BRE-344 - Create Repository Management workflow

[vgrassia]

🎟️ Tracking

• Card

📔 Objective

This PR removes the old Version Bump workflow and creates a new Repository Management workflow that is used for version bumps and cutting rc/hotfix-rc branches.

⏰ Reminders before review

• Contributor guidelines followed
• All formatters and local linters executed and passed
• Written new unit and / or integration tests where applicable
• Protected functional changes with optionality (feature flags)
• Used internationalization (i18n) for all UI strings
• CI builds passed
• Communicated to DevOps any deployment requirements
• Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

• 👍 (:+1:) or similar for great changes
• 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
• ❓ (:question:) for questions
• 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
• 🎨 (:art:) for suggestions / improvements
• ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
• 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
• ⛏ (:pick:) for minor or nitpick changes

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 41.67%. Comparing base (452a45b) to head (18338e6).
Report is 23 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #4863      +/-   ##
==========================================
+ Coverage   41.57%   41.67%   +0.10%     
==========================================
  Files        1357     1361       +4     
  Lines       64056    63901     -155     
  Branches     5891     5862      -29     
==========================================
+ Hits        26631    26633       +2     
+ Misses      36208    36061     -147     
+ Partials     1217     1207      -10     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[github-actions]

Checkmarx One – Scan Summary & Details – afb1e108-1865-4af9-8fd5-72b44613e39a

New Issues

Severity	Issue	Source File / Package	Checkmarx Insight
	Privacy_Violation	/src/Core/Models/Data/UserWithCalculatedPremium.cs: 19	Attack Vector
	Privacy_Violation	/src/Core/Models/Data/UserWithCalculatedPremium.cs: 26	Attack Vector
	Privacy_Violation	/src/Core/Models/Data/UserWithCalculatedPremium.cs: 18	Attack Vector
	Unpinned Actions Full Length Commit SHA	/repository-management.yml: 104	Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
	Unpinned Actions Full Length Commit SHA	/repository-management.yml: 60	Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
	Unpinned Actions Full Length Commit SHA	/repository-management.yml: 111	Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
	Unpinned Actions Full Length Commit SHA	/build.yml: 598	Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
	Unpinned Actions Full Length Commit SHA	/repository-management.yml: 119	Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...

Fixed Issues

Severity	Issue	Source File / Package
	CSRF	/src/Api/Auth/Controllers/TwoFactorController.cs: 112
	Unpinned Actions Full Length Commit SHA	/version-bump.yml: 220
	Unpinned Actions Full Length Commit SHA	/build.yml: 631
	Unpinned Actions Full Length Commit SHA	/version-bump.yml: 129
	Unpinned Actions Full Length Commit SHA	/version-bump.yml: 137
	Unpinned Actions Full Length Commit SHA	/version-bump.yml: 122
	Unpinned Actions Full Length Commit SHA	/build.yml: 582

[withinfocus]

Quick seagulling.

[withinfocus]

⛏️ We don't have to have these at the tops of workflows.

[vgrassia]

We don't need them, but I believe it was decided a long time ago to keep them. We can revisit that and make a card to update all the workflows across the organization to remove the document start marker, and then update the linter to make sure they don't exist at the top of the workflow files. From an initial search from the repos I have locallly cloned, it will be at least 209 workflow files across 30 repositories.

I do think we should settle on a standard and enforce it across all workflow files using the linter.

[vgrassia]

I looked at it, and it's easy to make sure the linter catches document start and document end markers. I made a card and will put in a PR.

[withinfocus]

⛏️ I try to not treat most of these names and descriptions as Titles but statements with just one leading capitalization.

[vgrassia]

I'll go ahead and update the name and then make a card for updating the linter with a rule for that.