ivuorinen/actions
1
0
Fork 0
mirror of https://github.com/ivuorinen/actions.git synced 2026-02-09 13:45:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

feature: inline actions (#359)

Browse Source 
* refactor: make language-version-detect self-contained

Inline version-file-parser logic into language-version-detect to eliminate
external dependency and make the action fully self-contained.

Changes:
- Replace external call to version-file-parser with inline parsing script
- Use POSIX sh for maximum compatibility
- Streamlined version detection logic focusing on 4 supported languages
- Priority: .tool-versions > Dockerfile > devcontainer.json > version files > config files > default

Benefits:
- No external action dependencies
- Faster execution (no action setup overhead)
- Easier to maintain and test
- Reduced surface area for security issues

The action now handles all version detection inline while maintaining
the same outputs and functionality.

* refactor: inline Go detection into go-build

Make go-build self-contained by inlining Go version detection logic,
eliminating dependency on language-version-detect action.

Changes:
- Replace external language-version-detect call with inline script (~102 lines)
- Detect Go version from: .tool-versions, Dockerfile, devcontainer.json, .go-version, go.mod
- Use POSIX sh for maximum compatibility
- Maintain same output contract (detected-version)
- Fix sed to use POSIX-compliant extended regex (-E flag)
- Fix go.mod parsing to clean version before validation

Benefits:
- Faster execution (no external action overhead)
- Self-contained action
- Reduced attack surface
- Template for other language actions

This is part of Phase 1 of the inlining campaign to improve performance
and reduce internal dependencies.

* refactor: inline .NET detection into csharp actions

Replace language-version-detect dependency with inline version detection
for all three C# actions (csharp-build, csharp-lint-check, csharp-publish).

Detection logic checks (in priority order):
- .tool-versions file (dotnet key)
- Dockerfile (FROM dotnet: image)
- devcontainer.json (dotnet: image)
- global.json (.sdk.version field)

Implementation details:
- POSIX sh compliant with `set -eu`
- Validates version format: X, X.Y, or X.Y.Z
- Normalizes versions: strips 'v' prefix, whitespace, line endings
- Uses `sed -E` for portable extended regex
- Conditional jq usage with diagnostic messages
- Maintains output contract (detected-version)

Fixed issues from code review:
- devcontainer.json sed regex: malformed wildcard ('. */' → '.*')
- Dockerfile sed regex: removed unintended leading space (' \1' → '\1')
- Added stderr diagnostics when jq is not found
- Applied fixes to all three actions for consistency

Changes:
- csharp-build: ~100 lines of inline detection + jq diagnostics
- csharp-lint-check: ~100 lines of inline detection + jq diagnostics
- csharp-publish: ~100 lines of inline detection + jq diagnostics
- All READMEs regenerated with action-docs

Benefits:
- Eliminates external dependency for .NET version detection
- Reduces action initialization time
- Improved debugging (diagnostic messages, all logic in one file)
- Consistent with go-build pattern

* refactor: inline Python detection into python-lint-fix

Replace language-version-detect dependency with inline version detection
for the Python linting action.

Detection logic checks (in priority order):
- .tool-versions file (python key)
- Dockerfile (FROM python: image)
- devcontainer.json (python: image)
- .python-version file
- pyproject.toml (requires-python field)

Implementation details:
- POSIX sh compliant with `set -eu`
- Validates version format: X.Y or X.Y.Z
- Normalizes versions: strips 'v' prefix, whitespace, line endings
- Uses `sed -E` for portable extended regex (Dockerfile/devcontainer)
- Uses basic sed for pyproject.toml (POSIX-compatible backslash escapes)
- Conditional jq usage with diagnostic messages
- Maintains output contract (detected-version)

Changes:
- python-lint-fix: ~110 lines of inline detection + jq diagnostics
- README regenerated with action-docs

Benefits:
- Eliminates external dependency for Python version detection
- Reduces action initialization time
- Improved debugging (diagnostic messages, all logic in one file)
- Consistent with go-build and csharp pattern

* refactor: inline PHP detection into php-laravel-phpunit

Replace language-version-detect dependency with inline version detection
for the Laravel PHPUnit testing action.

Detection logic checks (in priority order):
- .tool-versions file (php key)
- Dockerfile (FROM php: image)
- devcontainer.json (php: image)
- .php-version file
- composer.json (require.php or config.platform.php fields)

Implementation details:
- POSIX sh compliant with `set -eu`
- Validates version format: X.Y or X.Y.Z
- Normalizes versions: strips 'v' prefix, whitespace, line endings
- Uses `sed -E` for portable extended regex (Dockerfile/devcontainer)
- Uses basic sed for composer.json (POSIX-compatible backslash escapes)
- Conditional jq usage with diagnostic messages
- Maintains output contract (detected-version)

Changes:
- php-laravel-phpunit: ~115 lines of inline detection + jq diagnostics
- README regenerated with action-docs

Benefits:
- Eliminates external dependency for PHP version detection
- Reduces action initialization time
- Improved debugging (diagnostic messages, all logic in one file)
- Consistent with go-build, csharp, and python-lint-fix pattern

* refactor: inline Node.js version detection into node-setup

Replace version-file-parser dependency with ~140 lines of inline detection:
- Detect from .nvmrc, package.json, .tool-versions, Dockerfile, devcontainer.json
- Detect package manager from lock files (bun, pnpm, yarn, npm)
- Use POSIX sh with set -eu for portability
- Include validate_version() and clean_version() helper functions
- Add diagnostic messages when jq unavailable

Detection priority: .nvmrc > package.json > .tool-versions > Dockerfile > devcontainer > default

Reduces external dependencies and improves initialization performance.

* refactor: remove deprecated version-file-parser action

Remove version-file-parser after successful inlining into node-setup:
- Delete version-file-parser action directory
- Delete version-file-parser unit and integration tests
- Remove version-file-parser references from spec_helper.sh
- Remove version-file-parser path trigger from node-setup-test.yml
- Regenerate action catalog (29 actions, down from 30)

All version detection functionality now inlined into individual actions:
- go-build: Go version detection
- csharp-build/csharp-lint-check/csharp-publish: .NET version detection
- python-lint-fix: Python version detection
- php-laravel-phpunit: PHP version detection
- node-setup: Node.js version detection and package manager detection

Reduces external dependencies and improves initialization performance across all actions.

* refactor: inline language-version-detect in pr-lint

Inline version detection for PHP, Python, and Go directly into pr-lint
to eliminate dependency on language-version-detect action and improve
initialization performance.

Changes:
- PHP detection: .tool-versions, Dockerfile, devcontainer.json,
  .php-version, composer.json (default: 8.4)
- Python detection: .tool-versions, Dockerfile, devcontainer.json,
  .python-version, pyproject.toml (default: 3.11)
- Go detection: .tool-versions, Dockerfile, devcontainer.json,
  .go-version, go.mod (default: 1.24)

All detection logic follows POSIX sh standard with set -eu and uses
validate_version() and clean_version() helper functions for consistency.

* docs: deprecate language-version-detect action

Mark language-version-detect as deprecated now that all internal usages
have been inlined. Inline version detection provides better performance
by eliminating action initialization overhead.

Changes:
- Add DEPRECATED notice to action.yml description and metadata
- Add deprecation warning banner to README with migration guidance
- Reference existing actions with inline detection patterns

Users should migrate to inlining version detection logic directly into
their actions rather than using this composite action. See pr-lint,
php-laravel-phpunit, python-lint-fix, and go-build for examples.

This action will be removed in a future release.

* refactor(go): remove redundant caching from Go actions

Remove redundant common-cache usage in Go actions since setup-go with
cache:true already provides comprehensive caching.

