refactor: update github CI workflow

- also added handy fs-extra json functions for JSON reading/writing
- update docker image to node 20.12.2

Author: mverkerk-godaddy

.github/actions/semantic/action.yml

@@ -1,12 +1,6 @@
 name: semantic-release-node
 description: 'perform semantic-release actions for node'
 
-inputs:
-  publish:
-    description: 'tell semantic-release to publish or run in DRY-RUN mode (default)'
-    required: false
-    default: 'false'
-
 outputs:
   last_release_version:
     description: 'version before semantic-release'
@@ -24,17 +18,9 @@ runs:
     - name: run-release
       id: release
       shell: bash
-      env:
-        GITHUB_TOKEN: ${{ env.GITHUB_TOKEN || env.GH_TOKEN }}
-        NPM_TOKEN: ${{ env.NPM_TOKEN }}
       run: |
         echo "last_release_version=`cat package.json | jq -r .version`" >> $GITHUB_OUTPUT
-
-        if [[ '${{ inputs.publish }}' == 'true' ]]; then
-          npx semantic-release | tee release.output;
-        else
-          npx semantic-release --dry-run --no-ci --branches ${{ github.ref_name }} | tee release.output;
-        fi
+        echo npx semantic-release | tee release.output;
 
     - name: post-release
       if: always()
@@ -48,15 +34,3 @@ runs:
           echo "new_release_published=false" >> $GITHUB_OUTPUT
           echo "new_release_version=none" >> $GITHUB_OUTPUT
         fi
-
-    - name: Update job summary after semantic-release
-      if: always()
-      shell: bash
-      run: |
-        if [ '${{ steps.release.outputs.new_release_published }}' == 'true' ]; then
-          echo - A new release ${{ inputs.publish == 'true' && 'was' || 'will be' }} published! >> $GITHUB_STEP_SUMMARY
-          echo - Last Release: **${{ steps.release.outputs.last_release_version }}** >> $GITHUB_STEP_SUMMARY
-          echo - New Release: **${{ steps.release.outputs.new_release_version }}** >> $GITHUB_STEP_SUMMARY
-        else
-          echo - No new Release! The current release is: **${{ steps.release.outputs.last_release_version }}** >> $GITHUB_STEP_SUMMARY
-        fi

.github/workflows/test-release-publish.yml

@@ -12,6 +12,17 @@ on:
         default: false
         type: boolean
 
+defaults:
+  run:
+    shell: bash
+
+env:
+  GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+
+permissions:
+  contents: read # for checkout
+
 jobs:
   test:
     runs-on: ubuntu-latest
@@ -22,6 +33,9 @@ jobs:
     steps:
     - name: Checkout
       uses: actions/checkout@v4
+      with:
+        fetch-depth: 0
+        persist-credentials: false
 
     - name: Setup Node.js ${{ matrix.node-version }}
       uses: actions/setup-node@v4
@@ -33,66 +47,75 @@ jobs:
         npm ci --ignore-scripts
         npm test
 
-  release:
+  semantic-release:
     runs-on: ubuntu-latest
     needs: test
-    if: github.ref == 'refs/heads/main' && needs.test.result == 'success'
+    if: github.ref_name == 'main' && needs.test.result == 'success'
+    permissions:
+      contents: write # to be able to publish a GitHub release
+      issues: write # to be able to comment on released issues
+      pull-requests: write # to be able to comment on released pull requests
+      id-token: write # to enable use of OIDC for npm provenance
     outputs:
       last_release_version: ${{ steps.release.outputs.last_release_version }}
       new_release_version: ${{ steps.release.outputs.new_release_version }}
       new_release_published: ${{ steps.release.outputs.new_release_published }}
     steps:
     - name: Checkout
       uses: actions/checkout@v4
+      with:
+        fetch-depth: 0
+        persist-credentials: false
 
-    - name: Setup Node.js
+    - name: Print info
+      run: |
+        # Echo the version from package.json
+        echo "Current package version: [$(jq -r .version package.json)]"
+  
+    - name: Setup NodeJS 21
       uses: actions/setup-node@v4
       with:
         node-version: 21
         cache: 'npm'
 
-    - name: Install node modules and run tests
+    - name: NPM install
       run: |
         npm ci --ignore-scripts
   
     - name: Semantic Release [PUBLISH]
-      uses: ./.github/actions/semantic
       id: release
-      env:
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
-      with:
-        publish: true
+      uses: ./.github/actions/semantic
 
-  deploy:
+  publish-docker:
     runs-on: ubuntu-latest
-    needs: release
-    if: github.ref == 'refs/heads/main' && (needs.release.outputs.new_release_published == 'true' || github.event.inputs.force-docker == true)
+    needs: semantic-release
+    if: github.ref_name == 'main' && (needs.semantic-release.outputs.new_release_published == 'true' || github.event.inputs.force-docker == true)
+    outputs:
+      docker_imageid: ${{ steps.docker_build.outputs.imageid }}
     steps:
     - name: Checkout
       uses: actions/checkout@v4
+      with:
+        fetch-depth: 0
+        persist-credentials: false
+
+    - name: Print npm package info
+      run: |
+        # Echo the version from package.json
+        echo "Current package version: [$(jq -r .version package.json)]"
 
-    - name: Setup Node.js
+    - name: Setup NodeJS 21
       uses: actions/setup-node@v4
       with:
         node-version: 21
 
-    - name: Install node modules and run tests
+    - name: NPM install
       run: |
         npm ci --ignore-scripts
   
-    - name: Set up Docker Buildx
-      id: buildx
+    - name: Install Docker Buildx
       uses: docker/setup-buildx-action@v3
 
-    - name: Cache Docker layers
-      uses: actions/cache@v4
-      with:
-        path: /tmp/.buildx-cache
-        key: ${{ runner.os }}-buildx-${{ github.sha }}
-        restore-keys: |
-          ${{ runner.os }}-buildx-
-
     - name: Login to Docker Hub
       uses: docker/login-action@v3
       with:
@@ -103,15 +126,35 @@ jobs:
       id: docker_build
       uses: docker/build-push-action@v5
       with:
-        builder: ${{ steps.buildx.outputs.name }}
+        context: .
         push: true
         tags: |
           godaddy/timings:latest
-          godaddy/timings:${{ needs.release.outputs.new_release_version }}
-        cache-from: type=local,src=/tmp/.buildx-cache
-        cache-to: type=local,dest=/tmp/.buildx-cache
+          godaddy/timings:${{ needs.semantic-release.outputs.new_release_version }}
+        cache-from: type=registry,ref=user/app:buildcache
+        cache-to: type=registry,ref=user/app:buildcache,mode=max
 
-    - name: Image digest
-      run: |
-        echo Docker image was published sucessfully! >> $GITHUB_STEP_SUMMARY
-        echo - Image ID: **${{ steps.docker_build.outputs.imageid }}** >> $GITHUB_STEP_SUMMARY
+  finish:
+    runs-on: ubuntu-latest
+    needs: [semantic-release, publish-docker]
+    steps:
+      - name: Print info
+        run: |
+          echo "needs.semantic-release: ${{ toJSON(needs.semantic-release) }}"
+
+      - name: Report
+        run: |
+          if [ '${{ needs.semantic-release.outputs.new_release_published }}' == 'true' ]; then
+            echo - A new release was published! >> $GITHUB_STEP_SUMMARY
+            echo - Last Release: **${{ needs.semantic-release.outputs.last_release_version }}** >> $GITHUB_STEP_SUMMARY
+            echo - New Release: **${{ needs.semantic-release.outputs.new_release_version }}** >> $GITHUB_STEP_SUMMARY
+          else
+            echo - No new Release! The current release is: **${{ needs.semantic-release.outputs.last_release_version }}** >> $GITHUB_STEP_SUMMARY
+          fi
+          if [ '${{ needs.publish-docker.result }}' == 'success' ]; then
+            echo - Docker image was published! >> $GITHUB_STEP_SUMMARY
+            echo - Image ID: **${{ needs.publish-docker.outputs.docker_imageid }}** >> $GITHUB_STEP_SUMMARY
+          else
+            echo - Docker image was not published! >> $GITHUB_STEP_SUMMARY
+          fi
+  

Dockerfile

@@ -1,4 +1,4 @@
-FROM node:20.2.0-slim
+FROM node:20.12.2-slim
 RUN apt-get update && apt-get upgrade -y
 
 LABEL Description="timings"

routes/v2/post-routes.js

@@ -1,7 +1,7 @@
 /**
  * Created by mverkerk on 9/25/2016.
  */
-import fs from 'fs';
+import fs from 'fs-extra';
 import { Router } from 'express';
 import crypto from 'crypto';
 // eslint-disable-next-line new-cap
@@ -48,15 +48,13 @@ export default function (app) {
       req.body.env.ES_PASS = app.locals.env.ES_PASS;
     }
 
-    const data = JSON.stringify(req.body);
-
     // Write the file and send the response
     try {
       const returnJSON = req.body;
       if (returnJSON.env?.ES_PASS) returnJSON.env.ES_PASS = '********';
       res.json(returnJSON);
       // eslint-disable-next-line no-sync
-      fs.writeFileSync(app.locals.env.APP_CONFIG, data);
+      fs.writeJsonSync(app.locals.env.APP_CONFIG, returnJSON);
       // Config updated - re-init the server
       const es = new Elastic(app);
       setConfig(app, app.locals.appRootPath);  // this resets the config!

routes/v2/static-routes.js

@@ -1,6 +1,6 @@
 // eslint-disable-next-line new-cap
 import os from 'os';
-import fs from 'fs';
+import fs from 'fs-extra';
 import { Router } from 'express';
 import path from 'path';
 import isDocker from 'is-docker';
@@ -63,7 +63,7 @@ export default function (app) {
       try {
         if (cfgFile && fs.existsSync(cfgFile)) {
           if (cfgFile.endsWith('.json')) {
-            config = JSON.parse(fs.readFileSync(cfgFile, 'utf8'));
+            config = fs.readJsonSync(cfgFile);
           } else {
             config.error = `Sorry - your config file [${cfgFile}] is not JSON - we hope to add more options soon!`;
           }

server.js

@@ -1,7 +1,7 @@
 #!/usr/bin/env node
 /* eslint-disable no-process-exit */
 /* eslint-disable id-length */
-import fs from 'fs';
+import fs from 'fs-extra';
 import path from 'path';
 import winston from 'winston';
 import expressWinston from 'express-winston';
@@ -27,7 +27,7 @@ const logFileSettings = {
 };
 
 // Loading package.json content
-const pkg = JSON.parse(fs.readFileSync(new URL('./package.json', import.meta.url)));
+const pkg = fs.readJsonSync(new URL('./package.json', import.meta.url));
 
 let app;
 

src/v2/config.js

@@ -1,11 +1,11 @@
-import fs from 'fs';
+import fs from 'fs-extra';
 import os from 'os';
 import path from 'path';
 import winston from 'winston';
 import logger from '../log.js';
 const __dirname = path.dirname(new URL(import.meta.url).pathname);
 
-const pkg = JSON.parse(fs.readFileSync(new URL('../../package.json', import.meta.url)));
+const pkg = fs.readJsonSync(new URL('../../package.json', import.meta.url));
 const { CONFIGFILE, ES_UPGRADE } = process.env;
 
 // Load config file - only JSON!
@@ -19,7 +19,7 @@ if (!configFile || !configFile.endsWith('.json') || !fs.existsSync(path.resolve(
 function setConfig(app, appRootPath) {
   app.locals.configFile = app.locals.configFile || configFile;
 
-  const appConfig = JSON.parse(fs.readFileSync(path.resolve(configFile)));
+  const appConfig = fs.readJsonSync(configFile);
 
   // Check for missing keys & add some ENV vars
   if (!appConfig.env) {

src/v2/es-utils.js

@@ -1,12 +1,10 @@
 /** Created by mverkerk on 10/20/2016. */
-import fs from 'fs';
+import fs from 'fs-extra';
 import { Client } from '@elastic/elasticsearch';
 
 // Loading sample data content
-const sampleData = JSON.parse(fs.readFileSync(new URL('../../config/.sample_data.json', import.meta.url)));
-const { version } = JSON.parse(fs.readFileSync(
-  new URL('../../node_modules/@elastic/elasticsearch/package.json', import.meta.url)
-));
+const sampleData = fs.readJsonSync(new URL('../../config/.sample_data.json', import.meta.url));
+const { version } = fs.readJsonSync(new URL('../../node_modules/@elastic/elasticsearch/package.json', import.meta.url));
 
 /* eslint no-sync: 0 */
 class ESClass {

src/v2/kb-utils.js

@@ -1,7 +1,7 @@
 /**
 * Created by mverkerk on 10/20/2016.
 */
-import fs from 'fs';
+import fs from 'fs-extra';
 import path from 'path';
 import FormData from 'form-data';
 

src/v2/perf-utils.js

@@ -100,7 +100,7 @@ class PUClass {
       e.message = 'Missing first run - currentRun has to be 1 for the first run!';
       throw e;
     }
-    const appendObject = this.objParams.multirun.currentRun < 2 ? {} : await fs.readJson(multiFile);
+    const appendObject = this.objParams.multirun.currentRun < 2 ? {} : fs.readJsonSync(multiFile);
     appendObject[this.objParams.multirun.currentRun] = this.objParams;
     appendObject[this.objParams.multirun.currentRun].route = this.route;
     // Write to the file

src/v2/run-es.js

@@ -1,9 +1,9 @@
-import fs from 'fs';
+import fs from 'fs-extra';
 import semver from 'semver';
 import { ESClass } from './es-utils.js';
 import { KBClass } from './kb-utils.js';
 
-const esTemplate = JSON.parse(fs.readFileSync(new URL('../../config/.es_template.json', import.meta.url)));
+const esTemplate = fs.readJsonSync(new URL('../../config/.es_template.json', import.meta.url));
 
 /* eslint no-sync: 0 */
 class Elastic {

test/setup/add-globals.js

@@ -1,18 +1,16 @@
 /* eslint-disable no-sync */
 /* eslint-disable no-undef */
 import './config-generic-env.js';
-import fs from 'fs';
-import path from 'path';
+import fs from 'fs-extra';
 import mocks from '../__mocks__.js';
 import fixtures from './fixtures.js';
 
-console.log('Adding vitest globals - see `test/setup/add-globals.js`');
 
 // Get the current package version from package.json
-const packageJsonPath = path.resolve(__dirname, '../../package.json');
-const packageJsonData = fs.readFileSync(packageJsonPath);
-const packageJson = JSON.parse(packageJsonData);
-const { version } = packageJson;
+const { version } = fs.readJsonSync(new URL('../../package.json', import.meta.url));
+
+console.log(`Adding vitest globals - see 'test/setup/add-globals.js'`);
+console.log(`Current package version: ${version}`);
 
 // Add the global variables
 globalThis.mocks = mocks;