tests pipeline run attempt

.gitea/workflows-archived/release-validation.yml

@@ -0,0 +1,120 @@
+name: Release Validation
+
+on:
+  push:
+    tags:
+      - 'v*'
+  pull_request:
+    paths:
+      - 'devops/**'
+      - 'scripts/release/**'
+  workflow_dispatch:
+
+env:
+  DOTNET_VERSION: '10.0.x'
+  REGISTRY: ghcr.io
+  IMAGE_PREFIX: stellaops
+
+jobs:
+  validate-manifests:
+    name: Validate Release Manifests
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Validate Helm charts
+        run: |
+          helm lint devops/helm/stellaops
+          helm template stellaops devops/helm/stellaops --dry-run
+
+      - name: Validate Kubernetes manifests
+        run: |
+          for f in devops/k8s/*.yaml; do
+            kubectl apply --dry-run=client -f "$f" || exit 1
+          done
+
+      - name: Check required images exist
+        run: |
+          REQUIRED_IMAGES=(
+            "concelier"
+            "scanner"
+            "authority"
+            "signer"
+            "attestor"
+            "excititor"
+            "policy"
+            "scheduler"
+            "notify"
+          )
+          for img in "${REQUIRED_IMAGES[@]}"; do
+            echo "Checking $img..."
+            # Validate Dockerfile exists
+            if [ ! -f "src/${img^}/Dockerfile" ] && [ ! -f "devops/docker/${img}/Dockerfile" ]; then
+              echo "Warning: Dockerfile not found for $img"
+            fi
+          done
+
+  validate-checksums:
+    name: Validate Artifact Checksums
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Verify SHA256SUMS files
+        run: |
+          find . -name "SHA256SUMS" -type f | while read f; do
+            dir=$(dirname "$f")
+            echo "Validating $f..."
+            cd "$dir"
+            if ! sha256sum -c SHA256SUMS --quiet 2>/dev/null; then
+              echo "Warning: Checksum mismatch in $dir"
+            fi
+            cd - > /dev/null
+          done
+
+  validate-schemas:
+    name: Validate Schema Integrity
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+
+      - name: Install ajv-cli
+        run: npm install -g ajv-cli ajv-formats
+
+      - name: Validate JSON schemas
+        run: |
+          for schema in docs/schemas/*.schema.json; do
+            echo "Validating $schema..."
+            ajv compile -s "$schema" --spec=draft2020 || echo "Warning: $schema validation issue"
+          done
+
+  release-notes:
+    name: Generate Release Notes
+    runs-on: ubuntu-latest
+    if: startsWith(github.ref, 'refs/tags/v')
+    needs: [validate-manifests, validate-checksums, validate-schemas]
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Generate changelog
+        run: |
+          PREV_TAG=$(git describe --abbrev=0 --tags HEAD^ 2>/dev/null || echo "")
+          if [ -n "$PREV_TAG" ]; then
+            echo "## Changes since $PREV_TAG" > RELEASE_NOTES.md
+            git log --pretty=format:"- %s (%h)" "$PREV_TAG"..HEAD >> RELEASE_NOTES.md
+          else
+            echo "## Initial Release" > RELEASE_NOTES.md
+          fi
+
+      - name: Upload release notes
+        uses: actions/upload-artifact@v4
+        with:
+          name: release-notes
+          path: RELEASE_NOTES.md