Loic Nicolle · Cristian Manda · Loic Nicolle · Loic Nicolle · Bogdan-Adrian Burciu · Remi Le Trocquer
--- a/README.md
+++ b/README.md
@@ -79,6 +79,13 @@ include:

 It required a RELEASE_NOTES_READ_API_TOKEN variable set with a read only access token to use the gitlab Merge request API.

+The release notes will by default display all the MR merge since the previous tag.
+
+`.release-notes-before-script:`
+
+`.release-notes-after-script:`
+
+can be used to add modify the release notes if needed. These scripts can write content in `release-notes.md` file.

 ## Helm template


--- a/templates/docker-build.yml
+++ b/templates/docker-build.yml
@@ -101,7 +101,7 @@ docker-build:
    - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" "$CI_REGISTRY"
    - docker buildx create --use --name buildx-builder --driver=docker-container --bootstrap
    - echo "docker buildx build --push --attest type=provenance,mode=max --sbom true --platform ${TARGETOS}/${TARGETARCH} $DOCKER_BUILD_ARGS $DOCKER_METADATA -f $DOCKER_FILE . -t $TARGET_IMAGE_NAME"
-    - docker buildx build --push --attest type=provenance,mode=max --sbom true --platform ${TARGETOS}/${TARGETARCH} $DOCKER_BUILD_ARGS -f $DOCKER_FILE . -t $TARGET_IMAGE_NAME
+    - docker buildx build --push --attest type=provenance,mode=max --sbom true --platform ${TARGETOS}/${TARGETARCH} $DOCKER_BUILD_ARGS $DOCKER_METADATA -f $DOCKER_FILE . -t $TARGET_IMAGE_NAME
    - docker buildx imagetools inspect $TARGET_IMAGE_NAME --format "{{json .Manifest}}"
    - docker buildx imagetools inspect $TARGET_IMAGE_NAME --format "{{ json .Provenance.SLSA }}" > provenance-$BUILD_TAG.json
    - docker buildx imagetools inspect $TARGET_IMAGE_NAME --format "{{ json .SBOM.SPDX }}" > sbom-$BUILD_TAG.json

--- a/templates/release-notes.yml
+++ b/templates/release-notes.yml
@@ -18,20 +18,32 @@ variables:
  # Can be overriden if needed
  GIT_DESCRIBE_OPTIONS: --exclude "0.0.0*"

+# Theses reference can be overriden to add stuff before/after the core of the release notes.
+# Changes must be pushed in release-notes.md
+.release-notes-before-script:
+  - []
+
+.release-notes-after-script:
+  - []
+
 prepare-release-notes:
  image: registry.gitlab.com/sylva-projects/sylva-elements/container-images/ci-image/ci-release-image:v1.0.31
  stage: test
  script:
    - git fetch --tags
    - PREVIOUS_TAG=$(git describe --tags ${GIT_DESCRIBE_OPTIONS} --abbrev=0 ${CI_COMMIT_TAG}^)
+    - !reference [.release-notes-before-script]
    - echo "Checking for merged MRs since ${PREVIOUS_TAG}"
-    - generate-release.py --token ${RELEASE_NOTES_READ_API_TOKEN} --project-id ${CI_PROJECT_ID} --starting-tag ${PREVIOUS_TAG} --end-tag ${CI_COMMIT_TAG} | tee release-notes.md
+    - generate-release.py --token ${RELEASE_NOTES_READ_API_TOKEN} --project-id ${CI_PROJECT_ID} --starting-tag ${PREVIOUS_TAG} --end-tag ${CI_COMMIT_TAG} | tee -a release-notes.md
+    - !reference [.release-notes-after-script]
  artifacts:
    paths:
      - release-notes.md
    when: always
  rules:
-    - if: $CI_COMMIT_TAG && $CI_COMMIT_REF_PROTECTED # Run this job when a tag is created for a protected branch
+    # Run this job when a tag is created for a protected branch, do not create it for dev tags
+    - if: $CI_COMMIT_TAG && $CI_COMMIT_REF_PROTECTED && $CI_COMMIT_TAG !~ /0\.0\.0.*/
+      when: always

 # -----------------------------------------------------------------------------
 # Create the release notes on gitlab
@@ -43,8 +55,8 @@ create-release-notes:
    - job: prepare-release-notes
      artifacts: true
  rules:
-    - if: $CI_COMMIT_TAG && $CI_COMMIT_REF_PROTECTED # Run this job when a tag is created for a protected branch
-      when: always
+    # Run this job when a tag is created for a protected branch, do not create it for dev tags
+    - if: $CI_COMMIT_TAG && $CI_COMMIT_REF_PROTECTED && $CI_COMMIT_TAG !~ /0\.0\.0.*/
  script:
    - echo "running creating release notes for ${CI_COMMIT_TAG}"
  release: