Add GitHub Action for Build and Release

[vaurdan]

Description

Since now we're using composer autoloading, we need to build a classmap during the release process. This PRs adds a new Build and Release action that will do the following:

• Checkout and Prepare: The workflow begins by checking out the specified branch or reference and preparing the "built" branch. If the "built" branch doesn't exist, it creates one from the "develop" branch.
• Git Configuration: Configures Git with a user name and email for the GitHub Actions bot to commit changes.
• Merge Branches: Merges the current branch into the "built" branch using a squash merge, committing the result.
• Read and Use Node Version: Reads the Node.js version from the .nvmrc file and sets it up using setup-node.
• Build the Project: Installs dependencies using npm and Composer, runs the build process, and optimizes Composer autoloading.
• Check for Changes: Lists all changed files in the working directory.
• Commit Built Files: Adds the changes, commits them with a versioned message, and pushes the updates to the "built" branch.
• Tag and Release: The next job tags the commit with the version from package.json, extracts and formats the relevant section from CHANGELOG.md, and creates a draft release on GitHub with the changelog details.
• Deploy to WordPress.org: The final job deploys the built plugin to WordPress.org using the versioned tag and updates the GitHub release with the ZIP file generated during deployment.

Motivation and context

• Improve the release process, especially now that we have built-time dependencies.

How has this been tested?

This was tested on #2622

Summary by CodeRabbit

• New Features

  • Introduced an automated workflow for building, tagging, releasing, and deploying the WordPress plugin.
  • Improved consistency and efficiency in the release process.

• Chores

  • Updated CI/CD pipeline to enhance the deployment of plugin updates to WordPress.org.

[coderabbitai]

📝 Walkthrough

📝 Walkthrough

📝 Walkthrough

📝 Walkthrough

Walkthrough

This update introduces a GitHub Actions workflow for automating the build, tagging, release, and deployment processes of a WordPress plugin. It consists of three sequential jobs: building the project, tagging the release, and deploying the plugin to WordPress.org. This workflow streamlines the CI/CD process, ensuring consistent and efficient releases while handling versioning and changelog generation automatically.

Changes

File	Change Summary
.github/workflows/build-and-release.yml	Added a new workflow to automate the build, tagging, and deployment of a WordPress plugin, structured into build, tag_and_release, and deploy jobs.

Sequence Diagram(s)

sequenceDiagram
    participant Developer
    participant GitHub Actions
    participant WordPress.org
    participant GitHub

    Developer->>GitHub Actions: Trigger workflow
    GitHub Actions->>GitHub: Checkout specified branch
    GitHub Actions->>GitHub: Create/update built branch
    GitHub Actions->>Node.js: Setup environment
    Node.js->>GitHub Actions: Environment ready
    GitHub Actions->>npm: Install dependencies
    npm->>GitHub Actions: Dependencies installed
    GitHub Actions->>Composer: Build project
    Composer->>GitHub Actions: Build complete
    GitHub Actions->>GitHub: Commit built files to built branch
    GitHub Actions->>GitHub: Checkout built branch for tagging
    GitHub Actions->>GitHub: Tag commit with version
    GitHub Actions->>GitHub: Push tag
    GitHub Actions->>GitHub: Extract changelog
    GitHub Actions->>GitHub: Prepare release
    GitHub Actions->>WordPress.org: Deploy plugin
    WordPress.org->>GitHub Actions: Deployment complete
    GitHub Actions->>GitHub: Update release with ZIP file

Loading

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 1

Outside diff range, codebase verification and nitpick comments (2)

.github/workflows/build-and-release.yml (2)

87-105: Handle changelog extraction errors gracefully.

The changelog extraction handles missing versions but could provide more detailed error messages or logging.

-  echo "Version not found in CHANGELOG.md" >&2
+  echo "Error: Version $VERSION not found in CHANGELOG.md. Please ensure the changelog is updated." >&2

---

30-33: Handle merge conflicts.

The current GitHub Actions workflow does not include steps for handling merge conflicts during the merge operation. Consider adding conflict resolution mechanisms to ensure the workflow can handle potential conflicts gracefully.

• .github/workflows/build-and-release.yml: Add steps or scripts to resolve merge conflicts.

Analysis chain

Handle merge conflicts.

Ensure that the merge step handles potential conflicts, as the current setup does not specify conflict resolution.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify merge conflict handling.

# Test: Simulate a merge conflict scenario. Expect: Conflict resolution is handled.
echo "Simulate merge conflict handling."

Length of output: 76

---

Script:

#!/bin/bash
# Search for any conflict resolution steps in the GitHub Actions workflow file.
rg 'merge|conflict|resolve' .github/workflows/build-and-release.yml -A 5

Length of output: 272

Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 92a0d95 and 5900790.

Files selected for processing (1)

• .github/workflows/build-and-release.yml (1 hunks)

Additional comments not posted (8)

.github/workflows/build-and-release.yml (8)

9-13: Ensure correct branch checkout.

The checkout step uses the ref from the GitHub context, which is usually correct. Verify that this aligns with your intended workflow.

---

35-36: Verify Node.js version file existence.

Ensure that the .nvmrc file exists and contains a valid Node.js version.

Verification successful

---

Node.js version file exists and is valid.

The .nvmrc file is present and contains the Node.js version "18.12", which is a valid version format.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the existence and validity of the .nvmrc file.

