Created new release using workflows and deleted old one

.github/workflows/release.yml

@@ -0,0 +1,277 @@
+name: Release Frogbot
+
+on:
+  workflow_dispatch:
+    inputs:
+      version:
+        description: 'Release version (e.g., 3.0.1)'
+        required: true
+        type: string
+
+# Required permissions
+permissions:
+  contents: write
+  actions: read
+
+jobs:
+  release:
+    name: Release Frogbot v3
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Extract version from tag
+        id: version
+        run: |
+          if [ "${{ github.event_name }}" == "workflow_dispatch" ]; then
+            # Manual trigger: use input version
+            VERSION="${{ inputs.version }}"
+            # Add 'v' prefix if not present
+            if [[ ! "$VERSION" =~ ^v ]]; then
+              TAG="v$VERSION"
+            else
+              TAG="$VERSION"
+              VERSION="${VERSION#v}"
+            fi
+
+            # Validate it's a v3.x.x version
+            if [[ ! "$TAG" =~ ^v3\.[0-9]+\.[0-9]+$ ]]; then
+              echo "❌ Error: Version must be v3.x.x format (e.g., v3.0.1)"
+              echo "Got: $TAG"
+              exit 1
+            fi
+          else
+            # Release trigger: use release tag
+            TAG="${{ github.event.release.tag_name }}"
+            VERSION="${TAG#v}"
+          fi
+          echo "version=$VERSION" >> $GITHUB_OUTPUT
+          echo "tag=$TAG" >> $GITHUB_OUTPUT
+          echo "✅ Release version: $VERSION"
+          echo "✅ Release tag: $TAG"
+
+      - name: Check if tag already exists
+        if: github.event_name == 'workflow_dispatch'
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const tag = '${{ steps.version.outputs.tag }}';
+
+            try {
+              // Check if tag exists
+              await github.rest.git.getRef({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                ref: `tags/${tag}`
+              });
+
+              // Tag exists - fail the workflow
+              core.setFailed(`❌ Tag ${tag} already exists! Please use a different version.`);
+            } catch (error) {
+              if (error.status === 404) {
+                // Tag doesn't exist - good to proceed
+                console.log(`✅ Tag ${tag} does not exist, proceeding with release`);
+              } else {
+                // Some other error
+                throw error;
+              }
+            }
+
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event_name == 'workflow_dispatch' && github.ref || github.event.release.tag_name }}
+          fetch-depth: 0
+
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: 'go.mod'
+          cache: true
+
+      - name: Download JFrog CLI
+        run: |
+          curl -fL https://install-cli.jfrog.io | sh
+          # The install script already moves jf to /usr/local/bin/
+
+      - name: Configure JFrog CLI
+        env:
+          JF_URL: ${{ secrets.JF_URL }}
+          JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }}
+        run: |
+          jf c rm --quiet || true
+          jf c add internal --url="$JF_URL" --access-token="$JF_ACCESS_TOKEN"
+          jf goc --repo-resolve ecosys-go-virtual
+
+      - name: Generate mocks
+        run: go generate ./...
+
+      - name: Run Frogbot scan before release
+        uses: jfrog/frogbot@v2
+        env:
+          JF_URL: ${{ secrets.JF_URL }}
+          JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }}
+          JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          JF_GIT_BASE_BRANCH: ${{ github.ref_name }}
+          JF_FAIL: "true"
+          JF_SKIP_AUTOFIX: "true"
+
+      - name: Set up Node.js for ActionØ
+        uses: actions/setup-node@v4
+        with:
+          node-version: '16'
+          cache: 'npm'
+          cache-dependency-path: action/package-lock.json
+
+      - name: Build GitHub Action
+        working-directory: action
+        run: |
+          npm ci --ignore-scripts
+          npm run compile
+          npm run format-check
+          npm test
+
+      - name: Commit and update tag with compiled action
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+          git add action/lib/
+
+          # Check if there are changes
+          CHANGES=false
+          if ! git diff --staged --quiet; then
+            echo "Action files changed, committing..."
+            git commit -m "Build action for ${{ steps.version.outputs.tag }}"
+            CHANGES=true
+          else
+            echo "No changes to action files"
+          fi
+
+          # For manual triggers, always create/update the tag
+          # For release triggers, update the tag only if there were changes
+          if [ "${{ github.event_name }}" == "workflow_dispatch" ] || [ "$CHANGES" = "true" ]; then
