From ccc0e80262b151b86be97af3bcaa955c584d841f Mon Sep 17 00:00:00 2001 From: RB <7775707+nitrocode@users.noreply.github.com> Date: Sun, 10 Nov 2024 03:48:11 -0600 Subject: [PATCH 01/14] ci: add homebrew action and docs (#735) * ci: add homebrew step * docs: add brew install * fix: address feedback --- .github/workflows/release.yml | 13 +++++++++++++ README.md | 15 ++++++++++++++- 2 files changed, 27 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index bb4f2a9..796ac3a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -55,3 +55,16 @@ jobs: if: ${{ steps.release.outputs.release_created }} env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + + homebrew: + name: "Bump Homebrew formula" + runs-on: ubuntu-latest + needs: release + steps: + - uses: mislav/bump-homebrew-formula-action@b3327118b2153c82da63fd9cbf58942146ee99f0 # v3 + with: + # A PR will be sent to github.com/Homebrew/homebrew-core to update this formula + formula-name: action-docs + formula-path: Formula/a/action-docs.rb + env: + COMMITTER_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/README.md b/README.md index b7b3fc8..00f0b6f 100644 --- a/README.md +++ b/README.md @@ -30,10 +30,23 @@ Optionally you can also add the following section to generate a usage guide, rep ``` -### Generate docs via CLI +### Install + +#### npm ```bash npm install -g action-docs +``` + +#### brew + +```bash +brew install action-docs +``` + +### Generate docs via CLI + +```bash cd # write docs to console From 3c24d99cb947b1f0439807079acdf6b9f7adec6c Mon Sep 17 00:00:00 2001 From: Niek Palm Date: Sun, 10 Nov 2024 11:09:23 +0100 Subject: [PATCH 02/14] ci: support homebrew - used forked action - set npmjs url and sha256 - provide PAT token --- .github/workflows/release.yml | 25 ++++++++++++++++++++++--- 1 file changed, 22 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 796ac3a..0d94655 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -51,20 +51,39 @@ jobs: release-type: node - name: Publish to NPM - run: yarn publish + id: npm_publish if: ${{ steps.release.outputs.release_created }} + run: | + yarn pack + # get sha256 and set output + echo "sha256=$(shasum -a 256 action-docs-*.tgz | cut -d ' ' -f 1)" >> $GITHUB_ENV yarn publish + yarn publish env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + outputs: + release_created: ${{ steps.release.outputs.release_created }} + relase_version: ${{ steps.release.outputs.major }}.${{ steps.release.outputs.minor }}.${{ steps.release.outputs.patch }} + release_tag: ${{ steps.release.outputs.tag_name }} + release_sha256: ${{ steps.npm_publish.outputs.sha256 }} + homebrew: + if: ${{ needs.release.outputs.release_created }} name: "Bump Homebrew formula" runs-on: ubuntu-latest needs: release steps: - - uses: mislav/bump-homebrew-formula-action@b3327118b2153c82da63fd9cbf58942146ee99f0 # v3 + - uses: npalm/bump-homebrew-formula-action@c03eb3e9122887190a202b7dc42edba8031ed0f9 with: # A PR will be sent to github.com/Homebrew/homebrew-core to update this formula formula-name: action-docs formula-path: Formula/a/action-docs.rb + tag-name: ${{ needs.release.outputs.release_tag }} + download-url: https://registry.npmjs.org/action-docs/-/action-docs-${{ needs.release.outputs.release_version }}.tgz + download-sha256: ${{ needs.release.outputs.release_sha256 }} + commit-message: | + Bump action-docs to v${{ needs.release.outputs.release_version }} + + see: https://github.com/npalm/action-docs/releases/tag/${{ needs.release.outputs.release_tag }} env: - COMMITTER_TOKEN: ${{ secrets.GITHUB_TOKEN }} + COMMITTER_TOKEN: ${{ secrets.HOMEBREW_GITHUB_TOKEN }} From d165f45ba99c258c350ba1a9a38fee890822b85a Mon Sep 17 00:00:00 2001 From: Niek Palm Date: Sun, 10 Nov 2024 15:38:54 +0100 Subject: [PATCH 03/14] add step security --- .github/workflows/release.