From 337fdf2194d3e87cdd26672305866d19d404fcd3 Mon Sep 17 00:00:00 2001 From: Araxeus Date: Fri, 22 Apr 2022 15:58:19 +0300 Subject: [PATCH 1/5] fix broken link in readme (#473) * fix broken link * fix broken link --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index e997b92e..1460e240 100644 --- a/README.md +++ b/README.md @@ -49,7 +49,7 @@ The action defaults to search for the dependency file (`package-lock.json` or `y **Note:** The action does not cache `node_modules` -See the examples of using cache for `yarn` / `pnpm` and `cache-dependency-path` input in the [Advanced usage](docs/advanced-usage.md#caching-packages-dependencies) guide. +See the examples of using cache for `yarn` / `pnpm` and `cache-dependency-path` input in the [Advanced usage](docs/advanced-usage.md#caching-packages-data) guide. **Caching npm dependencies:** @@ -103,7 +103,7 @@ jobs: 1. [Check latest version](docs/advanced-usage.md#check-latest-version) 2. [Using a node version file](docs/advanced-usage.md#node-version-file) 3. [Using different architectures](docs/advanced-usage.md#architecture) -4. [Caching packages data](docs/advanced-usage.md#caching-packages-dependencies) +4. [Caching packages data](docs/advanced-usage.md#caching-packages-data) 5. [Using multiple operating systems and architectures](docs/advanced-usage.md#multiple-operating-systems-and-architectures) 6. [Publishing to npmjs and GPR with npm](docs/advanced-usage.md#publish-to-npmjs-and-gpr-with-npm) 7. [Publishing to npmjs and GPR with yarn](docs/advanced-usage.md#publish-to-npmjs-and-gpr-with-yarn) From 25184c4485a7b08d05f0d0a07d714e3611e40d38 Mon Sep 17 00:00:00 2001 From: Adam Stachowicz Date: Tue, 26 Apr 2022 15:11:03 +0000 Subject: [PATCH 2/5] Update README.md (#475) * Update README.md * Update README.md --- README.md | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index 1460e240..4c6ff06e 100644 --- a/README.md +++ b/README.md @@ -11,7 +11,7 @@ This action provides the following functionality for GitHub Actions users: - Registering problem matchers for error output - Configuring authentication for GPR or npm -# Usage +## Usage See [action.yml](action.yml) @@ -22,7 +22,7 @@ steps: - uses: actions/checkout@v3 - uses: actions/setup-node@v3 with: - node-version: '14' + node-version: 14 - run: npm install - run: npm test ``` @@ -33,7 +33,7 @@ The action will first check the local cache for a semver match. If unable to fin For information regarding locally cached versions of Node.js on GitHub hosted runners, check out [GitHub Actions Virtual Environments](https://github.com/actions/virtual-environments). -#### Supported version syntax +### Supported version syntax The `node-version` input supports the following syntax: @@ -49,7 +49,7 @@ The action defaults to search for the dependency file (`package-lock.json` or `y **Note:** The action does not cache `node_modules` -See the examples of using cache for `yarn` / `pnpm` and `cache-dependency-path` input in the [Advanced usage](docs/advanced-usage.md#caching-packages-data) guide. +See the examples of using cache for `yarn`/`pnpm` and `cache-dependency-path` input in the [Advanced usage](docs/advanced-usage.md#caching-packages-data) guide. **Caching npm dependencies:** @@ -58,7 +58,7 @@ steps: - uses: actions/checkout@v3 - uses: actions/setup-node@v3 with: - node-version: '14' + node-version: 14 cache: 'npm' - run: npm install - run: npm test @@ -71,14 +71,14 @@ steps: - uses: actions/checkout@v3 - uses: actions/setup-node@v3 with: - node-version: '14' + node-version: 14 cache: 'npm' cache-dependency-path: subdir/package-lock.json - run: npm install - run: npm test ``` -## Matrix Testing: +## Matrix Testing ```yaml jobs: @@ -86,7 +86,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - node: [ '12', '14', '16' ] + node: [ 12, 14, 16 ] name: Node ${{ matrix.node }} sample steps: - uses: actions/checkout@v3 @@ -109,14 +109,14 @@ jobs: 7. [Publishing to npmjs and GPR with yarn](docs/advanced-usage.md#publish-to-npmjs-and-gpr-with-yarn) 8. [Using private packages](docs/advanced-usage.md#use-private-packages) -# License +## License The scripts and documentation in this project are released under the [MIT License](LICENSE) -# Contributions +## Contributions -Contributions are welcome! See [Contributor's Guide](docs/contributors.md) +Contributions are welcome! See [Contributor's Guide](docs/contributors.md) ## Code of Conduct -:wave: Be nice. See [our code of conduct](CODE_OF_CONDUCT.md) +:wave: Be nice. See [our code of conduct](CODE_OF_CONDUCT.md) From 0bd06765ef0b51db720effb3b27b09a604b36300 Mon Sep 17 00:00:00 2001 From: Matthias Christoph Munder Date: Sun, 1 May 2022 16:59:15 +0200 Subject: [PATCH 3/5] Improve advanced usage docs (#472) --- docs/advanced-usage.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/advanced-usage.md b/docs/advanced-usage.md index 9f2f5c88..3fed348e 100644 --- a/docs/advanced-usage.md +++ b/docs/advanced-usage.md @@ -82,9 +82,9 @@ steps: steps: - uses: actions/checkout@v3 -- uses: pnpm/action-setup@646cdf48217256a3d0b80361c5a50727664284f2 +- uses: pnpm/action-setup@v2 with: - version: 6.10.0 + version: 6.32.9 - uses: actions/setup-node@v3 with: node-version: '14' From b067f78ed37e8b6503efbf8c2b320b7f1e48369a Mon Sep 17 00:00:00 2001 From: Jon Koops Date: Thu, 5 May 2022 16:16:51 +0200 Subject: [PATCH 4/5] Use CI friendly commands in documentation (#326) --- README.md | 12 ++++++--- docs/advanced-usage.md | 58 +++++++++++++++++++++++++++++++++--------- 2 files changed, 54 insertions(+), 16 deletions(-) diff --git a/README.md b/README.md index 4c6ff06e..8e8be6ef 100644 --- a/README.md +++ b/README.md @@ -23,7 +23,7 @@ steps: - uses: actions/setup-node@v3 with: node-version: 14 -- run: npm install +- run: npm ci - run: npm test ``` @@ -41,6 +41,10 @@ major versions: `12`, `14`, `16` more specific versions: `10.15`, `14.2.0`, `16.3.0` nvm lts syntax: `lts/erbium`, `lts/fermium`, `lts/*` +### Checking in lockfiles + +It's **always** recommended to commit the lockfile of your package manager for security and performance reasons. For more information consult the "Working with lockfiles" section of the [Advanced usage](docs/advanced-usage.md#working-with-lockfiles) guide. + ## Caching global packages data The action has a built-in functionality for caching and restoring dependencies. It uses [actions/cache](https://github.com/actions/cache) under the hood for caching global packages data but requires less configuration settings. Supported package managers are `npm`, `yarn`, `pnpm` (v6.10+). The `cache` input is optional, and caching is turned off by default. @@ -60,7 +64,7 @@ steps: with: node-version: 14 cache: 'npm' -- run: npm install +- run: npm ci - run: npm test ``` @@ -74,7 +78,7 @@ steps: node-version: 14 cache: 'npm' cache-dependency-path: subdir/package-lock.json -- run: npm install +- run: npm ci - run: npm test ``` @@ -94,7 +98,7 @@ jobs: uses: actions/setup-node@v3 with: node-version: ${{ matrix.node }} - - run: npm install + - run: npm ci - run: npm test ``` diff --git a/docs/advanced-usage.md b/docs/advanced-usage.md index 3fed348e..e49ea6e2 100644 --- a/docs/advanced-usage.md +++ b/docs/advanced-usage.md @@ -1,4 +1,38 @@ -# Advanced usage +## Working with lockfiles + +All supported package managers recommend that you **always** commit the lockfile, although implementations vary doing so generally provides the following benefits: + +- Enables faster installation for CI and production environments, due to being able to skip package resolution. +- Describes a single representation of a dependency tree such that teammates, deployments, and continuous integration are guaranteed to install exactly the same dependencies. +- Provides a facility for users to "time-travel" to previous states of `node_modules` without