mirror of
https://github.com/supabase/setup-cli.git
synced 2026-05-13 03:16:57 +00:00
2eca1b4d35
## Summary This PR prepares `supabase/setup-cli` for `v2.0.0`. The main goal of this release is to simplify the action and modernize the repo/tooling around a Bun-based implementation, while tightening workflows, tests, and documentation. ## What Changed ### Action runtime - switched the action from a Node/compiled `dist` runtime to a Bun-based composite action - removed the checked-in `dist/` output entirely - simplified the action source down to a single runtime file in `src/main.ts` - kept the public action interface the same: - `with.version` - `outputs.version` ### Tooling - switched package management and local tooling from npm to Bun - removed Rollup and the build step - replaced Jest with Bun’s native test runner - replaced Prettier with `oxfmt` - replaced ESLint with `oxlint` - enabled type-aware/type-check linting with `oxlint-tsgolint` - simplified TypeScript config to a single `tsconfig.json` extending `@tsconfig/bun` ### Tests - moved tests next to the runtime source - rewrote tests to focus on meaningful user-facing action behavior - added coverage for: - default entrypoint execution - latest version installs - legacy version installs - modern pinned version installs - failure when the installed CLI cannot report a version - action code coverage is now `100%` ### Workflows - renamed workflow files for clarity: - `test.yml` -> `ci.yml` - `start.yml` -> `e2e.yml` - updated workflow/job naming so required checks are clean and stable: - `CI` - `E2E` - `CodeQL` - `Licensed` - added aggregate PR-facing checks so branch protection does not need matrix legs - made CI and E2E skip heavy jobs on draft PRs - made E2E run automatically on ready PRs and new commits - simplified CodeQL config by removing the separate config file - updated action pins to current releases using commit SHAs - refined Dependabot for Bun-era updates and non-major auto-merge ### Docs - refreshed `README.md` and `docs/index.md` for the new v2 behavior - updated examples to use `@v2` - added a practical example for exporting local Supabase env vars after `supabase start` - removed stale references to old local/dev flows ## Breaking / Notable Changes - the action now runs as a Bun-based composite action instead of a prebuilt JavaScript action - no checked-in `dist/` artifacts anymore - self-hosted runners now need the prerequisites expected by the composite action path: - `bash` - network access to install Bun/dependencies and download the Supabase CLI ## Validation Verified locally with: - `bun run format:check` - `bun run lint` - `bun test` - `bun run ci` Also updated workflows and branch-protection-friendly check names so PR validation is cleaner going forward. ## Follow-up After merge, branch protection should require only: - `CI` - `E2E` - `CodeQL` - `Licensed` --------- Co-authored-by: licensed-ci <licensed-ci@users.noreply.github.com>
209 lines
5.5 KiB
TypeScript
209 lines
5.5 KiB
TypeScript
import { $, semver } from "bun";
|
|
import * as core from "@actions/core";
|
|
import * as tc from "@actions/tool-cache";
|
|
import { existsSync, readFileSync } from "node:fs";
|
|
import path from "node:path";
|
|
import { fileURLToPath } from "node:url";
|
|
|
|
export const CLI_CONFIG_REGISTRY = "SUPABASE_INTERNAL_IMAGE_REGISTRY";
|
|
const REGISTRY_VERSION = "1.28.0";
|
|
const DEFAULT_VERSION = "latest";
|
|
|
|
type BunLock = {
|
|
workspaces?: {
|
|
"": {
|
|
dependencies?: Record<string, string>;
|
|
devDependencies?: Record<string, string>;
|
|
};
|
|
};
|
|
packages?: Record<string, unknown>;
|
|
};
|
|
|
|
type PnpmDependency =
|
|
| string
|
|
| {
|
|
version?: string;
|
|
};
|
|
|
|
type PnpmLock = {
|
|
importers?: {
|
|
".": {
|
|
dependencies?: Record<string, PnpmDependency>;
|
|
devDependencies?: Record<string, PnpmDependency>;
|
|
};
|
|
};
|
|
};
|
|
|
|
type PackageLock = {
|
|
packages?: Record<string, { version?: string }>;
|
|
dependencies?: Record<string, { version?: string }>;
|
|
};
|
|
|
|
function getArchivePlatform(platform: NodeJS.Platform): string {
|
|
return platform === "win32" ? "windows" : platform;
|
|
}
|
|
|
|
function getArchiveArch(arch: NodeJS.Architecture): string {
|
|
return arch === "x64" ? "amd64" : arch;
|
|
}
|
|
|
|
function extractConcreteVersion(raw: string | undefined): string | null {
|
|
if (!raw) {
|
|
return null;
|
|
}
|
|
|
|
const match = raw.match(/\d+\.\d+\.\d+(?:-[0-9A-Za-z.-]+)?(?:\+[0-9A-Za-z.-]+)?/);
|
|
