settlemint
diff --git a/‎.cursor/rules/action-inputs-outputs.mdc‎
Lines changed: 86 additions & 0 deletions b/‎.cursor/rules/action-inputs-outputs.mdc‎
Lines changed: 86 additions & 0 deletions
diff --git a/‎.cursor/rules/deployment-release.mdc‎
Lines changed: 149 additions & 0 deletions b/‎.cursor/rules/deployment-release.mdc‎
Lines changed: 149 additions & 0 deletions
diff --git a/‎.cursor/rules/development-guidelines.mdc‎
Lines changed: 66 additions & 0 deletions b/‎.cursor/rules/development-guidelines.mdc‎
Lines changed: 66 additions & 0 deletions
@@ -0,0 +1,86 @@
+---
+description:
+globs:
+alwaysApply: false
+---
+# GitHub Action Inputs and Configuration
+
+## Action Metadata
+The action configuration is defined in [action.yml](mdc:action.yml) with the following key properties:
+- **Name**: 'SettleMint CLI Action'
+- **Runtime**: Node.js 20
+- **Main Entry**: `dist/index.js`
+- **Branding**: Terminal icon with blue color
+
+## Required Inputs
+
+### `access-token`
+- **Description**: SettleMint Access Token (personal or application)
+- **Required**: Only when not in standalone mode
+- **Security**: Automatically masked in outputs
+- **Types**:
+  - Personal tokens: Start with `sm_pat_` → Sets `SETTLEMINT_PERSONAL_ACCESS_TOKEN`
+  - Application tokens: Other formats → Sets `SETTLEMINT_ACCESS_TOKEN`
+
+## Optional Inputs
+
+### Core Configuration
+- **`command`**: SettleMint CLI command to execute
+- **`version`**: CLI version to install (default: 'latest')
+- **`auto-connect`**: Automatically connect to SettleMint (default: 'true')
+- **`instance`**: SettleMint instance URL (default: 'https://console.settlemint.com')
+
+### SettleMint Resource Identifiers
+All of these inputs are converted to environment variables with `SETTLEMINT_` prefix:
+- **`workspace`** → `SETTLEMINT_WORKSPACE`
+- **`application`** → `SETTLEMINT_APPLICATION`
+- **`blockchain-network`** → `SETTLEMINT_BLOCKCHAIN_NETWORK`
+- **`blockchain-node`** → `SETTLEMINT_BLOCKCHAIN_NODE`
+- **`load-balancer`** → `SETTLEMINT_LOAD_BALANCER`
+- **`hasura`** → `SETTLEMINT_HASURA`
+- **`thegraph`** → `SETTLEMINT_THEGRAPH`
+- **`portal`** → `SETTLEMINT_PORTAL`
+- **`hd-private-key`** → `SETTLEMINT_HD_PRIVATE_KEY`
+- **`minio`** → `SETTLEMINT_MINIO`
+- **`ipfs`** → `SETTLEMINT_IPFS`
+- **`custom-deployment`** → `SETTLEMINT_CUSTOM_DEPLOYMENT`
+- **`blockscout`** → `SETTLEMINT_BLOCKSCOUT`
+
+### Environment File Processing
+- **`dotEnvFile`**: GitHub Actions secret containing .env file content
+- **`dotEnvLocalFile`**: GitHub Actions secret containing .env.local file content
+
+Both are processed by the `processEnvContent()` function in [src/main.ts](mdc:src/main.ts) which:
+- Parses key=value pairs
+- Removes comments and empty lines
+- Handles quoted values
+- Sanitizes input before setting environment variables
+
+## Usage Patterns
+
+### Basic Usage
+```yaml
+- uses: settlemint/settlemint-action@v1
+  with:
+    access-token: ${{ secrets.SETTLEMINT_TOKEN }}
+    command: 'deploy --help'
+```
+
+### With Environment Variables
+```yaml
+- uses: settlemint/settlemint-action@v1
+  with:
+    access-token: ${{ secrets.SETTLEMINT_TOKEN }}
+    workspace: 'my-workspace'
+    application: 'my-app'
+    command: 'deploy'
+```
+
+### With Environment Files
+```yaml
+- uses: settlemint/settlemint-action@v1
+  with:
+    access-token: ${{ secrets.SETTLEMINT_TOKEN }}
+    dotEnvFile: ${{ secrets.DOT_ENV }}
+    command: 'deploy'
+```
@@ -0,0 +1,149 @@
+---
+description:
+globs:
+alwaysApply: false
+---
+# Deployment and Release Process
+
+## Release Strategy
+
+### Versioning
+- **Semantic Versioning**: Follow semver (MAJOR.MINOR.PATCH)