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 0d94655..08d834a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -73,6 +73,9 @@ jobs: runs-on: ubuntu-latest needs: release steps: + - uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + with: + egress-policy: audit - uses: npalm/bump-homebrew-formula-action@c03eb3e9122887190a202b7dc42edba8031ed0f9 with: # A PR will be sent to github.com/Homebrew/homebrew-core to update this formula From 143a9ef8bf65e3aada036ae325a4530d217c81ba Mon Sep 17 00:00:00 2001 From: Niek Palm Date: Sun, 10 Nov 2024 15:43:46 +0100 Subject: [PATCH 04/14] add step security --- .github/workflows/release.yml | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 08d834a..0e05484 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -14,6 +14,12 @@ jobs: release: runs-on: ubuntu-latest + outputs: + release_created: ${{ steps.release.outputs.release_created }} + relase_version: ${{ steps.release.outputs.major }}.${{ steps.release.outputs.minor }}.${{ steps.release.outputs.patch }} + release_tag: ${{ steps.release.outputs.tag_name }} + release_sha256: ${{ steps.npm_publish.outputs.sha256 }} + steps: - uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 with: @@ -55,18 +61,11 @@ jobs: if: ${{ steps.release.outputs.release_created }} run: | yarn pack - # get sha256 and set output - echo "sha256=$(shasum -a 256 action-docs-*.tgz | cut -d ' ' -f 1)" >> $GITHUB_ENV yarn publish + echo "sha256=$(shasum -a 256 action-docs-*.tgz | cut -d ' ' -f 1)" >> $GITHUB_ENV yarn publish env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} - outputs: - release_created: ${{ steps.release.outputs.release_created }} - relase_version: ${{ steps.release.outputs.major }}.${{ steps.release.outputs.minor }}.${{ steps.release.outputs.patch }} - release_tag: ${{ steps.release.outputs.tag_name }} - release_sha256: ${{ steps.npm_publish.outputs.sha256 }} - homebrew: if: ${{ needs.release.outputs.release_created }} name: "Bump Homebrew formula" From 90dce40fa18c308a8e125cc8d264a2266d11f702 Mon Sep 17 00:00:00 2001 From: Niek Palm Date: Sun, 10 Nov 2024 15:48:40 +0100 Subject: [PATCH 05/14] add step security --- .github/workflows/release.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 0e05484..3683473 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -16,7 +16,7 @@ jobs: outputs: release_created: ${{ steps.release.outputs.release_created }} - relase_version: ${{ steps.release.outputs.major }}.${{ steps.release.outputs.minor }}.${{ steps.release.outputs.patch }} + release_version: ${{ steps.release.outputs.major }}.${{ steps.release.outputs.minor }}.