ci: fix update dependencies

.github/actions/update-vscode-extensions/action.yml

@@ -11,9 +11,9 @@ outputs:
   updated-dependencies:
     description: JSON array with the names of the updated dependencies
     value: ${{ steps.update-extensions.outputs.updated-dependencies }}
-  markdown-summary:
-    description: Markdown summary of update result
-    value: ${{ steps.update-extensions.outputs.markdown-summary }}
+  markdown-summary-file:
+    description: Path to a file containing the markdown summary of update result
+    value: ${{ steps.update-extensions.outputs.markdown-summary-file }}
 
 runs:
   using: composite
@@ -24,13 +24,10 @@ runs:
         sudo npm install -g @vscode/vsce
       shell: bash
     - run: |
-        EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64)
-        echo "markdown-summary<<${EOF}" >> "${GITHUB_OUTPUT}"
-        echo "$(${GITHUB_ACTION_PATH}/update-vscode-extensions.sh ${INPUT_FILE})" >> "${GITHUB_OUTPUT}"
-        echo "${EOF}" >> "${GITHUB_OUTPUT}"
-
-        echo "updated-dependencies=$(cat updated-extensions.json)" >> "${GITHUB_OUTPUT}"
-        rm updated-extensions.json
+        "${GITHUB_ACTION_PATH}/update-vscode-extensions.sh" "${INPUT_FILE}"
+        echo "markdown-summary-file=${RUNNER_TEMP}/markdown-summary.md" >> "${GITHUB_OUTPUT}"
+        echo "updated-dependencies=$(cat ${RUNNER_TEMP}/updated-extensions.json)" >> "${GITHUB_OUTPUT}"
+        rm "${RUNNER_TEMP}/updated-extensions.json"
       id: update-extensions
       shell: bash
       env:

.github/actions/update-vscode-extensions/update-vscode-extensions.sh

@@ -3,7 +3,7 @@
 set -Eeuo pipefail
 
 FILE=${1:?}
-JSON=$(cat $FILE)
+JSON=$(cat "$FILE")
 EXTENSIONS=
 UPDATE_DETAILS_MARKDOWN=
 UPDATED_EXTENSIONS_JSON="[]"
@@ -22,46 +22,53 @@ get_github_releasenotes() {
     local GITHUB_URL=${1:?}
     local CURRENT_RELEASE=${2:?}
 
-    gh release list --exclude-drafts --exclude-pre-releases -R $GITHUB_URL --json name,tagName --jq '.[]' | while read -r RELEASE;
+    gh release list --exclude-drafts --exclude-pre-releases -R "$GITHUB_URL" --json name,tagName --jq '.[]' | while read -r RELEASE;
     do
         NAME=$(echo "$RELEASE" | jq -r '.name')
         TAG=$(echo "$RELEASE" | jq -r '.tagName')
 
-        if [[ $NAME == *$CURRENT_RELEASE* || $TAG == v$CURRENT_RELEASE ]];
+        if [[ $NAME == *"$CURRENT_RELEASE"* || $TAG == "v$CURRENT_RELEASE" ]];
         then
             break;
         fi
 
-        printf "%s\n\n" "$(gh release view --json body --jq '.body' -R $GITHUB_URL $TAG)"
+        printf "%s\n\n" "$(gh release view --json body --jq '.body' -R "$GITHUB_URL" "$TAG")"
     done
 }
 
-for EXTENSION in $(echo $JSON | jq -r '.customizations.vscode.extensions | flatten[]'); do
+while IFS= read -r EXTENSION; do
+    [[ -z "$EXTENSION" ]] && continue
+
     NAME="${EXTENSION%%@*}"
     CURRENT_VERSION="${EXTENSION#*@}"
 
-    LATEST_NON_PRERELEASE_VERSION_JSON=$(vsce show --json $NAME | jq '[ .versions[] | select(.properties) | select(any(.properties[].key; contains("Microsoft.VisualStudio.Code.PreRelease")) | not) ][0]')
-    LATEST_NON_PRERELEASE_VERSION=$(echo $LATEST_NON_PRERELEASE_VERSION_JSON | jq -r '.version')
+    LATEST_NON_PRERELEASE_VERSION_JSON=$(vsce show --json "$NAME" | jq '[ .versions[] | select(.properties) | select(any(.properties[].key; contains("Microsoft.VisualStudio.Code.PreRelease")) | not) ][0]')
+    LATEST_NON_PRERELEASE_VERSION=$(echo "$LATEST_NON_PRERELEASE_VERSION_JSON" | jq -r '.version')
 
