fabasoad
diff --git a/‎.github/workflows/functional-tests.yml
Lines changed: 84 additions & 23 deletions b/‎.github/workflows/functional-tests.yml
Lines changed: 84 additions & 23 deletions
diff --git a/‎.github/workflows/release.yml
Lines changed: 3 additions & 26 deletions b/‎.github/workflows/release.yml
Lines changed: 3 additions & 26 deletions
diff --git a/‎.github/workflows/security.yml
Lines changed: 19 additions & 0 deletions b/‎.github/workflows/security.yml
Lines changed: 19 additions & 0 deletions
diff --git a/‎.github/workflows/sync-labels.yml
Lines changed: 13 additions & 0 deletions b/‎.github/workflows/sync-labels.yml
Lines changed: 13 additions & 0 deletions
diff --git a/‎.github/workflows/update-license.yml
Lines changed: 12 additions & 0 deletions b/‎.github/workflows/update-license.yml
Lines changed: 12 additions & 0 deletions
diff --git a/‎.pre-commit-config.yaml
Lines changed: 33 additions & 6 deletions b/‎.pre-commit-config.yaml
Lines changed: 33 additions & 6 deletions
diff --git a/‎README.md
Lines changed: 33 additions & 6 deletions b/‎README.md
Lines changed: 33 additions & 6 deletions
@@ -4,39 +4,100 @@ name: Functional Tests
 on: # yamllint disable-line rule:truthy
   push:
     branches:
-      - "main"
+      - main
   pull_request:
+    paths:
+      - .github/workflows/functional-tests.yml
+      - src/**
+      - action.yml
+  schedule:
+    # Every Friday at 09:00 JST
+    - cron: "0 0 * * 5"
+  workflow_dispatch: {}
+
+defaults:
+  run:
+    shell: sh
 
 jobs:
-  functional_tests:
+  get-versions:
+    name: Get 3 latest versions
+    runs-on: ubuntu-latest
+    timeout-minutes: 5
+    outputs:
+      versions: ${{ steps.prepare-list.outputs.versions }}
+    steps:
+      - name: Prepare list
+        id: prepare-list
+        env:
+          RELEASES_AMOUNT: "3"
+          TARGET_PIP_PACKAGE: "brainfucky"
+        run: |
+          versions=$(curl -s "https://pypi.org/pypi/${TARGET_PIP_PACKAGE}/json" \
+            | jq -c -r --arg n "${RELEASES_AMOUNT}" '.releases | keys | .[-($n | tonumber):] | . += ["latest"]')
+          echo "versions=${versions}" >> "$GITHUB_OUTPUT"
+  run-script:
     name: Run script
+    needs: [get-versions]
+    runs-on: ${{ matrix.os }}-latest
     timeout-minutes: 5
     strategy:
       fail-fast: false
       matrix:
         os: ["ubuntu", "windows", "macos"]
-        version: ["0.1.dev0", "0.1.dev1"]
-    runs-on: ${{ matrix.os }}-latest
+        version: ${{ fromJSON(needs.get-versions.outputs.versions) }}
     steps:
-      - uses: actions/checkout@v4
-      - uses: ./
+      - name: Checkout ${{ github.repository }}
+        uses: actions/checkout@v4
+      - name: Setup brainfuck
+        id: setup-brainfuck
+        uses: ./
         with:
-          version: ${{ matrix.version }}
-      - name: Validate command (Linux, macOS)
-        if: ${{ runner.os != 'Windows' }}
+          version: "${{ matrix.version }}"
+      - name: Test action completion
         run: |
-          touch ./hello-world.bf
-          echo "++++++++[>++++[>++>+++>+++>+<<<<-]>+>+>->>+[<]<-]>>.>---.+++++++..+++.>>.<-.<.++" > ./hello-world.bf
-          echo "+.------.--------.>>+.>++." >> ./hello-world.bf
-          output=$(brainfucky --file ./hello-world.bf)
-          rm ./hello-world.bf
-          [[ "${output:32:12}" == "Hello World!" ]] || exit 1;
-        shell: bash
-      - name: Validate command (Windows)
-        if: ${{ runner.os == 'Windows' }}
+          test_equal() {
+            if [ "${2}" != "${3}" ]; then
+              echo "::error title=${1}::Expected: ${3}. Actual: ${2}."
+              exit 1
+            fi
+          }
+          test_equal "setup-brainfuck should be installed" \
+            "${{ steps.setup-brainfuck.outputs.installed }}" \
+            "true"
+          test_equal "Wrong execution output" \
+            "$(brainfucky --file ./hello-world.bf | sed -n '2p')" \
+            "Hello World!"
+  test-force:
+    name: Test force
+    runs-on: ubuntu-latest
+    timeout-minutes: 5
+    strategy:
+      fail-fast: false
+      matrix:
+        force: ["true", "false"]
+    steps:
+      - name: Checkout ${{ github.repository }}
+        uses: actions/checkout@v4
+      - name: Setup brainfuck 1
+        id: setup-brainfuck-1
+        uses: ./
+      - name: Setup brainfuck 2
+        id: setup-brainfuck-2
+        uses: ./
+        with:
+          force: ${{ matrix.force }}
+      - name: Test action completion
         run: |
-          New-Item -Path . -Name "hello-world.bf" -ItemType "file" -Value "++++++++[>++++[>++>+++>+++>+<<<<-]>+>+>->>+[<]<-]>>.>---.+++++++..+++.>>.<-.<.++`n+.------.--------.>>+.>++."
-          $Output = (brainfucky --file ./hello-world.bf) | Out-String
-          Remove-Item hello-world.bf
-          &{If($Output.Substring(33, 12) -ne 'Hello World!') {exit 1}}
-        shell: pwsh
+          test_equal() {
+            if [ "${2}" != "${3}" ]; then
+              echo "::error title=${1}::Expected: ${3}. Actual: ${2}."
+              exit 1
+            fi
+          }
+          test_equal "Wrong \"installed\" output from setup-brainfuck-1" \
+            "${{ steps.setup-brainfuck-1.outputs.installed }}" \
+            "true"
+          test_equal "Wrong \"installed\" output from setup-brainfuck-2" \
+            "${{ steps.setup-brainfuck-2.outputs.installed }}" \
+            "${{ matrix.force }}"
@@ -7,29 +7,6 @@ on: # yamllint disable-line rule:truthy
       - "v*.*.*"
 
