Let It Go

.eslintignore

@@ -0,0 +1,3 @@
+dist/
+lib/
+node_modules/

.eslintrc.json

@@ -0,0 +1,58 @@
+{
+  "plugins": ["@typescript-eslint"],
+  "extends": ["plugin:github/es6"],
+  "parser": "@typescript-eslint/parser",
+  "parserOptions": {
+    "ecmaVersion": 9,
+    "sourceType": "module",
+    "project": "./tsconfig.json"
+  },
+  "rules": {
+    "prettier/prettier": "off",
+    "no-console": "off",
+    "eslint-comments/no-use": "off",
+    "import/no-namespace": "off",
+    "no-unused-vars": "off",
+    "@typescript-eslint/no-unused-vars": "error",
+    "@typescript-eslint/no-require-imports": "error",
+    "@typescript-eslint/array-type": "error",
+    "@typescript-eslint/await-thenable": "error",
+    "@typescript-eslint/ban-ts-ignore": "error",
+    "camelcase": "off",
+    "@typescript-eslint/camelcase": "error",
+    "@typescript-eslint/class-name-casing": "error",
+    "@typescript-eslint/explicit-function-return-type": ["error", {"allowExpressions": true}],
+    "@typescript-eslint/func-call-spacing": ["error", "never"],
+    "@typescript-eslint/generic-type-naming": ["error", "^[A-Z][A-Za-z]*$"],
+    "@typescript-eslint/no-array-constructor": "error",
+    "@typescript-eslint/no-empty-interface": "error",
+    "@typescript-eslint/no-explicit-any": "error",
+    "@typescript-eslint/no-extraneous-class": "error",
+    "@typescript-eslint/no-for-in-array": "error",
+    "@typescript-eslint/no-inferrable-types": "error",
+    "@typescript-eslint/no-misused-new": "error",
+    "@typescript-eslint/no-namespace": "error",
+    "@typescript-eslint/no-non-null-assertion": "warn",
+    "@typescript-eslint/no-object-literal-type-assertion": "error",
+    "@typescript-eslint/no-unnecessary-qualifier": "error",
+    "@typescript-eslint/no-unnecessary-type-assertion": "error",
+    "@typescript-eslint/no-useless-constructor": "error",
+    "@typescript-eslint/no-var-requires": "error",
+    "@typescript-eslint/prefer-for-of": "warn",
+    "@typescript-eslint/prefer-function-type": "warn",
+    "@typescript-eslint/prefer-includes": "error",
+    "@typescript-eslint/prefer-interface": "error",
+    "@typescript-eslint/prefer-string-starts-ends-with": "error",
+    "@typescript-eslint/promise-function-async": "error",
+    "@typescript-eslint/require-array-sort-compare": "error",
+    "@typescript-eslint/restrict-plus-operands": "error",
+    "semi": "off",
+    "@typescript-eslint/semi": ["error", "never"],
+    "@typescript-eslint/type-annotation-spacing": "error",
+    "@typescript-eslint/unbound-method": "error"
+  },
+  "env": {
+    "node": true,
+    "es6": true
+  }
+}

.gitignore

@@ -0,0 +1,99 @@
+# Dependency directory
+node_modules
+
+# Rest pulled from https://github.com/github/gitignore/blob/master/Node.gitignore
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+lerna-debug.log*
+
+# Diagnostic reports (https://nodejs.org/api/report.html)
+report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json
+
+# Runtime data
+pids
+*.pid
+*.seed
+*.pid.lock
+
+# Directory for instrumented libs generated by jscoverage/JSCover
+lib-cov
+
+# Coverage directory used by tools like istanbul
+coverage
+*.lcov
+
+# nyc test coverage
+.nyc_output
+
+# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files)
+.grunt
+
+# Bower dependency directory (https://bower.io/)
+bower_components
+
+# node-waf configuration
+.lock-wscript
+
+# Compiled binary addons (https://nodejs.org/api/addons.html)
+build/Release
+
+# Dependency directories
+jspm_packages/
+
+# TypeScript v1 declaration files
+typings/
+
+# TypeScript cache
+*.tsbuildinfo
+
+# Optional npm cache directory
+.npm
+
+# Optional eslint cache
+.eslintcache
+
+# Optional REPL history
+.node_repl_history
+
+# Output of 'npm pack'
+*.tgz
+
+# Yarn Integrity file
+.yarn-integrity
+
+# dotenv environment variables file
+.env
+.env.test
+
+# parcel-bundler cache (https://parceljs.org/)
+.cache
+
+# next.js build output
+.next
+
+# nuxt.js build output
+.nuxt
+
+# vuepress build output
+.vuepress/dist
+
+# Serverless directories
+.serverless/
+
+# FuseBox cache
+.fusebox/
+
+# DynamoDB Local files
+.dynamodb/
+
+# OS metadata
+.DS_Store
+Thumbs.db
+
+# Ignore built ts files
+__tests__/runner/*
+lib/**/*

.prettierignore

@@ -0,0 +1,3 @@
+dist/
+lib/
+node_modules/

.prettierrc.json

@@ -0,0 +1,11 @@
+{
+  "printWidth": 80,
+  "tabWidth": 2,
+  "useTabs": false,
+  "semi": false,
+  "singleQuote": true,
+  "trailingComma": "none",
+  "bracketSpacing": false,
+  "arrowParens": "avoid",
+  "parser": "typescript"
+}

LICENSE

@@ -0,0 +1,190 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        https://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   Copyright 2017 Flant JSC <256@flant.com>
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       https://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

