upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-05-25 02:34:12 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

Merge pull request #38704 from nextcloud/backport/38486/stable26

Browse source
This commit is contained in:
John Molakvoæ 2023-06-09 08:47:45 +02:00 committed by GitHub
commit 6d80795ee7
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
13 changed files with 139 additions and 56 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
.github/workflows/block-merge-eol.yml vendored
View file

@ -3,10 +3,17 @@
# https://github.com/nextcloud/.github
# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
name: Pull request checks
name: Block merges for EOL
on: pull_request
permissions:
contents: read
concurrency:
group: block-merge-eol-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
block-merges-eol:
name: Block merges for EOL branches
@ -24,7 +31,7 @@ jobs:
# retrieve version number from branch reference
server_major=$(echo "${{ github.base_ref }}" | sed -En 's/stable//p')
echo "server_major=$server_major" >> $GITHUB_ENV
- name: Checking if ${{ env.server_major }} is EOL
run: |
php -r 'echo json_encode(require_once "config.php");' | jq --arg version "${{ env.server_major }}" '.stable[$version]["100"].eol' | grep --silent -i 'false'
php -r 'echo json_encode(require_once "config.php");' | jq --arg version "${{ env.server_major }}" '.stable[$version]["100"].eol // .beta[$version]["100"].eol' | grep --silent -i 'false'

17
.github/workflows/block-merge-freeze.yml vendored
View file

@ -3,13 +3,24 @@
# https://github.com/nextcloud/.github
# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
name: Pull request checks
name: Block merges during freezes
on: pull_request
on:
pull_request:
types: [opened, ready_for_review, reopened, synchronize]
permissions:
contents: read
concurrency:
group: block-merge-freeze-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
block-merges-during-freeze:
name: Block merges during feature freezes
name: Block merges during freezes
if: github.event.pull_request.draft == false
runs-on: ubuntu-latest

30
.github/workflows/command-compile.yml vendored
View file

@ -18,43 +18,43 @@ jobs:
steps:
- name: Check actor permission
uses: skjnldsv/check-actor-permission@v2
uses: skjnldsv/check-actor-permission@e591dbfe838300c007028e1219ca82cc26e8d7c5 # v2
with:
require: write
- name: Add reaction on start
uses: peter-evans/create-or-update-comment@v1
uses: peter-evans/create-or-update-comment@ca08ebd5dc95aa0cd97021e9708fcd6b87138c9b # v3.0.1
with:
token: ${{ secrets.COMMAND_BOT_PAT }}
repository: ${{ github.event.repository.full_name }}
comment-id: ${{ github.event.comment.id }}
reaction-type: "+1"
reactions: "+1"
- name: Parse command
uses: skjnldsv/parse-command-comment@master
uses: skjnldsv/parse-command-comment@7cef1df370a99dfd5bf896d50121390c96785db8 # v2
id: command
# Init path depending on which command is run
- name: Init path
id: git-path
run: |
run: |
if ${{ startsWith(steps.command.outputs.arg1, '/') }}; then
echo "::set-output name=path::${{ github.workspace }}${{steps.command.outputs.arg1}}"
echo "path=${{ github.workspace }}${{steps.command.outputs.arg1}}" >> $GITHUB_OUTPUT
else
echo "::set-output name=path::${{ github.workspace }}${{steps.command.outputs.arg2}}"
echo "path=${{ github.workspace }}${{steps.command.outputs.arg2}}" >> $GITHUB_OUTPUT
fi
- name: Init branch
uses: xt0rted/pull-request-comment-branch@v1
uses: xt0rted/pull-request-comment-branch@d97294d304604fa98a2600a6e2f916a84b596dc7 # v1
id: comment-branch
process:
runs-on: ubuntu-latest
needs: init
steps:
- name: Checkout ${{ needs.init.outputs.head_ref }}
uses: actions/checkout@v3
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
with:
token: ${{ secrets.COMMAND_BOT_PAT }}
fetch-depth: 0
@ -66,14 +66,14 @@ jobs:
git config --local user.name "nextcloud-command"
- name: Read package.json node and npm engines version
uses: skjnldsv/read-package-engines-version-actions@v1
uses: skjnldsv/read-package-engines-version-actions@0ce2ed60f6df073a62a77c0a4958dd0fc68e32e7 # v2.1
id: package-engines-versions
with:
fallbackNode: '^12'
fallbackNpm: '^6'
- name: Set up node ${{ steps.package-engines-versions.outputs.nodeVersion }}
uses: actions/setup-node@v2
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3
with:
node-version: ${{ steps.package-engines-versions.outputs.nodeVersion }}
cache: npm
@ -90,7 +90,7 @@ jobs:
if: ${{ needs.init.outputs.arg1 != 'fixup' && needs.init.outputs.arg1 != 'amend' }}
run: |
git add ${{ needs.init.outputs.git_path }}
git commit --signoff -m 'Compile assets'
git commit --signoff -m 'chore(assets): Recompile assets'
git push origin ${{ needs.init.outputs.head_ref }}
- name: Commit and push fixup
@ -108,10 +108,10 @@ jobs:
git push --force origin ${{ needs.init.outputs.head_ref }}
- name: Add reaction on failure
uses: peter-evans/create-or-update-comment@v1
uses: peter-evans/create-or-update-comment@ca08ebd5dc95aa0cd97021e9708fcd6b87138c9b # v3.0.1
if: failure()
with:
token: ${{ secrets.COMMAND_BOT_PAT }}
repository: ${{ github.event.repository.full_name }}
comment-id: ${{ github.event.comment.id }}
reaction-type: "-1"
reactions: "-1"