-    if [[ $CURRENT_VERSION != $LATEST_NON_PRERELEASE_VERSION ]];
+    if [[ $CURRENT_VERSION != "$LATEST_NON_PRERELEASE_VERSION" ]];
     then
-        GITHUB_URL=$(echo $LATEST_NON_PRERELEASE_VERSION_JSON | jq -r '.properties | map(select(.key == "Microsoft.VisualStudio.Services.Links.GitHub"))[] | .value')
+        GITHUB_URL=$(echo "$LATEST_NON_PRERELEASE_VERSION_JSON" | jq -r '.properties | map(select(.key == "Microsoft.VisualStudio.Services.Links.GitHub"))[] | .value')
 
         if [[ -n "$GITHUB_URL" && "$GITHUB_URL" != "null" ]]; then
-            RELEASE_DETAILS=$(get_github_releasenotes $GITHUB_URL $CURRENT_VERSION | prevent_github_backlinks | prevent_github_at_mentions)
-            UPDATE_DETAILS_MARKDOWN=$(printf "Updates \`%s\` from %s to %s\n<details>\n<summary>Release notes</summary>\n<blockquote>\n\n%s\n</blockquote>\n</details>\n\n%s" $NAME $CURRENT_VERSION $LATEST_NON_PRERELEASE_VERSION "$RELEASE_DETAILS" "$UPDATE_DETAILS_MARKDOWN")
+            RELEASE_DETAILS=$(get_github_releasenotes "$GITHUB_URL" "$CURRENT_VERSION" | prevent_github_backlinks | prevent_github_at_mentions)
+            UPDATE_DETAILS_MARKDOWN=$(printf "Updates \`%s\` from %s to %s\n<details>\n<summary>Release notes</summary>\n<blockquote>\n\n%s\n</blockquote>\n</details>\n\n%s" "$NAME" "$CURRENT_VERSION" "$LATEST_NON_PRERELEASE_VERSION" "$RELEASE_DETAILS" "$UPDATE_DETAILS_MARKDOWN")
         else
-            UPDATE_DETAILS_MARKDOWN=$(printf "Updates \`%s\` from %s to %s\n\n%s" $NAME $CURRENT_VERSION $LATEST_NON_PRERELEASE_VERSION "$UPDATE_DETAILS_MARKDOWN")
+            UPDATE_DETAILS_MARKDOWN=$(printf "Updates \`%s\` from %s to %s\n\n%s" "$NAME" "$CURRENT_VERSION" "$LATEST_NON_PRERELEASE_VERSION" "$UPDATE_DETAILS_MARKDOWN")
         fi
 
-        UPDATED_EXTENSIONS_JSON=$(echo $UPDATED_EXTENSIONS_JSON | jq -c '. += ["'$NAME'"]')
+        UPDATED_EXTENSIONS_JSON=$(echo "$UPDATED_EXTENSIONS_JSON" | jq -c --arg name "$NAME" '. += [$name]')
     fi
 
     EXTENSIONS="\"$NAME@$LATEST_NON_PRERELEASE_VERSION\",$EXTENSIONS"
-done
+done < <(echo "$JSON" | jq -r '.customizations.vscode.extensions | flatten[]')
 
-EXTENSIONS=$(echo "[${EXTENSIONS::-1}]" | jq 'sort_by(. | ascii_downcase)')
-echo $JSON | jq '.customizations.vscode.extensions = $extensions' --argjson extensions "$EXTENSIONS" > $FILE
+if [[ -n "$EXTENSIONS" ]]; then
+    EXTENSIONS=$(echo "[${EXTENSIONS::-1}]" | jq 'sort_by(. | ascii_downcase)')
+else
+    EXTENSIONS="[]"
+fi
+echo "$JSON" | jq '.customizations.vscode.extensions = $extensions' --argjson extensions "$EXTENSIONS" > "$FILE"
 
 echo "$UPDATE_DETAILS_MARKDOWN"
-echo "$UPDATED_EXTENSIONS_JSON" > updated-extensions.json
+echo "$UPDATE_DETAILS_MARKDOWN" > "${RUNNER_TEMP}/markdown-summary.md"
+echo "$UPDATED_EXTENSIONS_JSON" > "${RUNNER_TEMP}/updated-extensions.json"