Changes:
- go-build: Removed duplicate common-cache step (setup-go caches
  ~/go/pkg/mod and ~/.cache/go-build automatically)
- go-lint: Removed redundant ~/.cache/go-build from cache paths
  (kept ~/.cache/golangci-lint as it's linter-specific and not
  covered by setup-go)

Performance improvements:
- Eliminates duplicate caching operations
- Reduces action initialization overhead
- setup-go's native caching is more efficient and maintained

setup-go with cache:true caches:
- ~/go/pkg/mod (Go modules)
- ~/.cache/go-build (Go build cache)

* refactor(python): migrate to native setup-python caching

Replace common-cache with native caching in Python actions for better
performance and maintainability.

python-lint-fix changes:
- Add package manager detection (uv, poetry, pipenv, pip)
- Use setup-python's native cache parameter dynamically
- Remove redundant common-cache step
- Support uv with pip-compatible caching
- Enhanced cache-dependency-path to include all lock files

ansible-lint-fix changes:
- Add setup-python with native pip caching (Python 3.11)
- Remove redundant common-cache step
- Simplify dependency installation

Benefits:
- Native caching is more efficient and better maintained
- Supports modern Python tooling (uv, poetry, pipenv)
- Reduces common-cache dependencies from 11 to 7 actions
- setup-python handles cache invalidation automatically

setup-python cache types supported: pip, pipenv, poetry

* refactor(csharp): migrate to native setup-dotnet caching

Replace common-cache with native caching in C# actions for better
performance and maintainability.

csharp-build changes:
- Add cache: true and cache-dependency-path to setup-dotnet
- Remove redundant common-cache step
- Simplify restore logic, remove cache-hit conditionals

csharp-publish changes:
- Add cache: true and cache-dependency-path to setup-dotnet
- Remove redundant common-cache step
- Simplify restore logic, use step-security/retry for restore

Benefits:
- Native caching is more efficient and better maintained
- Reduces common-cache dependencies from 7 to 5 actions
- setup-dotnet handles NuGet package caching automatically
- Cleaner workflow without complex conditional logic

Phase 2 complete: Reduced common-cache usage from 11 to 5 actions.

* refactor(go-lint): replace common-cache with actions/cache

Replace common-cache wrapper with direct actions/cache for golangci-lint
caching. This simplifies the action and improves performance.

Changes:
- Replace ivuorinen/actions/common-cache with actions/cache@v4.3.0
- Use hashFiles() for cache key generation instead of manual SHA256
- Simplify from 10 lines to 9 lines of YAML

Benefits:
- Native GitHub Actions functionality (no wrapper overhead)
- Better performance (no extra action call)
- Matches official golangci-lint-action approach
- Less maintenance (GitHub-maintained action)
- Reduces common-cache usage from 5 to 4 actions

Trade-off:
- Cache key format changes (invalidates existing caches once)

* refactor: eliminate common-cache, use actions/cache directly

Replace common-cache wrapper with native actions/cache in npm-publish
and php-composer, completing the caching optimization campaign.

Changes:
1. npm-publish (lines 107-114):
   - Replace common-cache with actions/cache@v4.3.0
   - Use hashFiles() for node_modules cache key
   - Support multiple lock files (package-lock, yarn.lock, pnpm, bun)

2. php-composer (lines 177-190):
   - Replace common-cache with actions/cache@v4.3.0
   - Use multiline YAML for cleaner path configuration
   - Use hashFiles() for composer cache key
   - Support optional cache-directories input

Benefits:
- Native GitHub Actions functionality (no wrapper overhead)
- Better performance (no extra action call)
- Simpler maintenance (one less internal action)
- Standard approach used by official actions
- Built-in hashFiles() more efficient than manual sha256sum

Result:
- Eliminates all common-cache usage (reduced from 4 to 0 actions)
- common-cache action can now be deprecated/removed
- Completes caching optimization: 11 → 0 common-cache dependencies

Campaign summary:
- Phase 1: Inline language-version-detect
- Phase 2: Migrate 6 actions to setup-* native caching
- Phase 3: Replace go-lint common-cache with actions/cache
- Phase 4: Eliminate remaining common-cache (npm, php)

* refactor: migrate Node.js linters from common-cache to actions/cache

Replace common-cache wrapper with native actions/cache@v4.3.0 in all
Node.js linting actions.

Changes:
- biome-lint: Use actions/cache with direct hashFiles()
- eslint-lint: Use actions/cache with direct hashFiles()
- prettier-lint: Use actions/cache with direct hashFiles()
- pr-lint: Use actions/cache with direct hashFiles()

All actions now use:
- Native GitHub Actions cache functionality
- Multi-lock-file support (npm, yarn, pnpm, bun)
- Two-level restore-keys for graceful fallback
- OS-aware cache keys with runner.os

Benefits:
- No wrapper overhead
- Native hashFiles() instead of manual SHA256
- Consistent caching pattern across all Node.js actions

* refactor: remove common-cache action

Delete common-cache action and all associated test files. All actions
now use native actions/cache@v4.3.0 instead of the wrapper.

Deleted:
- common-cache/action.yml
- common-cache/README.md
- common-cache/rules.yml
- common-cache/CustomValidator.py
- _tests/unit/common-cache/validation.spec.sh
- _tests/integration/workflows/common-cache-test.yml
- validate-inputs/tests/test_common-cache_custom.py

Action count: 28 → 27

* fix: improve cache key quality across actions

Address cache key quality issues identified during code review.

php-composer:
- Remove unused cache-directories input and handling code
- Simplify cache paths to vendor + ~/.composer/cache only
- Eliminate empty path issue when cache-directories was default empty

npm-publish:
- Remove redundant -npm- segment from cache key
- Change: runner.os-npm-publish-{manager}-npm-{hash}
- To: runner.os-npm-publish-{manager}-{hash}

go-lint:
- Add ~/.cache/go-build to cached paths
- Now caches both golangci-lint and Go build artifacts
- Improves Go build performance

Result: Cleaner cache keys and better caching coverage

* docs: remove common-cache references from documentation and tooling

Remove all remaining references to common-cache from project documentation,
test workflows, and build tooling after action deletion.

Updated:
- CLAUDE.md: Remove from action catalog (28 → 27 actions)
- README.md: Regenerate catalog without common-cache
- SECURITY.md: Update caching optimization notes
- Test workflows: Remove common-cache test references
- spec_helper.sh: Remove common-cache test helpers
- generate_listing.cjs: Remove from category/language mappings
- update-validators.py: Remove custom validator entry

* refactor: inline node-setup across Node.js actions

Phase 6A: Remove node-setup abstraction layer and inline Node.js setup.

Changes:
- Replace node-setup calls with direct actions/setup-node@v6.0.0
- Inline package manager detection (lockfile-based)
- Add Corepack enablement and package manager installation
- Use Node.js 22 as default version

Actions migrated (5):
- prettier-lint: Inline Node.js setup + package manager detection
- biome-lint: Inline Node.js setup + package manager detection
- eslint-lint: Inline Node.js setup + package manager detection
- pr-lint: Inline Node.js setup (conditional on package.json)
- npm-publish: Inline Node.js setup + package manager detection

Removed:
- node-setup/action.yml (371 lines)
- node-setup/README.md, rules.yml, CustomValidator.py
- _tests/unit/node-setup/validation.spec.sh
- _tests/integration/workflows/node-setup-test.yml
- validate-inputs/tests/test_node-setup_custom.py

Documentation updates:
- CLAUDE.md: Remove node-setup from action list (26 actions)
- generate_listing.cjs: Remove node-setup mappings
- update-validators.py: Remove node-setup custom validator

Result: 26 actions (down from 27), eliminated internal dependency layer.

* refactor: consolidate PHP testing actions with Laravel detection

Merge php-tests, php-laravel-phpunit, and php-composer into single php-tests action:

Consolidation:
- Merge three PHP actions into one with framework auto-detection
- Add framework input (auto/laravel/generic) with artisan file detection
- Inline PHP version detection from multiple sources
- Inline Composer setup, caching, and dependency installation
- Add conditional Laravel-specific setup steps

Features:
- Auto-detect Laravel via artisan file presence
- PHP version detection from .tool-versions, Dockerfile, composer.json, etc.
- Composer dependency management with retry logic and caching
- Laravel setup: .env copy, key generation, permissions, SQLite database
- Smart test execution: composer test for Laravel, direct PHPUnit for generic

Outputs:
- framework: Detected framework (laravel/generic)
- php-version, composer-version, cache-hit: Setup metadata
- test-status, tests-run, tests-passed: Test results

Deleted:
- php-laravel-phpunit/: Laravel-specific testing action
- php-composer/: Composer dependency management action
- Related test files and custom validators

Updated:
- CLAUDE.md: 26 → 24 actions
- generate_listing.cjs: Remove php-laravel-phpunit, php-composer
- validate-inputs: Remove php-laravel-phpunit custom validator

Result: 3 actions → 1 action, maintained all functionality with simpler interface.

* fix: correct sed pattern in go-build Dockerfile parsing

Remove unintended space in sed replacement pattern that was extracting
golang version from Dockerfile.

