Merge branch 'trunk' into remove/my-mailboxes-menu-item

.github/ISSUE_TEMPLATE/bug-report.yml

@@ -50,72 +50,85 @@ body:
     attributes:
       label: Steps to reproduce
       placeholder: |
+        E.g., What happened, and what did you expect to happen? Add images,
+        GIFs, and videos if you have them on hand.
+
         1. Start at `site-domain.com/blog`.
         2. Click on any blog post.
         3. Click on the 'Like' button.
         4. ...
+
+        Add any information that may be relevant, such as:
+          - Browser/Platform
+          - Theme
+          - Logs/Errors
     validations:
       required: true
-  - type: textarea
-    id: expected
-    attributes:
-      label: A clear and concise description of what you expected to happen.
-      placeholder: |
-        eg. Post should be liked.
-  - type: textarea
-    id: actual
+
+  - type: markdown
     attributes:
-      label: What actually happened
-      placeholder: |
-        eg. Clicking the button does nothing visibly.
+      value: |
+        <br>
+
+        ## Impact
+        Please help us understand more about the impact of this issue to help determine next steps.
+        If you are unsure about anything, please use your judgment to make an educated guess.
   - type: dropdown
-    id: users-affected
+    id: impact
     attributes:
-      label: Impact
-      description: Approximately how many users are impacted?
+      label: Site owner impact
+      description: Approximately what percentage of the total users of the platform are impacted? Unsure? Please provide your most educated guess!
       options:
-        - One
-        - Some (< 50%)
-        - Most (> 50%)
-        - All
+        - Fewer than 20% of the total website/platform users
+        - Between 20% and 60% of the total website/platform users
+        - More than 60% of the total website/platform users
     validations:
       required: true
   - type: dropdown
-    id: workarounds
+    id: severity
     attributes:
-      label: Available workarounds?
+      label: Severity
+      description: What is the severity of this issue? Please take a look at the descriptions below for further context.<br>
+        <br> - **Critical:** Prevents core functionality or has severe impact on the website/platform.
+        <br> - **Major:** Significantly impairs important features or has notable impact on the website/platform.
+        <br> - **Moderate:** Affects non-critical features or has limited impact on the website/platform.
+        <br> - **Minor:** Causes inconvenience or has minimal impact on functionality.
       options:
-        - No and the platform is unusable
-        - No but the platform is still usable
-        - Yes, difficult to implement
-        - Yes, easy to implement
-        - There is no user impact
+        - Critical
+        - Major
+        - Moderate
+        - Minor
     validations:
       required: true
+  - type: dropdown
+    id: additional-impact
+    attributes:
+      label: What other impact(s) does this issue have?
+      description: You may select more than one
+      options:
+        - Platform revenue
+        - Agency or developer revenue
+        - Individual site owner revenue
+        - No revenue impact
+      multiple: true
 
   - type: markdown
     attributes:
       value: |
         <br>
 
+        ## Optional Information
+
   - type: textarea
-    id: workaround-detail
+    id: workaround
     attributes:
-      label: If the above answer is "Yes...", outline the workaround.
+      label: If a workaround is available, please outline it here.
       placeholder: |
         Provide details of the specific steps to take that resolve the issue, e.g.:
           - Open "Setting X".
           - Toggle "Option Y".
           - Click "Button Z".
 
-  - type: markdown
-    attributes:
-      value: |
-        <br>
-
-        ## Optional Information
-
-        The following section is optional.
   - type: dropdown
     id: site-type
     attributes:
@@ -126,12 +139,3 @@ body:
         - Atomic
         - Self-hosted
       multiple: true
-  - type: textarea
-    id: logs
-    attributes:
-      label: Logs or notes
-      placeholder: |
-        Add any information that may be relevant, such as:
-          - Browser/Platform
-          - Theme
-          - Logs/Errors

.github/files/coverage-munger/upload-coverage.sh

@@ -0,0 +1,97 @@
+#!/bin/bash
+
+## Environment used by this script:
+#
+# Required:
+# - GITHUB_SHA: Commit SHA.
+# - PR_ID: PR number or "trunk".
+# - SECRET: Shared secret.
+
+set -eo pipefail
+
+if [[ ! -f coverage/summary.tsv ]]; then
+	echo 'No coverage was generated.'
+	exit 0
+fi
+
+mkdir coverage-data
+cp coverage/summary.tsv coverage-data/summary.tsv
+gzip -9 coverage-data/summary.tsv
+
+if [[ -f coverage/js-combined.json ]]; then
+	echo '::group::Pnpm install'
+	pnpm install
+	echo '::endgroup::'
+
+	echo '::group::Generating JS coverage report'
+	.github/files/coverage-munger/node_modules/.bin/nyc report --no-exclude-after-remap --report-dir=coverage-data/js --temp-dir=coverage/ --reporter=html-spa
+	echo '::endgroup::'
+fi
+
+if [[ -f coverage/php-combined.cov ]]; then
+	echo '::group::Composer install'
+	composer --working-dir=.github/files/coverage-munger/ update
+	echo '::endgroup::'
+
+	echo '::group::Generating PHP coverage report'
+	.github/files/coverage-munger/vendor/bin/phpcov merge --html coverage-data/php coverage/
+	echo '::endgroup::'
+fi
+
+echo '::group::Creating zip file'
+zip -Xr9 coverage-data.zip coverage-data/
+echo '::endgroup::'
+
+echo '::group::Uploading zip file'
+# Because we don't know how big the zip is going to wind up being and have to upload via HTTP,
+# we created a simple chunked-upload protocol. This sends one command.
+#
+# $1 - Query parameters.
+# $2 - Chunk filename, if any.
+# $SECRET - Shared secret.
+#
+# Output:
+# JSON - JSON response. Also printed.
+function do_req {
+	local args=(
+		--header "Shared-Secret: $SECRET"
+		--url "https://jetpackcodecoverage.atomicsites.blog/upload-coverage-data.php?$1"
+	)
+	if [[ -n "$2" ]]; then
+		args+=( --form "chunk=@$2" )
+	fi
+
+	echo "=> $1"
+	if JSON=$( curl "${args[@]}" ) && jq -e '.ok == true' <<<"$JSON" &>/dev/null; then
+		jq . <<<"$JSON"
+		return 0
+	fi
+	echo "::error::Upload failed: ${JSON/$'\n'/%0A}"
+	return 1
+}
+
+SZ=$( stat -c %s coverage-data.zip )
+SHA=$( sha256sum coverage-data.zip )
+ID=$( jq --arg V "$PR_ID" -nr '$V | @uri' )
+COMMIT=$( jq --arg V "$GITHUB_SHA" -nr '$V | @uri' )
+do_req "op=begin&id=$ID&commit=$COMMIT&len=$SZ&sha=${SHA%% *}"
+TOKEN=$( jq -r '.token | @uri' <<<"$JSON" )
+CSZ=$( jq -r .chunkSize <<<"$JSON" )
+
+# Abort upload on exit
+function onexit {
+	if [[ -n "$TOKEN" ]]; then
+		do_req "op=abort&token=$TOKEN" || true
+		TOKEN=
+	fi
+}
+trap onexit exit
+
+for (( O=0; O < SZ; O+=CSZ )); do
+	dd if=coverage-data.zip of=chunk bs=32K skip=${O}B count=${CSZ}B
+	do_req "op=chunk&token=$TOKEN" chunk
+done
+
+do_req "op=finish&token=$TOKEN"
+TOKEN=
+echo '::endgroup::'