+            echo "Creating/updating tag ${{ steps.version.outputs.tag }}..."
+            git tag -f ${{ steps.version.outputs.tag }}
+            git push origin ${{ steps.version.outputs.tag }} --force
+            echo "Tag ${{ steps.version.outputs.tag }} created/updated"
+          fi
+
+      - name: Update GitHub Action major version tag (v3)
+        run: |
+          # Update v3 tag to point to the latest v3.x.x release
+          git tag -f v3
+          git push origin v3 --force
+          echo "Updated v3 tag to ${{ steps.version.outputs.tag }}"
+
+      - name: Build and upload binaries (parallel)
+        env:
+          VERSION: ${{ steps.version.outputs.tag }}
+          JFROG_CLI_BUILD_NAME: ecosystem-frogbot-release
+          JFROG_CLI_BUILD_NUMBER: ${{ github.run_number }}
+          JFROG_CLI_BUILD_PROJECT: ecosys
+        run: |
+          env -i PATH=$PATH HOME=$HOME \
+            JFROG_CLI_BUILD_NAME=$JFROG_CLI_BUILD_NAME \
+            JFROG_CLI_BUILD_NUMBER=$JFROG_CLI_BUILD_NUMBER \
+            JFROG_CLI_BUILD_PROJECT=$JFROG_CLI_BUILD_PROJECT \
+            CI=true \
+            release/buildAndUpload.sh "${{ steps.version.outputs.version }}"
+
+      - name: Publish build info
+        env:
+          JFROG_CLI_BUILD_NAME: ecosystem-frogbot-release
+          JFROG_CLI_BUILD_NUMBER: ${{ github.run_number }}
+          JFROG_CLI_BUILD_PROJECT: ecosys
+        run: |
+          jf rt bag
+          jf rt bce
+          jf rt bp
+
+      - name: Create and distribute release bundle
+        env:
+          VERSION: ${{ steps.version.outputs.version }}
+        run: |
+          jf ds rbc ecosystem-frogbot $VERSION \
+            --spec="release/specs/frogbot-rbc-spec.json" \
+            --spec-vars="VERSION=$VERSION" \
+            --sign
+          jf ds rbd ecosystem-frogbot $VERSION \
+            --site="releases.jfrog.io" \
+            --sync
+
+      - name: Create GitHub Release
+        if: github.event_name == 'workflow_dispatch'
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const tag = '${{ steps.version.outputs.tag }}';
+
+            console.log(`Creating release for tag ${tag}`);
+
+            // The tag was already created and pushed in the previous step
+            // Now create the release with auto-generated notes
+            // Note: make_latest is set to false so this doesn't become the "Latest" release
+            const release = await github.rest.repos.createRelease({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              tag_name: tag,
+              name: `Release ${tag}`,
+              generate_release_notes: true,
+              draft: false,
+              prerelease: false,
+              make_latest: false
+            });
+
+            console.log(`✅ Created release ${release.data.id} for ${tag}`);
+            console.log(`📦 Release URL: ${release.data.html_url}`);
+            console.log(`ℹ️  This release is NOT marked as "Latest"`);
+
+      - name: Cleanup JFrog config
+        if: always()
+        run: jf c rm --quiet || true
+
+      # On failure: delete release and tag
+      - name: Delete release on failure
+        if: failure()
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const tag = '${{ steps.version.outputs.tag }}';
+
+            console.log(`Workflow failed, cleaning up tag ${tag}`);
+
+            try {
+              // Try to find and delete the release
+              const releases = await github.rest.repos.listReleases({
+                owner: context.repo.owner,
+                repo: context.repo.repo
+              });
+
+              const release = releases.data.find(r => r.tag_name === tag);
+              if (release) {
+                console.log(`Deleting release ${release.id}`);
+                await github.rest.repos.deleteRelease({
+                  owner: context.repo.owner,
+                  repo: context.repo.repo,
+                  release_id: release.id
+                });
+                console.log('Release deleted');
+              } else {
+                console.log('No release found to delete');
+              }
+
+              // Delete the tag
+              try {
+                await github.rest.git.deleteRef({
+                  owner: context.repo.owner,
+                  repo: context.repo.repo,
+                  ref: `tags/${tag}`
+                });
+                console.log('Tag deleted');
+              } catch (error) {
+                console.log(`Tag deletion failed or tag doesn't exist: ${error.message}`);
+              }
+            } catch (error) {
+              console.error(`Cleanup failed: ${error.message}`);
+              // Don't fail the workflow if cleanup fails
+            }
+