Before: s/.*golang:([0-9]+(\.[0-9]+)*)(-[^:]*)?.*/ \1/p
After:  s/.*golang:([0-9]+(\.[0-9]+)*)(-[^:]*)?.*/\1/p

The leading space in the replacement would have caused version strings
to have unwanted whitespace, potentially breaking version validation.

* fix: convert bash-specific syntax to POSIX sh in php-tests

Replace bash-specific [[ ]] syntax with POSIX-compliant alternatives
to adhere to CLAUDE.md standards (all scripts must be POSIX sh).

Changes:
- PHP version validation: Replace regex =~ with case statement
  matching X.Y and X.Y.Z patterns
- Max retries validation: Replace regex =~ with case statement
  checking for non-digit characters
- Email validation: Replace glob patterns with case statement
  matching *@*.* pattern
- Username validation: Replace glob patterns with case statement
  detecting command injection characters (;, &&, |)

All validation logic preserved, error messages unchanged.

* fix: add missing max-retries input to csharp-publish

Add missing max-retries input declaration that was being used by the
step-security/retry step at line 171 but not defined in the inputs
section.

Changes:
- Add max-retries input with default value of '3'
- Add description for dependency restoration retry attempts
- Regenerate README.md with updated inputs documentation

This fixes undefined input reference in the Restore Dependencies step.

* fix: remove misleading 'Restore Complete' step in csharp-publish

Remove the 'Restore Complete' step that always printed 'Cache hit -
skipping dotnet restore' even though restore always runs via the retry
action.

The message was misleading because:
- Dependencies are always restored via step-security/retry
- The message claimed restore was skipped, which was false
- The step served no actual purpose

The 'Restore Dependencies' step already provides appropriate output
during execution, making this step redundant and confusing.

* fix(csharp-publish): use NuGet lock files for cache hashing

The cache-dependency-path was incorrectly targeting *.csproj files which
don't represent dependency state. Update to target **/packages.lock.json
for accurate cache key generation.

This ensures:
- Cache hits only when dependencies actually match
- No false cache hits from project file changes
- Correct behavior per setup-dotnet@v5 documentation

* fix: escape dots in shell case patterns for literal period matching

In shell case statements, unescaped dots match any character rather than
literal periods. Escape all dots in version pattern matching to ensure
correct semantic version validation (e.g., '8.3.1' not '8X3Y1').

Fixed in 9 actions:
- go-build: validate_version function
- csharp-build: validate_version function
- csharp-lint-check: validate_version function
- csharp-publish: validate_version function
- php-tests: PHP version validation + validate_version function
- python-lint-fix: validate_version function
- pr-lint: 3x validate_version functions (Go, Node.js, Python)
- language-version-detect: PHP, Python, Node.js, .NET, Go validation

Changed patterns: [0-9]*.[0-9]* → [0-9]*\.[0-9]*
Impact: More accurate version validation, prevents false matches

* fix(csharp-build): use NuGet lock files for cache hashing

The cache-dependency-path was incorrectly targeting *.csproj files which
don't represent dependency state. Update to target **/packages.lock.json
for accurate cache key generation, matching csharp-publish configuration.

This ensures:
- Cache hits only when dependencies actually match
- No false cache hits from project file changes
- Consistent caching behavior across C# actions

* fix(php-tests): replace GNU grep with POSIX-compatible sed

The Composer version detection used 'grep -oP' with \K which is GNU-specific
and breaks portability on BSD/macOS systems. Replace with POSIX-compliant
sed pattern that extracts version numbers from 'Composer version X.Y.Z'.

Changed:
- grep -oP 'Composer version \K[0-9]+\.[0-9]+\.[0-9]+'
+ sed -n 's/.*Composer version \([0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*\).*/\1/p'

Maintains same behavior with empty string fallback on match failure.

* fix: remove misleading 'Restore Complete' step in csharp-build

The 'Restore Complete' step always printed 'Cache hit - skipping dotnet
restore' even when no cache hit occurred and restore ran unconditionally
via the retry action. Remove the step entirely to eliminate misleading
log messages.

Matches fix already applied to csharp-publish (821aef0). The 'Restore
Dependencies' step already provides appropriate output.

* fix(python-lint-fix): use literal cache values for setup-python@v6

The setup-python@v6 action requires literal cache values, not dynamic
expressions. Split the single Setup Python step into three conditional
steps with literal cache values ('pip', 'pipenv', 'poetry').

Changed:
- Single step with 'cache: ${{ steps.package-manager.outputs.package-manager }}'
+ Three conditional steps each with literal cache values
+ Each step includes only relevant cache-dependency-path patterns

Benefits:
- Compatible with setup-python@v6 requirements
- More precise cache-dependency-path per package manager
- Maintains full functionality across pip, pipenv, poetry, and uv

* fix(python-lint-fix): remove unreachable venv activation step

The 'Activate Virtual Environment (Cache Hit)' step references non-existent
steps.cache-pip.outputs.cache-hit, making its condition always false and
the step unreachable dead code.

Additionally, this step is redundant as all subsequent steps (Run flake8,
Run autopep8, etc.) already activate the venv directly with
'. .venv/bin/activate' in their run blocks.

Removed lines 298-312 (15 lines of dead code).

* fix: correct invalid step references and unsafe conditions

prettier-lint/action.yml:
- Fix 3 invalid references to steps.node-setup.outputs.package-manager
- Should reference steps.detect-pm.outputs.package-manager (correct step ID)
- Lines 327, 360, 417

terraform-lint-fix/action.yml:
- Add safety checks to commit condition to prevent fromJSON failures
- Now verifies: files found + auto-fix enabled + fixes made
- Line 249

Note: eslint-lint/action.yml already has correct references (no changes needed)

* fix(php-tests): improve PHPUnit output parsing robustness

Address fragile test result parsing that fails with common PHPUnit formats:

Before:
- Line 467 pattern 'OK.*[0-9]+ tests' required plural, failing on single test
- Pattern only matched success case, silently defaulting to 0 on failures
- Didn't handle ERRORED!/FAILED! output or skipped tests

After:
- Pattern 1: Match 'OK (N test(s), M assertions)' - handles singular/plural
- Pattern 2: Parse 'Tests: N' line for failures/errors, calculate passed
- Handles: single test, failures, errors, mixed, skipped tests
- Exit code still determines final status (line 489)

* test: add comprehensive PHPUnit output parsing tests

Add 20 unit tests covering all PHPUnit output format variations:

Success cases (3):
- Single test (singular 'test')
- Multiple tests (plural 'tests')
- Large test counts

Failure cases (5):
- Failures only
- Errors only
- Mixed failures and errors
- All tests failing
- Prevents negative passed count

Edge cases (7):
- Skipped tests (with/without OK prefix)
- No parseable output (fallback to 0/0)
- Empty output
- Verbose output with noise
- Full failure details
- Risky tests

Status tests (2):
- Exit code 0 → success
- Exit code non-zero → failure

Helper function parse_phpunit_output() replicates action parsing logic
for isolated testing.

Also fix pre-existing test expecting underscores in output names:
- test_status → test-status
- tests_run → tests-run
- tests_passed → tests-passed
- coverage_path → framework (output doesn't exist)

All 62 tests now pass (42 existing + 20 new)

* fix(python-lint-fix): make pyproject.toml parsing POSIX/BSD compatible

Fix portability issues in pyproject.toml version parsing:

Line 173:
- Before: grep -q '^\\[project\\]' (double-escaped, incorrect)
- After: grep -q '^\[project\]' (single-escaped, correct)

Line 174:
- Before: '^\\s*' and sed with GNU-only '\+' quantifier
- After: '^[[:space:]]*' (POSIX character class) and sed -E with '+' (extended regex)

Changes ensure compatibility with:
- macOS (BSD sed)
- Linux (GNU sed)
- Any POSIX-compliant shell environment

sed -E enables extended regex mode where:
- No backslashes needed for grouping ()
- '+' works directly (not '\+')
- More readable and portable

* fix(posix): Phase 1 - convert bash-specific syntax to POSIX sh

Convert three simpler action files from bash to POSIX sh:

terraform-lint-fix/action.yml:
- Line 216: Change [[ to [ and == to =

codeql-analysis/action.yml:
- Change shell: bash to shell: sh (4 steps)
- Add set -eu to all shell blocks
- Convert [[ to [ and == to = (5 locations)
- Fix $GITHUB_OUTPUT quoting

sync-labels/action.yml:
- Change shell: bash to shell: sh (2 steps)
- Convert bash [[ tests to POSIX [ tests
- Replace regex =~ with case pattern matching
- Convert pipefail (bash-only) to POSIX set -eu

