github/tor-guard-relay
1
1
Fork 0
mirror of https://github.com/r3bo0tbx1/tor-guard-relay.git synced 2026-04-06 00:32:04 +02:00
Code Issues Packages Projects Releases Wiki Activity

🏗️ build(deps): upgrade actions/checkout and actions/upload-artifact versions

Browse Source
This commit is contained in:
rE-Bo0t.bx1
2026-03-09 18:34:28 +08:00
parent c004fe23b9
commit 1f88765494
4 changed files with 42 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/assign.yml vendored
View File

@@ -11,7 +11,7 @@ jobs:
pull-requests: write
steps:
- name: Assign reviewer and assignee
uses: actions/github-script@v7
uses: actions/github-script@v8
with:
script: |
await github.rest.pulls.requestReviewers({

3
.github/workflows/cleanup.yml vendored
View File

@@ -43,7 +43,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: 📥 Checkout Repository
uses: actions/checkout@v5
uses: actions/checkout@v6
- name: 🪄 Clean Docker Hub Tags
env:
@@ -66,7 +66,6 @@ jobs:
ALL_TAGS=$(curl -s -H "Authorization: JWT $TOKEN" \
"https://hub.docker.com/v2/repositories/$REPOSITORY/tags/?page_size=100")
# Filter out moving tags and count only the real version tags
VERSION_TAGS=$(echo "$ALL_TAGS" | jq -r '.results | sort_by(.last_updated) | reverse | .[].name' | grep -E -v "^(latest|edge)$" || true)
COUNT=$(echo "$VERSION_TAGS" | wc -w)

37
.github/workflows/release.yml vendored
View File

@@ -29,12 +29,12 @@ on:
- major
- minor
- patch
workflow_run:
workflows: ['🗑️🧹']
types: [completed]
schedule:
- cron: '30 18 * * 0'
- cron: '0 12 */3 * *'
push:
tags:
- 'v*.*.*'
permissions:
contents: read
@@ -57,10 +57,11 @@ jobs:
build_date: ${{ steps.version.outputs.build_date }}
short_sha: ${{ steps.version.outputs.short_sha }}
build_variants: ${{ steps.version.outputs.build_variants }}
skip: ${{ steps.version.outputs.skip }}
steps:
- name: 📥 Checkout Repository
uses: actions/checkout@v5
uses: actions/checkout@v6
with:
fetch-depth: 0
@@ -78,12 +79,25 @@ jobs:
git tag --sort=-v:refname | grep -E '^v[0-9]+\.[0-9]+\.[0-9]+$' | head -1 || echo "v1.0.0"
}
if [[ "${GITHUB_REF}" == refs/tags/v* ]]; then
VERSION="${GITHUB_REF#refs/tags/v}"
if [[ "${GITHUB_EVENT_NAME}" == "workflow_run" && "${{ github.event.workflow_run.conclusion }}" == "success" ]]; then
if [[ "${{ github.event.workflow_run.event }}" != "push" ]]; then
echo "⏭️ Cleanup was triggered by '${{ github.event.workflow_run.event }}', not a tag push — skipping"
echo "skip=true" >> "$GITHUB_OUTPUT"
exit 0
fi
TRIGGER_SHA="${{ github.event.workflow_run.head_sha }}"
VERSION=$(git tag --sort=-v:refname --points-at "${TRIGGER_SHA}" | grep -E '^v[0-9]+\.[0-9]+\.[0-9]+$' | head -1 || true)
if [ -z "${VERSION}" ]; then
echo "⏭️ No semver tag on triggering commit — skipping"
echo "skip=true" >> "$GITHUB_OUTPUT"
exit 0
fi
VERSION="${VERSION#v}"
BUILD_TYPE="release"
IS_RELEASE="true"
BUILD_VARIANTS="both"
echo "🏷️ Release tag detected: v${VERSION}"
echo "skip=false" >> "$GITHUB_OUTPUT"
echo "🏷️ Release tag detected via cleanup completion: v${VERSION}"
elif [[ "${GITHUB_EVENT_NAME}" == "workflow_dispatch" ]]; then
BUILD_MODE="${{ github.event.inputs.build_mode }}"
BUILD_VARIANTS="${{ github.event.inputs.variants }}"
@@ -152,8 +166,9 @@ jobs:
contents: read
packages: write
if: |
github.event_name != 'workflow_run' ||
github.event.workflow_run.conclusion == 'success'
needs.determine-version.outputs.skip != 'true' &&
(github.event_name != 'workflow_run' ||
github.event.workflow_run.conclusion == 'success')
strategy:
fail-fast: false
matrix:
@@ -173,7 +188,7 @@ jobs:
steps:
- name: 📥 Checkout Repository
uses: actions/checkout@v5
uses: actions/checkout@v6
- name: 🎯 Check if variant should be built
id: should_build
@@ -448,7 +463,7 @@ jobs:
steps:
- name: 📥 Checkout Repository
uses: actions/checkout@v5
uses: actions/checkout@v6
with:
fetch-depth: 0

