Maintenance (#96)

* bumps `actions/checkout` to `v4` * bumps base Packer versions to `1.10` * docs update * package-lock maintenance * updates examples * updates deps * updates example Packer file with new key `bucket_labels` instead of `labels` * adds external plugin for testing * updates copywrite config * install `ncc` globally instead of via `devDeps`
hashicorp · May 4, 2024 · 60dc5f3 · 60dc5f3
1 parent d38faf1
commit 60dc5f3
Show file tree

Hide file tree

Showing 17 changed files with 12,987 additions and 15,233 deletions.
diff --git a/.copywrite.hcl b/.copywrite.hcl
@@ -4,7 +4,12 @@
 schema_version = 1
 
 project {
-  header_ignore = [
-    "dist/index.js"
+    license          = "Apache-2.0"
+    copyright_holder = "HashiCorp, Inc."
+    copyright_year   = 2022
+
+    header_ignore = [
+        "dist/*",
+        "node_modules/",
   ]
 }
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,15 @@
+version: 2
+
+updates:
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+
+  # Dependabot only updates HashiCorp GHAs, external GHAs are managed by internal tooling (tsccr)
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    allow:
+      - dependency-name: "hashicorp/*"
diff --git a/.github/workflows/actions-self-test.yml b/.github/workflows/actions-self-test.yml
@@ -1,18 +1,20 @@
+---
+
 name: "GitHub Action: Self-Test"
 
 on:
   push:
 
 env:
-  PRODUCT_VERSION: "1.8.6"
+  PRODUCT_VERSION: "1.10.0"
 
 jobs:
   setup-packer:
     name: Test `setup-packer`
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+        uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
 
       - name: Setup `packer` (using local GitHub Action)
         uses: "./"

diff --git a/.github/workflows/compliance.yml b/.github/workflows/compliance.yml
@@ -0,0 +1,25 @@
+---
+
+name: "HashiCorp: Compliance"
+
+on:
+  push:
+
+permissions:
+  contents: read
+
+jobs:
+  copywrite:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
+        with:
+          # Full git history is needed to get a proper list of changed files within `super-linter`
+          fetch-depth: 0
+
+      - uses: hashicorp/setup-copywrite@867a1a2a064a0626db322392806428f7dc59cb3e # v1.1.2
+
+      - run: copywrite headers --plan
+
+      - run: copywrite license --plan
diff --git a/.github/workflows/superlinter.yml b/.github/workflows/superlinter.yml
@@ -1,4 +1,5 @@
 ---
+
 name: "Code Quality: Super-Linter"
 
 on:
@@ -10,7 +11,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Repository
-        uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+        uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
         with:
           # Full git history is needed to get a proper list of changed files within `super-linter`
           fetch-depth: 0

diff --git a/.github/workflows/typescript.yml b/.github/workflows/typescript.yml
@@ -1,4 +1,5 @@
 ---
+
 name: "Code Quality: TypeScript"
 
 on:
@@ -9,6 +10,9 @@ jobs:
     name: Node.js
     runs-on: ubuntu-latest
 
+    env:
+      PACKAGES: "@vercel/ncc prettier"
+
     strategy:
       # see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstrategyfail-fast
       fail-fast: false
@@ -23,13 +27,19 @@ jobs:
           fetch-depth: 1
 
       - name: Set up Node.js
-        uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # v3.8.1
+        uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
         with:
           node-version: ${{ matrix.node-version }}
           cache: 'npm'
 
-      - name: Install NPM Packages
-        run: npm ci
+      - name: Install global NPM packages
+        run: npm install --global ${PACKAGES}
+
+      - name: Install Action-specific NPM Packages
+        run: npm install-clean
 
       - name: Build TypeScript code
-        run: npm run build
+        run: |
+          npm run-script fmt \
+          && \
+          npm run-script build
diff --git a/CHANGELOG.md b/CHANGELOG.md
diff --git a/LICENSE b/LICENSE
@@ -1,4 +1,4 @@
-Copyright (c) 2020 HashiCorp, Inc.
+Copyright (c) 2022 HashiCorp, Inc.
 
