From 8390aeb5dfc0059528eefca16f46fd719b8c22e5 Mon Sep 17 00:00:00 2001 From: DevContainer User Date: Wed, 4 Mar 2026 00:41:37 +0000 Subject: [PATCH] ci: standardize CI/CD workflows and add Renovate - CI: single sequential job, local-ubuntu-latest runner, Node 22, workflow_call trigger, npm run commands - Release: CI gate via reusable workflow, concurrency protection, dynamic package name, tarball validation, gh CLI - Delete test-runner.yaml (one-time runner diagnostic) - Add renovate.json with recommended config Co-Authored-By: Claude Opus 4.6 --- .github/workflows/ci.yaml | 32 +++---- .github/workflows/release.yaml | 143 ++++++++++------------------- .github/workflows/test-runner.yaml | 23 ----- renovate.json | 4 + 4 files changed, 66 insertions(+), 136 deletions(-) delete mode 100644 .github/workflows/test-runner.yaml create mode 100644 renovate.json diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 50951c1..cfc2606 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -5,9 +5,10 @@ on: branches: [main] pull_request: branches: [main] + workflow_call: jobs: - lint-and-test: + ci: runs-on: local-ubuntu-latest timeout-minutes: 10 @@ -18,34 +19,23 @@ jobs: - name: Setup Node.js uses: actions/setup-node@v4 with: - node-version: '20' + node-version: '22' cache: 'npm' - name: Install dependencies run: npm ci - - name: Type-check - run: npm run tsc + - name: Build plugin + run: npx @kinvolk/headlamp-plugin build - name: Lint run: npm run lint - - name: Build plugin - run: npx @kinvolk/headlamp-plugin build + - name: Type-check + run: npm run tsc - - name: Verify build artifacts - run: | - if [ ! -d "dist" ] || [ -z "$(ls -A dist)" ]; then - echo "::error::dist directory is empty or missing" - exit 1 - fi - echo "Build artifacts verified" - ls -lh dist/ + - name: Format check + run: npm run format:check - - name: Upload build artifact (for inspection) - uses: actions/upload-artifact@v4 - if: always() - with: - name: plugin-dist - path: dist/ - retention-days: 7 + - name: Run tests + run: npm test diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 49e815b..9f7eea4 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -4,144 +4,103 @@ on: workflow_dispatch: inputs: version: - description: 'Version to release (without v prefix, e.g., 0.2.5)' + description: 'Release version (e.g. 1.0.0)' required: true type: string +permissions: + contents: write + +concurrency: + group: release + cancel-in-progress: false + jobs: + ci: + uses: ./.github/workflows/ci.yaml + release: + needs: ci runs-on: local-ubuntu-latest - permissions: - contents: write + timeout-minutes: 10 + steps: - name: Validate version format run: | - if ! echo "${{ inputs.version }}" | grep -qE '^[0-9]+\.[0-9]+\.[0-9]+$'; then - echo "::error::Version must be in format X.Y.Z (e.g., 0.2.5)" + if [[ ! "${{ inputs.version }}" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then + echo "Error: Version must be in X.Y.Z format" exit 1 fi - name: Checkout uses: actions/checkout@v4 - - name: Get package name - id: package_name - run: | - PKG_NAME=$(jq -r '.name' package.json) - echo "name=${PKG_NAME}" >> $GITHUB_OUTPUT - echo "Package name: ${PKG_NAME}" - - - name: Configure git + - name: Configure Git run: | git config user.name "github-actions[bot]" git config user.email "github-actions[bot]@users.noreply.github.com" - - name: Update package.json version - run: | - jq --arg version "${{ inputs.version }}" '.version = $version' package.json > package.json.tmp - mv package.json.tmp package.json + - name: Update version in package.json + run: npm version ${{ inputs.version }} --no-git-tag-version - - name: Update artifacthub-pkg.yml version + - name: Update artifacthub-pkg.yml run: | VERSION="${{ inputs.version }}" - RELEASE_URL="https://github.com/${{ github.repository }}/releases/download/v${VERSION}/${{ steps.package_name.outputs.name }}-${VERSION}.tar.gz" - - sed -i "s|^version:.*|version: ${VERSION}|" artifacthub-pkg.yml - sed -i "s|^appVersion:.*|appVersion: ${VERSION}|" artifacthub-pkg.yml + PKG_NAME=$(jq -r .name package.json) + RELEASE_URL="https://github.com/${{ github.repository }}/releases/download/v${VERSION}/${PKG_NAME}-${VERSION}.tar.gz" + sed -i "s/^version:.*/version: \"${VERSION}\"/" artifacthub-pkg.yml sed -i "s|headlamp/plugin/archive-url:.