mirror/Sunshine
3
0
Fork 0
mirror of https://github.com/LizardByte/Sunshine.git synced 2025-10-29 19:36:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore: update global workflows (#3907)

Browse Source
This commit is contained in:
LizardByte-bot 2025-06-12 20:42:08 -04:00 committed by GitHub
parent 7017b8e88c
commit a212a542a0
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
22 changed files with 280 additions and 1653 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.flake8
View File

@ -3,4 +3,5 @@ filename =
*.py
max-line-length = 120
extend-exclude =
.venv/
venv/

49
.github/label-actions.yml vendored
View File

@ -1,49 +0,0 @@
---
# This file is centrally managed in https://github.com/<organization>/.github/
# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in
# the above-mentioned repo.
# Configuration for Label Actions - https://github.com/dessant/label-actions
added:
comment: >
This feature has been added and will be available in the next release.
fixed:
comment: >
This issue has been fixed and will be available in the next release.
invalid:duplicate:
comment: >
:wave: @{issue-author}, this appears to be a duplicate of a pre-existing issue.
close: true
lock: true
unlabel: 'status:awaiting-triage'
-invalid:duplicate:
reopen: true
unlock: true
invalid:support:
comment: >
:wave: @{issue-author}, we use the issue tracker exclusively for bug reports.
However, this issue appears to be a support request. Please use our
[Support Center](https://app.lizardbyte.dev/support) for support issues. Thanks.
close: true
lock: true
lock-reason: 'off-topic'
unlabel: 'status:awaiting-triage'
-invalid:support:
reopen: true
unlock: true
invalid:template-incomplete:
issues:
comment: >
:wave: @{issue-author}, please edit your issue to complete the template with
all the required info. Your issue will be automatically closed in 5 days if
the template is not completed. Thanks.
prs:
comment: >
:wave: @{issue-author}, please edit your PR to complete the template with
all the required info. Your PR will be automatically closed in 5 days if
the template is not completed. Thanks.

1
.github/semantic.yml vendored
View File

@ -12,3 +12,4 @@ titleAndCommits: false
anyCommit: false
allowMergeCommits: false
allowRevertCommits: false
targetUrl: https://docs.lizardbyte.dev/latest/developers/contributing.html#creating-a-pull-request

30
.github/workflows/_codeql.yml vendored Normal file
View File

@ -0,0 +1,30 @@
---
# This workflow is centrally managed in https://github.com/LizardByte/.github/
# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in
# the above-mentioned repo.
name: CodeQL
permissions:
actions: read
contents: read
security-events: write
on:
push:
branches:
- master
pull_request:
branches:
- master
schedule:
- cron: '00 12 * * 0' # every Sunday at 12:00 UTC
concurrency:
group: "${{ github.workflow }}-${{ github.ref }}"
cancel-in-progress: true
jobs:
call-codeql:
name: CodeQL
uses: LizardByte/.github/.github/workflows/__call-codeql.yml@master
if: ${{ github.repository != 'LizardByte/.github' }}

27
.github/workflows/_common-lint.yml vendored Normal file
View File

@ -0,0 +1,27 @@
---
# This workflow is centrally managed in https://github.com/LizardByte/.github/
# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in
# the above-mentioned repo.
name: common lint
permissions:
contents: read
on:
pull_request:
branches:
- master
types:
- opened
- synchronize
- reopened
concurrency:
group: "${{ github.workflow }}-${{ github.ref }}"
cancel-in-progress: true
jobs:
lint:
name: Common Lint
uses: LizardByte/.github/.github/workflows/__call-common-lint.yml@master
if: ${{ github.repository != 'LizardByte/.github' }}

39
.github/workflows/_docker.yml vendored Normal file
View File

@ -0,0 +1,39 @@
---
# This workflow is centrally managed in https://github.com/LizardByte/.github/
# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in
# the above-mentioned repo.
name: Docker
permissions:
contents: write
packages: write
on:
pull_request:
branches:
- master
types:
- opened
- synchronize
- reopened
push:
branches:
- master
workflow_dispatch:
concurrency:
group: "${{ github.workflow }}-${{ github.ref }}"
cancel-in-progress: true
jobs:
call-docker:
name: Docker
uses: LizardByte/.github/.github/workflows/__call-docker.yml@master
if: ${{ github.repository != 'LizardByte/.github' }}
secrets:
DOCKER_HUB_USERNAME: ${{ secrets.DOCKER_HUB_USERNAME }}
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
DOCKER_HUB_ACCESS_TOKEN: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
GH_BOT_NAME: ${{ secrets.GH_BOT_NAME }}
GH_BOT_TOKEN: ${{ secrets.GH_BOT_TOKEN }}
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

23
.github/workflows/_release-notifier.yml vendored Normal file
View File

@ -0,0 +1,23 @@
---
# This workflow is centrally managed in https://github.com/LizardByte/.github/
# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in
# the above-mentioned repo.
# Create a blog post for a new release and open a PR to the blog repo
name: Release Notifications
permissions:
contents: read
on:
release:
types:
- released # this triggers when a release is published, but does not include pre-releases or drafts
jobs:
update-blog:
name: Update blog
uses: LizardByte/.github/.github/workflows/__call-release-notifier.yml@master
if: github.repository_owner == 'LizardByte'
secrets:
GH_TOKEN: ${{ secrets.GH_BOT_TOKEN }}

20
.github/workflows/update-changelog.yml → .github/workflows/_update-changelog.yml vendored
View File

