MokoConsulting/MokoCassiopeia
1
1
Fork 0
Code Issues 2 Pull Requests Actions Packages Releases 1 Activity

Update version_branch.yml

Browse Source
This commit is contained in:
Jonathan Miller
2025-12-18 18:51:31 -06:00
parent e8174a5dd7
commit 984573774e
1 changed files with 21 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
.github/workflows/version_branch.yml vendored
View File

@@ -60,7 +60,7 @@ jobs:
env: env:
NEW_VERSION: ${{ github.event.inputs.new_version }} NEW_VERSION: ${{ github.event.inputs.new_version }}
BASE_BRANCH: ${{ github.ref_name }} BASE_BRANCH: ${{ github.ref_name }}
BRANCH_PREFIX: version/dev/ BRANCH_PREFIX: dev/
COMMIT_CHANGES: ${{ github.event.inputs.commit_changes }} COMMIT_CHANGES: ${{ github.event.inputs.commit_changes }}
ERROR_LOG: /tmp/version_branch_errors.log ERROR_LOG: /tmp/version_branch_errors.log
CI_HELPERS: /tmp/moko_ci_helpers.sh CI_HELPERS: /tmp/moko_ci_helpers.sh
@@ -238,10 +238,10 @@ jobs:
text = p.read_text(encoding='utf-8', errors='replace').splitlines(True) text = p.read_text(encoding='utf-8', errors='replace').splitlines(True)
todo_re = re.compile(r'^[ \t]*##[ \t]*(?:\[[ \t]*TODO[ \t]*\]|TODO)[ \t]*$', re.IGNORECASE) todo_re = re.compile(r'^[ ]*##[ ]*(?:\[[ ]*TODO[ ]*\]|TODO)[ ]*$', re.IGNORECASE)
bullet_re = re.compile(r'^[ \t]*[-*+][ \t]+') bullet_re = re.compile(r'^[ ]*[-*+][ ]+')
blank_re = re.compile(r'^[ \t]*$') blank_re = re.compile(r'^[ ]*$')
unreleased_re = re.compile(r'^[ \t]*##[ \t]*(?:\[[ \t]*UNRELEASED[ \t]*\]|UNRELEASED)[ \t]*$', re.IGNORECASE) unreleased_re = re.compile(r'^[ ]*##[ ]*(?:\[[ ]*UNRELEASED[ ]*\]|UNRELEASED)[ ]*$', re.IGNORECASE)
idx = None idx = None
for i, line in enumerate(text): for i, line in enumerate(text):
@@ -349,14 +349,14 @@ jobs:
stamp = datetime.now(timezone.utc).strftime('%Y-%m-%d') stamp = datetime.now(timezone.utc).strftime('%Y-%m-%d')
root = Path('.').resolve() root = Path('.').resolve()
header_re = re.compile(r'(?im)(VERSION[ \t]*:[ \t]*)([0-9]{2}[.][0-9]{2}[.][0-9]{2})') header_re = re.compile(r'(?im)(VERSION[ ]*:[ ]*)([0-9]{2}[.][0-9]{2}[.][0-9]{2})')
manifest_marker_re = re.compile(r'(?is)<extension\b') manifest_marker_re = re.compile(r'(?is)<extension\b')
xml_version_re = re.compile(r'(?is)(<version[ \t]*>)([^<]*?)(</version[ \t]*>)') xml_version_re = re.compile(r'(?is)(<version[ ]*>)([^<]*?)(</version[ ]*>)')
xml_date_res = [ xml_date_res = [
re.compile(r'(?is)(<creationDate[ \t]*>)([^<]*?)(</creationDate[ \t]*>)'), re.compile(r'(?is)(<creationDate[ ]*>)([^<]*?)(</creationDate[ ]*>)'),
re.compile(r'(?is)(<date[ \t]*>)([^<]*?)(</date[ \t]*>)'), re.compile(r'(?is)(<date[ ]*>)([^<]*?)(</date[ ]*>)'),
re.compile(r'(?is)(<releaseDate[ \t]*>)([^<]*?)(</releaseDate[ \t]*>)'), re.compile(r'(?is)(<releaseDate[ ]*>)([^<]*?)(</releaseDate[ ]*>)'),
] ]
skip_ext = { skip_ext = {
@@ -460,8 +460,8 @@ jobs:
root = Path('.').resolve() root = Path('.').resolve()
skip_dirs = {'.git', '.github', 'node_modules', 'vendor', '.venv', 'dist', 'build'} skip_dirs = {'.git', '.github', 'node_modules', 'vendor', '.venv', 'dist', 'build'}
header_re = re.compile(r'(?im)VERSION[ \t]*:[ \t]*([0-9]{2}[.][0-9]{2}[.][0-9]{2})') header_re = re.compile(r'(?im)VERSION[ ]*:[ ]*([0-9]{2}[.][0-9]{2}[.][0-9]{2})')
xml_version_re = re.compile(r'(?is)<version[ \t]*>([^<]*?)</version[ \t]*>') xml_version_re = re.compile(r'(?is)<version[ ]*>([^<]*?)</version[ ]*>')
mismatches = [] mismatches = []
@@ -497,35 +497,34 @@ jobs:
print('[INFO] Version consistency audit passed') print('[INFO] Version consistency audit passed')
PY PY
- name: Change scope allowlist (block unexpected edits) - name: Change scope guard (block .github edits)
run: | run: |
source "$CI_HELPERS" source "$CI_HELPERS"
moko_init "Change scope allowlist" moko_init "Change scope guard"
if [[ -z "$(git status --porcelain=v1)" ]]; then if [[ -z "$(git status --porcelain=v1)" ]]; then
echo "[INFO] No changes detected. Scope gate skipped." echo "[INFO] No changes detected. Scope guard skipped."
exit 0 exit 0
fi fi
echo "[INFO] Evaluating changed paths" echo "[INFO] Evaluating changed paths"
git diff --name-only > /tmp/changed_paths.txt git diff --name-only > /tmp/changed_paths.txt
allow_re='^(CHANGELOG[.]md|src/.*[.]xml|.*templateDetails[.]xml|.*manifest.*[.]xml|.*[.]md|[.]github/version-bump-report[.]json)$'
bad=0 bad=0
while IFS= read -r p; do while IFS= read -r p; do
if [[ ! "${p}" =~ ${allow_re} ]]; then if [[ "$p" == .github/* ]] && [[ "$p" != .github/version-bump-report.json ]]; then
echo "[ERROR] Unexpected file modified by version workflow: ${p}" >&2 echo "[ERROR] .github change is not permitted by this workflow: $p" >&2
bad=1 bad=1
fi fi
done < /tmp/changed_paths.txt done < /tmp/changed_paths.txt
if [[ "${bad}" -ne 0 ]]; then if [[ "$bad" -ne 0 ]]; then
echo "[FATAL] Scope gate failed. Update allowlist or adjust bump targeting." >&2 echo "[FATAL] Change scope guard failed. Workflow attempted to modify .github content." >&2
echo "$(date -u +%Y-%m-%dT%H:%M:%SZ) | Change scope guard | attempted .github modifications" >> "$ERROR_LOG" || true
exit 2 exit 2
fi fi
echo "[INFO] Scope gate passed" echo "[INFO] Scope guard passed"
- name: Publish audit trail to job summary - name: Publish audit trail to job summary
if: always() if: always()