README.md

@@ -0,0 +1,188 @@
+<p align="center">
+  <img src="https://github.com/flant/werf/raw/master/docs/images/werf-logo.svg?sanitize=true" style="max-height:100%;" height="175">
+</p>
+___
+
+This action set allows you to organize CI/CD with GitHub Actions and [werf](https://github.com/flant/werf). The set consists of four independent complex actions:
+
+- [flant/werf-actions/converge](https://github.com/flant/werf-actions/tree/master/converge)
+- [flant/werf-actions/build-and-publish](https://github.com/flant/werf-actions/tree/master/build-and-publish)
+- [flant/werf-actions/deploy](https://github.com/flant/werf-actions/tree/master/deploy)
+- [flant/werf-actions/cleanup](https://github.com/flant/werf-actions/tree/master/cleanup)
+
+Each action combines all the necessary steps in itself and logic may be divided into __environment setup__ and launching the corresponding command.
+
+> Also, there is another action — [flant/werf-actions/install](https://github.com/flant/werf-actions/tree/master/install). With this action a user can just install werf and use binary within job steps for own purposes
+
+## Environment setup in details
+
+### werf binary setup
+
+By default, all actions setup actual werf version for [1.1 stable channel](https://werf.io/releases.html) (more details about channels, werf release cycle and compatibility promise [here](https://github.com/flant/werf#backward-compatibility-promise)). 
+Using `group` and `channel` inputs the user can switch the release channel.
+
+> This is recommended approach to be up-to-date and to use actual werf version without changing configurations
+  
+```yaml
+- uses: flant/werf-actions/converge@v1
+  with:
+    group: 1.1
+    channel: alpha
+```
+  
+Withal, it is not necessary to work within release channels, and the user might specify certain werf version with `version` input.
+
+```yaml
+- uses: flant/werf-actions/converge@v1
+  with:
+    version: v1.1.16
+```
+
+### kubeconfig setup (*optional*)
+
+The _kubeconfig_ may be used for deployment, cleanup, distributed locks and caches. Thus, the configuration should be added before step with the action or passed as base64 encoded data with `kube-config-base64-data` input:
+
+* Prepare _kubeconfig_ (e.g. `cat ~/.kube/config | base64`) and save in GitHub Project Secrets (e.g. with name `KUBE_CONFIG_BASE64_DATA`).
+ 
+* Pass secret with `kube-config-base64-data` input:
+ 
+  ```yaml
+  - uses: flant/werf-actions/build-and-publish@v1
+    with:
+      kube-config-base64-data: ${{ secrets.KUBE_CONFIG_BASE64_DATA }}
+  ```
+
+### werf ci-env
+
+This command performs _docker login_ using `github-token`, sets up predefined variables based on GitHub Workflow context.  
+ 
+**Note** that `github-token` is optional in this action, and the input is there in case you need to use a non-default token.
+
+By default, action will use the token provided to your workflow.
+
+## Working with werf options
+
+Any werf option can be defined with environment variables:
+
+```yaml
+- uses: flant/werf-actions/build-and-publish@v1
+  env:
+    WERF_LOG_VERBOSE: "on"
+    WERF_TAG_CUSTOM_TAG1: tag1
+    WERF_TAG_CUSTOM_TAG2: tag2
+```
+
+## Examples
+
+### converge
+
+```yaml
+converge:
+  name: Converge
+  runs-on: ubuntu-latest
+  steps:
+
+    - name: Checkout code
+      uses: actions/checkout@v2
+      with:
+        fetch-depth: 0
+
+    - name: Converge
+      uses: flant/werf-actions/converge@master
+      with:
+        env: production
+        kube-config-base64-data: ${{ secrets.KUBE_CONFIG_BASE64_DATA }}
+```
+
+### build, publish and deploy
+
+```yaml
+build-and-publish:
+  name: Build and Publish
+  runs-on: ubuntu-latest
+  steps:
+
+    - name: Checkout code
+      uses: actions/checkout@v2
+      with:
+        fetch-depth: 0
+
+    - name: Build and Publish
+      uses: flant/werf-actions/build-and-publish@master
+      with:
+        kube-config-base64-data: ${{ secrets.KUBE_CONFIG_BASE64_DATA }}
+
+deploy:
+  name: Deploy
+  needs: build-and-publish
+  runs-on: ubuntu-latest
+  steps:
+
+    - name: Checkout code
+      uses: actions/checkout@v2
+      with:
+        fetch-depth: 0
+
+    - name: Deploy
+      uses: flant/werf-actions/deploy@master
+      with:
+        env: production
+        kube-config-base64-data: ${{ secrets.KUBE_CONFIG_BASE64_DATA }}
+```
+
+### cleanup
+
+```yaml
+cleanup: 
+  name: Cleanup
+  runs-on: ubuntu-latest
+  steps:
+  
+    - name: Checkout code
+      uses: actions/checkout@v2
+
+    - name: Fetch all history for all tags and branches
+      run: git fetch --prune --unshallow
+
+    - name: Cleanup
+      uses: flant/werf-actions/cleanup@v1
+      with:
+        kube-config-base64-data: ${{ secrets.KUBE_CONFIG_BASE64_DATA }}
+```
+
+### install
+
+```yaml
+werf:
+  name: werf 
+  runs-on: ubuntu-latest
+  steps:
+  
+    - name: Checkout code  
+      uses: actions/checkout@v1
+
+    - name: Install werf CLI  
+      uses: flant/werf-actions/install@v1
+    
+    # for deploy and distributed locks
+    - name: Create kube config
+      run: |
+        KUBECONFIG=$(mktemp -d)/config
+        base64 -d <(printf "%s" $KUBE_CONFIG_BASE64_DATA) > $KUBECONFIG
+        echo ::set-env name=KUBECONFIG::$KUBECONFIG
+      env:
+        KUBE_CONFIG_BASE64_DATA: ${{ secrets.KUBE_CONFIG_BASE64_DATA }}
+  
+    - name: Run werf commands
+      run: |
+        source $(werf ci-env github --as-file)
+        werf build-and-publish
+        werf deploy
+      env:
+        GITHUB_TOKEN: ${{ github.token }}
+        WERF_ENV: production
+```
+
+# License
+
+Apache License 2.0, see [LICENSE](LICENSE)