@ -1,10 +1,8 @@
---
# This workflow is centrally managed in https://github.com/<organization>/.github/
# This workflow is centrally managed in https://github.com/LizardByte/.github/
# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in
# the above-mentioned repo.
# Update changelog on release events.
name: Update changelog
permissions:
contents: read
@ -24,14 +22,10 @@ concurrency:
jobs:
update-changelog:
name: Update Changelog
uses: LizardByte/.github/.github/workflows/__call-update-changelog.yml@master
if: >-
github.event_name == 'workflow_dispatch' ||
(!github.event.release.prerelease && !github.event.release.draft)
runs-on: ubuntu-latest
steps:
- name: Update Changelog
uses: LizardByte/update-changelog-action@v2025.426.173858
with:
changelogBranch: changelog
changelogFile: CHANGELOG.md
token: ${{ secrets.GH_BOT_TOKEN }}
github.repository_owner == 'LizardByte' &&
(github.event_name == 'workflow_dispatch' ||
(!github.event.release.prerelease && !github.event.release.draft))
secrets:
GH_TOKEN: ${{ secrets.GH_BOT_TOKEN }}

34
.github/workflows/_update-docs.yml vendored Normal file
View File

@ -0,0 +1,34 @@
---
# This workflow is centrally managed in https://github.com/LizardByte/.github/
# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in
# the above-mentioned repo.
# To use, add the `rtd` repository label to identify repositories that should trigger this workflow.
# If the project slug is not the repository name, add a repository variable named `READTHEDOCS_SLUG` with the value of
# the ReadTheDocs project slug.
# Update readthedocs on release events.
name: Update docs
permissions: {}
on:
release:
types:
- created
- edited
- deleted
concurrency:
group: "${{ github.workflow }}-${{ github.event.release.tag_name }}"
cancel-in-progress: true
jobs:
update-docs:
name: Update docs
uses: LizardByte/.github/.github/workflows/__call-update-docs.yml@master
if: github.repository_owner == 'LizardByte'
with:
readthedocs_slug: ${{ vars.READTHEDOCS_SLUG }}
secrets:
READTHEDOCS_TOKEN: ${{ secrets.READTHEDOCS_TOKEN }}

29
.github/workflows/_update-flathub-repo.yml vendored Normal file
View File

@ -0,0 +1,29 @@
---
# This workflow is centrally managed in https://github.com/LizardByte/.github/
# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in
# the above-mentioned repo.
# To use, add the `flathub-pkg` repository label to identify repositories that should trigger this workflow.
# Update Flathub on release events.
name: Update Flathub repo
permissions:
contents: read
on:
release:
types:
- released
concurrency:
group: "${{ github.workflow }}-${{ github.event.release.tag_name }}"
cancel-in-progress: true
jobs:
update-flathub-repo:
name: Update Flathub Repo
uses: LizardByte/.github/.github/workflows/__call-update-flathub-repo.yml@master
if: github.repository_owner == 'LizardByte'
secrets:
GH_TOKEN: ${{ secrets.GH_BOT_TOKEN }}

31
.github/workflows/_update-homebrew-repo.yml vendored Normal file
View File

@ -0,0 +1,31 @@
---
# This workflow is centrally managed in https://github.com/LizardByte/.github/
# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in
# the above-mentioned repo.
# To use, add the `homebrew-pkg` repository label to identify repositories that should trigger this workflow.
# Update Homebrew on release events.
name: Update Homebrew repo
permissions:
contents: read
on:
release:
types:
- released
concurrency:
group: "${{ github.workflow }}-${{ github.event.release.tag_name }}"
cancel-in-progress: true
jobs:
update-homebrew-repo:
name: Update Homebrew repo
uses: LizardByte/.github/.github/workflows/__call-update-homebrew-repo.yml@master
if: github.repository_owner == 'LizardByte'
secrets:
GH_EMAIL: ${{ secrets.GH_BOT_EMAIL }}
GH_USERNAME: ${{ secrets.GH_BOT_NAME }}
GH_TOKEN: ${{ secrets.GH_BOT_TOKEN }}

29
.github/workflows/_update-pacman-repo.yml vendored Normal file
View File

@ -0,0 +1,29 @@
---
# This workflow is centrally managed in https://github.com/LizardByte/.github/
# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in
# the above-mentioned repo.
# To use, add the `pacman-pkg` repository label to identify repositories that should trigger this workflow.
# Update pacman repo on release events.
name: Update pacman repo
permissions:
contents: read
on:
release:
types:
- released
concurrency:
group: "${{ github.workflow }}-${{ github.event.release.tag_name }}"
cancel-in-progress: true
jobs:
update-homebrew-release:
name: Update pacman repo
uses: LizardByte/.github/.github/workflows/__call-update-pacman-repo.yml@master
if: github.repository_owner == 'LizardByte'
secrets:
GH_TOKEN: ${{ secrets.GH_BOT_TOKEN }}

29
.github/workflows/_update-winget-repo.yml vendored Normal file
View File

@ -0,0 +1,29 @@
---
# This workflow is centrally managed in https://github.com/LizardByte/.github/
# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in
# the above-mentioned repo.
# To use, add the `winget-pkg` repository label to identify repositories that should trigger this workflow.
# Update Winget on release events.
name: Update Winget repo
permissions:
contents: read
on:
release:
types:
- released
concurrency:
group: "${{ github.workflow }}-${{ github.event.release.tag_name }}"
cancel-in-progress: true
jobs:
update-winget-repo:
name: Update Winget repo
uses: LizardByte/.github/.github/workflows/__call-update-winget-repo.yml@master
if: github.repository_owner == 'LizardByte'
secrets:
GH_TOKEN: ${{ secrets.GH_BOT_TOKEN }}

