centersl/nextcloud-docs
1
0
Fork 0
mirror of https://github.com/nextcloud/documentation.git synced 2026-03-26 13:28:45 +07:00
Code Issues Packages Projects Releases Wiki Activity

ci(actions): Pin CI actions

Browse Source 
Signed-off-by: Joas Schilling <coding@schilljs.com>
This commit is contained in:
Joas Schilling
2026-01-28 11:58:56 +01:00
parent 08e80b6d52
commit 7f74fc3a7d
9 changed files with 155 additions and 93 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
.github/workflows/block-merge-eol.yml vendored
View File

@@ -27,14 +27,23 @@ jobs:
steps: steps:
- name: Set server major version environment - name: Set server major version environment
run: | uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
# retrieve version number from branch reference with:
server_major=$(echo "${{ github.base_ref }}" | sed -En 's/stable//p') github-token: ${{secrets.GITHUB_TOKEN}}
echo "server_major=$server_major" >> $GITHUB_ENV script: |
echo "current_month=$(date +%Y-%m)" >> $GITHUB_ENV const regex = /^stable(\d+)$/
const baseRef = context.payload.pull_request.base.ref
const match = baseRef.match(regex)
if (match) {
console.log('Setting server_major to ' + match[1]);
core.exportVariable('server_major', match[1]);
console.log('Setting current_day to ' + (new Date()).toISOString().substr(0, 10));
core.exportVariable('current_day', (new Date()).toISOString().substr(0, 10));
}
- name: Checking if ${{ env.server_major }} is EOL - name: Checking if server ${{ env.server_major }} is EOL
if: ${{ env.server_major != '' }}
run: | run: |
curl -s https://raw.githubusercontent.com/nextcloud-releases/updater_server/production/config/major_versions.json \ curl -s https://raw.githubusercontent.com/nextcloud-releases/updater_server/production/config/major_versions.json \
| jq '.["${{ env.server_major }}"]["eol"] // "9999-99" | . >= "${{ env.current_month }}"' \ | jq '.["${{ env.server_major }}"]["eol"] // "9999-99-99" | . >= "${{ env.current_day }}"' \
| grep -q true | grep -q true

24
.github/workflows/block-merge-freeze.yml vendored
View File

@@ -29,11 +29,29 @@ jobs:
steps: steps:
- name: Register server reference to fallback to master branch - name: Register server reference to fallback to master branch
run: | uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
server_ref="$(if [ '${{ github.base_ref }}' = 'main' ]; then echo -n 'master'; else echo -n '${{ github.base_ref }}'; fi)" with:
echo "server_ref=$server_ref" >> $GITHUB_ENV github-token: ${{secrets.GITHUB_TOKEN}}
script: |
const baseRef = context.payload.pull_request.base.ref
if (baseRef === 'main' || baseRef === 'master') {
core.exportVariable('server_ref', 'master');
console.log('Setting server_ref to master');
} else {
const regex = /^stable(\d+)$/
const match = baseRef.match(regex)
if (match) {
core.exportVariable('server_ref', match[0]);
console.log('Setting server_ref to ' + match[0]);
} else {
console.log('Not based on master/main/stable*, so skipping freeze check');
}
}
- name: Download version.php from ${{ env.server_ref }} - name: Download version.php from ${{ env.server_ref }}
if: ${{ env.server_ref != '' }}
run: curl 'https://raw.githubusercontent.com/nextcloud/server/${{ env.server_ref }}/version.php' --output version.php run: curl 'https://raw.githubusercontent.com/nextcloud/server/${{ env.server_ref }}/version.php' --output version.php
- name: Run check - name: Run check
if: ${{ env.server_ref != '' }}
run: cat version.php | grep 'OC_VersionString' | grep -i -v 'RC' run: cat version.php | grep 'OC_VersionString' | grep -i -v 'RC'

8
.github/workflows/check-occ-command.yml vendored
View File

@@ -5,12 +5,18 @@ on:
paths: paths:
- '**.rst' - '**.rst'
permissions:
contents: read
jobs: jobs:
check-occ-command: check-occ-command:
name: Check occ command syntax name: Check occ command syntax
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v5 - name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Run script - name: Run script
run: | run: |

