update installer for v1 (#176)

The action remains v0 for now. We need the pantry to understand pre-releases or to wait for v1 proper.

only compile dist for releases (#186)

this so dependabot pull requests will work.
they don’t currently because we require the user to run dist, but that’s unreasonable and bots won’t do it so…

I like this less in that now we have a dist folder committed to main *however* it is not always current :/

Bump actions/checkout from 3 to 4

Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

Bump aws-actions/configure-aws-credentials from 1 to 4

Bumps [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) from 1 to 4.
- [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases)
- [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md)
- [Commits](aws-actions/configure-aws-credentials@v1...v4)

---
updated-dependencies:
- dependency-name: aws-actions/configure-aws-credentials
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

Bump @vercel/ncc from 0.36.1 to 0.38.0

Bumps [@vercel/ncc](https://github.com/vercel/ncc) from 0.36.1 to 0.38.0.
- [Release notes](https://github.com/vercel/ncc/releases)
- [Commits](vercel/ncc@0.36.1...0.38.0)

---
updated-dependencies:
- dependency-name: "@vercel/ncc"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Bump @teaxyz/lib from 0.6.2 to 0.13.0

Bumps [@teaxyz/lib](https://github.com/teaxyz/lib) from 0.6.2 to 0.13.0.
- [Release notes](https://github.com/teaxyz/lib/releases)
- [Commits](pkgxdev/libpkgx@v0.6.2...v0.13)

---
updated-dependencies:
- dependency-name: "@teaxyz/lib"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Bump @actions/core from 1.10.0 to 1.10.1

Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.10.0 to 1.10.1.
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

---
updated-dependencies:
- dependency-name: "@actions/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Bump @types/node from 20.2.5 to 20.6.1

Dependabot couldn't find the original pull request head commit, c2d61a9.

Bump typescript from 5.1.3 to 5.2.2 (#183)

Bumps [typescript](https://github.com/Microsoft/TypeScript) from 5.1.3 to 5.2.2.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](microsoft/TypeScript@v5.1.3...v5.2.2)

---
updated-dependencies:
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Max Howell <[email protected]>

Author: mxcl

.github/CI_FAILURE_ISSUE_TEMPLATE.md

@@ -0,0 +1,10 @@
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "weekly"

.github/dependabot.yml

@@ -1,51 +1,32 @@
 on:
-  push:
-    branches:
-      - main
   workflow_dispatch:
-
-permissions:
-  contents: read
+    inputs:
+      version:
+        required: true
 
 jobs:
-  # check if this is a new release
-  smoke:
+  qa.installer:
+    uses: ./.github/workflows/ci.installer.yml
+  qa.action:
+    uses: ./.github/workflows/ci.action.yml
+
+  dist:
+    needs: [qa.installer, qa.action]
     runs-on: ubuntu-latest
-    outputs:
-      version: ${{ steps.tea.outputs.version }}
     steps:
-      - uses: actions/checkout@v3
-      - uses: ./
-        id: tea
-
-      - id: rev-parse
-        name: did we already publish this version?
-        run: |
-          # fetch tags since actions/checkout is a shallow checkout
-          git fetch --prune --unshallow --tags
-
-          if git show-ref --tags v${{ steps.tea.outputs.version }} --quiet; then
-            echo "::set-output name=result::cancel"
-          fi
-
-      - uses: andymckay/[email protected]
-        if: ${{ steps.rev-parse.outputs.result == 'cancel' }}
-
-  ci:
-    needs: [smoke]
-    uses: ./.github/workflows/ci.yml
-    secrets: inherit
-
-  ci-pre-reqs:
-    needs: [smoke]
-    uses: ./.github/workflows/ci-pre-reqs.yml
-    secrets: inherit
+      - uses: actions/checkout@v4
+      - run: curl -Ssf https://tea.xyz/$(uname)/$(uname -m).tgz | sudo tar xz -C /usr/local/bin
+      - run: ./scripts/dist.sh
+      - uses: actions/upload-artifact@v2
+        with:
+          name: dist
+          path: dist
 
   put:
     permissions:
       contents: write
       deployments: write
-    needs: [ci, ci-pre-reqs, smoke]
+    needs: dist
     runs-on: ubuntu-latest
     steps:
       - name: Create Deployment
@@ -55,38 +36,45 @@ jobs:
           step: start
           env: aws
 
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
+      - uses: actions/download-artifact@v2
+        with:
+          name: dist
+          path: dist
 
-      - uses: aws-actions/configure-aws-credentials@v1
+      - uses: aws-actions/configure-aws-credentials@v4
         with:
           aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
           aws-region: us-east-1
 