having to commit the directory itself. +- Facilitates greater visibility of tree changes through readable source control diffs. + +In order to get the most out of using your lockfile on continuous integration follow the conventions outlined below for your respective package manager. + +### NPM + +Ensure that `package-lock.json` is always committed, use `npm ci` instead of `npm install` when installing packages. + +**See also:** +- [Documentation of `package-lock.json`](https://docs.npmjs.com/cli/v8/configuring-npm/package-lock-json) +- [Documentation of `npm ci`](https://docs.npmjs.com/cli/v8/commands/npm-ci) + +### Yarn + +Ensure that `yarn.lock` is always committed, pass `--frozen-lockfile` to `yarn install` when installing packages. + +**See also:** +- [Documentation of `yarn.lock`](https://classic.yarnpkg.com/en/docs/yarn-lock) +- [Documentation of `--frozen-lockfile` option](https://classic.yarnpkg.com/en/docs/cli/install#toc-yarn-install-frozen-lockfile) +- [QA - Should lockfiles be committed to the repoistory?](https://yarnpkg.com/getting-started/qa/#should-lockfiles-be-committed-to-the-repository) + +### PNPM + +Ensure that `pnpm-lock.yaml` is always committed, when on CI pass `--frozen-lockfile` to `pnpm install` when installing packages. + +**See also:** +- [Working with Git - Lockfiles](https://pnpm.io/git#lockfiles) +- [Documentation of `--frozen-lockfile` option](https://pnpm.io/cli/install#--frozen-lockfile) ## Check latest version @@ -15,7 +49,7 @@ steps: with: node-version: '14' check-latest: true -- run: npm install +- run: npm ci - run: npm test ``` @@ -31,7 +65,7 @@ steps: - uses: actions/setup-node@v3 with: node-version-file: '.nvmrc' -- run: npm install +- run: npm ci - run: npm test ``` @@ -51,7 +85,7 @@ jobs: with: node-version: '14' architecture: 'x64' # optional, x64 or x86. If not specified, x64 will be used by default - - run: npm install + - run: npm ci - run: npm test ``` @@ -67,7 +101,7 @@ steps: with: node-version: '14' cache: 'yarn' -- run: yarn install +- run: yarn install --frozen-lockfile - run: yarn test ``` @@ -89,7 +123,7 @@ steps: with: node-version: '14' cache: 'pnpm' -- run: pnpm install +- run: pnpm install --frozen-lockfile - run: pnpm test ``` @@ -102,7 +136,7 @@ steps: node-version: '14' cache: 'npm' cache-dependency-path: '**/package-lock.json' -- run: npm install +- run: npm ci - run: npm test ``` @@ -117,7 +151,7 @@ steps: cache-dependency-path: | server/app/package-lock.json frontend/app/package-lock.json -- run: npm install +- run: npm ci - run: npm test ``` @@ -152,7 +186,7 @@ jobs: with: node-version: ${{ matrix.node_version }} architecture: ${{ matrix.architecture }} - - run: npm install + - run: npm ci - run: npm test ``` @@ -164,7 +198,7 @@ steps: with: node-version: '14.x' registry-url: 'https://registry.npmjs.org' -- run: npm install +- run: npm ci - run: npm publish env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} @@ -184,7 +218,7 @@ steps: with: node-version: '14.x' registry-url: -- run: yarn install +- run: yarn install --frozen-lockfile - run: yarn publish env: NODE_AUTH_TOKEN: ${{ secrets.YARN_TOKEN }} @@ -206,7 +240,7 @@ steps: registry-url: 'https://registry.npmjs.org' # Skip post-install scripts here, as a malicious # script could steal NODE_AUTH_TOKEN. -- run: npm install --ignore-scripts +- run: npm ci --ignore-scripts env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} # `npm rebuild` will run all those post-install scripts for us. From 17f8bd926464a1afa4c6a11669539e9c1ba77048 Mon Sep 17 00:00:00 2001 From: Milos Pantic <101411245+panticmilos@users.noreply.github.com> Date: Thu, 12 May 2022 17:26:02 +0200 Subject: [PATCH 5/5] Expand current syntax to support aliases for latest version (current/latest/node) (#483) --- .github/workflows/versions.yml | 31 +++++++++++++++++++++++++++++++ README.md | 3 +++ __tests__/installer.test.ts | 26 ++++++++++++++++++++++++++ dist/setup/index.js | 6 ++++++ src/installer.ts | 9 +++++++++ 5 files changed, 75 insertions(+) diff --git a/.github/workflows/versions.yml b/.github/workflows/versions.yml index d13fe402..3d8067bc 100644 --- a/.github/workflows/versions.yml +++ b/.github/workflows/versions.yml @@ -139,3 +139,34 @@ jobs: - name: Verify node run: __tests__/verify-arch.sh "ia32" shell: bash + + node-latest-aliases: + runs-on: ${{ matrix.os }} + strategy: + fail-fast: false + matrix: + os: [ubuntu-latest, windows-latest, macos-latest] + node-version: [current, latest, node] + steps: + - name: Get node version + run: | + latestNodeVersion=$(curl https://nodejs.org/dist/index.json | jq -r '. [0].version') + echo "::set-output name=LATEST_NODE_VERSION::$latestNodeVersion" + id: version + shell: bash + - uses: actions/checkout@v3 + - name: Setup Node + uses: ./ + with: + node-version: ${{ matrix.node-version }} + - name: Retrieve version after install + run: | + updatedVersion=$(echo $(node --version)) + echo "::set-output name=NODE_VERSION_UPDATED::$updatedVersion" + id: updatedVersion + shell: bash + - name: Compare versions + if: ${{ steps.version.outputs.LATEST_NODE_VERSION != steps.updatedVersion.outputs.NODE_VERSION_UPDATED}} + run: | + echo "Latest node version failed to download." + exit 1 diff --git a/README.md b/README.md index 8e8be6ef..20e2418d 100644 --- a/README.md +++ b/README.md @@ -40,6 +40,9 @@ The `node-version` input supports the following syntax: major versions: `12`, `14`, `16` more specific versions: `10.15`, `14.2.0`, `16.3.0` nvm lts syntax: `lts/erbium`, `lts/fermium`, `lts/*` +latest release: `latest`/`current`/`node` + +**Note:** Since the latest release will not be cached always, there is possibility of hitting rate limit when downloading from dist ### Checking in lockfiles diff --git a/__tests__/installer.test.ts b/__tests__/installer.test.ts index 19692cf2..bf2b7bf2 100644 --- a/__tests__/installer.test.ts +++ b/__tests__/installer.test.ts @@ -909,4 +909,30 @@ describe('setup-node', () => { ); }); }); + + describe('latest alias syntax', () => { + it.each(['latest', 'current', 'node'])( + 'download the %s version if alias is provided', + async inputVersion => { + // Arrange + inputs['node-version'] = inputVersion; + + os.platform = 'darwin'; + os.arch = 'x64'; + + findSpy.mockImplementation(() => ''); + getManifestSpy.mockImplementation(() => { + throw new Error('Unable to download manifest'); + }); + + // Act + await main.run(); + + // assert + expect(logSpy).toHaveBeenCalledWith('Unable to download manifest'); + + expect(logSpy).toHaveBeenCalledWith('getting latest node version...'); + } + ); + }); }); diff --git a/dist/setup/index.js b/dist/setup/index.js index d05c5006..ecf99914 100644 --- a/dist/setup/index.js +++ b/dist/setup/index.js @@ -62587,6 +62587,12 @@ function queryDistForMatch(versionSpec, arch = os.arch()) { } let versions = []; let nodeVersions = yield getVersionsFromDist(); + if (versionSpec === 'current' || + versionSpec === 'latest' || + versionSpec === 'node') { + core.info(`getting latest node version...`); + return nodeVersions[0].version; + } nodeVersions.forEach((nodeVersion) => { // ensure this version supports your os and platform if (nodeVersion.files.indexOf(dataFileName) >= 0) { diff --git a/src/installer.ts b/src/installer.ts index a9baae0a..5b87d29a 100644 --- a/src/installer.ts +++ b/src/installer.ts @@ -373,6 +373,15 @@ async function queryDistForMatch( let versions: string[] = []; let nodeVersions = await getVersionsFromDist(); + if ( + versionSpec === 'current' || + versionSpec === 'latest' || + versionSpec === 'node' + ) { + core.info(`getting latest node version...`); + return nodeVersions[0].version; + } + nodeVersions.forEach((nodeVersion: INodeVersion) => { // ensure this version supports your os and platform if (nodeVersion.files.indexOf(dataFileName) >= 0) {