Add prIssueManagement.yml to onboard repo to GitOps.ResourceManagement
as FabricBot replacement
Owners of the FabricBot configuration should have received email
notification. The same information contained in the email is published
internally at: https://aka.ms/gim/fabricbot. Details on the replacement
service and the syntax of the new yaml configuration file is available
publicly at: https://microsoft.github.io/GitOps/policies/resource-management.html
Bumps rolfbjarne/autoformat from 0.2.2 to 0.2.99.
## Commits
* Add support for a custom .NET executable and a custom working directory.
* Add branding.
* Change name so that it can be published to the marketplace.
* Quote script. Fixes issue 8.
See full diff: https://github.com/rolfbjarne/autoformat/compare/v0.2.2...v0.2.99
Handle the 'need-repro' label like the 'need-info' label:
* Add a comment that we need a repro, and how to get one.
* Close the issue if no comments within 7 days.
* Add a 'need-attention' label if reporter comments.
Also add a document explaining how to create a repro, modeled after (copied)
MAUI's document (https://github.com/dotnet/maui/blob/main/.github/repro.md).
New workflows:
1. When a `move-to-vs-feedback` label is applied to an issue, tell the
user to use the VS Feedback tool instead.
2. If issue is commented on within 3 days, mark as `needs-attention`.
3. If issue is inactive for 3 days, close the issue.
This is a shameless copy of
05c5e202a3.
Fixes this:
SyntaxError: Unexpected identifier
at new AsyncFunction (<anonymous>)
Error: Unhandled error: SyntaxError: Unexpected identifier
at callAsyncFunction (/home/runner/work/_actions/actions/github-script/v6.3.3/dist/index.js:13356:16)
at main (/home/runner/work/_actions/actions/github-script/v6.3.3/dist/index.js:13452:26)
at Module.858 (/home/runner/work/_actions/actions/github-script/v6.3.3/dist/index.js:13429:1)
at __webpack_require__ (/home/runner/work/_actions/actions/github-script/v6.3.3/dist/index.js:24:31)
at startup (/home/runner/work/_actions/actions/github-script/v6.3.3/dist/index.js:43:19)
at /home/runner/work/_actions/actions/github-script/v6.3.3/dist/index.js:49:18
at Object.<anonymous> (/home/runner/work/_actions/actions/github-script/v6.3.3/dist/index.js:52:10)
at Module._compile (node:internal/modules/cjs/loader:1101:14)
at Object.Module._extensions..js (node:internal/modules/cjs/loader:1153:10)
by not storing the changelog entry in an environment variable between tasks,
but instead store it on disk.
Bumps
[peterjgrainger/action-create-branch](https://github.com/peterjgrainger/action-create-branch)
from 2.2.0 to 2.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/peterjgrainger/action-create-branch/releases">peterjgrainger/action-create-branch's
releases</a>.</em></p>
<blockquote>
<h2>v2.3.0</h2>
<p>From <a
href="https://github-redirect.dependabot.com/peterjgrainger/action-create-branch/issues/356">#356</a>
update to version <code>16</code> of node and set
<code>BRANCH_CREATED</code> environment variable instead of
<code>set-output</code></p>
<p>I've left set output there so others can update their action but
added a warning not to use the output any longer.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="64aa569aea"><code>64aa569</code></a>
deprecate set output</li>
<li><a
href="4db6058d3c"><code>4db6058</code></a>
upgrade node version</li>
<li><a
href="9b788a6dcc"><code>9b788a6</code></a>
added some explanation about the branch name</li>
<li><a
href="98f5309f9a"><code>98f5309</code></a>
Update readme</li>
<li>See full diff in <a
href="https://github.com/peterjgrainger/action-create-branch/compare/v2.2.0...v2.3.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[xamarin/backport-bot-action](https://github.com/xamarin/backport-bot-action)
from 1.0 to 1.1.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c27c1d5a07"><code>c27c1d5</code></a>
Scope env to step</li>
<li><a
href="da97d664ca"><code>da97d66</code></a>
Inputs -> secrets</li>
<li><a
href="7d536aa14f"><code>7d536aa</code></a>
Update inputs -> secrets</li>
<li><a
href="69c12fcadc"><code>69c12fc</code></a>
Create reusable workflow to replace composite action</li>
<li>See full diff in <a
href="https://github.com/xamarin/backport-bot-action/compare/v1.0...v1.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
We have four branches that test releasing a single platform:
release/release-test-only-dotnet-$platform
In these branches, only the given platform is enabled (these are also
.NET-only branches), with the idea that we're testing the build and publish of
a single platform. These branches have a 'release/' prefix, so that the go
through as much as possible of our release pipeline.