action/test/main.spec.ts

@@ -17,7 +17,12 @@ describe('Frogbot Action Tests', () => {
     describe('Frogbot URL Tests', () => {
         const myOs: jest.Mocked<typeof os> = os as any;
         let cases: string[][] = [
-            ['win32' as NodeJS.Platform, 'amd64', 'jfrog.exe', 'https://releases.jfrog.io/artifactory/frogbot/v1/1.2.3/frogbot-windows-amd64/jfrog.exe',],
+            [
+                'win32' as NodeJS.Platform,
+                'amd64',
+                'jfrog.exe',
+                'https://releases.jfrog.io/artifactory/frogbot/v1/1.2.3/frogbot-windows-amd64/jfrog.exe',
+            ],
             ['darwin' as NodeJS.Platform, 'amd64', 'jfrog', 'https://releases.jfrog.io/artifactory/frogbot/v1/1.2.3/frogbot-mac-386/jfrog'],
             ['darwin' as NodeJS.Platform, 'arm64', 'jfrog', 'https://releases.jfrog.io/artifactory/frogbot/v1/1.2.3/frogbot-mac-arm64/jfrog'],
             ['linux' as NodeJS.Platform, 'amd64', 'jfrog', 'https://releases.jfrog.io/artifactory/frogbot/v1/1.2.3/frogbot-linux-amd64/jfrog'],

go.mod

@@ -1,25 +1,25 @@
 module github.com/jfrog/frogbot/v2
 
-go 1.24.6
+go 1.25.4
 
 require (
 	github.com/CycloneDX/cyclonedx-go v0.9.3
 	github.com/go-git/go-git/v5 v5.16.3
 	github.com/golang/mock v1.6.0
 	github.com/google/go-github/v45 v45.2.0
-	github.com/jfrog/build-info-go v1.12.0
-	github.com/jfrog/froggit-go v1.20.4
+	github.com/jfrog/build-info-go v1.12.4
+	github.com/jfrog/froggit-go v1.20.6
 	github.com/jfrog/gofrog v1.7.6
-	github.com/jfrog/jfrog-cli-artifactory v0.7.3-0.20251021143342-49bab7f38cec
+	github.com/jfrog/jfrog-cli-artifactory v0.7.3-0.20251118100843-ac34330a70d3
 	github.com/jfrog/jfrog-cli-core/v2 v2.60.1-0.20251023084247-a56afca52451
-	github.com/jfrog/jfrog-cli-security v1.21.9
-	github.com/jfrog/jfrog-client-go v1.55.1-0.20251023073119-78f187c9afbf
+	github.com/jfrog/jfrog-cli-security v1.22.0
+	github.com/jfrog/jfrog-client-go v1.55.1-0.20251119183924-d765eb708cec
 	github.com/jordan-wright/email v4.0.1-0.20210109023952-943e75fe5223+incompatible
 	github.com/owenrumney/go-sarif/v3 v3.2.3
 	github.com/stretchr/testify v1.11.1
-	github.com/urfave/cli/v2 v2.27.4
+	github.com/urfave/cli/v2 v2.27.7
 	github.com/xeipuuv/gojsonschema v1.2.0
-	golang.org/x/exp v0.0.0-20250911091902-df9299821621
+	golang.org/x/exp v0.0.0-20251023183803-a4bb9ffd2546
 	gopkg.in/yaml.v2 v2.4.0
 	gopkg.in/yaml.v3 v3.0.1
 )
@@ -40,7 +40,7 @@ require (
 	github.com/dsnet/compress v0.0.2-0.20210315054119-f66993602bf5 // indirect
 	github.com/emirpasic/gods v1.18.1 // indirect
 	github.com/fatih/color v1.16.0 // indirect
-	github.com/forPelevin/gomoji v1.4.0 // indirect
+	github.com/forPelevin/gomoji v1.4.1 // indirect
 	github.com/fsnotify/fsnotify v1.9.0 // indirect
 	github.com/gfleury/go-bitbucket-v1 v0.0.0-20230825095122-9bc1711434ab // indirect
 	github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
@@ -107,15 +107,15 @@ require (
 	github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
 	github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect
 	github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
-	github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 // indirect
+	github.com/xrash/smetrics v0.0.0-20250705151800-55b8f293f342 // indirect
 	go.yaml.in/yaml/v3 v3.0.4 // indirect
 	golang.org/x/crypto v0.43.0 // indirect
-	golang.org/x/mod v0.28.0 // indirect
+	golang.org/x/mod v0.29.0 // indirect
 	golang.org/x/net v0.45.0 // indirect
 	golang.org/x/oauth2 v0.31.0 // indirect
-	golang.org/x/sync v0.17.0 // indirect
-	golang.org/x/sys v0.37.0 // indirect
-	golang.org/x/term v0.36.0 // indirect
+	golang.org/x/sync v0.18.0 // indirect
+	golang.org/x/sys v0.38.0 // indirect
+	golang.org/x/term v0.37.0 // indirect
 	golang.org/x/text v0.30.0 // indirect
 	golang.org/x/time v0.12.0 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20241223144023-3abc09e42ca8 // indirect