diff --git a/pkg/cli/update_actions.go b/pkg/cli/update_actions.go index ae1159b9092..0d6bf5c7c27 100644 --- a/pkg/cli/update_actions.go +++ b/pkg/cli/update_actions.go @@ -660,17 +660,6 @@ func updateActionsInWorkflowFiles(ctx context.Context, deps actionUpdateDeps, wo return nil } -// updateActionRefsInContent replaces outdated "uses: org/repo@version" references -// in content with the latest major version and SHA. Returns (changed, newContent, error). -// cache is keyed by "repo@currentVersion" and avoids redundant API calls across lines/files. -// coolDownCache is keyed by "repo@tag" and avoids redundant cooldown date API calls. -// When allowMajor is true (the default), all matched actions are updated to the latest -// major version. When allowMajor is false (--disable-release-bump), non-core (non -// actions/*) action refs are skipped; core actions are always updated. -func updateActionRefsInContent(ctx context.Context, content string, cache map[string]latestReleaseResult, coolDownCache map[string]coolDownCheckResult, allowMajor, verbose bool, coolDown time.Duration) (bool, string, error) { - return updateActionRefsInContentWithDeps(ctx, defaultActionUpdateDeps(), content, cache, coolDownCache, allowMajor, verbose, coolDown) -} - func updateActionRefsInContentWithDeps(ctx context.Context, deps actionUpdateDeps, content string, cache map[string]latestReleaseResult, coolDownCache map[string]coolDownCheckResult, allowMajor, verbose bool, coolDown time.Duration) (bool, string, error) { changed := false lines := strings.Split(content, "\n") diff --git a/pkg/cli/update_actions_test.go b/pkg/cli/update_actions_test.go index 1ab1f0a9f50..69cf9e6fd49 100644 --- a/pkg/cli/update_actions_test.go +++ b/pkg/cli/update_actions_test.go @@ -353,43 +353,6 @@ func TestIsCoreAction(t *testing.T) { } } -func TestUpdateActionRefsInContent_NonCoreActionsUnchanged(t *testing.T) { - // When allowMajor=false (--disable-release-bump), non-actions/* org references - // should not be modified because they are not core actions. - input := `steps: - - uses: docker/login-action@v3 - - uses: github/codeql-action/upload-sarif@v3 - - run: echo hello` - - cache := make(map[string]latestReleaseResult) - changed, newContent, err := updateActionRefsInContent(context.Background(), input, cache, make(map[string]coolDownCheckResult), false, false, 0) - if err != nil { - t.Fatalf("updateActionRefsInContent() error = %v", err) - } - if changed { - t.Errorf("updateActionRefsInContent() changed = true, want false for non-actions/* refs with allowMajor=false") - } - if newContent != input { - t.Errorf("updateActionRefsInContent() modified content for non-actions/* refs\nGot: %s\nWant: %s", newContent, input) - } -} - -func TestUpdateActionRefsInContent_NoActionRefs(t *testing.T) { - input := `description: Test workflow -steps: - - run: echo hello - - run: echo world` - - cache := make(map[string]latestReleaseResult) - changed, _, err := updateActionRefsInContent(context.Background(), input, cache, make(map[string]coolDownCheckResult), true, false, 0) - if err != nil { - t.Fatalf("updateActionRefsInContent() error = %v", err) - } - if changed { - t.Errorf("updateActionRefsInContent() changed = true, want false for content with no action refs") - } -} - func TestUpdateActionRefsInContent_VersionTagReplacement(t *testing.T) { // Stub latest release lookup so the test doesn't hit the network. deps := newActionUpdateDepsWithLatestRelease(func(_ context.Context, repo, currentVersion string, allowMajor, verbose bool) (string, string, error) { diff --git a/pkg/workflow/call_workflow_validation.go b/pkg/workflow/call_workflow_validation.go index d4e3a1d0c72..3ce8c2d953d 100644 --- a/pkg/workflow/call_workflow_validation.go +++ b/pkg/workflow/call_workflow_validation.go @@ -191,12 +191,6 @@ func extractMDWorkflowCallInputs(mdPath string) (map[string]any, error) { return