12
.github/workflows/command-rebase.yml vendored
View file

@ -9,8 +9,8 @@ on:
issue_comment:
types: created
permissions:
contents: read
permissions:
contents: read
jobs:
rebase:
@ -23,7 +23,7 @@ jobs:
steps:
- name: Add reaction on start
uses: peter-evans/create-or-update-comment@v2
uses: peter-evans/create-or-update-comment@ca08ebd5dc95aa0cd97021e9708fcd6b87138c9b # v3.0.1
with:
token: ${{ secrets.COMMAND_BOT_PAT }}
repository: ${{ github.event.repository.full_name }}
@ -31,18 +31,18 @@ jobs:
reaction-type: "+1"
- name: Checkout the latest code
uses: actions/checkout@v3
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
with:
fetch-depth: 0
token: ${{ secrets.COMMAND_BOT_PAT }}
- name: Automatic Rebase
uses: cirrus-actions/rebase@1.7
uses: cirrus-actions/rebase@b87d48154a87a85666003575337e27b8cd65f691 # 1.8
env:
GITHUB_TOKEN: ${{ secrets.COMMAND_BOT_PAT }}
- name: Add reaction on failure
uses: peter-evans/create-or-update-comment@v2
uses: peter-evans/create-or-update-comment@ca08ebd5dc95aa0cd97021e9708fcd6b87138c9b # v3.0.1
if: failure()
with:
token: ${{ secrets.COMMAND_BOT_PAT }}

15
.github/workflows/dependabot-approve-merge.yml vendored
View file

@ -8,22 +8,33 @@ name: Dependabot
on:
pull_request_target:
branches:
- main
- master
- stable*
permissions:
contents: read
concurrency:
group: dependabot-approve-merge-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
auto-approve-merge:
if: github.actor == 'dependabot[bot]'
runs-on: ubuntu-latest
permissions:
# for hmarr/auto-approve-action to approve PRs
pull-requests: write
steps:
# Github actions bot approve
- uses: hmarr/auto-approve-action@v2
- uses: hmarr/auto-approve-action@b40d6c9ed2fa10c9a2749eca7eb004418a705501 # v2
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
# Nextcloud bot approve and merge request
- uses: ahmadnassri/action-dependabot-auto-merge@v2
- uses: ahmadnassri/action-dependabot-auto-merge@45fc124d949b19b6b8bf6645b6c9d55f4f9ac61a # v2
with:
target: minor
github-token: ${{ secrets.DEPENDABOT_AUTOMERGE_TOKEN }}