All changes verified:
- make lint: passed
- Unit tests: 25/25 passed (100% coverage)
- POSIX compliance: Confirmed for all three actions

Part of comprehensive POSIX compatibility review.
Next: Phase 2 (validation-heavy files)

* fix(posix): Phase 2A - convert bash to POSIX sh (3 validation-heavy files)

Convert three validation-heavy action files from bash to POSIX sh:

release-monthly/action.yml:
- Replace shell: bash → shell: sh (3 steps)
- Replace set -euo pipefail → set -eu
- Replace regex =~ with case pattern matching for version validation
- Replace [[ ]] tests with [ ] tests and == with =
- Use case statements for prefix validation
- Fix &>/dev/null → >/dev/null 2>&1 (POSIX)

compress-images/action.yml:
- Replace shell: bash → shell: sh
- Replace set -euo pipefail → set -eu
- Convert all [[ ]] wildcard tests to case pattern matching
- Convert regex =~ to case statements for numeric validation
- Consolidated validation patterns

biome-lint/action.yml:
- Replace shell: bash → shell: sh (4 steps)
- Replace set -euo pipefail → set -eu
- Convert [[ ]] tests to case pattern matching
- Convert regex =~ to case statements
- Handle GitHub token expression validation with case
- Email validation with case patterns
- Username validation with case patterns for:
  - Invalid characters
  - Leading/trailing hyphens
  - Consecutive hyphens

All changes maintain identical validation logic while using POSIX-compliant syntax.

Next: eslint-lint and prettier-lint (similar patterns)

* fix: convert eslint-lint and prettier-lint to POSIX sh (Phase 2B)

Convert shell scripts from bash to POSIX sh for maximum compatibility:

eslint-lint/action.yml:
- Change all shell: bash → shell: sh
- Replace set -euo pipefail with set -eu (pipefail not POSIX)
- Convert [[ ]] tests to [ ] with = instead of ==
- Replace regex validation with case pattern matching
- Convert boolean validation to case-insensitive patterns
- Update version/path/email validation with case patterns

prettier-lint/action.yml:
- Change all shell: bash → shell: sh
- Replace set -euo pipefail with set -eu
- Convert [[ ]] tests to [ ] with = instead of ==
- Replace regex validation with case pattern matching
- Convert boolean validation to case-insensitive patterns
- Update version/path/email validation with case patterns

All changes maintain identical functionality while ensuring
compatibility with POSIX sh on all platforms.

Part of comprehensive POSIX compatibility effort. Phase 2B completes
5/5 validation-heavy action files.

* fix: convert docker-build and php-tests to POSIX sh (Phase 3)

Convert complex shell scripts from bash to POSIX sh for maximum compatibility:

docker-build/action.yml:
- Convert all 12 shell blocks from bash to sh
- Replace set -euo pipefail with set -eu (pipefail not POSIX)
- Convert bash array parsing to POSIX positional parameters
  * Parse Build Arguments: IFS + set -- pattern
  * Parse Build Contexts: IFS + set -- pattern
  * Parse Secrets: IFS + set -- with case validation
- Replace [[ wildcard tests with case patterns
  * Line 277: secret contains '=' check
  * Line 376: cache_to contains 'type=local' check
- Convert [[ -z || -z ]] to separate [ ] tests
- Change == to = in string comparisons

php-tests/action.yml:
- Convert all 11 shell blocks from bash to sh
- Replace set -euo pipefail with set -eu
- No bash-specific constructs (already POSIX-compatible logic)

All changes maintain identical functionality while ensuring
compatibility with POSIX sh on all platforms. Complex array
handling in docker-build required careful conversion using
positional parameters with IFS manipulation.

Part of comprehensive POSIX compatibility effort. Phase 3 completes
2/2 complex action files with array handling.

* fix: convert remaining actions to POSIX sh (Phase 4 - Final)

Convert final shell scripts from bash to POSIX sh for maximum compatibility:

csharp-build/action.yml (2 blocks):
- Change shell: bash → shell: sh
- Replace set -euo pipefail with set -eu

csharp-lint-check/action.yml (3 blocks):
- Change shell: bash → shell: sh
- Replace set -euo pipefail with set -eu

csharp-publish/action.yml (6 blocks):
- Change shell: bash → shell: sh
- Replace set -euo pipefail with set -eu

go-build/action.yml (2 blocks):
- Change shell: bash → shell: sh
- Replace set -euo pipefail with set -eu

python-lint-fix/action.yml:
- Already using shell: sh (POSIX compliant)
- No changes needed

All Phase 4 files contained only isolated bash usage without
bash-specific features ([[, =~, arrays, etc.), making conversion
straightforward. All changes maintain identical functionality while
ensuring compatibility with POSIX sh on all platforms.

POSIX COMPATIBILITY PROJECT COMPLETE:
- Phase 1: 3 files (terraform-lint-fix, codeql-analysis, sync-labels)
- Phase 2: 5 files (release-monthly, compress-images, biome-lint, eslint-lint, prettier-lint)
- Phase 3: 2 files (docker-build, php-tests) - complex array handling
- Phase 4: 4 files (csharp-build, csharp-lint-check, csharp-publish, go-build)

Total: 14/14 files converted (100% complete)
All shell scripts now POSIX sh compatible across all platforms.

* fix: address PR #359 review comments

- Fix eslint-lint file extensions regex to support 1+ extensions
  (critical bug: default .js,.jsx,.ts,.tsx was rejected by validation)
- Add NuGet caching to csharp-lint-check Setup .NET SDK step
  (matches csharp-build and csharp-publish configuration)

* fix: address additional PR #359 review comments

POSIX Compatibility:
- csharp-lint-check: replace bash [[ ]] and =~ with POSIX [ ] and grep -qE
  (fixes validation block incompatible with sh shell declaration)

ESLint Consistency:
- eslint-lint: use detected package manager in check mode
  (adds pnpm/yarn/bun support, matching fix mode behavior)
- eslint-lint: replace case pattern with grep-based validation
  (fixes regex that rejected valid multi-extension inputs like .js,.jsx,.ts,.tsx)

* fix: use file-extensions input in eslint-lint commands

The file-extensions input was defined, validated, and passed to env
but never used in ESLint commands, causing ESLint to only lint .js
files by default.

Changes:
- Add --ext flag to all check mode ESLint commands (pnpm/yarn/bun/npm)
- Add FILE_EXTENSIONS to fix mode env section
- Add --ext flag to all fix mode ESLint commands (pnpm/yarn/bun/npm)

Now ESLint correctly lints all configured extensions (.js,.jsx,.ts,.tsx)

* fix: strengthen eslint-lint version validation

The previous case pattern allowed invalid versions like "1.0.0-"
(trailing hyphen with no pre-release identifier) and didn't treat
dots as literal characters.

Changes:
- Replace case pattern with grep-based regex validation
- Pattern: ^[0-9]+\.[0-9]+(\.[0-9]+)?(-[a-zA-Z0-9]+([.-][a-zA-Z0-9]+)*)?$
- Requires at least one alphanumeric character after hyphen if present
- Supports dot/dash-separated pre-release identifiers
- Treats dots as literal characters throughout

Valid: 8.57.0, 8.57.0-rc.1, 8.57.0-alpha.beta.1
Invalid: 8.57.0-, 8.57.0--, 8.57.0-., 8.57.0-alpha..1

* fix: strengthen eslint-lint email validation

The previous case pattern *@*.* was overly permissive and would
accept invalid emails like @@@, a@b., or user@@domain.com.

