Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

change to node20 for all actions #2006

Merged
merged 16 commits into from
Dec 13, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/actions/check-sarif/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,5 +16,5 @@ inputs:
Comma separated list of query ids that should NOT be included in this SARIF file.

runs:
using: node16
using: node20
main: index.js
5 changes: 4 additions & 1 deletion .github/update-release-branch.py
Original file line number Diff line number Diff line change
Expand Up @@ -255,10 +255,13 @@ def main():
print(f'No commits to merge from {source_branch} to {target_branch}.')
return

# define distinct prefix in order to support specific pr checks on backports
branch_prefix = 'update' if is_primary_release else 'backport'

# The branch name is based off of the name of branch being merged into
# and the SHA of the branch being merged from. Thus if the branch already
# exists we can assume we don't need to recreate it.
new_branch_name = f'update-v{version}-{source_branch_short_sha}'
new_branch_name = f'{branch_prefix}-v{version}-{source_branch_short_sha}'
print(f'Branch name is {new_branch_name}.')

# Check if the branch already exists. If so we can abort as this script
Expand Down
67 changes: 67 additions & 0 deletions .github/workflows/pr-checks.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,13 +15,39 @@ jobs:
runs-on: ubuntu-latest
timeout-minutes: 45

strategy:
matrix:
node-types-version: [16.11, current] # run tests on 16.11 while CodeQL Action v2 is still supported

steps:
- name: Checkout
uses: actions/checkout@v4

- name: Lint
run: npm run-script lint

- name: Update version of @types/node
if: matrix.node-types-version != 'current'
env:
NODE_TYPES_VERSION: ${{ matrix.node-types-version }}
run: |
# Export `NODE_TYPES_VERSION` so it's available to jq
export NODE_TYPES_VERSION="${NODE_TYPES_VERSION}"
contents=$(jq '.devDependencies."@types/node" = env.NODE_TYPES_VERSION' package.json)
echo "${contents}" > package.json
# Usually we run `npm install` on macOS to ensure that we pick up macOS-only dependencies.
# However we're not checking in the updated lockfile here, so it's fine to run
# `npm install` on Linux.
npm install

if [ ! -z "$(git status --porcelain)" ]; then
git config --global user.email "github-actions@github.com"
git config --global user.name "github-actions[bot]"
# The period in `git add --all .` ensures that we stage deleted files too.
git add --all .
git commit -m "Use @types/node=${NODE_TYPES_VERSION}"
fi

- name: Check generated JS
run: .github/workflows/script/check-js.sh

Expand Down Expand Up @@ -88,3 +114,44 @@ jobs:
# we won't be able to find them on Windows.
npm config set script-shell bash
npm test

check-node-version:
if: ${{ github.event.pull_request }}
name: Check Action Node versions
runs-on: ubuntu-latest
timeout-minutes: 45
env:
BASE_REF: ${{ github.base_ref }}

steps:
- uses: actions/checkout@v4
- id: head-version
name: Verify all Actions use the same Node version
run: |
NODE_VERSION=$(find . -name "action.yml" -exec yq -e '.runs.using' {} \; | grep node | sort | uniq)
echo "NODE_VERSION: ${NODE_VERSION}"
if [[ $(echo "$NODE_VERSION" | wc -l) -gt 1 ]]; then
echo "::error::More than one node version used in 'action.yml' files."
exit 1
fi
echo "node_version=${NODE_VERSION}" >> $GITHUB_OUTPUT

- id: checkout-base
name: 'Backport: Check out base ref'
if: ${{ startsWith(github.head_ref, 'backport-') }}
uses: actions/checkout@v4
with:
ref: ${{ env.BASE_REF }}

- name: 'Backport: Verify Node versions unchanged'
if: steps.checkout-base.outcome == 'success'
env:
HEAD_VERSION: ${{ steps.head-version.outputs.node_version }}
run: |
BASE_VERSION=$(find . -name "action.yml" -exec yq -e '.runs.using' {} \; | grep node | sort | uniq)
echo "HEAD_VERSION: ${HEAD_VERSION}"
echo "BASE_VERSION: ${BASE_VERSION}"
if [[ "$BASE_VERSION" != "$HEAD_VERSION" ]]; then
echo "::error::Cannot change the Node version of an Action in a backport PR."
exit 1
fi
2 changes: 1 addition & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ See the [releases page](https://github.com/github/codeql-action/releases) for th

## [UNRELEASED]

No user facing changes.
- [v3+ only] The CodeQL Action now runs on Node.js v20. [#2006](https://github.com/github/codeql-action/pull/2006)

## 2.22.10 - 12 Dec 2023

Expand Down
2 changes: 1 addition & 1 deletion analyze/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,6 @@ outputs:
sarif-id:
description: The ID of the uploaded SARIF file.
runs:
using: "node16"
using: node20
main: "../lib/analyze-action.js"
post: "../lib/analyze-action-post.js"
2 changes: 1 addition & 1 deletion autobuild/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,5 +13,5 @@ inputs:
$GITHUB_WORKSPACE as its working directory.
required: false
runs:
using: 'node16'
using: node20
main: '../lib/autobuild-action.js'
2 changes: 1 addition & 1 deletion init/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -109,6 +109,6 @@ outputs:
codeql-path:
description: The path of the CodeQL binary used for analysis
runs:
using: 'node16'
using: node20
main: '../lib/init-action.js'
post: '../lib/init-action-post.js'
6 changes: 3 additions & 3 deletions lib/autobuild.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion lib/codeql.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

24 changes: 12 additions & 12 deletions lib/init-action-post-helper.test.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading
Loading