github-actions-workflow-ts icon indicating copy to clipboard operation
github-actions-workflow-ts copied to clipboard
verified publisher icon emmanuelnk

[Feature Request]: Validate if the generated actions is out of date

Open tusharmath opened this issue 1 year ago • 4 comments

Expected Behavior

The generated workflow should automatically detect if it has been modified and fail CI if it happens.

Actual Behavior

CI should fail if the generated workflow is out of sync.

Additional Information This is a fantastic tool @emmanuelnk! I have been looking for something like this ever since I moved from https://github.com/sbt/sbt-github-actions

One very useful feature I miss from SBT Github Actions is the githubWorkflowCheck setting. When enabled it would automatically check if the generated workflow is out of date and fail the CI if it did.

Let me know your thoughts of supporting this feature. Thanks once again for building this amazing tool!

tusharmath avatar Sep 27 '24 10:09 tusharmath

This is actually something I've also been wanting to implement for a while now. Basically, this would be a diff between a workflow file that current exists and one that will be generated.

Thinking to make use of a package like diff to generate a diff output with a command like npx gwf diff. I'll add a config option to throw an error on diff but I won't enforce it since this may not be desired behavior for other devs.

I'll probably get something working over the weekend.

emmanuelnk avatar Sep 27 '24 13:09 emmanuelnk

I think instead of diff, we just need to perform an equality "check". A simple textual comparison should be enough. I would try to avoid adding a dependency unless really needed.

tusharmath avatar Sep 28 '24 14:09 tusharmath

Coming back to this feature request -- I discussed it with others and they are of the opinion that it is not the job of this tool to determine diffs as what you suggest would be an opinionated way of doing a diff.

It's why in this README its suggested to use a pre-commit hook tool like Husky or a file watch tool like nodemon that can run the gwf build command each time a *.wac.ts is committed/modified.

While I'd love to add many more features like that I'll leave this issue open and if it becomes highly requested (at least ten thumbs up) I'll revisit it.

emmanuelnk avatar Oct 10 '24 19:10 emmanuelnk

This looks to be already achievable with the headless package. For example if you wanted to disallow the previous version of actions/checkout (v3 as of this writing) you could do this:

import { describe, it, expect } from 'vitest';
import { exampleWorkflow } from './action.js';
import { Workflow } from 'github-actions-workflow-ts-lib';

describe('github actions', () => {
    it('should not use out of date actions', () => {
        expect(isCompliant(exampleWorkflow)).toEqual(true);
    });
});

function isCompliant(workflow: Workflow) {
    return getAllSteps(workflow).every((step) => {
        if (!step?.uses?.startsWith('actions/checkout')) {
            return true;
        }

        return !step.uses.includes('@v3');
    });
}

function getAllSteps(workflow: Workflow) {
    return Object.entries(workflow.workflow.jobs ?? {}).flatMap(
        ([jobName, job]) => {
            return 'steps' in job ? job.steps : [];
        }
    );
}

Similarly, you could do a snapshot test on the workflow to check for any changes 🙂

ben-eb avatar Feb 05 '25 09:02 ben-eb