From da188081b13514562b8266644e47d2b136259099 Mon Sep 17 00:00:00 2001 From: IvanZosimov Date: Wed, 14 Dec 2022 13:42:03 +0100 Subject: [PATCH 1/8] Update workflows to use reusable-workflows --- .github/workflows/build-test.yml | 20 +++---------- .github/workflows/check-dist.yml | 43 +++------------------------ .github/workflows/codeql-analysis.yml | 14 +++++++++ .github/workflows/licensed.yml | 18 ++++------- 4 files changed, 27 insertions(+), 68 deletions(-) create mode 100644 .github/workflows/codeql-analysis.yml diff --git a/.github/workflows/build-test.yml b/.github/workflows/build-test.yml index 61abfb4b..c38c117b 100644 --- a/.github/workflows/build-test.yml +++ b/.github/workflows/build-test.yml @@ -12,19 +12,7 @@ on: - '**.md' jobs: - build: - runs-on: ${{ matrix.os }} - strategy: - matrix: - os: [ubuntu-latest, windows-latest, macos-latest] - steps: - - uses: actions/checkout@v3 - - name: Setup Node 16.x - uses: actions/setup-node@v3 - with: - node-version: 16.x - cache: npm - - run: npm ci - - run: npm run build - - run: npm run format-check - - run: npm test + call-basic-validation: + name: Basic validation + #uses: actions/reusable-workflows/.github/workflows/basic-validation.yml@main + uses: IvanZosimov/reusable-workflows/.github/workflows/basic-validation.yml@main diff --git a/.github/workflows/check-dist.yml b/.github/workflows/check-dist.yml index e5612d29..01dd9655 100644 --- a/.github/workflows/check-dist.yml +++ b/.github/workflows/check-dist.yml @@ -1,10 +1,4 @@ -# `dist/index.js` is a special file in Actions. -# When you reference an action with `uses:` in a workflow, -# `index.js` is the code that will run. -# For our project, we generate this file through a build process from other source files. -# We need to make sure the checked-in `index.js` actually matches what we expect it to be. name: Check dist/ - on: push: branches: @@ -17,36 +11,7 @@ on: workflow_dispatch: jobs: - check-dist: - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v3 - - - name: Setup Node 16.x - uses: actions/setup-node@v3 - with: - node-version: 16.x - cache: npm - - - name: Install dependencies - run: npm ci - - - name: Rebuild the dist/ directory - run: npm run build - - - name: Compare the expected and actual dist/ directories - run: | - if [ "$(git diff --ignore-space-at-eol dist/ | wc -l)" -gt "0" ]; then - echo "Detected uncommitted changes after build. See status below:" - git diff - exit 1 - fi - id: diff - - # If index.js was different than expected, upload the expected version as an artifact - - uses: actions/upload-artifact@v3 - if: ${{ failure() && steps.diff.conclusion == 'failure' }} - with: - name: dist - path: dist/ + call-check-dist: + name: Check dist/ + #uses: actions/reusable-workflows/.github/workflows/check-dist.yml@main + uses: IvanZosimov/reusable-workflows/.github/workflows/check-dist.yml@main \ No newline at end of file diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 00000000..4491124f --- /dev/null +++ b/.github/workflows/codeql-analysis.yml @@ -0,0 +1,14 @@ +name: CodeQL analysis +on: + push: + branches: [ main ] + pull_request: + branches: [ main ] + schedule: + - cron: '0 3 * * 0' + +jobs: + call-codeQL-analysis: + name: CodeQL analysis + #uses: actions/reusable-workflows/.github/workflows/codeql-analysis.yml@main + uses: IvanZosimov/reusable-workflows/.github/workflows/codeql-analysis.yml@main \ No newline at end of file diff --git a/.github/workflows/licensed.yml b/.github/workflows/licensed.yml index a98d6b56..5a8c0731 100644 --- a/.github/workflows/licensed.yml +++ b/.github/workflows/licensed.yml @@ -7,18 +7,10 @@ on: pull_request: branches: - main + workflow_dispatch: jobs: - test: - runs-on: ubuntu-latest - name: Check licenses - steps: - - uses: actions/checkout@v3 - - run: npm ci - - name: Install licensed - run: | - cd $RUNNER_TEMP - curl -Lfs -o licensed.tar.gz https://github.com/github/licensed/releases/download/3.4.4/licensed-3.4.4-linux-x64.tar.gz - sudo tar -xzf licensed.tar.gz - sudo mv licensed /usr/local/bin/licensed - - run: licensed status + call-licensed: + name: Licensed + #uses: actions/reusable-workflows/.github/workflows/licensed.yml@main + uses: IvanZosimov/reusable-workflows/.github/workflows/licensed.yml@main From 772ffdda26bc3a9dd8f6dd1b5b9ad005403ee9de Mon Sep 17 00:00:00 2001 From: IvanZosimov Date: Wed, 14 Dec 2022 13:44:44 +0100 Subject: [PATCH 2/8] Update package.json --- package.json | 1 + 1 file changed, 1 insertion(+) diff --git a/package.json b/package.json index a1b50bc7..d8d8f9b8 100644 --- a/package.json +++ b/package.json @@ -8,6 +8,7 @@ "build": "ncc build -o dist/setup src/setup-node.ts && ncc build -o dist/cache-save src/cache-save.ts", "format": "prettier --write **/*.ts", "format-check": "prettier --check **/*.ts", + "lint": "", "test": "jest --coverage", "pre-checkin": "npm run format && npm run build && npm test" }, From 8151ea11a4ceb4ba13f02e47876fd0cb6ab5ff0c Mon Sep 17 00:00:00 2001 From: IvanZosimov Date: Thu, 15 Dec 2022 14:41:30 +0100 Subject: [PATCH 3/8] Setup codeql-analysis workflow --- .github/workflows/codeql-analysis.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 4491124f..ae79197b 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -11,4 +11,6 @@ jobs: call-codeQL-analysis: name: CodeQL analysis #uses: actions/reusable-workflows/.github/workflows/codeql-analysis.yml@main - uses: IvanZosimov/reusable-workflows/.github/workflows/codeql-analysis.yml@main \ No newline at end of file + uses: IvanZosimov/reusable-workflows/.github/workflows/codeql-analysis.yml@main + with: + languages: "['typescript']" \ No newline at end of file From fe4d514f1a481f653df25699c6176259f2d74a22 Mon Sep 17 00:00:00 2001 From: IvanZosimov Date: Thu, 15 Dec 2022 15:05:14 +0100 Subject: [PATCH 4/8] Update codeql-analysis workflow --- .github/codeql/codeql-config.yml | 3 +++ .github/workflows/codeql-analysis.yml | 4 ++-- 2 files changed, 5 insertions(+), 2 deletions(-) create mode 100644 .github/codeql/codeql-config.yml diff --git a/.github/codeql/codeql-config.yml b/.github/codeql/codeql-config.yml new file mode 100644 index 00000000..bbe0bac5 --- /dev/null +++ b/.github/codeql/codeql-config.yml @@ -0,0 +1,3 @@ +name: CodeQL config +paths: + - src \ No newline at end of file diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index ae79197b..7139e759 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -12,5 +12,5 @@ jobs: name: CodeQL analysis #uses: actions/reusable-workflows/.github/workflows/codeql-analysis.yml@main uses: IvanZosimov/reusable-workflows/.github/workflows/codeql-analysis.yml@main - with: - languages: "['typescript']" \ No newline at end of file + with: + codeql-cfg-path: "./.github/codeql/codeql-config.yml" \ No newline at end of file From ca97bf7f80ced7183a9f63ff1a9081d626e9ced2 Mon Sep 17 00:00:00 2001 From: IvanZosimov Date: Thu, 15 Dec 2022 16:09:18 +0100 Subject: [PATCH 5/8] Update workflows --- .github/codeql/codeql-config.yml | 3 --- .github/workflows/build-test.yml | 2 +- .github/workflows/check-dist.yml | 1 + .github/workflows/codeql-analysis.yml | 7 +++---- .github/workflows/release-new-action-version.yml | 1 + 5 files changed, 6 insertions(+), 8 deletions(-) delete mode 100644 .github/codeql/codeql-config.yml diff --git