From fe9d40eb127a47ad173f2e26d43346255415d4d6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 May 2023 18:51:27 -0400 Subject: [PATCH 1/9] build(deps): bump flask from 2.2.3 to 2.3.2 (#175) Bumps [flask](https://github.com/pallets/flask) from 2.2.3 to 2.3.2. - [Release notes](https://github.com/pallets/flask/releases) - [Changelog](https://github.com/pallets/flask/blob/main/CHANGES.rst) - [Commits](https://github.com/pallets/flask/compare/2.2.3...2.3.2) --- updated-dependencies: - dependency-name: flask dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index e900aa6..8097f21 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,5 +1,5 @@ beautifulsoup4==4.12.2 -Flask==2.2.3 +Flask==2.3.2 igdb-api-v4==0.1.0 libgravatar==1.0.4 py-cord==2.4.1 From 60fed2cbb8aee82ac1cbac5b7e330f9ee91573c2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 May 2023 18:54:27 -0400 Subject: [PATCH 2/9] build(deps): bump requests from 2.28.2 to 2.31.0 (#177) Bumps [requests](https://github.com/psf/requests) from 2.28.2 to 2.31.0. - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](https://github.com/psf/requests/compare/v2.28.2...v2.31.0) --- updated-dependencies: - dependency-name: requests dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 8097f21..d9e87d3 100644 --- a/requirements.txt +++ b/requirements.txt @@ -4,4 +4,4 @@ igdb-api-v4==0.1.0 libgravatar==1.0.4 py-cord==2.4.1 python-dotenv==1.0.0 -requests==2.28.2 +requests==2.31.0 From ff1c26b6a76f7a498bbd33c119056b3b644fc8cf Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 May 2023 19:01:41 -0400 Subject: [PATCH 3/9] build(deps): bump igdb-api-v4 from 0.1.0 to 0.2.0 (#178) Bumps [igdb-api-v4](https://github.com/twitchtv/igdb-api-python) from 0.1.0 to 0.2.0. - [Release notes](https://github.com/twitchtv/igdb-api-python/releases) - [Commits](https://github.com/twitchtv/igdb-api-python/compare/0.1.0...0.2.0) --- updated-dependencies: - dependency-name: igdb-api-v4 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index d9e87d3..32476f0 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,6 +1,6 @@ beautifulsoup4==4.12.2 Flask==2.3.2 -igdb-api-v4==0.1.0 +igdb-api-v4==0.2.0 libgravatar==1.0.4 py-cord==2.4.1 python-dotenv==1.0.0 From cac5f7efa02b834d7bf815e5330ca93900c025e1 Mon Sep 17 00:00:00 2001 From: LizardByte-bot <108553330+LizardByte-bot@users.noreply.github.com> Date: Thu, 5 Oct 2023 09:14:10 -0400 Subject: [PATCH 4/9] ci: update global workflows (#196) --- .github/workflows/autoupdate-labeler.yml | 72 ------------------------ .github/workflows/autoupdate.yml | 51 ----------------- .github/workflows/pull-requests.yml | 32 ----------- 3 files changed, 155 deletions(-) delete mode 100644 .github/workflows/autoupdate-labeler.yml delete mode 100644 .github/workflows/autoupdate.yml delete mode 100644 .github/workflows/pull-requests.yml diff --git a/.github/workflows/autoupdate-labeler.yml b/.github/workflows/autoupdate-labeler.yml deleted file mode 100644 index 974c9fa..0000000 --- a/.github/workflows/autoupdate-labeler.yml +++ /dev/null @@ -1,72 +0,0 @@ ---- -# This action is centrally managed in https://github.com//.github/ -# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in -# the above-mentioned repo. - -# Label PRs with `autoupdate` if various conditions are met, otherwise, remove the label. - -name: Label PR autoupdate - -on: - pull_request_target: - types: - - edited - - opened - - reopened - - synchronize - -jobs: - label_pr: - if: >- - startsWith(github.repository, 'LizardByte/') && - contains(github.event.pull_request.body, fromJSON('"] I want maintainers to keep my branch updated"')) - runs-on: ubuntu-latest - env: - GH_TOKEN: ${{ github.token }} - steps: - - name: Check if member - id: org_member - run: | - status="true" - gh api \ - -H "Accept: application/vnd.github+json" \ - /orgs/${{ github.repository_owner }}/members/${{ github.actor }} || status="false" - - echo "result=${status}" >> $GITHUB_OUTPUT - - - name: Label autoupdate - if: >- - steps.org_member.outputs.result == 'true' && - contains(github.event.pull_request.labels.