# Test: Check .nvmrc file. Expect: File exists and contains a valid version.
cat .nvmrc

Length of output: 18

---

15-23: Clarify branch creation logic.

The logic for checking out or creating the built branch seems sound, but ensure that the develop branch is always available when creating built.

Verification successful

---

Branch Creation Logic Verified

The develop branch is confirmed to exist in the remote repository, ensuring that the logic for creating the built branch from develop is sound. No issues found.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the existence of the develop branch.

# Test: Check if the develop branch exists. Expect: Branch exists.
git branch -r | grep 'origin/develop'

Length of output: 86

---

54-60: Ensure correct version extraction.

The version is extracted from package.json using jq. Verify that this file always contains a valid version.

Verification successful

---

Version extraction is valid.

The version 3.16.2 was successfully extracted from package.json, confirming that it contains a valid version. No further issues were found regarding version extraction.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify version extraction from package.json.

# Test: Check version in package.json. Expect: Valid version.
jq -r .version < package.json

Length of output: 23

---

133-142: Ensure WordPress.org credentials are secure.

The deployment step uses secrets for SVN credentials. Ensure these are securely stored and managed.

---

74-80: Ensure version consistency.

The version is extracted and set in both environment and output variables. Ensure consistency across all steps using this version.

Verification successful

---

Version consistency is maintained across the workflow.

The VERSION variable is consistently set and used throughout the workflow, ensuring that the correct version is applied in all relevant steps, such as tagging and releasing. No further action is required.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify version consistency across steps.

# Test: Compare version in environment and output. Expect: Versions match.
echo "Environment version: $VERSION"
echo "Output version: ${{ steps.get_version.outputs.VERSION }}"

Length of output: 175

---

Script:

#!/bin/bash
# Search for occurrences of the VERSION variable in the build-and-release.yml file
rg 'VERSION' .github/workflows/build-and-release.yml -A 2

Length of output: 1606

---

44-48: Optimize Composer installation.

The Composer installation uses --no-dev and optimization flags, which is good. Ensure that this aligns with your build requirements.

Verification successful

---

Composer installation command is appropriate.

The Composer command composer install --no-dev --optimize-autoloader --classmap-authoritative aligns with the build requirements specified in the composer.json file. The use of --no-dev ensures that development dependencies are excluded, and the optimization flags are suitable for production builds. No changes are necessary.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify Composer installation options.

# Test: Check Composer install command. Expect: Matches build requirements.
echo "Composer install command: composer install --no-dev --optimize-autoloader --classmap-authoritative"

Length of output: 206

---

Script:

#!/bin/bash
# Search for documentation or configuration files that might specify Composer build requirements.
# Look for references to Composer in README files or other documentation.
rg -i 'composer' --glob '*.md'

# Check for any configuration files that might specify Composer settings.
fd -e json -e yaml -e yml -e toml | xargs rg -i 'composer'

Length of output: 3207

---

Script:

#!/bin/bash
# Extract and display the contents of the composer.json file to verify build requirements.
cat composer.json

Length of output: 4061

---

144-156: Verify ZIP file update logic.

The release update step includes logic for updating with the ZIP file. Ensure this logic aligns with your release management strategy.

Verification successful

---

ZIP file update logic verified.

The configuration of ncipollo/release-action in your workflow aligns with a strategy of updating only unreleased versions and ensuring that the release is updated with the new ZIP file while removing old artifacts. This approach helps maintain clean and up-to-date releases.

• The action is configured to allow updates and remove old artifacts.
• It omits body, name, draft, and prerelease information during updates, focusing on the ZIP file.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify ZIP file update logic in the release.

# Test: Check release update logic. Expect: Aligns with release strategy.
echo "Release update logic verified."

Length of output: 70

---

Script:

#!/bin/bash
# Search for the usage of `ncipollo/release-action` in the repository to verify its configuration.
rg "uses: ncipollo/release-action" -A 10

Length of output: 42

---

Script:

#!/bin/bash
# Find all YAML files in the .github/workflows directory and search for the usage of `ncipollo/release-action`.
fd -e yml -e yaml -t f .github/workflows | xargs rg "uses: ncipollo/release-action" -A 10

Length of output: 465

---

Script:

#!/bin/bash
# Correct the fd command to find all YAML files in the .github/workflows directory and search for the usage of `ncipollo/release-action`.
fd . --full-path '.github/workflows' -e yml -e yaml | xargs rg "uses: ncipollo/release-action" -A 10

Length of output: 1700

[coderabbitai]

Set Git configuration locally.

Consider setting Git configuration locally for this repository instead of globally, to avoid affecting other workflows.

-  git config --global user.name 'github-actions[bot]'
-  git config --global user.email 'github-actions[bot]@users.noreply.github.com'
+  git config user.name 'github-actions[bot]'
+  git config user.email 'github-actions[bot]@users.noreply.github.com'

Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	- name: Configure Git
	run: |
	git config --global user.name 'github-actions[bot]'
	git config --global user.email 'github-actions[bot]@users.noreply.github.com'
	- name: Configure Git
	run: |
	git config user.name 'github-actions[bot]'
	git config user.email 'github-actions[bot]@users.noreply.github.com'

[acicovic]

Do we need to re-review/approve this, or is it to be closed?

[vaurdan]

Closed in favour of #2923