Update release

.github/CODEOWNERS

@@ -0,0 +1,3 @@
+# https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners
+
+*    @zgosalvez

.github/CONTRIBUTING.md

@@ -0,0 +1,14 @@
+# Contributing
+
+## Welcome
+Thank you for contributing to this repository! :bow:
+
+## Process
+1. Create a branch with the following [supported](pr-labeler.yml) prefixes:
+   - `feature/` (i.e., enhancements)
+    - `hotfix/` (i.e., bug fixes)
+2. Make changes
+3. Create a PR to the `main` branch
+
+### Release
+Whenever a release is published, a PR should be made from `main` to the appropriate `release/v*` branch.

.github/README.md

@@ -1,37 +1,61 @@
 # GitHub Actions: Flutter Workflows
 
-This sample project allows you to leverage GitHub Actions to run common Flutter workflows. These are based on the workflows found in the [Flutter Gallery](https://github.com/flutter/gallery) repository.
+This sample project allows you to leverage GitHub Actions to run common Flutter workflows. These are based on the workflows found in the [Flutter Gallery](https://github.com/flutter/gallery) repository. Continue reading to apply these to your Flutter project.
+
+## Disclaimer
+This is still in active development, and it currently supports iOS and Android deployments only. Please [open a pull request](CONTRIBUTING.md) to support other platforms.
 
 ## Usage
 
-Create a workflow `.yml` file in your `.github/workflows` directory. Example workflows are available in this repository. For more information, reference the GitHub Help Documentation for [Creating a workflow file](https://help.github.com/en/articles/configuring-a-workflow#creating-a-workflow-file).
+Create workflows in your `.github/workflows` directory. Examples are available in this repository. For more information, see the GitHub Help Documentation for [Creating a workflow file](https://help.github.com/en/articles/configuring-a-workflow#creating-a-workflow-file).
+
+*Note:* Although this Flutter project works as-is, consider tailoring these workflows to your needs. If you're starting from scratch, copying and pasting will work as long as you follow the [GitHub flow](https://guides.github.com/introduction/flow/) and [release based workflow](https://lab.github.com/githubtraining/create-a-release-based-workflow).
 
-## Workflows
+### Protected Branches
+Recommended rules for the `main` and `release/v*` branches:
+- [x] Require status checks to pass before merging
+  - [x] Require branches to be up to date before merging
+  - [x] Check security hardening
+  - [x] Generate coverage report
+  - [x] Run static testing
+  - [x] Run unit testing
+  - [x] Run widget testing
 
-All workflows use the [Ensure SHA Pinned Actions](https://github.com/marketplace/actions/ensure-sha-pinned-actions) action to ensure security hardening.
+### Workflows
 
-_Note:_ The [Get the Flutter Version Environment](https://github.com/marketplace/actions/get-the-flutter-version-environment) action requires that the [`pubspec.yaml`](pubspec.yaml) file contains an `environment:flutter:` key. This is used for installing Flutter in the workflows.
+- All of the workflows here use the [Ensure SHA Pinned Actions](https://github.com/marketplace/actions/ensure-sha-pinned-actions) action to ensure security hardening.
+- The [Get the Flutter Version Environment](https://github.com/marketplace/actions/get-the-flutter-version-environment) action requires that the [`pubspec.yaml`](../pubspec.yaml#L22) file contains an `environment:flutter:` key, which is used for installing Flutter with the correct version.
 
-### Continuous Integration
+#### Continuous Integration
 [![CI](https://github.com/zgosalvez/github-actions-flutter-workflow/workflows/CI/badge.svg)](https://github.com/zgosalvez/github-actions-flutter-workflow/actions?query=workflow%3ACI)
 
 [`.github/workflows/ci.yml`](workflows/ci.yml)
 
-Also known as CI, Continuous Integration runs Flutter static and dynamic tests on every pull request to `main`, then the coverage report is stored as an artifact for reference. Modify the workflow to further process the code coverage file using [code quality](https://github.com/marketplace?type=actions) or [code review](https://github.com/marketplace?category=code-review&type=actions) actions.
+Also known as CI, Continuous Integration runs Flutter static and dynamic tests on *every pull request* to `main` and `release/v*`, then the coverage report is stored as an artifact for reference. A comment is added to the pull request on every run as seen here, [#10 (comment)](https://github.com/zgosalvez/github-actions-flutter-workflows/pull/10#issuecomment-753592566). Modify the workflow to further process the code coverage file using [code quality](https://github.com/marketplace?type=actions) or [code review](https://github.com/marketplace?category=code-review&type=actions) actions.
 