Changes:
- Replace case pattern with grep-based regex validation
- Pattern: ^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$
- Requires proper structure: local-part@domain.tld
- Local part: alphanumeric plus common email special chars
- Domain: alphanumeric, dots, hyphens
- TLD: at least 2 letters

Valid: user@example.com, first.last@domain.co.uk
Invalid: @@@, a@b., user@@domain.com, test@domain
This commit is contained in:
Ismo Vuorinen
2025-11-21 15:46:33 +02:00
committed by GitHub
parent ab371bdebf
commit a88bb34369
67 changed files with 2673 additions and 5979 deletions
Download Patch File Download Diff File Expand all files Collapse all files

471
_tests/integration/workflows/common-cache-test.yml
View File

@@ -1,471 +0,0 @@
---
name: Integration Test - Common Cache
on:
workflow_dispatch:
push:
paths:
- 'common-cache/**'
- '_tests/integration/workflows/common-cache-test.yml'
jobs:
test-common-cache-key-generation:
name: Test Cache Key Generation
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Test basic key generation
run: |
RUNNER_OS="Linux"
CACHE_TYPE="npm"
KEY_PREFIX=""
cache_key="$RUNNER_OS"
[ -n "$CACHE_TYPE" ] && cache_key="${cache_key}-${CACHE_TYPE}"
expected="Linux-npm"
if [[ "$cache_key" != "$expected" ]]; then
echo "❌ ERROR: Expected '$expected', got '$cache_key'"
exit 1
fi
echo "✓ Basic cache key generation works"
- name: Test key with prefix
run: |
RUNNER_OS="Linux"
CACHE_TYPE="npm"
KEY_PREFIX="node-20"
cache_key="$RUNNER_OS"
[ -n "$KEY_PREFIX" ] && cache_key="${cache_key}-${KEY_PREFIX}"
[ -n "$CACHE_TYPE" ] && cache_key="${cache_key}-${CACHE_TYPE}"
expected="Linux-node-20-npm"
if [[ "$cache_key" != "$expected" ]]; then
echo "❌ ERROR: Expected '$expected', got '$cache_key'"
exit 1
fi
echo "✓ Cache key with prefix works"
- name: Test OS-specific keys
run: |
for os in "Linux" "macOS" "Windows"; do
CACHE_TYPE="test"
cache_key="$os-$CACHE_TYPE"
if [[ ! "$cache_key" =~ ^(Linux|macOS|Windows)-test$ ]]; then
echo "❌ ERROR: Invalid key for OS $os: $cache_key"
exit 1
fi
echo "✓ OS-specific key for $os: $cache_key"
done
test-common-cache-file-hashing:
name: Test File Hashing
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Create test files
run: |
mkdir -p test-cache
cd test-cache
echo "content1" > file1.txt
echo "content2" > file2.txt
echo "content3" > file3.txt
- name: Test single file hash
run: |
cd test-cache
file_hash=$(cat file1.txt | sha256sum | cut -d' ' -f1)
if [[ ! "$file_hash" =~ ^[a-f0-9]{64}$ ]]; then
echo "❌ ERROR: Invalid hash format: $file_hash"
exit 1
fi
echo "✓ Single file hash: $file_hash"
- name: Test multiple file hash
run: |
cd test-cache
multi_hash=$(cat file1.txt file2.txt file3.txt | sha256sum | cut -d' ' -f1)
if [[ ! "$multi_hash" =~ ^[a-f0-9]{64}$ ]]; then
echo "❌ ERROR: Invalid hash format: $multi_hash"
exit 1
fi
echo "✓ Multiple file hash: $multi_hash"
- name: Test hash changes with content
run: |
cd test-cache
# Get initial hash
hash1=$(cat file1.txt | sha256sum | cut -d' ' -f1)
# Modify file
echo "modified" > file1.txt
# Get new hash
hash2=$(cat file1.txt | sha256sum | cut -d' ' -f1)
if [[ "$hash1" == "$hash2" ]]; then
echo "❌ ERROR: Hash should change when content changes"
exit 1
fi
echo "✓ Hash changes with content modification"
- name: Test comma-separated file list processing
run: |
cd test-cache
KEY_FILES="file1.txt,file2.txt,file3.txt"
IFS=',' read -ra FILES <<< "$KEY_FILES"
existing_files=()
for file in "${FILES[@]}"; do
file=$(echo "$file" | xargs)
if [ -f "$file" ]; then
existing_files+=("$file")
fi
done
if [ ${#existing_files[@]} -ne 3 ]; then
echo "❌ ERROR: Should find 3 files, found ${#existing_files[@]}"
exit 1
fi
echo "✓ Comma-separated file list processing works"
- name: Test missing file handling
run: |
cd test-cache
KEY_FILES="file1.txt,missing.txt,file2.txt"
IFS=',' read -ra FILES <<< "$KEY_FILES"
existing_files=()
for file in "${FILES[@]}"; do
file=$(echo "$file" | xargs)
if [ -f "$file" ]; then
existing_files+=("$file")
fi
done
if [ ${#existing_files[@]} -ne 2 ]; then
echo "❌ ERROR: Should find 2 files, found ${#existing_files[@]}"
exit 1
fi
echo "✓ Missing files correctly skipped"
test-common-cache-env-vars:
name: Test Environment Variables
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Test single env var inclusion
run: |
export NODE_VERSION="20.9.0"
ENV_VARS="NODE_VERSION"
IFS=',' read -ra VARS <<< "$ENV_VARS"
env_hash=""
for var in "${VARS[@]}"; do
if [ -n "${!var}" ]; then
env_hash="${env_hash}-${var}-${!var}"
fi
done
expected="-NODE_VERSION-20.9.0"
if [[ "$env_hash" != "$expected" ]]; then
echo "❌ ERROR: Expected '$expected', got '$env_hash'"
exit 1
fi
echo "✓ Single env var inclusion works"
- name: Test multiple env vars
run: |
export NODE_VERSION="20.9.0"
export PACKAGE_MANAGER="npm"
ENV_VARS="NODE_VERSION,PACKAGE_MANAGER"
IFS=',' read -ra VARS <<< "$ENV_VARS"
env_hash=""
for var in "${VARS[@]}"; do
if [ -n "${!var}" ]; then
env_hash="${env_hash}-${var}-${!var}"
fi
done
expected="-NODE_VERSION-20.9.0-PACKAGE_MANAGER-npm"
if [[ "$env_hash" != "$expected" ]]; then
echo "❌ ERROR: Expected '$expected', got '$env_hash'"
exit 1
fi
echo "✓ Multiple env vars inclusion works"
- name: Test undefined env var skipping
run: |
export NODE_VERSION="20.9.0"
ENV_VARS="NODE_VERSION,UNDEFINED_VAR"
IFS=',' read -ra VARS <<< "$ENV_VARS"
env_hash=""
for var in "${VARS[@]}"; do
if [ -n "${!var}" ]; then
env_hash="${env_hash}-${var}-${!var}"
fi
done
# Should only include NODE_VERSION
expected="-NODE_VERSION-20.9.0"
if [[ "$env_hash" != "$expected" ]]; then
echo "❌ ERROR: Expected '$expected', got '$env_hash'"
exit 1
fi
echo "✓ Undefined env vars correctly skipped"
test-common-cache-path-processing:
name: Test Path Processing
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Test single path
run: |
CACHE_PATHS="~/.npm"
IFS=',' read -ra PATHS <<< "$CACHE_PATHS"
if [ ${#PATHS[@]} -ne 1 ]; then
echo "❌ ERROR: Should have 1 path, got ${#PATHS[@]}"
exit 1
fi
echo "✓ Single path processing works"
- name: Test multiple paths
run: |
CACHE_PATHS="~/.npm,~/.yarn/cache,node_modules"
IFS=',' read -ra PATHS <<< "$CACHE_PATHS"
if [ ${#PATHS[@]} -ne 3 ]; then
echo "❌ ERROR: Should have 3 paths, got ${#PATHS[@]}"
exit 1
fi
echo "✓ Multiple paths processing works"
- name: Test path with spaces (trimming)
run: |
CACHE_PATHS=" ~/.npm , ~/.yarn/cache , node_modules "
IFS=',' read -ra PATHS <<< "$CACHE_PATHS"
trimmed_paths=()
for path in "${PATHS[@]}"; do
trimmed=$(echo "$path" | xargs)
trimmed_paths+=("$trimmed")
done
# Check first path is trimmed
if [[ "${trimmed_paths[0]}" != "~/.npm" ]]; then
echo "❌ ERROR: Path not trimmed: '${trimmed_paths[0]}'"
exit 1
fi
echo "✓ Path trimming works"
test-common-cache-complete-key-generation:
name: Test Complete Key Generation
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Create test files
run: |
mkdir -p test-complete
cd test-complete
echo "package-lock content" > package-lock.json
- name: Test complete cache key with all components
run: |
cd test-complete
RUNNER_OS="Linux"
CACHE_TYPE="npm"
KEY_PREFIX="node-20"
# Generate file hash
files_hash=$(cat package-lock.json | sha256sum | cut -d' ' -f1)
# Generate env hash
export NODE_VERSION="20.9.0"
env_hash="-NODE_VERSION-20.9.0"
# Generate final key
cache_key="$RUNNER_OS"
[ -n "$KEY_PREFIX" ] && cache_key="${cache_key}-${KEY_PREFIX}"
[ -n "$CACHE_TYPE" ] && cache_key="${cache_key}-${CACHE_TYPE}"
[ -n "$files_hash" ] && cache_key="${cache_key}-${files_hash}"
[ -n "$env_hash" ] && cache_key="${cache_key}${env_hash}"
echo "Generated cache key: $cache_key"
# Verify structure
if [[ ! "$cache_key" =~ ^Linux-node-20-npm-[a-f0-9]{64}-NODE_VERSION-20\.9\.0$ ]]; then
echo "❌ ERROR: Invalid cache key structure: $cache_key"
exit 1
fi
echo "✓ Complete cache key generation works"
test-common-cache-restore-keys:
name: Test Restore Keys
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Test single restore key
run: |
RESTORE_KEYS="Linux-npm-"
if [[ -z "$RESTORE_KEYS" ]]; then
echo "❌ ERROR: Restore keys should not be empty"
exit 1
fi
echo "✓ Single restore key: $RESTORE_KEYS"
- name: Test multiple restore keys
run: |
RESTORE_KEYS="Linux-node-20-npm-,Linux-node-npm-,Linux-npm-"
IFS=',' read -ra KEYS <<< "$RESTORE_KEYS"
if [ ${#KEYS[@]} -ne 3 ]; then
echo "❌ ERROR: Should have 3 restore keys, got ${#KEYS[@]}"
exit 1
fi
echo "✓ Multiple restore keys work"
test-common-cache-type-specific-scenarios:
name: Test Type-Specific Scenarios
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Test NPM cache key
run: |
TYPE="npm"
FILES="package-lock.json"
PATHS="~/.npm,node_modules"
echo "✓ NPM cache configuration valid"
echo " Type: $TYPE"
echo " Key files: $FILES"
echo " Paths: $PATHS"
- name: Test Composer cache key
run: |
TYPE="composer"
FILES="composer.lock"
PATHS="~/.composer/cache,vendor"
echo "✓ Composer cache configuration valid"
echo " Type: $TYPE"
echo " Key files: $FILES"
echo " Paths: $PATHS"
- name: Test Go cache key
run: |
TYPE="go"
FILES="go.sum"
PATHS="~/go/pkg/mod,~/.cache/go-build"
echo "✓ Go cache configuration valid"
echo " Type: $TYPE"
echo " Key files: $FILES"
echo " Paths: $PATHS"
- name: Test Pip cache key
run: |
TYPE="pip"
FILES="requirements.txt"
PATHS="~/.cache/pip"
echo "✓ Pip cache configuration valid"
echo " Type: $TYPE"
echo " Key files: $FILES"
echo " Paths: $PATHS"
test-common-cache-edge-cases:
name: Test Edge Cases
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Test empty prefix
run: |
KEY_PREFIX=""
cache_key="Linux"
[ -n "$KEY_PREFIX" ] && cache_key="${cache_key}-${KEY_PREFIX}"
if [[ "$cache_key" != "Linux" ]]; then
echo "❌ ERROR: Empty prefix should not modify key"
exit 1
fi
echo "✓ Empty prefix handling works"
- name: Test no key files
run: |
KEY_FILES=""
files_hash=""
if [ -n "$KEY_FILES" ]; then
echo "❌ ERROR: Should detect empty key files"
exit 1
fi
echo "✓ No key files handling works"
- name: Test no env vars
run: |
ENV_VARS=""
env_hash=""
if [ -n "$ENV_VARS" ]; then
echo "❌ ERROR: Should detect empty env vars"
exit 1
fi
echo "✓ No env vars handling works"
integration-test-summary:
name: Integration Test Summary
runs-on: ubuntu-latest
needs:
- test-common-cache-key-generation
- test-common-cache-file-hashing
- test-common-cache-env-vars
- test-common-cache-path-processing
- test-common-cache-complete-key-generation
- test-common-cache-restore-keys
- test-common-cache-type-specific-scenarios
- test-common-cache-edge-cases
steps:
- name: Summary
run: |
echo "=========================================="
echo "Common Cache Integration Tests - PASSED"
echo "=========================================="
echo ""
echo "✓ Cache key generation tests"
echo "✓ File hashing tests"
echo "✓ Environment variable tests"
echo "✓ Path processing tests"
echo "✓ Complete key generation tests"
echo "✓ Restore keys tests"
echo "✓ Type-specific scenario tests"
echo "✓ Edge case tests"
echo ""
echo "All common-cache integration tests completed successfully!"

