Skip to content

feat: Create github-action #91

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
macalbert merged 39 commits into from
Nov 16, 2025
Merged

feat: Create github-action #91

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
39 commits
Select commit Hold shift + click to select a range
d9bf4d2
♻️ Move GitHub Action to github-action/ subfolder
macalbert Nov 15, 2025
dcd66c8
docs: Improve clarity in README regarding path references
macalbert Nov 15, 2025
4e9ea8a
✨ Add Mario Bros theme to GitHub Action README
macalbert Nov 15, 2025
d1a368d
🧹 Remove aws-profile dead code
macalbert Nov 15, 2025
ffd479e
docs: Remove redundant blank line in GitHub Action documentation
macalbert Nov 15, 2025
24b028d
refactor(githubAction): Remove unused AWS profile handling
macalbert Nov 15, 2025
412601b
fix(githubAction): Update action references in documentation and code
macalbert Nov 15, 2025
3ab2b55
chore(deps): Update @textlint packages to version 15.3.0
macalbert Nov 15, 2025
6781a02
test(githubAction): Set GITHUB_ACTIONS env variable for tests
macalbert Nov 15, 2025
94d1166
fix(githubAction): Correct path to GitHubAction.js in validation step
macalbert Nov 15, 2025
e964aff
fix(githubAction): Correct author name in action.yml
macalbert Nov 15, 2025
cb47f18
chore(deps): Update @aws-sdk/credential-providers to v3.932.0
macalbert Nov 15, 2025
bc3715e
chore(config): Add pnpm workspace configuration and update pack script
macalbert Nov 16, 2025
004af4b
chore(deps): Update dependencies and switch to pnpm commands
macalbert Nov 16, 2025
4310e50
feat(githubAction): Update action paths and add new GitHub Action imp…
macalbert Nov 16, 2025
d0bc027
docs: Update README to clarify Envilder's features and usage
macalbert Nov 16, 2025
50e851c
chore(config): Add missing package declaration in pnpm workspace
macalbert Nov 16, 2025
9f64e56
feat(githubAction): Update action script paths and add entry point
macalbert Nov 16, 2025
29464a0
feat(githubAction): Add end-to-end tests for GitHub Actions simulation
macalbert Nov 16, 2025
047de6e
chore(e2e): Update LocalStack image to stable version
macalbert Nov 16, 2025
6c06b91
chore: Update version to 0.7.0
macalbert Nov 16, 2025
70fc574
feat(packaging): Add project build and uninstall functionality
macalbert Nov 16, 2025
c9df0c4
fix(githubAction): Correct build command from ppnpm to pnpm
macalbert Nov 16, 2025
d72ad92
chore(ci): Update GitHub Action publishing workflow and add global se…
macalbert Nov 16, 2025
fd0b6e4
docs: Update changelog and security documentation for version 0.7.0
macalbert Nov 16, 2025
9d6f0f3
docs: Disable markdownlint rule for changelog
macalbert Nov 16, 2025
8989448
fix(githubAction): Remove source map generation from build:gha script
macalbert Nov 16, 2025
b62f858
chore: Update Node engine requirement to 20.x
macalbert Nov 16, 2025
72db8f7
chore(ci): Add step to bundle GitHub Action in workflow
macalbert Nov 16, 2025
997ecb2
docs: Clarify escapeEnvValue function sanitization intent
macalbert Nov 16, 2025
64abe3d
chore(ci): Ignore CHANGELOG.md in markdownlint checks
macalbert Nov 16, 2025
a91b1f7
chore: Ensure newline at end of package.json
macalbert Nov 16, 2025
ab00451
chore(ci): Remove CHANGELOG.md ignore from markdownlint
macalbert Nov 16, 2025
b26b203
refactor(cli): Move CLI entry point to index.js and clean up error ha…
macalbert Nov 16, 2025
2a386f5
feat(gha): Add GitHub Action entry point and input handling
macalbert Nov 16, 2025
d28899d
refactor(cli): Rename index files for consistency
macalbert Nov 16, 2025
2c4ad32
chore: Ensure newline at end of package.json
macalbert Nov 16, 2025
2721d56
feat(gha): Add GitHub Action workflow for verifying builds
macalbert Nov 16, 2025
545d40d
style(package.json): Ensure newline at end of file
macalbert Nov 16, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 24 additions & 0 deletions .commitlintrc.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
{
"extends": ["@commitlint/config-conventional"],
"rules": {
"type-enum": [
2,
"always",
[
"feat",
"fix",
"docs",
"style",
"refactor",
"perf",
"test",
"chore",
"ci",
"build",
"revert"
]
],
"subject-case": [2, "never", ["upper-case"]],
"header-max-length": [2, "always", 100]
}
}
4 changes: 0 additions & 4 deletions .github/dependabot.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,8 +17,6 @@ updates:
labels:
- "npm"
- "dependencies"
reviewers:
- macalbert
assignees:
- macalbert

Expand All @@ -34,7 +32,5 @@ updates:
labels:
- "github-actions"
- "dependencies"
reviewers:
- macalbert
assignees:
- macalbert
6 changes: 5 additions & 1 deletion .github/workflows/markdownlint.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,12 +33,16 @@ jobs:

steps:
- uses: actions/checkout@v5
- name: 📦 Install pnpm
uses: pnpm/action-setup@v2
with:
version: 9
- name: 🍬 Use Node.js (Eat a Candy)
uses: actions/setup-node@v6
with:
node-version: "22.x"
- name: 🌈 Run Rainbow Road Markdownlint
run: |
echo "::add-matcher::.github/workflows/markdownlint-problem-matcher.json"
npm i -g markdownlint-cli
pnpm add -g markdownlint-cli
markdownlint "**/*.md"
130 changes: 130 additions & 0 deletions .github/workflows/publish-action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,130 @@
name: 🔑 Key Chest Publisher

on:
workflow_dispatch:
inputs:
version:
description: '🎮 Level to publish (e.g., 1.0.0)'
required: true
update-major:
description: '⭐ Update power-up tag (e.g., v1)'
type: boolean
default: true

permissions:
contents: write

jobs:
publish-action:
runs-on: ubuntu-24.04
timeout-minutes: 15

steps:
- name: 🧱 Enter the Pipe (Checkout)
uses: actions/checkout@v5
with:
fetch-depth: 0

- name: 📦 Install pnpm
uses: pnpm/action-setup@v2
with:
version: 9

- name: 🍄 Grab a Mushroom (Setup Node.js)
uses: actions/setup-node@v6
with:
node-version: '20.x'
cache: 'pnpm'

- name: 📦 Open the ? Block (Install packages)
run: pnpm install --frozen-lockfile

- name: 🔍 Check if Already Published
id: version-check
run: |
if git rev-parse "v${{ inputs.version }}" >/dev/null 2>&1; then
echo "⚠️ Version v${{ inputs.version }} already exists!"
echo "should_publish=false" >> $GITHUB_OUTPUT
else
echo "✅ Version v${{ inputs.version }} is new!"
echo "should_publish=true" >> $GITHUB_OUTPUT
fi

- name: 🏗️ Build the Castle
if: steps.version-check.outputs.should_publish == 'true'
run: pnpm build:gha

- name: 🔍 Check for Hidden Blocks (Verify build)
if: steps.version-check.outputs.should_publish == 'true'
run: |
if [ ! -f "github-action/dist/index.js" ]; then
echo "❌ Oh no! Mario fell into a pit! Build failed!"
exit 1
fi
echo "✅ Yahoo! Build successful! 🎉"

- name: 📝 Commit Built Files
if: steps.version-check.outputs.should_publish == 'true'
run: |
git config user.name "github-actions[bot]"
git config user.email "github-actions[bot]@users.noreply.github.com"

git add -f github-action/dist/index.js

# Only commit if there are changes
if git diff --staged --quiet; then
echo "ℹ️ No changes to commit"
else
git commit -m "build: update compiled files for v${{ inputs.version }}"
git push origin HEAD:${{ github.ref_name }}
fi

- name: 🏁 Place the Flagpole (Create version tag)
if: steps.version-check.outputs.should_publish == 'true'
run: |
echo "🏁 Creating tag v${{ inputs.version }}!"
git tag -a "v${{ inputs.version }}" -m "Release v${{ inputs.version }}"
git push origin "v${{ inputs.version }}"

- name: ⭐ Collect the Star (Update major version)
if: inputs.update-major == true && steps.version-check.outputs.should_publish == 'true'
run: |
MAJOR_VERSION=$(echo "v${{ inputs.version }}" | cut -d. -f1)

echo "⭐ Collecting star power! Updating $MAJOR_VERSION to v${{ inputs.version }}"

git tag -fa "$MAJOR_VERSION" -m "⭐ Power-up $MAJOR_VERSION now at v${{ inputs.version }}"
git push origin "$MAJOR_VERSION" --force
echo "🌟 Star collected! $MAJOR_VERSION is now super-charged!"