                                  Apache License
                            Version 2.0, January 2004

diff --git a/README.md b/README.md
@@ -7,13 +7,13 @@ The `hashicorp/setup-packer` Action sets up the [Packer](https://www.packer.io)
 ## Table of Contents
 
 <!-- TOC -->
-* [GitHub Action: `setup-packer`](#github-action--setup-packer)
+* [GitHub Action: `setup-packer`](#github-action-setup-packer)
   * [Table of Contents](#table-of-contents)
   * [Requirements](#requirements)
   * [Usage](#usage)
   * [Inputs](#inputs)
   * [Outputs](#outputs)
-  * [Integrating with HCP Packer](#Integrating-with-HCP-Packer)
+  * [Integrating with HCP Packer](#integrating-with-hcp-packer)
   * [Author Information](#author-information)
   * [License](#license)
 <!-- TOC -->
@@ -28,7 +28,7 @@ Other [environment variables](https://developer.hashicorp.com/packer/docs/comman
 
 ## Usage
 
-1.) Create a GitHub Actions Workflow file (e.g.: `.github/workflows/packer.yml`):
+Create a GitHub Actions Workflow file (e.g.: `.github/workflows/packer.yml`):
 
 ```yaml
 name: packer
@@ -37,15 +37,15 @@ on:
   push:
 
 env:
-  PRODUCT_VERSION: "1.8.6" # or: "latest"
+  PRODUCT_VERSION: "1.10.0" # or: "latest"
 
 jobs:
   packer:
     runs-on: ubuntu-latest
     name: Run Packer
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Setup `packer`
         uses: hashicorp/setup-packer@main
@@ -66,8 +66,8 @@ In the above example, the following definitions have been set.
 
 - The event trigger has been set to `push`. For a complete list, see [Events that trigger workflows](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows).
 - The origin of this GitHub Action has been set as `hashicorp/setup-packer@main`. For newer versions, see the [Releases](https://github.com/hashicorp/setup-packer/releases).
-- The version of `packer` to set up has been set as `1.8.6`. For a complete list, see [releases.hashicorp.com](https://releases.hashicorp.com/packer/).
-- The Packer manifest to interact with has been set as `./image.pkr.hcl`
+- The version of `packer` to set up has been set as `1.10.0`. For a complete list, see [releases.hashicorp.com](https://releases.hashicorp.com/packer/).
+- The Packer manifest to interact with has been set as `./image.pkr.hcl`.
 
 These definitions may require updating to suit your deployment, such as specifying [self-hosted](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#choosing-self-hosted-runners) runners.
 
@@ -79,18 +79,24 @@ This section contains a list of all inputs that may be set for this Action.
 
 - `version` - The version of `packer` to install. Defaults to `latest` if unset.
 
+> [!NOTE]
+> To retrieve the `latest` version, this GitHub Action polls the HashiCorp [Releases API](https://api.releases.hashicorp.com/v1/releases/packer) and finds the latest released version of Packer that isn't marked as a pre-release (`is_prerelease`).
+
 ## Outputs
 
 This section contains a list of all outputs that can be consumed from this Action.
 
 - `version` -  The version of `packer` that was installed.
 
 ## Integrating with HCP Packer
+
 To integrate with HCP Packer, add your HCP Client ID and HCP Client secret as environment variables to the Packer build call.
 
 We add an `HCP_PACKER_BUILD_FINGERPRINT` in this example that is based on the workflow run ID, that way it is always unique
 
-We recommend storing these in [GitHub Actions Secrets](https://docs.github.com/en/actions/security-guides/encrypted-secrets#creating-encrypted-secrets-for-a-repository) (as opposed to plain-text). See the [HCP Packer Getting Started tutorial](https://developer.hashicorp.com/packer/tutorials/hcp-get-started/hcp-push-image-metadata)
+We recommend storing these in [GitHub Actions Secrets](https://docs.github.com/en/actions/security-guides/encrypted-secrets#creating-encrypted-secrets-for-a-repository) (as opposed to plain-text).
+
+For more information on using HCP Packer, see the [Getting Started tutorial](https://developer.hashicorp.com/packer/tutorials/hcp-get-started/hcp-push-image-metadata).
 
 ```yaml
 name: hcp-packer
@@ -104,15 +110,18 @@ jobs:
     name: Run Packer
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
+
       - name: Setup `packer`
         uses: hashicorp/setup-packer@main
         id: setup
         with:
           version: "latest"
+
       - name: Run `packer init`
         id: init
         run: "packer init ./image.pkr.hcl"
+
       - name: Run `packer validate`
         id: validate
         run: "packer validate ./image.pkr.hcl"