From 1f88765494a93962eac4e2989bc01926a0efea62 Mon Sep 17 00:00:00 2001 From: "rE-Bo0t.bx1" <54429050+r3bo0tbx1@users.noreply.github.com> Date: Mon, 9 Mar 2026 18:34:28 +0800 Subject: [PATCH] =?UTF-8?q?=F0=9F=8F=97=EF=B8=8F=20build(deps):=20upgrade?= =?UTF-8?q?=20actions/checkout=20and=20actions/upload-artifact=20versions?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/assign.yml | 2 +- .github/workflows/cleanup.yml | 3 +-- .github/workflows/release.yml | 37 +++++++++++++++++++++---------- .github/workflows/validate.yml | 40 ++++++++++++---------------------- 4 files changed, 42 insertions(+), 40 deletions(-) diff --git a/.github/workflows/assign.yml b/.github/workflows/assign.yml index 36367c2..ced1895 100644 --- a/.github/workflows/assign.yml +++ b/.github/workflows/assign.yml @@ -11,7 +11,7 @@ jobs: pull-requests: write steps: - name: Assign reviewer and assignee - uses: actions/github-script@v7 + uses: actions/github-script@v8 with: script: | await github.rest.pulls.requestReviewers({ diff --git a/.github/workflows/cleanup.yml b/.github/workflows/cleanup.yml index 08f6a95..3b9d592 100644 --- a/.github/workflows/cleanup.yml +++ b/.github/workflows/cleanup.yml @@ -43,7 +43,7 @@ jobs: runs-on: ubuntu-latest steps: - name: ๐Ÿ“ฅ Checkout Repository - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: ๐Ÿช„ Clean Docker Hub Tags env: @@ -66,7 +66,6 @@ jobs: ALL_TAGS=$(curl -s -H "Authorization: JWT $TOKEN" \ "https://hub.docker.com/v2/repositories/$REPOSITORY/tags/?page_size=100") - # Filter out moving tags and count only the real version tags VERSION_TAGS=$(echo "$ALL_TAGS" | jq -r '.results | sort_by(.last_updated) | reverse | .[].name' | grep -E -v "^(latest|edge)$" || true) COUNT=$(echo "$VERSION_TAGS" | wc -w) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 52dbf8c..e91e1e6 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -29,12 +29,12 @@ on: - major - minor - patch + workflow_run: + workflows: ['๐Ÿ—‘๏ธ๐Ÿงน'] + types: [completed] schedule: - cron: '30 18 * * 0' - cron: '0 12 */3 * *' - push: - tags: - - 'v*.*.*' permissions: contents: read @@ -57,10 +57,11 @@ jobs: build_date: ${{ steps.version.outputs.build_date }} short_sha: ${{ steps.version.outputs.short_sha }} build_variants: ${{ steps.version.outputs.build_variants }} + skip: ${{ steps.version.outputs.skip }} steps: - name: ๐Ÿ“ฅ Checkout Repository - uses: actions/checkout@v5 + uses: actions/checkout@v6 with: fetch-depth: 0 @@ -78,12 +79,25 @@ jobs: git tag --sort=-v:refname | grep -E '^v[0-9]+\.[0-9]+\.[0-9]+$' | head -1 || echo "v1.0.0" } - if [[ "${GITHUB_REF}" == refs/tags/v* ]]; then - VERSION="${GITHUB_REF#refs/tags/v}" + if [[ "${GITHUB_EVENT_NAME}" == "workflow_run" && "${{ github.event.workflow_run.conclusion }}" == "success" ]]; then + if [[ "${{ github.event.workflow_run.event }}" != "push" ]]; then + echo "โญ๏ธ Cleanup was triggered by '${{ github.event.workflow_run.event }}', not a tag push โ€” skipping" + echo "skip=true" >> "$GITHUB_OUTPUT" + exit 0 + fi + TRIGGER_SHA="${{ github.event.workflow_run.head_sha }}" + VERSION=$(git tag --sort=-v:refname --points-at "${TRIGGER_SHA}" | grep -E '^v[0-9]+\.[0-9]+\.[0-9]+$' | head -1 || true) + if [ -z "${VERSION}" ]; then + echo "โญ๏ธ No semver tag on triggering commit โ€” skipping" + echo "skip=true" >> "$GITHUB_OUTPUT" + exit 0 + fi + VERSION="${VERSION#v}" BUILD_TYPE="release" IS_RELEASE="true" BUILD_VARIANTS="both" - echo "๐Ÿท๏ธ Release tag detected: v${VERSION}" + echo "skip=false" >> "$GITHUB_OUTPUT" + echo "๐Ÿท๏ธ Release tag detected via cleanup completion: v${VERSION}" elif [[ "${GITHUB_EVENT_NAME}" == "workflow_dispatch" ]]; then BUILD_MODE="${{ github.event.inputs.build_mode }}" BUILD_VARIANTS="${{ github.event.inputs.variants }}" @@ -152,8 +166,9 @@ jobs: contents: read packages: write if: | - github.event_name != 'workflow_run' || - github.event.workflow_run.conclusion == 'success' + needs.determine-version.outputs.skip != 'true' && + (github.event_name != 'workflow_run' || + github.event.workflow_run.conclusion == 'success') strategy: fail-fast: false matrix: @@ -173,7 +188,7 @@ jobs: steps: - name: ๐Ÿ“ฅ Checkout Repository - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: ๐ŸŽฏ Check if variant should be built id: should_build @@ -448,7 +463,7 @@ jobs: steps: - name: ๐Ÿ“ฅ Checkout Repository - uses: actions/checkout@v5 + uses: actions/checkout@v6 with: fetch-depth: 0 diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index a6cf4a3..cbd2ffb 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -40,7 +40,7 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: ๐Ÿณ Lint Dockerfile with Hadolint uses: hadolint/hadolint-action@v3.3.0 @@ -61,8 +61,6 @@ jobs: echo "๐Ÿ” Checking Shell Script Syntax" echo "โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”" echo "" - - # Check main entrypoint script if [ -f docker-entrypoint.sh ]; then echo "๐Ÿ“„ Checking docker-entrypoint.sh..." sh -n docker-entrypoint.sh || exit 1 @@ -72,11 +70,9 @@ jobs: echo "" echo "๐Ÿ“ Checking tools directory (no .sh extension)..." - # Check if tools directory exists if [ ! -d "tools" ]; then echo " โš ๏ธ tools/ directory not found" else - # Check all files in tools/ (no .sh extension) TOOL_COUNT=0 for script in tools/status tools/health tools/fingerprint tools/bridge-line tools/gen-auth tools/gen-family; do if [ -f "$script" ]; then @@ -89,7 +85,7 @@ jobs: echo "" echo " โœ… All $TOOL_COUNT tool scripts validated" fi - + echo "" echo "๐ŸŽ‰ Shell script syntax validation complete" @@ -104,14 +100,11 @@ jobs: echo "๐Ÿ”Ž Running ShellCheck Static Analysis" echo "โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”" echo "" - - # ShellCheck main scripts if [ -f docker-entrypoint.sh ]; then echo "๐Ÿ” ShellCheck: docker-entrypoint.sh" shellcheck -S warning docker-entrypoint.sh || true fi - # ShellCheck all tools (no .sh extension) if [ -d "tools" ]; then echo "" echo "๐Ÿ” ShellCheck: tools/*" @@ -122,7 +115,7 @@ jobs: fi done fi - + echo "" echo "โœ… ShellCheck analysis complete" @@ -141,15 +134,12 @@ jobs: HAS_SH_EXT=0 NO_EXT_COUNT=0 - # Check all files in tools/ for file in tools/*; do [ -f "$file" ] || continue filename=$(basename "$file") - # Check if it's a shell script (has shebang) if head -1 "$file" 2>/dev/null | grep -q "^#!/"; then - # Tools should NOT have .sh extension if echo "$filename" | grep -q '\.sh$'; then echo "โŒ Tool should NOT have .sh extension: $filename" HAS_SH_EXT=1 @@ -168,7 +158,7 @@ jobs: if [ $HAS_SH_EXT -eq 1 ]; then echo "โŒ Some tools have .sh extension (should not have it)" exit 1 - elif [ $NO_EXT_COUNT -lt 5 ]; then + elif [ $NO_EXT_COUNT -lt 6 ]; then echo "โŒ Expected 6 tools (status, health, fingerprint, bridge-line, gen-auth, gen-family)" exit 1 else @@ -257,7 +247,7 @@ jobs: steps: - name: ๐Ÿ“ฅ Checkout Repository - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: ๐Ÿ–ฅ๏ธ Set up QEMU uses: docker/setup-qemu-action@v3 @@ -288,7 +278,7 @@ jobs: echo "๐Ÿ“ฆ Image size: $(du -h /tmp/tor-relay-test.tar | cut -f1)" - name: โฌ†๏ธ Upload Image Artifact - uses: actions/upload-artifact@v5 + uses: actions/upload-artifact@v4 with: name: docker-image path: /tmp/tor-relay-test.tar @@ -301,10 +291,10 @@ jobs: steps: - name: ๐Ÿ“ฅ Checkout Repository - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: โฌ‡๏ธ Download Docker Image - uses: actions/download-artifact@v6 + uses: actions/download-artifact@v4 with: name: docker-image path: /tmp @@ -409,10 +399,10 @@ jobs: steps: - name: ๐Ÿ“ฅ Checkout Repository - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: โฌ‡๏ธ Download Docker Image - uses: actions/download-artifact@v6 + uses: actions/download-artifact@v4 with: name: docker-image path: /tmp @@ -510,7 +500,7 @@ jobs: continue-on-error: true - name: โฌ†๏ธ Upload Full Report Artifact - uses: actions/upload-artifact@v5 + uses: actions/upload-artifact@v4 with: name: trivy-security-report path: trivy-full-report.json @@ -555,10 +545,10 @@ jobs: steps: - name: ๐Ÿ“ฅ Checkout Repository - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: โฌ‡๏ธ Download Docker Image - uses: actions/download-artifact@v6 + uses: actions/download-artifact@v4 with: name: docker-image path: /tmp @@ -617,7 +607,6 @@ jobs: if [ -f \"\$tool\" ]; then BASENAME=\$(basename \"\$tool\") echo \"๐Ÿ” Testing \$BASENAME...\" - # Tools require Tor to be running, just verify they're executable test -x \"\$tool\" && echo \" โœ… \$BASENAME is executable\" || exit 1 fi done @@ -679,5 +668,4 @@ jobs: if: failure() run: | echo "โŒ Build pipeline failed - check logs above for details" - exit 1 - + exit 1 \ No newline at end of file