*.name, 'autoupdate') == false && - contains(github.event.pull_request.body, - fromJSON('"\n- [x] I want maintainers to keep my branch updated"')) == true - uses: actions/github-script@v6 - with: - github-token: ${{ secrets.GH_BOT_TOKEN }} - script: | - github.rest.issues.addLabels({ - issue_number: context.issue.number, - owner: context.repo.owner, - repo: context.repo.repo, - labels: ['autoupdate'] - }) - - - name: Unlabel autoupdate - if: >- - contains(github.event.pull_request.labels.*.name, 'autoupdate') && - ( - (github.event.action == 'synchronize' && steps.org_member.outputs.result == 'false') || - (contains(github.event.pull_request.body, - fromJSON('"\n- [x] I want maintainers to keep my branch updated"')) == false - ) - ) - uses: actions/github-script@v6 - with: - github-token: ${{ secrets.GH_BOT_TOKEN }} - script: | - github.rest.issues.removeLabel({ - issue_number: context.issue.number, - owner: context.repo.owner, - repo: context.repo.repo, - name: ['autoupdate'] - }) diff --git a/.github/workflows/autoupdate.yml b/.github/workflows/autoupdate.yml deleted file mode 100644 index 83f4e16..0000000 --- a/.github/workflows/autoupdate.yml +++ /dev/null @@ -1,51 +0,0 @@ ---- -# This action is centrally managed in https://github.com//.github/ -# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in -# the above-mentioned repo. - -# This workflow is designed to work with the following workflows: -# - automerge -# - autoupdate-labeler - -# It uses an action that auto-updates pull requests branches, when changes are pushed to their destination branch. -# Auto-updating to the latest destination branch works only in the context of upstream repo and not forks. -# Dependabot PRs are updated by an action that comments `@depdenabot rebase` on dependabot PRs. (disabled) - -name: autoupdate - -on: - push: - branches: - - 'nightly' - -jobs: - autoupdate: - name: Autoupdate autoapproved PR created in the upstream - if: startsWith(github.repository, 'LizardByte/') - runs-on: ubuntu-latest - steps: - - name: Update - uses: docker://chinthakagodawita/autoupdate-action:v1 - env: - EXCLUDED_LABELS: "central_dependency,dependencies" - GITHUB_TOKEN: '${{ secrets.GH_BOT_TOKEN }}' - PR_FILTER: "labelled" - PR_LABELS: "autoupdate" - PR_READY_STATE: "all" - MERGE_CONFLICT_ACTION: "fail" - -# Disabled due to: -# - no major version tag, resulting in constant nagging to update this action -# - additionally, the code is sketchy, 16k+ lines of code? -# https://github.com/bbeesley/gha-auto-dependabot-rebase/blob/main/dist/main.cjs -# -# dependabot-rebase: -# name: Dependabot Rebase -# if: >- -# startsWith(github.repository, 'LizardByte/') -# runs-on: ubuntu-latest -# steps: -# - name: rebase -# uses: "bbeesley/gha-auto-dependabot-rebase@v1.3.18" -# env: -# GITHUB_TOKEN: ${{ secrets.GH_BOT_TOKEN }} diff --git a/.github/workflows/pull-requests.yml b/.github/workflows/pull-requests.yml deleted file mode 100644 index 5824387..0000000 --- a/.github/workflows/pull-requests.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- -# This action is centrally managed in https://github.com//.github/ -# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in -# the above-mentioned repo. - -# Ensure PRs are made against `nightly` branch. - -name: Pull Requests - -on: - pull_request_target: - types: [opened, synchronize, edited, reopened] - -# no concurrency for pull_request_target events - -jobs: - check-pull-request: - name: Check Pull Request - if: startsWith(github.repository, 'LizardByte/') - runs-on: ubuntu-latest - steps: - - uses: Vankka/pr-target-branch-action@v2 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - target: master - exclude: nightly # Don't prevent going from nightly -> master - change-to: nightly - comment: | - Your PR was set to `master`, PRs should be sent to `nightly`. - The base branch of this PR has been automatically changed to `nightly`. - Please check that there are no merge conflicts From 86b6734d35c197479d24a090bd4ac3c7fe26082b Mon Sep 17 00:00:00 2001 From: LizardByte-bot <108553330+LizardByte-bot@users.noreply.github.com> Date: Thu, 5 Oct 2023 11:38:11 -0400 Subject: [PATCH 5/9] ci: update global workflows (#197) --- .github/dependabot.yml | 6 -- .github/workflows/auto-create-pr.yml | 2 +- .github/workflows/ci-docker.yml | 30 ++++-- .github/workflows/ci-qodana.yml | 6 +- .github/workflows/codeql.yml | 137 +++++++++++++++++++++++++++ .github/workflows/issues-stale.yml | 12 ++- .github/workflows/python-flake8.yml | 2 +- .github/workflows/yaml-lint.yml | 2 +- 8 files changed, 170 insertions(+), 27 deletions(-) create mode 100644 .github/workflows/codeql.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 88c8339..6eb0cda 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -10,7 +10,6 @@ updates: schedule: interval: "daily" time: "08:00" - target-branch: "nightly" open-pull-requests-limit: 10 - package-ecosystem: "github-actions" @@ -18,7 +17,6 @@ updates: schedule: interval: "daily" time: "08:30" - target-branch: "nightly" open-pull-requests-limit: 10 - package-ecosystem: "npm" @@ -26,7 +24,6 @@ updates: schedule: interval: "daily" time: "09:00" - target-branch: "nightly" open-pull-requests-limit: 10 - package-ecosystem: "nuget" @@ -34,7 +31,6 @@ updates: schedule: interval: "daily" time: "09:30" - target-branch: "nightly" open-pull-requests-limit: 10 - package-ecosystem: "pip" @@ -42,7 +38,6 @@ updates: schedule: interval: "daily" time: "10:00" - target-branch: "nightly" open-pull-requests-limit: 10 - package-ecosystem: "gitsubmodule" @@ -50,5 +45,4 @@ updates: schedule: interval: "daily" time: "10:30" - target-branch: "nightly" open-pull-requests-limit: 10 diff --git a/.github/workflows/auto-create-pr.yml b/.github/workflows/auto-create-pr.yml index 811747c..13705dd 100644 --- a/.github/workflows/auto-create-pr.yml +++ b/.github/workflows/auto-create-pr.yml @@ -20,7 +20,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Create Pull Request uses: repo-sync/pull-request@v2 diff --git a/.github/workflows/ci-docker.yml b/.github/workflows/ci-docker.yml index 1082c94..edeeb2b 100644 --- a/.github/workflows/ci-docker.yml +++ b/.github/workflows/ci-docker.yml @@ -38,7 +38,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Find dockerfiles id: find @@ -86,7 +86,7 @@ jobs: steps: - name: Checkout if: ${{ github.ref == 'refs/heads/master' || github.base_ref == 'master' }} - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Verify Changelog id: verify_changelog @@ -162,7 +162,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Hadolint id: hadolint @@ -192,8 +192,18 @@ jobs: name: Docker${{ matrix.tag }} steps: + - name: Maximize build space + uses: easimon/maximize-build-space@v8 + with: + root-reserve-mb: 30720 # https://github.com/easimon/maximize-build-space#caveats + remove-dotnet: 'true' + remove-android: 'true' + remove-haskell: 'true' + remove-codeql: 'true' + remove-docker-images: 'true' + - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: submodules: recursive @@ -299,10 +309,10 @@ jobs: echo "tags=${TAGS}" >> $GITHUB_OUTPUT - name: Set Up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 id: buildx - name: Cache Docker Layers @@ -315,14 +325,14 @@ jobs: - name: Log in to Docker Hub if: ${{ steps.prepare.outputs.push == 'true' }} # PRs do not have access to secrets - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - name: Log in to the Container registry if: ${{ steps.prepare.outputs.push == 'true' }} # PRs do not have access to secrets - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ secrets.GH_BOT_NAME }} @@ -331,7 +341,7 @@ jobs: - name: Build