- name: 🏰 Unlock the Castle (Create Release)
if: steps.version-check.outputs.should_publish == 'true'
uses: ncipollo/release-action@v1
with:
tag: "v${{ inputs.version }}"
name: "🔑 Secret Key Level v${{ inputs.version }}"
body: |
## 🔑 Envilder GitHub Action - Level v${{ inputs.version }}

🎮 **New power-up unlocked!** Pull secrets from AWS SSM like collecting coins! 🪙

### 🍄 How to use this power-up

```yaml
- uses: aws-actions/configure-aws-credentials@v5
with:
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
aws-region: us-east-1

- uses: macalbert/envilder@v${{ inputs.version }}
with:
map-file: param-map.json
env-file: .env
```

📖 Check the [manual](https://github.com/macalbert/envilder/blob/main/docs/github-action.md) to master this level!

🎊 **Let's-a-go!**
generateReleaseNotes: true
token: ${{ secrets.GITHUB_TOKEN }}
makeLatest: true
25 changes: 13 additions & 12 deletions .github/workflows/publish.yml → .github/workflows/publish-npm.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
name: 🍄 Power-Up Publisher
name: 📦 Publish NPM Package

on:
push:
Expand All @@ -7,7 +7,7 @@ on:
paths:
- 'src/**'
- 'package.json'
- '.github/workflows/publish.yml'
- '.github/workflows/publish-npm.yml'

# Add explicit permissions for the GITHUB_TOKEN
permissions:
Expand All @@ -24,16 +24,17 @@ jobs:
with:
fetch-depth: 0

- name: 📦 Install pnpm
uses: pnpm/action-setup@v2
with:
version: 9

- name: 🛠️ Setup Node.js
uses: actions/setup-node@v6
with:
node-version: '20'
registry-url: 'https://registry.npmjs.org'
cache: 'npm'

# Ensure npm 11.5.1 or later is installed
- name: Update npm
run: npm install -g npm@latest
cache: 'pnpm'

- name: 👑 Detect version bump
id: version-check
Expand Down Expand Up @@ -63,23 +64,23 @@ jobs:

- name: 🌟 Install dependencies
if: steps.version-check.outputs.version_changed == 'true'
run: npm ci
run: pnpm install --frozen-lockfile

- name: 🔥 Lint
if: steps.version-check.outputs.version_changed == 'true'
run: npm run lint
run: pnpm lint

- name: 🍄 Run tests
if: steps.version-check.outputs.version_changed == 'true'
run: npm test
run: pnpm test

- name: 🏗️ Build package
if: steps.version-check.outputs.version_changed == 'true'
run: npm run build
run: pnpm build

- name: 🚩 Publish to npm
if: steps.version-check.outputs.version_changed == 'true'
run: npm publish --access public
run: pnpm publish --access public

- name: 🏰 Create release
if: steps.version-check.outputs.version_changed == 'true'
Expand Down
83 changes: 83 additions & 0 deletions .github/workflows/test-action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,83 @@
name: 🔑 Key Chest Test

permissions:
id-token: write # Required for OIDC authentication with AWS
contents: read

on:
workflow_dispatch: {}

pull_request:
branches:
- "*"
types:
- opened
- reopened
- synchronize
- ready_for_review
paths:
- ".github/workflows/test-action.yml"
- "github-action/action.yml"
- "src/apps/gha/**"
- "tests/apps/gha/**"
- "e2e/github-action.test.ts"

concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.sha }}
cancel-in-progress: true

jobs:
test-action:
runs-on: ubuntu-24.04
if: ${{ !github.event.pull_request.draft }}
timeout-minutes: 15

steps:
- name: 🧱 Enter the Pipe (Checkout)
uses: actions/checkout@v5

- name: 📦 Install pnpm
uses: pnpm/action-setup@v2
with:
version: 9

- name: 🍄 Grab a Mushroom (Setup Node.js with Cache)
uses: actions/setup-node@v6
with:
node-version: '20.x'
cache: 'pnpm'

- name: 🪙 Collect Coins (Configure AWS credentials)
uses: aws-actions/configure-aws-credentials@v5
with:
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
aws-region: ${{ secrets.AWS_REGION }}

- name: 📦 Open the ? Block (Install packages)
run: pnpm install --frozen-lockfile

- name: 🏗️ Build the Castle
run: pnpm build

- name: 📦 Bundle GitHub Action
run: pnpm run build:gha

- name: 🔐 Test Action - Pull Secrets
uses: ./github-action
with:
map-file: e2e/sample/param-map.json
env-file: .env.test

- name: ✅ Verify .env file was created
run: |
if [ ! -f .env.test ]; then
echo "❌ .env.test file was not created!"
exit 1
fi
echo "✅ .env.test file created successfully!"
echo "Contents:"
cat .env.test

- name: 🧹 Clean up test file
if: always()
run: rm -f .env.test
Loading