Tooling improvements (#34)

* feat: update tsconfig, uninstall vercel/ncc package and use tsc to build project

* feat: install 1password/front-end-style and configure Prettier

* feat: configure ESLint and fix lint errors

* build(deps): update types/node package to latest version

* feat: configure Jest

* feat: add 'validate' script to run formatting/linting/testing/building all together

* build: rebuild the dist/index.js file

* feat: make NPM scripts more granular

* refactor: make it clearer that Prettier config is being loaded from an existing dependency

* feat: add Husky and lint-staged to run pre-commit and pre-push checks

* fix: lint-staged testing step and Jest config file

* build(deps): update types/node package to latest version

* refactor: remove findrelated test script

* fix: move tsconfig.json to root directory, reinstall vercel/ncc for building

* fix: call to run function in index.ts

* build: rebuild the dist/index.js file

* fix: replace CommonJS __dirname with an ESModule equivalent

* fix: ignore config/.husky during ShellCheck

* fix: ignore .husky directory during ShellCheck

* fix: update lint.yml config to match ShellCheck README.md

* fix: remove coveragePathIgnorePatterns option from Jest config since node_modules is already the default value

* refactor: use './' prefix to refer to folders in the current directory in tsconfig.json

* fix: handle edge case where Error constructor is modified and add comments for context

* feat: bump package.json version to 1.2.0 to match current release

* fix: update lint.yml to use ShellCheck 2.0.0 exact version

* build(deps): update types/node package to latest version

* fix: update package-lock.json version 1.2.0

* feat: remove pre-commit and pre-push NPM scripts to simplify package.json

* fix: remove empty 'Default' column from 'configure Action Inputs' table

* fix: change the default values in action.yml to strings as per YAML validation

.github/workflows/lint.yml

@@ -5,6 +5,9 @@ jobs:
   lint:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - name: ShellCheck
-        uses: ludeeus/action-shellcheck@1.1.0
+      - uses: actions/checkout@v3
+      - name: Run ShellCheck
+        uses: ludeeus/action-shellcheck@2.0.0
+        with:
+          ignore_paths: >-
+            .husky

.gitignore

@@ -1 +1,2 @@
+coverage/
 node_modules/

README.md

@@ -6,7 +6,6 @@ Specify in your workflow YAML file which secrets from 1Password should be loaded
 
 Read more on the [1Password Developer Portal](https://developer.1password.com/docs/ci-cd/github-actions).
 
-
 ## Requirements
 
 Before you get started, you'll need to:
@@ -16,7 +15,6 @@ Before you get started, you'll need to:
 
 _Supported runners_: You can run the action on Mac and Linux runners. Windows is currently not supported.
 
-
 ## Usage
 
 You can configure the action to use your 1Password Connect instance.
@@ -224,7 +222,7 @@ So if one of these values accidentally gets printed, it'll get replaced with `**
 ## 1Password Configuration
 
 To use the action with Connect, you need to have a [1Password Connect](https://support.1password.com/secrets-automation/#step-1-set-up-a-secrets-automation-workflow) instance deployed somewhere.
-To configure the action with your Connect host and token, set the `OP_CONNECT_HOST` and `OP_CONNECT_TOKEN` environment variables.  
+To configure the action with your Connect host and token, set the `OP_CONNECT_HOST` and `OP_CONNECT_TOKEN` environment variables.
 
 If you're using the `load-secrets` action more than once in a single job, you can use the `configure` action to avoid duplicate configuration:
 
@@ -249,10 +247,10 @@ jobs:
 
 ### `configure` Action Inputs
 
-| Name                    | Default | Environment variable       | Description                                              |
-| ----------------------- | ------- | -------------------------- | -------------------------------------------------------- |
-| `connect-host`          |         | `OP_CONNECT_HOST`          | Your 1Password Connect instance URL                      |
-| `connect-token`         |         | `OP_CONNECT_TOKEN`         | Token to authenticate to your 1Password Connect instance |
+| Name            | Environment variable | Description                                              |
+| --------------- | -------------------- | -------------------------------------------------------- |
+| `connect-host`  | `OP_CONNECT_HOST`    | Your 1Password Connect instance URL                      |
+| `connect-token` | `OP_CONNECT_TOKEN`   | Token to authenticate to your 1Password Connect instance |
 
