Update WordPress JS dependencies

[luislard]

Please check if the PR fulfills these requirements

• The commit message follows our guidelines
• Tests for the changes have been added (for bug fixes/features)
• Docs have been added/updated (for bug fixes/features)

What kind of change does this PR introduce? (Bug fix, feature, docs update, ...)
Feature

What is the current behavior? (You can also link to an open issue here)
There is no workflow to automatically create a PR with updated WordPress dependencies.

What is the new behavior (if this is a feature change)?
It adds two new workflows to create a PR with updated WordPress dependencies.

The reusable workflow for the orchestrator was added in here:

reusable-workflows/.github/workflows/update-wordpress-js-dependencies-orchestrator.yml at update_wordpress_js_dependencies · inpsyde/reusable-workflows

How does it work?

Individual package

The workflow can be called from the individual package or from the orchestrator.

Example:

name: WordPress JS Dependencies Update
on:
  workflow_dispatch:
    inputs:
      WP_SCRIPT_DIST_TAG:
        description: The tag to use for updating the dependencies. e.g. wp-6.6
        default: wp-6.6
        required: true
        type: string
  repository_dispatch:
    types: ['update_wp_dependencies']

jobs:
  update_wp_dependencies:
    uses: inpsyde/reusable-workflows/.github/workflows/update-wordpress-js-dependencies.yml@update_wordpress_js_dependencies
    secrets:
        GITHUB_USER_EMAIL: ${{ secrets.SOME_EMAIL }}
        GITHUB_USER_NAME: ${{ secrets.SOME_USER }}
        GITHUB_USER_SSH_KEY: ${{ secrets.SOME_SSH_PRIVATE_KEY }}
        GITHUB_USER_SSH_PUBLIC_KEY: ${{ secrets.SOME_SSH_PUBLIC_KEY }}
        NPM_REGISTRY_TOKEN: ${{ secrets.SOME_TOKEN }}
    with:
        NPM_REGISTRY_DOMAIN: "https://npm.pkg.github.com/"
        WP_SCRIPT_DIST_TAG: ${{ inputs.WP_SCRIPT_DIST_TAG }}

Orchestrator

An orchestrator is a repository that consumes other packages, typically a website repository.

Orchestrator example:

name: Call Update WordPress Deps using loop from composer and defined packages 

on:
  workflow_dispatch:
    inputs:
      WP_SCRIPT_DIST_TAG:
        description: 'The WP dist tag. e.g.: wp-6.7'
        required: true
      PACKAGES:
        description: Comma separated list of packages to call the update js wordpress dependencies.
        required: false
        type: string
  

jobs:
  update-dependencies:
    uses: inpsyde/reusable-workflows/.github/workflows/update-wordpress-js-dependencies-orchestrator.yml@update_wordpress_js_dependencies
    with:
      WP_SCRIPT_DIST_TAG: ${{ inputs.WP_SCRIPT_DIST_TAG }}
      PACKAGES: ${{ inputs.PACKAGES }}
    secrets:
      GH_API_TOKEN: ${{ secrets.SOME_TOKEN }}

The workflow is triggered on demand. The user needs to define the wp dist tag and could optionally define some repos in the PACKAGES input in a comma-separated string.

Does this PR introduce a breaking change? (What changes might users need to make in their application due to this PR?)
No

Other information:

[tyrann0us]

Thank you for adding this workflow! I left a couple of minor suggestions and comments.
Also, I took the liberty to push a rather major rewrite of the documentation; putting this into line suggestions would have been impossible.
Please check my comments and the updated documentation. Thank you!

[tyrann0us]

Thank you for incorporating all the changes, and I apologize for the number of new comments. Most are minor, as they are about documentation wording alignment or previously overlooked suggestions, but there's one regarding the documentation that does not reflect the move from repository_dispatch to workflow_dispatch.
This should be the last round. 🤞🏽

[tyrann0us]

In the meantime, #180 has been merged. Please validate which global env variables are still needed here and which can be moved to step level.

[luislard]

I left only non secrets

[tyrann0us]

The latest change made me realize that an if check is missing here because these credentials are optional.

Suggested change

	GITHUB_USER_NAME: ${{ secrets.GITHUB_USER_NAME }}
	GITHUB_USER_NAME: ${{ secrets.GITHUB_USER_NAME }}
	if: ${{ env.GITHUB_USER_EMAIL != '' && env.GITHUB_USER_NAME != '' }}

[tyrann0us]

Have you verified that NPM_REGISTRY_DOMAIN and NODE_AUTH_TOKEN are indeed required again here and in the "Update dependencies" step below? I would expect this to be similar to Composer's COMPOSER_AUTH variable, which is only required once.