-### Continuous Delivery
+Testing is split into unit and widget tests. These are found in the `test/units` and `test/widgets` directories, respectively. The CI runs these in parallel to optimize for workflow throughput, especially on a large project with a considerable number of test cases.
+
+#### Continuous Delivery
 [![CDelivery](https://github.com/zgosalvez/github-actions-flutter-workflow/workflows/CDelivery/badge.svg)](https://github.com/zgosalvez/github-actions-flutter-workflow/actions?query=workflow%3ACDelivery)
 
 [`.github/workflows/cdelivery.yml`](workflows/cdelivery.yml)
 
-Also known as CDelivery (not to be mistaken with another CD, Continuous Deployment), Continuous Delivery reruns the same Flutter static and dynamic tests from the CI on every push to `main`, then a pre-release draft is created. Manually, remove the pre-release mark after it has been deployed and released to the app store.
+Also known as CDelivery (not to be mistaken with another CD, i.e., Continuous Deployment), Continuous Delivery drafts a pre-release on *every push* to `main`. For the draft to populate with the release notes, pull requests should be `main` based. Manually remove the pre-release mark after it has been deployed and released to the app store.
+
+[`.github/workflows/pull_request-opened.yml`](workflows/pull_request-opened.yml)
 
-### Deployment
+To draft the release this workflow uses the [Release Drafter](https://github.com/marketplace/actions/release-drafter) action to compile the pull requests and categorizes it using the [PR Labeler](https://github.com/marketplace/actions/pr-labeler) action. Add the [`.github/release-drafter.yml`](release-drafter.yml) and [`.github/pr-labeler.yml`](pr-labeler.yml) files in your project since these are required configurations for these actions, respectively. Customize the configuration files as needed.
+
+#### Deployment
 [![Deployment](https://github.com/zgosalvez/github-actions-flutter-workflow/workflows/Deployment/badge.svg)](https://github.com/zgosalvez/github-actions-flutter-workflow/actions?query=workflow%3ADeployment)
 
 [`.github/workflows/deployment.yml`](workflows/deployment.yml)
 
-Deployment is triggered when the release draft is published. It reruns the same Flutter static and dynamic tests from the CI before running Flutter's build commands. The app version used is based on the release tag, not the name. Lastly, build artifacts are uploaded as release assets.
+Deployment is triggered when the release draft (or any release) is published. It reruns the same Flutter static and dynamic tests from the CI before running Flutter's build commands. The app version used is based on the release tag, not the name. Lastly, build artifacts are uploaded as release assets.
+
+### Dependabot
+
+This includes a [`.github/dependabot.yml`](dependabot.yml) file that allows Dependabot to maintain the GitHub Actions used in these workflows. For more information, see the GitHub Documentation for [Keeping your dependencies updated automatically](https://docs.github.com/en/github/administering-a-repository/keeping-your-dependencies-updated-automatically).
 
 ## License
 The scripts and documentation in this project are released under the [MIT License](LICENSE)

.github/dependabot.yml

@@ -0,0 +1,6 @@
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"

.github/pr-labeler.yml

@@ -0,0 +1,2 @@
+enhancement: feature/*
+bug: hotfix/*

.github/workflows/cdelivery.yml

@@ -10,84 +10,20 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Clone the repository
-      uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4
+      uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
     - name: Ensure SHA pinned actions
-      uses: zgosalvez/github-actions-ensure-sha-pinned-actions@e70e07ef05f0a3bf1483fde3c50eeab9c1805041 # v1.0.1
-
-  testing:
-    name: Run ${{ matrix.category }} testing
-    needs: security_hardening
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        category: [static, unit, widget]
-      fail-fast: false
-    steps:
-    - name: Clone the repository
-      uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4
-      with:
-        path: code
-    - name: Get Flutter version
-      id: get-flutter-version
-      uses: zgosalvez/github-actions-get-flutter-version-env@2106839043b63948638cf22ee33718862fdcc57d # v1.1.2
-      with:
-        pubspec-file-path: code/pubspec.yaml
-    - name: Cache Flutter
-      id: flutter-cache
-      uses: actions/cache@0781355a23dac32fd3bac414512f4b903437991a # v2.1.3
-      with:
-        path: flutter
-        key: ${{ env.cache-name }}-ubuntu-latest-${{ steps.get-flutter-version.outputs.version }}-${{ hashFiles('code/pubspec.lock') }}
-        restore-keys: |
-          ${{ env.cache-name }}-ubuntu-latest-${{ steps.get-flutter-version.outputs.version }}-
-          ${{ env.cache-name }}-ubuntu-latest-
-          ${{ env.cache-name }}-
-      env:
-        cache-name: flutter-cache
-    - name: Clone the Flutter repository
-      if: steps.flutter-cache.outputs.cache-hit != 'true'
-      uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4
-      with:
-        repository: flutter/flutter
-        ref: ${{ steps.get-flutter-version.outputs.version }}
-        path: flutter
-    - name: Add the flutter tool to the path
-      run: |
-        echo "$GITHUB_WORKSPACE/flutter/bin" >> $GITHUB_PATH
-        echo "$GITHUB_WORKSPACE/flutter/bin/cache/dart-sdk/bin" >> $GITHUB_PATH
-    - name: Populate the Flutter tool's cache of binary artifacts
-      if: steps.flutter-cache.outputs.cache-hit != 'true'
-      run: |
-        flutter config --no-analytics
-        flutter precache
-    - name: Get Flutter packages
-      run: flutter pub get
-      working-directory: code
-
-    # static testing
-    - name: Analyze Flutter
-      if: matrix.category == 'static'
-      uses: zgosalvez/github-actions-analyze-flutter@f5a4e9edfc655081eb438cf5901f1d48c9e5d281 # v1.3.2
-      with:
-        fail-on-warnings: true
-        working-directory: code
-
-    # unit testing
-    - name: Run Flutter ${{ matrix.category }} tests
-      if: matrix.category != 'static'
-      run: flutter test --no-pub test/${{ matrix.category }}s
-      working-directory: code
+      uses: zgosalvez/github-actions-ensure-sha-pinned-actions@8877889a5717dad0b139f1d2925689aa68f88a43
 
