From 44b8d71f573f6ea233bdcafe22fb54fd1a4540eb Mon Sep 17 00:00:00 2001 From: Brendan Ryan Date: Mon, 19 Jan 2026 08:43:24 -0800 Subject: [PATCH 1/3] refactors and consolidates github actions --- .github/workflows/ci.yml | 16 ++++++--- action.yml | 75 ++++++++++++---------------------------- package.json | 3 +- 3 files changed, 36 insertions(+), 58 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0ade3a1..c5cea3d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -6,24 +6,30 @@ on: pull_request: branches: [main] +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +permissions: + contents: read + jobs: ci: runs-on: ubuntu-latest + timeout-minutes: 10 steps: - name: Checkout uses: actions/checkout@v4 - - name: Setup pnpm - uses: pnpm/action-setup@v4 - with: - version: 9 - - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: "20" cache: "pnpm" + - name: Enable Corepack + run: corepack enable + - name: Install dependencies run: pnpm install --frozen-lockfile diff --git a/action.yml b/action.yml index cea550a..0ff4d3c 100644 --- a/action.yml +++ b/action.yml @@ -43,42 +43,18 @@ outputs: runs: using: "composite" steps: - - name: Setup pnpm - uses: pnpm/action-setup@v4 - with: - version: 9 - - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: "20" + cache: "pnpm" + cache-dependency-path: ${{ github.action_path }}/pnpm-lock.yaml - - name: Get cache keys - id: cache-keys + - name: Enable Corepack shell: bash - run: | - echo "PNPM_STORE=$(pnpm store path --silent)" >> $GITHUB_OUTPUT - # Hash the lockfile for cache key - LOCK_HASH=$(sha256sum "${{ github.action_path }}/pnpm-lock.yaml" | cut -d' ' -f1 | head -c 16) - echo "LOCK_HASH=$LOCK_HASH" >> $GITHUB_OUTPUT - - - name: Cache pnpm store - uses: actions/cache@v4 - with: - path: ${{ steps.cache-keys.outputs.PNPM_STORE }} - key: tempo-lints-pnpm-store-${{ runner.os }}-${{ steps.cache-keys.outputs.LOCK_HASH }} - restore-keys: | - tempo-lints-pnpm-store-${{ runner.os }}- - - - name: Cache node_modules (includes sg binary) - id: cache-node-modules - uses: actions/cache@v4 - with: - path: ${{ github.action_path }}/node_modules - key: tempo-lints-node-modules-${{ runner.os }}-${{ steps.cache-keys.outputs.LOCK_HASH }} + run: corepack enable - name: Install tempo-lints dependencies - if: steps.cache-node-modules.outputs.cache-hit != 'true' shell: bash run: cd "${{ github.action_path }}" && pnpm install --frozen-lockfile @@ -93,8 +69,14 @@ runs: SCAN_PATH="${{ github.workspace }}" fi - # Build CLI args - CLI_ARGS="${{ inputs.language }} $SCAN_PATH --github-action" + # Build CLI args - use JSON output if PR comment is needed + if [ "${{ inputs.post-comment }}" = "true" ] && [ "${{ github.event_name }}" = "pull_request" ]; then + OUTPUT_FORMAT="--json" + else + OUTPUT_FORMAT="--github-action" + fi + + CLI_ARGS="${{ inputs.language }} $SCAN_PATH $OUTPUT_FORMAT" if [ -n "${{ inputs.exclude-rules }}" ]; then CLI_ARGS="$CLI_ARGS --exclude ${{ inputs.exclude-rules }}" @@ -108,9 +90,14 @@ runs: echo "Scanning: $SCAN_PATH" echo "CLI args: $CLI_ARGS" - # Run lint with --github-action flag (outputs annotations and summary) + # Run lint and capture output + OUTPUT_FILE="${{ runner.temp }}/tempo-lints-output.json" set +e - pnpm --dir "${{ github.action_path }}" exec tsx "${{ github.action_path }}/bin/tempo-lints.ts" $CLI_ARGS + if [ "$OUTPUT_FORMAT" = "--json" ]; then + pnpm --dir "${{ github.action_path }}" exec tsx "${{ github.action_path }}/bin/tempo-lints.ts" $CLI_ARGS > "$OUTPUT_FILE" 2>/dev/null + else + pnpm --dir "${{ github.action_path }}" exec