From 2be0d0d5f607c745d10e4d5e16d734eeba74678f Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Tue, 26 Aug 2025 13:56:10 +0100 Subject: [PATCH 01/20] chore(dependabot): releaserc to be used in checks and dependabot not to be failed by it --- .github/dependabot.yml | 4 +-- .github/workflows/reuseable-ci-checks.yml | 36 +++++++++++++++++++++-- 2 files changed, 35 insertions(+), 5 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 4c9eac2..cfd723d 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -6,6 +6,7 @@ updates: interval: "daily" open-pull-requests-limit: 100 target-branch: "Automatic_version_update_dependabot" + rebase-strategy: "auto" - package-ecosystem: "npm" directory: "/" @@ -13,5 +14,4 @@ updates: interval: "daily" open-pull-requests-limit: 100 target-branch: "Automatic_version_update_dependabot" - - + rebase-strategy: "auto" \ No newline at end of file diff --git a/.github/workflows/reuseable-ci-checks.yml b/.github/workflows/reuseable-ci-checks.yml index 2a2353e..2d455e8 100644 --- a/.github/workflows/reuseable-ci-checks.yml +++ b/.github/workflows/reuseable-ci-checks.yml @@ -145,15 +145,45 @@ jobs: #BRANCH_NAME="${GITHUB_HEAD_REF}" BRANCH_NAME="${GITHUB_HEAD_REF:-${GITHUB_REF_NAME}}" echo "Validating branch name: $BRANCH_NAME" + + # Read allowed branch patterns from .releaserc.json + ALLOWED_BRANCHES=$(jq -r '.branches[].name' .releaserc.json) + + VALID=false + for pattern in $ALLOWED_BRANCHES; do + # Convert wildcard * into regex + REGEX="^${pattern//\*/.*}$" + if [[ "$BRANCH_NAME" =~ $REGEX ]]; then + VALID=true + break + fi + done + + # Always allow dependabot branches for CI + # Semver will ignore the branch but will bump the collected dependabot changes branch + if [[ "$BRANCH_NAME" =~ ^dependabot/ ]]; then + echo "✅ Branch is a dependabot branch its not for release or versioning but for merging into the dependabot collection branch" + VALID=true + fi - if [[ "$BRANCH_NAME" =~ ^(build|chore|ci|docs|feat|fix|perf|refactor|revert|style|test|sample|security|config|bugfix|hotfix)-[a-zA-Z0-9._/-]+$ ]] || [[ "$BRANCH_NAME" == "master" ]]; then + if [ "$VALID" = true ]; then echo "✅ Branch name is valid" else echo "❌ Invalid branch name: $BRANCH_NAME" - echo "Branch names must follow one of the allowed prefixes:" - echo " build-*, feat-*, fix-*, bugfix-*, hotfix-*, build-*, chore-*, ci-*, docs-*, perf-*, refactor-*, revert-*, style-*, test-*, sample-*, security-*, config-*, bugfix-*, hotfix-*" + echo "Allowed branch patterns:" + echo "$ALLOWED_BRANCHES" exit 1 fi + + # qqqq drop + # if [[ "$BRANCH_NAME" =~ ^(build|chore|ci|docs|feat|fix|perf|refactor|revert|style|test|sample|security|config|bugfix|hotfix)-[a-zA-Z0-9._/-]+$ ]] || [[ "$BRANCH_NAME" == "master" ]]; then + # echo "✅ Branch name is valid" + # else + # echo "❌ Invalid branch name: $BRANCH_NAME" + # echo "Branch names must follow one of the allowed prefixes:" + # echo " build-*, feat-*, fix-*, bugfix-*, hotfix-*, build-*, chore-*, ci-*, docs-*, perf-*, refactor-*, revert-*, style-*, test-*, sample-*, security-*, config-*, bugfix-*, hotfix-*" + # exit 1 + # fi reuseable-ci-checks-commitlint: From 3256a8f6f639d67ba7f586728bfa2647b1c88b01 Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Tue, 26 Aug 2025 14:03:51 +0100 Subject: [PATCH 02/20] chore(reuseable): File loc error --- .github/workflows/reuseable-ci-checks.