Skip to content

Commit 4068afa

Browse files
caarlos0Copilot
andauthored
build: drop docker-bake in favor of plain npm (#551)
* build: drop docker-bake in favor of plain npm Every TypeScript action maintained by actions/* (checkout, setup-node, setup-go, cache, upload-artifact) uses plain npm scripts. The bake setup is a docker/* org convention and adds friction for TS work: contributors need Docker, the dev loop is ~10x slower than npm, and Alpine-vs-host byte drift in dist/index.js makes PRs bounce. Replace with the standard pattern: - .node-version pins Node 24 so contributors and CI agree - npm scripts (build, lint, format, test, pre-checkin) replace bake targets one-for-one - validate.yml runs lint + a check-dist diff (mirrors actions/setup-node) and a vendor check that npm install --package-lock-only is a no-op - test.yml uses setup-node + sigstore/cosign-installer, drops bake-action - dependabot-build.yml regenerates dist via npm instead of bake CONTRIBUTING.md and README development section updated to match. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * build: align scripts and workflows with actions/* convention Match the standard layout used by actions/checkout, actions/setup-node, etc.: - package.json scripts: split format/format-check (Prettier) from lint/lint:fix (ESLint), and have pre-checkin run all four (format, lint:fix, build, test) in that order. - validate.yml lint job runs format-check + lint as separate steps. - test.yml drops the redundant --coverage flag (now in the test script). - Drop dependabot-build.yml: actions/* don't auto-rebuild dist on dependabot PRs; the check-dist style validate / build job catches drift and a maintainer rebuilds locally if needed. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
1 parent 213ec80 commit 4068afa

File tree

9 files changed

+129
-267
lines changed

9 files changed

+129
-267
lines changed

.github/workflows/dependabot-build.yml

Lines changed: 0 additions & 46 deletions
This file was deleted.

.github/workflows/test.yml

Lines changed: 13 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -25,11 +25,20 @@ jobs:
2525
with:
2626
fetch-depth: 0
2727
-
28-
name: Test
29-
uses: docker/bake-action@82490499d2e5613fcead7e128237ef0b0ea210f7 # v7.0.0
28+
name: Setup Node.js
29+
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v6.0.0
3030
with:
31-
source: .
32-
targets: test
31+
node-version-file: '.node-version'
32+
cache: npm
33+
-
34+
name: Install cosign
35+
uses: sigstore/cosign-installer@d58896d6a1865668819e1d91763c7751a165e159 # v3.9.2
36+
-
37+
name: Install dependencies
38+
run: npm ci
39+
-
40+
name: Test
41+
run: npm test
3342
-
3443
name: Upload coverage
3544
uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6.0.0

.github/workflows/validate.yml

Lines changed: 68 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -16,32 +16,83 @@ on:
1616
pull_request:
1717

1818
jobs:
19-
prepare:
19+
lint:
2020
runs-on: ubuntu-latest
21-
outputs:
22-
matrix: ${{ steps.generate.outputs.matrix }}
2321
steps:
2422
-
2523
name: Checkout
2624
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
2725
-
28-
name: Generate matrix
29-
id: generate
30-
uses: docker/bake-action/subaction/matrix@82490499d2e5613fcead7e128237ef0b0ea210f7 # v7.0.0
26+
name: Setup Node.js
27+
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v6.0.0
3128
with:
32-
target: validate
29+
node-version-file: '.node-version'
30+
cache: npm
31+
-
32+
name: Install dependencies
33+
run: npm ci
34+
-
35+
name: Format check
36+
run: npm run format-check
37+
-
38+
name: Lint
39+
run: npm run lint
3340