.github/workflows/update-dependencies.yml

@@ -2,6 +2,7 @@
 name: Update Dependencies
 
 on:
+  pull_request:
   schedule:
     - cron: "30 2 * * 0"
   workflow_dispatch:
@@ -13,6 +14,7 @@ jobs:
     name: Update APT Dependencies (🍨 ${{ matrix.flavor }})
     runs-on: ubuntu-latest
     strategy:
+      fail-fast: false
       matrix:
         flavor: ["base", "cpp", "rust"]
     # Using our own container is required since we need all package sources
@@ -31,13 +33,15 @@ jobs:
       - uses: ./.github/actions/update-apt-packages
         id: update-packages
         with:
-          input-file: .devcontainer/${{ matrix.flavor }}/apt-requirements-*.json
+          input-file: .devcontainer/${{ matrix.flavor }}/apt-requirements*.json
       - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
         id: token
+        if: github.event_name != 'pull_request'
         with:
           app-id: ${{ vars.FOREST_RELEASER_APP_ID }}
           private-key: ${{ secrets.FOREST_RELEASER_APP_PRIVATE_KEY }}
       - uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8.1.0
+        if: github.event_name != 'pull_request'
         with:
           commit-message: "Update ${{ join(fromJson(steps.update-packages.outputs.updated-dependencies), ', ') }}"
           branch: feature/amp-devcontainer-${{ matrix.flavor }}/update-apt-packages
@@ -50,6 +54,7 @@ jobs:
     name: Update VS Code Extensions (🍨 ${{ matrix.flavor }}, ${{ matrix.file }})
     runs-on: ubuntu-latest
     strategy:
+      fail-fast: false
       matrix:
         flavor: ["cpp", "rust"]
         file: ["devcontainer-metadata.json", "devcontainer.json"]
@@ -67,20 +72,28 @@ jobs:
         id: update-extensions
         with:
           input-file: .devcontainer/${{ matrix.flavor }}/${{ matrix.file }}
+      - name: Generate PR body
+        run: |
+          {
+            echo "> [!NOTE]"
+            echo "> Before merging this PR, please conduct a manual test checking basic functionality of the updated plug-ins. There are limited automated tests for the VS Code Extension updates."
+            echo ""
+            cat "$MARKDOWN_SUMMARY_FILE"
+          } >> "${RUNNER_TEMP}/pull-request-body.md"
+        env:
+          MARKDOWN_SUMMARY_FILE: ${{ steps.update-extensions.outputs.markdown-summary-file }}
       - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
         id: token
+        if: github.event_name != 'pull_request'
         with:
           app-id: ${{ vars.FOREST_RELEASER_APP_ID }}
           private-key: ${{ secrets.FOREST_RELEASER_APP_PRIVATE_KEY }}
       - uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8.1.0
+        if: github.event_name != 'pull_request'
         with:
           commit-message: "Update ${{ join(fromJson(steps.update-extensions.outputs.updated-dependencies), ', ') }} in ${{ matrix.file }}"
           branch: feature/amp-devcontainer-${{ matrix.flavor }}/update-vscode-extensions-${{ matrix.file }}
-          body: |
-            > [!NOTE]
-            > Before merging this PR, please conduct a manual test checking basic functionality of the updated plug-ins. There are limited automated tests for the VS Code Extension updates.
-
-            ${{ steps.update-extensions.outputs.markdown-summary }}
+          body-path: ${{ runner.temp }}/pull-request-body.md
           title: "chore(deps, ${{ matrix.flavor }}): update ${{ join(fromJson(steps.update-extensions.outputs.updated-dependencies), ', ') }} in ${{ matrix.file }}"
           labels: dependencies,vscode-extensions
           token: ${{ steps.token.outputs.token }}