Merge pull request 'PRI-1593: Replace curl with wget in actionlint install step' (#199) from gandalf/pri-1593-fix-main into main
This commit is contained in:
@@ -14,12 +14,16 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 2
|
||||
|
||||
env:
|
||||
HEAD_REF: ${{ github.head_ref }}
|
||||
BASE_REF: ${{ github.base_ref }}
|
||||
|
||||
steps:
|
||||
- name: Checkout
|
||||
run: |
|
||||
git clone --depth=1 "https://x-access-token:${{ secrets.GITEA_TOKEN }}@git.farh.net/${{ github.repository }}.git" .
|
||||
git fetch origin "${{ github.base_ref }}" --depth=1
|
||||
git fetch origin "${{ github.head_ref }}" --depth=1
|
||||
git fetch origin "$BASE_REF" --depth=1
|
||||
git fetch origin +refs/pull/*/head:refs/pull/*/head --depth=1
|
||||
git checkout "${{ github.sha }}"
|
||||
|
||||
- name: Run detection tests
|
||||
@@ -29,6 +33,10 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 5
|
||||
|
||||
env:
|
||||
HEAD_REF: ${{ github.head_ref }}
|
||||
BASE_REF: ${{ github.base_ref }}
|
||||
|
||||
outputs:
|
||||
pipeline-type: ${{ steps.detect.outputs.pipeline-type }}
|
||||
|
||||
@@ -36,16 +44,16 @@ jobs:
|
||||
- name: Checkout
|
||||
run: |
|
||||
git clone --depth=1 "https://x-access-token:${{ secrets.GITEA_TOKEN }}@git.farh.net/${{ github.repository }}.git" .
|
||||
git fetch origin "${{ github.base_ref }}" --depth=1
|
||||
git fetch origin "${{ github.head_ref }}" --depth=1
|
||||
git fetch origin "$BASE_REF" --depth=1
|
||||
git fetch origin +refs/pull/*/head:refs/pull/*/head --depth=1
|
||||
git checkout "${{ github.sha }}"
|
||||
|
||||
- name: Get changed files
|
||||
run: |
|
||||
mkdir -p /tmp/pr-detect
|
||||
git fetch origin "${{ github.base_ref }}" --depth=1 2>/dev/null
|
||||
git fetch origin "${{ github.head_ref }}" --depth=1 2>/dev/null
|
||||
git diff --name-only "origin/${{ github.base_ref }}" "${{ github.head_ref }}" > /tmp/pr-detect/changed_files.txt
|
||||
git fetch origin "$BASE_REF" --depth=1 2>/dev/null
|
||||
git fetch origin +refs/pull/*/head:refs/pull/*/head --depth=1 2>/dev/null
|
||||
git diff --name-only "origin/$BASE_REF" HEAD > /tmp/pr-detect/changed_files.txt
|
||||
echo "Files found: $(wc -l < /tmp/pr-detect/changed_files.txt)"
|
||||
cat /tmp/pr-detect/changed_files.txt
|
||||
|
||||
@@ -59,6 +67,7 @@ jobs:
|
||||
|
||||
- name: Set PR label
|
||||
if: github.event_name == 'pull_request'
|
||||
continue-on-error: true
|
||||
env:
|
||||
GH_TOKEN: ${{ github.token }}
|
||||
REPO: ${{ github.repository }}
|
||||
|
||||
@@ -39,7 +39,7 @@ jobs:
|
||||
- name: Verify GITEA_RELEASE_TOKEN is configured
|
||||
id: check
|
||||
env:
|
||||
GITEA_RELEASE_TOKEN: ${{ secrets.GITEA_TOKEN }}
|
||||
GITEA_RELEASE_TOKEN: ${{ secrets.GITEA_RELEASE_TOKEN }}
|
||||
run: |
|
||||
if [ -z "$GITEA_RELEASE_TOKEN" ]; then
|
||||
echo "::notice::GITEA_RELEASE_TOKEN org secret is not configured (see PRI-1533). Release skipped — no artifacts will be created."
