Updating Semgrep.yml file - Semgrep is a tool that will be used to scan Cloudflare's public repos for Supply chain, code and secrets. This work is part of Application & Product Security team's initiative to onboard Semgrep onto all of Cloudflare's public repos.
In case of any questions, please reach out to "Hrushikesh Deshpande" on cf internal chat.
* (feat): Check for existing wrangler installation
* Add test for pre-installed wrangler
* Add changeset
* Address CR comments - check for an exact wrangler version match
* Tweak the fixture test for the pre-installed-wrangler test
* Simplify if/else logic for checking wrangler versions as per review notes
* fix(test): Fix execution for fake wrangler installation
* fixup! fix(test): Fix execution for fake wrangler installation
* Setup new CI test convention for wrangler-action
* Remove unncessary ts-expect-error comments
---------
Co-authored-by: Peter Bacon Darwin <pbacondarwin@cloudflare.com>
Currently our release process is kicked off whenever a PR is merged and there are no changesets within the `.changeset` directory. Typically this happens when we intend to publish a release, just after we merge a "Version Packages" PR which removes the changesets and adds the entries to our changelog.
However, this also means that merging any PR without user-facing changes during the period after we've made a release will trigger another release (which luckily fails because the created tag already exists on the remote. See #184).
This change avoids that scenario by fetching tags when checking out the repo. Now when `npx changeset tag` runs, it will see that the tag already exists and skip creating it (`🦋 Skipping tag (already exists): v3.3.2`). The `git push --tags` step will no longer throw an error ("Everything up-to-date"). And lastly, the publish step won't get triggered because the output from `npx changeset tag` doesn't contain the string `"New tag:"`. The action should just finish successfully with nothing to left do.
Fixes#184
Some of the stderr, stdout, info & groupings can be a little noisy for some users and use cases.
This feature allows for a option to be passed 'quiet: true' this would significantly reduce the noise.
There will still be output that lets the user know Wrangler Installed and Wrangler Action completed successfully.
Any failure status will still be output to the user as well, to prevent silent failures.
resolves#142
Utilizing build & tag action to automate the deps and build steps for releasing the Action. Additionally using NCC for the build process to easy compile the deps into a small executable with the JS file.
* Removes dependencies such as Docker, decreasing spin-up time
* Adds community-requested features, including bulk secrets API utilization from Wrangler
* Fixes CI/CD
* Adds testing
* Improves command implementation
* Begins using Node for the Action engine/runner
* Openly discusses all changes with the community
GitHub Discussions opened and Issues monitored
BREAKING CHANGES:
* Docker is no longer a dependency
* Wrangler v1 is no longer supported
Additional related Internal tickets:
Major Version Default: https://jira.cfdata.org/browse/DEVX-632
Rewrite Project: DEVX-804,802,800,632
- Support `apiToken` as an authentication method
- Deprecates `apiKey` and `email`, making them optional parameters and encouraging `apiToken` usage in build logs
- Support `wranglerVersion` for installing a specific Wrangler version for your build
- Per #7, support for `workingDirectory` to run `wrangler-action` in a specific directory in your repo
- Adds a test Workers project under the `test` directory. This is used in the repo's new set of workflows (see below)
- Adds a GitHub Action workflow that:
- Lints `entrypoint.sh` to ensure that the shell script looks correct
- Runs the action with various config options to ensure future pushes don't introduce regressions
