Skip to content

Add a verification workflow#108

Open
mcdonnnj wants to merge 12 commits intodevelopfrom
improvement/add_verification_on_pr_workflow
Open

Add a verification workflow#108
mcdonnnj wants to merge 12 commits intodevelopfrom
improvement/add_verification_on_pr_workflow

Conversation

@mcdonnnj
Copy link
Member

@mcdonnnj mcdonnnj commented Mar 18, 2026
edited
Loading

🗣 Description

This pull request adds a verify.yml GitHub Actions workflow. This workflow will run on pull requests to verify the action's functionality.

💭 Motivation and context

This was mentioned during review by Copilot in #107 (comment). It seemed like a good idea so I have implemented it here.

🧪 Testing

Automated tests pass.

✅ Pre-approval checklist

  • This PR has an informative and human-readable title.
  • Changes are limited to a single goal - eschew scope creep!
  • All relevant type-of-change labels have been added.
  • I have read the CONTRIBUTING document.
  • These code changes follow cisagov code standards.
  • All new and existing tests pass.

✅ Pre-merge checklist

  • Add the new verify check to the required checks in branch protection.

@mcdonnnj
Add a verification workflow
c6d6b83 
This workflow is an almost exact copy of the `build.yml` workflow that
will run on pull requests. It checks out the repo a step earlier so it
can be used as the source for the action. This will ensure that on pull
requests we verify that the action functions as expected.

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@mcdonnnj mcdonnnj requested a review from Copilot March 18, 2026 17:53
@mcdonnnj mcdonnnj self-assigned this Mar 18, 2026
@mcdonnnj mcdonnnj requested review from dav3r, felddy and jsf9k as code owners March 18, 2026 17:53
@mcdonnnj mcdonnnj added the improvement This issue or pull request will add or improve functionality, maintainability, or ease of use label Mar 18, 2026
@github-actions github-actions bot added the github-actions Pull requests that update GitHub Actions code label Mar 18, 2026
Copilot AI reviewed Mar 18, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds a new GitHub Actions workflow (verify.yml) to validate this repository’s GitHub Action behavior on pull requests by running the pipeline against the checked-out (local) copy of the action, rather than a released tag.

Changes:

  • Introduces a new verify workflow triggered on pull_request and merge_group.
  • Runs a lint/verification job that checks out the repo, runs the local action (uses: ./), installs toolchains, and executes pre-commit.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

@mcdonnnj mcdonnnj mentioned this pull request Mar 18, 2026
Open
8 tasks
@mcdonnnj
Switch to verification through JavaScript
0d3d3c6 
Instead of replicating the `build.yml` workflow we do direct
verification using actions/github-script. This will now load the tool
versions from the action source and compare them to the outputs from
running the action.
@mcdonnnj mcdonnnj requested a review from Copilot March 18, 2026 19:25
Copilot AI reviewed Mar 18, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds a dedicated GitHub Actions workflow to verify this repository’s action behavior on PRs/merge-queue runs by executing the checked-out action and validating its outputs.

Changes:

  • Introduces .github/workflows/verify.yml triggered on pull_request and merge_group.
  • Runs the local action (uses: ./) and validates that output <tool>-version values match src/versions.js.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

mcdonnnj and others added 7 commits March 18, 2026 18:36
@mcdonnnj
Check that dist/ is up-to-date when verifying the action
a97a269 
Add steps to the `verify` job to build the action and verify that there
are no changes. This will ensure that dist/ is up-to-date with changes
in src/ when verifying.

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@mcdonnnj
Add descriptive names in verify job
abd9a74 
Giving useful names to each step when verifying will make it easier
when examining the log during a failure.
@mcdonnnj
Restrain verify.yml workflow to specific path changes
86786f5 
Add a `paths` configuration to the `pull_request` trigger for the
workflow. This will ensure the workflow only runs when there are
changes to itself or the functionality of the action.
@mcdonnnj
Use template literals in verify.yml workflow
fadb2d5 
I think it is cleaner to use template literals for string interpolation
instead of all the concatenation currently being done.
@mcdonnnj
DRY out string interpolation
f9961d4
@mcdonnnj
Improve verification loop in the verify.yml workflow
ccd60e8 
This ensures that a failed output key check can not be double counted
as improving the output for a value mismatch. Though the latter is
unlikely to happen with our specific setup it is an easy enough change
as a "just in case" thing.

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@mcdonnnj
Format JavaScript in verify.yml with prettier
4502b05 
Manually format the inline JavaScript in the `verify.yml` workflow with
the prettier pre-commit hook. This was done by pulling the code out
into a separate file and running pre-commit against that file.
@mcdonnnj mcdonnnj requested a review from Copilot March 19, 2026 01:27
Copilot AI reviewed Mar 19, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This pull request adds a new GitHub Actions workflow (verify.yml) to validate that the action behaves as expected on pull requests and merge-queue checks, including ensuring generated dist/ artifacts are consistent with src/.

Changes:

  • Adds a verify workflow that runs the action from the local checkout and validates its outputs.
  • Builds the action (npm ci + npm run package) and checks that dist/ is up-to-date.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

mcdonnnj and others added 3 commits March 18, 2026 21:37
@mcdonnnj
Remove unnecessary spacing in error message
2d3dfc1 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@mcdonnnj
Use string substitution in console.<type>() calls
49549be 
This eliminates some wrangling about line-length in the inline script
used in the `verify.yml` workflow.
@mcdonnnj
Check for any changes to dist/ when verifying
0438774 
Adjust the check so it catches any changes in the dist/ sub-directory
after running `npm run package`. This will ensure that untracked files
cause failure in addition to changes to tracked files. This is
important since untracked files would usually be the result of new
files created in dist/ from the source code in src/.

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@mcdonnnj mcdonnnj requested a review from jsf9k March 19, 2026 09:09
dav3r
dav3r approved these changes Mar 19, 2026
View reviewed changes
Copy link
Member

@dav3r dav3r left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@jsf9k jsf9k jsf9k approved these changes

@dav3r dav3r dav3r approved these changes

@felddy felddy Awaiting requested review from felddy felddy is a code owner

Assignees

@mcdonnnj mcdonnnj

Labels

github-actions Pull requests that update GitHub Actions code improvement This issue or pull request will add or improve functionality, maintainability, or ease of use

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@mcdonnnj @jsf9k @dav3r