-      - run: |
-          aws s3 cp \
-            ./install.sh s3://www.tea.xyz/pour.sh \
-            --metadata-directive REPLACE \
+      - run:
+          aws s3 cp
+            ./installer.sh s3://www.tea.xyz/pour.sh
+            --metadata-directive REPLACE
             --cache-control no-cache,must-revalidate
-      - run: |
-          aws cloudfront create-invalidation \
-            --distribution-id ${{ secrets.AWS_CF_DISTRIBUTION_ID }} \
+      - run:
+          aws cloudfront create-invalidation
+            --distribution-id ${{ secrets.AWS_CF_DISTRIBUTION_ID }}
             --paths / /pour.sh
 
+      - uses: git-actions/set-user@v1
       - run: |
-          git tag v${{ needs.smoke.outputs.version }}
-          git push origin v${{ needs.smoke.outputs.version }}
+          git add dist
+          git commit -m 'v${{ github.event.inputs.version }}
+          git tag v${{ github.event.inputs.version }}
+          git push origin v${{ github.event.inputs.version }} main
 
       - uses: softprops/action-gh-release@v1
         with:
-          files: ./install.sh
-          tag_name: v${{ needs.smoke.outputs.version }}
+          files: ./installer.sh
+          tag_name: v${{ github.event.inputs.version }}
           fail_on_unmatched_files: true
 
       - uses: fischerscode/tagger@v0
         with:
           prefix: v
-          tag: v${{ needs.smoke.outputs.version }}
+          tag: v${{ github.event.inputs.version }}
 
       - name: Seal Deployment
         uses: bobheadxi/deployments@v1

.github/smoke-test.sh

@@ -0,0 +1,133 @@
+on:
+  workflow_call:
+  pull_request:
+    paths:
+      - action.ts
+      - action.yml
+      - package.json
+
+concurrency:
+  group: ${{ github.ref || 'ci' }}/action.ts
+  cancel-in-progress: true
+
+jobs:
+  dist:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - run: curl -Ssf https://tea.xyz/$(uname)/$(uname -m).tgz | sudo tar xz -C /usr/local/bin
+      - run: ./scripts/dist.sh
+      - uses: actions/upload-artifact@v2
+        with:
+          name: dist
+          path: dist
+
+  gha:
+    needs: dist
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        os:
+          - macos-latest
+          - ubuntu-latest
+          - [self-hosted, macOS, ARM64]  # we need to be sure the action
+          - [self-hosted, linux, ARM64]  # works in arm64 environments
+        prefix:
+          - null
+          - /opt
+        container:
+          - null
+        include:
+        - os: ubuntu-latest
+          container: debian:buster-slim
+          srcroot: .
+        - os: ubuntu-latest
+          container: debian:buster-slim
+          srcroot: null
+    container: ${{ matrix.container }}
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/download-artifact@v2
+        with:
+          name: dist
+          path: dist
+
+      - uses: ./
+        id: tea
+        with:
+          prefix: ${{ matrix.prefix }}
+          srcroot: ${{ matrix.srcroot || github.workspace }}
+
+      - run: test -n "$VERSION"
+      - run: test -n "${{ steps.tea.outputs.version }}"
+      - run: test v$VERSION = v${{ steps.tea.outputs.version }}
+      - run: tea --env
+      - run: which tea
+      - run: node --eval 'console.log(1)'
+
+  chaste:
+    needs: dist
+    runs-on: ubuntu-latest
+    container: debian:buster-slim
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/download-artifact@v2
+        with:
+          name: dist
+          path: dist
+      - uses: ./
+        with:
+          chaste: true
+      - run:
+          if node --version; then
+            exit 1;
+          fi
+
+  additional-pkgs:
+    needs: dist
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/download-artifact@v2
+        with:
+          name: dist
+          path: dist
+      - uses: ./
+        with:
+          +deno.land: ^1.30
+        # ^^ produces a warning, but we like this syntax
+        # we're hoping GH allows us to suppress this warning in the future
+        # discussion: https://github.com/octokit/request-action/issues/26
+      - run: deno --version
+
+  additional-pkgs-2:
+    needs: dist
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/download-artifact@v2
+        with:
+          name: dist
+          path: dist
+      - uses: ./
+        with:
+          +: |
+            deno.land^1.30
+            cli.github.com
+      - run: deno --version
+      - run: gh --version
+
+  multiple-apply-is-ok:
+    runs-on: ubuntu-latest
+    needs: dist
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/download-artifact@v2
+        with:
+          name: dist
+          path: dist
+      - uses: ./
+      - run: tea --version
+      - uses: ./
+      - run: tea --version