diff --git a/Makefile b/Makefile index 08aa85c3..7826ba1c 100644 --- a/Makefile +++ b/Makefile @@ -15,6 +15,26 @@ lint-fix: ## Execute linting and fix -e FIX_MARKDOWN_PRETTIER=true \ -e FIX_NATURAL_LANGUAGE=true) +npm-audit-fix: ## Execute npm audit fix + @set -uo pipefail; \ + overall_status=0; \ + packages="$$(find actions -type f -name package.json -not -path '*/node_modules/*' -print | sort)"; \ + echo "Running npm audit fix for package.json files under actions/ ..."; \ + for pkg in $$packages; do \ + pkg_dir="$$(dirname "$$pkg")"; \ + echo "---"; \ + npm install --prefix "$$pkg_dir"; \ + echo "npm audit fix in $$pkg_dir"; \ + if ! npm --prefix "$$pkg_dir" audit fix; then \ + overall_status=1; \ + fi; \ + done; \ + exit $$overall_status + +ci: ## Execute CI tasks + $(MAKE) npm-audit-fix + $(MAKE) lint + test-build-application: ## Build the test application image @docker buildx build \ --push --platform linux/amd64,linux/arm64 \ diff --git a/README.md b/README.md index 8fe25b3c..95fee4e4 100644 --- a/README.md +++ b/README.md @@ -113,8 +113,12 @@ actions/{category}/{action-name}/ #### Linting & Testing ```bash +make ci # Run all CI checks + +# Linting helpers make lint # Run the dockerized Super Linter make lint-fix # Attempt auto-fixes for lint findings +make npm-audit-fix # Fix npm audit issues in action packages # Container & Helm validation helpers make test-build-application # Build and push the sample test application image diff --git a/actions/helm/generate-docs/action.yml b/actions/helm/generate-docs/action.yml index c76425a4..66962879 100644 --- a/actions/helm/generate-docs/action.yml +++ b/actions/helm/generate-docs/action.yml @@ -138,7 +138,7 @@ runs: - if: ${{ steps.prepare-variables.outputs.values-file }} uses: losisin/helm-values-schema-json-action@f3517c55537e26953c8a11be7549ea908990130d # v2.3.2 with: - input: ${{ steps.prepare-variables.outputs.values-file }} + values: ${{ steps.prepare-variables.outputs.values-file }} working-directory: ${{ steps.prepare-variables.outputs.working-directory }} - name: Setup Node.js diff --git a/actions/helm/generate-docs/package-lock.json b/actions/helm/generate-docs/package-lock.json index 19340aa1..015546bb 100644 --- a/actions/helm/generate-docs/package-lock.json +++ b/actions/helm/generate-docs/package-lock.json @@ -4,6 +4,7 @@ "requires": true, "packages": { "": { + "name": "generate-docs", "dependencies": { "@textlint/textlint-plugin-markdown": "^15.5.0", "markdownlint-cli2": "^0.20.0", @@ -1092,6 +1093,7 @@ "resolved": "https://registry.npmjs.org/express/-/express-5.2.1.tgz", "integrity": "sha512-hIS4idWWai69NezIdRt2xFVofaF4j+6INOpJlVOLDO8zXGpUVEVzIYk12UUi2JzjEzWL3IOAxcTubgz9Po0yXw==", "license": "MIT", + "peer": true, "dependencies": { "accepts": "^2.0.0", "body-parser": "^2.2.1", @@ -1818,6 +1820,7 @@ "resolved": "https://registry.npmjs.org/keyv/-/keyv-5.5.4.tgz", "integrity": "sha512-eohl3hKTiVyD1ilYdw9T0OiB4hnjef89e3dMYKz+mVKDzj+5IteTseASUsOB+EU9Tf6VNTCjDePcP6wkDGmLKQ==", "license": "MIT", + "peer": true, "dependencies": { "@keyv/serialize": "^1.1.1" } @@ -1930,6 +1933,7 @@ "resolved": "https://registry.npmjs.org/markdownlint-cli2/-/markdownlint-cli2-0.20.0.tgz", "integrity": "sha512-esPk+8Qvx/f0bzI7YelUeZp+jCtFOk3KjZ7s9iBQZ6HlymSXoTtWGiIRZP05/9Oy2ehIoIjenVwndxGtxOIJYQ==", "license": "MIT", + "peer": true, "dependencies": { "globby": "15.0.0", "js-yaml": "4.1.1", @@ -4327,6 +4331,7 @@ "resolved": "https://registry.npmjs.org/zod/-/zod-3.25.76.tgz", "integrity": "sha512-gzUt/qt81nXsFGKIFcC3YnfEAx5NkunCfnDlvuBSSFS02bcXu4Lmea0AFIUwbLWxWPx3d9p8S5QoaujKcNQxcQ==", "license": "MIT", + "peer": true, "funding": { "url": "https://github.com/sponsors/colinhacks" } diff --git a/actions/helm/generate-docs/package.json b/actions/helm/generate-docs/package.json index 9e3ced7a..2d792a8f 100644 --- a/actions/helm/generate-docs/package.json +++ b/actions/helm/generate-docs/package.json @@ -1,4 +1,5 @@ { + "name": "generate-docs", "dependencies": { "@textlint/textlint-plugin-markdown": "^15.5.0", "markdownlint-cli2": "^0.20.0", diff --git a/actions/helm/release-chart/action.yml b/actions/helm/release-chart/action.yml index 895e29da..9e1ed283 100644 --- a/actions/helm/release-chart/action.yml +++ b/actions/helm/release-chart/action.yml @@ -187,13 +187,15 @@ runs: cmd: | ${{ steps.chart-values-updates.outputs.yq-command }} - - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 - - - shell: bash - run: npm install yaml + - name: Setup Node.js + uses: hoverkraft-tech/ci-github-nodejs/actions/setup-node@c9d9d041ba4ef35695ee469c4782fa6a8bbebbcc # 0.21.2 + with: + working-directory: ${{ github.action_path }} - name: Rewrite the Chart.lock to match with updated ombrella dependencies if any uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + env: + NODE_PATH: ${{ github.action_path }}/node_modules with: script: | const fs = require('node:fs'); diff --git a/actions/helm/release-chart/package-lock.json b/actions/helm/release-chart/package-lock.json new file mode 100644 index 00000000..e9a7ee06 --- /dev/null +++ b/actions/helm/release-chart/package-lock.json @@ -0,0 +1,28 @@ +{ + "name": "release-chart", + "lockfileVersion": 3, + "requires": true, + "packages": { + "": { + "name": "release-chart", + "dependencies": { + "yaml": "^2.8.2" + } + }, + "node_modules/yaml": { + "version": "2.8.2", + "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.8.2.tgz", + "integrity": "sha512-mplynKqc1C2hTVYxd0PU2xQAc22TI1vShAYGksCCfxbn/dFwnHTNi1bvYsBTkhdUNtGIf5xNOg938rrSSYvS9A==", + "license": "ISC", + "bin": { + "yaml": "bin.mjs" + }, + "engines": { + "node": ">= 14.6" + }, + "funding": { + "url": "https://github.com/sponsors/eemeli" + } + } + } +} diff --git a/actions/helm/release-chart/package.json b/actions/helm/release-chart/package.json new file mode 100644 index 00000000..c17e63cd --- /dev/null +++ b/actions/helm/release-chart/package.json @@ -0,0 +1,6 @@ +{ + "name": "release-chart", + "dependencies": { + "yaml": "^2.8.2" + } +}