Summary
The SHA validation and resolution logic is currently duplicated across three GitHub Action files, totaling approximately 64 lines of identical code. This duplication creates maintenance burden and increases the risk of inconsistencies across updates.
Files with Duplicated Code
The following action files contain identical SHA resolution logic:
.github/actions/setup-py-reqs/action.yml (lines 73-136).github/actions/run-minimal-acceptance-tests/action.yml.github/actions/check-control/action.yml
Duplicated Logic Components
The duplicated code block includes:
- Environment variable setup (
CI_INPUT_TARGET_SHA)
- Control character validation
normalize() function for quote/whitespace handling- Option injection prevention (rejects inputs starting with
-)
- Direct 40-character SHA acceptance
- Tiered ref resolution (full refs → refs/heads/ → refs/tags/)
- Final validation ensuring resolved value is a full 40-character commit SHA
- Output to
GITHUB_OUTPUT and GITHUB_ENV
Proposed Solution
Extract the entire SHA validation/resolution logic into a single reusable implementation, either:
- A shared composite action in
.github/actions/resolve-sha/action.yml, or
- A shared shell script in
.github/scripts/resolve-sha.sh
Then replace the duplicated blocks in all three action files with a single step that invokes the new shared component.
Implementation Requirements
- Preserve exact error messages and behavior
- Maintain variable names (
CI_INPUT_TARGET_SHA, normalize, resolved_sha)
- Ensure outputs are written to both
GITHUB_OUTPUT and GITHUB_ENV
- Keep all validation checks (control chars, options, SHA format, ref resolution)
- Work should be done on a feature branch before merging
Context
This issue was identified during code review of PR #528:
References
Note: This work is intended for a future release and should not block the current v2.1.1 release (PR #528).
Summary
The SHA validation and resolution logic is currently duplicated across three GitHub Action files, totaling approximately 64 lines of identical code. This duplication creates maintenance burden and increases the risk of inconsistencies across updates.
Files with Duplicated Code
The following action files contain identical SHA resolution logic:
.github/actions/setup-py-reqs/action.yml(lines 73-136).github/actions/run-minimal-acceptance-tests/action.yml.github/actions/check-control/action.ymlDuplicated Logic Components
The duplicated code block includes:
CI_INPUT_TARGET_SHA)normalize()function for quote/whitespace handling-)GITHUB_OUTPUTandGITHUB_ENVProposed Solution
Extract the entire SHA validation/resolution logic into a single reusable implementation, either:
.github/actions/resolve-sha/action.yml, or.github/scripts/resolve-sha.shThen replace the duplicated blocks in all three action files with a single step that invokes the new shared component.
Implementation Requirements
CI_INPUT_TARGET_SHA,normalize,resolved_sha)GITHUB_OUTPUTandGITHUB_ENVContext
This issue was identified during code review of PR #528:
References
Note: This work is intended for a future release and should not block the current v2.1.1 release (PR #528).