action.yml

@@ -0,0 +1,31 @@
+name: werf converge
+author: 'Flant'
+description: 'Prepare the environment and perform building, publishing and deployment with werf'
+branding:
+  color: blue
+  icon: anchor
+inputs:
+  group:
+    description: 'The MAJOR.MINOR version'
+    default: '1.1'
+    required: false
+  channel:
+    description: 'The one of the following channel: alpha, beta, ea, stable, rock-solid'
+    default: 'stable'
+    required: false
+  version:
+    description: 'The certain version'
+    required: false
+  env:
+    description: 'Specific deployment environment'
+    required: true
+  github-token:
+    description: 'The GitHub token used to login and to interact with Docker Github Packages'
+    default: ${{ github.token }}
+    required: false
+  kube-config-base64-data:
+    description: 'Base64 encoded kubeconfig data used for deployment, cleanup and distributed locks'
+    required: false
+runs:
+  using: 'node12'
+  main: 'converge/index.js'

build-and-publish/README.md

@@ -0,0 +1,106 @@
+<p align="center">
+  <img src="https://github.com/flant/werf/raw/master/docs/images/werf-logo.svg?sanitize=true" style="max-height:100%;" height="175">
+</p>
+___
+
+The action combines all the necessary steps in itself and logic may be divided into environment setup and launching `werf build-and-publish`.
+
+## Action in Details
+
+### werf binary setup
+ 
+By default, all actions setup actual werf version for [1.1 stable channel](https://werf.io/releases.html) (more details about channels, werf release cycle and compatibility promise [here](https://github.com/flant/werf#backward-compatibility-promise)). 
+Using `group` and `channel` inputs the user can switch the release channel.
+
+> This is recommended approach to be up-to-date and to use actual werf version without changing configurations
+  
+```yaml
+- uses: flant/werf-actions/build-and-publish@v1
+  with:
+    group: 1.1
+    channel: alpha
+```
+  
+Withal, it is not necessary to work within release channels, and the user might specify certain werf version with `version` input.
+
+```yaml
+- uses: flant/werf-actions/build-and-publish@v1
+  with:
+    version: v1.1.16
+```
+
+### kubeconfig setup (*optional*)
+
+The _kubeconfig_ may be used for deployment, cleanup, distributed locks and caches. Thus, the configuration should be added before step with the action or passed as base64 encoded data with `kube-config-base64-data` input:  
+
+* Prepare _kubeconfig_ (e.g. `cat ~/.kube/config | base64`) and save in GitHub Project Secrets (e.g. with name `KUBE_CONFIG_BASE64_DATA`).
+ 
+* Pass secret with `kube-config-base64-data` input:
+ 
+  ```yaml
+  - uses: flant/werf-actions/build-and-publish@v1
+    with:
+      kube-config-base64-data: ${{ secrets.KUBE_CONFIG_BASE64_DATA }}
+  ```
+
+### werf ci-env
+
+This command performs _docker login_ using `github-token`, sets up predefined variables based on GitHub Workflow context.  
+ 
+**Note** that `github-token` is optional in this action, and the input is there in case you need to use a non-default token.
+
+By default, action will use the token provided to your workflow.
+
+## Working with werf options
+
+Any werf option can be defined with environment variables:
+
+```yaml
+- uses: flant/werf-actions/build-and-publish@v1
+  env:
+    WERF_LOG_VERBOSE: "on"
+    WERF_TAG_CUSTOM_TAG1: tag1
+    WERF_TAG_CUSTOM_TAG2: tag2
+```
+
+## Inputs
+
+```yaml
+group:
+  description: 'The MAJOR.MINOR version'
+  default: '1.1'
+  required: false
+channel:
+  description: 'The one of the following channel: alpha, beta, ea, stable, rock-solid'
+  default: 'stable'
+  required: false
+version:
+  description: 'The certain version'
+  required: false
+github-token:
+  description: 'The GitHub token used to login and to interact with Docker Github Packages'
+  default: ${{ github.token }}
+  required: false
+kube-config-base64-data:
+  description: 'Base64 encoded kubeconfig data used for deployment, cleanup and distributed locks'
+  required: false
+```
+
+## Example
+
+```yaml
+build-and-publish: 
+  name: Build and Publish
+  runs-on: ubuntu-latest
+  steps:
+  
+    - name: Checkout code
+      uses: actions/checkout@v2
+      with:
+        fetch-depth: 0
+
+    - name: Build and Publish  
+      uses: flant/werf-actions/build-and-publish@v1
+      with:
+        kube-config-base64-data: ${{ secrets.KUBE_CONFIG_BASE64_DATA }}
+```

build-and-publish/action.yml

@@ -0,0 +1,28 @@
+name: werf build-and-publish
+author: 'Flant'
+description: 'Prepare the environment and perform image building and publishing with werf'
+branding:
+  color: blue
+  icon: anchor
+inputs:
+  group:
+    description: 'The MAJOR.MINOR version'
+    default: '1.1'
+    required: false
+  channel:
+    description: 'The one of the following channel: alpha, beta, ea, stable, rock-solid'
+    default: 'stable'
+    required: false
+  version:
+    description: 'The certain version'
+    required: false
+  github-token:
+    description: 'The GitHub token used to login and to interact with Docker Github Packages'
+    default: ${{ github.token }}
+    required: false
+  kube-config-base64-data:
+    description: 'Base64 encoded kubeconfig data used for deployment, cleanup and distributed locks'
+    required: false
+runs:
+  using: 'node12'
+  main: 'index.js'