19
.github/workflows/fixup.yml vendored
View file

@ -3,18 +3,31 @@
# https://github.com/nextcloud/.github
# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
name: Pull request checks
name: Block fixup and squash commits
on: pull_request
on:
pull_request:
types: [opened, ready_for_review, reopened, synchronize]
permissions:
contents: read
concurrency:
group: fixup-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
commit-message-check:
if: github.event.pull_request.draft == false
permissions:
pull-requests: write
name: Block fixup and squash commits
runs-on: ubuntu-latest
steps:
- name: Run check
uses: xt0rted/block-autosquash-commits-action@v2
uses: skjnldsv/block-fixup-merge-action@42d26e1b536ce61e5cf467d65fb76caf4aa85acf # v1
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}

18
.github/workflows/lint-eslint.yml vendored
View file

@ -2,8 +2,11 @@
#
# https://github.com/nextcloud/.github
# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
#
# Use lint-eslint together with lint-eslint-when-unrelated to make eslint a required check for GitHub actions
# https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/troubleshooting-required-status-checks#handling-skipped-but-required-checks
name: Lint
name: Lint eslint
on:
pull_request:
@ -12,6 +15,13 @@ on:
- master
- stable*
permissions:
contents: read
concurrency:
group: lint-eslint-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
lint:
runs-on: ubuntu-latest
@ -20,17 +30,17 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
- name: Read package.json node and npm engines version
uses: skjnldsv/read-package-engines-version-actions@v1.1
uses: skjnldsv/read-package-engines-version-actions@0ce2ed60f6df073a62a77c0a4958dd0fc68e32e7 # v2.1
id: versions
with:
fallbackNode: '^12'
fallbackNpm: '^6'
- name: Set up node ${{ steps.versions.outputs.nodeVersion }}
uses: actions/setup-node@v2
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3
with:
node-version: ${{ steps.versions.outputs.nodeVersion }}

11
.github/workflows/lint-php-cs.yml vendored
View file

@ -3,7 +3,7 @@
# https://github.com/nextcloud/.github
# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
name: Lint
name: Lint php-cs
on: pull_request
@ -22,13 +22,14 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
- name: Set up php
uses: shivammathur/setup-php@v2
uses: shivammathur/setup-php@c5fc0d8281aba02c7fda07d3a70cc5371548067d # v2
with:
php-version: "8.0"
php-version: 8.0
coverage: none
ini-file: development
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@ -36,4 +37,4 @@ jobs:
run: composer i
- name: Lint
run: composer run cs:check || ( echo "Please run `composer run cs:fix` to format your code" && exit 1 )
run: composer run cs:check || ( echo 'Please run `composer run cs:fix` to format your code' && exit 1 )

7
.github/workflows/lint-php.yml vendored
View file

@ -3,7 +3,7 @@
# https://github.com/nextcloud/.github
# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
name: Lint
name: Lint php
on:
pull_request:
@ -31,13 +31,14 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
- name: Set up php ${{ matrix.php-versions }}
uses: shivammathur/setup-php@1a18b2267f80291a81ca1d33e7c851fe09e7dfc4 # v2
uses: shivammathur/setup-php@c5fc0d8281aba02c7fda07d3a70cc5371548067d # v2
with:
php-version: ${{ matrix.php-versions }}
coverage: none
ini-file: development
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

