Merge pull request #10 from TingluoHuang/main

Create schedule workflow to build/publish node.js on schedules.

.github/workflows/build-release-alpine-nodejs.yml

@@ -0,0 +1,119 @@
+name: Build Alpine Node.js
+permissions:
+  contents: write
+
+on:
+  workflow_dispatch:
+    inputs:
+      NodeVersion:
+        required: true
+        description: 'Node.js version to build (ex: v12.22.7, v16.12.0)'
+  workflow_call: 
+    inputs:
+      NodeVersion:
+        required: true
+        description: 'Node.js version to build (ex: v12.22.7, v16.12.0)'
+        type: string
+
+jobs:
+  prebuild:
+    outputs:
+      NodeVersion: ${{ steps.check_node_version.outputs.NodeVersion }}
+    name: Determine node.js version
+    runs-on: ubuntu-latest
+    steps:
+    - name: Check node.js version
+      id: check_node_version
+      run: |
+        # Determine which NodeVersion input to use
+        if [ -n "${{ github.event.inputs.NodeVersion }}" ]; then
+          NODE_VERSION="${{ github.event.inputs.NodeVersion }}"
+          echo "Using NodeVersion from workflow_dispatch: $NODE_VERSION"
+        elif [ -n "${{ inputs.NodeVersion }}" ]; then
+          NODE_VERSION="${{ inputs.NodeVersion }}"
+          echo "Using NodeVersion from workflow_call: $NODE_VERSION"
+        else
+          echo "Error: No NodeVersion specified"
+          exit 1
+        fi
+        
+        # Set the output that will be used by subsequent steps/jobs
+        echo "NodeVersion=$NODE_VERSION" >> $GITHUB_OUTPUT   
+
+  build:
+    needs: [prebuild]
+    name: Build node.js ${{needs.prebuild.outputs.NodeVersion}}
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - name: Build the Docker image
+      run: |
+         NodeVersion="${{needs.prebuild.outputs.NodeVersion}}"
+         PythonVersion="python3"
+         if [[ $NodeVersion = v12* ]]
+         then
+           PythonVersion="python2"
+         fi
+         echo node.js version $NodeVersion
+         echo python version $PythonVersion
+         docker build --file Dockerfile --tag alpine_nodejs:${{needs.prebuild.outputs.NodeVersion}} --build-arg NodeVersion=${{needs.prebuild.outputs.NodeVersion}} --build-arg PythonVersion=$PythonVersion .
+    - name: Copy alpine node.js out
+      run: |
+         mkdir $RUNNER_TEMP/alpine_node
+         docker run --rm -v $RUNNER_TEMP/alpine_node:/node_output alpine_nodejs:${{needs.prebuild.outputs.NodeVersion}}
+         ls -l -R $RUNNER_TEMP/alpine_node
+    - name: Upload alpine node.js
+      uses: actions/upload-artifact@v4
+      with:
+        name: alpine_nodejs_${{needs.prebuild.outputs.NodeVersion}}
+        path:  ${{runner.temp}}/alpine_node/node-${{needs.prebuild.outputs.NodeVersion}}-alpine-x64.tar.gz
+
+  test:
+    name: Test node.js ${{needs.prebuild.outputs.NodeVersion}}
+    needs: [prebuild, build]
+    runs-on: ubuntu-latest
+    container: alpine
+    steps:
+    - name: Download alpine node.js
+      uses: actions/download-artifact@v4
+      with:
+        name: alpine_nodejs_${{needs.prebuild.outputs.NodeVersion}}
+    - run: |
+        ls -l
+        tar xzf ./node-${{needs.prebuild.outputs.NodeVersion}}-alpine-x64.tar.gz
+        ls -l -R
+        ./bin/node -v
+        ./bin/node -e "console.log('hello world')"
+        uname -a
+        ldd ./bin/node
+      name: Test node
+  release:
+    name: Create release for node.js ${{needs.prebuild.outputs.NodeVersion}}
+    needs: [prebuild, test]
+    runs-on: ubuntu-latest
+    steps:
+    - name: Download alpine node.js
+      uses: actions/download-artifact@v4
+      with:
+        name: alpine_nodejs_${{needs.prebuild.outputs.NodeVersion}}
+    # Create GitHub release
+    - uses: actions/create-release@master
+      id: createRelease
+      name: Create node.js ${{needs.prebuild.outputs.NodeVersion}} Alpine Release
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      with:
+        tag_name: "${{needs.prebuild.outputs.NodeVersion}}"
+        release_name: "${{needs.prebuild.outputs.NodeVersion}}"
+        body: |
+          Alpine node.js ${{needs.prebuild.outputs.NodeVersion}}
+    # Upload release assets
+    - name: Upload Release Asset
+      uses: actions/upload-release-asset@v1.0.1
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      with:
+        upload_url: ${{ steps.createRelease.outputs.upload_url }}
+        asset_path: ${{ github.workspace }}/node-${{needs.prebuild.outputs.NodeVersion}}-alpine-x64.tar.gz
+        asset_name: node-${{needs.prebuild.outputs.NodeVersion}}-alpine-x64.tar.gz
+        asset_content_type: application/octet-stream

