Rewrite as bash wrapper around 3rd-party downloader (#76)

* Rewrite as bash wrapper around 3rd-party downloader * update readme
hashicorp · May 28, 2024 · c0a1005 · c0a1005
1 parent f4b0b1e
commit c0a1005
Show file tree

Hide file tree

Showing 18 changed files with 116 additions and 59,538 deletions.
diff --git a/.eslintignore b/.eslintignore
diff --git a/.eslintrc.json b/.eslintrc.json
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -1,18 +1,87 @@
+# Copyright (c) HashiCorp, Inc.
+# SPDX-License-Identifier: MPL-2.0
+
+---
 name: CI
 on:
   push:
+  workflow_dispatch:
+
+defaults:
+  run:
+    shell: bash
 
 jobs:
   test:
-    runs-on: [ubuntu-latest]
+    name: Test Bob Installation
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        tag:
+          - '' # latest release
+          - 'v0.2.0' # not the latest release
+
     steps:
-      - name: Checkout
-        uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
-      - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
-        with:
-          node-version: 20
-          cache: yarn
-      - name: Install dependencies
-        run: yarn install --frozen-lockfile
-      - name: Test
-        run:  npm test ./bob.test.js
+    - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+
+    - name: "Install tools (only for running locally via act)"
+      if: env.CI == 'true' && env.ACT == 'true'
+      env:
+        GH_TOKEN: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
+      run: |
+        run_quiet() { local logfile="${RUNNER_TEMP}/command.log" ; "$@" > "$logfile" 2>&1 || { cat "$logfile" ; exit 1 ; } ; }
+
+        type -p curl >/dev/null || (apt update && apt install --yes curl)
+        curl --silent --show-error --fail --location \
+          --output /usr/share/keyrings/githubcli-archive-keyring.gpg \
+          https://cli.github.com/packages/githubcli-archive-keyring.gpg
+        echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" > /etc/apt/sources.list.d/github-cli.list
+        run_quiet apt update
+        run_quiet apt install --yes gh
+        gh --version
+
+    - name: Install bob
+      uses: ./
+      id: install
+      with:
+        tag: ${{ matrix.tag }}
+        github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
+
+    - name: Test reported version
+      env:
+        GH_TOKEN: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
+      run: |
+        got_ver="${{ steps.install.outputs.installed_version }}"
+        if [ -z "$got_ver" ]; then
+          echo "Failed to detect installed version: step output empty." 1>&2
+          exit 1
+        fi
+
+        exp_ver="${{ matrix.tag }}"
+        if [ -z "$exp_ver" ]; then # default version, same method used by action.yml
+          echo "Identifying latest release..."
+          exp_ver="$(gh release list --repo=hashicorp/bob | awk '$2 == "Latest" { print $3 }')"
+          echo "  Latest release: $exp_ver"
+        fi
+        if [ -z "$exp_ver" ]; then
+          echo "Failed to determine expected version of hc-releases" 1>&2
+          exit 1
+        fi
+
+        echo "Found version: $got_ver"
+        echo "Expected version: $exp_ver"
+
+        # When checking the version, ignore the common `v` prefix in tags.
+        # This test is imperfect but should be good enough.
+        if ! grep -Eq "(^|.*[^[:digit:]])${exp_ver#v}([^[:digit:]]|$)" <<< "$got_ver" ; then
+          echo "Incorrect version found (wrong version installed?  target version not first in PATH?)" 1>&2
+          echo "Failed to find [${exp_ver#v}] within [$got_ver]" 1>&2
+          exit 1
+        fi
+
+    # test that a single job can call the action multiple times
+    - name: Install again
+      uses: ./
+      with:
+        tag: ${{ matrix.tag }}
+        github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
diff --git a/README.md b/README.md
@@ -6,52 +6,37 @@ useful to other organizations._
 
 GitHub action to setup `bob` CLI. This action can be run on `ubuntu-latest` and `macos-latest` GitHub Actions runners, and will install and expose a specified version of the `bob` CLI on the runner environment.
 
-The pattern for this action copied from `https://github.com/hashicorp/setup-hc-releases` as it has reliable tests and error handling patterns.
-
 ## Usage
 
 Setup the `bob` CLI:
 
 ```yaml
 steps:
-- uses: hashicorp/action-setup-bob@v1
+- uses: hashicorp/action-setup-bob@v2
   with:
-    github-token:
-      ${{ secrets.GITHUB_TOKEN }}
+    github-token: ${{ secrets.GITHUB_TOKEN }}
 ```
 
 A specific version of the `bob` CLI can be installed:
 
 ```yaml
 steps:
-- uses: hashicorp/action-setup-bob@v1
+- uses: hashicorp/action-setup-bob@v2
   with:
-    github-token:
-      ${{ secrets.GITHUB_TOKEN }}
-    version:
-      0.1.0
+    github-token: ${{ secrets.GITHUB_TOKEN }}
+    tag: v0.2.0
 ```
 
 ## Inputs
 The actions supports the following inputs:
 
 - `github-token`: The GitHub token secret to use with permissions to download `bob` CLI
-- `version`: The version of `bob` to install, defaulting to latest
+- `tag`: The tag of the release of `bob` to install, defaulting to latest
 
 ## Release Instructions
 
-If you have released a new version of [bob](https://github.com/hashicorp/bob), you will need to update the bob version here to ensure it points to the correct version. An example of this update should look like [this](https://github.com/hashicorp/action-setup-bob/pull/4/files) Once the bob version has been updated, you will need to create a new tag and point it to the major version tag. 
-
-**Updating `bob` Version** 
-1. Checkout to a new branch
-2. Update bob version
-3. Run `npm run prepare` (you might have to do a `npm install` to wake up npm if you haven't used it in a while)
-4. Push your changes, open up a PR, get it approved + merged.
-
-**Create a New Tag**
-1. `git checkout main && git pull origin main`
-2. `git tag v<new-version-number> && git push origin v<new-version-number>`
-3. Push the tag while you're on the `main` branch
-4. Depending on which major version the action is on, you will need to delete and update the tag version: 
-  - `git tag -d v1 && git push origin :refs/tags/v1`
-  - `git tag v1 && git push origin v1` (or whatever main version the action is on)
+After your PR is merged to the default branch, `main`:
+1. Update locally: `git checkout main && git pull origin main`
+1. Create a new tag for the release, e.g. `v2.0.1` with `git tag v2.0.1 && git push origin v2.0.1`.
+1. Update the major version tag locally, e.g. `git tag -d v2 && git tag v2`
+1. Update the major version tag upstream, e.g. `git push origin :refs/tags/v2 && git push origin v2`
diff --git a/action.js b/action.js
diff --git a/action.yml b/action.yml
@@ -7,10 +7,30 @@ inputs:
   github-token:
     description: "GitHub token to access the bob release."
     required: true
-  version:
-    description: Version of bob CLI to install
+  tag:
+    description: "Release tag of bob CLI to install; install the latest release by default"
     required: false
-    default: '0.2.2'
+    # empty for the latest release
+    default: ''
+outputs:
+  installed_version:
+    description: "The installed version as reported by the tool"
+    value: ${{ steps.capture.outputs.installed_version }}
+
 runs:
-  using: node20
-  main: dist/index.js
+  using: composite
+  steps:
+    - name: Fetch release artifact
+      uses: jaxxstorm/[email protected]
+      with:
+        repo: hashicorp/bob
+        tag: ${{ inputs.tag }}
+        token: ${{ inputs.github-token }}
+        cache: false
+
+    - name: Capture installed version
+      id: capture
+      shell: bash
+      run: |
+        bob -version | tee .version_check
+        echo "installed_version=$(< .version_check)" >> "$GITHUB_OUTPUT"
diff --git a/bob.js b/bob.js