From 90f5adda22a170d669f415769d24c6ab04c736a7 Mon Sep 17 00:00:00 2001 From: skjnldsv Date: Sat, 13 Jul 2024 11:07:17 +0200 Subject: [PATCH] chore: update workflows from templates Signed-off-by: skjnldsv --- .github/workflows/appstore-build-publish.yml | 23 +++++++++-------- .github/workflows/lint-eslint.yml | 15 ++++++----- .github/workflows/lint-info-xml.yml | 5 +++- .github/workflows/lint-php-cs.yml | 7 ++++-- .github/workflows/lint-php.yml | 11 ++++++--- .github/workflows/npm-audit-fix.yml | 26 +++++++++++--------- .github/workflows/pr-feedback.yml | 15 ++++++++--- .github/workflows/psalm-matrix.yml | 11 ++++++--- 8 files changed, 71 insertions(+), 42 deletions(-) diff --git a/.github/workflows/appstore-build-publish.yml b/.github/workflows/appstore-build-publish.yml index 5bc44eee..7be03c06 100644 --- a/.github/workflows/appstore-build-publish.yml +++ b/.github/workflows/appstore-build-publish.yml @@ -2,6 +2,9 @@ # # https://github.com/nextcloud/.github # https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization +# +# SPDX-FileCopyrightText: 2021-2024 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: MIT name: Build and publish app release @@ -29,7 +32,7 @@ jobs: echo "APP_VERSION=${GITHUB_REF##*/}" >> $GITHUB_ENV - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: path: ${{ env.APP_NAME }} @@ -41,7 +44,7 @@ jobs: expression: "//info//dependencies//nextcloud/@min-version" - name: Read package.json node and npm engines version - uses: skjnldsv/read-package-engines-version-actions@8205673bab74a63eb9b8093402fd9e0e018663a1 # v2.2 + uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3 id: versions # Continue if no package.json continue-on-error: true @@ -53,14 +56,14 @@ jobs: - name: Set up node ${{ steps.versions.outputs.nodeVersion }} # Skip if no package.json if: ${{ steps.versions.outputs.nodeVersion }} - uses: actions/setup-node@1a4442cacd436585916779262731d5b162bc6ec7 # v3 + uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v3 with: node-version: ${{ steps.versions.outputs.nodeVersion }} - name: Set up npm ${{ steps.versions.outputs.npmVersion }} # Skip if no package.json if: ${{ steps.versions.outputs.npmVersion }} - run: npm i -g npm@"${{ steps.versions.outputs.npmVersion }}" + run: npm i -g 'npm@${{ steps.versions.outputs.npmVersion }}' - name: Get php version id: php-versions @@ -69,7 +72,7 @@ jobs: filename: ${{ env.APP_NAME }}/appinfo/info.xml - name: Set up php ${{ steps.php-versions.outputs.php-min }} - uses: shivammathur/setup-php@2e947f1f6932d141d076ca441d0e1e881775e95b # v2 + uses: shivammathur/setup-php@2e947f1f6932d141d076ca441d0e1e881775e95b # v2.31.0 with: php-version: ${{ steps.php-versions.outputs.php-min }} coverage: none @@ -92,11 +95,11 @@ jobs: # Skip if no package.json if: ${{ steps.versions.outputs.nodeVersion }} env: - CYPRESS_INSTALL_BINARY: 0 + NODE_ENV: production run: | cd ${{ env.APP_NAME }} npm ci - npm run build + npm run build --if-present - name: Check Krankerl config id: krankerl @@ -126,12 +129,12 @@ jobs: continue-on-error: true id: server-checkout run: | - NCVERSION=${{ fromJSON(steps.appinfo.outputs.result).nextcloud.min-version }} + NCVERSION='${{ fromJSON(steps.appinfo.outputs.result).nextcloud.min-version }}' wget --quiet https://download.nextcloud.com/server/releases/latest-$NCVERSION.zip unzip latest-$NCVERSION.zip - name: Checkout server master fallback - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 if: ${{ steps.server-checkout.outcome != 'success' }} with: submodules: true @@ -145,7 +148,7 @@ jobs: tar -xvf ${{ env.APP_NAME }}.tar.gz cd ../../../ # Setting up keys - echo "${{ secrets.APP_PRIVATE_KEY }}" > ${{ env.APP_NAME }}.key + echo '${{ secrets.APP_PRIVATE_KEY }}' > ${{ env.APP_NAME }}.key wget --quiet "https://github.com/nextcloud/app-certificate-requests/raw/master/${{ env.APP_NAME }}/${{ env.APP_NAME }}.crt" # Signing php nextcloud/occ integrity:sign-app --privateKey=../${{ env.APP_NAME }}.key --certificate=../${{ env.APP_NAME }}.crt --path=../${{ env.APP_NAME }}/build/artifacts/${{ env.APP_NAME }} diff --git a/.github/workflows/lint-eslint.yml b/.github/workflows/lint-eslint.yml index 2f1f0d42..0057e57c 100644 --- a/.github/workflows/lint-eslint.yml +++ b/.github/workflows/lint-eslint.yml @@ -3,8 +3,8 @@ # https://github.com/nextcloud/.github # https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization # -# Use lint-eslint together with lint-eslint-when-unrelated to make eslint a required check for GitHub actions -# https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/troubleshooting-required-status-checks#handling-skipped-but-required-checks +# SPDX-FileCopyrightText: 2021-2024 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: MIT name: Lint eslint @@ -20,6 +20,9 @@ concurrency: jobs: changes: runs-on: ubuntu-latest-low + permissions: + contents: read + pull-requests: read outputs: src: ${{ steps.changes.outputs.src}} @@ -53,22 +56,22 @@ jobs: steps: - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Read package.json node and npm engines version - uses: skjnldsv/read-package-engines-version-actions@8205673bab74a63eb9b8093402fd9e0e018663a1 # v2.2 + uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3 id: versions with: fallbackNode: '^20' fallbackNpm: '^10' - name: Set up node ${{ steps.versions.outputs.nodeVersion }} - uses: actions/setup-node@1a4442cacd436585916779262731d5b162bc6ec7 # v3 + uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v3 with: node-version: ${{ steps.versions.outputs.nodeVersion }} - name: Set up npm ${{ steps.versions.outputs.npmVersion }} - run: npm i -g npm@"${{ steps.versions.outputs.npmVersion }}" + run: npm i -g 'npm@${{ steps.versions.outputs.npmVersion }}' - name: Install dependencies env: diff --git a/.github/workflows/lint-info-xml.yml b/.github/workflows/lint-info-xml.yml index 492e8a01..736a8950 100644 --- a/.github/workflows/lint-info-xml.yml +++ b/.github/workflows/lint-info-xml.yml @@ -2,6 +2,9 @@ # # https://github.com/nextcloud/.github # https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization +# +# SPDX-FileCopyrightText: 2021-2024 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: MIT name: Lint info.xml @@ -21,7 +24,7 @@ jobs: name: info.xml lint steps: - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Download schema run: wget https://raw.githubusercontent.com/nextcloud/appstore/master/nextcloudappstore/api/v1/release/info.xsd diff --git a/.github/workflows/lint-php-cs.yml b/.github/workflows/lint-php-cs.yml index babfb72b..b6f12320 100644 --- a/.github/workflows/lint-php-cs.yml +++ b/.github/workflows/lint-php-cs.yml @@ -2,6 +2,9 @@ # # https://github.com/nextcloud/.github # https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization +# +# SPDX-FileCopyrightText: 2021-2024 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: MIT name: Lint php-cs @@ -22,14 +25,14 @@ jobs: steps: - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Get php version id: versions uses: icewind1991/nextcloud-version-matrix@58becf3b4bb6dc6cef677b15e2fd8e7d48c0908f # v1.3.1 - name: Set up php${{ steps.versions.outputs.php-available }} - uses: shivammathur/setup-php@2e947f1f6932d141d076ca441d0e1e881775e95b # v2 + uses: shivammathur/setup-php@2e947f1f6932d141d076ca441d0e1e881775e95b # v2.31.0 with: php-version: ${{ steps.versions.outputs.php-available }} extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite diff --git a/.github/workflows/lint-php.yml b/.github/workflows/lint-php.yml index cfea5a35..fc430376 100644 --- a/.github/workflows/lint-php.yml +++ b/.github/workflows/lint-php.yml @@ -2,6 +2,9 @@ # # https://github.com/nextcloud/.github # https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization +# +# SPDX-FileCopyrightText: 2021-2024 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: MIT name: Lint php @@ -21,10 +24,10 @@ jobs: php-versions: ${{ steps.versions.outputs.php-versions }} steps: - name: Checkout app - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Get version matrix id: versions - uses: icewind1991/nextcloud-version-matrix@c2bf575a3516752db5ce2915499d3f694885e2c7 # v1.0.0 + uses: icewind1991/nextcloud-version-matrix@58becf3b4bb6dc6cef677b15e2fd8e7d48c0908f # v1.0.0 php-lint: runs-on: ubuntu-latest @@ -37,10 +40,10 @@ jobs: steps: - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set up php ${{ matrix.php-versions }} - uses: shivammathur/setup-php@2e947f1f6932d141d076ca441d0e1e881775e95b # v2 + uses: shivammathur/setup-php@2e947f1f6932d141d076ca441d0e1e881775e95b # v2.31.0 with: php-version: ${{ matrix.php-versions }} extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite diff --git a/.github/workflows/npm-audit-fix.yml b/.github/workflows/npm-audit-fix.yml index 556150e2..0e7ba4b5 100644 --- a/.github/workflows/npm-audit-fix.yml +++ b/.github/workflows/npm-audit-fix.yml @@ -2,6 +2,9 @@ # # https://github.com/nextcloud/.github # https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization +# +# SPDX-FileCopyrightText: 2023-2024 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: MIT name: Npm audit fix and compile @@ -18,34 +21,34 @@ jobs: strategy: fail-fast: false matrix: - branches: ['main', 'stable1.4'] + branches: ['main', 'master', 'stable29', 'stable28', 'stable27'] name: npm-audit-fix-${{ matrix.branches }} steps: - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: ref: ${{ matrix.branches }} - name: Read package.json node and npm engines version - uses: skjnldsv/read-package-engines-version-actions@8205673bab74a63eb9b8093402fd9e0e018663a1 # v2.2 + uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3 id: versions with: fallbackNode: '^20' fallbackNpm: '^10' - name: Set up node ${{ steps.versions.outputs.nodeVersion }} - uses: actions/setup-node@1a4442cacd436585916779262731d5b162bc6ec7 # v3 + uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v3 with: node-version: ${{ steps.versions.outputs.nodeVersion }} - name: Set up npm ${{ steps.versions.outputs.npmVersion }} - run: npm i -g npm@"${{ steps.versions.outputs.npmVersion }}" + run: npm i -g 'npm@${{ steps.versions.outputs.npmVersion }}' - name: Fix npm audit - run: | - npm audit fix + id: npm-audit + uses: nextcloud-libraries/npm-audit-action@2a60bd2e79cc77f2cc4d9a3fe40f1a69896f3a87 # v0.1.0 - name: Run npm ci and npm run build if: always() @@ -57,17 +60,16 @@ jobs: - name: Create Pull Request if: always() - uses: peter-evans/create-pull-request@a4f52f8033a6168103c2538976c07b467e8163bc # v6.0.1 + uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0 with: token: ${{ secrets.COMMAND_BOT_PAT }} - commit-message: "fix(deps): fix npm audit" + commit-message: 'fix(deps): Fix npm audit' committer: GitHub author: nextcloud-command signoff: true branch: automated/noid/${{ matrix.branches }}-fix-npm-audit - title: "[${{ matrix.branches }}] Fix npm audit" - body: | - Auto-generated fix of npm audit + title: '[${{ matrix.branches }}] Fix npm audit' + body: ${{ steps.npm-audit.outputs.markdown }} labels: | dependencies 3. to review diff --git a/.github/workflows/pr-feedback.yml b/.github/workflows/pr-feedback.yml index 940eda23..7b68226f 100644 --- a/.github/workflows/pr-feedback.yml +++ b/.github/workflows/pr-feedback.yml @@ -24,18 +24,27 @@ jobs: id: scrape with: website: 'https://nextcloud.com/team/' + + - name: Get blocklist + id: blocklist + run: | + blocklist=$(curl https://raw.githubusercontent.com/nextcloud/.github/master/non-community-usernames.txt | paste -s -d, -) + echo "blocklist=$blocklist" >> "$GITHUB_OUTPUT" + - uses: marcelklehr/pr-feedback-action@1883b38a033fb16f576875e0cf45f98b857655c4 with: feedback-message: | Hello there, - Thank you so much for taking the time and effort to create a pull request to our Nextcloud project. + Thank you so much for taking the time and effort to create a pull request to our Nextcloud project. We hope that the review process is going smooth and is helpful for you. We want to ensure your pull request is reviewed to your satisfaction. If you have a moment, our community management team would very much appreciate your feedback on your experience with this PR review process. Your feedback is valuable to us as we continuously strive to improve our community developer experience. Please take a moment to complete our short survey by clicking on the following link: https://cloud.nextcloud.com/apps/forms/s/i9Ago4EQRZ7TWxjfmeEpPkf6 Thank you for contributing to Nextcloud and we hope to hear from you soon! + + (If you believe you should not receive this message, you can add yourself to the [blocklist](https://github.com/nextcloud/.github/blob/master/non-community-usernames.txt).) days-before-feedback: 14 - start-date: "2023-07-10" - exempt-authors: "${{ steps.scrape.outputs.users }},nextcloud-command,nextcloud-android-bot,skjnldsv,datenangebot" + start-date: '2024-04-30' + exempt-authors: '${{ steps.blocklist.outputs.blocklist }},${{ steps.scrape.outputs.users }},nextcloud-command,nextcloud-android-bot' exempt-bots: true diff --git a/.github/workflows/psalm-matrix.yml b/.github/workflows/psalm-matrix.yml index 5d04f4c1..64da948a 100644 --- a/.github/workflows/psalm-matrix.yml +++ b/.github/workflows/psalm-matrix.yml @@ -2,6 +2,9 @@ # # https://github.com/nextcloud/.github # https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization +# +# SPDX-FileCopyrightText: 2022-2024 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: MIT name: Static analysis @@ -18,7 +21,7 @@ jobs: ocp-matrix: ${{ steps.versions.outputs.ocp-matrix }} steps: - name: Checkout app - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Get version matrix id: versions uses: icewind1991/nextcloud-version-matrix@58becf3b4bb6dc6cef677b15e2fd8e7d48c0908f # v1.3.1 @@ -34,10 +37,10 @@ jobs: name: static-psalm-analysis ${{ matrix.ocp-version }} steps: - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set up php${{ matrix.php-versions }} - uses: shivammathur/setup-php@2e947f1f6932d141d076ca441d0e1e881775e95b # v2 + uses: shivammathur/setup-php@2e947f1f6932d141d076ca441d0e1e881775e95b # v2.31.0 with: php-version: ${{ matrix.php-versions }} extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite @@ -50,7 +53,7 @@ jobs: run: composer i - name: Install dependencies - run: composer require --dev nextcloud/ocp:${{ matrix.ocp-version }} --ignore-platform-reqs --with-dependencies + run: composer require --dev 'nextcloud/ocp:${{ matrix.ocp-version }}' --ignore-platform-reqs --with-dependencies - name: Run coding standards check run: composer run psalm