   draft_release:
     name: Draft a release
-    needs: testing
+    needs: security_hardening
     runs-on: ubuntu-latest
     steps:
     - name: Clone the repository
-      uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4
+      uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
     - name: Draft the release
       id: release-drafter
-      uses: release-drafter/release-drafter@3782ccd1a495040818a9e5d0e8bc4ed22d3b1361 # v5.12.1
+      uses: release-drafter/release-drafter@fe52e97d262833ae07d05efaf1a239df3f1b5cd4
       with:
         prerelease: true
       env:

.github/workflows/ci.yml

@@ -2,17 +2,19 @@ name: CI
 
 on:
   pull_request:
-    branches: [ main ]
+    branches:
+      - main
+      - release/v*
 
 jobs:
   security_hardening:
     name: Check security hardening
     runs-on: ubuntu-latest
     steps:
     - name: Clone the repository
-      uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4
+      uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
     - name: Ensure SHA pinned actions
-      uses: zgosalvez/github-actions-ensure-sha-pinned-actions@e70e07ef05f0a3bf1483fde3c50eeab9c1805041 # v1.0.1
+      uses: zgosalvez/github-actions-ensure-sha-pinned-actions@8877889a5717dad0b139f1d2925689aa68f88a43
 
   testing:
     name: Run ${{ matrix.category }} testing
@@ -24,17 +26,17 @@ jobs:
       fail-fast: false
     steps:
     - name: Clone the repository
-      uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4
+      uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
       with:
         path: code
     - name: Get Flutter version
       id: get-flutter-version
-      uses: zgosalvez/github-actions-get-flutter-version-env@2106839043b63948638cf22ee33718862fdcc57d # v1.1.2
+      uses: zgosalvez/github-actions-get-flutter-version-env@b5f12dbe2915d60c827758258d6193df1dacca1d
       with:
         pubspec-file-path: code/pubspec.yaml
     - name: Cache Flutter
       id: flutter-cache
-      uses: actions/cache@0781355a23dac32fd3bac414512f4b903437991a # v2.1.3
+      uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684
       with:
         path: flutter
         key: ${{ env.cache-name }}-ubuntu-latest-${{ steps.get-flutter-version.outputs.version }}-${{ hashFiles('code/pubspec.lock') }}
@@ -46,7 +48,7 @@ jobs:
         cache-name: flutter-cache
     - name: Clone the Flutter repository
       if: steps.flutter-cache.outputs.cache-hit != 'true'
-      uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4
+      uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
       with:
         repository: flutter/flutter
         ref: ${{ steps.get-flutter-version.outputs.version }}
@@ -63,25 +65,21 @@ jobs:
     - name: Get Flutter packages
       run: flutter pub get
       working-directory: code
-
-    # static testing
     - name: Analyze Flutter
       if: matrix.category == 'static'
-      uses: zgosalvez/github-actions-analyze-flutter@f5a4e9edfc655081eb438cf5901f1d48c9e5d281 # v1.3.2
+      uses: zgosalvez/github-actions-analyze-dart@92375956021937d35938504eefb62b18bfebb154
       with:
         fail-on-warnings: true
         working-directory: code
-
-    # unit testing
     - name: Run Flutter ${{ matrix.category }} tests
       if: matrix.category != 'static'
       run: flutter test --no-pub --coverage --coverage-path=./coverage/lcov.${{ matrix.category }}.info test/${{ matrix.category }}s
       working-directory: code
     - name: Upload code coverage to GitHub
       if: matrix.category != 'static'
-      uses: actions/upload-artifact@726a6dcd0199f578459862705eed35cda05af50b # v2.2.1
+      uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02
       with:
-        name: code-coverage
+        name: code-coverage-${{ matrix.category }}
         path: code/coverage/lcov.${{ matrix.category }}.info
 
   coverage_report:
@@ -90,14 +88,15 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Clone the repository
-      uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4
+      uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
     - name: Download code coverage from GitHub
-      uses: actions/download-artifact@f144d3c3916a86f4d6b11ff379d17a49d8f85dbc # v2.0.7
+      uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e
       with:
-        name: code-coverage
         path: coverage
+        name: code-coverage-*
+        merge-multiple: true
     - name: Report code coverage
-      uses: zgosalvez/github-actions-report-lcov@dbddb87c1dcd9525e7ebb88700278d58ec7b2f9e # v1.1.0
+      uses: zgosalvez/github-actions-report-lcov@49af65b0586c274a625a41a2dc8aaaae7d00568b
       with:
         coverage-files: coverage/lcov.*.info
         minimum-coverage: 90