artifacts if: ${{ steps.prepare.outputs.artifacts == 'true' }} id: build_artifacts - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: ./ file: ${{ matrix.dockerfile }} @@ -353,7 +363,7 @@ jobs: - name: Build and push id: build - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: ./ file: ${{ matrix.dockerfile }} diff --git a/.github/workflows/ci-qodana.yml b/.github/workflows/ci-qodana.yml index 91feb59..efc5634 100644 --- a/.github/workflows/ci-qodana.yml +++ b/.github/workflows/ci-qodana.yml @@ -25,7 +25,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Prepare id: prepare @@ -165,7 +165,7 @@ jobs: continue-on-error: true steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: submodules: recursive @@ -214,7 +214,7 @@ jobs: - name: Qodana id: qodana continue-on-error: true # ensure dispatch-qodana job is run - uses: JetBrains/qodana-action@v2022.3.4 + uses: JetBrains/qodana-action@v2023.2.6 with: additional-cache-hash: ${{ github.ref }}-${{ matrix.language }} artifact-name: qodana-${{ matrix.language }} # yamllint disable-line rule:line-length diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000..bedd996 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,137 @@ +--- +# This action is centrally managed in https://github.com//.github/ +# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in +# the above-mentioned repo. + +# This workflow will analyze all supported languages in the repository using CodeQL Analysis. + +name: "CodeQL" + +on: + push: + branches: ["master", "nightly"] + pull_request: + branches: ["master", "nightly"] + schedule: + - cron: '00 12 * * 0' # every Sunday at 12:00 UTC + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +jobs: + languages: + name: Get language matrix + runs-on: ubuntu-latest + outputs: + matrix: ${{ steps.lang.outputs.result }} + continue: ${{ steps.continue.outputs.result }} + steps: + - name: Get repo languages + uses: actions/github-script@v6 + id: lang + with: + script: | + // CodeQL supports ['cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby', 'swift'] + // Use only 'java' to analyze code written in Java, Kotlin or both + // Use only 'javascript' to analyze code written in JavaScript, TypeScript or both + // Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support + const supported_languages = ['cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby', 'swift'] + + const remap_languages = { + 'c++': 'cpp', + 'c#': 'csharp', + 'kotlin': 'java', + 'typescript': 'javascript', + } + + const repo = context.repo + const response = await github.rest.repos.listLanguages(repo) + let matrix = { + "include": [] + } + + for (let [key, value] of Object.entries(response.data)) { + // remap language + if (remap_languages[key.toLowerCase()]) { + console.log(`Remapping language: ${key} to ${remap_languages[key.toLowerCase()]}`) + key = remap_languages[key.toLowerCase()] + } + if (supported_languages.includes(key.toLowerCase()) && + !matrix['include'].includes({"language": key.toLowerCase()})) { + console.log(`Found supported language: ${key}`) + matrix['include'].push({"language": key.toLowerCase()}) + } + } + + // print languages + console.log(`matrix: ${JSON.stringify(matrix)}`) + + return matrix + + - name: Continue + uses: actions/github-script@v6 + id: continue + with: + script: | + // if matrix['include'] is an empty list return false, otherwise true + const matrix = ${{ steps.lang.outputs.result }} // this is already json encoded + + if (matrix['include'].length == 0) { + return false + } else { + return true + } + + analyze: + name: Analyze + if: ${{ needs.languages.outputs.continue == 'true' }} + needs: [languages] + runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} + timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }} + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: ${{ fromJson(needs.languages.outputs.matrix) }} + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + submodules: recursive + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + + # yamllint disable-line rule:line-length + # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs + # queries: security-extended,security-and-quality + + # Pre autobuild + # create a file named .codeql-prebuild-${{ matrix.language }}.sh in the root of your repository + - name: Prebuild + run: | + # check if .qodeql-prebuild-${{ matrix.language }}.sh exists + if [ -f "./.codeql-prebuild-${{ matrix.language }}.sh" ]; then + echo "Running .codeql-prebuild-${{ matrix.language }}.sh" + ./.codeql-prebuild-${{ matrix.language }}.sh + fi + + # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift). + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 + with: + category: "/language:${{matrix.language}}" diff --git a/.github/workflows/issues-stale.yml b/.github/workflows/issues-stale.yml index c168034..3ba3886 100644 --- a/.github/workflows/issues-stale.yml +++ b/.github/workflows/issues-stale.yml @@ -31,12 +31,15 @@ jobs: exempt-pr-labels: 'dependencies,l10n' stale-issue-label: 'stale' stale-issue-message: > - This issue is stale because it has been open for 90 days with no activity. - Comment or remove the stale label, otherwise this will be closed in 10 days. + :wave: @{issue-author}, It seems this issue hasn't had any activity in the past 90 days. + If it's still something you'd like addressed, please let us know by leaving a comment. + Otherwise, to help keep our backlog tidy, we'll be closing this issue in 10 days. Thanks! stale-pr-label: 'stale' stale-pr-message: > - This PR is stale because it has been open for 90 days with no activity. - Comment or remove the stale label, otherwise this will be closed in 10 days. + :wave: @{issue-author}, It looks like this PR has been idle for 90 days. + If it's still something you're working on or would like to pursue, + please leave a comment or update your branch. + Otherwise, we'll be closing this PR in 10 days to reduce our backlog. Thanks! repo-token: ${{ secrets.GH_BOT_TOKEN }} - name: Invalid Template @@ -48,7 +51,6 @@ jobs: This PR was closed because the the template was not completed after 5 days. days-before-stale: 0 days-before-close: 5 - exempt-pr-labels: 'dependencies,l10n' only-labels: 'invalid:template-incomplete' stale-issue-label: 'invalid:template-incomplete' stale-issue-message: > diff --git a/.github/workflows/python-flake8.yml b/.github/workflows/python-flake8.yml index 19bcdb9..4b0d308 100644 --- a/.github/workflows/python-flake8.yml +++ b/.github/workflows/python-flake8.yml @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set up Python uses: actions/setup-python@v4 # https://github.com/actions/setup-python diff --git a/.github/workflows/yaml-lint.yml b/.github/workflows/yaml-lint.yml index 6327d5d..7e1fd46 100644 --- a/.github/workflows/yaml-lint.yml +++ b/.github/workflows/yaml-lint.yml @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Find additional files id: find-files From 725bfc8f6ecfeb4622c713bb58254b0c7ac6b6e4 Mon Sep 17 00:00:00 2001 From: LizardByte-bot <108553330+LizardByte-bot@users.noreply.github.com> Date: Mon, 9 Oct 2023 19:14:58 -0400 Subject: [PATCH 6/9] ci: update global workflows (#199) --- .github/workflows/issues-stale.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/issues-stale.yml b/.github/workflows/issues-stale.yml index 3ba3886..aecc824 100644 --- a/.github/workflows/issues-stale.yml +++ b/.github/workflows/issues-stale.yml @@ -31,12 +31,12 @@ jobs: exempt-pr-labels: 'dependencies,l10n' stale-issue-label: 'stale' stale-issue-message: > - :wave: @{issue-author}, It seems this issue hasn't had any activity in the past 90 days. + It seems this issue hasn't had any activity in the past 90 days. If it's still something you'd like addressed, please let us know by leaving a comment. Otherwise, to help keep our backlog