refactor(ci): ♻️ organize the structure of workflows (#2799)

.github/FUNDING.yml

@@ -1,4 +1,4 @@
 # These are supported funding model platforms
-github: [pkief]
+github: pkief
 buy_me_a_coffee: pkief
 custom: ['https://paypal.me/philippkief']

.github/labeler.yml

@@ -1,24 +1,19 @@
-# Add 'icons' label to any file changes within 'icons' folder or 'src/core/icons' typescript files
 🏞️ icons:
 - changed-files:
   - any-glob-to-any-file: ['icons/*', 'src/core/icons/*.ts']
 
-# Add 'translations' label to any changes within 'package.nls*.json' files or 'src/core/i18n' folder
 💱 translations:
 - changed-files:
   - any-glob-to-any-file: ['package.nls*.json', 'src/core/i18n']
 
-# Add 'docs' label to any changes to markdown files
 📝 docs:
 - changed-files:
   - any-glob-to-any-file: '*.md'
 
-# Add 'workflows' label to any changes within '.github/workflows' folder or '.github/labeler.yml' file
 🔄 workflows:
 - changed-files:
   - any-glob-to-any-file: ['.github/workflows/*', '.github/labeler.yml']
 
-# Add 'devcontainers' label to any changes within '.devcontainer' folder
 🐋 devcontainers:
 - changed-files:
   - any-glob-to-any-file: '.devcontainer/*'

.github/workflows/build.yml

@@ -31,10 +31,10 @@ permissions:
   issues: write # Update issue labels
 
 jobs:
-  build:
-    runs-on: [ubuntu-latest]
+  build-and-test:
+    name: Build & Test Extension
 
-    name: Build Material Icon Theme
+    runs-on: ubuntu-latest
 
     steps:
       - name: 📥 Checkout

.github/workflows/close-stale-issues.yml

@@ -1,16 +1,21 @@
 # This workflow closes issues with the labels "info-needed" or "invalid" that have been inactive for 14 days since being marked as stale.
 name: ❌ Close inactive issues
+
 on:
   schedule:
     # It is triggered every day at 1:30 AM UTC.
     - cron: "30 1 * * *"
 
+permissions:
+  issues: write
+  pull-requests: write
+
 jobs:
-  close-issues:
+  close-stale-issues:
+    name: Close Stale Issues
+
     runs-on: ubuntu-latest
-    permissions:
-      issues: write
-      pull-requests: write
+
     steps:
       - uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e # v9.0.0
         with:

.github/workflows/color-check.yml

@@ -13,7 +13,9 @@ permissions:
 jobs:
   color-check:
     name: SVG Color Check
+
     runs-on: ubuntu-latest
+
     env:
       TARGET_BRANCH: ${{ github.event.pull_request.base.ref }}
 

.github/workflows/icon-review.yml

@@ -7,17 +7,17 @@ on:
 
 permissions:
   contents: read
+  pull-requests: write
 
 jobs:
   icon-review:
     name: Icon Review
+
     runs-on: ubuntu-latest
+
     env:
       TARGET_BRANCH: ${{ github.event.pull_request.base.ref }}
 
-    permissions:
-      pull-requests: write
-
     steps:
       - name: 📥 Checkout Fork
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

.github/workflows/label.yml

@@ -2,14 +2,18 @@
 # paths that are modified in the pull request.
 
 name: 🔖 Labeler
+
 on: [pull_request_target]
 
+permissions:
+  contents: read
+  pull-requests: write
+
 jobs:
   label:
+    name: Label
+
     runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      pull-requests: write
 
     steps:
       - uses: actions/labeler@8558fd74291d67161a8a78ce36a881fa63b766a9 # v5.0.0

.github/workflows/potential-duplicates.yml

@@ -1,10 +1,15 @@
 name: "🧐 Potential Duplicates"
+
 on:
   issues:
     types: [opened, edited] # edited means the issue title changed
+
 jobs:
   run:
+    name: Search Potential Duplicates
+
     runs-on: ubuntu-latest
+
     steps:
       - uses: wow-actions/potential-duplicates@4d4ea0352e0383859279938e255179dd1dbb67b5 # v1.1.0
         with:

