Merge pull request #223 from TechnologyEnhancedLearning/master

make sure up to date

Author: Phil-NHS

.github/workflows/automerge-dependabot-prs-into-collected-branch.yml

@@ -0,0 +1,38 @@
+# This script seperate major and minor but we do merge them into the same branch. 
+# Having two steps allows us to easily turn off major changes in future and then script them to their own branch and pipeline.
+name: Auto-merge Dependabot PRs into collected branch
+on:
+  pull_request:
+    types: [opened, synchronize]
+    branches: [Automatic_version_update_dependabot]  # Make sure this matches your actual branch name
+
+permissions:
+  contents: write
+  pull-requests: write
+
+jobs:
+  auto-merge:
+    runs-on: ubuntu-latest
+    if: github.actor == 'dependabot[bot]'
+    steps:
+      - name: Extract update type
+        id: extract
+        run: |
+          PR_TITLE="${{ github.event.pull_request.title }}"
+          if [[ $PR_TITLE == *"(major)"* ]]; then
+            echo "update_type=major" >> $GITHUB_OUTPUT
+          else
+            echo "update_type=minor_or_patch" >> $GITHUB_OUTPUT
+          fi
+          
+      - name: Auto-merge minor and patch updates
+        if: steps.extract.outputs.update_type == 'minor_or_patch'
+        run: gh pr merge --auto --squash "${{ github.event.pull_request.html_url }}"
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          
+      - name: Auto-merge major updates
+        if: steps.extract.outputs.update_type == 'major'
+        run: gh pr merge --auto --squash "${{ github.event.pull_request.html_url }}"
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/automerge-passing-minor-patch-dependabot-prs.yml

@@ -0,0 +1,48 @@
+name: Collected Dependabot Promotion From Staging To Master
+on:
+  schedule:
+    # we want the opposite weeks to staging so we get a week where it occurs in manual testing
+    - cron: '0 9 8-14 * 1'  # Second Monday of month
+    - cron: '0 9 22-28 * 1' # Fourth Monday of month
+  workflow_dispatch:
+
+jobs:
+  promote-to-master:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Check for changes
+        id: changes
+        run: |
+          git fetch origin Automatic_collected_dependabot_staging:Automatic_collected_dependabot_staging
+          git fetch origin master:master  # or main/master - whatever your prod branch is
+          
+          if git diff --quiet master Automatic_collected_dependabot_staging; then
+            echo "has_changes=false" >> $GITHUB_OUTPUT
+          else
+            echo "has_changes=true" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Create PR to master
+        if: steps.changes.outputs.has_changes == 'true'
+        run: |
+          if gh pr list --head Automatic_collected_dependabot_staging --base master --json number --jq '.[0].number' | grep -q .; then
+            echo "PR already exists, skipping creation"
+          else
+            gh pr create \
+              --base master \
+              --head Automatic_collected_dependabot_staging \
+              --title "Fortnightly dependabot collected master promotion - $(date +%Y-%m-%d)" \
+              --body "Automated weekly promotion from staging to master after testing period" \
+              --auto-merge \
+              --merge
+          fi
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/collected-dependabot-staging-to-master.yml

@@ -0,0 +1,45 @@
+name: Dependabot Collected Promotion To Staging
+# this logic will require branch ruleset checks of running the dev pipeline
+on:
+  schedule:
+    # Promotion from staging to release should be a week apart so alternating weeks (also live updates dangerous)
+    - cron: '0 9 1-7 * 1'   # First Monday of month
+    - cron: '0 9 15-21 * 1' # Third Monday of month
+  workflow_dispatch:  # Allow manual trigger
+
+jobs:
+  promote-to-automatic-collected-dependabot-staging:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Check for changes
+        id: changes
+        run: |
+          git fetch origin Automatic_version_update_dependabot:Automatic_version_update_dependabot
+          git fetch origin Automatic_collected_dependabot_staging:Automatic_collected_dependabot_staging
+          
+          if git diff --quiet Automatic_collected_dependabot_staging Automatic_version_update_dependabot; then
+            echo "has_changes=false" >> $GITHUB_OUTPUT
+          else
+            echo "has_changes=true" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Create PR to Automatic_collected_dependabot_staging
+        if: steps.changes.outputs.has_changes == 'true'
+        run: |
+          gh pr create \
+            --base Automatic_collected_dependabot_staging \
+            --head Automatic_version_update_dependabot \
+            --title "Fortnightly dependabot collected to staging - $(date +%Y-%m-%d)" \
+            --body "Automated Fortnightly promotion of dependency updates from dependabot" \
+            --auto-merge \
+            --merge
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/collected-dependabot-to-staging.yml

@@ -4,6 +4,10 @@ on:
     branches-ignore:
       - 'main'
       - 'master'
+      # We currently dont intend to test the showcase per package bump so wont run for package bumps
+      # we will run on the collected bumps merging though
+      - 'dependabot/**'
+
   workflow_dispatch:
 
 permissions:
@@ -83,15 +87,40 @@ jobs:
           echo "Semantic Release packages installed."
           npm ls --depth=0 # Debug: List installed packages
 