.github/workflows/docker-image.yml

@@ -1,88 +0,0 @@
-name: Build Alpine Node.js
-permissions:
-  contents: write
-
-on:
-  workflow_dispatch:
-    inputs:
-      NodeVersion:
-        required: true
-        description: 'Node.js version to build (ex: v12.22.7, v16.12.0)'
-
-jobs:
-  build:
-    name: Build node.js ${{github.event.inputs.NodeVersion}}
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v2
-    - name: Build the Docker image
-      run: |
-         NodeVersion="${{github.event.inputs.NodeVersion}}"
-         PythonVersion="python3"
-         if [[ $NodeVersion = v12* ]]
-         then
-           PythonVersion="python2"
-         fi
-         echo node.js version $NodeVersion
-         echo python version $PythonVersion
-         docker build --file Dockerfile --tag alpine_nodejs:${{github.event.inputs.NodeVersion}} --build-arg NodeVersion=${{github.event.inputs.NodeVersion}} --build-arg PythonVersion=$PythonVersion .
-    - name: Copy alpine node.js out
-      run: |
-         mkdir $RUNNER_TEMP/alpine_node
-         docker run --rm -v $RUNNER_TEMP/alpine_node:/node_output alpine_nodejs:${{github.event.inputs.NodeVersion}}
-         ls -l -R $RUNNER_TEMP/alpine_node
-    - name: Upload alpine node.js
-      uses: actions/upload-artifact@v2
-      with:
-        name: alpine_nodejs_${{github.event.inputs.NodeVersion}}
-        path:  ${{runner.temp}}/alpine_node/node-${{github.event.inputs.NodeVersion}}-alpine-x64.tar.gz
-
-  test:
-    name: Test node.js ${{github.event.inputs.NodeVersion}}
-    needs: [build]
-    runs-on: ubuntu-latest
-    container: alpine
-    steps:
-    - name: Download alpine node.js
-      uses: actions/download-artifact@v2
-      with:
-        name: alpine_nodejs_${{github.event.inputs.NodeVersion}}
-    - run: |
-        ls -l
-        tar xzf ./node-${{github.event.inputs.NodeVersion}}-alpine-x64.tar.gz
-        ls -l -R
-        ./bin/node -v
-        ./bin/node -e "console.log('hello world')"
-        uname -a
-        ldd ./bin/node
-      name: Test node
-  release:
-    name: Create release for node.js ${{github.event.inputs.NodeVersion}}
-    needs: [test]
-    runs-on: ubuntu-latest
-    steps:
-    - name: Download alpine node.js
-      uses: actions/download-artifact@v2
-      with:
-        name: alpine_nodejs_${{github.event.inputs.NodeVersion}}
-    # Create GitHub release
-    - uses: actions/create-release@master
-      id: createRelease
-      name: Create node.js ${{github.event.inputs.NodeVersion}} Alpine Release
-      env:
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      with:
-        tag_name: "${{github.event.inputs.NodeVersion}}"
-        release_name: "${{github.event.inputs.NodeVersion}}"
-        body: |
-          Alpine node.js ${{github.event.inputs.NodeVersion}}
-    # Upload release assets
-    - name: Upload Release Asset
-      uses: actions/upload-release-asset@v1.0.1
-      env:
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      with:
-        upload_url: ${{ steps.createRelease.outputs.upload_url }}
-        asset_path: ${{ github.workspace }}/node-${{github.event.inputs.NodeVersion}}-alpine-x64.tar.gz
-        asset_name: node-${{github.event.inputs.NodeVersion}}-alpine-x64.tar.gz
-        asset_content_type: application/octet-stream