 jobs:
-  create-release:
-    name: Create release
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-      - name: Get changelog
-        id: changelog
-        uses: simbo/changes-since-last-release-action@v1
-      - name: Create release
-        uses: softprops/action-gh-release@v2
-        with:
-          tag_name: ${{ github.ref }}
-          name: ${{ github.ref_name }}
-          token: ${{ secrets.GITHUB_TOKEN }}
-          body: |
-            # Changelog
-
-            ${{ steps.changelog.outputs.log }}
-          draft: false
-          prerelease: false
-      - name: Bump tags
-        uses: fischerscode/tagger@v0
-        with:
-          prefix: v
+  github:
+    name: GitHub
+    uses: fabasoad/reusable-workflows/.github/workflows/wf-github-release.yml@main
@@ -0,0 +1,19 @@
+---
+name: Security
+
+on: # yamllint disable-line rule:truthy
+  pull_request: {}
+  push:
+    branches:
+      - main
+
+jobs:
+  sast:
+    name: SAST
+    permissions:
+      contents: read
+      security-events: write
+    uses: fabasoad/reusable-workflows/.github/workflows/wf-security-sast.yml@main
+    with:
+      code-scanning: true
+      sca: true
@@ -0,0 +1,13 @@
+---
+name: Labels
+
+on: # yamllint disable-line rule:truthy
+  push:
+    branches:
+      - main
+  workflow_dispatch: {}
+
+jobs:
+  maintenance:
+    name: Maintenance
+    uses: fabasoad/reusable-workflows/.github/workflows/wf-sync-labels.yml@main
@@ -0,0 +1,12 @@
+---
+name: License
+
+on: # yamllint disable-line rule:truthy
+  schedule:
+    # Every January 1st at 14:00 JST
+    - cron: "0 5 1 1 *"
+
+jobs:
+  maintenance:
+    name: Maintenance
+    uses: fabasoad/reusable-workflows/.github/workflows/wf-update-license.yml@main
@@ -1,9 +1,21 @@
 ---
 default_install_hook_types: ["pre-commit", "pre-push"]
 default_stages: ["pre-commit", "pre-push"]
-exclude: ^\.gitleaks\.toml$
 minimum_pre_commit_version: 2.18.0
 repos:
+  # Linting
+  - repo: local
+    hooks:
+      - id: prettier
+        name: Prettier
+        entry: prettier --write --ignore-unknown
+        language: node
+        types: [text]
+        args: []
+        files: ^(.*\.md|.*\.yaml|.*\.yml)$
+        # https://github.com/prettier/prettier/releases
+        additional_dependencies: ["[email protected]"]
+        stages: ["pre-commit"]
   # Security
   - repo: https://github.com/Yelp/detect-secrets
     rev: v1.5.0
@@ -13,12 +25,27 @@ repos:
     rev: v8.23.3
     hooks:
       - id: gitleaks
+  - repo: https://github.com/fabasoad/pre-commit-grype
+    rev: v0.6.2
+    hooks:
+      - id: grype-dir
+        args:
+          - --grype-args=--by-cve --fail-on=low
+          - --hook-args=--log-level debug
+        stages: ["pre-push"]
   # Markdown
   - repo: https://github.com/igorshubovych/markdownlint-cli
     rev: v0.44.0
     hooks:
       - id: markdownlint-fix
         stages: ["pre-commit"]
+  # Shell
+  - repo: https://github.com/openstack/bashate
+    rev: 2.1.1
+    hooks:
+      - id: bashate
+        args: ["-i", "E003,E006"]
+        stages: ["pre-commit"]
   # Yaml
   - repo: https://github.com/adrienverge/yamllint
     rev: v1.35.1
@@ -33,15 +60,15 @@ repos:
         args: ["-pyflakes="]
         stages: ["pre-push"]
   # Other
-  - repo: https://github.com/pre-commit/mirrors-prettier
-    rev: v4.0.0-alpha.8
-    hooks:
-      - id: prettier
-        stages: ["pre-commit"]
   - repo: https://github.com/pre-commit/pre-commit-hooks
     rev: v5.0.0
     hooks:
+      - id: check-executables-have-shebangs
+        stages: ["pre-commit"]
+      - id: check-shebang-scripts-are-executable
+        stages: ["pre-commit"]
       - id: check-merge-conflict
+        stages: ["pre-commit"]
       - id: check-json
         stages: ["pre-push"]
       - id: detect-private-key
 