380
.github/workflows/ci-docker.yml vendored
View File

@ -1,380 +0,0 @@
---
# This workflow is centrally managed in https://github.com/<organization>/.github/
# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in
# the above-mentioned repo.
# This workflow is intended to work with all our organization Docker projects. A readme named `DOCKER_README.md`
# will be used to update the description on Docker hub.
# custom comments in dockerfiles:
# `# platforms: `
# Comma separated list of platforms, i.e. `# platforms: linux/386,linux/amd64`. Docker platforms can alternatively
# be listed in a file named `.docker_platforms`.
# `# platforms_pr: `
# Comma separated list of platforms to run for PR events, i.e. `# platforms_pr: linux/amd64`. This will take
# precedence over the `# platforms: ` directive.
# `# artifacts: `
# `true` to build in two steps, stopping at `artifacts` build stage and extracting the image from there to the
# GitHub runner.
name: CI Docker
permissions:
contents: read
on:
pull_request:
branches:
- master
types:
- opened
- synchronize
- reopened
push:
branches:
- master
workflow_dispatch:
concurrency:
group: "${{ github.workflow }}-${{ github.ref }}"
cancel-in-progress: true
jobs:
check_dockerfiles:
name: Check Dockerfiles
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Find dockerfiles
id: find
run: |
dockerfiles=$(find . -type f -iname "Dockerfile" -o -iname "*.dockerfile")
echo "found dockerfiles: ${dockerfiles}"
# do not quote to keep this as a single line
echo dockerfiles=${dockerfiles} >> $GITHUB_OUTPUT
MATRIX_COMBINATIONS=""
for FILE in ${dockerfiles}; do
# extract tag from file name
tag=$(echo $FILE | sed -r -z -e 's/(\.\/)*.*\/(Dockerfile)/None/gm')
if [[ $tag == "None" ]]; then
MATRIX_COMBINATIONS="$MATRIX_COMBINATIONS {\"dockerfile\": \"$FILE\"},"
else
tag=$(echo $FILE | sed -r -z -e 's/(\.\/)*.*\/(.+)(\.dockerfile)/-\2/gm')
MATRIX_COMBINATIONS="$MATRIX_COMBINATIONS {\"dockerfile\": \"$FILE\", \"tag\": \"$tag\"},"
fi
done
# removes the last character (i.e. comma)
MATRIX_COMBINATIONS=${MATRIX_COMBINATIONS::-1}
# setup matrix for later jobs
matrix=$((
echo "{ \"include\": [$MATRIX_COMBINATIONS] }"
) | jq -c .)
echo $matrix
echo $matrix | jq .
echo "matrix=$matrix" >> $GITHUB_OUTPUT
- name: Find dotnet solution file
id: find_dotnet
run: |
solution=$(find . -maxdepth 1 -type f -iname "*.sln")
echo "found solution: ${solution}"
# do not quote to keep this as a single line
echo solution=${solution} >> $GITHUB_OUTPUT
if [[ $solution != "" ]]; then
echo "dotnet=true" >> $GITHUB_OUTPUT
else
echo "dotnet=false" >> $GITHUB_OUTPUT
fi
outputs:
dockerfiles: ${{ steps.find.outputs.dockerfiles }}
matrix: ${{ steps.find.outputs.matrix }}
dotnet: ${{ steps.find_dotnet.outputs.dotnet }}
solution: ${{ steps.find_dotnet.outputs.solution }}
setup_release:
name: Setup Release
if: needs.check_dockerfiles.outputs.dockerfiles
needs: check_dockerfiles
outputs:
publish_release: ${{ steps.setup_release.outputs.publish_release }}
release_body: ${{ steps.setup_release.outputs.release_body }}
release_commit: ${{ steps.setup_release.outputs.release_commit }}
release_generate_release_notes: ${{ steps.setup_release.outputs.release_generate_release_notes }}
release_tag: ${{ steps.setup_release.outputs.release_tag }}
release_version: ${{ steps.setup_release.outputs.release_version }}
permissions:
contents: write # read does not work to check squash and merge details
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Release
id: setup_release
uses: LizardByte/setup-release-action@v2025.426.225
with:
dotnet: ${{ needs.check_dockerfiles.outputs.dotnet }}
github_token: ${{ secrets.GITHUB_TOKEN }}
docker:
name: Docker${{ matrix.tag }}
if: needs.check_dockerfiles.outputs.dockerfiles
needs:
- check_dockerfiles
- setup_release
permissions:
packages: write
contents: write
runs-on: ubuntu-22.04
strategy:
fail-fast: false
matrix: ${{ fromJson(needs.check_dockerfiles.outputs.matrix) }}
steps:
- name: Maximize build space
uses: easimon/maximize-build-space@v10
with:
root-reserve-mb: 30720 # https://github.com/easimon/maximize-build-space#caveats
remove-dotnet: 'true'
remove-android: 'true'
remove-haskell: 'true'
remove-codeql: 'true'
remove-docker-images: 'true'
- name: Checkout
uses: actions/checkout@v4
with:
submodules: recursive
- name: Prepare
id: prepare
env:
NV: ${{ needs.setup_release.outputs.release_tag }}
run: |
# get branch name
BRANCH=${GITHUB_HEAD_REF}
RELEASE=${{ needs.setup_release.outputs.publish_release }}
COMMIT=${{ needs.setup_release.outputs.release_commit }}
if [ -z "$BRANCH" ]; then
echo "This is a PUSH event"
BRANCH=${{ github.ref_name }}
CLONE_URL=${{ github.event.repository.clone_url }}
else
echo "This is a PULL REQUEST event"
CLONE_URL=${{ github.event.pull_request.head.repo.clone_url }}
fi
# determine to push image to dockerhub and ghcr or not
if [[ $GITHUB_EVENT_NAME == "push" ]]; then
PUSH=true
else
PUSH=false
fi
# setup the tags
REPOSITORY=${{ github.repository }}
BASE_TAG=$(echo $REPOSITORY | tr '[:upper:]' '[:lower:]')
TAGS="${BASE_TAG}:${COMMIT:0:7}${{ matrix.tag }},ghcr.io/${BASE_TAG}:${COMMIT:0:7}${{ matrix.tag }}"
if [[ $GITHUB_REF == refs/heads/master ]]; then
TAGS="${TAGS},${BASE_TAG}:latest${{ matrix.tag }},ghcr.io/${BASE_TAG}:latest${{ matrix.tag }}"
TAGS="${TAGS},${BASE_TAG}:master${{ matrix.tag }},ghcr.io/${BASE_TAG}:master${{ matrix.tag }}"
else
TAGS="${TAGS},${BASE_TAG}:test${{ matrix.tag }},ghcr.io/${BASE_TAG}:test${{ matrix.tag }}"
fi
if [[ ${NV} != "" ]]; then
TAGS="${TAGS},${BASE_TAG}:${NV}${{ matrix.tag }},ghcr.io/${BASE_TAG}:${NV}${{ matrix.tag }}"
fi
# parse custom directives out of dockerfile
# try to get the platforms from the dockerfile custom directive, i.e. `# platforms: xxx,yyy`
# directives for PR event, i.e. not push event
if [[ ${RELEASE} == "false" ]]; then