21
.github/workflows/node.yml vendored
View file

@ -7,6 +7,16 @@ name: Node
on:
pull_request:
paths:
- '.github/workflows/**'
- 'src/**'
- 'apps/**/appinfo/info.xml'
- 'package.json'
- 'package-lock.json'
- 'tsconfig.json'
- '**.js'
- '**.ts'
- '**.vue'
push:
branches:
- main
@ -16,6 +26,10 @@ on:
permissions:
contents: read
concurrency:
group: node-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
build:
runs-on: ubuntu-latest
@ -23,17 +37,17 @@ jobs:
name: node
steps:
- name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
- name: Read package.json node and npm engines version
uses: skjnldsv/read-package-engines-version-actions@v1.2
uses: skjnldsv/read-package-engines-version-actions@0ce2ed60f6df073a62a77c0a4958dd0fc68e32e7 # v2.1
id: versions
with:
fallbackNode: '^12'
fallbackNpm: '^6'
- name: Set up node ${{ steps.versions.outputs.nodeVersion }}
uses: actions/setup-node@v3
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3
with:
node-version: ${{ steps.versions.outputs.nodeVersion }}
@ -55,4 +69,3 @@ jobs:
git status
git --no-pager diff
exit 1 # make it red to grab attention

19
.github/workflows/oci.yml vendored
View file

@ -21,10 +21,25 @@ jobs:
services:
oracle:
image: deepdiver/docker-oracle-xe-11g # 'wnameless/oracle-xe-11g-r2'
image: ghcr.io/gvenzl/oracle-xe:11
# Provide passwords and other environment variables to container
env:
ORACLE_RANDOM_PASSWORD: true
APP_USER: autotest
APP_USER_PASSWORD: owncloud
# Forward Oracle port
ports:
- 1521:1521/tcp
# Provide healthcheck script options for startup
options: >-
--health-cmd healthcheck.sh
--health-interval 10s
--health-timeout 5s
--health-retries 10
steps:
- name: Checkout server
uses: actions/checkout@v3
@ -35,7 +50,7 @@ jobs:
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php-versions }}
extensions: ctype, curl, dom, fileinfo, gd, imagick, intl, json, mbstring, oci8, openssl, pdo_sqlite, posix, sqlite, xml, zip
extensions: ctype, curl, dom, fileinfo, gd, imagick, intl, json, mbstring, oci8, openssl, pcntl, pdo_sqlite, posix, sqlite, xml, zip
tools: phpunit:9
coverage: none
ini-file: development

8
.github/workflows/static-code-analysis.yml vendored
View file

@ -23,7 +23,7 @@ jobs:
uses: shivammathur/setup-php@v2
with:
php-version: '8.0'
extensions: ctype,curl,dom,fileinfo,gd,intl,json,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
extensions: apcu,ctype,curl,dom,fileinfo,ftp,gd,intl,json,ldap,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
coverage: none
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@ -32,7 +32,7 @@ jobs:
run: composer i
- name: Psalm
run: composer run psalm -- --monochrome --no-progress --output-format=github --update-baseline --report=results.sarif
run: composer run psalm:ci -- --monochrome --no-progress --output-format=github --update-baseline --report=results.sarif
- name: Show potential changes in Psalm baseline
if: always()
@ -64,7 +64,7 @@ jobs:
run: composer i
- name: Psalm taint analysis
run: composer run psalm -- --monochrome --no-progress --output-format=github --report=results.sarif --taint-analysis
run: composer run psalm:ci -- --monochrome --no-progress --output-format=github --report=results.sarif --taint-analysis
- name: Upload Security Analysis results to GitHub
if: always()
@ -94,7 +94,7 @@ jobs:
run: composer i
- name: Psalm
run: composer run psalm -- -c psalm-ocp.xml --monochrome --no-progress --output-format=github --update-baseline
run: composer run psalm:ci -- -c psalm-ocp.xml --monochrome --no-progress --output-format=github --update-baseline
- name: Show potential changes in Psalm baseline
if: always()

5
composer.json
View file

@ -47,7 +47,8 @@
"cs:fix": "php-cs-fixer fix",
"cs:check": "php-cs-fixer fix --dry-run --diff",
"lint": "find . -name \\*.php -not -path './lib/composer/*' -not -path './build/stubs/*' -print0 | xargs -0 -n1 php -l",
"psalm": "psalm --threads=1",
"psalm:update-baseline": "psalm --threads=1 --update-baseline"
"psalm": "psalm --threads=$(nproc)",
"psalm:ci": "psalm --threads=1",
"psalm:update-baseline": "psalm --threads=$(nproc) --update-baseline"
}
}