chore(monorepo): post-merge fixups (paths, workflows, nx-go, readmes, docs, lockfile)

Author: Coly010

apps/cli-go/.github/workflows/ci.yml .github/workflows/cli-go-ci.ymlapps/cli-go/.github/workflows/ci.yml renamed to .github/workflows/cli-go-ci.yml

@@ -2,10 +2,16 @@ name: CI
 
 on:
   pull_request:
+    paths:
+      - apps/cli-go/**
   merge_group:
+    paths:
+      - apps/cli-go/**
   push:
     branches:
       - develop
+    paths:
+      - apps/cli-go/**
 
 permissions:
   contents: read
@@ -19,7 +25,7 @@ jobs:
 
       - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
         with:
-          go-version-file: go.mod
+          go-version-file: apps/cli-go/go.mod
           cache: true
 
       # Required by: internal/utils/credentials/keyring_test.go
@@ -37,7 +43,7 @@ jobs:
 
       - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
         with:
-          go-version-file: go.mod
+          go-version-file: apps/cli-go/go.mod
           # Linter requires no cache
           cache: false
 
@@ -54,7 +60,7 @@ jobs:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
         with:
-          go-version-file: go.mod
+          go-version-file: apps/cli-go/go.mod
           cache: true
       - run: go build main.go
       - run: ./main init
@@ -71,13 +77,14 @@ jobs:
 
   link:
     name: Link
-    if: ${{ github.event_name == 'merge_group' || (github.event_name == 'pull_request' && !github.event.pull_request.head.repo.fork) }}
+    if: ${{ github.event_name == 'merge_group' || (github.event_name ==
+      'pull_request' && !github.event.pull_request.head.repo.fork) }}
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
         with:
-          go-version-file: go.mod
+          go-version-file: apps/cli-go/go.mod
           cache: true
       - run: go build main.go
       - run: ./main link
@@ -93,7 +100,7 @@ jobs:
 
       - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
         with:
-          go-version-file: go.mod
+          go-version-file: apps/cli-go/go.mod
           cache: true
 
       - run: go generate
@@ -103,3 +110,6 @@ jobs:
             git diff
             exit 1
           fi
+defaults:
+  run:
+    working-directory: apps/cli-go

…go/.github/workflows/codeql-analysis.yml .github/workflows/cli-go-codeql.ymlapps/cli-go/.github/workflows/codeql-analysis.yml renamed to .github/workflows/cli-go-codeql.yml apps/cli-go/.github/workflows/codeql-analysis.yml renamed to .github/workflows/cli-go-codeql.yml

@@ -13,10 +13,16 @@ name: "CodeQL"
 
 on:
   pull_request:
+    paths:
+      - apps/cli-go/**
   merge_group:
+    paths:
+      - apps/cli-go/**
   push:
     branches:
       - develop
+    paths:
+      - apps/cli-go/**
 
 jobs:
   analyze:
@@ -72,12 +78,12 @@ jobs:
           # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
           # queries: security-extended,security-and-quality
 
-      # If the analyze step fails for one of the languages you are analyzing with
-      # "We were unable to automatically build your code", modify the matrix above
-      # to set the build mode to "manual" for that language. Then modify this step
-      # to build your code.
-      # ℹ️ Command-line programs to run using the OS shell.
-      # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
+          # If the analyze step fails for one of the languages you are analyzing with
+          # "We were unable to automatically build your code", modify the matrix above
+          # to set the build mode to "manual" for that language. Then modify this step
+          # to build your code.
+          # ℹ️ Command-line programs to run using the OS shell.
+          # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
       - if: matrix.build-mode == 'manual'
         shell: bash
         run: |
@@ -92,3 +98,6 @@ jobs:
         uses: github/codeql-action/analyze@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
         with:
           category: "/language:${{matrix.language}}"
+defaults:
+  run:
+    working-directory: apps/cli-go

.github/workflows/test.yml

@@ -3,15 +3,15 @@ name: Test
 on:
   push:
     branches:
-      - main
+      - develop
   pull_request:
     types:
       - opened
       - synchronize
       - reopened
       - ready_for_review
     branches:
-      - main
+      - develop
 
 permissions:
   contents: read
@@ -32,30 +32,20 @@ jobs:
 
       - name: Setup
         uses: ./.github/actions/setup
+      - name: Setup Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: apps/cli-go/go.mod
+          cache-dependency-path: apps/cli-go/go.sum
+      - name: Install golangci-lint
+        run: go install github.com/golangci/golangci-lint/v2/cmd/golangci-lint@latest &&
+          echo "$(go env GOPATH)/bin" >> "$GITHUB_PATH"
+      - name: Unlock keyring (for cli-go keyring tests)
+        uses: t1m0thyj/unlock-keyring@cbcf205c879ebd86add70bab3a6abfcce59a5cae
 
       - name: Check code quality
         run: pnpm run check:all
 
-  fixture-guard:
-    if: github.event_name == 'pull_request' && github.event.pull_request.draft == false
-    name: Cap cli-e2e fixture additions per PR
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-        with:
-          fetch-depth: 0
-
-      - name: Cap fixture additions
-        run: |
-          base="origin/${{ github.event.pull_request.base.ref }}"
-          added=$(git diff --name-only --diff-filter=A "$base"...HEAD apps/cli-e2e/fixtures/ | wc -l | tr -d ' ')
-          echo "PR adds $added files under apps/cli-e2e/fixtures/"
-          if [ "$added" -gt 250 ]; then
-            echo "::error ::PR adds $added fixture files (>250). The recorder probably captured polling traffic or per-container interactions — re-record with a clean recorded/ directory and verify the count drops below the cap."
-            exit 1
-          fi
-
   test-core:
     if: github.event.pull_request.draft == false || github.event_name == 'push'
     name: Run unit and integration tests
@@ -66,6 +56,16 @@ jobs:
 