${{ steps.release.outputs.patch }} release_tag: ${{ steps.release.outputs.tag_name }} release_sha256: ${{ steps.npm_publish.outputs.sha256 }} @@ -85,7 +85,6 @@ jobs: download-sha256: ${{ needs.release.outputs.release_sha256 }} commit-message: | Bump action-docs to v${{ needs.release.outputs.release_version }} - - see: https://github.com/npalm/action-docs/releases/tag/${{ needs.release.outputs.release_tag }} + For more information see: https://github.com/npalm/action-docs/releases/tag/${{ needs.release.outputs.release_tag }} env: COMMITTER_TOKEN: ${{ secrets.HOMEBREW_GITHUB_TOKEN }} From 8e663952b64c2114d9a426956361dd05dba31fba Mon Sep 17 00:00:00 2001 From: Niek Palm Date: Sun, 10 Nov 2024 15:52:26 +0100 Subject: [PATCH 06/14] add step security --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 3683473..13632f9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -61,7 +61,7 @@ jobs: if: ${{ steps.release.outputs.release_created }} run: | yarn pack - echo "sha256=$(shasum -a 256 action-docs-*.tgz | cut -d ' ' -f 1)" >> $GITHUB_ENV + echo "sha256=$(shasum -a 256 "action-docs-*.tgz" | cut -d ' ' -f 1)" >> $GITHUB_ENV yarn publish env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} From 990cbece53e734fee8b046d42febad0125847148 Mon Sep 17 00:00:00 2001 From: Niek Palm Date: Sun, 10 Nov 2024 15:54:38 +0100 Subject: [PATCH 07/14] add step security --- .mega-linter.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.mega-linter.yml b/.mega-linter.yml index e784210..e79777d 100644 --- a/.mega-linter.yml +++ b/.mega-linter.yml @@ -39,3 +39,8 @@ SPELL_LYCHEE_FILTER_REGEX_EXCLUDE: (CHANGELOG.md) MARKDOWN_MARKDOWN_LINK_CHECK_FILTER_REGEX_EXCLUDE: (CHANGELOG.md) EDITORCONFIG_EDITORCONFIG_CHECKER_FILTER_REGEX_EXCLUDE: (__tests__/fixtures/*.crlf) + + +SPELL_MD_CUSTOM_DICTIONARY: + - "https://registry.npmjs.org/action-docs/-/action-docs-$" + - "https://github.com/npalm/action-docs/releases/tag/$" From 4befb0e17c261157528aaa53f907483a6c2d6975 Mon Sep 17 00:00:00 2001 From: Niek Palm Date: Sun, 10 Nov 2024 16:04:57 +0100 Subject: [PATCH 08/14] add step security --- .mega-linter.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.mega-linter.yml b/.mega-linter.yml index e79777d..866b2d4 100644 --- a/.mega-linter.yml +++ b/.mega-linter.yml @@ -40,7 +40,6 @@ MARKDOWN_MARKDOWN_LINK_CHECK_FILTER_REGEX_EXCLUDE: (CHANGELOG.md) EDITORCONFIG_EDITORCONFIG_CHECKER_FILTER_REGEX_EXCLUDE: (__tests__/fixtures/*.crlf) - -SPELL_MD_CUSTOM_DICTIONARY: - - "https://registry.npmjs.org/action-docs/-/action-docs-$" - - "https://github.com/npalm/action-docs/releases/tag/$" +SPELL_CSPELL_FILTER_REGEX_EXCLUDE: + - (CHANGELOG.md) + - (.github/workflows/release.yml) From 3b4b11757dd6b2fc4a2fe347377d32a6d2f7ccb6 Mon Sep 17 00:00:00 2001 From: Niek Palm Date: Sun, 10 Nov 2024 16:09:19 +0100 Subject: [PATCH 09/14] add step security --- .mega-linter.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.mega-linter.yml b/.mega-linter.yml index 866b2d4..16e217c 100644 --- a/.mega-linter.yml +++ b/.mega-linter.yml @@ -42,4 +42,4 @@ EDITORCONFIG_EDITORCONFIG_CHECKER_FILTER_REGEX_EXCLUDE: (__tests__/fixtures/*.cr SPELL_CSPELL_FILTER_REGEX_EXCLUDE: - (CHANGELOG.md) - - (.github/workflows/release.yml) + - (\.github/workflows/release\.yml) From cc18484ade7a6e5dc57d4daf95c7241c247bcbad Mon Sep 17 00:00:00 2001 From: Niek Palm Date: Sun, 10 Nov 2024 16:12:34 +0100 Subject: [PATCH 10/14] add step security --- .mega-linter.yml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/.mega-linter.yml b/.mega-linter.yml index 16e217c..0af3808 100644 --- a/.mega-linter.yml +++ b/.mega-linter.yml @@ -34,12 +34,10 @@ DISABLE_LINTERS: JSON_JSONLINT_FILTER_REGEX_EXCLUDE: (tsconfig.json) -SPELL_LYCHEE_FILTER_REGEX_EXCLUDE: (CHANGELOG.md) +SPELL_LYCHEE_FILTER_REGEX_EXCLUDE: + - CHANGELOG.md + - release.yml MARKDOWN_MARKDOWN_LINK_CHECK_FILTER_REGEX_EXCLUDE: (CHANGELOG.md) EDITORCONFIG_EDITORCONFIG_CHECKER_FILTER_REGEX_EXCLUDE: (__tests__/fixtures/*.crlf) - -SPELL_CSPELL_FILTER_REGEX_EXCLUDE: - - (CHANGELOG.md) - - (\.github/workflows/release\.yml) From 2c2a054f11b12a5786dfed5ba63d402d527f79de Mon Sep 17 00:00:00 2001 From: Niek Palm Date: Sun, 10 Nov 2024 16:14:21 +0100 Subject: [PATCH 11/14] add step security --- .mega-linter.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.mega-linter.yml b/.mega-linter.yml index 0af3808..e784210 100644 --- a/.mega-linter.yml +++ b/.mega-linter.yml @@ -34,9 +34,7 @@ DISABLE_LINTERS: JSON_JSONLINT_FILTER_REGEX_EXCLUDE: (tsconfig.json) -SPELL_LYCHEE_FILTER_REGEX_EXCLUDE: - - CHANGELOG.md - - release.yml +SPELL_LYCHEE_FILTER_REGEX_EXCLUDE: (CHANGELOG.md) MARKDOWN_MARKDOWN_LINK_CHECK_FILTER_REGEX_EXCLUDE: (CHANGELOG.md) From 98dd4cd37c8c5600d22e7f70e135b61380856e78 Mon Sep 17 00:00:00 2001 From: Niek Palm Date: Sun, 10 Nov 2024 16:23:42 +0100 Subject: [PATCH 12/14] add step security --- .github/workflows/release.yml | 2 +- .mega-linter.yml | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 13632f9..6166cc5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -61,7 +61,7 @@ jobs: if: ${{ steps.release.outputs.release_created }} run: | yarn pack - echo "sha256=$(shasum -a 256 "action-docs-*.tgz" | cut -d ' ' -f 1)" >> $GITHUB_ENV + echo "sha256=$(shasum -a 256 \"action-docs-*.tgz\" | cut -d ' ' -f 1)" >> $GITHUB_ENV yarn publish env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/.mega-linter.yml b/.mega-linter.yml index e784210..1ca41f4 100644 --- a/.mega-linter.yml +++ b/.mega-linter.yml @@ -32,6 +32,11 @@ DISABLE_LINTERS: - COPYPASTE_JSCPD - JAVASCRIPT_ES +DISABLE_ERRORS_LINTERS: + - SPELL_LYCHEE + - SPELL_PROSELINT + - SPELL_CSPELL + JSON_JSONLINT_FILTER_REGEX_EXCLUDE: (tsconfig.json) SPELL_LYCHEE_FILTER_REGEX_EXCLUDE: (CHANGELOG.md) From 4f39ec7e461b1f1f9b9cb77d5f15a7c982df6caf Mon Sep 17 00:00:00 2001 From: Niek Palm Date: Sun, 10 Nov 2024 16:34:00 +0100 Subject: [PATCH 13/14] add step security --- .github/workflows/release.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 6166cc5..ce28136 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -61,7 +61,8 @@ jobs: if: ${{ steps.release.outputs.release_created }} run: | yarn pack - echo "sha256=$(shasum -a 256 \"action-docs-*.tgz\" | cut -d ' ' -f 1)" >> $GITHUB_ENV + # shellcheck disable=SC2086 + echo "sha256=$(shasum -a 256 action-docs-*.tgz | cut -d ' ' -f 1)" >> $GITHUB_ENV yarn publish env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} From e4e2fb9018d2462cc8954830531bc706c6159c15 Mon Sep 17 00:00:00 2001 From: Niek Palm Date: Sun, 10 Nov 2024 16:42:15 +0100 Subject: [PATCH 14/14] megalinter --- .github/workflows/mega-linter.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml index d73f7d4..fa92e75 100644 --- a/.github/workflows/mega-linter.yml +++ b/.github/workflows/mega-linter.yml @@ -28,6 +28,7 @@ jobs: contents: write issues: write pull-requests: write + actions: write steps: - uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 @@ -154,4 +155,3 @@ jobs: }} commit_message: "[MegaLinter] Apply linters fixes" commit_user_name: megalinter-bot - commit_user_email: nicolas.vuillamy@ox.security