cleanup/README.md

@@ -0,0 +1,105 @@
+<p align="center">
+  <img src="https://github.com/flant/werf/raw/master/docs/images/werf-logo.svg?sanitize=true" style="max-height:100%;" height="175">
+</p>
+___
+
+The action combines all the necessary steps in itself and logic may be divided into environment setup and launching `werf cleanup`.
+
+## Action in Details
+
+### werf binary setup
+ 
+By default, all actions setup actual werf version for [1.1 stable channel](https://werf.io/releases.html) (more details about channels, werf release cycle and compatibility promise [here](https://github.com/flant/werf#backward-compatibility-promise)). 
+Using `group` and `channel` inputs the user can switch the release channel.
+
+> This is recommended approach to be up-to-date and to use actual werf version without changing configurations
+  
+```yaml
+- uses: flant/werf-actions/cleanup@v1
+  with:
+    group: 1.1
+    channel: alpha
+```
+  
+Withal, it is not necessary to work within release channels, and the user might specify certain werf version with `version` input.
+
+```yaml
+- uses: flant/werf-actions/cleanup@v1
+  with:
+    version: v1.1.16
+```
+
+### kubeconfig setup (*optional*)
+
+The _kubeconfig_ may be used for deployment, cleanup, distributed locks and caches. Thus, the configuration should be added before step with the action or passed as base64 encoded data with `kube-config-base64-data` input:  
+
+* Prepare _kubeconfig_ (e.g. `cat ~/.kube/config | base64`) and save in GitHub Project Secrets (e.g. with name `KUBE_CONFIG_BASE64_DATA`).
+ 
+* Pass secret with `kube-config-base64-data` input:
+ 
+  ```yaml
+  - uses: flant/werf-actions/cleanup@v1
+    with:
+      kube-config-base64-data: ${{ secrets.KUBE_CONFIG_BASE64_DATA }}
+  ```
+
+### werf ci-env
+
+This command performs _docker login_ using `github-token`, sets up predefined variables based on GitHub Workflow context.  
+ 
+**Note** that `github-token` is optional in this action, and the input is there in case you need to use a non-default token.
+
+By default, action will use the token provided to your workflow.
+
+## Working with werf options
+
+Any werf option can be defined with environment variables:
+
+```yaml
+- uses: flant/werf-actions/cleanup@v1
+  env:
+    WERF_LOG_VERBOSE: "on"
+```
+
+## Inputs
+
+```yaml
+group:
+  description: 'The MAJOR.MINOR version'
+  default: '1.1'
+  required: false
+channel:
+  description: 'The one of the following channel: alpha, beta, ea, stable, rock-solid'
+  default: 'stable'
+  required: false
+version:
+  description: 'The certain version'
+  required: false
+github-token:
+  description: 'The GitHub token used to login and to interact with Docker Github Packages'
+  default: ${{ github.token }}
+  required: false
+kube-config-base64-data:
+  description: 'Base64 encoded kubeconfig data used for deployment, cleanup and distributed locks'
+  required: false
+```
+
+## Example
+
+```yaml
+cleanup: 
+  name: Cleanup
+  runs-on: ubuntu-latest
+  steps:
+  
+    - name: Checkout code
+      uses: actions/checkout@v2
+
+    - name: Fetch all history for all tags and branches
+      run: git fetch --prune --unshallow
+
+    - name: Cleanup
+      uses: flant/werf-actions/cleanup@v1
+      with:
+        kube-config-base64-data: ${{ secrets.KUBE_CONFIG_BASE64_DATA }}
+```

cleanup/action.yml

@@ -0,0 +1,28 @@
+name: werf cleanup
+author: 'Flant'
+description: 'Prepare the environment and perform cleanup Docker GitHub Packages with werf'
+branding:
+  color: blue
+  icon: anchor
+inputs:
+  group:
+    description: 'The MAJOR.MINOR version'
+    default: '1.1'
+    required: false
+  channel:
+    description: 'The one of the following channel: alpha, beta, ea, stable, rock-solid'
+    default: 'stable'
+    required: false
+  version:
+    description: 'The certain version'
+    required: false
+  github-token:
+    description: 'The GitHub token used to login and to interact with Docker Github Packages'
+    default: ${{ github.token }}
+    required: false
+  kube-config-base64-data:
+    description: 'Base64 encoded kubeconfig data used for deployment, cleanup and distributed locks'
+    required: false
+runs:
+  using: 'node12'
+  main: 'index.js'

converge/README.md

@@ -0,0 +1,110 @@
+<p align="center">
+  <img src="https://github.com/flant/werf/raw/master/docs/images/werf-logo.svg?sanitize=true" style="max-height:100%;" height="175">
+</p>
+___
+
+The action combines all the necessary steps in itself and logic may be divided into environment setup and launching `werf converge`.
+
+## Action in Details
+
+### werf binary setup
+ 
+By default, all actions setup actual werf version for [1.1 stable channel](https://werf.io/releases.html) (more details about channels, werf release cycle and compatibility promise [here](https://github.com/flant/werf#backward-compatibility-promise)). 
+Using `group` and `channel` inputs the user can switch the release channel.
+
+> This is recommended approach to be up-to-date and to use actual werf version without changing configurations
+  
+```yaml
+- uses: flant/werf-actions/converge@v1
+  with:
+    group: 1.1
+    channel: alpha
+```
+  
+Withal, it is not necessary to work within release channels, and the user might specify certain werf version with `version` input.
+
+```yaml
+- uses: flant/werf-actions/converge@v1
+  with:
+    version: v1.1.16
+```
+
+### kubeconfig setup (*optional*)
+
+The _kubeconfig_ may be used for deployment, cleanup, distributed locks and caches. Thus, the configuration should be added before step with the action or passed as base64 encoded data with `kube-config-base64-data` input:  
+
+* Prepare _kubeconfig_ (e.g. `cat ~/.kube/config | base64`) and save in GitHub Project Secrets (e.g. with name `KUBE_CONFIG_BASE64_DATA`).
+ 
+* Pass secret with `kube-config-base64-data` input:
+ 
+  ```yaml
+  - uses: flant/werf-actions/converge@v1
+    with:
+      kube-config-base64-data: ${{ secrets.KUBE_CONFIG_BASE64_DATA }}
+  ```
+
+### werf ci-env
+
+This command performs _docker login_ using `github-token`, sets up predefined variables based on GitHub Workflow context.  
+ 
+**Note** that `github-token` is optional in this action, and the input is there in case you need to use a non-default token.
+
+By default, action will use the token provided to your workflow.
+
+## Working with werf options
+
+Any werf option can be defined with environment variables:
+
+```yaml
+- uses: flant/werf-actions/converge@v1
+  with:
+    env: production
+  env:
+    WERF_LOG_VERBOSE: "on"
+```
+
+## Inputs
+
+```yaml
+group:
+  description: 'The MAJOR.MINOR version'
+  default: '1.1'
+  required: false
+channel:
+  description: 'The one of the following channel: alpha, beta, ea, stable, rock-solid'
+  default: 'stable'
+  required: false
+version:
+  description: 'The certain version'
+  required: false
+env:
+  description: 'Specific deployment environment'
+  required: true
+github-token:
+  description: 'The GitHub token used to login and to interact with Docker Github Packages'
+  default: ${{ github.token }}
+  required: false
+kube-config-base64-data:
+  description: 'Base64 encoded kubeconfig data used for deployment, cleanup and distributed locks'
+  required: false
+```
+
+## Example
+
+```yaml
+converge: 
+  name: Converge
+  runs-on: ubuntu-latest
+  steps:
+  
+    - name: Checkout code
+      uses: actions/checkout@v2
+      with:
+        fetch-depth: 0
+
+    - name: Converge
+      uses: flant/werf-actions/converge@v1
+      with:
+        kube-config-base64-data: ${{ secrets.KUBE_CONFIG_BASE64_DATA }}
+        env: production
+```

