From f468d2ebde7378ff8a61030ed116e39db86ef1b9 Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Fri, 29 Aug 2025 12:05:15 +0100 Subject: [PATCH 1/9] chore(cicd): cron jobs for dependabot promotion --- ...e-dependabot-prs-into-collected-branch.yml | 2 +- ...collected-dependabot-staging-to-master.yml | 48 +++++++++++++++++++ .../collected-dependabot-to-staging.yml | 45 +++++++++++++++++ .github/workflows/workflow-readme.md | 2 +- .releaserc.json | 10 +++- 5 files changed, 103 insertions(+), 4 deletions(-) create mode 100644 .github/workflows/collected-dependabot-staging-to-master.yml create mode 100644 .github/workflows/collected-dependabot-to-staging.yml diff --git a/.github/workflows/automerge-dependabot-prs-into-collected-branch.yml b/.github/workflows/automerge-dependabot-prs-into-collected-branch.yml index f1ba083..6021872 100644 --- a/.github/workflows/automerge-dependabot-prs-into-collected-branch.yml +++ b/.github/workflows/automerge-dependabot-prs-into-collected-branch.yml @@ -1,6 +1,6 @@ # This script seperate major and minor but we do merge them into the same branch. # Having two steps allows us to easily turn off major changes in future and then script them to their own branch and pipeline. -name: Auto-merge Dependabot PRs +name: Auto-merge Dependabot PRs into collected branch on: pull_request: types: [opened, synchronize] diff --git a/.github/workflows/collected-dependabot-staging-to-master.yml b/.github/workflows/collected-dependabot-staging-to-master.yml new file mode 100644 index 0000000..822ba31 --- /dev/null +++ b/.github/workflows/collected-dependabot-staging-to-master.yml @@ -0,0 +1,48 @@ +name: Collected Dependabot Promotion From Staging To Master +on: + schedule: + # we want the opposite weeks to staging so we get a week where it occurs in manual testing + - cron: '0 9 8-14 * 1' # Second Monday of month + - cron: '0 9 22-28 * 1' # Fourth Monday of month + workflow_dispatch: + +jobs: + promote-to-master: + runs-on: ubuntu-latest + permissions: + contents: write + pull-requests: write + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Check for changes + id: changes + run: | + git fetch origin Automatic_collected_dependabot_staging:Automatic_collected_dependabot_staging + git fetch origin master:master # or main/master - whatever your prod branch is + + if git diff --quiet master Automatic_collected_dependabot_staging; then + echo "has_changes=false" >> $GITHUB_OUTPUT + else + echo "has_changes=true" >> $GITHUB_OUTPUT + fi + + - name: Create PR to master + if: steps.changes.outputs.has_changes == 'true' + run: | + if gh pr list --head Automatic_collected_dependabot_staging --base master --json number --jq '.[0].number' | grep -q .; then + echo "PR already exists, skipping creation" + else + gh pr create \ + --base master \ + --head Automatic_collected_dependabot_staging \ + --title "Fortnightly dependabot collected master promotion - $(date +%Y-%m-%d)" \ + --body "Automated weekly promotion from staging to master after testing period" \ + --auto-merge \ + --merge + fi + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/collected-dependabot-to-staging.yml b/.github/workflows/collected-dependabot-to-staging.yml new file mode 100644 index 0000000..4306f22 --- /dev/null +++ b/.github/workflows/collected-dependabot-to-staging.yml @@ -0,0 +1,45 @@ +name: Dependabot Collected Promotion To Staging +# this logic will require branch ruleset checks of running the dev pipeline +on: + schedule: + # Promotion from staging to release should be a week apart so alternating weeks (also live updates dangerous) + - cron: '0 9 1-7 * 1' # First Monday of month + - cron: '0 9 15-21 * 1' # Third Monday of month + workflow_dispatch: # Allow manual trigger + +jobs: + promote-to-automatic-collected-dependabot-staging: + runs-on: ubuntu-latest + permissions: + contents: write + pull-requests: write + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Check for changes + id: changes + run: | + git fetch origin Automatic_version_update_dependabot:Automatic_version_update_dependabot + git fetch origin Automatic_collected_dependabot_staging:Automatic_collected_dependabot_staging + + if git diff --quiet Automatic_collected_dependabot_staging Automatic_version_update_dependabot; then + echo "has_changes=false" >> $GITHUB_OUTPUT + else + echo "has_changes=true" >> $GITHUB_OUTPUT + fi + + - name: Create PR to Automatic_collected_dependabot_staging + if: steps.changes.outputs.has_changes == 'true' + run: | + gh pr create \ + --base Automatic_collected_dependabot_staging \ + --head Automatic_version_update_dependabot \ + --title "Fortnightly dependabot collected to staging - $(date +%Y-%m-%d)" \ + --body "Automated Fortnightly promotion of dependency updates from dependabot" \ + --auto-merge \ + --merge + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/workflow-readme.md b/.github/workflows/workflow-readme.md index 170fdf9..e008223 100644 --- a/.github/workflows/workflow-readme.md +++ b/.github/workflows/workflow-readme.md @@ -84,7 +84,7 @@ The individual steps also automatically pass so can see if any error at the end - dependabot duplicates tokens using dependabot secrets including write so can run checks - autoverging is being tried for major and minor - branch checks must pass for merge on automated_version - +- checks required but overrideable for all workflows ## Versioning Via semantic release and recorded as a generate c# file used by a blazor component diff --git a/.releaserc.json b/.releaserc.json index d7dbe06..d3ba112 100644 --- a/.releaserc.json +++ b/.releaserc.json @@ -1,10 +1,16 @@ { "branches": [ { - "name": "master" + "name": "master", + "prerelease": false }, { - "name": "Automatic_version_update_dependabot" + "name": "Automatic_version_update_dependabot", + "prerelease": false + }, + { + "name": "Automatic_collected_dependabot_staging", + "prerelease": true }, { "name": "feat-*", From b9f31a4cb3945b86d3b3ec4afdd3fa271014b1c1 Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Fri, 29 Aug 2025 12:37:06 +0100 Subject: [PATCH 2/9] chore(dependabot): is relesearc breaking --- .releaserc.json | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.releaserc.json b/.releaserc.json index d3ba112..58f0d4f 100644 --- a/.releaserc.json +++ b/.releaserc.json @@ -2,15 +2,9 @@ "branches": [ { "name": "master", - "prerelease": false }, { "name": "Automatic_version_update_dependabot", - "prerelease": false - }, - { - "name": "Automatic_collected_dependabot_staging", - "prerelease": true }, { "name": "feat-*", From ef8aaf870b1c087c17cdd50eefe863b54ced6d2f Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Fri, 29 Aug 2025 12:41:01 +0100 Subject: [PATCH 3/9] chore(releaserc): config file fix --- .releaserc.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.releaserc.json b/.releaserc.json index 58f0d4f..d7dbe06 100644 --- a/.releaserc.json +++ b/.releaserc.json @@ -1,10 +1,10 @@ { "branches": [ { - "name": "master", + "name": "master" }, { - "name": "Automatic_version_update_dependabot", + "name": "Automatic_version_update_dependabot" }, { "name": "feat-*", From e4a100ea91c812168bd01c9898c6d98b98cee2f5 Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Fri, 29 Aug 2025 12:47:03 +0100 Subject: [PATCH 4/9] chore(dependabot): add back in branch staging --- .releaserc.json | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.releaserc.json b/.releaserc.json index d7dbe06..0953117 100644 --- a/.releaserc.json +++ b/.releaserc.json @@ -6,6 +6,9 @@ { "name": "Automatic_version_update_dependabot" }, + { + "name": "Automatic_collected_dependabot_staging" + }, { "name": "feat-*", "prerelease": true From f086dd4d1a9e0eafb56ec2ba358d6ce3609af30a Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Fri, 29 Aug 2025 12:53:12 +0100 Subject: [PATCH 5/9] chore(releaserc): reapply prerelease --- .releaserc.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.releaserc.json b/.releaserc.json index 0953117..43d58fc 100644 --- a/.releaserc.json +++ b/.releaserc.json @@ -7,7 +7,8 @@ "name": "Automatic_version_update_dependabot" }, { - "name": "Automatic_collected_dependabot_staging" + "name": "Automatic_collected_dependabot_staging", + "prerelease": true }, { "name": "feat-*", From 832349496ad6cdf80edc9e81f458669f2e954ea1 Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Fri, 29 Aug 2025 13:11:20 +0100 Subject: [PATCH 6/9] chore(releaserc): prerelease is causing the issues but will need it --- .releaserc.json | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.releaserc.json b/.releaserc.json index 43d58fc..204c5aa 100644 --- a/.releaserc.json +++ b/.releaserc.json @@ -1,14 +1,16 @@ { "branches": [ { - "name": "master" + "name": "master", + "prerelease": false }, { - "name": "Automatic_version_update_dependabot" + "name": "Automatic_version_update_dependabot", + "prerelease": false }, { "name": "Automatic_collected_dependabot_staging", - "prerelease": true + "prerelease": false }, { "name": "feat-*", From ac5d8f4622002f21bb99aed659e62f3132e0743b Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Fri, 29 Aug 2025 13:29:49 +0100 Subject: [PATCH 7/9] chore(semver): better logging cause prerelease error try to view it --- .github/workflows/dev.yml | 13 ++++++++++++- .releaserc.json | 2 +- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml index 425af66..7a4d46f 100644 --- a/.github/workflows/dev.yml +++ b/.github/workflows/dev.yml @@ -94,8 +94,19 @@ jobs: run: | echo "running semantic-release" - SEMVER_OUTPUT_RAW=$(npx semantic-release --dry-run 2>&1) + # SEMVER_OUTPUT_RAW=$(npx semantic-release --dry-run 2>&1) + # STATUS=$? + + SEMVER_OUTPUT_RAW=$(npx semantic-release --dry-run 2> /tmp/semantic-release-errors.log) STATUS=$? + + # Now you can check the status and log the error messages if an error occurred + if [ $STATUS -ne 0 ]; then + echo "Semantic release failed with exit code $STATUS." + echo "Error output:" + cat /tmp/semantic-release-errors.log + fi + echo "status = $STATUS" echo "$SEMVER_OUTPUT_RAW" diff --git a/.releaserc.json b/.releaserc.json index 204c5aa..d3ba112 100644 --- a/.releaserc.json +++ b/.releaserc.json @@ -10,7 +10,7 @@ }, { "name": "Automatic_collected_dependabot_staging", - "prerelease": false + "prerelease": true }, { "name": "feat-*", From b417400bcc6d9275e6e5dd46bc02930c71769b05 Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Fri, 29 Aug 2025 15:04:42 +0100 Subject: [PATCH 8/9] chore(releaserc): semver --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index b8fe7c8..fad9453 100644 --- a/.gitignore +++ b/.gitignore @@ -236,3 +236,4 @@ TELBlazor.Components.ShowCase.E2ETests.WasmServerHost/Logs/* # Generated version info files TELBlazor.Components/TELBlazorPackageVersion/VersionInfo*.cs +/.github/workflows/test.yml From c9ede7bede944f356f4bbf757eebca85e2355b42 Mon Sep 17 00:00:00 2001 From: Phil-NHS Date: Fri, 29 Aug 2025 15:14:08 +0100 Subject: [PATCH 9/9] chore(semver): dependabot --- .github/workflows/dev.yml | 27 ++++++++++++++++++++------- .releaserc.json | 8 +++----- 2 files changed, 23 insertions(+), 12 deletions(-) diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml index 7a4d46f..630ea52 100644 --- a/.github/workflows/dev.yml +++ b/.github/workflows/dev.yml @@ -92,13 +92,27 @@ jobs: - name: Run dev semantic version (None Blocking) id: detect_semantic_version run: | + echo "error catch run of semver first to get any error detail on config issues" + set +e + SEMVER_OUTPUT_RAW_ERROR_CHECK=$(npx semantic-release --dry-run 2> /tmp/semantic-release-errors.log) + STATUS_ERROR_CHECK=$? - echo "running semantic-release" - # SEMVER_OUTPUT_RAW=$(npx semantic-release --dry-run 2>&1) - # STATUS=$? + # Now you can check the status and log the error messages if an error occurred + if [ $STATUS_ERROR_CHECK -ne 0 ]; then + echo "❌ Semantic release failed with exit code $STATUS_ERROR_CHECK." + echo "❌ Error output:" + cat /tmp/semantic-release-errors.log + else + echo "✅ Semantic Ouput success : $SEMVER_OUTPUT_RAW_ERROR_CHECK " + echo "✅ Error on success : $STATUS_ERROR_CHECK" + fi - SEMVER_OUTPUT_RAW=$(npx semantic-release --dry-run 2> /tmp/semantic-release-errors.log) - STATUS=$? + set -e + + + echo "running semantic-release" + semver_output_raw=$(npx semantic-release --dry-run 2>&1) + status=$? # Now you can check the status and log the error messages if an error occurred if [ $STATUS -ne 0 ]; then @@ -372,5 +386,4 @@ jobs: -H "Authorization: Bearer $TEL_GIT_PACKAGES_TOKEN" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/$repo_owner/$repo_name/dispatches \ - -d "{\"event_type\": \"$event_type\", \"client_payload\": {\"artifact_url\": \"$artifact_url\"}}" - + -d "{\"event_type\": \"$event_type\", \"client_payload\": {\"artifact_url\": \"$artifact_url\"}}" \ No newline at end of file diff --git a/.releaserc.json b/.releaserc.json index d3ba112..2296f12 100644 --- a/.releaserc.json +++ b/.releaserc.json @@ -1,16 +1,14 @@ { "branches": [ { - "name": "master", - "prerelease": false + "name": "master" }, { - "name": "Automatic_version_update_dependabot", - "prerelease": false + "name": "Automatic_version_update_dependabot" }, { "name": "Automatic_collected_dependabot_staging", - "prerelease": true + "prerelease": "dependabot-staging" }, { "name": "feat-*",