Add module-ref-mode config to support commit SHA references in wiki documentation #283
Conversation
Copilot
AI
changed the title
|
Lets:
Separately, in the PR, you mention "✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo." Can you confirm whether or not you are able to read and leverage the instructions file: |
Done in eba997a. Changes implemented:
Re: copilot-instructions.md - Yes, I can read and leverage |
|
Lets:
|
Done in 660bfc6. Changes implemented:
The implementation now consistently uses |
There was a problem hiding this comment.
@copilot Review comments. Additionally, let's add a new {{ ref_comment }} variable that adds the current tagVersion as a comment in standard notation # v2.2.3 ONLY if we use sha reference for the ref, otherwise, leave this as an empty string.
Done in 61c50e7. Added new
This allows users to see the human-readable tag version as a comment when the ref contains a commit SHA. Warning Firewall rules blocked me from connecting to one or more addresses (expand for details)I tried to connect to the following addresses, but was blocked by firewall rules:
If you need me to access, download, or install something from one of these locations, you can either:
|
Updated in 7eeda49. Changed PR description from checkbox-based to summary-based with bullet points organized into clear sections (Overview, Problem Statement, Solution, Key Features, Implementation Details, etc.). |
virgofx
force-pushed
the
copilot/fix-140f07b7-cb33-4fa9-b435-be76baf0a7ef
branch
5 times, most recently
from
54296bb to
8258de4
Compare
There was a problem hiding this comment.
Pull Request Overview
This PR implements a new module-ref-mode configuration option that controls how Terraform module usage examples reference versions in generated wiki documentation. This addresses module removal scenarios where tags can be deleted, breaking references for users of outdated module versions.
Key Changes
- Adds
module-ref-modeparameter with "tag" (default) and "sha" modes for wiki documentation - Extracts Git authentication logic into reusable
configureGitAuthentication()utility function - Updates tag handling to store commit SHAs alongside tag names using new
GitHubTagtype
Reviewed Changes
Copilot reviewed 24 out of 25 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
src/wiki.ts |
Updates wiki generation to support SHA mode with commit references and ref comments |
src/utils/metadata.ts |
Adds module-ref-mode to action input metadata |
src/utils/github.ts |
Extracts configureGitAuthentication function for reusable Git auth setup |
src/utils/constants.ts |
Defines MODULE_REF_MODE constants and validation arrays |
src/types/github.types.ts |
Adds GitHubTag interface with name and commitSHA fields |
src/types/config.types.ts |
Adds ModuleRefMode type and moduleRefMode config property |
src/terraform-module.ts |
Updates to use GitHubTag objects instead of string arrays for tags |
src/tags.ts |
Modifies getAllTags to return GitHubTag objects with commit SHAs |
src/releases.ts |
Updates release creation to store commit SHAs and use extracted auth function |
src/parser.ts |
Updates parseTerraformModules to work with GitHubTag type |
src/config.ts |
Adds validation for module-ref-mode parameter |
package.json |
Updates dependency versions and prettier command |
action.yml |
Adds module-ref-mode input parameter and updates usage template |
__tests__/** |
Comprehensive test updates for new GitHubTag structure and SHA mode functionality |
README.md |
Documents new module-ref-mode parameter and template variables |
.github/workflows/ci.yml |
Updates CI configuration with new parameter |
…cumentation - Implemented `module-ref-mode` input to control how module versions are referenced in generated documentation (options: "tag" or "sha"). - Updated `configureGitAuthentication` function to handle GitHub token authentication for HTTPS operations. - Enhanced tests for `configureGitAuthentication` to cover various scenarios including error handling and domain-specific configurations. - Modified `generateWikiFiles` function to utilize the new `moduleRefMode` configuration, adjusting the reference format based on the selected mode. - Refactored `TerraformModule` class to store tags as objects containing both name and commit SHA, allowing for better version management. - Updated metadata and constants to include new module reference mode options and validation. - Adjusted action YAML to include new input for `module-ref-mode` with appropriate descriptions.
virgofx
force-pushed
the
copilot/fix-140f07b7-cb33-4fa9-b435-be76baf0a7ef
branch
from
8258de4 to
2c8694c
Compare
📋 Release Plan
📝 Changelog
|
|
2 participants
Overview
This PR implements a new
module-ref-modeconfiguration option that controls how Terraform module usage examples reference versions in generated wiki documentation. This addresses the module removal scenario described in #171 where tags can be deleted, breaking references for users of outdated module versions.Problem Statement
When a Terraform module is decommissioned or renamed, all associated tags and releases are typically removed by default. This creates a critical issue: users referencing specific module versions lose their reference points when tags are deleted, potentially breaking their infrastructure. While the
delete-legacy-tagsparameter can preserve tags, an alternative approach is needed for environments using tools like Renovate that support digest pinning.As suggested in #171, commit SHAs provide an immutable reference that cannot be easily deleted from GitHub, unlike tags. However, SHAs alone are not human-readable, making it difficult to understand which version is being used.