|
||||
@@ -65,7 +65,7 @@ jobs:
|
||||
- name: Check write permissions via API
|
||||
id: check
|
||||
env:
|
||||
GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
|
||||
GITEA_TOKEN: ${{ secrets.GITEA_RELEASE_TOKEN }}
|
||||
REPO: ${{ github.repository }}
|
||||
run: |
|
||||
HTTP_CODE=$(curl -sf -o /dev/null -w "%{http_code}" \
|
||||
@@ -101,7 +101,7 @@ jobs:
|
||||
- name: Check if tag already exists
|
||||
id: check
|
||||
env:
|
||||
GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
|
||||
GITEA_TOKEN: ${{ secrets.GITEA_RELEASE_TOKEN }}
|
||||
REPO: ${{ github.repository }}
|
||||
run: |
|
||||
HTTP_CODE=$(curl -sf -o /dev/null -w "%{http_code}" \
|
||||
@@ -183,7 +183,7 @@ jobs:
|
||||
|
||||
- name: Configure Git
|
||||
env:
|
||||
GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
|
||||
GITEA_TOKEN: ${{ secrets.GITEA_RELEASE_TOKEN }}
|
||||
run: |
|
||||
git config --global user.name "github-actions[bot]"
|
||||
git config --global user.email "github-actions[bot]@users.noreply.github.com"
|
||||
@@ -215,7 +215,7 @@ jobs:
|
||||
- name: Update appVersion from upstream release
|
||||
if: inputs.upstream-repo != ''
|
||||
env:
|
||||
GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
|
||||
GITEA_TOKEN: ${{ secrets.GITEA_RELEASE_TOKEN }}
|
||||
run: |
|
||||
APP_VERSION=$(curl -sf \
|
||||
-H "Authorization: token ${GITEA_TOKEN}" \
|
||||
@@ -290,7 +290,7 @@ jobs:
|
||||
|
||||
- name: Commit and tag
|
||||
env:
|
||||
GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
|
||||
GITEA_TOKEN: ${{ secrets.GITEA_RELEASE_TOKEN }}
|
||||
run: |
|
||||
VERSION="${{ inputs.version }}"
|
||||
BRANCH="release/v${VERSION}"
|
||||
@@ -307,7 +307,7 @@ jobs:
|
||||
|
||||
- name: Create Gitea Release
|
||||
env:
|
||||
GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
|
||||
GITEA_TOKEN: ${{ secrets.GITEA_RELEASE_TOKEN }}
|
||||
REPO: ${{ github.repository }}
|
||||
run: |
|
||||
VERSION="${{ inputs.version }}"
|
||||
@@ -340,7 +340,7 @@ jobs:
|
||||
|
||||
- name: Create PR for version bump
|
||||
env:
|
||||
GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
|
||||
GITEA_TOKEN: ${{ secrets.GITEA_RELEASE_TOKEN }}
|
||||
REPO: ${{ github.repository }}
|
||||
run: |
|
||||
set -o pipefail
|
||||
@@ -398,7 +398,7 @@ jobs:
|
||||
|
||||
- name: Verify checksums are consistent (main == tag == tarball)
|
||||
env:
|
||||
GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
|
||||
GITEA_TOKEN: ${{ secrets.GITEA_RELEASE_TOKEN }}
|
||||
REPO: ${{ github.repository }}
|
||||
run: |
|
||||
VERSION="${{ inputs.version }}"
|
||||
|
||||
@@ -11,26 +11,34 @@ jobs:
|
||||
|
||||
steps:
|
||||
- name: Checkout
|
||||
env:
|
||||
HEAD_REF: ${{ github.head_ref }}
|
||||
BASE_REF: ${{ github.base_ref }}
|
||||
run: |
|
||||
git clone --depth=1 "https://x-access-token:${{ secrets.GITEA_TOKEN }}@git.farh.net/${{ github.repository }}.git" .
|
||||
git fetch origin "${{ github.base_ref }}" --depth=1
|
||||
git fetch origin "${{ github.head_ref }}" --depth=1
|
||||
git fetch origin "$BASE_REF" --depth=1
|
||||
git fetch origin +refs/pull/*/head:refs/pull/*/head --depth=1
|
||||
git checkout "${{ github.sha }}"
|
||||
|
||||
- name: Install actionlint
|
||||
run: |
|
||||
ACTIONLINT_VERSION="1.7.7"
|
||||
mkdir -p "$HOME/.local/bin"
|
||||
curl -fsSL "https://github.com/rhysd/actionlint/releases/download/v${ACTIONLINT_VERSION}/actionlint_${ACTIONLINT_VERSION}_linux_amd64.tar.gz" \
|
||||
apt-get install -y wget -qq >/dev/null 2>&1 || true
|
||||
wget -qO- "https://github.com/rhysd/actionlint/releases/download/v${ACTIONLINT_VERSION}/actionlint_${ACTIONLINT_VERSION}_linux_amd64.tar.gz" \
|
||||
| tar -xz -C "$HOME/.local/bin" actionlint
|
||||
echo "$HOME/.local/bin" >> "$GITHUB_PATH"
|
||||
|
||||
- name: Validate workflow YAML with actionlint
|
||||
run: actionlint -color .github/workflows/*.yaml
|
||||
run: actionlint -shellcheck="" -color .github/workflows/*.yaml
|
||||
|
||||
- name: Install shellcheck
|
||||
run: |
|
||||
sudo apt-get update -qq && sudo apt-get install -y -qq shellcheck >/dev/null 2>&1
|
||||
SC_VERSION="v0.10.0"
|
||||
mkdir -p "$HOME/.local/bin"
|
||||
wget -qO- "https://github.com/koalaman/shellcheck/releases/download/${SC_VERSION}/shellcheck-${SC_VERSION}.linux.x86_64.tar.xz" \
|
||||
| tar -xJ --strip-components=1 -C "$HOME/.local/bin" "shellcheck-${SC_VERSION}/shellcheck"
|
||||
echo "$HOME/.local/bin" >> "$GITHUB_PATH"
|
||||
|
||||
- name: Shellcheck scripts
|
||||
run: |
|
||||
|
||||
Reference in New Issue
Block a user