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/reuseable-ci-checks.yml b/.github/workflows/reuseable-ci-checks.yml index 2d455e8..e108d29 100644 --- a/.github/workflows/reuseable-ci-checks.yml +++ b/.github/workflows/reuseable-ci-checks.yml @@ -147,7 +147,7 @@ jobs: echo "Validating branch name: $BRANCH_NAME" # Read allowed branch patterns from .releaserc.json - ALLOWED_BRANCHES=$(jq -r '.branches[].name' .releaserc.json) + ALLOWED_BRANCHES=$(jq -r '.branches[].name' "$GITHUB_WORKSPACE/.releaserc.json) VALID=false for pattern in $ALLOWED_BRANCHES; do From 291579d6f35c04c941bf065a5da0701be10551ab Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Tue, 26 Aug 2025 14:13:24 +0100 Subject: [PATCH 03/20] chore(dependabot): fix --- .github/workflows/reuseable-ci-checks.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/reuseable-ci-checks.yml b/.github/workflows/reuseable-ci-checks.yml index e108d29..bf7039d 100644 --- a/.github/workflows/reuseable-ci-checks.yml +++ b/.github/workflows/reuseable-ci-checks.yml @@ -147,7 +147,7 @@ jobs: echo "Validating branch name: $BRANCH_NAME" # Read allowed branch patterns from .releaserc.json - ALLOWED_BRANCHES=$(jq -r '.branches[].name' "$GITHUB_WORKSPACE/.releaserc.json) + ALLOWED_BRANCHES=$(jq -r '.branches[].name' "$GITHUB_WORKSPACE/.releaserc.json") VALID=false for pattern in $ALLOWED_BRANCHES; do From 921837a2859800a739c5ed029471961d890315d1 Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Tue, 26 Aug 2025 14:37:58 +0100 Subject: [PATCH 04/20] chore(dependancy): Not finding file --- .github/workflows/reuseable-ci-checks.yml | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/.github/workflows/reuseable-ci-checks.yml b/.github/workflows/reuseable-ci-checks.yml index bf7039d..dd0e39a 100644 --- a/.github/workflows/reuseable-ci-checks.yml +++ b/.github/workflows/reuseable-ci-checks.yml @@ -142,12 +142,24 @@ jobs: steps: - name: Validate Branch Name run: | + echo "📂 GITHUB_WORKSPACE is: $GITHUB_WORKSPACE" + echo "📂 Current working directory is: $(pwd)" + echo "📂 Listing files in current dir:" + ls -alh + echo "📂 Listing files in workspace root:" + ls -alh "$GITHUB_WORKSPACE" + #BRANCH_NAME="${GITHUB_HEAD_REF}" BRANCH_NAME="${GITHUB_HEAD_REF:-${GITHUB_REF_NAME}}" echo "Validating branch name: $BRANCH_NAME" # Read allowed branch patterns from .releaserc.json - ALLOWED_BRANCHES=$(jq -r '.branches[].name' "$GITHUB_WORKSPACE/.releaserc.json") + + + + RELEASERC_PATH="${{ github.workspace }}/.releaserc.json" + echo "Using releaserc at: $RELEASERC_PATH" + ALLOWED_BRANCHES=$(jq -r '.branches[].name' $RELEASERC_PATH) VALID=false for pattern in $ALLOWED_BRANCHES; do From a04553c555a6a350f08a6a7871e5120d1de600d5 Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Tue, 26 Aug 2025 14:47:53 +0100 Subject: [PATCH 05/20] chore(release): check --- .github/workflows/reuseable-ci-checks.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/reuseable-ci-checks.yml b/.github/workflows/reuseable-ci-checks.yml index dd0e39a..95e285b 100644 --- a/.github/workflows/reuseable-ci-checks.yml +++ b/.github/workflows/reuseable-ci-checks.yml @@ -139,12 +139,18 @@ jobs: outputs: status: ${{ job.status }} runs-on: ubuntu-latest + + # Checkout so can get access to the file + - name: Checkout repository + uses: actions/checkout@v4 + steps: - name: Validate Branch Name run: | echo "📂 GITHUB_WORKSPACE is: $GITHUB_WORKSPACE" echo "📂 Current working directory is: $(pwd)" echo "📂 Listing files in current dir:" + ls ls -alh echo "📂 Listing files in workspace root:" ls -alh "$GITHUB_WORKSPACE" From 54bd5dc0c6c85653a999f615393a9b6df276da1e Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Tue, 26 Aug 2025 14:54:50 +0100 Subject: [PATCH 06/20] chore(yaml): fix yaml --- .github/workflows/reuseable-ci-checks.