+- **Current Version**: Defined in [package.json](mdc:package.json)
+- **Git Tags**: Each release creates a corresponding git tag
+- **Branch Strategy**: Releases from `main` branch
+
+### Release Types
+- **Major**: Breaking changes to action inputs/outputs
+- **Minor**: New features, additional inputs, enhanced functionality
+- **Patch**: Bug fixes, security updates, performance improvements
+
+## Build Process
+
+### Pre-Release Checklist
+1. **Code Quality**: All linting and formatting passes
+2. **Tests**: 100% test suite passes with >90% coverage
+3. **Build**: Clean build with `npm run all`
+4. **Documentation**: README and examples updated
+5. **Security**: Security review completed
+
+### Build Pipeline
+```bash
+npm run all  # Complete build pipeline:
+# 1. npm run format    - Format code with Biome
+# 2. npm run lint      - Lint and fix issues
+# 3. npm run test      - Run test suite
+# 4. npm run coverage  - Generate coverage reports
+# 5. npm run package   - Build distribution files
+```
+
+### Distribution Files
+- **Main Entry**: `dist/index.js` - Bundled action entry point
+- **Source Maps**: `dist/index.js.map` - For debugging
+- **Licenses**: `dist/licenses.txt` - All dependency licenses
+- **Commit Requirement**: All dist files must be committed
+
+## GitHub Actions Integration
+
+### Action Metadata
+Defined in [action.yml](mdc:action.yml):
+- **Runtime**: `node20` - Node.js 20 runtime
+- **Entry Point**: `dist/index.js`
+- **Branding**: Terminal icon, blue color
+- **Inputs**: All supported action inputs with descriptions
+
+### Marketplace Publishing
+- **Automatic**: Releases trigger marketplace updates
+- **Visibility**: Public action available to all GitHub users
+- **Categories**: Tagged with relevant marketplace categories
+- **Documentation**: README serves as marketplace documentation
+
+## Dependency Management
+
+### Renovate Configuration
+Configured in [.github/renovate.json](mdc:.github/renovate.json):
+- **Auto-merge**: Minor and patch updates
+- **Post-update**: Runs `npm run package` after dependency updates
+- **Schedule**: Regular dependency updates
+- **Security**: Immediate security updates
+
+### Dependency Strategy
+- **Production Dependencies**: Minimal, security-focused
+- **Development Dependencies**: Latest stable versions
+- **Lock File**: `package-lock.json` committed for reproducible builds
+- **Overrides**: Security overrides for vulnerable dependencies
+
+## Release Automation
+
+### GitHub Workflows
+Located in `.github/workflows/`:
+- **CI/CD**: Automated testing and building
+- **Release**: Automated release process
+- **Security**: Dependency scanning and security checks
+
+### Release Process
+1. **Version Bump**: Update version in package.json
+2. **Changelog**: Update CHANGELOG.md with changes
+3. **Build**: Run complete build pipeline
+4. **Commit**: Commit all changes including dist files
+5. **Tag**: Create git tag with version
+6. **Push**: Push to main branch
+7. **Release**: GitHub automatically creates release
+
+## Quality Gates
+
+### Pre-Release Validation
+- **Linting**: Biome linting passes
+- **Type Checking**: TypeScript compilation succeeds
+- **Testing**: All tests pass with coverage requirements
+- **Security**: No known vulnerabilities
+- **Build**: Clean build without errors
+
+### Post-Release Validation
+- **Marketplace**: Action appears in GitHub Marketplace
+- **Functionality**: Basic smoke tests pass
+- **Documentation**: Examples work as documented
+- **Compatibility**: Works with supported Node.js versions
+
+## Rollback Strategy
+
+### Version Management
+- **Git Tags**: Enable easy rollback to previous versions
+- **Branch Protection**: Prevent direct pushes to main
