ARCH-1919 - Transfer to Infra-Purple (#16)

* ARCH-1919 - Transfer to Infra-Purple

- Update CODEOWNERS
- Add tests to build-and-review-pr.yml
- Adding a strict-match-mode input to toggle how matches are found.  +semver:minor
- Adding additional logging

* ARCH-1919 - Updates for consistency

* ARCH-1919 - Handle fork scenarios in test job

.github/CODEOWNERS

@@ -1 +1 @@
-* @im-open/swat
+* @im-open/infra-purple

.github/workflows/build-and-review-pr.yml

@@ -60,3 +60,207 @@ jobs:
       # The npm script to run to build the action.  This is typically 'npm run build' if the
       # action needs to be compiled.  For composite-run-steps actions this is typically empty.
       build-command: 'npm run build'
+
+  test:
+    runs-on: ubuntu-latest
+
+    env:
+      ORG: 'im-open'
+      REPO: 'delete-branch-package-versions'
+      PACKAGE_NAME: 'npm-pkg-to-delete'
+      PROD_TAG: '1.0.0'
+      BRANCH_A: 'branch-a'
+      BRANCH_A_TAG_1: ''
+      BRANCH_A_TAG_2: ''
+      BRANCH_A_TAG_3: ''
+      BRANCH_B: 'branch-b'
+      BRANCH_B_TAG_1: ''
+      BRANCH_B_TAG_2: ''
+
+    steps:
+      #--------------------------------------
+      # SETUP
+      #--------------------------------------
+      - name: Fail test job if fork
+        run: |
+          if [ "${{ github.event.pull_request.head.repo.fork }}" == "true" ]; then
+            echo "This test job requires secrets that PRs from forks will not have access to.  Before this PR can be merged, the tests should be run on an intermediate branch created by repository owners."
+            exit 1
+          fi
+
+      - name: '-------------------------------------------------------------------------------------------------------'
+        run: echo ""
+
+      - name: Setup - Checkout the action
+        uses: actions/checkout@v3
+
+      - name: Setup - Create Dynamic Tags
+        run: |
+          tag=$(date +'%Y%m%d%H%M%S')
+          npm install
+          branchATag1="1.0.1-${{env.BRANCH_A}}.$tag"
+          branchATag2="1.0.2-${{env.BRANCH_A}}.$tag"
+          branchATag3="1.0.3-${{env.BRANCH_A}}.$tag"
+          branchBTag1="1.1.1-${{env.BRANCH_B}}.$tag"
+          branchBTag2="1.1.2-${{env.BRANCH_B}}.$tag"
+
+          echo "BRANCH_A_TAG_1=$branchATag1" >> $GITHUB_ENV
+          echo "BRANCH_A_TAG_2=$branchATag2" >> $GITHUB_ENV
+          echo "BRANCH_A_TAG_3=$branchATag3" >> $GITHUB_ENV
+          echo "BRANCH_B_TAG_1=$branchBTag1" >> $GITHUB_ENV
+          echo "BRANCH_B_TAG_2=$branchBTag2" >> $GITHUB_ENV
+
+      - name: Setup - Create packages
+        working-directory: test/npm
+        run: |
+          npm set //npm.pkg.github.com/:_authToken '${{ secrets.PACKAGE_TOKEN }}'
+
+          #-----------------------
+          # Regular package versions          
+          #-----------------------
+          # v1.0.0 already exists on the repo
+
+          #-----------------------
+          # Versions for branch 1
+          #-----------------------
+          npm version ${{ env.BRANCH_A_TAG_1 }} --allow-same-version --no-git-tag-version
+          npm install
+          npm publish --registry=https://npm.pkg.github.com/ --tag refs/heads/${{env.BRANCH_A}}
+
+          npm version ${{ env.BRANCH_A_TAG_2 }} --allow-same-version --no-git-tag-version
+          npm install
+          npm publish --registry=https://npm.pkg.github.com/ --tag refs/heads/${{env.BRANCH_A}}
+
+          npm version ${{ env.BRANCH_A_TAG_3 }} --allow-same-version --no-git-tag-version
+          npm install
+          npm publish --registry=https://npm.pkg.github.com/ --tag refs/heads/${{env.BRANCH_A}}
+                    
+          #-----------------------
+          # Versions for branch 2
+          #-----------------------
+          npm version ${{ env.BRANCH_B_TAG_1 }} --allow-same-version --no-git-tag-version
+          npm install
+          npm publish --registry=https://npm.pkg.github.com/ --tag refs/heads/${{env.BRANCH_B}}
+
+          npm version ${{ env.BRANCH_B_TAG_2 }} --allow-same-version --no-git-tag-version
+          npm install
+          npm publish --registry=https://npm.pkg.github.com/ --tag refs/heads/${{env.BRANCH_B}}
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.PACKAGE_TOKEN }}
+
+      - name: Setup - Assert all the packages exist
+        if: always()
+        uses: actions/github-script@v6
+        with:
+          script: |
+            const secondsToWait = 5;
+            core.info(`Sleep for ${secondsToWait} seconds to ensure the api has a chance to catch up before we start working on package versions.`);
+            await new Promise(r => setTimeout(r, secondsToWait * 1000));
+
+            const getPackageVersions = require('./test/setup/get-package-versions.js');
+            const packageVersions = await getPackageVersions(github, core);
+
+            const assertPackageVersionExists = require('./test/assert-package-version-exists.js');
+            assertPackageVersionExists(core, packageVersions, '${{ env.PROD_TAG}}');
+            assertPackageVersionExists(core, packageVersions, '${{ env.BRANCH_A_TAG_1}}');