a/.github/codeql/codeql-config.yml b/.github/codeql/codeql-config.yml deleted file mode 100644 index bbe0bac5..00000000 --- a/.github/codeql/codeql-config.yml +++ /dev/null @@ -1,3 +0,0 @@ -name: CodeQL config -paths: - - src \ No newline at end of file diff --git a/.github/workflows/build-test.yml b/.github/workflows/build-test.yml index c38c117b..6e575ae5 100644 --- a/.github/workflows/build-test.yml +++ b/.github/workflows/build-test.yml @@ -15,4 +15,4 @@ jobs: call-basic-validation: name: Basic validation #uses: actions/reusable-workflows/.github/workflows/basic-validation.yml@main - uses: IvanZosimov/reusable-workflows/.github/workflows/basic-validation.yml@main + uses: IvanZosimov/reusable-workflows/.github/workflows/basic-validation.yml@main \ No newline at end of file diff --git a/.github/workflows/check-dist.yml b/.github/workflows/check-dist.yml index 01dd9655..6d24c07f 100644 --- a/.github/workflows/check-dist.yml +++ b/.github/workflows/check-dist.yml @@ -1,4 +1,5 @@ name: Check dist/ + on: push: branches: diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 7139e759..6a9e685a 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -1,4 +1,5 @@ -name: CodeQL analysis +name: CodeQL analysis + on: push: branches: [ main ] @@ -11,6 +12,4 @@ jobs: call-codeQL-analysis: name: CodeQL analysis #uses: actions/reusable-workflows/.github/workflows/codeql-analysis.yml@main - uses: IvanZosimov/reusable-workflows/.github/workflows/codeql-analysis.yml@main - with: - codeql-cfg-path: "./.github/codeql/codeql-config.yml" \ No newline at end of file + uses: IvanZosimov/reusable-workflows/.github/workflows/codeql-analysis.yml@main \ No newline at end of file diff --git a/.github/workflows/release-new-action-version.yml b/.github/workflows/release-new-action-version.yml index b8076d43..a187d1ab 100644 --- a/.github/workflows/release-new-action-version.yml +++ b/.github/workflows/release-new-action-version.yml @@ -1,4 +1,5 @@ name: Release new action version + on: release: types: [released] From f5ab6238224ff765659d601931d37b56b38fe3b9 Mon Sep 17 00:00:00 2001 From: IvanZosimov Date: Thu, 15 Dec 2022 16:39:43 +0100 Subject: [PATCH 6/8] Add links to reusable workflows --- .github/workflows/build-test.yml | 2 +- .github/workflows/check-dist.yml | 2 +- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/licensed.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build-test.yml b/.github/workflows/build-test.yml index 6e575ae5..1e30a29d 100644 --- a/.github/workflows/build-test.yml +++ b/.github/workflows/build-test.yml @@ -12,7 +12,7 @@ on: - '**.md' jobs: - call-basic-validation: + call-basic-validation: # The reusable workflow can be found here: https://github.com/actions/reusable-workflows/blob/main/.github/workflows/basic-validation.yml name: Basic validation #uses: actions/reusable-workflows/.github/workflows/basic-validation.yml@main uses: IvanZosimov/reusable-workflows/.github/workflows/basic-validation.yml@main \ No newline at end of file diff --git a/.github/workflows/check-dist.yml b/.github/workflows/check-dist.yml index 6d24c07f..9d9d3cce 100644 --- a/.github/workflows/check-dist.yml +++ b/.github/workflows/check-dist.yml @@ -12,7 +12,7 @@ on: workflow_dispatch: jobs: - call-check-dist: + call-check-dist: # The reusable workflow can be found here: https://github.com/actions/reusable-workflows/blob/main/.github/workflows/check-dist.yml name: Check dist/ #uses: actions/reusable-workflows/.github/workflows/check-dist.yml@main uses: IvanZosimov/reusable-workflows/.github/workflows/check-dist.yml@main \ No newline at end of file diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 