7
.github/workflows/codespell.yml vendored
View File

@@ -6,17 +6,20 @@ on:
branches: branches:
- master - master
permissions:
contents: read
jobs: jobs:
codespell: codespell:
name: Check spelling name: Check spelling
runs-on: self-hosted runs-on: self-hosted
steps: steps:
- name: Check out code - name: Check out code
uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 # v4.2.2 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with: with:
persist-credentials: false persist-credentials: false
- name: Check spelling - name: Check spelling
uses: codespell-project/actions-codespell@406322ec52dd7b488e48c1c4b82e2a8b3a1bf630 # v2.1 uses: codespell-project/actions-codespell@8f01853be192eb0f849a5c7d721450e7a467c579 # v2.2
with: with:
skip: '**.svg,**.js' skip: '**.svg,**.js'

5
.github/workflows/generate_catalog_templates.yml vendored
View File

@@ -8,12 +8,15 @@ on:
- 'user_manual/**' - 'user_manual/**'
- '!user_manual/locale/**' - '!user_manual/locale/**'
permissions:
contents: read
jobs: jobs:
user_manual: user_manual:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 # v4.2.2 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with: with:
persist-credentials: false persist-credentials: false

4
.github/workflows/openapi.yml vendored
View File

@@ -15,9 +15,9 @@ jobs:
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 # v4.2.2 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with: with:
submodules: true persist-credentials: false
- name: Set up php - name: Set up php
uses: shivammathur/setup-php@20529878ed81ef8e78ddf08b480401e6101a850f # v2 uses: shivammathur/setup-php@20529878ed81ef8e78ddf08b480401e6101a850f # v2

8
.github/workflows/pr-feedback.yml vendored
View File

@@ -15,6 +15,10 @@ on:
schedule: schedule:
- cron: '30 1 * * *' - cron: '30 1 * * *'
permissions:
contents: read
pull-requests: write
jobs: jobs:
pr-feedback: pr-feedback:
if: ${{ github.repository_owner == 'nextcloud' }} if: ${{ github.repository_owner == 'nextcloud' }}
@@ -32,7 +36,7 @@ jobs:
blocklist=$(curl https://raw.githubusercontent.com/nextcloud/.github/master/non-community-usernames.txt | paste -s -d, -) blocklist=$(curl https://raw.githubusercontent.com/nextcloud/.github/master/non-community-usernames.txt | paste -s -d, -)
echo "blocklist=$blocklist" >> "$GITHUB_OUTPUT" echo "blocklist=$blocklist" >> "$GITHUB_OUTPUT"
- uses: marcelklehr/pr-feedback-action@1883b38a033fb16f576875e0cf45f98b857655c4 - uses: nextcloud/pr-feedback-action@f0cab224dea8e1f282f9451de322f323c78fc7a5 # main
with: with:
feedback-message: | feedback-message: |
Hello there, Hello there,
@@ -46,6 +50,6 @@ jobs:
(If you believe you should not receive this message, you can add yourself to the [blocklist](https://github.com/nextcloud/.github/blob/master/non-community-usernames.txt).) (If you believe you should not receive this message, you can add yourself to the [blocklist](https://github.com/nextcloud/.github/blob/master/non-community-usernames.txt).)
days-before-feedback: 14 days-before-feedback: 14
start-date: '2024-04-30' start-date: '2025-06-12'
exempt-authors: '${{ steps.blocklist.outputs.blocklist }},${{ steps.scrape.outputs.users }}' exempt-authors: '${{ steps.blocklist.outputs.blocklist }},${{ steps.scrape.outputs.users }}'
exempt-bots: true exempt-bots: true

