privilegedescalation/org
12
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
65 Commits 17 Branches 0 Tags
4d42db2e525f0486f9802ee4f78effade5ae3116
Commit Graph

9 Commits

Author SHA1 Message Date
Hugh Hackman 4d42db2e52 ci: handle packageManager field in plugin-ci to avoid pnpm version conflict 
pnpm/action-setup@v4 errors when both the `version` input and a
`packageManager` field in package.json are specified. Detect the
packageManager field during the package-manager detection step and
conditionally omit `version: latest` when it is present.

Fixes CI failures on repos using Corepack-style pnpm version pinning
(e.g. headlamp-polaris-plugin PR #103).

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-22 04:56:42 +00:00
Hugh Hackman 1fd7a7ecf0 fix: add pnpm version fallback to plugin-ci shared workflow 
pnpm/action-setup@v4 requires either a version input or a packageManager
field in package.json. Repos with pnpm-lock.yaml but no packageManager
field were failing with "No pnpm version is specified."

Adding version: latest as a fallback allows the action to install the
latest stable pnpm when packageManager is not set. Repos that do specify
packageManager in package.json continue to use their pinned version.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-21 23:58:29 +00:00
Hugh Hackman 23c86bf2d9 ci: add pnpm auto-detection to shared plugin CI workflow 
When pnpm-lock.yaml is present, use pnpm for install, lint, type-check,
format check, tests, and security audit instead of npm. Repos using npm
are unaffected (falls back to existing npm behavior).

This fixes the npm/pnpm inconsistency in headlamp-polaris-plugin where
local development uses pnpm but CI used npm, causing:
- Different transitive dependency resolution (TypeScript not hoisted)
- Different audit results (pnpm audit vs npm audit)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-21 23:07:19 +00:00
Hugh Hackman bff9014cf8 fix: update runner label from local-ubuntu-latest to runners-privilegedescalation 
ARC runner scale set was recreated on 2026-03-19 with label
`runners-privilegedescalation` but all shared workflows still referenced
`local-ubuntu-latest`. This label mismatch caused startup_failure on
every Release workflow and queued CI jobs with no runner to pick them up.

Updates all 4 workflows and the actionlint config to match the current
ARC runner scale set label.

Closes #27
 2026-03-19 20:11:51 +00:00
Hugh Hackman[bot] cfb35fe73d ci: update actions/checkout from v4 to v6 in all reusable workflows 
actions/checkout v6 was already adopted in headlamp-agent-skills.
This brings the org-level reusable workflows (plugin-ci, plugin-release,
ci-health-check) up to the same version. Affects all plugin repos that
call these shared workflows.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-18 07:24:02 +00:00
hugh-hackman[bot] d0b4428af7 fix: remove Docker container from CI, use setup-node instead 
Eliminates Docker Hub rate limit by replacing container: node:22 with setup-node@v4.
Also fixes release workflow branch creation order.

Closes privilegedescalation/.github#14

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-15 16:55:37 +00:00
hugh-hackman[bot] 0ef78ac580 feat: make reusable workflows strictly container-native (#10) 
Co-authored-by: gandalf-the-greybeard[bot] <gandalf-the-greybeard[bot]@users.noreply.github.com>
 2026-03-10 23:44:40 +00:00
gandalf-the-greybeard[bot] 991278ebac ci: add npm audit step to shared plugin CI workflow 
Adds a security audit step (npm audit --omit=dev) to catch known
vulnerabilities in production dependencies. Runs after tests so build
failures are reported before audit findings. Uses --omit=dev to focus
on production-facing risk.

This covers all 6 plugin repos that use the shared workflow.
 2026-03-08 19:02:12 +00:00
hugh-hackman[bot] 521d120425 feat: add reusable CI and release workflows for Headlamp plugins 2026-03-08 00:44:51 +00:00