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/reuseable-ci-checks.yml b/.github/workflows/reuseable-ci-checks.yml index 95e285b..0fd9cca 100644 --- a/.github/workflows/reuseable-ci-checks.yml +++ b/.github/workflows/reuseable-ci-checks.yml @@ -140,11 +140,13 @@ jobs: status: ${{ job.status }} runs-on: ubuntu-latest - # Checkout so can get access to the file - - name: Checkout repository - uses: actions/checkout@v4 + steps: + # Checkout so can get access to the file + - name: Checkout repository + uses: actions/checkout@v4 + - name: Validate Branch Name run: | echo "📂 GITHUB_WORKSPACE is: $GITHUB_WORKSPACE" From b17b8a8c4200f649419d14ac02f8353537e3bb36 Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Tue, 26 Aug 2025 15:35:05 +0100 Subject: [PATCH 07/20] chore(punt): not hopefull but try completing nuget substitions --- .github/workflows/reuseable-ci-checks.yml | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) diff --git a/.github/workflows/reuseable-ci-checks.yml b/.github/workflows/reuseable-ci-checks.yml index 0fd9cca..28611f4 100644 --- a/.github/workflows/reuseable-ci-checks.yml +++ b/.github/workflows/reuseable-ci-checks.yml @@ -43,6 +43,7 @@ env: # Nuget Set Up NUGET_PACKAGES_OUTPUT_PATH: ${{ github.workspace }}/CICDPackageLocation LOCAL_PACKAGES_PATH: ${{ github.workspace }}/CICDPackageLocation + GITHUB_USERNAME: "Phil-NHS" # Build Set Up # May need coverlet.collector xplat if using the packaged version to test @@ -79,6 +80,8 @@ jobs: - name: Replace local environment variable in nuget config because cant provide it as a parameter run: | sed -i "s|%TEL_BLAZOR_PACKAGE_SOURCE%|$LOCAL_PACKAGES_PATH|g" nuget.config + sed -i "s|%GITHUB_USERNAME%|$GITHUB_USERNAME|g" nuget.config + sed -i "s|%TEL_GIT_PACKAGES_TOKEN%|$TEL_GIT_PACKAGES_TOKEN|g" nuget.config - name: Create appsettings development from secrets run: | @@ -149,22 +152,12 @@ jobs: - name: Validate Branch Name run: | - echo "📂 GITHUB_WORKSPACE is: $GITHUB_WORKSPACE" - echo "📂 Current working directory is: $(pwd)" - echo "📂 Listing files in current dir:" - ls - ls -alh - echo "📂 Listing files in workspace root:" - ls -alh "$GITHUB_WORKSPACE" #BRANCH_NAME="${GITHUB_HEAD_REF}" BRANCH_NAME="${GITHUB_HEAD_REF:-${GITHUB_REF_NAME}}" echo "Validating branch name: $BRANCH_NAME" # Read allowed branch patterns from .releaserc.json - - - RELEASERC_PATH="${{ github.workspace }}/.releaserc.json" echo "Using releaserc at: $RELEASERC_PATH" ALLOWED_BRANCHES=$(jq -r '.branches[].name' $RELEASERC_PATH) @@ -250,6 +243,8 @@ jobs: - name: Replace local environment variable in nuget config because cant provide it as a parameter run: | sed -i "s|%TEL_BLAZOR_PACKAGE_SOURCE%|$LOCAL_PACKAGES_PATH|g" nuget.config + sed -i "s|%GITHUB_USERNAME%|$GITHUB_USERNAME|g" nuget.config + sed -i "s|%TEL_GIT_PACKAGES_TOKEN%|$TEL_GIT_PACKAGES_TOKEN|g" nuget.config - name: Clean lock files because the newly generated package file will superseed the locks run: | From c0a9f2fc2619902e22e4630a8e440645f7f07c8f Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Tue, 26 Aug 2025 16:19:11 +0100 Subject: [PATCH 08/20] chore(dependabot): no capitals dbot does need to manage telblazor on telblazor repo --- .github/dependabot.