+            assertPackageVersionExists(core, packageVersions, '${{ env.BRANCH_A_TAG_2}}');
+            assertPackageVersionExists(core, packageVersions, '${{ env.BRANCH_A_TAG_3}}');
+            assertPackageVersionExists(core, packageVersions, '${{ env.BRANCH_B_TAG_1}}');
+            assertPackageVersionExists(core, packageVersions, '${{ env.BRANCH_B_TAG_2}}');
+
+      #--------------------------------------
+      # PASS IN PACKAGE NAMES
+      #--------------------------------------
+      - name: '-------------------------------------------------------------------------------------------------------'
+        run: echo ""
+
+      - name: When delete-branch-package-versions is called with package names
+        uses: ./
+        if: always()
+        id: delete-names
+        with:
+          github-token: ${{ secrets.PACKAGE_TOKEN}}
+          organization: ${{ env.ORG }}
+          repository: ${{ env.REPO }}
+          package-type: npm
+          branch-name: 'refs/heads/branch a' # The action will sanitize this
+          package-names: ' ${{ env.PACKAGE_NAME}}    ' # The action should trim this up
+          strict-match-mode: true
+
+      - name: Then the outcome should be success
+        if: always()
+        run: ./test/assert-values-match.sh --name "step outcome" --expected "success" --actual "${{ steps.delete-names.outcome }}"
+
+      - name: And only versions that match the branch name should have been deleted
+        if: always()
+        uses: actions/github-script@v6
+        with:
+          script: |
+            const getPackageVersions = require('./test/setup/get-package-versions.js');
+            const packageVersions = await getPackageVersions(github, core);
+
+            const assertPackageVersionExists = require('./test/assert-package-version-exists.js');
+            const assertPackageVersionDoesNotExist = require('./test/assert-package-version-does-not-exist.js');
+
+            // This main version and branch B should be untouched
+            assertPackageVersionExists(core, packageVersions, '${{ env.PROD_TAG}}');
+            assertPackageVersionExists(core, packageVersions, '${{ env.BRANCH_B_TAG_1}}');
+            assertPackageVersionExists(core, packageVersions, '${{ env.BRANCH_B_TAG_2}}');
+
+            // The branch A versions should have been deleted
+            assertPackageVersionDoesNotExist(core, packageVersions, '${{ env.BRANCH_A_TAG_1}}');
+            assertPackageVersionDoesNotExist(core, packageVersions, '${{ env.BRANCH_A_TAG_2}}');
+            assertPackageVersionDoesNotExist(core, packageVersions, '${{ env.BRANCH_A_TAG_3}}');
+
+      #--------------------------------------
+      # DON'T PASS IN PACKAGE NAMES
+      #--------------------------------------
+      - name: '-------------------------------------------------------------------------------------------------------'
+        run: echo ""
+
+      - name: When delete-branch-package-versions is called with defaults
+        uses: ./
+        if: always()
+        id: delete-defaults
+        with:
+          github-token: ${{ secrets.PACKAGE_TOKEN}}
+          package-type: npm
+          branch-name: 'branch'  # Since this doesn't have strict match, it should delete the remaining branch versions
+          strict-match-mode: false
+
+      - name: Then the outcome should be success
+        if: always()
+        run: ./test/assert-values-match.sh --name "step outcome" --expected "success" --actual "${{ steps.delete-defaults.outcome }}"
+
+      - name: And only versions that match the branch name should have been deleted
+        if: always()
+        uses: actions/github-script@v6
+        with:
+          script: |
+            const getPackageVersions = require('./test/setup/get-package-versions.js');
+            const packageVersions = await getPackageVersions(github, core);
+
+            const assertPackageVersionExists = require('./test/assert-package-version-exists.js');
+            const assertPackageVersionDoesNotExist = require('./test/assert-package-version-does-not-exist.js');
+
+            // This main version should be untouched
+            assertPackageVersionExists(core, packageVersions, '${{ env.PROD_TAG}}');
+
+            // The branch B versions should have been deleted
+            assertPackageVersionDoesNotExist(core, packageVersions, '${{ env.BRANCH_B_TAG_1}}');
+            assertPackageVersionDoesNotExist(core, packageVersions, '${{ env.BRANCH_B_TAG_2}}');
+      
+      #--------------------------------------
+      # TEARDOWN
+      #--------------------------------------
+      - name: '-------------------------------------------------------------------------------------------------------'
+        run: echo ""
+
+      - name: Packages link
+        run: |
+          echo "The remaining packages can be found here:
+            https://github.com/${{github.repository}}/pkgs/npm/${{ env.PACKAGE_NAME }}/versions
+            Only 1.0.0 should remain."
+      
+      - name: '-------------------------------------------------------------------------------------------------------'
+        run: echo ""

