feat: add workflow to auto-update CLI version via repository_dispatch

[jonathannorris]

Summary

• Adds update-cli-version.yml workflow that receives repository_dispatch events from the CLI release workflow
• Updates the @devcycle/cli version in src/action.ts, rebuilds dist/, and opens a PR automatically

[Copilot]

Pull request overview

Adds an automation workflow that listens for repository_dispatch events and opens a PR to bump the @devcycle/cli version used by this GitHub Action (including rebuilding dist/).

Changes:

• Introduces .github/workflows/update-cli-version.yml triggered by repository_dispatch (update-cli-version).
• Updates src/action.ts based on the dispatched version, rebuilds the project, and pushes a branch.
• Creates a pull request automatically via gh pr create.

Comments suppressed due to low confidence (1)

.github/workflows/update-cli-version.yml:65

• gh pr create will fail if a PR for the same branch already exists (common when retrying jobs or when a previous run partially succeeded). To make this workflow retry-safe, detect an existing PR for $BRANCH_NAME and either update it (push changes + gh pr edit) or skip creation when one is already open.

              env:
                  GH_TOKEN: ${{ secrets.AUTOMATION_USER_TOKEN }}
              run: |
                  gh pr create \
                    --base main \
                    --head "$BRANCH_NAME" \
                    --title "chore: update CLI version to ${CLI_VERSION}" \
                    --body "This PR was automatically created by the DevCycle CLI release workflow."

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

CLI_VERSION is taken directly from github.event.client_payload.version without any validation. If the dispatch payload is missing/empty, this will create a branch like update-cli-version-to- and replace the CLI install string with an empty version, breaking the action. Add an explicit check that the payload value is present (and fail fast with a clear message) before proceeding.

[Copilot]

The sed replacement and branch name interpolation use CLI_VERSION unsafely. A version containing unexpected characters (e.g., 1.2.3-rc.1, or shell/sed metacharacters) can break the sed command or create an invalid branch name. Consider validating the version against an allowed SemVer pattern and escaping it for use in sed (or updating the file via a small Node script) before writing it into src/action.ts.

Suggested change

	BRANCH_NAME="update-cli-version-to-${CLI_VERSION}"
	git checkout -b "$BRANCH_NAME"
	sed -i "s/@devcycle\/cli@[0-9]*\.[0-9]*\.[0-9]*/@devcycle\/cli@${CLI_VERSION}/" src/action.ts
	echo "BRANCH_NAME=$BRANCH_NAME" >> $GITHUB_ENV
	echo "CLI_VERSION=$CLI_VERSION" >> $GITHUB_ENV
	if ! printf '%s' "$CLI_VERSION" | grep -Eq '^[0-9]+\.[0-9]+\.[0-9]+(-[0-9A-Za-z.-]+)?(\+[0-9A-Za-z.-]+)?$'; then
	echo "Invalid CLI version: $CLI_VERSION" >&2
	exit 1
	fi
	BRANCH_VERSION="$(printf '%s' "$CLI_VERSION" | tr -c '0-9A-Za-z.-' '-')"
	BRANCH_NAME="update-cli-version-to-${BRANCH_VERSION}"
	git checkout -b "$BRANCH_NAME"
	CLI_VERSION="$CLI_VERSION" node - <<'NODE'
	const fs = require('fs');
	const filePath = 'src/action.ts';
	const cliVersion = process.env.CLI_VERSION;
	const fileContents = fs.readFileSync(filePath, 'utf8');
	const updatedContents = fileContents.replace(
	/@devcycle\/cli@[0-9]+\.[0-9]+\.[0-9]+(?:-[0-9A-Za-z.-]+)?(?:\+[0-9A-Za-z.-]+)?/,
	`@devcycle/cli@${cliVersion}`,
	);
	if (fileContents === updatedContents) {
	console.error('Failed to update CLI version in src/action.ts');
	process.exit(1);
	}
	fs.writeFileSync(filePath, updatedContents);
	NODE
	echo "BRANCH_NAME=$BRANCH_NAME" >> "$GITHUB_ENV"
	echo "CLI_VERSION=$CLI_VERSION" >> "$GITHUB_ENV"

[Copilot]

git checkout -b "$BRANCH_NAME" will fail if the workflow is re-run for the same version or if the branch already exists remotely, which makes the automation non-idempotent. Using an idempotent approach (e.g., git checkout -B and force-push, or detecting existing branches/PRs and exiting early) will make retries safe.

[Copilot]

If the version in src/action.ts is already up to date (or the sed pattern fails to match), git commit will exit non-zero due to having nothing to commit, causing the workflow to fail. Consider checking whether src/action.ts (and dist/) actually changed before committing/pushing, and either skip or exit cleanly when there are no changes.

Suggested change

	git add .
	git commit -m "chore: update CLI version to ${CLI_VERSION}"
	git push --set-upstream origin "$BRANCH_NAME"
	- name: Create PR
	git add .
	if git diff --cached --quiet; then
	echo "No changes detected; skipping commit, push, and PR creation."
	echo "HAS_CHANGES=false" >> $GITHUB_ENV
	exit 0
	fi
	echo "HAS_CHANGES=true" >> $GITHUB_ENV
	git commit -m "chore: update CLI version to ${CLI_VERSION}"
	git push --set-upstream origin "$BRANCH_NAME"
	- name: Create PR
	if: env.HAS_CHANGES == 'true'

[Copilot]

This workflow runs yarn install and then yarn build, but the repo’s build script already starts with yarn install (see package.json). That means dependencies are installed twice on every run. Consider removing the standalone install step here, or updating the build script to not re-install dependencies and keeping installation as a separate workflow step.