while read -r line; do
if [[ $line == "# platforms_pr: "* && $PLATFORMS == "" ]]; then
# echo the line and use `sed` to remove the custom directive
PLATFORMS=$(echo -e "$line" | sed 's/# platforms_pr: //')
elif [[ $PLATFORMS != "" ]]; then
# break while loop once all custom "PR" event directives are found
break
fi
done <"${{ matrix.dockerfile }}"
fi
# directives for all events... above directives will not be parsed if they were already found
while read -r line; do
if [[ $line == "# platforms: "* && $PLATFORMS == "" ]]; then
# echo the line and use `sed` to remove the custom directive
PLATFORMS=$(echo -e "$line" | sed 's/# platforms: //')
elif [[ $line == "# artifacts: "* && $ARTIFACTS == "" ]]; then
# echo the line and use `sed` to remove the custom directive
ARTIFACTS=$(echo -e "$line" | sed 's/# artifacts: //')
elif [[ $line == "# no-cache-filters: "* && $NO_CACHE_FILTERS == "" ]]; then
# echo the line and use `sed` to remove the custom directive
NO_CACHE_FILTERS=$(echo -e "$line" | sed 's/# no-cache-filters: //')
elif [[ $PLATFORMS != "" && $ARTIFACTS != "" && $NO_CACHE_FILTERS != "" ]]; then
# break while loop once all custom directives are found
break
fi
done <"${{ matrix.dockerfile }}"
# if PLATFORMS is blank, fall back to the legacy method of reading from the `.docker_platforms` file
if [[ $PLATFORMS == "" ]]; then
# read the platforms from `.docker_platforms`
PLATFORMS=$(<.docker_platforms)
fi
# if PLATFORMS is still blank, fall back to `linux/amd64`
if [[ $PLATFORMS == "" ]]; then
PLATFORMS="linux/amd64"
fi
echo "branch=${BRANCH}" >> $GITHUB_OUTPUT
echo "build_date=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_OUTPUT
echo "clone_url=${CLONE_URL}" >> $GITHUB_OUTPUT
echo "artifacts=${ARTIFACTS}" >> $GITHUB_OUTPUT
echo "no_cache_filters=${NO_CACHE_FILTERS}" >> $GITHUB_OUTPUT
echo "platforms=${PLATFORMS}" >> $GITHUB_OUTPUT
echo "tags=${TAGS}" >> $GITHUB_OUTPUT
- name: Set Up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
id: buildx
- name: Cache Docker Layers
uses: actions/cache@v4
with:
path: /tmp/.buildx-cache
key: Docker-buildx${{ matrix.tag }}-${{ github.sha }}
restore-keys: |
Docker-buildx${{ matrix.tag }}-
- name: Log in to Docker Hub
if: needs.setup_release.outputs.publish_release == 'true' # PRs do not have access to secrets
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
- name: Log in to the Container registry
if: needs.setup_release.outputs.publish_release == 'true' # PRs do not have access to secrets
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ secrets.GH_BOT_NAME }}
password: ${{ secrets.GH_BOT_TOKEN }}
- name: Build artifacts
if: steps.prepare.outputs.artifacts == 'true'
id: build_artifacts
uses: docker/build-push-action@v6
with:
context: ./
file: ${{ matrix.dockerfile }}
target: artifacts
outputs: type=local,dest=artifacts
push: false
platforms: ${{ steps.prepare.outputs.platforms }}
build-args: |
BRANCH=${{ steps.prepare.outputs.branch }}
BUILD_DATE=${{ steps.prepare.outputs.build_date }}
BUILD_VERSION=${{ needs.setup_release.outputs.release_tag }}
COMMIT=${{ needs.setup_release.outputs.release_commit }}
CLONE_URL=${{ steps.prepare.outputs.clone_url }}
RELEASE=${{ needs.setup_release.outputs.publish_release }}
tags: ${{ steps.prepare.outputs.tags }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
no-cache-filters: ${{ steps.prepare.outputs.no_cache_filters }}
- name: Build and push
id: build
uses: docker/build-push-action@v6
with:
context: ./
file: ${{ matrix.dockerfile }}
push: ${{ needs.setup_release.outputs.publish_release }}
platforms: ${{ steps.prepare.outputs.platforms }}
build-args: |
BRANCH=${{ steps.prepare.outputs.branch }}
BUILD_DATE=${{ steps.prepare.outputs.build_date }}
BUILD_VERSION=${{ needs.setup_release.outputs.release_tag }}
COMMIT=${{ needs.setup_release.outputs.release_commit }}
CLONE_URL=${{ steps.prepare.outputs.clone_url }}
RELEASE=${{ needs.setup_release.outputs.publish_release }}
tags: ${{ steps.prepare.outputs.tags }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
no-cache-filters: ${{ steps.prepare.outputs.no_cache_filters }}
- name: Arrange Artifacts
if: steps.prepare.outputs.artifacts == 'true'
working-directory: artifacts
run: |
# debug directory
echo "Current directory: $(pwd)"
echo "Directory contents: $(ls -Ra)"
# artifacts will be in sub directories named after the docker target platform, e.g. `linux_amd64`
# so move files to the artifacts directory
# https://unix.stackexchange.com/a/52816
find \
./ \
-maxdepth 2 \
-mindepth 2 \
-type f \
-not -name 'provenance.json' \
-exec mv -t ./ -n '{}' +
# remove provenance file
rm -f ./provenance.json
- name: Upload Artifacts
if: steps.prepare.outputs.artifacts == 'true'
uses: actions/upload-artifact@v4
with:
name: Docker${{ matrix.tag }}
path: artifacts/
if-no-files-found: error
- name: Create/Update GitHub Release
if: >
needs.setup_release.outputs.publish_release == 'true' &&
steps.prepare.outputs.artifacts == 'true'
uses: LizardByte/create-release-action@v2025.426.1549
with:
allowUpdates: true
artifacts: "*artifacts/*"
body: ${{ needs.setup_release.outputs.release_body }}
generateReleaseNotes: ${{ needs.setup_release.outputs.release_generate_release_notes }}
name: ${{ needs.setup_release.outputs.release_tag }}
prerelease: true
tag: ${{ needs.setup_release.outputs.release_tag }}
token: ${{ secrets.GH_BOT_TOKEN }}
- name: Update Docker Hub Description
if: >
github.event_name == 'push' &&
github.ref == 'refs/heads/master'
uses: peter-evans/dockerhub-description@v4
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_PASSWORD }} # token is not currently supported
repository: ${{ env.BASE_TAG }}
short-description: ${{ github.event.repository.description }}
readme-filepath: ./DOCKER_README.md