1
_tests/integration/workflows/lint-fix-chain-test.yml
View File

@@ -7,7 +7,6 @@ on:
- 'eslint-lint/**'
- 'prettier-lint/**'
- 'node-setup/**'
- 'common-cache/**'
- '_tests/integration/workflows/lint-fix-chain-test.yml'
jobs:

513
_tests/integration/workflows/node-setup-test.yml
View File

@@ -1,513 +0,0 @@
---
name: Integration Test - Node Setup
on:
workflow_dispatch:
push:
paths:
- 'node-setup/**'
- 'version-file-parser/**'
- 'common-cache/**'
- 'common-retry/**'
- '_tests/integration/workflows/node-setup-test.yml'
jobs:
test-node-setup-version-validation:
name: Test Version Validation
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Test invalid default version format (alphabetic)
run: |
VERSION="abc"
if [[ "$VERSION" =~ ^[0-9]+(\.[0-9]+(\.[0-9]+)?)?$ ]]; then
echo "❌ ERROR: Should reject alphabetic version"
exit 1
fi
echo "✓ Alphabetic version correctly rejected"
- name: Test invalid default version (too low)
run: |
VERSION="10"
major=$(echo "$VERSION" | cut -d'.' -f1)
if [ "$major" -lt 14 ] || [ "$major" -gt 30 ]; then
echo "✓ Version $VERSION correctly rejected (major < 14)"
else
echo "❌ ERROR: Should reject Node.js $VERSION"
exit 1
fi
- name: Test invalid default version (too high)
run: |
VERSION="50"
major=$(echo "$VERSION" | cut -d'.' -f1)
if [ "$major" -lt 14 ] || [ "$major" -gt 30 ]; then
echo "✓ Version $VERSION correctly rejected (major > 30)"
else
echo "❌ ERROR: Should reject Node.js $VERSION"
exit 1
fi
- name: Test valid version formats
run: |
for version in "20" "20.9" "20.9.0" "18" "22.1.0"; do
if [[ "$version" =~ ^[0-9]+(\.[0-9]+(\.[0-9]+)?)?$ ]]; then
major=$(echo "$version" | cut -d'.' -f1)
if [ "$major" -ge 14 ] && [ "$major" -le 30 ]; then
echo "✓ Version $version accepted"
else
echo "❌ ERROR: Version $version should be accepted"
exit 1
fi
else
echo "❌ ERROR: Version $version format validation failed"
exit 1
fi
done
test-node-setup-package-manager-validation:
name: Test Package Manager Validation
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Test valid package managers
run: |
for pm in "npm" "yarn" "pnpm" "bun" "auto"; do
case "$pm" in
"npm"|"yarn"|"pnpm"|"bun"|"auto")
echo "✓ Package manager $pm accepted"
;;
*)
echo "❌ ERROR: Valid package manager $pm rejected"
exit 1
;;
esac
done
- name: Test invalid package manager
run: |
PM="invalid-pm"
case "$PM" in
"npm"|"yarn"|"pnpm"|"bun"|"auto")
echo "❌ ERROR: Invalid package manager should be rejected"
exit 1
;;
*)
echo "✓ Invalid package manager correctly rejected"
;;
esac
test-node-setup-url-validation:
name: Test URL Validation
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Test valid registry URLs
run: |
for url in "https://registry.npmjs.org" "http://localhost:4873" "https://npm.custom.com/"; do
if [[ "$url" == "https://"* ]] || [[ "$url" == "http://"* ]]; then
echo "✓ Registry URL $url accepted"
else
echo "❌ ERROR: Valid URL $url rejected"
exit 1
fi
done
- name: Test invalid registry URLs
run: |
for url in "ftp://registry.com" "not-a-url" "registry.com"; do
if [[ "$url" == "https://"* ]] || [[ "$url" == "http://"* ]]; then
echo "❌ ERROR: Invalid URL $url should be rejected"
exit 1
else
echo "✓ Invalid URL $url correctly rejected"
fi
done
test-node-setup-retries-validation:
name: Test Retries Validation
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Test valid retry counts
run: |
for retries in "1" "3" "5" "10"; do
if [[ "$retries" =~ ^[0-9]+$ ]] && [ "$retries" -gt 0 ] && [ "$retries" -le 10 ]; then
echo "✓ Max retries $retries accepted"
else
echo "❌ ERROR: Valid retry count $retries rejected"
exit 1
fi
done
- name: Test invalid retry counts
run: |
for retries in "0" "11" "abc" "-1"; do
if [[ "$retries" =~ ^[0-9]+$ ]] && [ "$retries" -gt 0 ] && [ "$retries" -le 10 ]; then
echo "❌ ERROR: Invalid retry count $retries should be rejected"
exit 1
else
echo "✓ Invalid retry count $retries correctly rejected"
fi
done
test-node-setup-boolean-validation:
name: Test Boolean Validation
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Test valid boolean values
run: |
for value in "true" "false"; do
if [[ "$value" == "true" ]] || [[ "$value" == "false" ]]; then
echo "✓ Boolean value $value accepted"
else
echo "❌ ERROR: Valid boolean $value rejected"
exit 1
fi
done
- name: Test invalid boolean values
run: |
for value in "yes" "no" "1" "0" "True" "FALSE" ""; do
if [[ "$value" != "true" ]] && [[ "$value" != "false" ]]; then
echo "✓ Invalid boolean value '$value' correctly rejected"
else
echo "❌ ERROR: Invalid boolean $value should be rejected"
exit 1
fi
done
test-node-setup-token-validation:
name: Test Auth Token Validation
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Test injection pattern detection
run: |
for token in "token;malicious" "token&&command" "token|pipe"; do
if [[ "$token" == *";"* ]] || [[ "$token" == *"&&"* ]] || [[ "$token" == *"|"* ]]; then
echo "✓ Injection pattern in token correctly detected"
else
echo "❌ ERROR: Should detect injection pattern in: $token"
exit 1
fi
done
- name: Test valid tokens
run: |
for token in "npm_AbCdEf1234567890" "github_pat_12345abcdef" "simple-token"; do
if [[ "$token" == *";"* ]] || [[ "$token" == *"&&"* ]] || [[ "$token" == *"|"* ]]; then
echo "❌ ERROR: Valid token should not be rejected: $token"
exit 1
else
echo "✓ Valid token accepted"
fi
done
test-node-setup-package-manager-resolution:
name: Test Package Manager Resolution
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Test auto detection with detected PM
run: |
INPUT_PM="auto"
DETECTED_PM="pnpm"
if [ "$INPUT_PM" = "auto" ]; then
if [ -n "$DETECTED_PM" ]; then
FINAL_PM="$DETECTED_PM"
else
FINAL_PM="npm"
fi
else
FINAL_PM="$INPUT_PM"
fi
if [[ "$FINAL_PM" != "pnpm" ]]; then
echo "❌ ERROR: Should use detected PM (pnpm)"
exit 1
fi
echo "✓ Auto-detected package manager correctly resolved"
- name: Test auto detection without detected PM
run: |
INPUT_PM="auto"
DETECTED_PM=""
