mirror of
https://github.com/jdx/mise-action.git
synced 2026-07-02 17:49:30 +00:00
feat: download mise without requiring curl
Replace curl with @actions/tool-cache downloadTool/extractTar/extractZip for the mise binary, and use @actions/http-client for the latest-version check. This drops the curl (and explicit unzip) runtime requirement, so the action works on clean runners such as bare alpine. Also includes a pre-existing mise.lock provenance update. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
parent
5f61b63aff
commit
2db43f9848
8 changed files with 627 additions and 240 deletions
2
.github/workflows/test.yml
vendored
2
.github/workflows/test.yml
vendored
|
|
@ -39,7 +39,7 @@ jobs:
|
|||
- name: alpine
|
||||
runs-on: ubuntu-latest
|
||||
container: alpine:3.22@sha256:310c62b5e7ca5b08167e4384c68db0fd2905dd9c7493756d356e893909057601
|
||||
requirements: apk add --no-cache curl bash
|
||||
requirements: apk add --no-cache bash
|
||||
name: ${{ matrix.name }}
|
||||
runs-on: ${{ matrix.runs-on }}
|
||||
container: ${{ matrix.container }}
|
||||
|
|
|
|||
774
dist/index.js
generated
vendored
774
dist/index.js
generated
vendored
File diff suppressed because it is too large
Load diff
2
dist/index.js.map
generated
vendored
2
dist/index.js.map
generated
vendored
File diff suppressed because one or more lines are too long
22
dist/licenses.txt
generated
vendored
22
dist/licenses.txt
generated
vendored
|
|
@ -1582,6 +1582,28 @@ License Text:
|
|||
|
||||
---
|
||||
|
||||
Name: @actions/tool-cache
|
||||
Version: 4.0.0
|
||||
License: MIT
|
||||
Private: false
|
||||
Description: Actions tool-cache lib
|
||||
Repository: git+https://github.com/actions/toolkit.git
|
||||
Homepage: https://github.com/actions/toolkit/tree/main/packages/tool-cache
|
||||
License Text:
|
||||
===
|
||||
|
||||
The MIT License (MIT)
|
||||
|
||||
Copyright 2019 GitHub
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
||||
|
||||
---
|
||||
|
||||
Name: handlebars
|
||||
Version: 4.7.9
|
||||
License: MIT
|
||||
|
|
|
|||
|
|
@ -69,6 +69,7 @@ url_api = "https://api.github.com/repos/jdx/communique/releases/assets/405964691
|
|||
checksum = "sha256:459993e31a6c4ccbd09882f5679a2bc1ea5d9068701ecefc411a00fb69ce82e6"
|
||||
url = "https://github.com/jdx/communique/releases/download/v1.1.2/communique-aarch64-apple-darwin.tar.gz"
|
||||
url_api = "https://api.github.com/repos/jdx/communique/releases/assets/405964098"
|
||||
provenance = "github-attestations"
|
||||
|
||||
[tools.communique."platforms.windows-x64"]
|
||||
checksum = "sha256:3cc0e880ac2168aed3163223627bbd1eee62e07a9901cb85cb507c6c8927bc93"
|
||||
|
|
|
|||
15
package-lock.json
generated
15
package-lock.json
generated
|
|
@ -13,7 +13,9 @@
|
|||
"@actions/core": "^3.0.0",
|
||||
"@actions/exec": "^3.0.0",
|
||||
"@actions/glob": "^0.7.0",
|
||||
"@actions/http-client": "^4.0.0",
|
||||
"@actions/io": "^3.0.0",
|
||||
"@actions/tool-cache": "^4.0.0",
|
||||
"@types/handlebars": "^4.0.40",
|
||||
"handlebars": "^4.7.8"
|
||||
},
|
||||
|
|
@ -139,6 +141,19 @@
|
|||
"integrity": "sha512-nRBchcMM+QK1pdjO7/idu86rbJI5YHUKCvKs0KxnSYbVe3F51UfGxuZX4Qy/fWlp6l7gWFwIkrOzN+oUK03kfw==",
|
||||
"license": "MIT"
|
||||
},
|
||||
"node_modules/@actions/tool-cache": {
|
||||
"version": "4.0.0",
|
||||
"resolved": "https://registry.npmjs.org/@actions/tool-cache/-/tool-cache-4.0.0.tgz",
|
||||
"integrity": "sha512-L8P9HbXvpvqjZDveb/fdsa55IVC0trfPgQ4ZwGo6r5af6YDVdM9vMGPZ7rgY2fAT9gGj4PSYd6bYlg3p3jD78A==",
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"@actions/core": "^3.0.0",
|
||||
"@actions/exec": "^3.0.0",
|
||||
"@actions/http-client": "^4.0.0",
|
||||
"@actions/io": "^3.0.0",
|
||||
"semver": "^7.7.3"
|
||||
}
|
||||
},
|
||||
"node_modules/@azure/abort-controller": {
|
||||
"version": "2.1.2",
|
||||
"resolved": "https://registry.npmjs.org/@azure/abort-controller/-/abort-controller-2.1.2.tgz",
|
||||
|
|
|
|||
|
|
@ -34,7 +34,9 @@
|
|||
"@actions/core": "^3.0.0",
|
||||
"@actions/exec": "^3.0.0",
|
||||
"@actions/glob": "^0.7.0",
|
||||
"@actions/http-client": "^4.0.0",
|
||||
"@actions/io": "^3.0.0",
|
||||
"@actions/tool-cache": "^4.0.0",
|
||||
"@types/handlebars": "^4.0.40",
|
||||
"handlebars": "^4.7.8"
|
||||
},
|
||||
|
|
|
|||
49
src/index.ts
49
src/index.ts
|
|
@ -3,6 +3,8 @@ import * as io from '@actions/io'
|
|||
import * as core from '@actions/core'
|
||||
import * as exec from '@actions/exec'
|
||||
import * as glob from '@actions/glob'
|
||||
import * as tc from '@actions/tool-cache'
|
||||
import * as httpm from '@actions/http-client'
|
||||
import * as crypto from 'crypto'
|
||||
import * as fs from 'fs'
|
||||
import * as os from 'os'
|
||||
|
|
@ -67,8 +69,9 @@ async function run(): Promise<void> {
|
|||
// etc.) don't silently send the runner's OIDC token to
|
||||
// a third-party cache without explicit consent.