237
.github/workflows/codeql.yml vendored
View File

@ -1,237 +0,0 @@
---
# This workflow is centrally managed in https://github.com/<organization>/.github/
# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in
# the above-mentioned repo.
# This workflow will analyze all supported languages in the repository using CodeQL Analysis.
name: "CodeQL"
permissions:
contents: read
on:
push:
branches:
- master
pull_request:
branches:
- master
schedule:
- cron: '00 12 * * 0' # every Sunday at 12:00 UTC
concurrency:
group: "${{ github.workflow }}-${{ github.ref }}"
cancel-in-progress: true
jobs:
languages:
name: Get language matrix
outputs:
matrix: ${{ steps.lang.outputs.result }}
continue: ${{ steps.continue.outputs.result }}
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Get repo languages
id: lang
uses: actions/github-script@v7
with:
script: |
// CodeQL supports the following:
// ['actions', 'c', 'cpp', 'csharp', 'go', 'java', 'javascript', 'kotlin', 'python', 'ruby', 'swift']
// Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
const supported_languages = [
'cpp',
'csharp',
'go',
'java',
'javascript',
'python',
'ruby',
'swift',
]
const remap_languages = {
'c': 'cpp',
'c++': 'cpp',
'c#': 'csharp',
'kotlin': 'java',
'typescript': 'javascript',
}
const repo = context.repo
const response = await github.rest.repos.listLanguages(repo)
let matrix = {
"include": []
}
// Track languages we've already added to avoid duplicates
const addedLanguages = new Set()
// Check if workflow files exist to determine if we should add actions language
const fs = require('fs');
const hasYmlFiles = fs.existsSync('.github/workflows') &&
fs.readdirSync('.github/workflows').some(file => file.endsWith('.yml') || file.endsWith('.yaml'));
// Add actions language if workflow files exist
if (hasYmlFiles) {
console.log('Found GitHub Actions workflow files. Adding actions to the matrix.');
matrix['include'].push({
"category": "/language:actions",
"language": "actions",
"name": "actions",
"os": "ubuntu-latest",
"build-mode": "none",
});
}
for (let [key, value] of Object.entries(response.data)) {
// remap language
if (remap_languages[key.toLowerCase()]) {
console.log(`Remapping language: ${key} to ${remap_languages[key.toLowerCase()]}`)
key = remap_languages[key.toLowerCase()]
}
const normalizedKey = key.toLowerCase()
if (supported_languages.includes(normalizedKey) && !addedLanguages.has(normalizedKey)) {
// Mark this language as added
addedLanguages.add(normalizedKey)
console.log(`Found supported language: ${normalizedKey}`)
let osList = ['ubuntu-latest'];
if (normalizedKey === 'swift') {
osList = ['macos-latest'];
}
for (let os of osList) {
// set name for matrix
let name = osList.length === 1 ? normalizedKey : `${normalizedKey}, ${os}`
// set category for matrix
let category = `/language:${normalizedKey}`
let build_mode = 'none';
// Set build mode based on language
switch (normalizedKey) {
case 'csharp':
build_mode = 'autobuild'
break
case 'go':
build_mode = 'autobuild'
break
case 'java':
build_mode = 'autobuild'
break
default:
build_mode = 'none'
}
// add to matrix
matrix['include'].push({
"category": category,
"language": normalizedKey,
"name": name,
"os": os,
"build-mode": build_mode,
})
}
}
}
// print languages
console.log(`matrix: ${JSON.stringify(matrix)}`)
return matrix
- name: Continue
id: continue
uses: actions/github-script@v7
with:
script: |
// if matrix['include'] is an empty list return false, otherwise true
const matrix = ${{ steps.lang.outputs.result }} // this is already json encoded
if (matrix['include'].length == 0) {
return false
} else {
return true
}
analyze:
name: Analyze (${{ matrix.name }})
if: needs.languages.outputs.continue == 'true'
env:
GITHUB_CODEQL_BUILD: true
needs: languages
permissions:
actions: read
contents: read
security-events: write
runs-on: ${{ matrix.os || 'ubuntu-latest' }}
strategy:
fail-fast: false
matrix: ${{ fromJson(needs.languages.outputs.matrix) }}
timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 60 }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
submodules: recursive
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# yamllint disable-line rule:line-length
# For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
# queries: security-extended,security-and-quality
config: |
paths-ignore:
- build
- node_modules
- third-party
build-mode: ${{ matrix.build-mode || 'none' }}
# Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift).
- name: Autobuild
if: matrix.build-mode == 'autobuild'
uses: github/codeql-action/autobuild@v3
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
category: "${{ matrix.category }}"
output: sarif-results
upload: failure-only
- name: filter-sarif
uses: advanced-security/filter-sarif@v1
with:
input: sarif-results/${{ matrix.language }}.sarif
output: sarif-results/${{ matrix.language }}.sarif
patterns: |
-build/**
-node_modules/**
-third\-party/**
- name: Upload SARIF
uses: github/codeql-action/upload-sarif@v3
with:
category: "${{ matrix.category }}"
sarif_file: sarif-results/${{ matrix.language }}.sarif
- name: Upload loc as a Build Artifact
uses: actions/upload-artifact@v4
with:
name: sarif-results-${{ matrix.language }}-${{ runner.os }}
path: sarif-results
if-no-files-found: error
retention-days: 1