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index cfd723d..33748af 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -7,6 +7,9 @@ updates: open-pull-requests-limit: 100 target-branch: "Automatic_version_update_dependabot" rebase-strategy: "auto" + ignore: + # The cicd for TELBlazor manages the version to consume for showcase consuming the package + - dependency-name: "TELBlazor.Components" - package-ecosystem: "npm" directory: "/" From 4371cef4d9e25e6b6fca9987f20baeb8000b84f3 Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Tue, 26 Aug 2025 17:05:28 +0100 Subject: [PATCH 09/20] chore(dependabot): ignore telblazor before fail --- .github/dependabot.yml | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 33748af..58c3332 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,7 +1,19 @@ version: 2 +registries: + nuget-org: + type: nuget-feed + url: https://api.nuget.org/v3/index.json + github-nuget-feed: + type: nuget-feed + url: https://nuget.pkg.github.com/TechnologyEnhancedLearning/index.json + # Though we ignore the feed it will still need to know about it + token: ${{ secrets.NUGETKEY }} updates: - package-ecosystem: "nuget" directory: "/" + registries: + - nuget-org + - github-nuget-feed schedule: interval: "daily" open-pull-requests-limit: 100 @@ -10,7 +22,7 @@ updates: ignore: # The cicd for TELBlazor manages the version to consume for showcase consuming the package - dependency-name: "TELBlazor.Components" - + versions: ["*"] - package-ecosystem: "npm" directory: "/" schedule: From 6d4dd7a0f3fa1cf0f1e59e59b6b0f2cfdba44261 Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Wed, 27 Aug 2025 09:03:52 +0100 Subject: [PATCH 10/20] chore(dependabot): specify registries --- .github/dependabot.yml | 14 ++++++++------ nuget.config.cicd | 4 ++-- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 58c3332..008d59c 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -3,17 +3,19 @@ registries: nuget-org: type: nuget-feed url: https://api.nuget.org/v3/index.json - github-nuget-feed: - type: nuget-feed - url: https://nuget.pkg.github.com/TechnologyEnhancedLearning/index.json - # Though we ignore the feed it will still need to know about it - token: ${{ secrets.NUGETKEY }} + # github-nuget-feed: + # type: nuget-feed + # url: https://nuget.pkg.github.com/TechnologyEnhancedLearning/index.json + # # Though we ignore the feed it will still need to know about it + # # dependabot is more restrictive it needs a better key + # https://docs.github.com/en/code-security/dependabot/working-with-dependabot/configuring-access-to-private-registries-for-dependabot#adding-a-repository-secret-for-dependabot + # token: ${{ secrets.NUGETKEY }} updates: - package-ecosystem: "nuget" directory: "/" registries: - nuget-org - - github-nuget-feed + # - github-nuget-feed schedule: interval: "daily" open-pull-requests-limit: 100 diff --git a/nuget.config.cicd b/nuget.config.cicd index 9905465..67b50a2 100644 --- a/nuget.config.cicd +++ b/nuget.config.cicd @@ -1,8 +1,8 @@ From d549b4e280145be5c1831980bc5f065a4c4022f5 Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Wed, 27 Aug 2025 09:36:33 +0100 Subject: [PATCH 11/20] chore(dependabot): try azure token dont have permission to make new dependabot token --- .github/dependabot.yml | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 008d59c..10c2726 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -3,11 +3,16 @@ registries: nuget-org: type: nuget-feed url: https://api.nuget.org/v3/index.json - # github-nuget-feed: - # type: nuget-feed - # url: https://nuget.pkg.github.com/TechnologyEnhancedLearning/index.json + github-nuget-feed: + type: nuget-feed + url: https://nuget.pkg.github.com/TechnologyEnhancedLearning/index.json + username: "kevin.whittaker" + # Hoping this has the permissions + password: ${{ secrets.AZURE_DEVOPS_PAT }} + # # Though we ignore the feed it will still need to know about it # # dependabot is more restrictive it needs a better key + # # https://github.com/TechnologyEnhancedLearning/TELBlazor/network/updates # https://docs.github.com/en/code-security/dependabot/working-with-dependabot/configuring-access-to-private-registries-for-dependabot#adding-a-repository-secret-for-dependabot # token: ${{ secrets.NUGETKEY }} updates: @@ -15,7 +20,7 @@ updates: directory: "/" registries: - nuget-org - # - github-nuget-feed + - github-nuget-feed schedule: interval: "daily" open-pull-requests-limit: 100 From 8a85e19b7b6ac6b3781b8c286e3403168b992f83 Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Wed, 27 Aug 2025 09:53:33 +0100 Subject: [PATCH 12/20] chore(dependabot): meeting run --- .github/dependabot.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 10c2726..fac4b62 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -8,7 +8,7 @@ registries: url: https://nuget.pkg.github.com/TechnologyEnhancedLearning/index.json username: "kevin.whittaker" # Hoping this has the permissions - password: ${{ secrets.AZURE_DEVOPS_PAT }} + token: ${{ secrets.AZURE_DEVOPS_PAT }} # # Though we ignore the feed it will still need to know about it # # dependabot is more restrictive it needs a better key From 5b4bea852c1b74ec9e1415bbbd03b324a1d2b241 Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Wed, 27 Aug 2025 10:04:44 +0100 Subject: [PATCH 13/20] chore(dependabot): dependabot wasnt config compliant --- .github/dependabot.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index fac4b62..10c2726 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -8,7 +8,7 @@ registries: url: https://nuget.pkg.github.com/TechnologyEnhancedLearning/index.json username: "kevin.whittaker" # Hoping this has the permissions - token: ${{ secrets.AZURE_DEVOPS_PAT }} + password: ${{ secrets.AZURE_DEVOPS_PAT }} # # Though we ignore the feed it will still need to know about it # # dependabot is more restrictive it needs a better key From 267a5389f642e661bb1bf0510bb6351573376941 Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Wed, 27 Aug 2025 10:12:56 +0100 Subject: [PATCH 14/20] chore(dependabot): dependabot token --- .github/dependabot.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 10c2726..f3ebbff 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -7,8 +7,7 @@ registries: type: nuget-feed url: https://nuget.pkg.github.com/TechnologyEnhancedLearning/index.json username: "kevin.whittaker" - # Hoping this has the permissions - password: ${{ secrets.AZURE_DEVOPS_PAT }} + password: ${{ secrets.DEPENDABOT_GIT_PACKAGES_TOKEN }} # # Though we ignore the feed it will still need to know about it # # dependabot is more restrictive it needs a better key From 3116c8f2b3d1dd9a3b8edde8e5a694fb6e241603 Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Wed, 27 Aug 2025 11:02:27 +0100 Subject: [PATCH 15/20] chore(dependabot): just not authorising --- .github/dependabot.