chore: prepare for v2.0.0 (#405)

## Summary This PR prepares `supabase/setup-cli` for `v2.0.0`. The main goal of this release is to simplify the action and modernize the repo/tooling around a Bun-based implementation, while tightening workflows, tests, and documentation. ## What Changed ### Action runtime - switched the action from a Node/compiled `dist` runtime to a Bun-based composite action - removed the checked-in `dist/` output entirely - simplified the action source down to a single runtime file in `src/main.ts` - kept the public action interface the same: - `with.version` - `outputs.version` ### Tooling - switched package management and local tooling from npm to Bun - removed Rollup and the build step - replaced Jest with Bun’s native test runner - replaced Prettier with `oxfmt` - replaced ESLint with `oxlint` - enabled type-aware/type-check linting with `oxlint-tsgolint` - simplified TypeScript config to a single `tsconfig.json` extending `@tsconfig/bun` ### Tests - moved tests next to the runtime source - rewrote tests to focus on meaningful user-facing action behavior - added coverage for: - default entrypoint execution - latest version installs - legacy version installs - modern pinned version installs - failure when the installed CLI cannot report a version - action code coverage is now `100%` ### Workflows - renamed workflow files for clarity: - `test.yml` -> `ci.yml` - `start.yml` -> `e2e.yml` - updated workflow/job naming so required checks are clean and stable: - `CI` - `E2E` - `CodeQL` - `Licensed` - added aggregate PR-facing checks so branch protection does not need matrix legs - made CI and E2E skip heavy jobs on draft PRs - made E2E run automatically on ready PRs and new commits - simplified CodeQL config by removing the separate config file - updated action pins to current releases using commit SHAs - refined Dependabot for Bun-era updates and non-major auto-merge ### Docs - refreshed `README.md` and `docs/index.md` for the new v2 behavior - updated examples to use `@v2` - added a practical example for exporting local Supabase env vars after `supabase start` - removed stale references to old local/dev flows ## Breaking / Notable Changes - the action now runs as a Bun-based composite action instead of a prebuilt JavaScript action - no checked-in `dist/` artifacts anymore - self-hosted runners now need the prerequisites expected by the composite action path: - `bash` - network access to install Bun/dependencies and download the Supabase CLI ## Validation Verified locally with: - `bun run format:check` - `bun run lint` - `bun test` - `bun run ci` Also updated workflows and branch-protection-friendly check names so PR validation is cleaner going forward. ## Follow-up After merge, branch protection should require only: - `CI` - `E2E` - `CodeQL` - `Licensed` --------- Co-authored-by: licensed-ci <licensed-ci@users.noreply.github.com>
2026-05-13 11:26:59 +00:00 · 2026-04-03 17:51:37 +02:00
parent 60645042c4
commit 2eca1b4d35
52 changed files with 1262 additions and 46740 deletions
--- a/README.md
+++ b/README.md
@@ -1,13 +1,12 @@
 # :gear: Supabase CLI Action

-[![CI](https://github.com/supabase/setup-cli/actions/workflows/start.yml/badge.svg)](https://github.com/supabase/setup-cli/actions/workflows/start.yml)
-[![Linter](https://github.com/supabase/setup-cli/actions/workflows/linter.yml/badge.svg)](https://github.com/supabase/setup-cli/actions/workflows/linter.yml)
+[![CI](https://github.com/supabase/setup-cli/actions/workflows/ci.yml/badge.svg)](https://github.com/supabase/setup-cli/actions/workflows/ci.yml)
+[![E2E](https://github.com/supabase/setup-cli/actions/workflows/e2e.yml/badge.svg)](https://github.com/supabase/setup-cli/actions/workflows/e2e.yml)
 [![CodeQL](https://github.com/supabase/setup-cli/actions/workflows/codeql-analysis.yml/badge.svg)](https://github.com/supabase/setup-cli/actions/workflows/codeql-analysis.yml)
-[![Coverage](./badges/coverage.svg)](https://github.com/supabase/setup-cli/actions/workflows/test.yml)

 ## About

-This action sets up the Supabase CLI,
+This composite action sets up the Supabase CLI,
 [`supabase`](https://github.com/supabase/cli), on GitHub's hosted Actions
 runners. Other CI runners like
 [Bitbucket](https://bitbucket.org/supabase-cli/setup-cli/src/master/bitbucket-pipelines.yml)
@@ -25,23 +24,27 @@ Setup the `supabase` CLI:

 ```yaml
 steps:
-  - uses: supabase/setup-cli@v1
+  - uses: supabase/setup-cli@v2
 ```

+If `version` is omitted, the action checks the repository root for `bun.lock`,
+`pnpm-lock.yaml`, or `package-lock.json` and uses the declared `supabase`
+version. If no supported lockfile is present, it falls back to `latest`.
+
 A specific version of the `supabase` CLI can be installed:

 ```yaml
 steps:
-  - uses: supabase/setup-cli@v1
+  - uses: supabase/setup-cli@v2
    with:
-      version: 2.20.3
+      version: 2.84.2
 ```

