update

.github/.syncignore

@@ -0,0 +1,2 @@
+CODEOWNERS
+dependabot.yml

.github/CODEOWNERS

@@ -0,0 +1 @@
+* @paketo-buildpacks/builders-maintainers

.github/dependabot.yml

@@ -0,0 +1,13 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+---
+version: 2
+updates:
+- package-ecosystem: gomod
+  directory: "/"
+  schedule:
+    interval: daily
+  open-pull-requests-limit: 10

.github/labels.yml

@@ -0,0 +1,48 @@
+- name: status/possible-priority
+  description: This issue is ready to work and should be considered as a potential priority
+  color: F9D0C4
+- name: status/prioritized
+  description: This issue has been triaged and resolving it is a priority
+  color: BFD4F2
+- name: status/blocked
+  description: This issue has been triaged and resolving it is blocked on some other issue
+  color: 848978
+- name: bug
+  description: Something isn't working
+  color: d73a4a
+- name: enhancement
+  description: A new feature or request
+  color: a2eeef
+- name: documentation
+  description: This issue relates to writing documentation
+  color: D4C5F9
+- name: help wanted
+  description: Extra attention is needed
+  color: 008672
+- name: semver:major
+  description: A change requiring a major version bump
+  color: 6b230e
+- name: semver:minor
+  description: A change requiring a minor version bump
+  color: cc6749
+- name: semver:patch
+  description: A change requiring a patch version bump
+  color: f9d0c4
+- name: good first issue
+  description: A good first issue to get started with
+  color: d3fc03
+- name: "failure:release"
+  description: An issue filed automatically when a release workflow run fails
+  color: f00a0a
+- name: "failure:push"
+  description: An issue filed automatically when a push buildpackage workflow run fails
+  color: f00a0a
+- name: "failure:update-builder-toml"
+  description: An issue filed automatically when a builder.toml update workflow run fails
+  color: f00a0a
+- name: "failure:update-github-config"
+  description: An issue filed automatically when a github config update workflow run fails
+  color: f00a0a
+- name: "failure:approve-bot-pr"
+  description: An issue filed automatically when a PR auto-approve workflow run fails
+  color: f00a0a

.github/release-drafter-config.yml

@@ -0,0 +1,25 @@
+# Config for https://github.com/release-drafter/release-drafter
+name-template: '$RESOLVED_VERSION'
+tag-template: 'v$RESOLVED_VERSION'
+filter-by-commitish: true
+commitish: main
+
+change-template: '- $TITLE [#$NUMBER] by [@$AUTHOR](https://github.com/$AUTHOR)'
+template: |
+  ## Full Changelog
+
+  Following pull requests got merged for this release:
+
+  $CHANGES
+
+version-resolver:
+  major:
+    labels:
+      - 'semver:major'
+  minor:
+    labels:
+      - 'semver:minor'
+  patch:
+    labels:
+      - 'semver:patch'
+  default: patch

.github/workflows/approve-bot-pr.yml

@@ -0,0 +1,69 @@
+name: Approve Bot PRs and Enable Auto-Merge
+
+on:
+  workflow_run:
+    workflows: ["Test Pull Request"]
+    types:
+    - completed
+
+jobs:
+  download:
+    name: Download PR Artifact
+    if: ${{ github.event.workflow_run.event == 'pull_request' && github.event.workflow_run.conclusion == 'success' }}
+    runs-on: ubuntu-22.04
+    outputs:
+      pr-author: ${{ steps.pr-data.outputs.author }}
+      pr-number: ${{ steps.pr-data.outputs.number }}
+    steps:
+    - name: 'Download artifact'
+      uses: initializ-buildpacks/github-config/actions/pull-request/download-artifact@main
+      with:
+        name: "event-payload"
+        repo: ${{ github.repository }}
+        run_id: ${{ github.event.workflow_run.id }}
+        workspace: "/github/workspace"
+        token: ${{ secrets.PAT }}
+    - id: pr-data
+      run: |
+        echo "author=$(jq -r '.pull_request.user.login' event.json)" >> "$GITHUB_OUTPUT"
+        echo "number=$(jq -r '.pull_request.number' event.json)" >> "$GITHUB_OUTPUT"
+
+  approve:
+    name: Approve Bot PRs
+    needs: download
+    if: ${{ needs.download.outputs.pr-author == 'initializ-bot' || needs.download.outputs.pr-author == 'dependabot[bot]' }}
+    runs-on: ubuntu-22.04
+    steps:
+    - name: Check Commit Verification
+      id: unverified-commits
+      uses: initializ-buildpacks/github-config/actions/pull-request/check-unverified-commits@main
+      with:
+        token: ${{ secrets.PAT }}
+        repo: ${{ github.repository }}
+        number: ${{ needs.download.outputs.pr-number }}
+
+    - name: Check for Human Commits
+      id: human-commits
+      uses: initializ-buildpacks/github-config/actions/pull-request/check-human-commits@main
+      with:
+        token: ${{ secrets.PAT }}
+        repo: ${{ github.repository }}
+        number: ${{ needs.download.outputs.pr-number }}
+
+    - name: Checkout
+      if: steps.human-commits.outputs.human_commits == 'false' && steps.unverified-commits.outputs.unverified_commits == 'false'
+      uses: actions/checkout@v3
+
+    - name: Approve
+      if: steps.human-commits.outputs.human_commits == 'false' && steps.unverified-commits.outputs.unverified_commits == 'false'
+      uses: initializ-buildpacks/github-config/actions/pull-request/approve@main
+      with:
+        token: ${{ secrets.PAT }}
+        number: ${{ needs.download.outputs.pr-number }}
+
+    - name: Enable Auto-Merge
+      if: steps.human-commits.outputs.human_commits == 'false' && steps.unverified-commits.outputs.unverified_commits == 'false'
+      run: |
+        gh pr merge ${{ needs.download.outputs.pr-number }} --auto --rebase
+      env:
+        GITHUB_TOKEN: ${{ secrets.PAT }}