extractInputsFromMarkdown(mdPath, "workflow_call") } -// extractWorkflowCallInputsFromParsed extracts workflow_call inputs from an already-parsed -// workflow map (used for both .lock.yml and .yml files). -func extractWorkflowCallInputsFromParsed(workflow map[string]any) map[string]any { - return extractInputsFromParsedWorkflow(workflow, "workflow_call") -} - // mdHasWorkflowCall reads a .md workflow file's frontmatter and reports whether // the workflow includes a workflow_call trigger in its 'on:' section. func mdHasWorkflowCall(mdPath string) (bool, error) { diff --git a/pkg/workflow/engine_helpers.go b/pkg/workflow/engine_helpers.go index cabb38fb4fc..399ef739d90 100644 --- a/pkg/workflow/engine_helpers.go +++ b/pkg/workflow/engine_helpers.go @@ -16,9 +16,6 @@ // // # Key Functions // -// Base Installation: -// - GetBaseInstallationSteps() - Generate base installation steps for an engine -// // Secret Validation: // - GenerateMultiSecretValidationStep() - Validate at least one of multiple secrets // - BuildDefaultSecretValidationStep() - Build secret validation step for an engine @@ -89,42 +86,6 @@ func engineEnvHasKey(workflowData *WorkflowData, key string) bool { return ok } -// GetBaseInstallationSteps returns the common installation steps for an engine. -// This includes npm package installation steps shared across all engines. -// Secret validation is now handled in the activation job via GetSecretValidationStep. -// -// Parameters: -// - config: Engine-specific configuration for installation -// - workflowData: The workflow data containing engine configuration -// -// Returns: -// - []GitHubActionStep: The base installation steps (npm install) -func GetBaseInstallationSteps(config EngineInstallConfig, workflowData *WorkflowData) []GitHubActionStep { - engineHelpersLog.Printf("Generating base installation steps for %s engine: workflow=%s", config.Name, workflowData.Name) - - var steps []GitHubActionStep - - // Secret validation step is now generated in the activation job (GetSecretValidationStep). - - // Determine step name - use InstallStepName if provided, otherwise default to "Install " - stepName := config.InstallStepName - if stepName == "" { - stepName = "Install " + config.Name - } - - // Add npm package installation steps - npmSteps := BuildStandardNpmEngineInstallSteps( - config.NpmPackage, - config.Version, - stepName, - config.CliName, - workflowData, - ) - steps = append(steps, npmSteps...) - - return steps -} - // GenerateMultiSecretValidationStep creates a GitHub Actions step that validates at least one // of multiple secrets is available. // secretNames: slice of secret names to validate (e.g., []string{"CODEX_API_KEY", "OPENAI_API_KEY"}) diff --git a/pkg/workflow/safe_outputs_call_workflow_test.go b/pkg/workflow/safe_outputs_call_workflow_test.go index 49e965f381a..8164cd112a3 100644 --- a/pkg/workflow/safe_outputs_call_workflow_test.go +++ b/pkg/workflow/safe_outputs_call_workflow_test.go @@ -465,27 +465,6 @@ jobs: // TestExtractWorkflowCallInputsFromParsed tests the parsing of workflow_call inputs // from an already-parsed workflow map -func TestExtractWorkflowCallInputsFromParsed(t *testing.T) { - workflow := map[string]any{ - "on": map[string]any{ - "workflow_call": map[string]any{ - "inputs": map[string]any{ - "payload": map[string]any{ - "type": "string", - "required": false, - }, - }, - }, - }, - } - - inputs := extractWorkflowCallInputsFromParsed(workflow) - assert.Contains(t, inputs, "payload", "Should extract payload input") - - payloadInput, ok := inputs["payload"].(map[string]any) - require.True(t, ok, "payload input should be a map") - assert.Equal(t, "string", payloadInput["type"], "payload should be string type") -} // TestCallWorkflowConfig_WithGeneratedYAML tests that the compiled YAML for a gateway workflow // includes the expected call-workflow fan-out jobs structure