 Run `supabase db start` to execute all migrations on a fresh database:

 ```yaml
 steps:
-  - uses: supabase/setup-cli@v1
+  - uses: supabase/setup-cli@v2
    with:
      version: latest
  - run: supabase init
@@ -53,11 +56,11 @@ on Windows and macOS runners.

 ## Inputs

-The actions supports the following inputs:
+The action supports the following inputs:

-| Name      | Type   | Description                        | Default  | Required |
-| --------- | ------ | ---------------------------------- | -------- | -------- |
-| `version` | String | Supabase CLI version (or `latest`) | `2.20.3` | false    |
+| Name      | Type   | Description                        | Default                           | Required |
+| --------- | ------ | ---------------------------------- | --------------------------------- | -------- |
+| `version` | String | Supabase CLI version (or `latest`) | Root lockfile version or `latest` | false    |

 ## Advanced Usage

@@ -65,7 +68,7 @@ Check generated TypeScript types are up-to-date with Postgres schema:

 ```yaml
 steps:
-  - uses: supabase/setup-cli@v1
+  - uses: supabase/setup-cli@v2
  - run: supabase init
  - run: supabase db start
  - name: Verify generated types match Postgres schema
@@ -87,59 +90,62 @@ env:
  # Retrieve <project-id> from dashboard url: https://app.supabase.com/project/<project-id>
  PROJECT_ID: <project-id>

- steps:
-   - uses: supabase/setup-cli@v1
-   - run: supabase link --project-ref $PROJECT_ID
-   - run: supabase db push
+steps:
+  - uses: supabase/setup-cli@v2
+  - run: supabase link --project-ref $PROJECT_ID
+  - run: supabase db push
+```
+
+Export local Supabase env vars for app tests:
+
+```yaml
+steps:
+  - uses: supabase/setup-cli@v2
+  - run: supabase init
+  - run: supabase start
+  - name: Export local Supabase env vars
+    run: |
+      # Customize the variable names as needed for your app.
+      supabase status -o env \
+        --override-name api.url=SUPABASE_URL \
+        --override-name auth.service_role_key=SUPABASE_SERVICE_ROLE_KEY \
+        >> .env.test
+  - run: bun test
 ```

 ## Develop

 After you've cloned the repository to your local machine or codespace, you'll
-need to perform some initial setup steps before you can develop your action.
+need to perform a few setup steps before you can work on the action.

 > [!NOTE]
 >
-> You'll need to have a reasonably modern version of
-> [Node.js](https://nodejs.org) handy (20.x or later should work!). If you are
-> using a version manager like [`nodenv`](https://github.com/nodenv/nodenv) or
-> [`fnm`](https://github.com/Schniz/fnm), this template has a `.node-version`
-> file at the root of the repository that can be used to automatically switch to
-> the correct version when you `cd` into the repository. Additionally, this
-> `.node-version` file is used by GitHub Actions in any `actions/setup-node`
-> actions.
+> You'll need a recent version of [Bun](https://bun.sh) for local development.
+> This repository includes a `.bun-version` file for tools that can auto-switch
+> Bun versions.

 1. :hammer_and_wrench: Install the dependencies

   ```bash
-   npm ci
-   ```
-
-1. :building_construction: Package the TypeScript for distribution
-
-   ```bash
-   npm run bundle
+   bun install
   ```

 1. :white_check_mark: Run the tests

   ```bash
-   $ npm test
-
-   PASS  ./index.test.js
-     ✓ gets download url to binary (3 ms)
-     ✓ runs main action (891 ms)
-
-   ...
+   bun test
   ```

-## Publish to a distribution branch
+1. :mag: Run the full local CI suite

-Actions are run from this GitHub repository so we will checkin the packed `dist`
-folder.
+   ```bash
+   bun run ci
+   ```
+
+## Publish

 1. Create a new GitHub release
-2. Rebase `v1` branch on `main`
+2. Rebase `v2` branch on `main`

 Your action is now published! :rocket:

@@ -148,14 +154,17 @@ See the

 ## Validate

-You can now validate the action by referencing `./` in a workflow in your
-repository (see [test.yml](.github/workflows/test.yml))
+Validate changes by exercising the action from a workflow in this repository
+(see [ci.yml](.github/workflows/ci.yml) and [e2e.yml](.github/workflows/e2e.yml)).

 ```yaml
-uses: ./
-with:
-  version: latest
+steps:
+  - uses: ./
+    with:
+      version: latest
 ```

-See the [actions tab](https://github.com/supabase/setup-cli/actions) for runs of
-this action! :rocket:
+The CI workflow provides fast smoke coverage across GitHub-hosted runners, and
+the E2E workflow verifies `supabase init` and `supabase start` against supported
+Postgres versions. See the [actions tab](https://github.com/supabase/setup-cli/actions)
+for recent runs.