.github/workflows/pr-closed.yml

@@ -1,20 +1,19 @@
 name: 🎉 PR closed
 
 on:
-  pull_request_target:
+  pull_request:
     types:
       - closed
 
 permissions:
   contents: read
+  pull-requests: write
 
 jobs:
-  thank_you:
+  thank-you:
     runs-on: ubuntu-latest
-    if: github.event.pull_request.merged == true
 
-    permissions:
-      pull-requests: write
+    if: github.event.pull_request.merged == true
 
     steps:
       - name: 🙏 Post Thank You Comment
@@ -25,7 +24,8 @@ jobs:
               issue_number: context.issue.number,
               owner: context.repo.owner,
               repo: context.repo.repo,
-              body: `## Merge Successful
+              body: `
+              ## Merge Successful
 
               Thanks for your contribution! 🎉
 

.github/workflows/pr-title.yml

@@ -15,6 +15,7 @@ jobs:
     runs-on: ubuntu-latest
 
     if: ${{ github.event.action == 'opened' || github.event.changes.title != null }}
+
     steps:
       - name: 📥 Checkout
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

.github/workflows/release.yml

@@ -1,21 +1,16 @@
 name: 🚀 Release + Publish
 
-on:
-  workflow_dispatch:
+on: [workflow_dispatch]
 
 permissions:
   id-token: write
-  contents: read
+  contents: write
+  attestations: write
 
 jobs:
   release:
     runs-on: ubuntu-latest
 
-    permissions:
-      contents: write
-      id-token: write
-      attestations: write
-
     steps:
       - name: ✅ Use App Token for the Bot which is allowed to create releases
         uses: actions/create-github-app-token@c1a285145b9d317df6ced56c09f525b5c2b6f755 # v1.11.1
@@ -59,11 +54,11 @@ jobs:
         run: |
           VERSION=$(jq -r '.version' package.json)
           NAME=$(jq -r '.name' package.json)
-          DISPLAY_NAME=$(jq -r '.displayName' package.json)
 
-          echo "VERSION=$VERSION"             >> $GITHUB_ENV
-          echo "NAME=$NAME"                   >> $GITHUB_ENV
-          echo "DISPLAY_NAME=$DISPLAY_NAME"   >> $GITHUB_ENV
+          EXTENSION_FILE="${NAME}-${VERSION}.vsix"
+
+          echo "VERSION=$VERSION"                  >> $GITHUB_ENV
+          echo "EXTENSION_FILE=$EXTENSION_FILE"    >> $GITHUB_ENV
 
       - name: 🛠️ Build extension
         run: bunx @vscode/vsce package
@@ -72,20 +67,20 @@ jobs:
         uses: actions/attest-build-provenance@7668571508540a607bdfd90a87a560489fe372eb # v2.1.0
         # Read: https://docs.github.com/en/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds
         with:
-          subject-path: "${{ env.NAME }}-${{ env.VERSION }}.vsix"
+          subject-path: ${{ env.EXTENSION_FILE }}
 
       - name: 🌐 Publish to Open VSX Registry
         uses: HaaLeo/publish-vscode-extension@28e2d3f5817fccf23c1f219eb0cecc903132d1a2 # v1.6.2
         with:
           pat: ${{ secrets.OPEN_VSX_TOKEN }}
-          extensionFile: ${{ env.NAME }}-${{ env.VERSION }}.vsix
+          extensionFile: ${{ env.EXTENSION_FILE }}
 
       - name: 🌐 Publish to Visual Studio Marketplace
         uses: HaaLeo/publish-vscode-extension@28e2d3f5817fccf23c1f219eb0cecc903132d1a2 # v1.6.2
         with:
           pat: ${{ secrets.VS_MARKETPLACE_TOKEN }}
           registryUrl: https://marketplace.visualstudio.com
-          extensionFile: ${{ env.NAME }}-${{ env.VERSION }}.vsix
+          extensionFile: ${{ env.EXTENSION_FILE }}
 
       - name: 📦 Publish to NPM Registry
         run: |
@@ -94,6 +89,6 @@ jobs:
 
       - name: ⬆️ Upload VSIX to GitHub release
         run: |
-          gh release upload v${VERSION} ${NAME}-${VERSION}.vsix
+          gh release upload v$VERSION $EXTENSION_FILE
         env:
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}