       - name: Setup
         uses: ./.github/actions/setup
+      - name: Setup Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: apps/cli-go/go.mod
+          cache-dependency-path: apps/cli-go/go.sum
+      - name: Install golangci-lint
+        run: go install github.com/golangci/golangci-lint/v2/cmd/golangci-lint@latest &&
+          echo "$(go env GOPATH)/bin" >> "$GITHUB_PATH"
+      - name: Unlock keyring (for cli-go keyring tests)
+        uses: t1m0thyj/unlock-keyring@cbcf205c879ebd86add70bab3a6abfcce59a5cae
 
       - name: Run unit and integration tests
         run: pnpm run test:core
@@ -77,7 +77,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        shard: [1, 2, 3]
+        shard: [ 1, 2, 3 ]
     steps:
       - name: Checkout
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
@@ -111,29 +111,28 @@ jobs:
           echo "cli_e2e=$cli" >> "$GITHUB_OUTPUT"
           echo "other=$other" >> "$GITHUB_OUTPUT"
 
-      - name: Initialize Go CLI submodule
-        if: steps.detect.outputs.cli_e2e == 'true'
-        run: git submodule update --init .repos/supabase-cli-go
-
       - name: Cache Go CLI binary
         if: steps.detect.outputs.cli_e2e == 'true'
         id: cache-go-binary
         uses: actions/cache@v4
         with:
-          path: .repos/supabase-cli-go/supabase-go
-          key: go-cli-${{ runner.os }}-${{ hashFiles('.repos/supabase-cli-go/**/*.go', '.repos/supabase-cli-go/go.mod', '.repos/supabase-cli-go/go.sum') }}
+          path: apps/cli-go/supabase-go
+          key: go-cli-${{ runner.os }}-${{ hashFiles('apps/cli-go/**/*.go',
+            'apps/cli-go/go.mod', 'apps/cli-go/go.sum') }}
 
       - name: Setup Go
-        if: steps.detect.outputs.cli_e2e == 'true' && steps.cache-go-binary.outputs.cache-hit != 'true'
+        if: steps.detect.outputs.cli_e2e == 'true' &&
+          steps.cache-go-binary.outputs.cache-hit != 'true'
         uses: actions/setup-go@v5
         with:
-          go-version-file: .repos/supabase-cli-go/go.mod
-          cache-dependency-path: .repos/supabase-cli-go/go.sum
+          go-version-file: apps/cli-go/go.mod
+          cache-dependency-path: apps/cli-go/go.sum
 
       - name: Build Go CLI
-        if: steps.detect.outputs.cli_e2e == 'true' && steps.cache-go-binary.outputs.cache-hit != 'true'
+        if: steps.detect.outputs.cli_e2e == 'true' &&
+          steps.cache-go-binary.outputs.cache-hit != 'true'
         run: go build -o supabase-go .
-        working-directory: .repos/supabase-cli-go
+        working-directory: apps/cli-go
 
       # The ts-legacy harness invokes `bun apps/cli/dist/main-legacy.js`; the
       # `nx run @supabase/cli-e2e:test:e2e` target normally builds @supabase/cli
@@ -150,24 +149,26 @@ jobs:
       # suites (process-compose) run unsharded on shard 1.
       - name: Run cli-e2e end-to-end tests
         if: steps.detect.outputs.cli_e2e == 'true'
-        run: pnpm --filter @supabase/cli-e2e exec bun --bun vitest run --shard=${{ matrix.shard }}/3
+        run: pnpm --filter @supabase/cli-e2e exec bun --bun vitest run --shard=${{
+          matrix.shard }}/3
         env:
           CLI_HARNESS_TARGET: ts-legacy
-          SUPABASE_GO_BINARY: ${{ github.workspace }}/.repos/supabase-cli-go/supabase-go
+          SUPABASE_GO_BINARY: ${{ github.workspace }}/apps/cli-go/supabase-go
 
       - name: Run other e2e tests (shard 1 only)
         if: matrix.shard == 1 && steps.detect.outputs.other == 'true'
         run: pnpm exec nx run-many -t test:e2e --exclude=@supabase/cli-e2e
         env:
-          SUPABASE_GO_BINARY: ${{ github.workspace }}/.repos/supabase-cli-go/supabase-go
+          SUPABASE_GO_BINARY: ${{ github.workspace }}/apps/cli-go/supabase-go
 
   # Summary job that gates branch protection.  The matrix `test-e2e` job
   # produces per-shard check names (`Run end-to-end tests (shard N/3)`), so
   # this job preserves the original `Run end-to-end tests` check name that
   # branch protection rules already require.  It succeeds iff every shard
   # succeeded (or skipped — `success()` is true for skipped jobs).
   test-e2e-summary:
-    if: always() && (github.event.pull_request.draft == false || github.event_name == 'push')
+    if: always() && (github.event.pull_request.draft == false || github.event_name
+      == 'push')
     name: Run end-to-end tests
     needs: test-e2e
     runs-on: ubuntu-latest

.gitmodules

@@ -16,9 +16,6 @@
 [submodule ".repos/process-compose"]
 	path = .repos/process-compose
 	url = https://github.com/F1bonacc1/process-compose.git
-[submodule ".repos/supabase-cli-go"]
-	path = .repos/supabase-cli-go
-	url = https://github.com/supabase/cli.git
 [submodule ".repos/t3code"]
 	path = .repos/t3code
 	url = https://github.com/pingdotgg/t3code.git