 ## Supported Runners
 

action.yml

@@ -7,10 +7,10 @@ branding:
 inputs:
   unset-previous:
     description: Whether to unset environment variables populated by 1Password in earlier job steps
-    default: false
+    default: "false"
   export-env:
     description: Export the secrets as environment variables
-    default: true
+    default: "true"
 runs:
-  using: 'node16'
-  main: 'dist/index.js'
+  using: "node16"
+  main: "dist/index.js"

config/.husky/pre-commit

@@ -0,0 +1,4 @@
+#!/usr/bin/env sh
+. "$(dirname -- "$0")/_/husky.sh"
+
+npx lint-staged --config ./config/lint-staged.config.js

config/.husky/pre-push

@@ -0,0 +1,4 @@
+#!/usr/bin/env sh
+. "$(dirname -- "$0")/_/husky.sh"
+
+npm run validate

config/.prettierignore

@@ -0,0 +1,3 @@
+coverage/
+dist/
+node_modules/

config/jest.config.js

@@ -0,0 +1,19 @@
+const jestConfig = {
+	/**
+	 * Jest docs: "We recommend placing the extensions most commonly used in your project
+	 *             on the left, so if you are using TypeScript, you may want to consider
+	 *             moving 'ts' to the beginning of the array."
+	 *
+	 * https://jestjs.io/docs/configuration#modulefileextensions-arraystring
+	 */
+	moduleFileExtensions: ["ts", "js", "json"],
+	rootDir: "../src/",
+	testEnvironment: "node",
+	testRegex: "(/__tests__/.*|(\\.|/)test)\\.ts",
+	transform: {
+		".ts": ["ts-jest"],
+	},
+	verbose: true,
+};
+
+export default jestConfig;

config/lint-staged.config.js

@@ -0,0 +1,9 @@
+const lintStagedConfig = {
+	// run formatting and linting on all supported file types
+	"*.{js,json,md,ts,yaml,yml}": "npm run format:write",
+	"*.{js,ts}": ["npm run lint:fix"],
+	// run testing on all supported file types within the src/ directory
+	"src/**/*.{js,ts}": ["npm run test -- --findRelatedTests"],
+};
+
+export default lintStagedConfig;

dist/package.json

@@ -0,0 +1,3 @@
+{
+  "type": "module"
+}

package.json

@@ -1,37 +1,66 @@
 {
-  "name": "load-secrets-action",
-  "version": "1.1.0",
-  "description": "Load Secrets from 1Password",
-  "main": "dist/index.js",
-  "directories": {
-    "test": "tests"
-  },
-  "scripts": {
-    "build": "ncc build src/index.ts"
-  },
-  "repository": {
-    "type": "git",
-    "url": "git+https://github.com/1Password/load-secrets-action.git"
-  },
-  "keywords": [
-    "actions",
-    "1password",
-    "load secrets",
-    "connect"
-  ],
-  "author": "1Password",
-  "license": "MIT",
-  "bugs": {
-    "url": "https://github.com/1Password/load-secrets-action/issues"
-  },
-  "homepage": "https://github.com/1Password/load-secrets-action#readme",
-  "dependencies": {
-    "@actions/core": "^1.10.0",
-    "@actions/exec": "^1.1.1"
-  },
-  "devDependencies": {
-    "@types/node": "^18.14.2",
-    "@vercel/ncc": "^0.36.1",
-    "typescript": "^4.9.5"
-  }
+	"name": "load-secrets-action",
+	"version": "1.2.0",
+	"description": "Load Secrets from 1Password",
+	"type": "module",
+	"main": "dist/index.js",
+	"directories": {
+		"test": "tests"
+	},
+	"scripts": {
+		"build": "ncc build ./src/index.ts",
+		"format": "prettier --ignore-path ./config/.prettierignore",
+		"format:check": "npm run format -- --check ./",
+		"format:write": "npm run format -- --write ./",
+		"lint": "eslint ./",
+		"lint:fix": "npm run lint -- --fix",
+		"prepare": "husky install ./config/.husky",
+		"test": "jest --config=./config/jest.config.js",
+		"test:clearcache": "jest --clearCache",
+		"test:coverage": "npm run test -- --coverage",
+		"test:watch": "npm run test -- --watch",
+		"typecheck": "tsc",
+		"validate": "npm run format:check && npm run lint && npm run test:coverage && npm run typecheck && npm run build"
+	},
+	"repository": {
+		"type": "git",
+		"url": "git+https://github.com/1Password/load-secrets-action.git"
+	},
+	"keywords": [
+		"actions",
+		"1password",
+		"load secrets",
+		"connect"
+	],
+	"author": "1Password",
+	"license": "MIT",
+	"bugs": {
+		"url": "https://github.com/1Password/load-secrets-action/issues"
+	},
+	"homepage": "https://github.com/1Password/load-secrets-action#readme",
+	"dependencies": {
+		"@actions/core": "^1.10.0",
+		"@actions/exec": "^1.1.1"
+	},
+	"devDependencies": {
+		"@1password/front-end-style": "^6.0.1",
+		"@types/jest": "^29.5.0",
+		"@types/node": "^18.15.10",
+		"@vercel/ncc": "^0.36.1",
+		"husky": "^8.0.3",
+		"jest": "^29.5.0",
+		"lint-staged": "^13.2.0",
+		"ts-jest": "^29.0.5",
+		"typescript": "^4.9.5"
+	},
+	"eslintConfig": {
+		"extends": "./node_modules/@1password/front-end-style/eslintrc.yml",
+		"ignorePatterns": [
+			"coverage/"
+		],
+		"parserOptions": {
+			"project": "./tsconfig.json"
+		}
+	},
+	"prettier": "./node_modules/@1password/front-end-style/prettierrc.json"
 }