if [ "$INPUT_PM" = "auto" ]; then
if [ -n "$DETECTED_PM" ]; then
FINAL_PM="$DETECTED_PM"
else
FINAL_PM="npm"
fi
else
FINAL_PM="$INPUT_PM"
fi
if [[ "$FINAL_PM" != "npm" ]]; then
echo "❌ ERROR: Should default to npm"
exit 1
fi
echo "✓ Defaults to npm when no detection"
- name: Test explicit package manager
run: |
INPUT_PM="yarn"
DETECTED_PM="pnpm"
if [ "$INPUT_PM" = "auto" ]; then
if [ -n "$DETECTED_PM" ]; then
FINAL_PM="$DETECTED_PM"
else
FINAL_PM="npm"
fi
else
FINAL_PM="$INPUT_PM"
fi
if [[ "$FINAL_PM" != "yarn" ]]; then
echo "❌ ERROR: Should use explicit PM (yarn)"
exit 1
fi
echo "✓ Explicit package manager correctly used"
test-node-setup-feature-detection:
name: Test Feature Detection
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Create test package.json with ESM
run: |
mkdir -p test-esm
cd test-esm
cat > package.json <<'EOF'
{
"name": "test-esm",
"version": "1.0.0",
"type": "module"
}
EOF
- name: Test ESM detection
run: |
cd test-esm
if command -v jq >/dev/null 2>&1; then
pkg_type=$(jq -r '.type // "commonjs"' package.json 2>/dev/null)
if [[ "$pkg_type" == "module" ]]; then
echo "✓ ESM support correctly detected"
else
echo "❌ ERROR: Should detect ESM support"
exit 1
fi
else
echo "⚠️ jq not available, skipping ESM detection test"
echo "✓ ESM detection logic verified (jq would be required in actual action)"
fi
- name: Create test with TypeScript
run: |
mkdir -p test-ts
cd test-ts
touch tsconfig.json
cat > package.json <<'EOF'
{
"name": "test-ts",
"devDependencies": {
"typescript": "^5.0.0"
}
}
EOF
- name: Test TypeScript detection
run: |
cd test-ts
typescript_support="false"
if [ -f tsconfig.json ]; then
typescript_support="true"
fi
if [[ "$typescript_support" != "true" ]]; then
echo "❌ ERROR: Should detect TypeScript"
exit 1
fi
echo "✓ TypeScript support correctly detected"
- name: Create test with frameworks
run: |
mkdir -p test-frameworks
cd test-frameworks
cat > package.json <<'EOF'
{
"name": "test-frameworks",
"dependencies": {
"react": "^18.0.0",
"next": "^14.0.0"
}
}
EOF
- name: Test framework detection
run: |
cd test-frameworks
if command -v jq >/dev/null 2>&1; then
has_next=$(jq -e '.dependencies.next or .devDependencies.next' package.json >/dev/null 2>&1 && echo "yes" || echo "no")
has_react=$(jq -e '.dependencies.react or .devDependencies.react' package.json >/dev/null 2>&1 && echo "yes" || echo "no")
if [[ "$has_next" == "yes" ]] && [[ "$has_react" == "yes" ]]; then
echo "✓ Frameworks (Next.js, React) correctly detected"
else
echo "❌ ERROR: Should detect Next.js and React"
exit 1
fi
else
echo "⚠️ jq not available, skipping framework detection test"
echo "✓ Framework detection logic verified (jq would be required in actual action)"
fi
test-node-setup-security:
name: Test Security Measures
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Test token sanitization
run: |
TOKEN="test-token
with-newline"
# Should remove newlines
sanitized=$(echo "$TOKEN" | tr -d '\n\r')
if [[ "$sanitized" == *$'\n'* ]] || [[ "$sanitized" == *$'\r'* ]]; then
echo "❌ ERROR: Newlines not removed"
exit 1
fi
echo "✓ Token sanitization works correctly"
- name: Test package manager sanitization
run: |
PM="npm
with-newline"
# Should remove newlines
sanitized=$(echo "$PM" | tr -d '\n\r')
if [[ "$sanitized" == *$'\n'* ]] || [[ "$sanitized" == *$'\r'* ]]; then
echo "❌ ERROR: Newlines not removed from PM"
exit 1
fi
echo "✓ Package manager sanitization works correctly"
test-node-setup-integration-workflow:
name: Test Integration Workflow
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Simulate complete workflow
run: |
echo "=== Simulating Node Setup Workflow ==="
# 1. Validation
echo "Step 1: Validate inputs"
DEFAULT_VERSION="20"
PACKAGE_MANAGER="npm"
REGISTRY_URL="https://registry.npmjs.org"
CACHE="true"
INSTALL="true"
MAX_RETRIES="3"
echo "✓ Inputs validated"
# 2. Version parsing
echo "Step 2: Parse Node.js version"
NODE_VERSION="20.9.0"
echo "✓ Version parsed: $NODE_VERSION"
# 3. Package manager resolution
echo "Step 3: Resolve package manager"
if [ "$PACKAGE_MANAGER" = "auto" ]; then
FINAL_PM="npm"
else
FINAL_PM="$PACKAGE_MANAGER"
fi
echo "✓ Package manager resolved: $FINAL_PM"
# 4. Setup Node.js
echo "Step 4: Setup Node.js $NODE_VERSION"
if command -v node >/dev/null 2>&1; then
echo "✓ Node.js available: $(node --version)"
fi
# 5. Enable Corepack
echo "Step 5: Enable Corepack"
if command -v corepack >/dev/null 2>&1; then
echo "✓ Corepack available"
else
echo "⚠️ Corepack not available in test environment"
fi
# 6. Cache dependencies
if [[ "$CACHE" == "true" ]]; then
echo "Step 6: Cache dependencies"
echo "✓ Would use common-cache action"
fi
# 7. Install dependencies
if [[ "$INSTALL" == "true" ]]; then
echo "Step 7: Install dependencies"
echo "✓ Would run: $FINAL_PM install"
fi
echo "=== Workflow simulation completed ==="
integration-test-summary:
name: Integration Test Summary
runs-on: ubuntu-latest
needs:
- test-node-setup-version-validation
- test-node-setup-package-manager-validation
- test-node-setup-url-validation
- test-node-setup-retries-validation
- test-node-setup-boolean-validation
- test-node-setup-token-validation
- test-node-setup-package-manager-resolution
- test-node-setup-feature-detection
- test-node-setup-security
- test-node-setup-integration-workflow
steps:
- name: Summary
run: |
echo "=========================================="
echo "Node Setup Integration Tests - PASSED"
echo "=========================================="
echo ""
echo "✓ Version validation tests"
echo "✓ Package manager validation tests"
echo "✓ URL validation tests"
echo "✓ Retries validation tests"
echo "✓ Boolean validation tests"
echo "✓ Token validation tests"
echo "✓ Package manager resolution tests"
echo "✓ Feature detection tests"
echo "✓ Security measure tests"
echo "✓ Integration workflow tests"
echo ""
echo "All node-setup integration tests completed successfully!"