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index f3ebbff..f032d3b 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -5,10 +5,13 @@ registries: url: https://api.nuget.org/v3/index.json github-nuget-feed: type: nuget-feed + # Dependabot needs access before it ignores, so still need to access TELBlazor despite ignoring it url: https://nuget.pkg.github.com/TechnologyEnhancedLearning/index.json - username: "kevin.whittaker" + username: kevwhitt-hee password: ${{ secrets.DEPENDABOT_GIT_PACKAGES_TOKEN }} - + ## username: "kevin.whittaker" + ## qqqq del + ## username: "kevin.whittaker" # # Though we ignore the feed it will still need to know about it # # dependabot is more restrictive it needs a better key # # https://github.com/TechnologyEnhancedLearning/TELBlazor/network/updates From 6ca1dd1a44f14512d639585dabcd6403a0643fb5 Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Wed, 27 Aug 2025 13:37:18 +0100 Subject: [PATCH 16/20] chore(dependent): try something while reading --- .github/dependabot.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index f032d3b..f556535 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -7,8 +7,11 @@ registries: type: nuget-feed # Dependabot needs access before it ignores, so still need to access TELBlazor despite ignoring it url: https://nuget.pkg.github.com/TechnologyEnhancedLearning/index.json - username: kevwhitt-hee - password: ${{ secrets.DEPENDABOT_GIT_PACKAGES_TOKEN }} + # not expected to work + username: Phil-NHS + password: ${{ secrets.NUGETKEY }} + ## username: kevwhitt-hee + ## password: ${{ secrets.DEPENDABOT_GIT_PACKAGES_TOKEN }} ## username: "kevin.whittaker" ## qqqq del ## username: "kevin.whittaker" From b448be5045094b6f475fe65025fb2de3e32f54bc Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Wed, 27 Aug 2025 13:42:31 +0100 Subject: [PATCH 17/20] chore(dependabot): background spitfire --- .github/dependabot.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index f556535..38d527e 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -9,7 +9,9 @@ registries: url: https://nuget.pkg.github.com/TechnologyEnhancedLearning/index.json # not expected to work username: Phil-NHS - password: ${{ secrets.NUGETKEY }} + password: ${{ secrets.DEPENDABOT_GIT_PACKAGES_TOKEN }} + + ## password: ${{ secrets.NUGETKEY }}# No access to the secret as expected ## username: kevwhitt-hee ## password: ${{ secrets.DEPENDABOT_GIT_PACKAGES_TOKEN }} ## username: "kevin.whittaker" From 2c8c69a5b0988163a0b033dc22c29b942867b629 Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Wed, 27 Aug 2025 14:26:45 +0100 Subject: [PATCH 18/20] chore(dependabot): surely not --- .github/dependabot.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 38d527e..dcd1d80 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -8,11 +8,12 @@ registries: # Dependabot needs access before it ignores, so still need to access TELBlazor despite ignoring it url: https://nuget.pkg.github.com/TechnologyEnhancedLearning/index.json # not expected to work - username: Phil-NHS - password: ${{ secrets.DEPENDABOT_GIT_PACKAGES_TOKEN }} + token: ${{ secrets.DEPENDABOT_GIT_PACKAGES_TOKEN }} + # username: Phil-NHS + # password: ${{ secrets.DEPENDABOT_GIT_PACKAGES_TOKEN }} ## password: ${{ secrets.NUGETKEY }}# No access to the secret as expected - ## username: kevwhitt-hee + ## username: kevwhitt-hee <- should be this really kevin made the pat ## password: ${{ secrets.DEPENDABOT_GIT_PACKAGES_TOKEN }} ## username: "kevin.whittaker" ## qqqq del From ad905622199f33bad2ed0616a4ef8e99df6424e4 Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Wed, 27 Aug 2025 15:55:32 +0100 Subject: [PATCH 19/20] chore(dependabot): allow dependabot commit names --- .github/dependabot.yml | 16 +--------------- .github/workflows/reuseable-ci-checks.yml | 21 ++++++++++++++++----- 