From d59452dd6ec7655547ce8a228fb249252c35523c Mon Sep 17 00:00:00 2001 From: Richard Helm Date: Thu, 11 Dec 2025 13:45:31 +0000 Subject: [PATCH 1/2] Add actionlint --- .github/workflows/_build.yml | 2 +- .github/workflows/_check-metadata.yml | 8 ++++---- .github/workflows/_deploy-deno.yml | 2 +- .github/workflows/_lint.yml | 7 ++++++- .github/workflows/_publish.yml | 10 +++++----- .github/workflows/_unit-test.yml | 5 +++-- .github/workflows/codeql-analysis.yml | 8 ++++---- .github/workflows/pre-release.yml | 5 +++-- .github/workflows/release-please.yml | 6 +++--- .github/workflows/stale.yml | 2 +- 10 files changed, 31 insertions(+), 24 deletions(-) diff --git a/.github/workflows/_build.yml b/.github/workflows/_build.yml index ffac047c84..1fdfa276d5 100644 --- a/.github/workflows/_build.yml +++ b/.github/workflows/_build.yml @@ -6,7 +6,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: ref: ${{ github.event.pull_request.head.sha }} diff --git a/.github/workflows/_check-metadata.yml b/.github/workflows/_check-metadata.yml index 6e1d9c45ff..fc891c563c 100644 --- a/.github/workflows/_check-metadata.yml +++ b/.github/workflows/_check-metadata.yml @@ -13,7 +13,7 @@ jobs: pull-requests: write contents: write steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: token: ${{ secrets.VNG_VVD_PAT }} # Use PAT to allow the action commit to trigger CI workflow again ref: ${{ github.head_ref }} @@ -42,9 +42,9 @@ jobs: - name: Check Components Metadata id: diff run: | - echo 'DIFF_CONTENT<> $GITHUB_OUTPUT - git --no-pager diff --exit-code ./libs/components/metadata.json >> $GITHUB_OUTPUT || true - echo 'EOF' >> $GITHUB_OUTPUT + echo 'DIFF_CONTENT<> "$GITHUB_OUTPUT" + git --no-pager diff --exit-code ./libs/components/metadata.json >> "$GITHUB_OUTPUT" || true + echo 'EOF' >> "$GITHUB_OUTPUT" git --no-pager diff --exit-code ./libs/components/metadata.json continue-on-error: true diff --git a/.github/workflows/_deploy-deno.yml b/.github/workflows/_deploy-deno.yml index 83b3820dd4..f38db1a108 100644 --- a/.github/workflows/_deploy-deno.yml +++ b/.github/workflows/_deploy-deno.yml @@ -11,7 +11,7 @@ jobs: contents: read # Needed to clone the repository steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: ref: ${{ github.event.pull_request.head.sha }} diff --git a/.github/workflows/_lint.yml b/.github/workflows/_lint.yml index 21d646bb08..617ebe1d15 100644 --- a/.github/workflows/_lint.yml +++ b/.github/workflows/_lint.yml @@ -6,10 +6,15 @@ jobs: lint: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: ref: ${{ github.event.pull_request.head.sha }} + - name: Lint workflow files + uses: docker://rhysd/actionlint:1.7.9 + with: + args: -color + - name: Cache turbo build setup uses: actions/cache@v4 with: diff --git a/.github/workflows/_publish.yml b/.github/workflows/_publish.yml index 48fc71ec29..83041e5459 100644 --- a/.github/workflows/_publish.yml +++ b/.github/workflows/_publish.yml @@ -30,7 +30,7 @@ jobs: npm-publish: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: ref: ${{ inputs.sha }} @@ -75,14 +75,14 @@ jobs: - name: Publish to npm registry if: steps.check.outputs.published == 'false' - run: pnpm publish --no-git-checks --tag ${{ inputs.tag }} ${{ inputs.path }} --//registry.npmjs.org/:_authToken=$AUTH_TOKEN + run: pnpm publish --no-git-checks --tag ${{ inputs.tag }} ${{ inputs.path }} "--//registry.npmjs.org/:_authToken=$AUTH_TOKEN" env: AUTH_TOKEN: ${{ secrets.NPM_VVD_VNG_AUTOMATION_TOKEN }} github-publish: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: ref: ${{ inputs.sha }} @@ -120,7 +120,7 @@ jobs: run: | NAME=$(npm view ${{ inputs.path }} name) VERSION=$(npm view ${{ inputs.path }} version) - if npm view "$NAME@$VERSION" --registry=https://npm.pkg.github.com --//npm.pkg.github.com/:_authToken=$AUTH_TOKEN; then + if npm view "$NAME@$VERSION" --registry=https://npm.pkg.github.com "--//npm.pkg.github.com/:_authToken=$AUTH_TOKEN"; then echo "published=true" >> "$GITHUB_OUTPUT" else echo "published=false" >> "$GITHUB_OUTPUT" @@ -130,6 +130,6 @@ jobs: - name: Publish to GitHub registry if: steps.check.outputs.published == 'false' - run: pnpm publish --no-git-checks --tag ${{ inputs.tag }} ${{ inputs.path }} --registry=https://npm.pkg.github.com --//npm.pkg.github.com/:_authToken=$AUTH_TOKEN + run: pnpm publish --no-git-checks --tag ${{ inputs.tag }} ${{ inputs.path }} --registry=https://npm.pkg.github.com "--//npm.pkg.github.com/:_authToken=$AUTH_TOKEN" env: AUTH_TOKEN: ${{ secrets.VNG_VVD_PAT }} diff --git a/.github/workflows/_unit-test.yml b/.github/workflows/_unit-test.yml index c5424ca142..69684bf8ea 100644 --- a/.github/workflows/_unit-test.yml +++ b/.github/workflows/_unit-test.yml @@ -8,7 +8,7 @@ jobs: name: 'Unit Tests' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: ref: ${{ github.event.pull_request.head.sha }} @@ -31,10 +31,11 @@ jobs: run: pnpm install - name: Test + id: test run: pnpm run test - name: Upload coverage to Codecov - uses: codecov/codecov-action@v2 + uses: codecov/codecov-action@v4 with: token: ${{ secrets.CODECOV_TOKEN }} directory: ./coverage/ diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 8ad24cd721..344c1e078c 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -44,13 +44,13 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: ref: ${{ github.event.pull_request.head.sha }} # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -61,7 +61,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v2 + uses: github/codeql-action/autobuild@v3 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -75,4 +75,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/pre-release.yml b/.github/workflows/pre-release.yml index a38fb2b91b..e06589a2bd 100644 --- a/.github/workflows/pre-release.yml +++ b/.github/workflows/pre-release.yml @@ -26,7 +26,7 @@ jobs: outputs: version: ${{ steps.get-vivid-version.outputs.version }} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: ref: ${{ github.event.pull_request.head.sha }} @@ -37,11 +37,12 @@ jobs: node-version: '20' - name: get-vivid-version + id: get-vivid-version working-directory: ./libs/components run: | npm version ${{ github.event.inputs.change_type }} --no-git-tag-version VERSION=$(node -p "require('./package.json').version")-preview.${{ github.event.inputs.preview_version }} - echo "::set-output name=version::${VERSION}" + echo "version=${VERSION}" >> "$GITHUB_OUTPUT" vivid-publish: needs: get-version diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index 781bf4da0d..850ea20caf 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -44,7 +44,7 @@ jobs: # Whenever the components are released, also create a tag for the vivid-vue library - name: Create Vivid Vue Tag if: ${{ steps.release.outputs['libs/components--release_created'] }} - uses: actions/github-script@v6 + uses: actions/github-script@v7 env: VIVID_VERSION: ${{ steps.release.outputs['libs/components--version'] }} VIVID_SHA: ${{ steps.release.outputs['libs/components--sha'] }} @@ -78,8 +78,8 @@ jobs: steps: - id: should-release run: | - echo "::set-output name=should_release::${{ needs.release-please.outputs.vivid_release_created == 'true' || needs.release-please.outputs.eslint_plugin_release_created == 'true' || github.event.inputs.force-release == 'true' }}" - echo "::set-output name=release_sha::${{ needs.release-please.outputs.vivid_release_sha || needs.release-please.outputs.eslint_plugin_release_sha || github.event.pull_request.head.sha }}" + echo "should_release=${{ needs.release-please.outputs.vivid_release_created == 'true' || needs.release-please.outputs.eslint_plugin_release_created == 'true' || github.event.inputs.force-release == 'true' }}" >> "$GITHUB_OUTPUT" + echo "release_sha=${{ needs.release-please.outputs.vivid_release_sha || needs.release-please.outputs.eslint_plugin_release_sha || github.event.pull_request.head.sha }}" >> "$GITHUB_OUTPUT" vivid-publish: needs: should-release diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 55bc433de4..e5abb12ccc 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -10,7 +10,7 @@ jobs: issues: write pull-requests: write steps: - - uses: actions/stale@v4 + - uses: actions/stale@v9 with: days-before-issue-stale: 30 days-before-issue-close: 14 From bce77ee238b3960c10e952622964b0809154fbb8 Mon Sep 17 00:00:00 2001 From: Copilot <198982749+Copilot@users.noreply.github.com> Date: Mon, 15 Dec 2025 17:48:26 +0000 Subject: [PATCH 2/2] Fix linter warnings in new workflow --- .github/workflows/_publish-flutter.yml | 8 +++++--- .github/workflows/release-please.yml | 2 +- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/.github/workflows/_publish-flutter.yml b/.github/workflows/_publish-flutter.yml index e932823a43..9f0df15126 100644 --- a/.github/workflows/_publish-flutter.yml +++ b/.github/workflows/_publish-flutter.yml @@ -25,13 +25,15 @@ on: required: true VNG_VVD_PAT: required: true + RELEASE_PLEASE_PAT: + required: true jobs: publish-flutter: runs-on: ubuntu-latest steps: - name: Checkout repo - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: ref: ${{ github.event.inputs.sha }} @@ -68,9 +70,9 @@ jobs: - name: Commit and push changes run: | - git clone https://github.x-access-token:${GITHUB_TOKEN}@github.com/Vonage/vivid-flutter-design-tokens.git deploy + git clone "https://github.x-access-token:${GITHUB_TOKEN}@github.com/Vonage/vivid-flutter-design-tokens.git" deploy cd deploy - rm -rf * + rm -rf -- * cp -R ../${{ github.event.inputs.path }}* . git add . git commit -m "Release v${{ github.event.inputs.version }}" diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index 850ea20caf..afbf700615 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -100,7 +100,7 @@ jobs: secrets: inherit vivid-design-tokens-flutter-publish: - needs: should-release + needs: [should-release, release-please] if: ${{ needs.should-release.outputs.should_release == 'true' }} uses: ./.github/workflows/_publish-flutter.yml with: