actions/action-setup
1
0
Fork 0
mirror of https://github.com/pnpm/action-setup.git synced 2026-03-04 08:01:02 +08:00
Code Packages Projects Releases Activity

feat(ci): Add suncoast-innovation-guild/action-setup ci (#1)

Browse Source 
* feat(ci): Add suncoast-innovation-guild/action-setup ci

* feat(ci): Add PR ci checks

* fix(ci): Fix CI checks

* fix(ci): Fix CI checks, node 16

* fix(ci): Fix CI checks, pnpm 10
This commit is contained in:
Justin Linn 2025-06-21 19:57:45 -04:00 committed by GitHub
parent 4779877373
commit 83fe742b19
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
8 changed files with 270 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.github/dependabot.yml vendored
View File

@ -5,3 +5,8 @@ updates:
schedule: schedule:
interval: weekly interval: weekly
open-pull-requests-limit: 10 open-pull-requests-limit: 10
- package-ecosystem: npm
directory: "/"
schedule:
interval: weekly
open-pull-requests-limit: 10

52
.github/workflows/build-and-test.yml vendored Normal file
View File

@ -0,0 +1,52 @@
name: Build and Test
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup pnpm
uses: ./
with:
version: 9
- name: Install dependencies
run: pnpm install
- name: Build
run: pnpm run build
- name: Check if dist is up to date
run: |
if [ -n "$(git status --porcelain dist/)" ]; then
echo "::error::Distribution files are not up to date. Please run 'pnpm run build' and commit the changes."
exit 1
fi
test:
needs: build
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest, macos-latest, windows-latest]
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Test action
uses: ./
with:
version: 9
- name: Verify installation
run: |
which pnpm
pnpm --version

106
.github/workflows/pr-check.yml vendored Normal file
View File

@ -0,0 +1,106 @@
name: PR Check
on:
pull_request:
branches: [ master ]
types: [opened, synchronize, reopened, ready_for_review]
jobs:
pr-validation:
if: github.event.pull_request.draft == false
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup pnpm
uses: ./
with:
version: 9
- name: Install dependencies
run: pnpm install
- name: Build
run: pnpm run build
- name: Check if dist is up to date
run: |
if [ -n "$(git status --porcelain dist/)" ]; then
echo "::error::Distribution files are not up to date. Please run 'pnpm run build' and commit the changes."
exit 1
fi
test-matrix:
if: github.event.pull_request.draft == false
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
pnpm: [9.15.5]
os: [ubuntu-latest, macos-latest, windows-latest]
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Test action
uses: ./
with:
version: ${{ matrix.pnpm }}
- name: Verify installation
run: |
which pnpm
pnpm --version
- name: Test install functionality
run: pnpm install
security-check:
if: github.event.pull_request.draft == false
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup pnpm
uses: ./
with:
version: 9
- name: Security audit
run: pnpm audit --audit-level moderate
lint-and-format:
if: github.event.pull_request.draft == false
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup pnpm
uses: ./
with:
version: 9
- name: Install dependencies
run: pnpm install
- name: Check TypeScript
run: npx tsc --noEmit
- name: Verify action.yml syntax
run: |
if ! command -v yq &> /dev/null; then
sudo wget -qO /usr/local/bin/yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64
sudo chmod +x /usr/local/bin/yq
fi
yq eval action.yml > /dev/null
all-checks:
if: github.event.pull_request.draft == false
needs: [pr-validation, test-matrix, security-check, lint-and-format]
runs-on: ubuntu-latest
steps:
- name: All checks passed
run: echo "✅ All PR checks passed successfully"

42
.github/workflows/security.yml vendored Normal file
View File

@ -0,0 +1,42 @@
name: Security Checks
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
schedule:
- cron: '0 0 * * 0' # Weekly on Sunday
jobs:
security-audit:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup pnpm
uses: ./
with:
version: 9
- name: Security audit
run: pnpm audit --audit-level high
codeql:
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: javascript
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3

4
.github/workflows/test.yaml vendored
View File

@ -94,8 +94,8 @@ jobs:
- name: install Node.js - name: install Node.js
uses: actions/setup-node@v4 uses: actions/setup-node@v4
with: with:
# pnpm@7.0.0 is not compatible with Node.js 12 # Use Node.js 16 - has ARM64 support and works with pnpm standalone tests
node-version: 12.22.12 node-version: 16
- name: 'Test: which (pnpm)' - name: 'Test: which (pnpm)'
run: which pnpm run: which pnpm