2 files changed, 17 insertions(+), 20 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index dcd1d80..4d54b00 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -7,22 +7,8 @@ registries: type: nuget-feed # Dependabot needs access before it ignores, so still need to access TELBlazor despite ignoring it url: https://nuget.pkg.github.com/TechnologyEnhancedLearning/index.json - # not expected to work token: ${{ secrets.DEPENDABOT_GIT_PACKAGES_TOKEN }} - # username: Phil-NHS - # password: ${{ secrets.DEPENDABOT_GIT_PACKAGES_TOKEN }} - - ## password: ${{ secrets.NUGETKEY }}# No access to the secret as expected - ## username: kevwhitt-hee <- should be this really kevin made the pat - ## password: ${{ secrets.DEPENDABOT_GIT_PACKAGES_TOKEN }} - ## username: "kevin.whittaker" - ## qqqq del - ## username: "kevin.whittaker" - # # Though we ignore the feed it will still need to know about it - # # dependabot is more restrictive it needs a better key - # # https://github.com/TechnologyEnhancedLearning/TELBlazor/network/updates - # https://docs.github.com/en/code-security/dependabot/working-with-dependabot/configuring-access-to-private-registries-for-dependabot#adding-a-repository-secret-for-dependabot - # token: ${{ secrets.NUGETKEY }} + updates: - package-ecosystem: "nuget" directory: "/" diff --git a/.github/workflows/reuseable-ci-checks.yml b/.github/workflows/reuseable-ci-checks.yml index 28611f4..f213cda 100644 --- a/.github/workflows/reuseable-ci-checks.yml +++ b/.github/workflows/reuseable-ci-checks.yml @@ -143,8 +143,6 @@ jobs: status: ${{ job.status }} runs-on: ubuntu-latest - - steps: # Checkout so can get access to the file - name: Checkout repository @@ -207,11 +205,24 @@ jobs: outputs: status: ${{ job.status }} steps: - - uses: actions/checkout@v4 + - name: Checkout repository + uses: actions/checkout@v4 with: fetch-depth: 0 - - - uses: wagoid/commitlint-github-action@v5 + + - name: Check branch and run commitlint + run: | + BRANCH_NAME="${GITHUB_HEAD_REF:-${GITHUB_REF_NAME}}" + echo "Branch name: $BRANCH_NAME" + if [[ "$BRANCH_NAME" =~ ^dependabot/ ]]; then + echo "✅ Branch is a dependabot branch - skipping commitlint" + exit 0 + else + echo "Regular branch - will run commitlint in next step" + fi + + - name: Run commitlint action + uses: wagoid/commitlint-github-action@v5 with: configFile: .commitlintrc.json # Only set from/to if inputs are provided, otherwise let action use defaults From b6d18cae2ddb8ab19ca43d786c8e119f3e88a0f3 Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Wed, 27 Aug 2025 16:43:33 +0100 Subject: [PATCH 20/20] chore(yaml): use most recent yaml where appropriate --- .github/workflows/dev.yml | 1 + .github/workflows/pull_request.yml | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml index ab4a1d9..c7d75b6 100644 --- a/.github/workflows/dev.yml +++ b/.github/workflows/dev.yml @@ -29,6 +29,7 @@ jobs: dev-call-reusable-ci-checks-workflow: name: Dev Run CI checks + # Not using @master so it uses its own check rules uses: ./.github/workflows/reuseable-ci-checks.yml with: runall: true diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml index 371ddcc..134eabe 100644 --- a/.github/workflows/pull_request.yml +++ b/.github/workflows/pull_request.yml @@ -14,7 +14,7 @@ jobs: pull-request-call-reusable-ci-checks-workflow: name: Pull Request run CI Checks - uses: ./.github/workflows/reuseable-ci-checks.yml + uses: ./.github/workflows/reuseable-ci-checks.yml@master needs: dummy with: runall: true