README.md

@@ -17,6 +17,7 @@ If the action runs into an issue deleting a specific package version, it will ge
     - [Source Code Changes](#source-code-changes)
     - [Recompiling Manually](#recompiling-manually)
     - [Updating the README.md](#updating-the-readmemd)
+    - [Tests](#tests)
   - [Code of Conduct](#code-of-conduct)
   - [License](#license)
 
@@ -30,6 +31,7 @@ If the action runs into an issue deleting a specific package version, it will ge
 | `branch-name`   | true        | The branch name the packages were created with.  This is how package versions to delete are identified.                                                                                                      |
 | `package-type`  | true        | The type of package where versions will be deleted.  Can be one of npm, maven, rubygems, nuget, docker or container.                                                                                         |
 | `package-names` | false**     | The names of the packages that versions will be deleted from. Expects one value or a comma separated list (e.g. package1, package2). If omitted, it will default to all of the packages in the current repo. |
+| `strict-match-mode` | false       | Flag that determines the pattern the action will use to identify matches in the release name and tag.  Defaults to `true`.<br/>• `true: -<sanitized-branch-name>.` Releases created with [git-version-lite] tags follow this pattern.<br/>• `false: <sanitized-branch-name>` |
 
 ** *Note: When using versions prior to 3.0.0, `package-names` must be provided if the `package-type` is not `debian` or `pypi`.  GitHub officially dropped support for querying `npm`, `rubygems`, `maven`, `docker` and `nuget` packages associated with a repo through the GraphAPI on June 01, 2023, which previous versions of the action used.  Version 3.0.0 and later use the REST API to find packages associated with a repo when the `package-names` input is not provided.*
 
@@ -51,7 +53,7 @@ jobs:
 
     steps:
       - name: Clean up the GitHub package versions that were created for this branch
-        uses: im-open/delete-branch-package-versions@v3.0.0
+        uses: im-open/delete-branch-package-versions@v3.1.0
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           branch-name: ${{ github.head_ref }}
@@ -72,7 +74,7 @@ jobs:
     steps:
       - name: Clean up the GitHub package versions that were created for this branch
         # You may also reference just the major or major.minor version
-        uses: im-open/delete-branch-package-versions@v3.0.0
+        uses: im-open/delete-branch-package-versions@v3.1.0
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           branch-name: ${{ github.head_ref }}
@@ -92,7 +94,7 @@ jobs:
 
     steps:
       - name: Clean up the GitHub package versions that were created for this branch
-        uses: im-open/delete-branch-package-versions@v3.0.0
+        uses: im-open/delete-branch-package-versions@v3.1.0
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           organization: 'mySpecifiedOrg'
@@ -109,6 +111,7 @@ When creating PRs, please review the following guidelines:
 - [ ] At least one of the commit messages contains the appropriate `+semver:` keywords listed under [Incrementing the Version] for major and minor increments.
 - [ ] The action has been recompiled.  See [Recompiling Manually] for details.
 - [ ] The README.md has been updated with the latest version of the action.  See [Updating the README.md] for details.
+- [ ] Any tests in the [build-and-review-pr] workflow are passing
 
 ### Incrementing the Version
 
@@ -143,6 +146,12 @@ npm run build
 
 If changes are made to the action's [source code], the [usage examples] section of this file should be updated with the next version of the action.  Each instance of this action should be updated.  This helps users know what the latest tag is without having to navigate to the Tags page of the repository.  See [Incrementing the Version] for details on how to determine what the next version will be or consult the first workflow run for the PR which will also calculate the next version.
 
+### Tests
+
+The [build-and-review-pr] workflow includes tests which are linked to a status check. That status check needs to succeed before a PR is merged to the default branch.  When a PR comes from a branch, the workflow has access to secrets which are required to run the tests successfully.  
+
+When a PR comes from a fork, the workflow cannot access any secrets, so the tests won't have the necessary permissions to run. When a PR comes from a fork, the changes should be reviewed, then merged into an intermediate branch by repository owners so tests can be run against the PR changes.  Once the tests have passed, changes can be merged into the default branch.
+
 ## Code of Conduct
 
 This project has adopted the [im-open's Code of Conduct](https://github.com/im-open/.github/blob/main/CODE_OF_CONDUCT.md).

action.yml

@@ -20,6 +20,10 @@ inputs:
   package-names:
     description: 'The names of the packages that versions will be deleted from. Expects one value or a comma separated list (e.g. package1, package2). If not specified, it will default to all of the packages in the current repo.'
     required: false
+  strict-match-mode:
+    description: 'Flag that determines the pattern the action will use to identify matches in the release name and tag.'
+    required: false
+    default: 'true'
 
 runs:
   using: 'node16'