-
Notifications
You must be signed in to change notification settings - Fork 140
146 lines (132 loc) · 5.81 KB
/
copilot-setup-steps.yml
File metadata and controls
146 lines (132 loc) · 5.81 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
# Copyright (c) Microsoft Corporation.
# SPDX-License-Identifier: MIT
#
# copilot-setup-steps.yml
# Pre-install tools and dependencies for GitHub Copilot Coding Agent
# Reference: https://docs.github.com/en/copilot/how-tos/use-copilot-agents/coding-agent/customize-the-agent-environment
name: "Copilot Setup Steps"
# Copilot coding agent runs these steps internally before starting work.
# Use workflow_dispatch to manually validate the setup when desired.
on:
workflow_dispatch:
# Minimal permissions
permissions:
contents: read
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: false
jobs:
# Job MUST be named 'copilot-setup-steps' to be recognized by Copilot
copilot-setup-steps:
runs-on: ubuntu-latest
# Minimal permissions; Copilot receives its own token for operations
permissions:
contents: read
steps:
- name: Checkout code
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4.2.2
with:
persist-credentials: false
- name: Set up Node.js
uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
with:
node-version: "20"
cache: "npm"
# continue-on-error allows Copilot to start work even if dependencies fail,
# so it can fix package.json/package-lock.json issues itself
- name: Install JavaScript dependencies
continue-on-error: true
run: npm ci
- name: Set up Python
uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
with:
python-version: "3.11"
- name: Install actionlint
env:
ACTIONLINT_VERSION: '1.7.10'
ACTIONLINT_AMD64_SHA256: 'f4c76b71db5755a713e6055cbb0857ed07e103e028bda117817660ebadb4386f'
ACTIONLINT_ARM64_SHA256: 'cd3dfe5f66887ec6b987752d8d9614e59fd22f39415c5ad9f28374623f41773a'
GITHUB_RELEASES_URL: ${{ vars.HVE_GITHUB_RELEASES_URL || 'https://github.com' }}
run: |
ARCH=$(uname -m)
if [[ "${ARCH}" == "x86_64" ]]; then
ACTIONLINT_ARCH="amd64"
ACTIONLINT_SHA256="${ACTIONLINT_AMD64_SHA256}"
elif [[ "${ARCH}" == "aarch64" ]]; then
ACTIONLINT_ARCH="arm64"
ACTIONLINT_SHA256="${ACTIONLINT_ARM64_SHA256}"
else
echo "ERROR: Unsupported architecture for actionlint: ${ARCH}" >&2
exit 1
fi
curl -sSfL "${GITHUB_RELEASES_URL}/rhysd/actionlint/releases/download/v${ACTIONLINT_VERSION}/actionlint_${ACTIONLINT_VERSION}_linux_${ACTIONLINT_ARCH}.tar.gz" -o /tmp/actionlint.tar.gz
echo "${ACTIONLINT_SHA256} /tmp/actionlint.tar.gz" | sha256sum -c -
tar -xzf /tmp/actionlint.tar.gz actionlint
sudo install actionlint /usr/local/bin/actionlint
rm actionlint /tmp/actionlint.tar.gz
actionlint --version
- name: Install PowerShell modules
shell: pwsh
env:
HVE_PSGALLERY_REPOSITORY: ${{ vars.HVE_PSGALLERY_REPOSITORY || '' }}
HVE_PSGALLERY_SOURCE_URL: ${{ vars.HVE_PSGALLERY_SOURCE_URL || '' }}
run: |
$repo = if ($env:HVE_PSGALLERY_REPOSITORY) { $env:HVE_PSGALLERY_REPOSITORY } else { 'PSGallery' }
if ($env:HVE_PSGALLERY_SOURCE_URL) {
Register-PSRepository -Name $repo -SourceLocation $env:HVE_PSGALLERY_SOURCE_URL -InstallationPolicy Trusted -ErrorAction SilentlyContinue
}
Install-Module -Name PowerShell-Yaml -Force -Scope CurrentUser -Repository $repo
Install-Module -Name PSScriptAnalyzer -Force -Scope CurrentUser -Repository $repo
Install-Module -Name Pester -RequiredVersion 5.7.1 -Force -Scope CurrentUser -Repository $repo
- name: Install uv package manager
env:
UV_VERSION: '0.10.8'
UV_X86_64_SHA256: 'f0c566b55683395a62fefb9261a060fa09824914b5682c3b9629fa154762ae2f'
UV_AARCH64_SHA256: '661860e954f87dcd823251191866af3486484d1a9df60eed56f4586ed7559e3d'
GITHUB_RELEASES_URL: ${{ vars.HVE_GITHUB_RELEASES_URL || 'https://github.com' }}
run: |
ARCH=$(uname -m)
if [[ "${ARCH}" == "x86_64" ]]; then
UV_ARCH="x86_64-unknown-linux-gnu"
UV_SHA256="${UV_X86_64_SHA256}"
elif [[ "${ARCH}" == "aarch64" ]]; then
UV_ARCH="aarch64-unknown-linux-gnu"
UV_SHA256="${UV_AARCH64_SHA256}"
else
echo "ERROR: Unsupported architecture for uv: ${ARCH}" >&2
exit 1
fi
curl -sSfL "${GITHUB_RELEASES_URL}/astral-sh/uv/releases/download/${UV_VERSION}/uv-${UV_ARCH}.tar.gz" -o /tmp/uv.tar.gz
echo "${UV_SHA256} /tmp/uv.tar.gz" | sha256sum -c -
sudo tar -xzf /tmp/uv.tar.gz -C /usr/local/bin --strip-components=1 "uv-${UV_ARCH}/uv" "uv-${UV_ARCH}/uvx"
rm /tmp/uv.tar.gz
uv --version
uvx --version
echo "Syncing Python environments for skills..."
failed=0
while IFS= read -r -d '' f; do
dir="$(dirname "${f}")"
echo "Installing dependencies in ${dir}"
if ! (cd "${dir}" && uv sync); then
echo "::error::uv sync failed in ${dir}"
failed=1
fi
done < <(find .github/skills -name pyproject.toml -type f -print0)
if [[ "${failed}" -ne 0 ]]; then
echo "::error::One or more skill dependency installations failed"
exit 1
fi
- name: Verify tool availability
run: |
echo "=== Tool Versions ==="
node --version
npm --version
python3 --version
pwsh --version
shellcheck --version
actionlint --version
uv --version
uvx --version
echo ""
echo "=== npm Scripts Available ==="
npm run --list