.github/workflows/release-alpine-nodejs-on-schedule.yml

@@ -0,0 +1,80 @@
+name: Build and Release Alpine Node.js on Schedule
+permissions:
+  contents: write
+
+on:
+  schedule:
+    - cron: '0 0 * * 0' # Every Sunday at midnight
+  workflow_dispatch: 
+
+jobs:
+  get_versions:
+    outputs:
+      versions: ${{ steps.set-matrix.outputs.versions }}
+      buildnode: ${{ steps.set-matrix.outputs.buildnode }}
+    name: Find versions to build and release
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+    - name: Find latest versions from each major version
+      id: set-matrix
+      run: |
+        BUILD_NODE=0
+
+        # Read major versions from versions.json
+        MAJOR_VERSIONS=$(jq -r '.[]' versions.json)
+        
+        # Initialize array to store latest versions
+        LATEST_VERSIONS=()
+        
+        # For each major version, find the latest release
+        for VERSION in $MAJOR_VERSIONS; do
+          # Get latest release for this major version
+          LATEST=$(curl -s "https://nodejs.org/dist/index.json" | \
+                  jq -r "[.[] | select(.version | startswith(\"$VERSION.\"))] | sort_by(.date) | reverse | .[0].version")
+          
+          if [ -n "$LATEST" ]; then
+            echo "Found latest $VERSION: $LATEST"
+
+            # Check if this version already exists in GitHub releases
+            # Using the GitHub API to check if the tag/release exists
+            RELEASE_EXISTS=$(curl -s -H "Authorization: token ${{github.token}}" \
+                           "https://api.github.com/repos/${GITHUB_REPOSITORY}/releases/tags/${LATEST}" | \
+                           jq -r '.id != null')
+            
+            if [ "$RELEASE_EXISTS" == "true" ]; then
+              echo "Release for $LATEST already exists - skipping"
+            else
+              echo "Release for $LATEST does not exist - will build"
+              LATEST_VERSIONS+=("$LATEST")
+              BUILD_NODE=1
+            fi
+          else
+            echo "No version found for $VERSION"
+          fi
+        done
+        
+        # Create properly escaped JSON for GitHub Actions
+        MATRIX_JSON=$(jq -c -n --argjson versions "$(printf '%s\n' "${LATEST_VERSIONS[@]}" | jq -R . | jq -s .)" '{"node_version":$versions}')
+        echo "Matrix JSON: $MATRIX_JSON"
+        
+        # Setting output with proper delimiter for multiline values
+        echo "versions<<EOF" >> $GITHUB_OUTPUT
+        echo "$MATRIX_JSON" >> $GITHUB_OUTPUT
+        echo "EOF" >> $GITHUB_OUTPUT
+
+        echo "buildnode=$BUILD_NODE" >> $GITHUB_OUTPUT
+  
+  build_release:
+    name: Build and Release Node.js
+    needs: get_versions
+    if: needs.get_versions.outputs.buildnode == 1
+    strategy: 
+      matrix: ${{ fromJSON(needs.get_versions.outputs.versions) }}
+    uses: ./.github/workflows/build-release-alpine-nodejs.yml
+    permissions: 
+      contents: write
+    with:
+      NodeVersion: ${{ matrix.node_version }}
+
+    

CODEOWNERS

@@ -0,0 +1 @@
+* @actions/actions-runtime

CODE_OF_CONDUCT.md

@@ -0,0 +1,74 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to making participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, gender identity and expression, level of experience,
+nationality, personal appearance, race, religion, or sexual identity and
+orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment
+include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or
+advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic
+  address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable
+behavior and are expected to take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community. Examples of
+representing a project or community include using an official project e-mail
+address, posting via an official social media account, or acting as an appointed
+representative at an online or offline event. Representation of a project may be
+further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting the project team at opensource@github.com. All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. The project team is
+obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good
+faith may face temporary or permanent repercussions as determined by other
+members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
+available at [http://contributor-covenant.org/version/1/4][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/4/

CONTRIBUTING.md

@@ -0,0 +1,19 @@
+# Contributing
+
+## Submitting a pull request
+
+1. Fork and clone the repository
+1. Create a new branch: `git checkout -b my-branch-name`
+1. Push to your fork and submit a pull request
+1. Pat yourself on the back and wait for your pull request to be reviewed and merged
+
+## Tips for working this repository:  
+> - The repository is huge right now, you don't want to waste your time and disk space to get those unrelated files.
+>   - Ignore LFS files during initial `git clone` the repo with `GIT_LFS_SKIP_SMUDGE=1 git clone https://mseng@dev.azure.com/mseng/AzureDevOps/_git/CIPlat.Externals`
+>   - Ignore LFS files during any `git checkout` or `git fetch` operation with `GIT_LFS_SKIP_SMUDGE=1`.
+>   - You do want the LFS smudge filter to run during `git add` and `git push`, make sure you don't have `GIT_LFS_SKIP_SMUDGE=1` when you run `git add` and `git push`.
+> - More `Git-LFS` doc is at https://github.com/git-lfs/git-lfs/tree/main/docs
+
+Thanks! :heart: :heart: :heart:
+
+GitHub Actions Team :octocat:

LICENSE.txt

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright GitHub
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -1,8 +1,11 @@
-# alpine_nodejs
+# GitHub Alpine NodeJS
 
-[GitHub Actions Runner](https://github.com/actions/runner/blob/main/src/Misc/externals.sh) download alpine node.js from https://vstsagenttools.blob.core.windows.net/tools/nodejs
+[![Actions Status](https://github.com/actions/alpine_nodejs/workflows/Build%20Alpine%20Node.js/badge.svg)](https://github.com/actions/alpine_nodejs/actions)
 