Hopefully by testing and making sure the following builds and publishes correctly:
* All platforms (the default for our build)
* Each platform by itself
Building and publishing more than one (but less than all four) platforms also
work.
This PR will automatically update these four branches from main every
Saturday, so that we'll be able to find and fix any problems that occur before
release date.
actions/github-script was recently updated from 3.1.0 to 6.3.1 (69de14c668), but unfortunately there were breaking changes:
* https://github.com/actions/github-script#breaking-changes
* https://github.com/actions/github-script/issues/242#issuecomment-1049167283
This would manifest as:
TypeError: Cannot read properties of undefined (reading 'listWorkflowRunArtifacts')
Error: Unhandled error: TypeError: Cannot read properties of undefined (reading 'listWorkflowRunArtifacts')
at eval (eval at callAsyncFunction (/home/runner/work/_actions/actions/github-script/v6.3.1/dist/index.js:13340:16), <anonymous>:3:38)
at callAsyncFunction (/home/runner/work/_actions/actions/github-script/v6.3.1/dist/index.js:13341:12)
at main (/home/runner/work/_actions/actions/github-script/v6.3.1/dist/index.js:13436:26)
at Module.858 (/home/runner/work/_actions/actions/github-script/v6.3.1/dist/index.js:13413:1)
at __webpack_require__ (/home/runner/work/_actions/actions/github-script/v6.3.1/dist/index.js:24:31)
at startup (/home/runner/work/_actions/actions/github-script/v6.3.1/dist/index.js:43:19)
at /home/runner/work/_actions/actions/github-script/v6.3.1/dist/index.js:49:18
at Object.<anonymous> (/home/runner/work/_actions/actions/github-script/v6.3.1/dist/index.js:52:10)
at Module._compile (node:internal/modules/cjs/loader:1101:14)
at Object.Module._extensions..js (node:internal/modules/cjs/loader:1153:10)
So update our code to to use the new way to do things.
Bumps [actions/github-script](https://github.com/actions/github-script) from 3.1.0 to 6.3.1.
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
We have some problems when autoformatting PRs and the PR branch isn't fully
up-to-date with regards to the target branch.
I believe this is what happens:
1. When a PR is created (or modified), GitHub Actions will merge the PR branch
with the target branch, and parse/load the merged *.yml files.
2. Then when we run the autoformatter, we're working on the tip of the PR
branch (and not the merged result).
3. This means that we were using the list of projects to autoformat from the
merged branch, but exeuting on the PR branch. This resulted in spurious
autoformatting, because the autoformatted would autoformat more code than
expected.
The fix I'm implementing is to move the list of projects to autoformat to a
separate script in source code. That way we'll work upon the list of projects
as they show up in the PR branch, and not the merged results.
Also fix a merge conflict that made autoformatting not work, and make sure to not add any temporary files to the diff.
Co-authored-by: GitHub Actions Autoformatter <github-actions-autoformatter@xamarin.com>
Get the head repository using the correct syntax when trying to publish
autoformatted changes. This action is a 'workflow_run' action, and not a
'pull_request' action, and as such we must look in the 'workflow_run' object
for the data we need.
This will hopefully make the action able to publish results back to a fork.
It turns out that part of the logic has to exist in `main`, it won't
execute from a pull request.
This means it might take a while to get the logic right... so I made it
work in a personal repo first. This is the resulting code, hopefully it
works here too (but there's no way to know for sure before merging the
PR 😞
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2 to 3.
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Implement a GitHub action to automatically format our source code.
This is implemented in two steps:
1. A restricted action is used to check if the code has any formatting issues, and if so, creates a patch to fix the code.
2. Another action is used to commit and push the patch (and add a comment to the PR notifying the submitter about the problems found).
This is because the first action will call 'dotnet format', which might be insecure in that it can execute code from the repository. This is not safe in a context that is allowed to push commits (because there are secrets in the environment) - so anyone could create a PR that would be executed as a part of 'dotnet format' and then look for our secrets and make them public. The restricted action's environment does not have any secrets, and it's thus safe to execute random code.
The second action will only execute if the corresponding file is in main, so this PR need to be merged before this can be fully implemented, and as such I've made the autoformatting opt-in (by adding the `actions-enable-autoformat` label). Once everything is confirmed to work properly, it will become opt-out instead.
Also, for now only a very simple project is autoformatted (xibuild.csproj), but the
idea is to fix source code incrementally, and add to the list of projects/code
we autoformat.
Rolf Bjarne Kvinge
Mike Bond
dependabot[bot]
microsoft-github-policy-service[bot]
Manuel de la Pena