6a9e685a..16f258e2 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -9,7 +9,7 @@ on: - cron: '0 3 * * 0' jobs: - call-codeQL-analysis: + call-codeQL-analysis: # The reusable workflow can be found here: https://github.com/actions/reusable-workflows/blob/main/.github/workflows/codeql-analysis.yml name: CodeQL analysis #uses: actions/reusable-workflows/.github/workflows/codeql-analysis.yml@main uses: IvanZosimov/reusable-workflows/.github/workflows/codeql-analysis.yml@main \ No newline at end of file diff --git a/.github/workflows/licensed.yml b/.github/workflows/licensed.yml index 5a8c0731..675df542 100644 --- a/.github/workflows/licensed.yml +++ b/.github/workflows/licensed.yml @@ -10,7 +10,7 @@ on: workflow_dispatch: jobs: - call-licensed: + call-licensed: # The reusable workflow can be found here: https://github.com/actions/reusable-workflows/blob/main/.github/workflows/licensed.yml name: Licensed #uses: actions/reusable-workflows/.github/workflows/licensed.yml@main uses: IvanZosimov/reusable-workflows/.github/workflows/licensed.yml@main From 217387cf3e2597f3eed81c19f662eeddbdd397de Mon Sep 17 00:00:00 2001 From: IvanZosimov Date: Mon, 19 Dec 2022 13:43:06 +0100 Subject: [PATCH 7/8] Update action to use reusable-workflows repo --- .github/workflows/build-test.yml | 3 +-- .github/workflows/check-dist.yml | 3 +-- .github/workflows/codeql-analysis.yml | 3 +-- .github/workflows/licensed.yml | 3 +-- 4 files changed, 4 insertions(+), 8 deletions(-) diff --git a/.github/workflows/build-test.yml b/.github/workflows/build-test.yml index 1e30a29d..85826920 100644 --- a/.github/workflows/build-test.yml +++ b/.github/workflows/build-test.yml @@ -14,5 +14,4 @@ on: jobs: call-basic-validation: # The reusable workflow can be found here: https://github.com/actions/reusable-workflows/blob/main/.github/workflows/basic-validation.yml name: Basic validation - #uses: actions/reusable-workflows/.github/workflows/basic-validation.yml@main - uses: IvanZosimov/reusable-workflows/.github/workflows/basic-validation.yml@main \ No newline at end of file + uses: actions/reusable-workflows/.github/workflows/basic-validation.yml@main \ No newline at end of file diff --git a/.github/workflows/check-dist.yml b/.github/workflows/check-dist.yml index 9d9d3cce..d51766a9 100644 --- a/.github/workflows/check-dist.yml +++ b/.github/workflows/check-dist.yml @@ -14,5 +14,4 @@ on: jobs: call-check-dist: # The reusable workflow can be found here: https://github.com/actions/reusable-workflows/blob/main/.github/workflows/check-dist.yml name: Check dist/ - #uses: actions/reusable-workflows/.github/workflows/check-dist.yml@main - uses: IvanZosimov/reusable-workflows/.github/workflows/check-dist.yml@main \ No newline at end of file + uses: actions/reusable-workflows/.github/workflows/check-dist.yml@main \ No newline at end of file diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 16f258e2..fd4d859b 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -11,5 +11,4 @@ on: jobs: call-codeQL-analysis: # The reusable workflow can be found here: https://github.com/actions/reusable-workflows/blob/main/.github/workflows/codeql-analysis.yml name: CodeQL analysis - #uses: actions/reusable-workflows/.github/workflows/codeql-analysis.yml@main - uses: IvanZosimov/reusable-workflows/.github/workflows/codeql-analysis.yml@main \ No newline at end of file + uses: actions/reusable-workflows/.github/workflows/codeql-analysis.yml@main \ No newline at end of file diff --git a/.github/workflows/licensed.yml b/.github/workflows/licensed.yml index 675df542..5eaa7d24 100644 --- a/.github/workflows/licensed.yml +++ b/.github/workflows/licensed.yml @@ -12,5 +12,4 @@ on: jobs: call-licensed: # The reusable workflow can be found here: https://github.com/actions/reusable-workflows/blob/main/.github/workflows/licensed.yml name: Licensed - #uses: actions/reusable-workflows/.github/workflows/licensed.yml@main - uses: IvanZosimov/reusable-workflows/.github/workflows/licensed.yml@main + uses: actions/reusable-workflows/.github/workflows/licensed.yml@main From 92a07fe46640c3ab57d394b7b01308a008a3231d Mon Sep 17 00:00:00 2001 From: IvanZosimov Date: Tue, 20 Dec 2022 16:40:38 +0100 Subject: [PATCH 8/8] Fix review points --- .github/workflows/{build-test.yml => basic-validation.yml} | 4 ++-- .github/workflows/check-dist.yml | 2 +- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/licensed.yml | 2 +- package.json | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) rename .github/workflows/{build-test.yml => basic-validation.yml} (55%) diff --git a/.github/workflows/build-test.yml b/.github/workflows/basic-validation.yml similarity index 55% rename from .github/workflows/build-test.yml rename to .github/workflows/basic-validation.yml index 85826920..5e5029a9 100644 --- a/.github/workflows/build-test.yml +++ b/.github/workflows/basic-validation.yml @@ -1,4 +1,4 @@ -name: build-test +name: Basic validation on: pull_request: @@ -12,6 +12,6 @@ on: - '**.md' jobs: - call-basic-validation: # The reusable workflow can be found here: https://github.com/actions/reusable-workflows/blob/main/.github/workflows/basic-validation.yml + call-basic-validation: name: Basic validation uses: actions/reusable-workflows/.github/workflows/basic-validation.yml@main \ No newline at end of file diff --git a/.github/workflows/check-dist.yml b/.github/workflows/check-dist.yml index d51766a9..1251c11d 100644 --- a/.github/workflows/check-dist.yml +++ b/.github/workflows/check-dist.yml @@ -12,6 +12,6 @@ on: workflow_dispatch: jobs: - call-check-dist: # The reusable workflow can be found here: https://github.com/actions/reusable-workflows/blob/main/.github/workflows/check-dist.yml + call-check-dist: name: Check dist/ uses: actions/reusable-workflows/.github/workflows/check-dist.yml@main \ No newline at end of file diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index fd4d859b..f1f430a8 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -9,6 +9,6 @@ on: - cron: '0 3 * * 0' jobs: - call-codeQL-analysis: # The reusable workflow can be found here: https://github.com/actions/reusable-workflows/blob/main/.github/workflows/codeql-analysis.yml + call-codeQL-analysis: name: CodeQL analysis uses: actions/reusable-workflows/.github/workflows/codeql-analysis.yml@main \ No newline at end of file diff --git a/.github/workflows/licensed.yml b/.github/workflows/licensed.yml index 5eaa7d24..37f1560c 100644 --- a/.github/workflows/licensed.yml +++ b/.github/workflows/licensed.yml @@ -10,6 +10,6 @@ on: workflow_dispatch: jobs: - call-licensed: # The reusable workflow can be found here: https://github.com/actions/reusable-workflows/blob/main/.github/workflows/licensed.yml + call-licensed: name: Licensed uses: actions/reusable-workflows/.github/workflows/licensed.yml@main diff --git a/package.json b/package.json index d8d8f9b8..6fdd718f 100644 --- a/package.json +++ b/package.json @@ -8,7 +8,7 @@ "build": "ncc build -o dist/setup src/setup-node.ts && ncc build -o dist/cache-save src/cache-save.ts", "format": "prettier --write **/*.ts", "format-check": "prettier --check **/*.ts", - "lint": "", + "lint": "echo \"Fake command that does nothing. It is used in reusable workflows\"", "test": "jest --coverage", "pre-checkin": "npm run format && npm run build && npm test" },