From 0dd3efc3c3c8b367b48c46b04eb0f2ecebf0b012 Mon Sep 17 00:00:00 2001
From: Mike Odnis <mike@mikeodnis.dev>
Date: Wed, 22 Apr 2026 07:25:11 -0400
Subject: [PATCH] feat(node-ci): forward cache-dependency-path to setup-node
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Polyglot repos with a lockfile outside the repo root (e.g. viz's
`src/ResQ.Viz.Web/package-lock.json`) couldn't adopt this reusable —
actions/setup-node bailed with "Dependencies lock file is not found"
because the reusable didn't accept a `cache-dependency-path` input.

Changes:
- node-ci.yml: add optional `cache-dependency-path` input, forward to
  the setup-node step. Default empty preserves current behaviour.
- required.yml: add pass-through `node-cache-dependency-path` input
  so consumers routing through the org aggregator can set it.

Surfaced during resq-software/viz PR #58 adoption attempt. Viz's
client pipeline currently uses a hand-rolled inline job because of
this gap — once this lands + the viz ref pin bumps, it can switch
to the shared reusable.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---
 .github/workflows/node-ci.yml  | 11 +++++++++++
 .github/workflows/required.yml | 11 +++++++++++
 2 files changed, 22 insertions(+)

diff --git a/.github/workflows/node-ci.yml b/.github/workflows/node-ci.yml
index d1a13c2..0bd815b 100644
--- a/.github/workflows/node-ci.yml
+++ b/.github/workflows/node-ci.yml
@@ -31,6 +31,16 @@ on:
         type: string
         required: false
         default: "."
+      cache-dependency-path:
+        description: >-
+          Forwarded to actions/setup-node's `cache-dependency-path`.
+          Required when the lockfile lives outside the repo root
+          (e.g. `src/Web/package-lock.json` in a polyglot repo).
+          Default empty — setup-node falls back to repo-root detection,
+          matching the prior behaviour for consumers that don't set it.
+        type: string
+        required: false
+        default: ""
       install-cmd:
         description: Override install command. Empty = pm default.
         type: string
@@ -93,6 +103,7 @@ jobs:
         with:
           node-version: ${{ inputs.node-version }}
           cache: ${{ inputs.package-manager == 'yarn' && 'yarn' || inputs.package-manager == 'pnpm' && 'pnpm' || 'npm' }}
+          cache-dependency-path: ${{ inputs.cache-dependency-path }}
 
       - name: Install
         env:
diff --git a/.github/workflows/required.yml b/.github/workflows/required.yml
index d234d5e..ae1c8a9 100644
--- a/.github/workflows/required.yml
+++ b/.github/workflows/required.yml
@@ -56,6 +56,16 @@ on:
         type: string
         required: false
         default: ""
+      node-cache-dependency-path:
+        description: >-
+          Forwarded to node-ci.yml → actions/setup-node. Polyglot repos
+          whose lockfile lives in a subdirectory (e.g. viz's
+          `src/ResQ.Viz.Web/package-lock.json`) must set this, else
+          setup-node errors with "Dependencies lock file is not found".
+          Default empty = root-level detection (matches prior behaviour).
+        type: string
+        required: false
+        default: ""
       rust-run-coverage:
         type: boolean
         required: false
@@ -165,6 +175,7 @@ jobs:
       typecheck-cmd: ${{ inputs.node-typecheck-cmd }}
       test-cmd: ${{ inputs.node-test-cmd }}
       build-cmd: ${{ inputs.node-build-cmd }}
+      cache-dependency-path: ${{ inputs.node-cache-dependency-path }}
 
   dotnet:
     needs: [validate-lang]