56
.github/workflows/upstream-sync.yml vendored Normal file
View File

@ -0,0 +1,56 @@
name: Sync with Upstream
on:
schedule:
- cron: '0 2 * * 1' # Weekly on Monday at 2 AM
workflow_dispatch:
jobs:
check-upstream:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Add upstream remote
run: |
git remote add upstream https://github.com/pnpm/action-setup.git || true
git fetch upstream
- name: Check for updates
id: check
run: |
UPSTREAM_COMMITS=$(git rev-list HEAD..upstream/master --count)
echo "commits_behind=$UPSTREAM_COMMITS" >> $GITHUB_OUTPUT
if [ "$UPSTREAM_COMMITS" -gt 0 ]; then
echo "need_sync=true" >> $GITHUB_OUTPUT
echo "Found $UPSTREAM_COMMITS new commits in upstream"
else
echo "need_sync=false" >> $GITHUB_OUTPUT
echo "Fork is up to date"
fi
- name: Create sync issue
if: steps.check.outputs.need_sync == 'true'
uses: actions/github-script@v7
with:
script: |
const { data: issues } = await github.rest.issues.listForRepo({
owner: context.repo.owner,
repo: context.repo.repo,
labels: 'upstream-sync',
state: 'open'
});
if (issues.length === 0) {
await github.rest.issues.create({
owner: context.repo.owner,
repo: context.repo.repo,
title: 'Upstream sync required',
body: `The upstream repository has ${{ steps.check.outputs.commits_behind }} new commits that need to be reviewed and potentially merged.\n\nPlease review the changes and manually merge if appropriate:\n\n\`\`\`bash\ngit fetch upstream\ngit log HEAD..upstream/master --oneline\n# Review changes, then merge if safe\ngit merge upstream/master\n\`\`\``,
labels: ['upstream-sync', 'maintenance']
});
}

2
package.json
View File

@ -17,7 +17,7 @@
}, },
"devDependencies": { "devDependencies": {
"@vercel/ncc": "^0.38.1", "@vercel/ncc": "^0.38.1",
"pnpm": "^8.14.3", "pnpm": "^10.0.0",
"typescript": "^5.3.3" "typescript": "^5.3.3"
} }
} }

12
pnpm-lock.yaml
View File

@ -34,8 +34,8 @@ importers:
specifier: ^0.38.1 specifier: ^0.38.1
version: 0.38.3 version: 0.38.3
pnpm: pnpm:
specifier: ^8.14.3 specifier: ^10.0.0
version: 8.15.9 version: 10.12.1
typescript: typescript:
specifier: ^5.3.3 specifier: ^5.3.3
version: 5.7.3 version: 5.7.3
@ -102,9 +102,9 @@ packages:
resolution: {integrity: sha512-1Y1A//QUXEZK7YKz+rD9WydcE1+EuPr6ZBgKecAB8tmoW6UFv0NREVJe1p+jRxtThkcbbKkfwIbWJe/IeE6m2Q==} resolution: {integrity: sha512-1Y1A//QUXEZK7YKz+rD9WydcE1+EuPr6ZBgKecAB8tmoW6UFv0NREVJe1p+jRxtThkcbbKkfwIbWJe/IeE6m2Q==}
engines: {node: '>=0.10.0'} engines: {node: '>=0.10.0'}
pnpm@8.15.9: pnpm@10.12.1:
resolution: {integrity: sha512-SZQ0ydj90aJ5Tr9FUrOyXApjOrzuW7Fee13pDzL0e1E6ypjNXP0AHDHw20VLw4BO3M1XhQHkyik6aBYWa72fgQ==} resolution: {integrity: sha512-8N2oWA8O6UgcXHmh2Se5Fk8sR46QmSrSaLuyRlpzaYQ5HWMz0sMnkTV4soBK8zR0ylVLopwEqLEwYKcXZ1rjrA==}
engines: {node: '>=16.14'} engines: {node: '>=18.12'}
hasBin: true hasBin: true
tunnel@0.0.6: tunnel@0.0.6:
@ -187,7 +187,7 @@ snapshots:
parse-passwd@1.0.0: {} parse-passwd@1.0.0: {}
pnpm@8.15.9: {} pnpm@10.12.1: {}
tunnel@0.0.6: {} tunnel@0.0.6: {}