tsx "${{ github.action_path }}/bin/tempo-lints.ts" $CLI_ARGS + fi EXIT_CODE=$? set -e @@ -122,11 +109,11 @@ runs: echo "exit_code=$EXIT_CODE" >> $GITHUB_OUTPUT echo "has_errors=$HAS_ERRORS" >> $GITHUB_OUTPUT + echo "output_file=$OUTPUT_FILE" >> $GITHUB_OUTPUT - name: Post PR comment if: inputs.post-comment == 'true' && github.event_name == 'pull_request' shell: bash - working-directory: ${{ github.workspace }} env: GITHUB_TOKEN: ${{ inputs.github-token }} run: | @@ -135,26 +122,10 @@ runs: exit 0 fi - # Resolve scan path (default to workspace root) - SCAN_PATH="${{ inputs.path }}" - if [ "$SCAN_PATH" = "." ]; then - SCAN_PATH="${{ github.workspace }}" - fi - - # Build CLI args for JSON output - CLI_ARGS="${{ inputs.language }} $SCAN_PATH --json" - - if [ -n "${{ inputs.exclude-rules }}" ]; then - CLI_ARGS="$CLI_ARGS --exclude ${{ inputs.exclude-rules }}" - fi - - # Run lint with --json to get structured output for comment - OUTPUT_FILE="${{ runner.temp }}/tempo-lints-comment.json" - set +e - pnpm --dir "${{ github.action_path }}" exec tsx "${{ github.action_path }}/bin/tempo-lints.ts" $CLI_ARGS > "$OUTPUT_FILE" 2>/dev/null - set -e + OUTPUT_FILE="${{ steps.run-lint.outputs.output_file }}" - TOTAL_ISSUES=$(cat "$OUTPUT_FILE" | node -p "try { JSON.parse(require('fs').readFileSync(0,'utf8')).length } catch { 0 }" 2>/dev/null || echo "0") + # Count issues from JSON output + TOTAL_ISSUES=$(node -p "try { JSON.parse(require('fs').readFileSync('$OUTPUT_FILE','utf8')).length } catch { 0 }" 2>/dev/null || echo "0") pnpm --dir "${{ github.action_path }}" exec tsx "${{ github.action_path }}/scripts/post-pr-comment.ts" \ "$OUTPUT_FILE" \ diff --git a/package.json b/package.json index 0173a92..51416ab 100644 --- a/package.json +++ b/package.json @@ -58,5 +58,6 @@ }, "engines": { "node": ">=18" - } + }, + "packageManager": "pnpm@9.15.4" } From a79871a36892b4201f8ddffdf9089397301fc54f Mon Sep 17 00:00:00 2001 From: Brendan Ryan Date: Mon, 19 Jan 2026 08:48:01 -0800 Subject: [PATCH 2/3] hoist corepack --- .github/workflows/ci.yml | 6 +++--- action.yml | 8 ++++---- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c5cea3d..731976e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -21,15 +21,15 @@ jobs: - name: Checkout uses: actions/checkout@v4 + - name: Enable Corepack + run: corepack enable + - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: "20" cache: "pnpm" - - name: Enable Corepack - run: corepack enable - - name: Install dependencies run: pnpm install --frozen-lockfile diff --git a/action.yml b/action.yml index 0ff4d3c..f48a82c 100644 --- a/action.yml +++ b/action.yml @@ -43,6 +43,10 @@ outputs: runs: using: "composite" steps: + - name: Enable Corepack + shell: bash + run: corepack enable + - name: Setup Node.js uses: actions/setup-node@v4 with: @@ -50,10 +54,6 @@ runs: cache: "pnpm" cache-dependency-path: ${{ github.action_path }}/pnpm-lock.yaml - - name: Enable Corepack - shell: bash - run: corepack enable - - name: Install tempo-lints dependencies shell: bash run: cd "${{ github.action_path }}" && pnpm install --frozen-lockfile From 5e878e5d95916f288681320a44579da74104e886 Mon Sep 17 00:00:00 2001 From: Brendan Ryan Date: Mon, 19 Jan 2026 08:48:58 -0800 Subject: [PATCH 3/3] shuffle author --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 51416ab..7ba094f 100644 --- a/package.json +++ b/package.json @@ -39,7 +39,7 @@ "typescript", "static-analysis" ], - "author": "Stripe", + "author": "Tempo Labs", "license": "MIT", "bugs": { "url": "https://github.com/stripe/tempo-lints/issues"