|
||||
//
|
||||
// Note: `setupMise` fetches the mise binary itself with
|
||||
// `curl`, which doesn't go through mise's HTTP layer —
|
||||
// Note: `setupMise` downloads the mise binary itself over
|
||||
// HTTP (via `@actions/tool-cache`), which doesn't go
|
||||
// through mise's HTTP layer —
|
||||
// the wings rewriter only kicks in once the resulting
|
||||
// mise binary runs `mise install` and friends. Ordering
|
||||
// here is irrelevant for binary acceleration; we just
|
||||
|
|
@ -340,20 +343,23 @@ async function setupMise(
|
|||
})
|
||||
break
|
||||
}
|
||||
case '.tar.zst':
|
||||
await exec.exec('sh', [
|
||||
'-c',
|
||||
`curl -fsSL ${url} | tar --zstd -xf - -C ${os.tmpdir()} && mv ${os.tmpdir()}/mise/bin/mise ${miseBinPath}`
|
||||
case '.tar.zst': {
|
||||
const archivePath = await tc.downloadTool(url)
|
||||
const extractDir = await tc.extractTar(archivePath, undefined, [
|
||||
'--zstd',
|
||||
'-x'
|
||||
])
|
||||
await io.mv(path.join(extractDir, 'mise', 'bin', 'mise'), miseBinPath)
|
||||
break
|
||||
case '.tar.gz':
|
||||
await exec.exec('sh', [
|
||||
'-c',
|
||||
`curl -fsSL ${url} | tar -xzf - -C ${os.tmpdir()} && mv ${os.tmpdir()}/mise/bin/mise ${miseBinPath}`
|
||||
])
|
||||
}
|
||||
case '.tar.gz': {
|
||||
const archivePath = await tc.downloadTool(url)
|
||||
const extractDir = await tc.extractTar(archivePath)
|
||||
await io.mv(path.join(extractDir, 'mise', 'bin', 'mise'), miseBinPath)
|
||||
break
|
||||
}
|
||||
default:
|
||||
await exec.exec('sh', ['-c', `curl -fsSL ${url} > ${miseBinPath}`])
|
||||
await tc.downloadTool(url, miseBinPath)
|
||||
await exec.exec('chmod', ['+x', miseBinPath])
|
||||
break
|
||||
}
|
||||
|
|
@ -402,9 +408,9 @@ async function withExtractedZip(
|
|||
const archivePath = path.join(tempDir, archiveName)
|
||||
const extractDir = path.join(tempDir, 'extract')
|
||||
|
||||
await exec.exec('curl', ['-fsSL', url, '--output', archivePath])
|
||||
await exec.exec('unzip', [archivePath, '-d', extractDir])
|
||||
await fn(extractDir)
|
||||
await tc.downloadTool(url, archivePath)
|
||||
const extracted = await tc.extractZip(archivePath, extractDir)
|
||||
await fn(extracted)
|
||||
} finally {
|
||||
await io.rmRF(tempDir)
|
||||
}
|
||||
|
|
@ -480,11 +486,14 @@ async function zstdInstalled(): Promise<boolean> {
|
|||
}
|
||||
|
||||
async function latestMiseVersion(): Promise<string> {
|
||||
const rsp = await exec.getExecOutput('curl', [
|
||||
'-fsSL',
|
||||
'https://mise.jdx.dev/VERSION'
|
||||
])
|
||||
return rsp.stdout.trim()
|
||||
const http = new httpm.HttpClient('mise-action')
|
||||
const rsp = await http.get('https://mise.jdx.dev/VERSION')
|
||||
if (rsp.message.statusCode !== 200) {
|
||||
throw new Error(
|
||||
`Failed to fetch latest mise version: ${rsp.message.statusCode} ${rsp.message.statusMessage}`
|
||||
)
|
||||
}
|
||||
return (await rsp.readBody()).trim()
|
||||
}
|
||||
|
||||
async function setToolVersions(): Promise<void> {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue