diff --git a/bin.js b/bin.js index 02d6b07..ab2b939 100755 --- a/bin.js +++ b/bin.js @@ -16,15 +16,20 @@ const packageDetails = require(path.join(__dirname, "package.json")); "-a, --allow ", "comma separated list of actions to allow e.g. mheap/debug-action. May be a glob e.g. mheap/*" ) + .option( + "-i, --ignore-shas", + "do not update any commits that are pinned at a sha" + ) .parse(process.argv); const filename = program.args[0]; let allowed = program.opts().allow; allowed = (allowed || "").split(",").filter(r => r); + let ignoreShas = program.opts().ignoreShas; const input = fs.readFileSync(filename).toString(); - const output = await run(input, allowed); + const output = await run(input, allowed, ignoreShas); fs.writeFileSync(filename, output.workflow); diff --git a/index.js b/index.js index ae01aef..e10cad8 100644 --- a/index.js +++ b/index.js @@ -4,9 +4,11 @@ const extractActions = require("./extractActions"); const replaceActions = require("./replaceActions"); const findRefOnGithub = require("./findRefOnGithub"); const checkAllowedRepos = require("./checkAllowedRepos"); +const isSha = require("./isSha"); -module.exports = async function(input, allowed) { +module.exports = async function(input, allowed, ignoreShas) { allowed = allowed || []; + ignoreShas = ignoreShas || false; // Parse the workflow file let workflow = YAML.parseDocument(input); @@ -21,6 +23,10 @@ module.exports = async function(input, allowed) { continue; } + if (ignoreShas && isSha(actions[i])) { + continue; + } + // Look up those actions on Github const newVersion = await findRefOnGithub(actions[i]); actions[i].newVersion = newVersion; diff --git a/isSha.js b/isSha.js new file mode 100644 index 0000000..d34871e --- /dev/null +++ b/isSha.js @@ -0,0 +1,3 @@ +module.exports = function(action) { + return /\b([a-f0-9]{40})\b/.test(action.currentVersion); +}; diff --git a/isSha.test.js b/isSha.test.js new file mode 100644 index 0000000..2ba8950 --- /dev/null +++ b/isSha.test.js @@ -0,0 +1,15 @@ +const isSha = require("./isSha"); + +test("returns false if a non-sha is provided", () => { + const actual = isSha({ + currentVersion: "main" + }); + expect(actual).toBe(false); +}); + +test("returns true if a sha is provided", () => { + const actual = isSha({ + currentVersion: "1cb496d922065fc73c8f2ff3cc33d9b251ef1aa7" + }); + expect(actual).toBe(true); +});