-      #configured with .releaseserc
+      # Configured with .releaseserc
       # Dry run we are not versioning the repo
       - name: Run dev semantic version (None Blocking)
         id: detect_semantic_version
         run: |
+          echo "error catch run of semver first to get any error detail on config issues"
+          set +e
+          SEMVER_OUTPUT_RAW_ERROR_CHECK=$(npx semantic-release --dry-run 2> /tmp/semantic-release-errors.log)
+          STATUS_ERROR_CHECK=$?
+
+          # Now you can check the status and log the error messages if an error occurred
+          if [ $STATUS_ERROR_CHECK -ne 0 ]; then
+            echo "❌ Semantic release failed with exit code $STATUS_ERROR_CHECK."
+            echo "❌ Error output:"
+            cat /tmp/semantic-release-errors.log
+          else
+            echo "✅ Semantic Ouput success : $SEMVER_OUTPUT_RAW_ERROR_CHECK "
+            echo "✅ Error on success : $STATUS_ERROR_CHECK"
+          fi
+          
+          set -e
+
 
           echo "running semantic-release"
-          SEMVER_OUTPUT_RAW=$(npx semantic-release --dry-run 2>&1)
-          STATUS=$?
+          semver_output_raw=$(npx semantic-release --dry-run 2>&1)
+          status=$?
+
+          # Now you can check the status and log the error messages if an error occurred
+          if [ $STATUS -ne 0 ]; then
+            echo "Semantic release failed with exit code $STATUS."
+            echo "Error output:"
+            cat /tmp/semantic-release-errors.log
+          fi
+          
           echo "status = $STATUS"
           echo "$SEMVER_OUTPUT_RAW"          
           
@@ -357,5 +386,4 @@ jobs:
             -H "Authorization: Bearer $TEL_GIT_PACKAGES_TOKEN" \
             -H "X-GitHub-Api-Version: 2022-11-28" \
             https://api.github.com/repos/$repo_owner/$repo_name/dispatches \
-            -d "{\"event_type\": \"$event_type\", \"client_payload\": {\"artifact_url\": \"$artifact_url\"}}"      
-        
+            -d "{\"event_type\": \"$event_type\", \"client_payload\": {\"artifact_url\": \"$artifact_url\"}}"      

.github/workflows/dev.yml

@@ -202,7 +202,7 @@ jobs:
           run: |
             BRANCH_NAME="${GITHUB_HEAD_REF:-${GITHUB_REF_NAME}}"
             echo "Branch name: $BRANCH_NAME"
-            if [[ "$BRANCH_NAME" =~ ^dependabot/ ]]; then
+            if [[ "$BRANCH_NAME" =~ ^dependabot/ ]] || [[ "$AUTHOR_NAME" == "dependabot[bot]" ]] || [[ "$COMMIT_MSG" =~ ^Bump ]]; then
               echo "✅ Branch is a dependabot branch - skipping commitlint ✅"
               echo "skip=true" >> $GITHUB_OUTPUT
             else

.github/workflows/reuseable-ci-checks.yml

@@ -81,7 +81,10 @@ The individual steps also automatically pass so can see if any error at the end
 # Notes
 - doesnt run easily with nektos act due to git ref checks and calling other workflows
 - for tests use the run-tests-and-report-with-env-values.ps1 file
-
+- dependabot duplicates tokens using dependabot secrets including write so can run checks
+- autoverging is being tried for major and minor
+- branch checks must pass for merge on automated_version
+- checks required but overrideable for all workflows
 ## Versioning
 Via semantic release and recorded as a generate c# file used by a blazor component
 

.github/workflows/workflow-readme.md

@@ -236,3 +236,4 @@ TELBlazor.Components.ShowCase.E2ETests.WasmServerHost/Logs/*
 
 # Generated version info files
 TELBlazor.Components/TELBlazorPackageVersion/VersionInfo*.cs
+/.github/workflows/test.yml

.gitignore

@@ -6,6 +6,10 @@
     {
       "name": "Automatic_version_update_dependabot"
     },
+    {
+      "name": "Automatic_collected_dependabot_staging",
+      "prerelease": "dependabot-staging"
+    },
     {
       "name": "feat-*",
       "prerelease": true

.releaserc.json

@@ -74,6 +74,7 @@ the ability to produce static prerendered html. The prerendered html is written
 		- enter the variable names and variable values as follows:
 			- GITHUB_USERNAME / [Your GitHub username]
 			- TEL_GIT_PACKAGES_TOKEN / [The copied token]
+			- LOCAL_PACKAGES_PATH / [Path to your local packages folder]
 		- then select **OK**
 		- select **OK** again to close all dialogs.
 - **Restore Nuget, Npm, Tooling, playwright and build:**