@@ -4,20 +4,47 @@
 ![Releases](https://img.shields.io/github/v/release/fabasoad/setup-brainfuck-action?include_prereleases)
 ![functional-tests](https://github.com/fabasoad/setup-brainfuck-action/actions/workflows/functional-tests.yml/badge.svg)
 ![linting](https://github.com/fabasoad/setup-brainfuck-action/actions/workflows/linting.yml/badge.svg)
+![security](https://github.com/fabasoad/setup-brainfuck-action/actions/workflows/security.yml/badge.svg)
 
-This action installs one of the brainfuck interpreters called [brainfucky](https://pypi.org/project/brainfucky/).
+This action installs [brainfucky](https://pypi.org/project/brainfucky/) - one of
+the brainfuck interpreters.
+
+## Supported OS
+
+<!-- prettier-ignore-start -->
+| OS      |                    |
+|---------|--------------------|
+| Windows | :white_check_mark: |
+| Linux   | :white_check_mark: |
+| macOS   | :white_check_mark: |
+<!-- prettier-ignore-end -->
 
 ## Prerequisites
 
-The following tools have to be installed for successful work of this GitHub action:
-[pip3](https://pip.pypa.io/en/stable/).
+None.
 
 ## Inputs
 
+```yaml
+- uses: fabasoad/setup-brainfuck-action@v1
+  with:
+    # (Optional) brainfucky interpreter version. Defaults to the latest version.
+    version: "0.1.dev1"
+    # (Optional) If "false" skips installation if brainfucky is already installed.
+    # If "true" installs brainfucky in any case. Defaults to "false".
+    force: "false"
+    # (Optional) GitHub token that is used to send requests to GitHub API such
+    # as getting available python versions. Defaults to the token provided by
+    # GitHub Actions environment.
+    github-token: "${{ github.token }}"
+```
+
+## Outputs
+
 <!-- prettier-ignore-start -->
-| Name    | Required | Description                                                                                       | Default    | Possible values        |
-|---------|----------|---------------------------------------------------------------------------------------------------|------------|------------------------|
-| version | No       | Brainfucky library version that can be found [here](https://pypi.org/project/brainfucky/) version | `0.1.dev1` | `0.1.dev1`, `0.1.dev0` |
+| Name      | Description                             | Example |
+|-----------|-----------------------------------------|---------|
+| installed | Whether brainfucky was installed or not | `true`  |
 <!-- prettier-ignore-end -->
 
 ## Example usage