34-
validate:
41+
build:
3542
runs-on: ubuntu-latest
36-
needs:
37-
- prepare
38-
strategy:
39-
fail-fast: false
40-
matrix:
41-
include: ${{ fromJson(needs.prepare.outputs.matrix) }}
4243
steps:
4344
-
44-
name: Validate
45-
uses: docker/bake-action@82490499d2e5613fcead7e128237ef0b0ea210f7 # v7.0.0
45+
name: Checkout
46+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
47+
-
48+
name: Setup Node.js
49+
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v6.0.0
50+
with:
51+
node-version-file: '.node-version'
52+
cache: npm
53+
-
54+
name: Install dependencies
55+
run: npm ci --ignore-scripts
56+
-
57+
name: Rebuild dist
58+
run: npm run build
59+
-
60+
name: Compare dist
61+
id: diff
62+
run: |
63+
if [ "$(git diff --ignore-space-at-eol dist | wc -l)" -gt "0" ]; then
64+
echo "Detected uncommitted changes after build. Run 'npm run build' and commit dist/." >&2
65+
git diff dist
66+
exit 1
67+
fi
68+
-
69+
name: Upload built dist on failure
70+
if: ${{ failure() && steps.diff.conclusion == 'failure' }}
71+
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
4672
with:
47-
targets: ${{ matrix.target }}
73+
name: dist
74+
path: dist
75+
76+
vendor:
77+
runs-on: ubuntu-latest
78+
steps:
79+
-
80+
name: Checkout
81+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
82+
-
83+
name: Setup Node.js
84+
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v6.0.0
85+
with:
86+
node-version-file: '.node-version'
87+
cache: npm
88+
-
89+
name: Refresh package-lock.json
90+
run: npm install --package-lock-only
91+
-
92+
name: Compare package-lock.json
93+
run: |
94+
if [ -n "$(git status --porcelain -- package-lock.json)" ]; then
95+
echo "package-lock.json is out of sync with package.json. Run 'npm install' and commit." >&2
96+
git diff package-lock.json
97+
exit 1
98+
fi

.node-version

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
24

CONTRIBUTING.md

Lines changed: 37 additions & 52 deletions
Original file line numberDiff line numberDiff line change
@@ -1,78 +1,63 @@
11
# Contributing
22

3-
Thanks for your interest in contributing! This document covers the development
4-
workflow needed to get a change ready to commit and push.
3+
Thanks for your interest in contributing!
54

65
## Prerequisites
76

8-
- [Docker](https://docs.docker.com/get-docker/) with [Buildx](https://docs.docker.com/buildx/working-with-buildx/)
9-
- Git
7+
- [Node.js](https://nodejs.org/) — version pinned in [`.node-version`](./.node-version).
8+
Tools like [`nvm`](https://github.com/nvm-sh/nvm), [`fnm`](https://github.com/Schniz/fnm),
9+
[`asdf`](https://asdf-vm.com/), or [`mise`](https://mise.jdx.dev/) read this file
10+
automatically.
11+
- [`cosign`](https://docs.sigstore.dev/cosign/installation/) — only required if you
12+
want to run the signature-verification integration tests locally.
1013

11-
That's it. Everything else (Node, npm, linters, the test environment) runs
12-
inside containers driven by `docker buildx bake`.
14+
## Setup
15+
16+
```sh
17+
npm ci
18+
```
1319

1420
## Pre-commit checklist
1521

16-
Run these commands, in order, before committing any change to `src/`,
17-
`__tests__/`, `package.json`, `package-lock.json`, or `action.yml`:
22+
Before committing changes to `src/`, `__tests__/`, `package.json`,
23+
`package-lock.json`, or `action.yml`:
1824

1925
```sh
20-
# 1. Format source, refresh node_modules, regenerate dist/index.js
21-
docker buildx bake pre-checkin
22-
23-
# 2. Run the test suite (unit + integration; needs network for release downloads)
24-
docker buildx bake test
25-
26-
# 3. Validate that everything is committed and reproducible
27-
docker buildx bake validate
26+
npm run pre-checkin
2827
```
2928

30-
`validate` is what CI runs. If it passes locally, your PR will pass the
31-
`validate` job too.
29+
That runs `format` + `build` + `test` — the same checks CI runs.
3230

33-
### Why `pre-checkin` matters
31+
Then commit `dist/` along with your source changes; the action runtime loads
32+
`dist/index.js` directly, so it must stay in sync.
3433