converge/action.yml

@@ -0,0 +1,31 @@
+name: werf converge
+author: 'Flant'
+description: 'Prepare the environment and perform building, publishing and deployment with werf'
+branding:
+  color: blue
+  icon: anchor
+inputs:
+  group:
+    description: 'The MAJOR.MINOR version'
+    default: '1.1'
+    required: false
+  channel:
+    description: 'The one of the following channel: alpha, beta, ea, stable, rock-solid'
+    default: 'stable'
+    required: false
+  version:
+    description: 'The certain version'
+    required: false
+  env:
+    description: 'Specific deployment environment'
+    required: true
+  github-token:
+    description: 'The GitHub token used to login and to interact with Docker Github Packages'
+    default: ${{ github.token }}
+    required: false
+  kube-config-base64-data:
+    description: 'Base64 encoded kubeconfig data used for deployment, cleanup and distributed locks'
+    required: false
+runs:
+  using: 'node12'
+  main: 'index.js'

deploy/README.md

@@ -0,0 +1,110 @@
+<p align="center">
+  <img src="https://github.com/flant/werf/raw/master/docs/images/werf-logo.svg?sanitize=true" style="max-height:100%;" height="175">
+</p>
+___
+
+The action combines all the necessary steps in itself and logic may be divided into environment setup and launching `werf deploy`.
+
+## Action in Details
+
+### werf binary setup
+ 
+By default, all actions setup actual werf version for [1.1 stable channel](https://werf.io/releases.html) (more details about channels, werf release cycle and compatibility promise [here](https://github.com/flant/werf#backward-compatibility-promise)). 
+Using `group` and `channel` inputs the user can switch the release channel.
+
+> This is recommended approach to be up-to-date and to use actual werf version without changing configurations
+  
+```yaml
+- uses: flant/werf-actions/deploy@v1
+  with:
+    group: 1.1
+    channel: alpha
+```
+  
+Withal, it is not necessary to work within release channels, and the user might specify certain werf version with `version` input.
+
+```yaml
+- uses: flant/werf-actions/deploy@v1
+  with:
+    version: v1.1.16
+```
+
+### kubeconfig setup (*optional*)
+
+The _kubeconfig_ may be used for deployment, cleanup, distributed locks and caches. Thus, the configuration should be added before step with the action or passed as base64 encoded data with `kube-config-base64-data` input:  
+
+* Prepare _kubeconfig_ (e.g. `cat ~/.kube/config | base64`) and save in GitHub Project Secrets (e.g. with name `KUBE_CONFIG_BASE64_DATA`).
+ 
+* Pass secret with `kube-config-base64-data` input:
+ 
+  ```yaml
+  - uses: flant/werf-actions/deploy@v1
+    with:
+      kube-config-base64-data: ${{ secrets.KUBE_CONFIG_BASE64_DATA }}
+  ```
+
+### werf ci-env
+
+This command performs _docker login_ using `github-token`, sets up predefined variables based on GitHub Workflow context.  
+ 
+**Note** that `github-token` is optional in this action, and the input is there in case you need to use a non-default token.
+
+By default, action will use the token provided to your workflow.
+
+## Working with werf options
+
+Any werf option can be defined with environment variables:
+
+```yaml
+- uses: flant/werf-actions/deploy@v1
+  with:
+    env: production
+  env:
+    WERF_LOG_VERBOSE: "on"
+```
+
+## Inputs
+
+```yaml
+group:
+  description: 'The MAJOR.MINOR version'
+  default: '1.1'
+  required: false
+channel:
+  description: 'The one of the following channel: alpha, beta, ea, stable, rock-solid'
+  default: 'stable'
+  required: false
+version:
+  description: 'The certain version'
+  required: false
+env:
+  description: 'Specific deployment environment'
+  required: true
+github-token:
+  description: 'The GitHub token used to login and to interact with Docker Github Packages'
+  default: ${{ github.token }}
+  required: false
+kube-config-base64-data:
+  description: 'Base64 encoded kubeconfig data used for deployment, cleanup and distributed locks'
+  required: false
+```
+
+## Example
+
+```yaml
+deploy: 
+  name: Deploy
+  runs-on: ubuntu-latest
+  steps:
+  
+    - name: Checkout code
+      uses: actions/checkout@v2
+      with:
+        fetch-depth: 0
+
+    - name: Deploy
+      uses: flant/werf-actions/deploy@v1
+      with:
+        kube-config-base64-data: ${{ secrets.KUBE_CONFIG_BASE64_DATA }}
+        env: production
+```

deploy/action.yml

@@ -0,0 +1,31 @@
+name: werf build-and-publish
+author: 'Flant'
+description: 'Prepare the environment and perform deployment with werf'
+branding:
+  color: blue
+  icon: anchor
+inputs:
+  group:
+    description: 'The MAJOR.MINOR version'
+    default: '1.1'
+    required: false
+  channel:
+    description: 'The one of the following channel: alpha, beta, ea, stable, rock-solid'
+    default: 'stable'
+    required: false
+  version:
+    description: 'The certain version'
+    required: false
+  env:
+    description: 'Specific deployment environment'
+    required: true
+  github-token:
+    description: 'The GitHub token used to login and to interact with Docker Github Packages'
+    default: ${{ github.token }}
+    required: false
+  kube-config-base64-data:
+    description: 'Base64 encoded kubeconfig data used for deployment, cleanup and distributed locks'
+    required: false
+runs:
+  using: 'node12'
+  main: 'index.js'