.github/workflows/create-release.yml

@@ -0,0 +1,117 @@
+name: Create Release
+
+on:
+  push:
+    branches:
+    - main
+
+concurrency: release
+
+jobs:
+  smoke:
+    name: Smoke Test
+    runs-on: ubuntu-22.04
+    outputs:
+      release_notes: ${{ steps.notes.outputs.body }}
+    steps:
+    - name: Setup Go
+      uses: actions/setup-go@v3
+      with:
+        go-version: 'stable'
+
+    - name: Checkout
+      uses: actions/checkout@v3
+
+    - name: Get pack version
+      id: pack-version
+      run: |
+        version=$(jq -r .pack "scripts/.util/tools.json")
+        echo "version=${version#v}" >> "$GITHUB_OUTPUT"
+
+    - name: Install Global Pack
+      uses: buildpacks/github-actions/setup-pack@main
+      with:
+        pack-version: ${{ steps.pack-version.outputs.version }}
+
+    - name: Run Smoke Tests
+      run: ./scripts/smoke.sh --name builder
+
+    - name: Generate Release Notes
+      id: notes
+      run: |
+        notes="$(pack inspect-builder builder | grep -v 'Inspecting builder' \
+          | grep -v 'REMOTE:' \
+          | grep -v 'LOCAL:' \
+          | grep -v '\(not present\)' \
+          | grep -v 'Warning' \
+          | sed -e '/./,$!d' \
+          | awk -F, '{printf "%s\\n", $0}')"
+        echo "body=${notes}" >> "$GITHUB_OUTPUT"
+
+  release:
+    name: Release
+    runs-on: ubuntu-22.04
+    needs: smoke
+    steps:
+    - name: Checkout With History
+      uses: actions/checkout@v3
+      with:
+        fetch-depth: 0  # gets full history
+
+    - name: Compare With Previous Release
+      id: compare_previous_release
+      run: |
+        if [ -z "$(git diff $(git describe --tags --abbrev=0) -- builder.toml)" ]
+        then
+          echo "builder_changes=false" >> "$GITHUB_OUTPUT"
+        else
+          echo "builder_changes=true" >> "$GITHUB_OUTPUT"
+        fi
+
+    - name: Publish Release
+      id: publish
+      if: ${{ steps.compare_previous_release.outputs.builder_changes == 'true' }}
+      uses: release-drafter/release-drafter@v5
+      with:
+        config-name: release-drafter-config.yml
+        publish: true
+      env:
+        GITHUB_TOKEN: ${{ secrets.PAT }}
+
+    - name: Update Release Notes
+      if: ${{ steps.compare_previous_release.outputs.builder_changes == 'true' }}
+      run: |
+        set -euo pipefail
+        shopt -s inherit_errexit
+
+        payload="{\"body\" : \"\`\`\`\n${RELEASE_BODY}\n\`\`\`\"}"
+
+        curl --fail \
+          -X PATCH \
+          -H "Accept: application/vnd.github.v3+json" \
+          -H "Authorization: token ${GITHUB_TOKEN}" \
+          "https://api.github.com/repos/${GITHUB_REPOSITORY}/releases/${RELEASE_ID}" \
+          -d "${payload}"
+      env:
+        RELEASE_ID: ${{ steps.publish.outputs.id }}
+        RELEASE_BODY: ${{ needs.smoke.outputs.release_notes }}
+        GITHUB_TOKEN: ${{ secrets.PAT }}
+
+  failure:
+    name: Alert on Failure
+    runs-on: ubuntu-22.04
+    needs: [ smoke, release ]
+    if: ${{ always() && needs.smoke.result == 'failure' ||  needs.release.result == 'failure' }}
+    steps:
+    - name: File Failure Alert Issue
+      uses: initializ-buildpacks/github-config/actions/issue/file@main
+      with:
+        token: ${{ secrets.GITHUB_TOKEN }}
+        repo: ${{ github.repository }}
+        label: "failure:release"
+        comment_if_exists: true
+        issue_title: "Failure: Create Release workflow"
+        issue_body: |
+          Create Release workflow [failed](https://github.com/${{github.repository}}/actions/runs/${{github.run_id}}).
+        comment_body: |
+          Another failure occurred: https://github.com/${{github.repository}}/actions/runs/${{github.run_id}}