35-
The repository ships the compiled action as `dist/index.js`. CI's
36-
`build-validate` target rebuilds it inside an Alpine container and fails if the
37-
checked-in bytes don't match. **You must commit the `dist/` output produced by
38-
`docker buildx bake pre-checkin`** — running `npm run build` on macOS or a
39-
non-Alpine host produces slightly different bytes and `validate` will reject
40-
the PR.
41-
42-
If you forget and CI complains about a `dist/` diff, just run:
43-
44-
```sh
45-
docker buildx bake build
46-
git add dist/
47-
git commit --amend --no-edit
48-
git push --force-with-lease
49-
```
34+
If CI's `validate / build` job fails because `dist/` differs from a fresh
35+
build, just download the `dist` artifact from the failed run and commit it —
36+
or rerun `npm run build` locally with the Node version in `.node-version`.
5037

51-
## Available bake targets
38+
## npm scripts
5239

53-
| Target | Purpose |
54-
| --------------- | --------------------------------------------------- |
55-
| `build` | Regenerate `dist/index.js` only |
56-
| `format` | Run Prettier on `src/` and `__tests__/` |
57-
| `vendor` | Refresh `node_modules` / `package-lock.json` |
58-
| `pre-checkin` | `vendor` + `format` + `build` (run before commits) |
59-
| `lint` | Prettier check + ESLint |
60-
| `build-validate`| Verify `dist/index.js` matches a fresh build |
61-
| `vendor-validate`| Verify `package-lock.json` is in sync |
62-
| `validate` | `lint` + `build-validate` + `vendor-validate` |
63-
| `test` | Run Jest with coverage in an Alpine container |
40+
| Script | Purpose |
41+
| ------------------- | ------------------------------------------------ |
42+
| `npm run build` | Bundle `src/` to `dist/index.js` via `ncc` |
43+
| `npm run format` | Run Prettier (write) |
44+
| `npm run format-check` | Run Prettier (check only, used in CI) |
45+
| `npm run lint` | Run ESLint (check only, used in CI) |
46+
| `npm run lint:fix` | Run ESLint with `--fix` |
47+
| `npm test` | Run Jest with coverage |
48+
| `npm run pre-checkin` | `format` + `lint:fix` + `build` + `test` |
6449

6550
## Tests
6651

67-
`docker buildx bake test` runs the full Jest suite, including integration
68-
tests that:
52+
`npm test` runs the full Jest suite, including integration tests that:
6953

7054
- Download real GoReleaser releases from GitHub
7155
- Verify `checksums.txt` against the downloaded archive
72-
- Verify the cosign sigstore bundle (`cosign` is installed in the test image)
56+
- Verify the cosign sigstore bundle (skipped if `cosign` isn't on `PATH`,
57+
but the CI image always has it installed)
7358

74-
These need outbound network access. If you're behind a restrictive proxy or
75-
offline, those tests will fail — that's expected.
59+
These need outbound network access. Offline / restrictive-proxy runs will
60+
have those tests fail — that's expected.
7661

7762
## Commit messages
7863

@@ -82,7 +67,7 @@ Use [Conventional Commits](https://www.conventionalcommits.org/) (`feat:`,
8267
## Pull requests
8368

8469
- Target `master`.
85-
- Make sure `docker buildx bake validate` and `docker buildx bake test` pass.
70+
- Make sure `npm run pre-checkin` passes.
8671
- One logical change per PR is easier to review.
8772
- The `signing` CI job and `goreleaser-pro` matrix entries are skipped on PRs
8873
from forks because they need repository secrets — that's expected and not

README.md

Lines changed: 4 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -238,14 +238,11 @@ See [CONTRIBUTING.md](./CONTRIBUTING.md) for the full development workflow.
238238
Quick reference:
239239

240240
```
241-
# format code and build javascript artifacts
242-
docker buildx bake pre-checkin
241+
# install dependencies
242+
npm ci
243243
244-
# validate all code has correctly formatted and built
245-
docker buildx bake validate
246-
247-
# run tests
248-
docker buildx bake test
244+
# format, build dist/, and run tests
245+
npm run pre-checkin
249246
```
250247

251248
## License

dev.Dockerfile

Lines changed: 0 additions & 72 deletions
This file was deleted.

0 commit comments

Comments
 (0)