136
.github/workflows/sphinxbuild.yml vendored
View File

@@ -7,79 +7,95 @@ on:
- master - master
- stable* - stable*
permissions:
contents: read
jobs: jobs:
user_manual: user_manual:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 - name: Checkout
- uses: actions/setup-python@v5 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with: with:
python-version: '3.10' persist-credentials: false
cache: 'pip'
- name: Install pip dependencies - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0
run: pip install -r requirements.txt with:
- name: Build using Makefile python-version: '3.10'
run: cd user_manual && make html cache: 'pip'
- name: Pack the results in local tar file - name: Install pip dependencies
shell: bash run: pip install -r requirements.txt
run: tar czf /tmp/documentation.tar.gz -C user_manual/_build/html . - name: Build using Makefile
- name: Upload static documentation run: cd user_manual && make html
uses: actions/upload-artifact@v4.6.2 - name: Pack the results in local tar file
with: shell: bash
name: User manual.zip run: tar czf /tmp/documentation.tar.gz -C user_manual/_build/html .
path: "/tmp/documentation.tar.gz" - name: Upload static documentation
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
with:
name: User manual.zip
path: "/tmp/documentation.tar.gz"
user_manual-en: user_manual-en:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 - name: Checkout
- uses: actions/setup-python@v5 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with: with:
python-version: '3.10' persist-credentials: false
cache: 'pip' - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0
- name: Install pip dependencies with:
run: pip install -r requirements.txt python-version: '3.10'
- name: Build using Makefile cache: 'pip'
run: cd user_manual && make html-lang-en - name: Install pip dependencies
run: pip install -r requirements.txt
- name: Build using Makefile
run: cd user_manual && make html-lang-en
developer_manual: developer_manual:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 - name: Checkout
- uses: actions/setup-python@v5 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with: with:
python-version: '3.10' persist-credentials: false
cache: 'pip' - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0
- name: Install pip dependencies with:
run: pip install -r requirements.txt python-version: '3.10'
- name: Build using Makefile cache: 'pip'
run: cd developer_manual && make html - name: Install pip dependencies
- name: Pack the results in local tar file run: pip install -r requirements.txt
shell: bash - name: Build using Makefile
run: tar czf /tmp/documentation.tar.gz -C developer_manual/_build/html/com . run: cd developer_manual && make html
- name: Upload static documentation - name: Pack the results in local tar file
uses: actions/upload-artifact@v4.6.2 shell: bash
with: run: tar czf /tmp/documentation.tar.gz -C developer_manual/_build/html/com .
name: Developer manual.zip - name: Upload static documentation
path: "/tmp/documentation.tar.gz" uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
with:
name: Developer manual.zip
path: "/tmp/documentation.tar.gz"
admin_manual: admin_manual:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 - name: Checkout
- uses: actions/setup-python@v5 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with: with:
python-version: '3.10' persist-credentials: false
cache: 'pip' - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0
- name: Install pip dependencies with:
run: pip install -r requirements.txt python-version: '3.10'
- name: Build using Makefile cache: 'pip'
run: cd admin_manual && make html - name: Install pip dependencies
- name: Pack the results in local tar file run: pip install -r requirements.txt
shell: bash - name: Build using Makefile
run: tar czf /tmp/documentation.tar.gz -C admin_manual/_build/html/com . run: cd admin_manual && make html
- name: Upload static documentation - name: Pack the results in local tar file
uses: actions/upload-artifact@v4.6.2 shell: bash
with: run: tar czf /tmp/documentation.tar.gz -C admin_manual/_build/html/com .
name: Administration manual.zip - name: Upload static documentation
path: "/tmp/documentation.tar.gz" uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
with:
name: Administration manual.zip
path: "/tmp/documentation.tar.gz"

33
.github/workflows/transifex.yml vendored
View File

@@ -2,25 +2,28 @@ name: AutoMerge Transifex Pull Requests
on: on:
pull_request: pull_request:
permissions:
contents: read
jobs: jobs:
approve: approve:
runs-on: ubuntu-latest if: github.event.pull_request.user.login == 'transifex-integration[bot]'
runs-on: ubuntu-latest-low
permissions:
# for hmarr/auto-approve-action to approve PRs
pull-requests: write
# for alexwilson/enable-github-automerge-action to approve PRs
contents: write
name: Approve name: Approve
steps: steps:
- uses: hmarr/auto-approve-action@v4.0.0 - uses: hmarr/auto-approve-action@f0939ea97e9205ef24d872e76833fa908a770363 # v4.0.0
if: github.actor == 'transifex-integration[bot]'
with: with:
github-token: "${{ secrets.GITHUB_TOKEN }}" github-token: "${{ secrets.GITHUB_TOKEN }}"
automerge: # Enable GitHub auto merge
runs-on: ubuntu-latest - name: Auto merge
name: Auto-merge uses: alexwilson/enable-github-automerge-action@56e3117d1ae1540309dc8f7a9f2825bc3c5f06ff # v2.0.0
needs: approve if: startsWith(steps.branchname.outputs.branch, 'translations_')
steps: with:
- uses: pascalgn/automerge-action@v0.16.4 github-token: ${{ secrets.GITHUB_TOKEN }}
if: github.actor == 'transifex-integration[bot]'
env:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
MERGE_LABELS: ""
MERGE_RETRIES: 10
MERGE_RETRY_SLEEP: 120000