install/README.md

@@ -0,0 +1,73 @@
+<p align="center">
+  <img src="https://github.com/flant/werf/raw/master/docs/images/werf-logo.svg?sanitize=true" style="max-height:100%;" height="175">
+</p>
+___
+ 
+By default, all actions setup actual werf version for [1.1 stable channel](https://werf.io/releases.html) (more details about channels, werf release cycle and compatibility promise [here](https://github.com/flant/werf#backward-compatibility-promise)). 
+Using `group` and `channel` inputs the user can switch the release channel.
+
+> This is recommended approach to be up-to-date and to use actual werf version without changing configurations
+  
+```yaml
+- uses: flant/werf-actions/install@v1
+  with:
+    group: 1.1
+    channel: alpha
+```
+  
+Withal, it is not necessary to work within release channels, and the user might specify certain werf version with `version` input.
+
+```yaml
+- uses: flant/werf-actions/install@v1
+  with:
+    version: v1.1.16
+```
+
+## Inputs
+
+```yaml
+group:
+  description: 'The MAJOR.MINOR version'
+  default: '1.1'
+  required: false
+channel:
+  description: 'The one of the following channel: alpha, beta, ea, stable, rock-solid'
+  default: 'stable'
+  required: false
+version:
+  description: 'The certain version'
+  required: false
+```
+
+## Example
+
+```yaml
+werf:
+  name: werf 
+  runs-on: ubuntu-latest
+  steps:
+  
+    - name: Checkout code  
+      uses: actions/checkout@v1
+
+    - name: Install werf CLI  
+      uses: flant/werf-actions/install@v1
+    
+    # for deploy and distributed locks
+    - name: Create kube config
+      run: |
+        KUBECONFIG=$(mktemp -d)/config
+        base64 -d <(printf "%s" $KUBE_CONFIG_BASE64_DATA) > $KUBECONFIG
+        echo ::set-env name=KUBECONFIG::$KUBECONFIG
+      env:
+        KUBE_CONFIG_BASE64_DATA: ${{ secrets.KUBE_CONFIG_BASE64_DATA }}
+  
+    - name: Run werf commands
+      run: |
+        source $(werf ci-env github --as-file)
+        werf build-and-publish
+        werf deploy
+      env:
+        GITHUB_TOKEN: ${{ github.token }}
+        WERF_ENV: production
+```

install/action.yml

@@ -0,0 +1,25 @@
+name: Install werf CLI
+author: 'Flant'
+description: 'Install actual channel werf version, like multiwerf does, or specified one'
+branding:
+  color: blue
+  icon: anchor
+inputs:
+  group:
+    description: 'The MAJOR.MINOR version'
+    default: '1.1'
+    required: false
+  channel:
+    description: 'The one of the following channel: alpha, beta, ea, stable, rock-solid'
+    default: 'stable'
+    required: false
+  version:
+    description: 'The certain version'
+    required: false
+  verbose:
+    description: 'The verbose output'
+    default: '0'
+    required: false
+runs:
+  using: 'node12'
+  main: 'index.js'

pack.sh

@@ -0,0 +1,3 @@
+#!/bin/bash -e
+
+for pkg in build-and-publish cleanup converge deploy install; do ncc build src/$pkg.ts -o $pkg; done

package.json

@@ -0,0 +1,50 @@
+{
+  "name": "werf-actions",
+  "version": "1.0.0",
+  "description": "",
+  "main": "lib",
+  "dependencies": {
+    "@actions/core": "^1.2.0",
+    "@actions/github": "^2.2.0",
+    "@actions/tool-cache": "^1.3.5",
+    "dotenv": "^8.2.0",
+    "ncc": "^0.3.6",
+    "semver": "^7.3.2",
+    "superagent": "^3.8.3",
+    "tmp": "^0.2.1",
+    "ws": ">=3.3.1",
+    "typescript-string-operations": "^1.3.2"
+  },
+  "devDependencies": {
+    "@types/node": "^12.7.12",
+    "@types/semver": "^7.2.0",
+    "@types/superagent": "^4.1.7",
+    "@types/tmp": "^0.2.0",
+    "@typescript-eslint/parser": "^2.8.0",
+    "eslint": "^5.16.0",
+    "eslint-plugin-github": "^2.0.0",
+    "js-yaml": "^3.13.1",
+    "prettier": "^1.19.1",
+    "typescript": "^3.6.4"
+  },
+  "scripts": {
+    "build": "tsc",
+    "format": "prettier --write **/*.ts",
+    "format-check": "prettier --check **/*.ts",
+    "lint": "eslint src/**/*.ts",
+    "pack": "./pack.sh",
+    "all": "npm run build && npm run format && npm run lint && npm run pack"
+  },
+  "private": true,
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/flant/werf-actions.git"
+  },
+  "keywords": [],
+  "author": "flant",
+  "license": "Apache License 2.0",
+  "bugs": {
+    "url": "https://github.com/flant/werf-actions/issues"
+  },
+  "homepage": "https://github.com/flant/werf-actions#readme"
+}

src/build-and-publish.ts

@@ -0,0 +1,34 @@
+import * as core from '@actions/core'
+import {Manager} from './manager'
+import {
+  ProcessGitHubContext,
+  SetupKubeConfig,
+  ValidateWerfVersion
+} from './common'
+
+async function run(): Promise<void> {
+  try {
+    ProcessGitHubContext()
+
+    const kubeConfigBase64Data = core.getInput('kube-config-base64-data')
+    if (kubeConfigBase64Data !== '') {
+      SetupKubeConfig(kubeConfigBase64Data)
+    }
+
+    const m = new Manager()
+    await m.Install()
+
+    const versionOutput = await m.GetOutput(['version'])
+    ValidateWerfVersion(versionOutput)
+
+    process.env.GITHUB_TOKEN =
+      process.env.GITHUB_TOKEN || core.getInput('github-token')
+    await m.PerformCIEnv()
+
+    await m.Exec(['build-and-publish'])
+  } catch (error) {
+    core.setFailed(error.message)
+  }
+}
+
+run()