273
.github/workflows/common-lint.yml vendored
View File

@ -1,273 +0,0 @@
---
# This workflow is centrally managed in https://github.com/<organization>/.github/
# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in
# the above-mentioned repo.
# Common linting.
name: common lint
permissions:
contents: read
on:
pull_request:
branches:
- master
types:
- opened
- synchronize
- reopened
concurrency:
group: "${{ github.workflow }}-${{ github.ref }}"
cancel-in-progress: true
jobs:
lint:
name: Common Lint
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.12'
- name: Install dependencies
run: |
python -m pip install --upgrade \
pip \
setuptools \
wheel \
cmakelang \
flake8 \
nb-clean \
nbqa[toolchain]
- name: C++ - find files
id: cpp_files
run: |
# find files
found_files=$(find . -type f \
-iname "*.c" -o \
-iname "*.cpp" -o \
-iname "*.h" -o \
-iname "*.hpp" -o \
-iname "*.m" -o \
-iname "*.mm" \
)
ignore_files=$(find . -type f -iname ".clang-format-ignore")
# Loop through each C++ file
for file in $found_files; do
for ignore_file in $ignore_files; do
ignore_directory=$(dirname "$ignore_file")
# if directory of ignore_file is beginning of file
if [[ "$file" == "$ignore_directory"* ]]; then
echo "ignoring file: ${file}"
found_files="${found_files//${file}/}"
break 1
fi
done
done
# remove empty lines
found_files=$(echo "$found_files" | sed '/^\s*$/d')
echo "found cpp files: ${found_files}"
# do not quote to keep this as a single line
echo found_files=${found_files} >> $GITHUB_OUTPUT
- name: C++ - Clang format lint
if: always() && steps.cpp_files.outputs.found_files
uses: DoozyX/clang-format-lint-action@v0.20
with:
source: ${{ steps.cpp_files.outputs.found_files }}
clangFormatVersion: '20'
extensions: 'c,cpp,h,hpp,m,mm'
style: file
inplace: false
- name: CMake - find files
id: cmake_files
if: always()
run: |
# find files
found_files=$(find . -type f -iname "CMakeLists.txt" -o -iname "*.cmake")
ignore_files=$(find . -type f -iname ".cmake-lint-ignore")
# Loop through each C++ file
for file in $found_files; do
for ignore_file in $ignore_files; do
ignore_directory=$(dirname "$ignore_file")
# if directory of ignore_file is beginning of file
if [[ "$file" == "$ignore_directory"* ]]; then
echo "ignoring file: ${file}"
found_files="${found_files//${file}/}"
break 1
fi
done
done
# remove empty lines
found_files=$(echo "$found_files" | sed '/^\s*$/d')
echo "found cmake files: ${found_files}"
# do not quote to keep this as a single line
echo found_files=${found_files} >> $GITHUB_OUTPUT
- name: CMake - cmake-lint
if: always() && steps.cmake_files.outputs.found_files
run: |
cmake-lint --line-width 120 --tab-size 4 ${{ steps.cmake_files.outputs.found_files }}
- name: Docker - find files
id: dokcer_files
if: always()
run: |
found_files=$(find . -type f -iname "Dockerfile" -o -iname "*.dockerfile")
echo "found_files: ${found_files}"
# do not quote to keep this as a single line
echo found_files=${found_files} >> $GITHUB_OUTPUT
- name: Docker - hadolint
if: always() && steps.dokcer_files.outputs.found_files
run: |
docker pull hadolint/hadolint
# create hadolint config file
cat <<EOF > .hadolint.yaml
---
ignored:
- DL3008
- DL3013
- DL3016
- DL3018
- DL3028
- DL3059
EOF
failed=0
failed_files=""
for file in ${{ steps.dokcer_files.outputs.found_files }}; do
echo "::group::${file}"
docker run --rm -i \
-e "NO_COLOR=0" \
-e "HADOLINT_VERBOSE=1" \
-v $(pwd)/.hadolint.yaml:/.config/hadolint.yaml \
hadolint/hadolint < $file || {
failed=1
failed_files="$failed_files $file"
}
echo "::endgroup::"
done
if [ $failed -ne 0 ]; then
echo "::error:: hadolint failed for the following files: $failed_files"
exit 1
fi
- name: Python - flake8
if: always()
run: |
python -m flake8 \
--color=always \
--verbose
- name: Python - nbqa flake8
if: always()
run: |
python -m nbqa flake8 \
--color=always \
--verbose \
.
- name: Python - nb-clean
if: always()
run: |
output=$(find . -name '*.ipynb' -exec nb-clean check {} \;)
# fail if there are any issues
if [ -n "$output" ]; then
echo "$output"
exit 1
fi
- name: Rust - find Cargo.toml
id: run_cargo
if: always()
run: |
# check if Cargo.toml exists
if [ -f "Cargo.toml" ]; then
echo "found_cargo=true" >> $GITHUB_OUTPUT
else
echo "found_cargo=false" >> $GITHUB_OUTPUT
fi
- name: Rust - setup toolchain
if: always() && steps.run_cargo.outputs.found_cargo == 'true'
uses: dtolnay/rust-toolchain@stable
with:
components: rustfmt
- name: Rust - cargo fmt
if: always() && steps.run_cargo.outputs.found_cargo == 'true'
run: |
cargo fmt -- --check
- name: YAML - find files
id: yaml_files
if: always()
run: |
# space separated list of files
FILES=.clang-format
# empty placeholder
found_files=""
for FILE in ${FILES}; do
if [ -f "$FILE" ]
then
found_files="$found_files $FILE"
fi
done
echo "found_files=${found_files}" >> $GITHUB_OUTPUT
- name: YAML - yamllint
id: yamllint
if: always()
uses: ibiqlik/action-yamllint@v3
with:
# https://yamllint.readthedocs.io/en/stable/configuration.html#default-configuration
config_data: |
extends: default
rules:
comments:
level: error
document-start:
level: error
line-length:
max: 120
new-line-at-end-of-file:
level: error
new-lines:
type: unix
truthy:
# GitHub uses "on" for workflow event triggers
# .clang-format file has options of "Yes" "No" that will be caught by this, so changed to "warning"
allowed-values: ['true', 'false', 'on']
check-keys: true
level: warning
file_or_dir: . ${{ steps.yaml_files.outputs.found_files }}
- name: YAML - log
if: always() && steps.yamllint.outcome == 'failure'
run: cat "${{ steps.yamllint.outputs.logfile }}" >> $GITHUB_STEP_SUMMARY

137
.github/workflows/release-notifier.yml vendored
View File

@ -1,137 +0,0 @@
---
# This workflow is centrally managed in https://github.com/<organization>/.github/
# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in
# the above-mentioned repo.
# Create a blog post for a new release and open a PR to the blog repo
name: Release Notifications
permissions:
contents: read
on:
release:
types:
- released # this triggers when a release is published, but does not include pre-releases or drafts
jobs:
update-blog:
name: Update blog
if: github.repository_owner == 'LizardByte'
runs-on: ubuntu-latest
steps:
- name: Check topics
env:
TOPIC: replicator-release-notifications
id: check-label
uses: actions/github-script@v7
with:
script: |
const topic = process.env.TOPIC;
console.log(`Checking if repo has topic: ${topic}`);
const repoTopics = await github.rest.repos.getAllTopics({
owner: context.repo.owner,
repo: context.repo.repo
});
console.log(`Repo topics: ${repoTopics.data.names}`);
const hasTopic = repoTopics.data.names.includes(topic);
console.log(`Has topic: ${hasTopic}`);
core.setOutput('hasTopic', hasTopic);
- name: Check if latest GitHub release
id: check-release
if: steps.check-label.outputs.hasTopic == 'true'
uses: actions/github-script@v7
with:
script: |
const latestRelease = await github.rest.repos.getLatestRelease({
owner: context.repo.owner,
repo: context.repo.repo
});
core.setOutput('isLatestRelease', latestRelease.data.tag_name === context.payload.release.tag_name);
- name: Checkout blog
if: >-
steps.check-label.outputs.hasTopic == 'true' &&
steps.check-release.outputs.isLatestRelease == 'true'
uses: actions/checkout@v4
with:
repository: "LizardByte/LizardByte.github.io"
- name: Create blog post
if: >-
steps.check-label.outputs.hasTopic == 'true' &&
steps.check-release.outputs.isLatestRelease == 'true'
run: |
# setup variables
tag_name="${{ github.event.release.tag_name }}"
semver="${tag_name#v}"
repo_lower="$(echo "${{ github.event.repository.name }}" | tr '[:upper:]' '[:lower:]')"
# extract year, month, and day
year="${semver%%.*}"
month_day="${semver#*.}"
month_day="${month_day%%.*}"
# ensure month_day is 4 digits
month_day=$(printf "%04d" "$month_day")
# create the filename
file_name="_posts/releases/${repo_lower}/${year}-${month_day:0:2}-${month_day:2:2}-v${semver}.md"
mkdir -p "$(dirname "${file_name}")"
# create jekyll blog post
echo "---" > "${file_name}"
echo "layout: release" >> "${file_name}"
echo "title: ${{ github.event.repository.name }} ${tag_name} Released" >> "${file_name}"
echo "release-tag: ${tag_name}" >> "${file_name}"
echo "gh-repo: ${{ github.repository }}" >> "${file_name}"
echo "gh-badge: [follow, fork, star]" >> "${file_name}"
echo "tags: [release, ${repo_lower}]" >> "${file_name}"
echo "comments: true" >> "${file_name}"
echo "author: LizardByte-bot" >> "${file_name}"
echo "---" >> "${file_name}"
echo "" >> "${file_name}"
release_body=$(cat <<EOF
${{ github.event.release.body }}
EOF
)
echo "${release_body}" >> "${file_name}"
- name: Create/Update Pull Request
id: create-pr
if: >-
steps.check-label.outputs.hasTopic == 'true' &&
steps.check-release.outputs.isLatestRelease == 'true'
uses: peter-evans/create-pull-request@v7
with:
token: ${{ secrets.GH_BOT_TOKEN }}
commit-message: |
chore: Add blog post for ${{ github.event.repository.name }} release ${{ github.event.release.tag_name }}
branch: bot/add-${{ github.event.repository.name }}-${{ github.event.release.tag_name }}
delete-branch: true
title: |
chore: Add blog post for ${{ github.event.repository.name }} release ${{ github.event.release.tag_name }}
body: ${{ github.event.release.body }}
labels:
blog
- name: Automerge PR
env:
GH_TOKEN: ${{ secrets.GH_BOT_TOKEN }}
if: >-
steps.check-label.outputs.hasTopic == 'true' &&
steps.check-release.outputs.isLatestRelease == 'true'
run: |
gh pr merge \
--auto \
--delete-branch \
--repo "LizardByte/LizardByte.github.io" \
--squash \
"${{ steps.create-pr.outputs.pull-request-number }}"