*|headlamp/plugin/archive-url: \"${RELEASE_URL}\"|" artifacthub-pkg.yml - name: Setup Node.js uses: actions/setup-node@v4 with: - node-version: '20' + node-version: '22' cache: 'npm' - name: Install dependencies run: npm ci - - name: Run type check - run: npm run tsc - - - name: Run linter - run: npm run lint - - name: Build plugin run: npx @kinvolk/headlamp-plugin build - name: Package plugin run: npx @kinvolk/headlamp-plugin package - - name: Validate tarball name + - name: Prepare release tarball run: | - EXPECTED="${{ steps.package_name.outputs.name }}-${{ inputs.version }}.tar.gz" - ACTUAL=$(ls *.tar.gz) - if [ "$EXPECTED" != "$ACTUAL" ]; then - echo "::error::Tarball name mismatch! Expected: $EXPECTED, Got: $ACTUAL" - exit 1 - fi - echo "Tarball name validated: $ACTUAL" + VERSION="${{ inputs.version }}" + PKG_NAME=$(jq -r .name package.json) + TARBALL="${PKG_NAME}-${VERSION}.tar.gz" + mv *.tar.gz "$TARBALL" + echo "TARBALL=$TARBALL" >> $GITHUB_ENV + echo "PKG_NAME=$PKG_NAME" >> $GITHUB_ENV + + - name: Validate tarball + run: | + echo "Tarball: ${{ env.TARBALL }}" + ls -lh "${{ env.TARBALL }}" + tar -tzf "${{ env.TARBALL }}" | head -20 + tar -tzf "${{ env.TARBALL }}" | grep -q "main.js" || { echo "Error: main.js not found in tarball"; exit 1; } - name: Compute checksum - id: compute_checksum run: | - TARBALL="${{ steps.package_name.outputs.name }}-${{ inputs.version }}.tar.gz" - CHECKSUM=$(sha256sum "$TARBALL" | awk '{print $1}') - echo "checksum=${CHECKSUM}" >> $GITHUB_OUTPUT - echo "Checksum: sha256:${CHECKSUM}" - - - name: Verify tarball contents - run: | - TARBALL="${{ steps.package_name.outputs.name }}-${{ inputs.version }}.tar.gz" - echo "Tarball contents:" - tar -tzf "${TARBALL}" | head -20 - - # Verify main.js exists (structure is /main.js) - if ! tar -tzf "${TARBALL}" | grep -q "${{ steps.package_name.outputs.name }}/main.js"; then - echo "::error::main.js not found in tarball" - exit 1 - fi - echo "Tarball contents validated" - - - name: Update checksum in metadata - run: | - CHECKSUM="${{ steps.compute_checksum.outputs.checksum }}" + CHECKSUM=$(sha256sum "${{ env.TARBALL }}" | awk '{print $1}') + echo "CHECKSUM=$CHECKSUM" >> $GITHUB_ENV sed -i "s|headlamp/plugin/archive-checksum:.*|headlamp/plugin/archive-checksum: sha256:${CHECKSUM}|" artifacthub-pkg.yml - - name: Commit version bump and metadata + - name: Commit and tag run: | - git add package.json artifacthub-pkg.yml - git commit -m "chore: release v${{ inputs.version }}" - git push origin main - - - name: Create and push tag - run: | - git tag "v${{ inputs.version }}" - git push origin "v${{ inputs.version }}" + VERSION="${{ inputs.version }}" + git add package.json package-lock.json artifacthub-pkg.yml + git commit -m "release: v${VERSION}" + git tag "v${VERSION}" + git push origin main --tags - name: Create GitHub Release - uses: softprops/action-gh-release@v2 - with: - tag_name: "v${{ inputs.version }}" - files: ${{ steps.package_name.outputs.name }}-${{ inputs.version }}.tar.gz - fail_on_unmatched_files: true - draft: false - prerelease: false - generate_release_notes: true env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: Summary + GH_TOKEN: ${{ github.token }} run: | - echo "Release Summary:" - echo "==================" - echo "Version: v${{ inputs.version }}" - echo "Tarball: ${{ steps.package_name.outputs.name }}-${{ inputs.version }}.tar.gz" - echo "Checksum: sha256:${{ steps.compute_checksum.outputs.checksum }}" - echo "Archive URL: https://github.com/${{ github.repository }}/releases/download/v${{ inputs.version }}/${{ steps.package_name.outputs.name }}-${{ inputs.version }}.tar.gz" - echo "" - echo "Version bumped to ${{ inputs.version }}" - echo "Metadata updated with checksum" - echo "Tag v${{ inputs.version }} created" - echo "GitHub release published with tarball" - echo "" - echo "Artifact Hub will sync within 5-10 minutes." + VERSION="${{ inputs.version }}" + gh release create "v${VERSION}" "${{ env.TARBALL }}" \ + --title "v${VERSION}" \ + --generate-notes diff --git a/.github/workflows/test-runner.yaml b/.github/workflows/test-runner.yaml deleted file mode 100644 index 2a3a709..0000000 --- a/.github/workflows/test-runner.yaml +++ /dev/null @@ -1,23 +0,0 @@ -name: Test Runner - -on: - workflow_dispatch: - -jobs: - test: - runs-on: local-ubuntu-latest - timeout-minutes: 5 - - steps: - - name: Echo test - run: | - echo "Runner is working!" - echo "Hostname: $(hostname)" - echo "User: $(whoami)" - echo "PWD: $(pwd)" - echo "Node version: $(node --version)" - echo "NPM version: $(npm --version)" - - - name: List runner labels - run: | - echo "This job ran on a runner with labels: self-hosted, local-ubuntu-latest" diff --git a/renovate.json b/renovate.json new file mode 100644 index 0000000..22a9943 --- /dev/null +++ b/renovate.json @@ -0,0 +1,4 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": ["config:recommended"] +}