.github/workflows/build-docker-monorepo.yml

@@ -0,0 +1,100 @@
+name: Build Monorepo Docker
+on:
+  push:
+    branches: [ 'trunk' ]
+    paths:
+      - 'tools/docker/Dockerfile.monorepo'
+      - 'tools/docker/bin/monorepo'
+      - '.github/versions.sh'
+      - '.github/workflows/build-docker-monorepo.yml'
+  pull_request:
+    paths:
+      - 'tools/docker/Dockerfile.monorepo'
+      - 'tools/docker/bin/monorepo'
+      - '.github/versions.sh'
+      - '.github/workflows/build-docker-monorepo.yml'
+concurrency:
+  group: build-docker-monorepo-${{ github.event_name }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  build:
+    name: Build and publish Jetpack Monorepo Environment
+    runs-on: ubuntu-latest
+    permissions:
+      packages: write
+      contents: read
+    timeout-minutes: 60
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up qemu
+        uses: docker/setup-qemu-action@v3
+        with:
+          platforms: arm64
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: matticbot
+          password: ${{ secrets.DOCKER_HUB_MATTICBOT_TOKEN }}
+
+      - name: Log in to GitHub Packages
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Fetch build args
+        id: buildargs
+        run: |
+          source .github/versions.sh
+          source .github/files/gh-funcs.sh
+
+          gh_set_output php-version "$PHP_VERSION"
+          gh_set_output composer-version "$COMPOSER_VERSION"
+          gh_set_output node-version "$NODE_VERSION"
+          gh_set_output pnpm-version "$PNPM_VERSION"
+
+          if [[ "$GITHUB_EVENT_NAME" == "push" ]]; then
+            gh_set_output tags "type=raw,latest"
+            gh_set_output images $'automattic/jetpack-monorepo\nghcr.io/automattic/jetpack-monorepo'
+          elif [[ "$GITHUB_EVENT_NAME" == "pull_request" ]]; then
+            gh_set_output tags "type=ref,event=pr"
+            gh_set_output images "ghcr.io/automattic/jetpack-monorepo"
+          else
+            echo "Unknown GITHUB_EVENT_NAME $GITHUB_EVENT_NAME"
+            exit 1
+          fi
+
+      - name: Extract Docker metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          flavor: latest=false
+          tags: ${{ steps.buildargs.outputs.tags }}
+          images: ${{ steps.buildargs.outputs.images }}
+          labels: |
+            org.opencontainers.image.title=Jetpack Monorepo Environment
+            org.opencontainers.image.description=Environment for building and testing the Jetpack Monorepo.
+            org.opencontainers.image.documentation=${{ github.server_url }}/${{ github.repository }}/blob/trunk/tools/docker/README.md
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v6
+        with:
+          context: tools/docker
+          file: tools/docker/Dockerfile.monorepo
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          platforms: linux/arm64,linux/amd64
+          build-args: |
+            PHP_VERSION=${{ steps.buildargs.outputs.php-version }}
+            COMPOSER_VERSION=${{ steps.buildargs.outputs.composer-version }}
+            NODE_VERSION=${{ steps.buildargs.outputs.node-version }}
+            PNPM_VERSION=${{ steps.buildargs.outputs.pnpm-version }}

.github/workflows/e2e-tests.yml

@@ -211,6 +211,7 @@ jobs:
           CONFIG_KEY: ${{ secrets.E2E_CONFIG_KEY }}
           SUITE: ${{ matrix.suite }}
           PROJECT_NAME: ${{ matrix.project }}
+          HOST_CWD: ${{ github.workspace }}
         run: |
           echo "::group::Decrypt config"
           pnpm run config:decrypt

.github/workflows/linting.yml

@@ -93,6 +93,8 @@ jobs:
               - '.github/workflows/*.{yml,yaml}'
               - '.github/actions/*/action.{yml,yaml}'
               - 'projects/github-actions/*/action.{yml,yaml}'
+              # If we edit the linting JS files, we need to run it.
+              - 'tools/js-tools/lint-gh-actions.{js,mjs}'
             misc_php:
               # If composer, phpcs config, or the codesniffer package itself changed, there may be a new standard.
               - 'composer.json'
@@ -341,7 +343,7 @@ jobs:
         run: pnpm run lint-changed --git-base=$SHA $(jq -rn --argjson files "$FILES" '$files[]')
 
   ### Lints GitHub Actions yaml files.
-  # Local equivalent: `./tools/js-tools/lint-gh-actions.js <files>`
+  # Local equivalent: `./tools/js-tools/lint-gh-actions.mjs <files>`
   lint_gh_actions:
     name: Lint GitHub Actions yaml files
     runs-on: ubuntu-latest
@@ -358,7 +360,7 @@ jobs:
 
       - run: pnpm install
       - name: Run lint
-        run: ./tools/js-tools/lint-gh-actions.js -v '.github/workflows/*.{yml,yaml}' '.github/actions/*/action.{yml,yaml}' 'projects/github-actions/*/action.{yml,yaml}'
+        run: ./tools/js-tools/lint-gh-actions.mjs -v '.github/workflows/*.{yml,yaml}' '.github/actions/*/action.{yml,yaml}' 'projects/github-actions/*/action.{yml,yaml}'
 
   ### Checks that copied files (e.g. readme, license) are in sync
   # Local equivalent: `./tools/check-copied-files.sh`