chore: prepare for v2.0.0 (#405)

## Summary This PR prepares `supabase/setup-cli` for `v2.0.0`. The main goal of this release is to simplify the action and modernize the repo/tooling around a Bun-based implementation, while tightening workflows, tests, and documentation. ## What Changed ### Action runtime - switched the action from a Node/compiled `dist` runtime to a Bun-based composite action - removed the checked-in `dist/` output entirely - simplified the action source down to a single runtime file in `src/main.ts` - kept the public action interface the same: - `with.version` - `outputs.version` ### Tooling - switched package management and local tooling from npm to Bun - removed Rollup and the build step - replaced Jest with Bun’s native test runner - replaced Prettier with `oxfmt` - replaced ESLint with `oxlint` - enabled type-aware/type-check linting with `oxlint-tsgolint` - simplified TypeScript config to a single `tsconfig.json` extending `@tsconfig/bun` ### Tests - moved tests next to the runtime source - rewrote tests to focus on meaningful user-facing action behavior - added coverage for: - default entrypoint execution - latest version installs - legacy version installs - modern pinned version installs - failure when the installed CLI cannot report a version - action code coverage is now `100%` ### Workflows - renamed workflow files for clarity: - `test.yml` -> `ci.yml` - `start.yml` -> `e2e.yml` - updated workflow/job naming so required checks are clean and stable: - `CI` - `E2E` - `CodeQL` - `Licensed` - added aggregate PR-facing checks so branch protection does not need matrix legs - made CI and E2E skip heavy jobs on draft PRs - made E2E run automatically on ready PRs and new commits - simplified CodeQL config by removing the separate config file - updated action pins to current releases using commit SHAs - refined Dependabot for Bun-era updates and non-major auto-merge ### Docs - refreshed `README.md` and `docs/index.md` for the new v2 behavior - updated examples to use `@v2` - added a practical example for exporting local Supabase env vars after `supabase start` - removed stale references to old local/dev flows ## Breaking / Notable Changes - the action now runs as a Bun-based composite action instead of a prebuilt JavaScript action - no checked-in `dist/` artifacts anymore - self-hosted runners now need the prerequisites expected by the composite action path: - `bash` - network access to install Bun/dependencies and download the Supabase CLI ## Validation Verified locally with: - `bun run format:check` - `bun run lint` - `bun test` - `bun run ci` Also updated workflows and branch-protection-friendly check names so PR validation is cleaner going forward. ## Follow-up After merge, branch protection should require only: - `CI` - `E2E` - `CodeQL` - `Licensed` --------- Co-authored-by: licensed-ci <licensed-ci@users.noreply.github.com>
2026-05-13 11:26:59 +00:00 · 2026-04-03 17:51:37 +02:00
parent 60645042c4
commit 2eca1b4d35
52 changed files with 1262 additions and 46740 deletions
--- a/.github/workflows/licensed.yml
+++ b/.github/workflows/licensed.yml
@@ -6,39 +6,54 @@ name: Licensed

 on:
  pull_request:
+    paths:
+      - .github/workflows/licensed.yml
+      - .licensed.yml
+      - .licenses/**
+      - bun.lock
+      - package.json
  push:
    branches:
      - main
+    paths:
+      - .github/workflows/licensed.yml
+      - .licensed.yml
+      - .licenses/**
+      - bun.lock
+      - package.json
  workflow_dispatch:

-permissions:
-  contents: write
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true

 jobs:
-  licensed:
-    name: Check Licenses
+  check-licenses:
+    if: ${{ github.event_name != 'workflow_dispatch' }}
+    name: Licensed
    runs-on: ubuntu-latest
+    timeout-minutes: 15
+    permissions:
+      contents: read

    steps:
      - name: Checkout
        id: checkout
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+
+      - name: Setup Bun
+        id: setup-bun
+        uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2.2.0
        with:
-          persist-credentials: false
-      - name: Setup Node.js
-        id: setup-node
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
-        with:
-          node-version-file: .node-version
-          cache: npm
+          bun-version-file: .bun-version

      - name: Install Dependencies
-        id: npm-ci
-        run: npm ci
+        id: bun-install
+        run: bun install --frozen-lockfile

      - name: Setup Ruby
        id: setup-ruby
-        uses: ruby/setup-ruby@4dc28cf14d77b0afa6832d9765ac422dbf0dfedd # v1.298.0
+        uses: ruby/setup-ruby@3ff19f5e2baf30647122352b96108b1fbe250c64 # v1.299.0
        with:
          ruby-version: ruby

@@ -47,24 +62,61 @@ jobs:
          version: 4.x
          github_token: ${{ secrets.GITHUB_TOKEN }}

-      # If this is a workflow_dispatch event, update the cached licenses.
-      - if: ${{ github.event_name == 'workflow_dispatch' }}
-        name: Update Licenses
+      - name: Check Licenses
+        id: check-licenses
+        run: licensed status
+
+  update-licenses:
+    if: ${{ github.event_name == 'workflow_dispatch' }}
+    name: Update Licenses
+    runs-on: ubuntu-latest
+    timeout-minutes: 15
+    permissions:
+      contents: write
+
+    steps:
+      - name: Checkout
+        id: checkout
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+
+      - name: Setup Bun
+        id: setup-bun
+        uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2.2.0
+        with:
+          bun-version-file: .bun-version
+
+      - name: Install Dependencies
+        id: bun-install
+        run: bun install --frozen-lockfile
+
+      - name: Setup Ruby
+        id: setup-ruby
+        uses: ruby/setup-ruby@3ff19f5e2baf30647122352b96108b1fbe250c64 # v1.299.0
+        with:
+          ruby-version: ruby
+
+      - uses: licensee/setup-licensed@0d52e575b3258417672be0dff2f115d7db8771d8 # v1.3.2
+        with:
+          version: 4.x
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Update License Cache
        id: update-licenses
        run: licensed cache

-      # Then, commit the updated licenses to the repository.
-      - if: ${{ github.event_name == 'workflow_dispatch' }}
-        name: Commit Licenses
+      - name: Format License Files
+        id: format-licenses
+        run: bun x oxfmt --write .licensed.yml .licenses
+
+      - name: Commit Licenses
        id: commit-licenses
        run: |
          git config --local user.email "licensed-ci@users.noreply.github.com"
          git config --local user.name "licensed-ci"
-          git add .
+          git add .licenses .licensed.yml
+          if git diff --cached --quiet; then
+            echo "No license cache changes to commit."
+            exit 0
+          fi
          git commit -m "Auto-update license files"
          git push
-
-      # Last, check the status of the cached licenses.
-      - name: Check Licenses
-        id: check-licenses
-        run: licensed status