From 9001131341dd63ad628dc487796da4086d805e7c Mon Sep 17 00:00:00 2001
From: Luis Rosales <l.rosales@inpsyde.com>
Date: Mon, 11 Nov 2024 11:09:15 +0100
Subject: [PATCH] feat: adding automatic WP JS dependencies

---
 .../update-wordpress-js-dependencies.yml      | 128 ++++++++++++++++++
 1 file changed, 128 insertions(+)
 create mode 100644 .github/workflows/update-wordpress-js-dependencies.yml

diff --git a/.github/workflows/update-wordpress-js-dependencies.yml b/.github/workflows/update-wordpress-js-dependencies.yml
new file mode 100644
index 00000000..792ed8e1
--- /dev/null
+++ b/.github/workflows/update-wordpress-js-dependencies.yml
@@ -0,0 +1,128 @@
+name: Update WordPress JS Dependencies
+on:
+  workflow_call:
+    inputs:
+      WP_SCRIPT_DIST_TAG:
+        description: The tag to use for updating the dependencies. e.g. wp-6.6
+        default: wp-6.6
+        required: true
+        type: string
+    secrets:
+      GITHUB_USER_EMAIL:
+        description: Email address for the GitHub user configuration.
+        required: false
+      GITHUB_USER_NAME:
+        description: Username for the GitHub user configuration.
+        required: false
+      GITHUB_USER_SSH_KEY:
+        description: Private SSH key associated with the GitHub user for the token passed as `GITHUB_USER_TOKEN`.
+        required: false
+      GITHUB_USER_SSH_PUBLIC_KEY:
+        description: Public SSH key associated with the GitHub user for the token passed as `GITHUB_USER_TOKEN`.
+        required: false
+      
+jobs:
+  update-dependencies:
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    env:
+      PACKAGE_MANAGER: npm
+      GITHUB_USER_EMAIL: ${{ secrets.DEPLOYBOT_EMAIL }}
+      GITHUB_USER_NAME: ${{ secrets.DEPLOYBOT_USER }}
+      GITHUB_USER_SSH_KEY: ${{ secrets.DEPLOYBOT_SSH_PRIVATE_KEY }}
+      GITHUB_USER_SSH_PUBLIC_KEY: ${{ secrets.DEPLOYBOT_SSH_PUBLIC_KEY }}
+      WP_SCRIPT_DIST_TAG: ${{ github.event.client_payload.wp_version || inputs.WP_SCRIPT_DIST_TAG }}
+
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v4
+      with:
+        fetch-depth: 0
+        ssh-key: ${{ env.GITHUB_USER_SSH_KEY }}
+
+    - name: Set global variables
+      run: |
+        echo "TEMP_BRANCH_NAME=update/${{ env.WP_SCRIPT_DIST_TAG }}" >> $GITHUB_ENV
+        echo "CURRENT_DATE=$(date +'%Y-%m-%d')" >> $GITHUB_ENV
+
+    - name: Set up SSH
+      if: ${{ env.GITHUB_USER_SSH_KEY != '' }}
+      uses: webfactory/ssh-agent@v0.9.0
+      with:
+        ssh-private-key: ${{ env.GITHUB_USER_SSH_KEY }}
+
+    - name: Set up Git
+      run: |
+        git config --global user.email "${{ env.GITHUB_USER_EMAIL }}"
+        git config --global user.name "${{ env.GITHUB_USER_NAME }}"
+        git config --global advice.addIgnoredFile false
+        git config --global push.autoSetupRemote true
+
+    - name: Set up signing commits
+      if: ${{ env.GITHUB_USER_SSH_PUBLIC_KEY != '' }}
+      run: |
+        : # Create empty SSH private key file so Git does not complain.
+        touch "${{ runner.temp }}/signingkey"
+        echo "${{ env.GITHUB_USER_SSH_PUBLIC_KEY }}" > "${{ runner.temp }}/signingkey.pub"
+        git config --global commit.gpgsign true
+        git config --global gpg.format ssh
+        git config --global user.signingkey "${{ runner.temp }}/signingkey.pub"
+
+    - name: Checkout to temporary branch
+      run: |
+        git show-ref -q refs/remotes/origin/${{ env.TEMP_BRANCH_NAME }} && git checkout ${{ env.TEMP_BRANCH_NAME }} || git checkout -b ${{ env.TEMP_BRANCH_NAME }}
+
+    - name: Set up node cache mode
+      run: |
+        if [ "${{ env.PACKAGE_MANAGER }}" == 'npm' ] && { [ -f "${GITHUB_WORKSPACE}/package-lock.json" ] || [ -f "${GITHUB_WORKSPACE}/npm-shrinkwrap.json" ]; }; then
+          echo "NODE_CACHE_MODE=npm" >> $GITHUB_ENV
+        elif [ "${{ env.PACKAGE_MANAGER }}" == 'yarn' ] && [ -f "${GITHUB_WORKSPACE}/yarn.lock" ]; then
+          echo "NODE_CACHE_MODE=yarn" >> $GITHUB_ENV
+        else
+          echo "No lock files found or unknown package manager"
+        fi
+
+    - name: Set up node
+      uses: actions/setup-node@v4
+      with:
+        node-version: ${{ env.NODE_VERSION }}
+        cache: ${{ env.NODE_CACHE_MODE }}
+
+
+    - name: Install dependencies
+      env:
+        ARGS: ${{ env.NODE_CACHE_MODE == 'yarn' && '--frozen-lockfile' || env.NODE_CACHE_MODE == 'npm' && 'ci' || 'install' }}
+      run: ${{ format('{0} {1} --ignore-scripts', env.PACKAGE_MANAGER, env.ARGS) }}
+    
+    - name: Running the update
+      env:
+        SCRIPT_START: ${{ env.PACKAGE_MANAGER == 'yarn' && 'yarn' || env.PACKAGE_MANAGER == 'npm' && 'npm run' }}
+      run: |
+        ./node_modules/.bin/wp-scripts packages-update --dist-tag=${{ env.WP_SCRIPT_DIST_TAG }}
+
+    - name: Git add and commit
+      run: |
+        git add -A
+        git commit -m "[BOT] Add dependencies changes for #${{ github.ref }}" --no-verify || ((echo "HAS_GIT_CHANGES=no" >> $GITHUB_ENV) && (echo "No changes to commit"))
+
+    - name: Git push
+      if: ${{ env.HAS_GIT_CHANGES != 'no' }}
+      run: git push
+      
+
+    - name: Create Pull Request
+      env:
+        GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      run: |
+        gh pr create \
+          --base ${{ github.event.repository.default_branch }} \
+          --head ${{ env.TEMP_BRANCH_NAME }} \
+          --title "Align WP Dependencies to meet dist tag ${{ env.WP_SCRIPT_DIST_TAG }} - ${{ env.CURRENT_DATE }}" \
+          --body "This PR updates the WordPress dependencies to meet the version ${{ env.WP_SCRIPT_DIST_TAG }}." \
+          --label "dependencies"
+      
+    - name: Delete signing key files
+      if: ${{ always() && env.GITHUB_USER_SSH_PUBLIC_KEY != '' }}
+      run: |
+        rm -f "${{ runner.temp }}/signingkey"
+        rm -f "${{ runner.temp }}/signingkey.pub"
\ No newline at end of file