+- **Release Notes**: Clear documentation of changes
+- **Breaking Changes**: Clearly marked and documented
+
+### Emergency Procedures
+1. **Identify Issue**: Determine scope and impact
+2. **Quick Fix**: If possible, create hotfix
+3. **Rollback**: Revert to previous stable version
+4. **Communication**: Notify users of issues and resolution
+5. **Post-Mortem**: Analyze and prevent future issues
+
+## Documentation Updates
+
+### Release Documentation
+- **README**: Keep examples and usage current
+- **CHANGELOG**: Document all changes
+- **Migration Guides**: For breaking changes
+- **Examples**: Update workflow examples
+
+### User Communication
+- **Release Notes**: Clear, user-focused descriptions
+- **Breaking Changes**: Prominent warnings and migration paths
+- **New Features**: Usage examples and benefits
+- **Bug Fixes**: Impact and resolution details
+
+## Monitoring and Feedback
+
+### Usage Analytics
+- **GitHub Insights**: Monitor action usage
+- **Error Tracking**: Monitor failure rates
+- **Performance**: Track execution times
+- **Feedback**: User issues and feature requests
+
+### Continuous Improvement
+- **User Feedback**: Regular review of issues and discussions
+- **Performance Metrics**: Monitor and optimize execution time
+- **Security Updates**: Regular security reviews and updates
+- **Feature Development**: Based on user needs and feedback
@@ -0,0 +1,66 @@
+---
+description: 
+globs: 
+alwaysApply: false
+---
+# Development Guidelines
+
+## Code Standards
+
+### TypeScript Configuration
+- Use strict TypeScript settings as defined in [tsconfig.json](mdc:tsconfig.json)
+- Enable all strict type checking options
+- Target ES2022 for modern JavaScript features
+- Use Node.js module resolution
+
+### Code Formatting and Linting
+- Use Biome for both formatting and linting (configured in [biome.json](mdc:biome.json))
+- Run `npm run format` to format code
+- Run `npm run lint` to lint and auto-fix issues
+- All code must pass linting before commits
+
+### Security Best Practices
+- Always sanitize user inputs using the `sanitizeInput()` function in [src/main.ts](mdc:src/main.ts)
+- Validate command arguments to prevent injection attacks
+- Use `core.setSecret()` for sensitive values like tokens
+- Mask sensitive patterns in outputs
+
+## Testing Requirements
+
+### Test Structure
+- Tests are located in [__tests__/](mdc:__tests__)
+- Use Jest as the testing framework
+- Maintain comprehensive test coverage (aim for >90%)
+- Test files should mirror the source structure
+
+### Test Commands
+- `npm test` - Run all tests
+- `npm run ci-test` - Run tests in CI mode
+- `npm run coverage` - Generate coverage reports and badges
+
+### Test Guidelines
+- Mock external dependencies (@actions/core, @actions/exec, etc.)
+- Test both success and error scenarios
+- Validate input sanitization and security measures
+- Test environment variable processing
+
+## Build Process
+
+### Development Workflow
+1. Make changes to TypeScript files in `src/`
+2. Run `npm run format` and `npm run lint`
+3. Run `npm test` to ensure tests pass
+4. Run `npm run package` to build distribution files
+5. Commit both source and built files
+
+### Build Commands
+- `npm run package` - Build distribution files using ncc
+- `npm run package:watch` - Build in watch mode for development
+- `npm run bundle` - Format and package in one command
+- `npm run all` - Complete build pipeline (format, lint, test, coverage, package)
+
+### Distribution
+- Built files go in `dist/` directory
+- Main entry point is `dist/index.js`
+- Source maps and licenses are included
+- Always commit built files for GitHub Actions to work