-The [workflow](https://github.com/TingluoHuang/alpine_nodejs/actions/workflows/docker-image.yml) in this repository can compile a partial-static node.js for alpine and create a [GitHub release](https://github.com/TingluoHuang/alpine_nodejs/releases) for it.
+The Alpine NodeJS repo houses a redistribution of NodeJS builds that are used within the [GitHub Actions Runner](https://github.com/actions/runner/blob/main/src/Misc/externals.sh).
+
+## Getting Started
+The [workflow](https://github.com/actions/alpine_nodejs/actions/workflows/docker-image.yml) in this repository can compile a partial-static node.js for alpine and create a [GitHub release](https://github.com/actions/alpine_nodejs/releases) for it.
 
 - Queue workflow using `workflow_dispatch` trigger and set the `node` version you want to compile as input, ex: `v12.22.7`
 ![queue workflow](./res/queueWorkflow.png)
@@ -13,10 +16,3 @@ The [workflow](https://github.com/TingluoHuang/alpine_nodejs/actions/workflows/d
 - There should be a newly created release that matches the version you want for `node`, and it is able to run on alpine.
 ![new release](./res/createdRelease.png)
 
-- Once we get [approval](https://github.com/github/open-source-releases/issues/205) to change the current repository from `private` to `public`, then we can consume the release assets directly. In the meantime, you will need to follow [instructions](https://dev.azure.com/mseng/AzureDevOps/_wiki/wikis/AzureDevOps.wiki/4037/How-to-upload-resource-to-vstsagenttools.blob.core.windows.net) to check-in the compiled alpine node.js from the release assets as a `Git-LFS` files to https://dev.azure.com/mseng/AzureDevOps/_git/CIPlat.Externals and get it mirror into https://vstsagenttools.blob.core.windows.net/tools/nodejs
-> Tips for working with `CIPlat.Externals` repository:  
-> - The repository is huge right now, you don't want to waste your time and disk space to get those unrelated files.
->   - Ignore LFS files during initial `git clone` the repo with `GIT_LFS_SKIP_SMUDGE=1 git clone https://mseng@dev.azure.com/mseng/AzureDevOps/_git/CIPlat.Externals`
->   - Ignore LFS files during any `git checkout` or `git fetch` operation with `GIT_LFS_SKIP_SMUDGE=1`.
->   - You do want the LFS smudge filter to run during `git add` and `git push`, make sure you don't have `GIT_LFS_SKIP_SMUDGE=1` when you run `git add` and `git push`.
-> - More `Git-LFS` doc is at https://github.com/git-lfs/git-lfs/tree/main/docs

SECURITY.md

@@ -0,0 +1,31 @@
+Thanks for helping make GitHub safe for everyone.
+
+## Security
+
+GitHub takes the security of our software products and services seriously, including all of the open source code repositories managed through our GitHub organizations, such as [GitHub](https://github.com/GitHub).
+
+Even though [open source repositories are outside of the scope of our bug bounty program](https://bounty.github.com/index.html#scope) and therefore not eligible for bounty rewards, we will ensure that your finding gets passed along to the appropriate maintainers for remediation. 
+
+## Reporting Security Issues
+
+If you believe you have found a security vulnerability in any GitHub-owned repository, please report it to us through coordinated disclosure.
+
+**Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.**
+
+Instead, please send an email to opensource-security[@]github.com.
+
+Please include as much of the information listed below as you can to help us better understand and resolve the issue:
+
+  * The type of issue (e.g., buffer overflow, SQL injection, or cross-site scripting)
+  * Full paths of source file(s) related to the manifestation of the issue
+  * The location of the affected source code (tag/branch/commit or direct URL)
+  * Any special configuration required to reproduce the issue
+  * Step-by-step instructions to reproduce the issue
+  * Proof-of-concept or exploit code (if possible)
+  * Impact of the issue, including how an attacker might exploit the issue
+
+This information will help us triage your report more quickly.
+
+## Policy
+
+See [GitHub's Safe Harbor Policy](https://docs.github.com/en/github/site-policy/github-bug-bounty-program-legal-safe-harbor#1-safe-harbor-terms)

SUPPORT.md

@@ -0,0 +1,12 @@
+
+# Support 
+
+## How to file issues and get help
+
+This project does not support issues, however you may submit a pull request with any proposed improvements.
+
+`actions/alpine_nodejs` is under active development and maintained by GitHub staff **AND THE COMMUNITY**. We will do our best to respond to support, feature requests, and community questions in a timely manner.
+
+## GitHub Support Policy
+
+Support for this project is limited to the resources listed above.

versions.json

@@ -0,0 +1,4 @@
+[
+    "v20",
+    "v24"
+]