tidy, we'll be closing this issue in 10 days. Thanks! stale-pr-label: 'stale' stale-pr-message: > - :wave: @{issue-author}, It looks like this PR has been idle for 90 days. + It looks like this PR has been idle for 90 days. If it's still something you're working on or would like to pursue, please leave a comment or update your branch. Otherwise, we'll be closing this PR in 10 days to reduce our backlog. Thanks! From f87415dd0b1315dd1a18a9a982c58051e5e34750 Mon Sep 17 00:00:00 2001 From: LizardByte-bot <108553330+LizardByte-bot@users.noreply.github.com> Date: Mon, 9 Oct 2023 21:07:26 -0400 Subject: [PATCH 7/9] ci: update global workflows (#201) --- .github/workflows/codeql.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index bedd996..7310915 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -99,6 +99,16 @@ jobs: matrix: ${{ fromJson(needs.languages.outputs.matrix) }} steps: + - name: Maximize build space + uses: easimon/maximize-build-space@v8 + with: + root-reserve-mb: 20480 + remove-dotnet: 'true' + remove-android: 'true' + remove-haskell: 'true' + remove-codeql: 'false' + remove-docker-images: 'true' + - name: Checkout repository uses: actions/checkout@v4 with: From ce8ea686ac1d95404f2ebd29ae2f9ff78e849fa5 Mon Sep 17 00:00:00 2001 From: LizardByte-bot <108553330+LizardByte-bot@users.noreply.github.com> Date: Thu, 12 Oct 2023 10:17:13 -0400 Subject: [PATCH 8/9] ci: update global workflows (#202) --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 7310915..95349bb 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -103,7 +103,7 @@ jobs: uses: easimon/maximize-build-space@v8 with: root-reserve-mb: 20480 - remove-dotnet: 'true' + remove-dotnet: ${{ (matrix.language == 'csharp' && 'false') || 'true' }} remove-android: 'true' remove-haskell: 'true' remove-codeql: 'false' From dd18ef302fa764d59dfd26b3a6da3623ce46c5f4 Mon Sep 17 00:00:00 2001 From: LizardByte-bot <108553330+LizardByte-bot@users.noreply.github.com> Date: Sun, 22 Oct 2023 15:50:12 -0400 Subject: [PATCH 9/9] ci: update global docker (#203) --- .github/workflows/ci-docker.yml | 140 +++++++++++--------------------- 1 file changed, 46 insertions(+), 94 deletions(-) diff --git a/.github/workflows/ci-docker.yml b/.github/workflows/ci-docker.yml index edeeb2b..c8f0286 100644 --- a/.github/workflows/ci-docker.yml +++ b/.github/workflows/ci-docker.yml @@ -78,78 +78,37 @@ jobs: dockerfiles: ${{ steps.find.outputs.dockerfiles }} matrix: ${{ steps.find.outputs.matrix }} - check_changelog: - name: Check Changelog - needs: [check_dockerfiles] + setup_release: if: ${{ needs.check_dockerfiles.outputs.dockerfiles }} + name: Setup Release + needs: + - check_dockerfiles + outputs: + changelog_changes: ${{ steps.setup_release.outputs.changelog_changes }} + changelog_date: ${{ steps.setup_release.outputs.changelog_date }} + changelog_exists: ${{ steps.setup_release.outputs.changelog_exists }} + changelog_release_exists: ${{ steps.setup_release.outputs.changelog_release_exists }} + changelog_url: ${{ steps.setup_release.outputs.changelog_url }} + changelog_version: ${{ steps.setup_release.outputs.changelog_version }} + publish_pre_release: ${{ steps.setup_release.outputs.publish_pre_release }} + publish_release: ${{ steps.setup_release.outputs.publish_release }} + publish_stable_release: ${{ steps.setup_release.outputs.publish_stable_release }} + release_body: ${{ steps.setup_release.outputs.release_body }} + release_build: ${{ steps.setup_release.outputs.release_build }} + release_commit: ${{ steps.setup_release.outputs.release_commit }} + release_generate_release_notes: ${{ steps.setup_release.outputs.release_generate_release_notes }} + release_tag: ${{ steps.setup_release.outputs.release_tag }} + release_version: ${{ steps.setup_release.outputs.release_version }} runs-on: ubuntu-latest steps: - name: Checkout - if: ${{ github.ref == 'refs/heads/master' || github.base_ref == 'master' }} uses: actions/checkout@v4 - - name: Verify Changelog - id: verify_changelog - if: ${{ github.ref == 'refs/heads/master' || github.base_ref == 'master' }} - # base_ref for pull request check, ref for push - uses: LizardByte/.github/actions/verify_changelog@master + - name: Setup Release + id: setup_release + uses: LizardByte/setup-release-action@v2023.10.22-858d72b with: - token: ${{ secrets.GITHUB_TOKEN }} - outputs: - next_version: ${{ steps.verify_changelog.outputs.changelog_parser_version }} - next_version_bare: ${{ steps.verify_changelog.outputs.changelog_parser_version_bare }} - last_version: ${{ steps.verify_changelog.outputs.latest_release_tag_name }} - release_body: ${{ steps.verify_changelog.outputs.changelog_parser_description }} - - setup_release: - name: Setup Release - needs: check_changelog - runs-on: ubuntu-latest - steps: - - name: Set release details - id: release_details - env: - RELEASE_BODY: ${{ needs.check_changelog.outputs.release_body }} - run: | - # determine to create a release or not - if [[ $GITHUB_EVENT_NAME == "push" ]]; then - RELEASE=true - else - RELEASE=false - fi - - # set the release tag - COMMIT=${{ github.sha }} - if [[ $GITHUB_REF == refs/heads/master ]]; then - TAG="${{ needs.check_changelog.outputs.next_version }}" - RELEASE_NAME="${{ needs.check_changelog.outputs.next_version }}" - RELEASE_BODY="$RELEASE_BODY" - PRE_RELEASE="false" - elif [[ $GITHUB_REF == refs/heads/nightly ]]; then - TAG="nightly-dev" - RELEASE_NAME="nightly" - RELEASE_BODY="automated nightly release - $(date -u +'%Y-%m-%dT%H:%M:%SZ') - ${COMMIT}" - PRE_RELEASE="true" - fi - - echo "create_release=${RELEASE}" >> $GITHUB_OUTPUT - echo "release_tag=${TAG}" >> $GITHUB_OUTPUT - echo "release_commit=${COMMIT}" >> $GITHUB_OUTPUT - echo "release_name=${RELEASE_NAME}" >> $GITHUB_OUTPUT - echo "pre_release=${PRE_RELEASE}" >> $GITHUB_OUTPUT - - # this is stupid but works for multiline strings - echo "RELEASE_BODY<> $GITHUB_ENV - echo "$RELEASE_BODY" >> $GITHUB_ENV - echo "EOF" >> $GITHUB_ENV - - outputs: - create_release: ${{ steps.release_details.outputs.create_release }} - release_tag: ${{ steps.release_details.outputs.release_tag }} - release_commit: ${{ steps.release_details.outputs.release_commit }} - release_name: ${{ steps.release_details.outputs.release_name }} - release_body: ${{ env.RELEASE_BODY }} - pre_release: ${{ steps.release_details.outputs.pre_release }} + github_token: ${{ secrets.GITHUB_TOKEN }} lint_dockerfile: needs: [check_dockerfiles] @@ -180,7 +139,7 @@ jobs: cat "./hadolint.log" >> $GITHUB_STEP_SUMMARY docker: - needs: [check_dockerfiles, check_changelog, setup_release] + needs: [check_dockerfiles, setup_release] if: ${{ needs.check_dockerfiles.outputs.dockerfiles }} runs-on: ubuntu-latest permissions: @@ -210,24 +169,20 @@ jobs: - name: Prepare id: prepare env: - NV: ${{ needs.check_changelog.outputs.next_version }} + NV: ${{ needs.setup_release.outputs.release_tag }} run: | # get branch name BRANCH=${GITHUB_HEAD_REF} - RELEASE=false + RELEASE=${{ needs.setup_release.outputs.publish_release }} + COMMIT=${{ needs.setup_release.outputs.release_commit }} if [ -z "$BRANCH" ]; then echo "This is a PUSH event" BRANCH=${{ github.ref_name }} - COMMIT=${{ github.sha }} CLONE_URL=${{ github.event.repository.clone_url }} - if [[ $BRANCH == "master" ]]; then - RELEASE=true - fi else echo "This is a PULL REQUEST event" - COMMIT=${{ github.event.pull_request.head.sha }} CLONE_URL=${{ github.event.pull_request.head.repo.clone_url }} fi @@ -260,7 +215,7 @@ jobs: # parse custom directives out of dockerfile # try to get the platforms from the dockerfile custom directive, i.e. `# platforms: xxx,yyy` # directives for PR event, i.e. not push event - if [[ ${PUSH} == "false" ]]; then + if [[ ${RELEASE} == "false" ]]; then while read -r line; do if [[ $line == "# platforms_pr: "* && $PLATFORMS == "" ]]; then # echo the line and use `sed` to remove the custom directive @@ -299,13 +254,10 @@ jobs: echo "branch=${BRANCH}" >> $GITHUB_OUTPUT echo "build_date=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_OUTPUT - echo "commit=${COMMIT}" >> $GITHUB_OUTPUT echo "clone_url=${CLONE_URL}" >> $GITHUB_OUTPUT - echo "release=${RELEASE}" >> $GITHUB_OUTPUT echo "artifacts=${ARTIFACTS}" >> $GITHUB_OUTPUT echo "no_cache_filters=${NO_CACHE_FILTERS}" >> $GITHUB_OUTPUT echo "platforms=${PLATFORMS}" >> $GITHUB_OUTPUT - echo "push=${PUSH}" >> $GITHUB_OUTPUT echo "tags=${TAGS}" >> $GITHUB_OUTPUT - name: Set Up QEMU @@ -324,14 +276,14 @@ jobs: Docker-buildx${{ matrix.tag }}- - name: Log in to Docker Hub - if: ${{ steps.prepare.outputs.push == 'true' }} # PRs do not have access to secrets + if: ${{ needs.setup_release.outputs.publish_release == 'true' }} # PRs do not have access to secrets uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - name: Log in to the Container registry - if: ${{ steps.prepare.outputs.push == 'true' }} # PRs do not have access to secrets + if: ${{ needs.setup_release.outputs.publish_release == 'true' }} # PRs do not have access to secrets uses: docker/login-action@v3 with: registry: ghcr.io @@ -352,10 +304,10 @@ jobs: build-args: | BRANCH=${{ steps.prepare.outputs.branch }} BUILD_DATE=${{ steps.prepare.outputs.build_date }} - BUILD_VERSION=${{ needs.check_changelog.outputs.next_version }} - COMMIT=${{ steps.prepare.outputs.commit }} + BUILD_VERSION=${{ needs.setup_release.outputs.release_tag }} + COMMIT=${{ needs.setup_release.outputs.release_commit }} CLONE_URL=${{ steps.prepare.outputs.clone_url }} - RELEASE=${{ steps.prepare.outputs.release }} + RELEASE=${{ needs.setup_release.outputs.publish_release }} tags: ${{ steps.prepare.outputs.tags }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache @@ -367,15 +319,15 @@ jobs: with: context: ./ file: ${{ matrix.dockerfile }} - push: ${{ steps.prepare.outputs.push }} + push: ${{ needs.setup_release.outputs.publish_release }} platforms: ${{ steps.prepare.outputs.platforms }} build-args: | BRANCH=${{ steps.prepare.outputs.branch }} BUILD_DATE=${{ steps.prepare.outputs.build_date }} - BUILD_VERSION=${{ needs.check_changelog.outputs.next_version }} - COMMIT=${{ steps.prepare.outputs.commit }} + BUILD_VERSION=${{ needs.setup_release.outputs.release_tag }} + COMMIT=${{ needs.setup_release.outputs.release_commit }} CLONE_URL=${{ steps.prepare.outputs.clone_url }} - RELEASE=${{ steps.prepare.outputs.release }} + RELEASE=${{ needs.setup_release.outputs.publish_release }} tags: ${{ steps.prepare.outputs.tags }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache @@ -401,18 +353,18 @@ jobs: path: artifacts/ - name: Create/Update GitHub Release - if: ${{ needs.setup_release.outputs.create_release == 'true' && steps.prepare.outputs.artifacts == 'true' }} - uses: ncipollo/release-action@v1 + if: ${{ needs.setup_release.outputs.publish_release == 'true' && steps.prepare.outputs.artifacts == 'true' }} + uses: LizardByte/create-release-action@v2023.10.22-57d76be with: - name: ${{ needs.setup_release.outputs.release_name }} - tag: ${{ needs.setup_release.outputs.release_tag }} - commit: ${{ needs.setup_release.outputs.release_commit }} - artifacts: "*artifacts/*" - token: ${{ secrets.GH_BOT_TOKEN }} allowUpdates: true + artifacts: "*artifacts/*" body: ${{ needs.setup_release.outputs.release_body }} discussionCategory: announcements - prerelease: ${{ needs.setup_release.outputs.pre_release }} + generateReleaseNotes: ${{ needs.setup_release.outputs.release_generate_release_notes }} + name: ${{ needs.setup_release.outputs.release_tag }} + prerelease: ${{ needs.setup_release.outputs.publish_pre_release }} + tag: ${{ needs.setup_release.outputs.release_tag }} + token: ${{ secrets.GH_BOT_TOKEN }} - name: Update Docker Hub Description if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' }}