40
.github/workflows/validate.yml vendored
View File

@@ -40,7 +40,7 @@ jobs:
steps:
- name: Checkout Repository
uses: actions/checkout@v5
uses: actions/checkout@v6
- name: 🐳 Lint Dockerfile with Hadolint
uses: hadolint/hadolint-action@v3.3.0
@@ -61,8 +61,6 @@ jobs:
echo "🔍 Checking Shell Script Syntax"
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
echo ""
# Check main entrypoint script
if [ -f docker-entrypoint.sh ]; then
echo "📄 Checking docker-entrypoint.sh..."
sh -n docker-entrypoint.sh || exit 1
@@ -72,11 +70,9 @@ jobs:
echo ""
echo "📁 Checking tools directory (no .sh extension)..."
# Check if tools directory exists
if [ ! -d "tools" ]; then
echo " ⚠️ tools/ directory not found"
else
# Check all files in tools/ (no .sh extension)
TOOL_COUNT=0
for script in tools/status tools/health tools/fingerprint tools/bridge-line tools/gen-auth tools/gen-family; do
if [ -f "$script" ]; then
@@ -89,7 +85,7 @@ jobs:
echo ""
echo " ✅ All $TOOL_COUNT tool scripts validated"
fi
echo ""
echo "🎉 Shell script syntax validation complete"
@@ -104,14 +100,11 @@ jobs:
echo "🔎 Running ShellCheck Static Analysis"
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
echo ""
# ShellCheck main scripts
if [ -f docker-entrypoint.sh ]; then
echo "🔍 ShellCheck: docker-entrypoint.sh"
shellcheck -S warning docker-entrypoint.sh || true
fi
# ShellCheck all tools (no .sh extension)
if [ -d "tools" ]; then
echo ""
echo "🔍 ShellCheck: tools/*"
@@ -122,7 +115,7 @@ jobs:
fi
done
fi
echo ""
echo "✅ ShellCheck analysis complete"
@@ -141,15 +134,12 @@ jobs:
HAS_SH_EXT=0
NO_EXT_COUNT=0
# Check all files in tools/
for file in tools/*; do
[ -f "$file" ] || continue
filename=$(basename "$file")
# Check if it's a shell script (has shebang)
if head -1 "$file" 2>/dev/null | grep -q "^#!/"; then
# Tools should NOT have .sh extension
if echo "$filename" | grep -q '\.sh$'; then
echo "❌ Tool should NOT have .sh extension: $filename"
HAS_SH_EXT=1
@@ -168,7 +158,7 @@ jobs:
if [ $HAS_SH_EXT -eq 1 ]; then
echo "❌ Some tools have .sh extension (should not have it)"
exit 1
elif [ $NO_EXT_COUNT -lt 5 ]; then
elif [ $NO_EXT_COUNT -lt 6 ]; then
echo "❌ Expected 6 tools (status, health, fingerprint, bridge-line, gen-auth, gen-family)"
exit 1
else
@@ -257,7 +247,7 @@ jobs:
steps:
- name: 📥 Checkout Repository
uses: actions/checkout@v5
uses: actions/checkout@v6
- name: 🖥️ Set up QEMU
uses: docker/setup-qemu-action@v3
@@ -288,7 +278,7 @@ jobs:
echo "📦 Image size: $(du -h /tmp/tor-relay-test.tar | cut -f1)"
- name: ⬆️ Upload Image Artifact
uses: actions/upload-artifact@v5
uses: actions/upload-artifact@v4
with:
name: docker-image
path: /tmp/tor-relay-test.tar
@@ -301,10 +291,10 @@ jobs:
steps:
- name: 📥 Checkout Repository
uses: actions/checkout@v5
uses: actions/checkout@v6
- name: ⬇️ Download Docker Image
uses: actions/download-artifact@v6
uses: actions/download-artifact@v4
with:
name: docker-image
path: /tmp
@@ -409,10 +399,10 @@ jobs:
steps:
- name: 📥 Checkout Repository
uses: actions/checkout@v5
uses: actions/checkout@v6
- name: ⬇️ Download Docker Image
uses: actions/download-artifact@v6
uses: actions/download-artifact@v4
with:
name: docker-image
path: /tmp
@@ -510,7 +500,7 @@ jobs:
continue-on-error: true
- name: ⬆️ Upload Full Report Artifact
uses: actions/upload-artifact@v5
uses: actions/upload-artifact@v4
with:
name: trivy-security-report
path: trivy-full-report.json
@@ -555,10 +545,10 @@ jobs:
steps:
- name: 📥 Checkout Repository
uses: actions/checkout@v5
uses: actions/checkout@v6
- name: ⬇️ Download Docker Image
uses: actions/download-artifact@v6
uses: actions/download-artifact@v4
with:
name: docker-image
path: /tmp
@@ -617,7 +607,6 @@ jobs:
if [ -f \"\$tool\" ]; then
BASENAME=\$(basename \"\$tool\")
echo \"🔍 Testing \$BASENAME...\"
# Tools require Tor to be running, just verify they're executable
test -x \"\$tool\" && echo \" ✅ \$BASENAME is executable\" || exit 1
fi
done
@@ -679,5 +668,4 @@ jobs:
if: failure()
run: |
echo "❌ Build pipeline failed - check logs above for details"
exit 1
exit 1