Solution
This PR adds a
module-ref-modeinput parameter with two modes:Tag Mode (default - preserves current behavior)
SHA Mode (new - supports Renovate digest pinning)
When SHA mode is enabled, the action uses commit SHAs from the GitHub API for the
refparameter in generated documentation while preserving the tag name as a comment for human readability.Key Features
tag.commit.shaandrelease.target_commitish){{latest_tag}}always shows the tag name;{{ref}}contains the actual reference (tag or SHA);{{ref_comment}}provides tag version as inline comment in SHA modeImplementation Details
New Configuration
module-ref-mode"tag"|"sha""tag"Template Variables
{{latest_tag}}: Always contains the tag name (e.g.,aws/vpc-endpoint/v1.1.3){{ref}}: Contains the actual ref value - either tag name or commit SHA depending on mode{{ref_comment}}: Empty string in tag mode;# {version}in SHA mode for human-readable reference{{latest_tag_version_number}}: Version number without prefix{{module_source}}: Git source URL{{module_name_terraform}}: Terraform-safe module nameArchitecture Changes
nameandcommitSHAfields, mirroringGitHubReleasepatternGitHubTag[]instead of string arrays, consistent with release handlingtag.commit.shafield during tag retrievalrepos.createReleaseresponse'starget_commitishfieldGitHubTag[]Type Safety
MODULE_REF_MODE_TAG,MODULE_REF_MODE_SHA,ALLOWED_MODULE_REF_MODESALLOWED_MODULE_REF_MODES.includes()for runtime checkingTesting
GITHUB_TOKEN)Documentation
{{ref}}and{{ref_comment}}variableslatest_tag,latest_tag_version_number,ref,ref_commentBreaking Changes
None. This is a fully backward-compatible addition with the default behavior unchanged.
Example Usage
Related Issues
Closes #171
Credits
Thanks to @MaxymVlasov for the detailed suggestion and example configuration in #168!
Original prompt
This section details on the original issue you should resolve
<issue_title>Try to use digests not tags via Renovate, to deal with module removal issues</issue_title>
<issue_description>Also, hint about
You can note in docs that users can pin their modules to digests using Renovate (here example config - SpotOnInc/renovate-config), so they will not lose access to version if tag will be removed.
I am not sure that it will work fine with your tagging strategy, but you can try.
Originally posted by @MaxymVlasov in #168
That should end in something like this:
so, you'll still have tag as human-readable reference at the end of
ref, but actually point to commit sha, which can't be removed from Github so easy as tag deletionAnd yes, Renovate will automatically update
to
But it could stuck as there are so many different versions for different modules, that why it requires future investigation, and could require some custom configs
</issue_description>
<agent_instructions>Implement config option to control how Terraform module usage examples (WIKI/doc generation) choose the ref: tag vs commit SHA. Source issue: #171.
Requirements:
New config key: module_ref_mode with allowed values "tag" | "sha". Default: "tag" (must preserve current behavior).
When "tag": no change (use existing tag in ?ref=).
When "sha": resolve the commit SHA for the tag and substitute the SHA in ?ref= for all generated module examples. Tag/release creation process remains unchanged (still create tags/releases exactly as before). Only documentation output changes.
Validation: fail fast if value not in allowed set. Use TypeScript style consistent with repo:
Define string literal union type: type ModuleRefMode = "tag" | "sha"
Export runtime constants (e.g. const MODULE_REF_MODE_TAG = "tag" as const; const MODULE_REF_MODE_SHA = "sha" as const) and an ALLOWED_MODULE_REF_MODES array for validation.
Add a guard function isModuleRefMode(val: unknown): val is ModuleRefMode.
Config loading:
If key absent -> default "tag".
If present -> validate; on failure throw descriptive error: "Invalid module_ref_mode ''. Allowed: tag | sha".
SHA resolution (sha mode):
For each tag used in examples, get commit SHA (prefer local git: git rev-parse ).
Cache results in a Map to avoid repeated calls.
If resolution fails, abort with clear error (do NOT silently fallback to tag).
WIKI/doc generation:
Centralize ref selection in a helper: getDisplayRef(tag, mode).
Replace existing direct tag usage with call to helper.
Tests:
Default (no key) => tag output.
Explicit "tag" => tag output.
"sha" => 40-char hex SHA replaces tag.
Invalid value => throws.
Simulated missing tag in sha mode => error.
Documentation:
Update README / config docs: describe module_ref_mode (purpose, values, default, examples).
Note rationale: SHA mode improves immutability if tags later deleted.
No changes to release logic or tag deletion settings; only doc ref selection.
Commit message suggestion: feat: add module_ref_mode (tag|sha) for WIKI module reference style
Acceptance:
Backward compatibility: unchanged output when omitted.
Deterministic SHA substitution in sha mode.
Tests pass.</agent_instructions>
Comments on the Issue (you are @copilot in this section)
@virgofx This is a great suggestion. I love this. Thanks for documenting this so thoroughly! I'll ping you when I have something close and ready to test in next release. <...✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.