src/cleanup.ts

@@ -0,0 +1,33 @@
+import * as core from '@actions/core'
+import {Manager} from './manager'
+import {
+  ProcessGitHubContext,
+  SetupKubeConfig,
+  ValidateWerfVersion
+} from './common'
+
+async function run(): Promise<void> {
+  try {
+    ProcessGitHubContext()
+
+    const kubeConfigBase64Data = core.getInput('kube-config-base64-data')
+    if (kubeConfigBase64Data !== '') {
+      SetupKubeConfig(kubeConfigBase64Data)
+    }
+
+    const m = new Manager()
+    await m.Install()
+
+    const versionOutput = await m.GetOutput(['version'])
+    ValidateWerfVersion(versionOutput)
+
+    process.env.GITHUB_TOKEN = core.getInput('github-token')
+    await m.PerformCIEnv()
+
+    await m.Exec(['cleanup'])
+  } catch (error) {
+    core.setFailed(error.message)
+  }
+}
+
+run()

src/common.ts

@@ -0,0 +1,53 @@
+import * as core from '@actions/core'
+import * as tmp from 'tmp'
+import * as fs from 'fs'
+import * as semver from 'semver'
+import {context} from '@actions/github'
+import {String} from 'typescript-string-operations'
+
+const minimalWerfVersion = 'v1.1.17'
+
+export async function SetupKubeConfig(
+  kubeConfigBase64Data: string
+): Promise<void> {
+  const tmpFile = tmp.fileSync({keep: true})
+  const buf = Buffer.from(kubeConfigBase64Data, 'base64').toString('ascii')
+  fs.writeFileSync(tmpFile.name, buf)
+
+  process.env.KUBECONFIG = tmpFile.name
+  core.exportVariable('KUBECONFIG', tmpFile.name)
+}
+
+export function ProcessGitHubContext(): void {
+  if (context.eventName === 'pull_request') {
+    if (context.payload.pull_request) {
+      const baseSha = context.payload.pull_request.base.sha
+      const headSha = context.payload.pull_request.head.sha
+
+      process.env.WERF_VIRTUAL_MERGE = '1'
+      process.env.WERF_VIRTUAL_MERGE_FROM_COMMIT = headSha
+      process.env.WERF_VIRTUAL_MERGE_INTO_COMMIT = baseSha
+
+      core.exportVariable('WERF_VIRTUAL_MERGE', '1')
+      core.exportVariable('WERF_VIRTUAL_MERGE_FROM_COMMIT', headSha)
+      core.exportVariable('WERF_VIRTUAL_MERGE_INTO_COMMIT', baseSha)
+    }
+  }
+}
+
+export function ValidateWerfVersion(version: string): void {
+  const ver = semver.coerce(version)
+  if (ver) {
+    if (semver.gte(ver, minimalWerfVersion)) {
+      return
+    }
+  }
+
+  throw new Error(
+    String.Format(
+      'werf version {0} is not supported (expected version should be equal or lower than {1})',
+      version.trim(),
+      minimalWerfVersion
+    )
+  )
+}

src/converge.ts

@@ -0,0 +1,35 @@
+import * as core from '@actions/core'
+import {Manager} from './manager'
+import {
+  ProcessGitHubContext,
+  SetupKubeConfig,
+  ValidateWerfVersion
+} from './common'
+
+async function run(): Promise<void> {
+  try {
+    ProcessGitHubContext()
+
+    const kubeConfigBase64Data = core.getInput('kube-config-base64-data')
+    if (kubeConfigBase64Data !== '') {
+      SetupKubeConfig(kubeConfigBase64Data)
+    }
+
+    const m = new Manager()
+    await m.Install()
+
+    const versionOutput = await m.GetOutput(['version'])
+    ValidateWerfVersion(versionOutput)
+
+    process.env.GITHUB_TOKEN =
+      process.env.GITHUB_TOKEN || core.getInput('github-token')
+    await m.PerformCIEnv()
+
+    process.env.WERF_ENV = core.getInput('env')
+    await m.Exec(['converge'])
+  } catch (error) {
+    core.setFailed(error.message)
+  }
+}
+
+run()

src/deploy.ts

@@ -0,0 +1,35 @@
+import * as core from '@actions/core'
+import {Manager} from './manager'
+import {
+  ProcessGitHubContext,
+  SetupKubeConfig,
+  ValidateWerfVersion
+} from './common'
+
+async function run(): Promise<void> {
+  try {
+    ProcessGitHubContext()
+
+    const kubeConfigBase64Data = core.getInput('kube-config-base64-data')
+    if (kubeConfigBase64Data !== '') {
+      SetupKubeConfig(kubeConfigBase64Data)
+    }
+
+    const m = new Manager()
+    await m.Install()
+
+    const versionOutput = await m.GetOutput(['version'])
+    ValidateWerfVersion(versionOutput)
+
+    process.env.GITHUB_TOKEN =
+      process.env.GITHUB_TOKEN || core.getInput('github-token')
+    await m.PerformCIEnv()
+
+    process.env.WERF_ENV = core.getInput('env')
+    await m.Exec(['deploy'])
+  } catch (error) {
+    core.setFailed(error.message)
+  }
+}
+
+run()

src/install.ts

@@ -0,0 +1,13 @@
+import * as core from '@actions/core'
+import {Manager} from './manager'
+
+async function run(): Promise<void> {
+  try {
+    const m = new Manager()
+    await m.Install()
+  } catch (error) {
+    core.setFailed(error.message)
+  }
+}
+
+run()