src/index.ts

@@ -1,21 +1,32 @@
-import * as core from '@actions/core';
-import * as exec from '@actions/exec';
-import path from 'path';
+import path from "path";
+import url from "url";
+import * as core from "@actions/core";
+import * as exec from "@actions/exec";
 
-async function run(): Promise<void> {
-  try {
-    const parentDir = path.resolve(__dirname, '..');
-    
-    // Get action inputs
-    process.env.INPUT_UNSET_PREVIOUS = core.getInput('unset-previous');
-    process.env.INPUT_EXPORT_ENV = core.getInput('export-env');
+const run = async () => {
+	try {
+		const currentFile = url.fileURLToPath(import.meta.url);
+		const currentDir = path.dirname(currentFile);
+		const parentDir = path.resolve(currentDir, "..");
 
-    // Execute bash script
-    await exec.exec(`sh -c "` + parentDir + `/entrypoint.sh"`);
+		// Get action inputs
+		process.env.INPUT_UNSET_PREVIOUS = core.getInput("unset-previous");
+		process.env.INPUT_EXPORT_ENV = core.getInput("export-env");
 
-  } catch (error: any) {
-    core.setFailed(error.message);
-  }
-}
+		// Execute bash script
+		await exec.exec(`sh -c "` + parentDir + `/entrypoint.sh"`);
+	} catch (error) {
+		// It's possible for the Error constructor to be modified to be anything
+		// in JavaScript, so the following code accounts for this possibility.
+		// https://kentcdodds.com/blog/get-a-catch-block-error-message-with-typescript
+		let message = "Unknown Error";
+		if (error instanceof Error) {
+			message = error.message;
+		} else {
+			String(error);
+		}
+		core.setFailed(message);
+	}
+};
 
-run();
+void run();

tsconfig.json

@@ -1,13 +1,25 @@
 {
-    "compilerOptions": {
-        "target": "es6",
-        "module": "commonjs",
-        "moduleResolution": "node",
-        "outDir": "./dist",
-        "rootDir": "./src",
-        "strict": true,
-        "noImplicitAny": true,
-        "esModuleInterop": true
-    },
-    "exclude": ["node_modules"]
+	"compilerOptions": {
+		"allowJs": false,
+		"allowUnreachableCode": false,
+		"allowUnusedLabels": false,
+		"esModuleInterop": true,
+		"exactOptionalPropertyTypes": true,
+		"forceConsistentCasingInFileNames": true,
+		"importsNotUsedAsValues": "error",
+		"isolatedModules": true,
+		"module": "esnext",
+		"moduleResolution": "node",
+		"noEmit": true,
+		"noEmitOnError": true,
+		"noFallthroughCasesInSwitch": true,
+		"noImplicitReturns": true,
+		"noUncheckedIndexedAccess": true,
+		"noUnusedLocals": true,
+		"noUnusedParameters": true,
+		"outDir": "./dist/",
+		"rootDir": "./src/",
+		"strict": true,
+		"target": "es2022"
+	}
 }