chore(ci): remove emojis from workflows to comply with repo standards

- Keep messaging clear and consistent

Author: casibbald

.github/workflows/helm.yaml.disabled

@@ -51,12 +51,12 @@ jobs:
       # in the unified-release.yaml workflow. This manual step is no longer needed.
       - name: Chart Update Notice
         run: |
-          echo "ℹ️  Chart version updates are now handled automatically by release-please"
-          echo "📋 The unified-release.yaml workflow will update:"
+          echo "Chart version updates are now handled automatically by release-please"
+          echo "The unified-release.yaml workflow will update:"
           echo "   - Chart appVersion to match application version"
           echo "   - Chart version to match application version (without 'v' prefix)"
           echo "   - Image tag in values.yaml"
-          echo "✅ No manual chart updates required"
+          echo "No manual chart updates required"
       - name: Generate updated helm reference
         # Needs to run after chart update, before docs update
         run: |
@@ -101,13 +101,13 @@ jobs:
           base: main
           title: "chore(release): Updates for ${{ env.GITOPS_VERSION }}"
           body: |
-           ## ⚠️ Breaking changes
+           ## Breaking changes
            Describe any breaking changes here, or delete this block
 
-           ## ✍️ Action required
+           ## Action required
            Describe any user facing actions here, or delete this block.
 
-           ## 💸 Features and improvements
+           ## Features and improvements
            Describe any user facing changes here, or delete this block.
 
            Examples of user facing changes:

.github/workflows/prepare-release.yaml

@@ -1,59 +1,79 @@
 ---
-name: release-please-legacy
+name: Unified Release
 
-# DISABLED: This workflow has been replaced by unified-release.yaml
-# The unified workflow handles both application and Helm chart releases synchronously
 on:
-  workflow_dispatch:
-    inputs:
-      force_run:
-        description: 'Force run legacy workflow (for emergency use only)'
-        required: true
-        default: 'false'
-        type: choice
-        options:
-          - 'false'
-          - 'true'
+  push:
+    branches:
+      - main
 
 permissions:
   contents: read
 
 jobs:
-  legacy-workflow-notice:
-    runs-on: ubuntu-latest
-    if: "${{ github.event.inputs.force_run != 'true' }}"
-    steps:
-      - name: Legacy workflow notice
-        run: |
-          echo "❌ This legacy workflow has been disabled"
-          echo "✅ Use the unified-release.yaml workflow instead"
-          echo "🔄 The unified workflow synchronizes both app and Helm chart releases"
-          echo ""
-          echo "If you need to run this legacy workflow for emergency purposes:"
-          echo "1. Re-run this workflow"
-          echo "2. Set 'force_run' input to 'true'"
-          exit 1
-
   release-please:
     runs-on: ubuntu-latest
     permissions:
       contents: write
       pull-requests: write
-    if: "${{ github.repository_owner == 'weaveworks' && github.event.inputs.force_run == 'true' }}"
+    if: "${{ github.repository_owner == 'weaveworks' && github.ref_name == 'main' }}"
     outputs:
       release_created: ${{ steps.release-please.outputs.release_created }}
       tag_name: ${{ steps.release-please.outputs.tag_name }}
       version: ${{ steps.release-please.outputs.version }}
+      major: ${{ steps.release-please.outputs.major }}
+      minor: ${{ steps.release-please.outputs.minor }}
+      patch: ${{ steps.release-please.outputs.patch }}
     steps:
       - name: Release Please
         id: release-please
         uses: googleapis/release-please-action@a02a34c4d625f9be7cb89156071d8567266a2445 # v4.2.0
         with:
           token: ${{ secrets.WEAVE_GITOPS_BOT_ACCESS_TOKEN }}
 
-  publish-npm-package:
+  validate-versions:
     needs: release-please
     runs-on: ubuntu-latest
+    if: "${{ needs.release-please.outputs.release_created }}"
+    steps:
+      - name: Checkout
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      
+      - name: Validate chart version synchronization
+        run: |
+          APP_VERSION="${{ needs.release-please.outputs.version }}"
+          CHART_APP_VERSION=$(yq e '.appVersion' charts/gitops-server/Chart.yaml)
+          CHART_VERSION=$(yq e '.version' charts/gitops-server/Chart.yaml)
+          IMAGE_TAG=$(yq e '.image.tag' charts/gitops-server/values.yaml)
+          
+          echo "Application Version: $APP_VERSION"
+          echo "Chart AppVersion: $CHART_APP_VERSION"
+          echo "Chart Version: $CHART_VERSION"
+          echo "Image Tag: $IMAGE_TAG"
+          
+          # Validate that chart appVersion matches application version
+          if [[ "$CHART_APP_VERSION" != "$APP_VERSION" ]]; then
+            echo "Error: Chart appVersion ($CHART_APP_VERSION) does not match application version ($APP_VERSION)"
+            exit 1
+          fi
+          
+          # Validate that image tag matches application version
+          if [[ "$IMAGE_TAG" != "$APP_VERSION" ]]; then
+            echo "Error: Image tag ($IMAGE_TAG) does not match application version ($APP_VERSION)"
+            exit 1
+          fi
+          
+          # Validate that chart version follows expected pattern (remove 'v' prefix from app version)
+          EXPECTED_CHART_VERSION=$(echo "$APP_VERSION" | sed 's/^v//')
+          if [[ "$CHART_VERSION" != "$EXPECTED_CHART_VERSION" ]]; then
+            echo "Error: Chart version ($CHART_VERSION) does not match expected version ($EXPECTED_CHART_VERSION)"
+            exit 1
+          fi
+          
+          echo "All versions are synchronized correctly"
+
+  publish-npm-package:
+    needs: [release-please, validate-versions]
+    runs-on: ubuntu-latest
     permissions:
       packages: write # needed for GitHub Packages registry access
     if: "${{ needs.release-please.outputs.release_created }}"
@@ -72,7 +92,7 @@ jobs:
           NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
   build-and-push-image:
-    needs: release-please
+    needs: [release-please, validate-versions]
     uses: ./.github/workflows/build-push-image.yaml
     with:
       file: gitops-server.dockerfile
@@ -91,48 +111,81 @@ jobs:
     if: "${{ needs.release-please.outputs.release_created }}"
 
   build-and-push-chart:
-    needs:
-      - release-please
-      - build-and-push-image # as we want to push chart when images are available
+    needs: [release-please, validate-versions, build-and-push-image]
     runs-on: ubuntu-latest
     permissions:
       contents: read # for actions/checkout to fetch code
       id-token: write # for Cosign to be able to sign chart with GHA token
       packages: write # for helm to push OCI chart
-    if: "${{ needs.release-please.outputs['charts/gitops-server--release_created'] }}"
+    if: "${{ needs.release-please.outputs.release_created }}"
     steps:
       - name: Checkout
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      
+      - name: Validate chart before packaging
+        run: |
+          APP_VERSION="${{ needs.release-please.outputs.version }}"
+          CHART_VERSION=$(yq e '.version' charts/gitops-server/Chart.yaml)
+          
+          echo "Packaging chart version: $CHART_VERSION for app version: $APP_VERSION"
+          
+          # Validate chart syntax
+          helm lint charts/gitops-server/
+          
       - name: Package chart
         run: |
           mkdir helm-release
           helm package charts/gitops-server/ -d helm-release
+          
+          # List packaged chart for verification
+          ls -la helm-release/
+          
       - name: Log in to the Container registry
         uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
+          
       - name: Publish chart
         id: publish-chart
         run: |
-          helm push helm-release/weave-gitops-${{ needs.release-please.outputs['charts/gitops-server--version'] }}.tgz \
-            oci://ghcr.io/weaveworks/charts &> helm-release/push-metadata.txt
+          CHART_VERSION=$(yq e '.version' charts/gitops-server/Chart.yaml)
+          CHART_FILE="helm-release/weave-gitops-${CHART_VERSION}.tgz"
+          
+          if [[ ! -f "$CHART_FILE" ]]; then
+            echo "Error: Chart file $CHART_FILE not found"
+            ls -la helm-release/
+            exit 1
+          fi
+          
+          echo "Publishing chart: $CHART_FILE"
+          helm push "$CHART_FILE" oci://ghcr.io/weaveworks/charts &> helm-release/push-metadata.txt
+          
+          # Extract digest for signing
           CHART_DIGEST=$(awk '/Digest: /{print $2}' helm-release/push-metadata.txt)
+          echo "Chart digest: $CHART_DIGEST"
           echo "digest=$CHART_DIGEST" >> $GITHUB_OUTPUT
+          
+          # Display push metadata for debugging
+          echo "Push metadata:"
+          cat helm-release/push-metadata.txt
+          
       - name: Install cosign
         uses: sigstore/cosign-installer@398d4b0eeef1380460a10c8013a76f728fb906ac # v3.9.1
+        
       - name: Keyless signing of chart
         run: |
           cosign sign --yes ghcr.io/weaveworks/charts@${{ steps.publish-chart.outputs.digest }}
+          
       - name: Verify the chart signing
         run: |
           cosign verify ghcr.io/weaveworks/charts@${{ steps.publish-chart.outputs.digest }} \
             --certificate-identity "https://github.com/${{ github.workflow_ref }}" \
             --certificate-oidc-issuer "https://token.actions.githubusercontent.com" | jq .
 
   goreleaser:
-    needs: release-please
+    needs: [release-please, validate-versions]
     runs-on: ubuntu-latest
     permissions:
       contents: read # for actions/checkout to fetch code
@@ -160,3 +213,28 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.WEAVE_GITOPS_BOT_ACCESS_TOKEN }}
           BOT_TOKEN: ${{ secrets.WEAVE_GITOPS_BOT_ACCESS_TOKEN }}
+
+  create-release-summary:
+    needs: [release-please, validate-versions, publish-npm-package, build-and-push-image, build-and-push-chart, goreleaser]
+    runs-on: ubuntu-latest
+    if: "${{ needs.release-please.outputs.release_created }}"
+    steps:
+      - name: Create release summary
+        run: |
+          echo "# Release Summary" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "**Version:** ${{ needs.release-please.outputs.version }}" >> $GITHUB_STEP_SUMMARY
+          echo "**Tag:** ${{ needs.release-please.outputs.tag_name }}" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "## Components Released" >> $GITHUB_STEP_SUMMARY
+          echo "- Application binaries (GoReleaser)" >> $GITHUB_STEP_SUMMARY
+          echo "- Container images (ghcr.io/weaveworks/wego-app)" >> $GITHUB_STEP_SUMMARY
+          echo "- Helm chart (ghcr.io/weaveworks/charts)" >> $GITHUB_STEP_SUMMARY
+          echo "- NPM package (@weaveworks scope)" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "## Version Synchronization" >> $GITHUB_STEP_SUMMARY
+          echo "All components have been released with synchronized versions:" >> $GITHUB_STEP_SUMMARY
+          echo "- Application: ${{ needs.release-please.outputs.version }}" >> $GITHUB_STEP_SUMMARY
+          echo "- Chart AppVersion: ${{ needs.release-please.outputs.version }}" >> $GITHUB_STEP_SUMMARY
+          echo "- Chart Version: $(echo '${{ needs.release-please.outputs.version }}' | sed 's/^v//')" >> $GITHUB_STEP_SUMMARY
+          echo "- Image Tag: ${{ needs.release-please.outputs.version }}" >> $GITHUB_STEP_SUMMARY