diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..42bf9be --- /dev/null +++ b/.gitattributes @@ -0,0 +1,14 @@ +/.github export-ignore + +/tests export-ignore + +/.env.test export-ignore +/.gitignore export-ignore +/.releaserc export-ignore +/ecs.php export-ignore +/package.json export-ignore +/package-lock.json export-ignore +/phpstan.neon.dist export-ignore +/phpstan.shopware-6.7.1.0.neon.dist export-ignore +/phpunit.xml.dist export-ignore +/rector.php export-ignore diff --git a/.github/workflows/composer-version-guard.yml b/.github/workflows/composer-version-guard.yml index 75d8060..cbafdc7 100644 --- a/.github/workflows/composer-version-guard.yml +++ b/.github/workflows/composer-version-guard.yml @@ -5,7 +5,7 @@ on: branches: [develop] env: - GITHUB_TOKEN: ${{ secrets.GH_AUTOMATION_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} jobs: no-manual-version-bump: @@ -74,12 +74,12 @@ jobs: cat > /tmp/comment.md <<'EOF' ⚠️ **Bitte die `version` in `composer.json` nicht manuell ändern.** - + Releases werden automatisch erstellt (.github/workflows/release.yml). - Dieser PR ändert die Eigenschaft `version` – bitte die Änderung zurücknehmen. + Dieser PR ändert die Eigenschaft `version` – bitte die Änderung zurücknehmen. Sobald die Version wieder unverändert ist, wird dieser Hinweis automatisch entfernt. EOF - + if [ -z "${existing_ids}" ]; then # Neuen Kommentar erstellen gh pr comment "${PR_NUMBER}" --body-file /tmp/comment.md @@ -98,12 +98,12 @@ jobs: run: | set -euo pipefail MARK="" - + # Alle Kommentare mit unserem Marker einsammeln ids=$(gh api --paginate \ repos/${REPO}/issues/${PR_NUMBER}/comments \ --jq "[ .[] | select( (.body // \"\") | contains(\"${MARK}\") ) | .id ] | .[]" || true) - + if [ -n "${ids}" ]; then echo "Removing ${ids}..." for id in ${ids}; do diff --git a/.github/workflows/release-sync.yml b/.github/workflows/release-sync.yml deleted file mode 100644 index 2a5cacb..0000000 --- a/.github/workflows/release-sync.yml +++ /dev/null @@ -1,83 +0,0 @@ -name: Sync release artifacts to develop - -on: - workflow_run: - workflows: ["Create release"] - types: [completed] - -permissions: - contents: write - -# Cannot use overall env because then the sync fails with the wrong user - -jobs: - sync-to-develop: - if: ${{ github.event.workflow_run.conclusion == 'success' }} - runs-on: ubuntu-latest - - steps: - - name: Checkout (full history) - uses: actions/checkout@v6 - with: - fetch-depth: 0 - token: ${{ secrets.GH_AUTOMATION_TOKEN }} - - - name: Configure git & auth - run: | - git config user.name "${GIT_AUTHOR_NAME}" - git config user.email "${GIT_AUTHOR_EMAIL}" - git remote set-url origin "https://x-access-token:${GITHUB_TOKEN}@github.com/${{ github.repository }}.git" - - - name: Fetch branches (heads only, no tags; avoid ambiguous refs) - run: | - set -euo pipefail - - echo "Fetching main and develop branches..." - git fetch --no-tags --prune origin \ - +refs/heads/main:refs/remotes/origin/main \ - +refs/heads/develop:refs/remotes/origin/develop - - - name: Sync composer.json & CHANGELOG.md from main to develop - id: sync - run: | - set -euo pipefail - - echo "Configuring git user for pushing changes..." - git config user.email "websolutions@netlogix.de" - git config user.name "netlogix-bot" - - # Prüfe, ob sich genau diese Dateien zwischen main und develop unterscheiden - echo "Checking for differences in composer.json and CHANGELOG.md between main and develop..." - if git diff --quiet \ - refs/remotes/origin/develop..refs/remotes/origin/main \ - -- composer.json CHANGELOG.md; then - echo "nothing_to_sync=true" >> "$GITHUB_OUTPUT" - exit 0 - fi - - # Wechsle auf lokalen develop, der auf remote/develop basiert - echo "Checking out develop branch..." - git checkout -B develop refs/remotes/origin/develop - - # Übernehme die zwei Dateien exakt aus main - echo "Checking out composer.json and CHANGELOG.md from main branch..." - git checkout refs/remotes/origin/main -- composer.json CHANGELOG.md - - # Stage & Commit mit [skip ci], damit keine Workflows feuern - echo "Committing changes..." - git add composer.json CHANGELOG.md - git commit -m "[release-sync] chore: sync composer.json & CHANGELOG.md from main to develop [skip ci]" || { - echo "nothing_to_sync=true" >> "$GITHUB_OUTPUT" - exit 0 - } - - echo "Pushing changes to develop branch..." - git push origin HEAD:develop - echo "nothing_to_sync=false" >> "$GITHUB_OUTPUT" - echo "done" - env: - GITHUB_TOKEN: ${{ secrets.GH_AUTOMATION_TOKEN }} - - - name: Done - if: steps.sync.outputs.nothing_to_sync == 'true' - run: echo "Nichts zu syncen (composer.json/CHANGELOG.md identisch)." diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 9081a1e..57b8eff 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -11,11 +11,18 @@ permissions: jobs: release: runs-on: ubuntu-latest + environment: Netlogix Release Bot steps: - name: Checkout uses: actions/checkout@v6 with: persist-credentials: false + - name: Create GitHub App token + uses: actions/create-github-app-token@v3 + id: release-bot-app-token + with: + client-id: ${{ vars.RELEASE_BOT_CLIENT_ID }} + private-key: ${{ secrets.RELEASE_BOT_PRIVATE_KEY }} - name: Setup Node uses: actions/setup-node@v6 with: @@ -26,4 +33,82 @@ jobs: uses: cycjimmy/semantic-release-action@v6 id: semantic # Need an `id` for output variables env: - GITHUB_TOKEN: ${{ secrets.GH_AUTOMATION_TOKEN }} + GITHUB_TOKEN: ${{ steps.release-bot-app-token.outputs.token }} + + sync-to-develop: + needs: release + runs-on: ubuntu-latest + environment: Netlogix Release Bot + permissions: + contents: write + steps: + - name: Create GitHub App token + uses: actions/create-github-app-token@v3 + id: release-bot-app-token + with: + client-id: ${{ vars.RELEASE_BOT_CLIENT_ID }} + private-key: ${{ secrets.RELEASE_BOT_PRIVATE_KEY }} + + - name: Checkout (full history) + uses: actions/checkout@v6 + with: + fetch-depth: 0 + token: ${{ steps.release-bot-app-token.outputs.token }} + + - name: Configure git & auth + run: | + git config user.name "${GIT_AUTHOR_NAME}" + git config user.email "${GIT_AUTHOR_EMAIL}" + git remote set-url origin "https://x-access-token:${GITHUB_TOKEN}@github.com/${{ github.repository }}.git" + env: + GITHUB_TOKEN: ${{ steps.release-bot-app-token.outputs.token }} + + - name: Fetch branches (heads only, no tags; avoid ambiguous refs) + run: | + set -euo pipefail + + echo "Fetching main and develop branches..." + git fetch --no-tags --prune origin \ + +refs/heads/main:refs/remotes/origin/main \ + +refs/heads/develop:refs/remotes/origin/develop + + - name: Sync composer.json & CHANGELOG.md from main to develop + id: sync + run: | + set -euo pipefail + + echo "Configuring git user for pushing changes..." + git config user.email "websolutions@netlogix.de" + git config user.name "netlogix-bot" + + echo "Checking for differences in composer.json and CHANGELOG.md between main and develop..." + if git diff --quiet \ + refs/remotes/origin/develop..refs/remotes/origin/main \ + -- composer.json CHANGELOG.md; then + echo "nothing_to_sync=true" >> "$GITHUB_OUTPUT" + exit 0 + fi + + echo "Checking out develop branch..." + git checkout -B develop refs/remotes/origin/develop + + echo "Checking out composer.json and CHANGELOG.md from main branch..." + git checkout refs/remotes/origin/main -- composer.json CHANGELOG.md + + echo "Committing changes..." + git add composer.json CHANGELOG.md + git commit -m "[release-sync] chore: sync composer.json & CHANGELOG.md from main to develop [skip ci]" || { + echo "nothing_to_sync=true" >> "$GITHUB_OUTPUT" + exit 0 + } + + echo "Pushing changes to develop branch..." + git push origin HEAD:develop + echo "nothing_to_sync=false" >> "$GITHUB_OUTPUT" + echo "done" + env: + GITHUB_TOKEN: ${{ steps.release-bot-app-token.outputs.token }} + + - name: Done + if: steps.sync.outputs.nothing_to_sync == 'true' + run: echo "Nichts zu syncen (composer.json/CHANGELOG.md identisch)."