Skip to content

fix: implement version pinning with @actions/tool-cache v4#11

Merged
danielmeppiel merged 1 commit intomainfrom
fix/version-pinning
Mar 11, 2026
Merged

fix: implement version pinning with @actions/tool-cache v4#11
danielmeppiel merged 1 commit intomainfrom
fix/version-pinning

Conversation

@danielmeppiel
Copy link
Copy Markdown
Collaborator

@danielmeppiel danielmeppiel commented Mar 11, 2026

Fix: Version Pinning with @actions/tool-cache v4

Problem

The apm-version input was broken — install.sh ignores the APM_VERSION env var the action sets, always installing the latest version regardless of what you specify.

Solution

Replace the curl install.sh | sh approach with direct binary download using @actions/tool-cache v4 (the standard pattern used by setup-node, setup-python, setup-go):

  • GitHub Releases API resolves latest tag or constructs URL for pinned versions
  • @actions/tool-cache handles download, extract, cache with built-in retry and caching
  • Platform mapping: process.platform/arch mapped to 4 known combos (darwin-arm64, darwin-x86_64, linux-arm64, linux-x86_64)
  • No install.sh changes needed — action downloads the binary directly from GitHub Releases

What Changed

  • src/installer.ts — Rewritten to use @actions/tool-cache v4
  • src/__tests__/installer.test.ts — 14 new unit tests
  • package.json — Added @actions/tool-cache ^4.0.0
  • .github/workflows/test-version-pin.yml — E2E test: pinned v0.7.5 on Ubuntu + macOS, plus latest

Testing

  • 36 unit tests pass (14 new installer tests)
  • Lint clean
  • TypeScript typecheck passes
  • ncc build succeeds
  • E2E: Pinned version 0.7.5 on Ubuntu
  • E2E: Pinned version 0.7.5 on macOS
  • E2E: Latest version on Ubuntu

Copilot AI review requested due to automatic review settings March 11, 2026 04:50
Copilot AI reviewed Mar 11, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR refactors APM CLI installation to download versioned release assets directly (with caching), adds unit tests around the new installer/version resolution logic, and introduces a workflow to validate version pinning behavior in CI.

Changes:

  • Replace install.sh piping with GitHub Releases asset download + @actions/tool-cache extraction/caching.
  • Add getAssetSuffix and resolveDownloadUrl helpers (including “latest” resolution).
  • Add Jest unit tests for installer behavior and a CI workflow to validate pinned/latest installs.

Reviewed changes

Copilot reviewed 4 out of 8 changed files in this pull request and generated 2 comments.

Show a summary per file
File Description
src/installer.ts Implements release-asset-based installation, tool-cache caching, and version URL resolution.
src/__tests__/installer.test.ts Adds unit coverage for platform suffix mapping, URL resolution, and install/caching behavior.
package.json Adds @actions/tool-cache dependency.
package-lock.json Locks @actions/tool-cache (and its transitive deps).
dist/licenses.txt Updates bundled third-party license list.
dist/installer.d.ts Updates declarations for newly exported installer helpers.
.github/workflows/test-version-pin.yml Adds integration workflow to validate pinned/latest version installs on Ubuntu/macOS.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread src/installer.ts
Comment thread src/installer.ts Outdated
@danielmeppiel danielmeppiel force-pushed the fix/version-pinning branch 3 times, most recently from 098aec1 to 1daf2e0 Compare March 11, 2026 05:09
@danielmeppiel
fix: implement version pinning with @actions/tool-cache v4
9613dc2 
Replace broken install.sh pipe (which ignored APM_VERSION env var) with
direct binary download using @actions/tool-cache. This enables proper
version pinning via the apm-version input.

- Use GitHub Releases API to resolve 'latest' tag
- Construct download URL from predictable asset naming convention
- Download, extract, and cache with @actions/tool-cache
- Map process.platform/arch to APM asset suffix (4 combos)
- Add 14 unit tests covering all platform combos, URL resolution,
  cache hits, and error paths
- Add test-version-pin.yml workflow (Ubuntu + macOS, pinned + latest)
@danielmeppiel danielmeppiel merged commit 5eac264 into main Mar 11, 2026
14 checks passed
@danielmeppiel danielmeppiel mentioned this pull request May 2, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@danielmeppiel