src/manager.ts

@@ -0,0 +1,168 @@
+import * as core from '@actions/core'
+import * as exec from '@actions/exec'
+import * as cache from '@actions/tool-cache'
+import * as path from 'path'
+import * as io from '@actions/io'
+import * as request from 'superagent'
+import * as fs from 'fs'
+import {String} from 'typescript-string-operations'
+import * as crypto from 'crypto'
+import * as tmp from 'tmp'
+import * as dotenv from 'dotenv'
+
+const WERF_API_GET_CHANNEL_VERSION_URL_METHOD =
+  'https://werf.io/api/getChannelVersionURL'
+const WERF_API_GET_VERSION_URL_METHOD = 'https://werf.io/api/getVersionURL'
+
+export class Manager {
+  private readonly group: string
+  private readonly channel: string
+  private readonly version: string
+  private readonly os: string
+  private readonly arch: string
+
+  private binaryPath: string | undefined
+
+  constructor() {
+    this.group = core.getInput('group').trim()
+    this.channel = core.getInput('channel').trim()
+    this.version = core.getInput('version').trim()
+
+    if (process.platform.toString() === 'win32') {
+      this.os = 'windows'
+    } else {
+      this.os = process.platform.toString()
+    }
+
+    this.arch = process.arch
+  }
+
+  public async Install(): Promise<void> {
+    const actualBinaryUrl = await this._getActualBinaryUrl()
+
+    const cachedPath = cache.find(
+      'werf',
+      Manager._toolVersionCacheID(actualBinaryUrl)
+    )
+    if (cachedPath) {
+      this.binaryPath = path.join(cachedPath, 'werf')
+    } else {
+      this.binaryPath = await this._downloadAndCache(actualBinaryUrl)
+    }
+
+    const binaryDirPath = path.parse(this.binaryPath).dir
+    core.addPath(binaryDirPath)
+  }
+
+  public async PerformCIEnv(): Promise<void> {
+    const tmpFile = tmp.fileSync()
+    const tmpFilePath = tmpFile.name
+    await this.Exec(['ci-env', 'github', '--as-env-file', '-o', tmpFilePath])
+    dotenv.config({path: tmpFilePath})
+    tmpFile.removeCallback()
+  }
+
+  public async Exec(
+    args: string[],
+    options?: exec.ExecOptions | undefined
+  ): Promise<void> {
+    if (!this.binaryPath) {
+      core.setFailed('runtime error: werf binary is not found')
+      process.exit(1)
+    }
+
+    await exec.exec(this.binaryPath, args, options)
+  }
+
+  public async GetOutput(args: string[]): Promise<string> {
+    let stdOut = ''
+    const options = {
+      windowsVerbatimArguments: false,
+      listeners: {
+        stdout: (data: Buffer) => {
+          stdOut += data.toString()
+        }
+      }
+    }
+
+    await this.Exec(args, options)
+    return stdOut
+  }
+
+  private async _getActualBinaryUrl(): Promise<string> {
+    try {
+      let url: string
+      let query: {}
+
+      if (this.version !== '') {
+        url = WERF_API_GET_VERSION_URL_METHOD
+        query = {
+          version: this.version,
+          os: this.os,
+          arch: this.arch
+        }
+      } else {
+        url = WERF_API_GET_CHANNEL_VERSION_URL_METHOD
+        query = {
+          group: this.group,
+          channel: this.channel,
+          os: this.os,
+          arch: this.arch
+        }
+      }
+
+      const resp = await request.get(url).query(query)
+
+      return resp.body.data.toString()
+    } catch (err) {
+      if (err.response && err.response.error) {
+        let errMessage = err.response.error.message
+        if (err.response.text) {
+          errMessage = String.Format('{0}\n{1}', errMessage, err.response.text)
+        }
+
+        throw Error(errMessage)
+      }
+
+      throw Error(err)
+    }
+  }
+
+  private async _downloadAndCache(binaryUrl: string): Promise<string> {
+    const downloadedBinaryPath = await cache.downloadTool(binaryUrl)
+    const parsedDownloadedBinaryPath = path.parse(downloadedBinaryPath)
+    const cacheDownloadToolDir = parsedDownloadedBinaryPath.dir
+    const tmpWerfVersionBinaryPath = path.join(cacheDownloadToolDir, 'werf.tmp')
+    const werfVersionDir = path.join(
+      cacheDownloadToolDir,
+      parsedDownloadedBinaryPath.name
+    )
+    const werfVersionBinaryPath = path.join(
+      werfVersionDir,
+      String.Format('werf{0}', parsedDownloadedBinaryPath.ext)
+    )
+
+    // werf-x.x.x -> werf.tmp
+    // werf.tmp -> werf-x.x.x/werf
+    await io.mv(downloadedBinaryPath, tmpWerfVersionBinaryPath)
+    await io.mkdirP(werfVersionDir)
+    await io.mv(tmpWerfVersionBinaryPath, werfVersionBinaryPath)
+
+    if (this.os !== 'windows') {
+      fs.chmodSync(werfVersionBinaryPath, 0o755)
+    }
+
+    await cache.cacheDir(
+      werfVersionDir,
+      'werf',
+      Manager._toolVersionCacheID(binaryUrl)
+    )
+
+    return werfVersionBinaryPath
+  }
+
+  private static _toolVersionCacheID(binaryUrl: string): string {
+    const md5sum = crypto.createHash('md5')
+    return md5sum.update(binaryUrl).digest('hex').toString()
+  }
+}

tsconfig.json

@@ -0,0 +1,12 @@
+{
+  "compilerOptions": {
+    "target": "es6",                          /* Specify ECMAScript target version: 'ES3' (default), 'ES5', 'ES2015', 'ES2016', 'ES2017', 'ES2018', 'ES2019' or 'ESNEXT'. */
+    "module": "commonjs",                     /* Specify module code generation: 'none', 'commonjs', 'amd', 'system', 'umd', 'es2015', or 'ESNext'. */
+    "outDir": "./lib",                        /* Redirect output structure to the directory. */
+    "rootDir": "./src",                       /* Specify the root directory of input files. Use to control the output directory structure with --outDir. */
+    "strict": true,                           /* Enable all strict type-checking options. */
+    "noImplicitAny": true,                    /* Raise error on expressions and declarations with an implied 'any' type. */
+    "esModuleInterop": true                   /* Enables emit interoperability between CommonJS and ES Modules via creation of namespace objects for all imports. Implies 'allowSyntheticDefaultImports'. */
+  },
+  "exclude": ["node_modules"]
+}