return match?.[0] ?? null;
|
|
}
|
|
|
|
function readWorkspaceLockfile(workspaceRoot: string, filename: string): string | null {
|
|
const filePath = path.join(workspaceRoot, filename);
|
|
|
|
if (!existsSync(filePath)) {
|
|
return null;
|
|
}
|
|
|
|
try {
|
|
return readFileSync(filePath, "utf8");
|
|
} catch {
|
|
return null;
|
|
}
|
|
}
|
|
|
|
function detectVersionFromBunLock(workspaceRoot: string): string | null {
|
|
const text = readWorkspaceLockfile(workspaceRoot, "bun.lock");
|
|
|
|
if (!text) {
|
|
return null;
|
|
}
|
|
|
|
try {
|
|
const lockfile = JSON.parse(text.replace(/,\s*([}\]])/g, "$1")) as BunLock;
|
|
const rootWorkspace = lockfile.workspaces?.[""];
|
|
const declaredVersion =
|
|
rootWorkspace?.dependencies?.supabase ?? rootWorkspace?.devDependencies?.supabase;
|
|
|
|
if (!declaredVersion) {
|
|
return null;
|
|
}
|
|
|
|
const resolvedPackage = lockfile.packages?.supabase;
|
|
if (Array.isArray(resolvedPackage) && typeof resolvedPackage[0] === "string") {
|
|
return extractConcreteVersion(resolvedPackage[0]);
|
|
}
|
|
|
|
return extractConcreteVersion(declaredVersion);
|
|
} catch {
|
|
return null;
|
|
}
|
|
}
|
|
|
|
function detectVersionFromPnpmLock(workspaceRoot: string): string | null {
|
|
const text = readWorkspaceLockfile(workspaceRoot, "pnpm-lock.yaml");
|
|
|
|
if (!text) {
|
|
return null;
|
|
}
|
|
|
|
try {
|
|
const lockfile = Bun.YAML.parse(text) as PnpmLock;
|
|
const rootImporter = lockfile.importers?.["."];
|
|
const dependency =
|
|
rootImporter?.dependencies?.supabase ?? rootImporter?.devDependencies?.supabase;
|
|
|
|
if (typeof dependency === "string") {
|
|
return extractConcreteVersion(dependency);
|
|
}
|
|
|
|
return extractConcreteVersion(dependency?.version);
|
|
} catch {
|
|
return null;
|
|
}
|
|
}
|
|
|
|
function detectVersionFromPackageLock(workspaceRoot: string): string | null {
|
|
const text = readWorkspaceLockfile(workspaceRoot, "package-lock.json");
|
|
|
|
if (!text) {
|
|
return null;
|
|
}
|
|
|
|
try {
|
|
const lockfile = JSON.parse(text) as PackageLock;
|
|
|
|
return (
|
|
extractConcreteVersion(lockfile.packages?.["node_modules/supabase"]?.version) ??
|
|
extractConcreteVersion(lockfile.dependencies?.supabase?.version)
|
|
);
|
|
} catch {
|
|
return null;
|
|
}
|
|
}
|
|
|
|
function resolveVersion(inputVersion: string): string {
|
|
const requestedVersion = inputVersion.trim();
|
|
|
|
if (requestedVersion) {
|
|
return requestedVersion;
|
|
}
|
|
|
|
const workspaceRoot = process.env.GITHUB_WORKSPACE?.trim();
|
|
|
|
if (!workspaceRoot) {
|
|
return DEFAULT_VERSION;
|
|
}
|
|
|
|
return (
|
|
detectVersionFromBunLock(workspaceRoot) ??
|
|
detectVersionFromPnpmLock(workspaceRoot) ??
|
|
detectVersionFromPackageLock(workspaceRoot) ??
|
|
DEFAULT_VERSION
|
|
);
|
|
}
|
|
|
|
export function getDownloadUrl(version: string): string {
|
|
const platform = getArchivePlatform(process.platform);
|
|
const arch = getArchiveArch(process.arch);
|
|
const filename = `supabase_${platform}_${arch}.tar.gz`;
|
|
|
|
if (version.toLowerCase() === "latest") {
|
|
return `https://github.com/supabase/cli/releases/latest/download/${filename}`;
|
|
}
|
|
|
|
if (semver.order(version, REGISTRY_VERSION) === -1) {
|
|
return `https://github.com/supabase/cli/releases/download/v${version}/supabase_${version}_${platform}_${arch}.tar.gz`;
|
|
}
|
|
|
|
return `https://github.com/supabase/cli/releases/download/v${version}/${filename}`;
|
|
}
|
|
|
|
export async function determineInstalledVersion(cliPath: string): Promise<string> {
|
|
const version = (await $`${path.join(cliPath, "supabase")} --version`.text()).trim();
|
|
if (!version) {
|
|
throw new Error("Could not determine installed Supabase CLI version");
|
|
}
|
|
|
|
return version;
|
|
}
|
|
|
|
export async function run(): Promise<void> {
|
|
try {
|
|
const version = resolveVersion(core.getInput("version"));
|
|
const tarball = await tc.downloadTool(getDownloadUrl(version));
|
|
const cliPath = await tc.extractTar(tarball);
|
|
const installedVersion = await determineInstalledVersion(cliPath);
|
|
core.setOutput("version", installedVersion);
|
|
core.addPath(cliPath);
|
|
|
|
if (version.toLowerCase() === "latest" || semver.order(version, REGISTRY_VERSION) >= 0) {
|
|
core.exportVariable(CLI_CONFIG_REGISTRY, "ghcr.io");
|
|
}
|
|
} catch (error) {
|
|
core.setFailed(error instanceof Error ? error.message : String(error));
|
|
}
|
|
}
|
|
|
|
if (process.argv[1] === fileURLToPath(import.meta.url)) {
|
|
void run();
|
|
}
|