if: always()
+        uses: actions/upload-artifact@v3
+        with:
+          name: pull-request-tests
+          path: |
+            e2e/cypress/results
+            e2e/cypress/videos
+            e2e/cypress/screenshots
+            .artifacts/e2e-compose-zitadel.log
+            .artifacts/e2e-compose-prepare.log
+          retention-days: 30

.github/workflows/test-docs.yml

@@ -0,0 +1,21 @@
+# ATTENTION: Although this workflow doesn't do much, it is still important.
+# It is complementary to the workflow in the file test-code.yml.
+# It enables to exclude files for the workflow and still mark the Test job as required without having pending PRs.
+# GitHub recommends this solution here:
+# https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/troubleshooting-required-status-checks#handling-skipped-but-required-checks
+
+name: ZITADEL PR
+
+on:
+  pull_request:
+    paths:
+      - 'docs/**'
+      - 'guides/**'
+      - '**.md'
+      - 'release-channels.yaml'
+
+jobs:
+  Build-ZITADEL:
+    runs-on: ubuntu-20.04
+    steps:
+      - run: 'echo "No tests for docs are implemented, yet"'

.github/workflows/zitadel.yml

@@ -0,0 +1,88 @@
+name: ZITADEL Release
+
+on:
+  push:
+    tags-ignore:
+      - "*"
+  workflow_dispatch:
+
+permissions:
+  contents: write
+  packages: write
+
+jobs:
+  Build:
+    runs-on: ubuntu-20.04
+    env:
+      DOCKER_BUILDKIT: 1
+    steps:
+      - name: Set up Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: 1.19
+      - name: Source checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - name: Fetch all tags
+        run: git fetch --force --tags
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+        with:
+          driver: docker
+          install: true
+      - name: Tag
+        id: semantic
+        uses: cycjimmy/semantic-release-action@v2
+        with:
+          dry_run: false
+          semantic_version: 19.0.2
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: GitHub Container Registry Login
+        if: steps.semantic.outputs.new_release_published == 'true' && github.ref == 'refs/heads/main' || github.event_name == 'workflow_dispatch'
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - uses: tibdex/github-app-token@v1
+        id: generate-token
+        with:
+          app_id: ${{ secrets.APP_ID }}
+          private_key: ${{ secrets.APP_PRIVATE_KEY }}
+      - name: Google Artifact Registry Login
+        if: steps.semantic.outputs.new_release_published == 'true' && github.ref == 'refs/heads/main' || github.event_name == 'workflow_dispatch'
+        uses: docker/login-action@v2
+        with:
+          registry: europe-docker.pkg.dev
+          username: _json_key_base64
+          password: ${{ secrets.GCR_JSON_KEY_BASE64 }}
+      - uses: goreleaser/goreleaser-action@v3
+        name: Publish ZITADEL
+        if: steps.semantic.outputs.new_release_published == 'true' && github.ref == 'refs/heads/main' || github.event_name == 'workflow_dispatch'
+        with:
+          distribution: goreleaser
+          version: v1.11.0
+          args: release --timeout 50m
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GORELEASER_TOKEN_TAP: ${{ steps.generate-token.outputs.token }}
+          RELEASE_VERSION: ${{ steps.semantic.outputs.release-version }} # I think this line is not needed. Nevertheless, it's explicit
+          DISCORD_WEBHOOK_ID: "976058224484687932"
+          DISCORD_WEBHOOK_TOKEN: "${{ secrets.DISCORD_WEBHOOK_TOKEN }}"
+      - name: Publish go coverage
+        uses: codecov/codecov-action@v3.1.0
+        with:
+          file: .artifacts/codecov/profile.cov
+          name: go-codecov
+      - name: Bump Chart Version
+        uses: peter-evans/repository-dispatch@v2
+        if: steps.semantic.outputs.new_release_published == 'true' && github.ref == 'refs/heads/main'
+        with:
+          token: ${{ steps.generate-token.outputs.token }}
+          repository: zitadel/zitadel-charts
+          event-type: zitadel-released
+          client-payload: '{"semanticoutputs": "${{ steps.semantic.outputs }}"}'