241
_tests/integration/workflows/version-file-parser-test.yml
View File

@@ -1,241 +0,0 @@
---
name: Test version-file-parser Integration
on:
workflow_dispatch:
push:
paths:
- 'version-file-parser/**'
- '_tests/integration/workflows/version-file-parser-test.yml'
jobs:
test-version-file-parser:
runs-on: ubuntu-latest
strategy:
matrix:
test-case:
- name: 'Node.js project'
language: 'node'
tool-versions-key: 'nodejs'
dockerfile-image: 'node'
expected-version: '18.0.0'
setup-files: |
echo "18.17.0" > .nvmrc
cat > package.json <<EOF
{
"name": "test-project",
"engines": { "node": ">=18.0.0" }
}
EOF
touch package-lock.json
- name: 'PHP project'
language: 'php'
tool-versions-key: 'php'
dockerfile-image: 'php'
expected-version: '8.1'
setup-files: |
cat > composer.json <<EOF
{
"require": { "php": "^8.1" }
}
EOF
- name: 'Python project'
language: 'python'
tool-versions-key: 'python'
dockerfile-image: 'python'
expected-version: '3.9'
setup-files: |
echo "3.9.0" > .python-version
cat > pyproject.toml <<EOF
[tool.poetry.dependencies]
python = "^3.9"
EOF
- name: 'Go project'
language: 'go'
tool-versions-key: 'golang'
dockerfile-image: 'golang'
expected-version: '1.21'
setup-files: |
cat > go.mod <<EOF
module test-project
go 1.21
EOF
- name: '.tool-versions file'
language: 'node'
tool-versions-key: 'nodejs'
dockerfile-image: 'node'
expected-version: '18.16.0'
setup-files: |
echo "nodejs 18.16.0" > .tool-versions
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Clean up test files from previous runs
run: |
rm -f .nvmrc package.json package-lock.json composer.json .python-version pyproject.toml go.mod .tool-versions
- name: Setup test files
run: ${{ matrix.test-case.setup-files }}
- name: Test version-file-parser
id: test-action
uses: ./version-file-parser
with:
language: ${{ matrix.test-case.language }}
tool-versions-key: ${{ matrix.test-case.tool-versions-key }}
dockerfile-image: ${{ matrix.test-case.dockerfile-image }}
default-version: '1.0.0'
- name: Validate outputs
run: |
echo "Test case: ${{ matrix.test-case.name }}"
echo "Expected version: ${{ matrix.test-case.expected-version }}"
echo "Detected version: ${{ steps.test-action.outputs.detected-version }}"
echo "Package manager: ${{ steps.test-action.outputs.package-manager }}"
# Validate that we got some version
if [[ -z "${{ steps.test-action.outputs.detected-version }}" ]]; then
echo "❌ ERROR: No version detected"
exit 1
fi
# Validate version format (basic semver check)
if ! echo "${{ steps.test-action.outputs.detected-version }}" | grep -E '^[0-9]+\.[0-9]+(\.[0-9]+)?'; then
echo "❌ ERROR: Invalid version format: ${{ steps.test-action.outputs.detected-version }}"
exit 1
fi
# Validate detected version matches expected version (not the fallback)
if [[ "${{ steps.test-action.outputs.detected-version }}" != "${{ matrix.test-case.expected-version }}" ]]; then
echo "❌ ERROR: Version mismatch"
echo "Expected: ${{ matrix.test-case.expected-version }}"
echo "Got: ${{ steps.test-action.outputs.detected-version }}"
exit 1
fi
echo "✅ Version validation passed"
# Skip external reference test in local/CI environment to avoid auth issues
- name: Test external reference (info only)
run: |
echo "External reference test would use: ivuorinen/actions/version-file-parser@main"
echo "Skipping to avoid authentication issues in local testing"
test-edge-cases:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Clean up test files from previous runs
run: |
rm -f .nvmrc package.json package-lock.json composer.json .python-version pyproject.toml go.mod .tool-versions
- name: Setup test files (package.json engines)
shell: bash
run: |
set -Eeuo pipefail
cat > package.json <<'EOF'
{
"name": "edge-case",
"engines": { "node": ">=18.0.0" }
}
EOF
echo "18.17.0" > .nvmrc
- name: Test version detection from existing files
id: existing-version
uses: ./version-file-parser
with:
language: 'node'
tool-versions-key: 'nodejs'
dockerfile-image: 'node'
default-version: '20.0.0'
- name: Validate existing version detection
run: |
# The action detects Node.js version from package.json engines field
# package.json >=18.0.0 is parsed as 18.0.0
# Note: .nvmrc exists but package.json takes precedence in this implementation
expected_version="18.0.0"
detected_version="${{ steps.existing-version.outputs.detected-version }}"
if [[ "$detected_version" != "$expected_version" ]]; then
echo "❌ ERROR: Version mismatch"
echo "Expected: $expected_version"
echo "Got: $detected_version"
exit 1
fi
echo "✅ Existing version detection works correctly"
- name: Clean up before invalid regex test
run: |
rm -f .nvmrc package.json package-lock.json
- name: Test with invalid regex
id: invalid-regex
uses: ./version-file-parser
with:
language: 'node'
tool-versions-key: 'nodejs'
dockerfile-image: 'node'
validation-regex: 'invalid[regex'
default-version: '18.0.0'
continue-on-error: true
- name: Validate regex error handling
run: |
echo "Testing regex error handling completed"
# Action should handle invalid regex gracefully
if [ "${{ steps.invalid-regex.outcome }}" != "failure" ]; then
echo "::error::Expected invalid-regex step to fail, but it was: ${{ steps.invalid-regex.outcome }}"
exit 1
fi
echo "✅ Invalid regex properly failed as expected"
test-dockerfile-parsing:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Clean up test files from previous runs
run: |
rm -f .nvmrc package.json package-lock.json composer.json .python-version pyproject.toml go.mod .tool-versions Dockerfile
- name: Create Dockerfile with Node.js
run: |
cat > Dockerfile <<EOF
FROM node:18.17.0-alpine
WORKDIR /app
COPY . .
EOF
- name: Test Dockerfile parsing
id: dockerfile-test
uses: ./version-file-parser
with:
language: 'node'
tool-versions-key: 'nodejs'
dockerfile-image: 'node'
- name: Validate Dockerfile parsing
run: |
expected_version="18.17.0"
detected_version="${{ steps.dockerfile-test.outputs.dockerfile-version }}"
echo "Expected version: $expected_version"
echo "Detected version: $detected_version"
if [[ "$detected_version" != "$expected_version" ]]; then
echo "❌ ERROR: Version mismatch"
echo "Expected: $expected_version"
echo "Got: $detected_version"
exit 1
fi
echo "✅ Dockerfile parsing successful"