.github/workflows/lint-yaml.yml

@@ -0,0 +1,30 @@
+name: Lint Workflows
+
+on:
+  pull_request:
+    paths:
+    - '.github/**.yml'
+    - '.github/**.yaml'
+
+jobs:
+  lintYaml:
+    runs-on: ubuntu-22.04
+    steps:
+    - uses: actions/checkout@v3
+
+    - name: Checkout github-config
+      uses: actions/checkout@v3
+      with:
+        repository: initializ-buildpacks/github-config
+        path: github-config
+
+    - name: Set up Python
+      uses: actions/setup-python@v4
+      with:
+        python-version: 3.8
+
+    - name: Install yamllint
+      run: pip install yamllint
+
+    - name: Lint YAML files
+      run: yamllint ./.github -c github-config/.github/.yamllint

.github/workflows/push-image.yml

@@ -0,0 +1,78 @@
+name: Push Builder Image
+
+on:
+  release:
+    types:
+    - published
+
+jobs:
+  push:
+    name: Push
+    runs-on: ubuntu-22.04
+    steps:
+
+    - name: Parse Event
+      id: event
+      run: |
+        echo "tag=$(jq -r '.release.tag_name' "${GITHUB_EVENT_PATH}" | sed s/^v//)" >> "$GITHUB_OUTPUT"
+
+    - name: Checkout
+      uses: actions/checkout@v3
+
+    - name: Get pack version
+      id: pack-version
+      run: |
+        version=$(jq -r .pack "scripts/.util/tools.json")
+        echo "version=${version#v}" >> "$GITHUB_OUTPUT"
+
+    - name: Install Global Pack
+      uses: buildpacks/github-actions/setup-pack@main
+      with:
+        pack-version: ${{ steps.pack-version.outputs.version }}
+
+    - name: Enable Experimental Pack Features
+      run: |
+        if [ -f "scripts/options.json" ] && jq -e -r .pack_config_enable_experimental "scripts/options.json" > /dev/null; then
+          pack config experimental true
+        fi
+
+    - name: Create Builder Image
+      run: |
+        pack builder create builder --config builder.toml
+
+    - name: Push To Dockerhub
+      env:
+        INITIALIZ_BUILDPACKS_DOCKERHUB_USERNAME: ${{ secrets.INITIALIZ_BUILDPACKS_DOCKERHUB_USERNAME }}
+        INITIALIZ_BUILDPACKS_DOCKERHUB_PASSWORD: ${{ secrets.INITIALIZ_BUILDPACKS_DOCKERHUB_PASSWORD }}
+        GITHUB_REPOSITORY_OWNER: ${{ github.repository_owner }}
+      run: |
+        DOCKERHUB_ORG="${GITHUB_REPOSITORY_OWNER/-/}" # translates 'initializ-buildpacks' to 'initializbuildpacks'
+        # Strip off the Github org prefix from repo name
+        # initializ-buildpacks/builder-with-some-name --> builder-with-some-name
+        registry_repo=$(echo "${{ github.repository }}" | sed 's/^.*\///')
+
+        echo "${INITIALIZ_BUILDPACKS_DOCKERHUB_PASSWORD}" | docker login --username "${INITIALIZ_BUILDPACKS_DOCKERHUB_USERNAME}" --password-stdin
+        docker tag builder "${DOCKERHUB_ORG}/${registry_repo}:latest"
+        docker tag builder "${DOCKERHUB_ORG}/${registry_repo}:${{ steps.event.outputs.tag }}"
+
+        docker push "${DOCKERHUB_ORG}/${registry_repo}:latest"
+        docker push "${DOCKERHUB_ORG}/${registry_repo}:${{ steps.event.outputs.tag }}"
+
+  failure:
+    name: Alert on Failure
+    runs-on: ubuntu-22.04
+    needs: [push]
+    if: ${{ always() && needs.push.result == 'failure' }}
+    steps:
+    - name: File Failure Alert Issue
+      uses: initializ-buildpacks/github-config/actions/issue/file@main
+      with:
+        token: ${{ secrets.GITHUB_TOKEN }}
+        repo: ${{ github.repository }}
+        label: "failure:push"
+        comment_if_exists: true
+        issue_title: "Failure: Push Image workflow"
+        issue_body: |
+          Push Image workflow [failed](https://github.com/${{github.repository}}/actions/runs/${{github.run_id}}).
+        comment_body: |
+           Another failure occurred: https://github.com/${{github.repository}}/actions/runs/${{github.run_id}}