+11
-2
| # Changelog | ||
| ## [0.2.1] - 2026-06-30 | ||
| ### Fixed | ||
| - README: remove stale GPR/`ci-mono` distribution note, correct `lib/commands/index.js` registration step (explicit import + push to commands array) | ||
| ## [0.2.0] - 2026-06-24 | ||
| ### Added | ||
| - `--version` / `-v` flag: prints `qvac-ci v<version>` and exits | ||
| ### Changed | ||
| - Removed the `paparam` dependency; CLI parsing now uses an internal zero-dependency module (`lib/cli.js`) | ||
| - Help output: usage line omits `[command]` for leaf commands and no longer duplicates flag short names | ||
| - Replace `paparam` runtime dependency with a zero-dependency internal CLI builder (`lib/cli.js`); no change to command behaviour or flags | ||
@@ -10,0 +19,0 @@ ## [0.1.0] - 2026-06-04 |
+2
-2
| { | ||
| "name": "@qvac/ci", | ||
| "version": "0.2.0", | ||
| "version": "0.2.1", | ||
| "description": "CI utilities for the QVAC monorepo", | ||
@@ -44,3 +44,3 @@ "author": "Tether", | ||
| }, | ||
| "homepage": "https://github.com/tetherto/qvac/tree/main/packages/qvac-ci#readme", | ||
| "homepage": "https://qvac.tether.io", | ||
| "dependencies": { | ||
@@ -47,0 +47,0 @@ "@octokit/auth-app": "^8.2.0", |
+8
-28
| # @qvac/ci | ||
| CI utilities — a modular, extensible CLI for GitHub automation. Replaces inline YAML scripts with tested, versioned Node.js commands. | ||
| CLI utilities for GitHub CI automation. Replaces inline YAML scripts with tested, versioned Node.js commands. | ||
| > **Note:** Development and feature builds are published to GitHub Packages (GPR) under the name `@qvac/ci-mono`. The unscoped `@qvac/ci` name is only available after a release-branch npm publish. | ||
| ## Installation | ||
@@ -23,7 +21,7 @@ | ||
| Checks whether a PR has the required approvals from the right roles (Management, Team Lead, Member), then upserts a `## Review Status` comment on the PR summarising the current state. | ||
| Checks whether a PR has the required approvals from the right roles (Management, Team Lead, Member) and upserts a `## Review Status` comment on the PR summarising the current state. | ||
| Always exits with code `0` — this command is **informational only**. Merge enforcement is delegated to GitHub-native branch protection (CODEOWNERS + ruleset approval requirements). | ||
| Always exits `0` — informational only. Merge enforcement is handled by GitHub-native branch protection (CODEOWNERS + ruleset requirements). | ||
| > **Note:** This command is deprecated as part of the Tier 1 approval migration to native GitHub controls. It will be disabled after rollout validation. | ||
| > **Deprecated:** This command will be removed after the Tier 1 approval migration to native GitHub controls is complete. | ||
@@ -48,3 +46,3 @@ ```bash | ||
| **Environment variables (required):** | ||
| **Required environment variables:** | ||
@@ -54,6 +52,6 @@ | Variable | Description | | ||
| | `GITHUB_TOKEN` | Token used to post the review-status comment | | ||
| | `GITHUB_APP_ID` | GitHub App ID used for team membership resolution | | ||
| | `GITHUB_APP_ID` | GitHub App ID for team membership resolution | | ||
| | `GITHUB_PRIVATE_KEY` | GitHub App private key (PEM) | | ||
| Secrets are env-only — there are no `--token` flags. This prevents tokens from appearing in the process list, shell history, or CI log echoes. | ||
| Secrets are env-only — no `--token` flags — to prevent tokens from appearing in the process list or CI logs. | ||
@@ -76,20 +74,2 @@ **Example GitHub Actions step:** | ||
| **Comment format:** | ||
| The command upserts a single `## Review Status` comment on the PR (updates in place if one already exists): | ||
| ``` | ||
| ## Review Status | ||
| **Current Status: ✅ APPROVED** | ||
| Approvals so far: Management: 1, Team Lead: 1 | ||
| ``` | ||
| ``` | ||
| ## Review Status | ||
| **Current Status: ❌ PENDING** | ||
| Approvals so far: Member: 1 | ||
| Pending reviews: Needs 1 Management or Team Lead. | ||
| ``` | ||
| ## Adding a new command | ||
@@ -99,3 +79,3 @@ | ||
| 2. Create `lib/commands/<name>/helpers.js` — domain logic. Read secrets from `process.env`; never pass them as parameters. Export a mutable `helpers` object so tests can stub methods without a mock framework. | ||
| 3. Register in `lib/commands/index.js` — `main.js` picks it up automatically. | ||
| 3. Register in `lib/commands/index.js` — add an explicit `import` and push `.toCommand()` to the `commands` array. `main.js` spreads the array. | ||
| 4. Write tests in `test/unit/<name>/index.test.js` and `test/unit/<name>/helpers.test.js`. Mock all network calls. | ||
@@ -102,0 +82,0 @@ |
37132
-1.32%94
-17.54%