99
.github/workflows/update-docs.yml vendored
View File

@ -1,99 +0,0 @@
---
# This workflow is centrally managed in https://github.com/<organization>/.github/
# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in
# the above-mentioned repo.
# To use, add the `rtd` repository label to identify repositories that should trigger this workflow.
# If the project slug is not the repository name, add a repository variable named `READTHEDOCS_SLUG` with the value of
# the ReadTheDocs project slug.
# Update readthedocs on release events.
name: Update docs
permissions: {}
on:
release:
types:
- created
- edited
- deleted
concurrency:
group: "${{ github.workflow }}-${{ github.event.release.tag_name }}"
cancel-in-progress: true
jobs:
update-docs:
env:
RTD_SLUG: ${{ vars.READTHEDOCS_SLUG }}
RTD_TOKEN: ${{ secrets.READTHEDOCS_TOKEN }}
TAG: ${{ github.event.release.tag_name }}
if: >-
!github.event.release.draft
runs-on: ubuntu-latest
steps:
- name: Get RTD_SLUG
run: |
# if the RTD_SLUG is not set, use the repository name in lowercase
if [ -z "${RTD_SLUG}" ]; then
RTD_SLUG=$(echo "${{ github.event.repository.name }}" | tr '[:upper:]' '[:lower:]')
fi
echo "RTD_SLUG=${RTD_SLUG}" >> $GITHUB_ENV
- name: Deactivate deleted release
if: >-
github.event_name == 'release' &&
github.event.action == 'deleted'
run: |
json_body=$(jq -n \
--arg active "false" \
--arg hidden "false" \
--arg privacy_level "public" \
'{active: $active, hidden: $hidden, privacy_level: $privacy_level}')
curl \
-X PATCH \
-H "Authorization: Token ${RTD_TOKEN}" \
https://readthedocs.org/api/v3/projects/${RTD_SLUG}/versions/${TAG}/ \
-H "Content-Type: application/json" \
-d "$json_body"
- name: Check if edited release is latest GitHub release
id: check
if: >-
github.event_name == 'release' &&
github.event.action == 'edited'
uses: actions/github-script@v7
with:
script: |
const latestRelease = await github.rest.repos.getLatestRelease({
owner: context.repo.owner,
repo: context.repo.repo
});
core.setOutput('isLatestRelease', latestRelease.data.tag_name === context.payload.release.tag_name);
- name: Update RTD project
# changing the default branch in readthedocs makes "latest" point to that branch/tag
# we can also update other properties like description, etc.
if: steps.check.outputs.isLatestRelease == 'true'
run: |
json_body=$(jq -n \
--arg default_branch "${TAG}" \
--arg description "${{ github.event.repository.description }}" \
'{default_branch: $default_branch}')
# change the default branch to the latest release
curl \
-X PATCH \
-H "Authorization: Token ${RTD_TOKEN}" \
-H "Content-Type: application/json" \
https://readthedocs.org/api/v3/projects/${RTD_SLUG}/ \
-d "$json_body"
# trigger a build for the latest version
curl \
-X POST \
-H "Authorization: Token ${RTD_TOKEN}" \
https://readthedocs.org/api/v3/projects/${RTD_SLUG}/versions/latest/builds/

187
.github/workflows/update-flathub-repo.yml vendored
View File

@ -1,187 +0,0 @@
---
# This workflow is centrally managed in https://github.com/<organization>/.github/
# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in
# the above-mentioned repo.
# To use, add the `flathub-pkg` repository label to identify repositories that should trigger this workflow.
# Update Flathub on release events.
name: Update flathub repo
permissions:
contents: read
on:
release:
types:
- released
concurrency:
group: "${{ github.workflow }}-${{ github.event.release.tag_name }}"
cancel-in-progress: true
jobs:
update-flathub-repo:
env:
FLATHUB_PKG: dev.lizardbyte.app.${{ github.event.repository.name }}
if: github.repository_owner == 'LizardByte'
runs-on: ubuntu-latest
steps:
- name: Check if flathub repo
id: check-label
env:
TOPIC: flathub-pkg
uses: actions/github-script@v7
with:
script: |
const topic = process.env.TOPIC;
console.log(`Checking if repo has topic: ${topic}`);
const repoTopics = await github.rest.repos.getAllTopics({
owner: context.repo.owner,
repo: context.repo.repo
});
console.log(`Repo topics: ${repoTopics.data.names}`);
const hasTopic = repoTopics.data.names.includes(topic);
console.log(`Has topic: ${hasTopic}`);
core.setOutput('hasTopic', hasTopic);
- name: Check if latest GitHub release
id: check-release
if: steps.check-label.outputs.hasTopic == 'true'
uses: actions/github-script@v7
with:
script: |
const latestRelease = await github.rest.repos.getLatestRelease({
owner: context.repo.owner,
repo: context.repo.repo
});
core.setOutput('isLatestRelease', latestRelease.data.tag_name === context.payload.release.tag_name);
- name: Checkout
if: >-
steps.check-label.outputs.hasTopic == 'true' &&
steps.check-release.outputs.isLatestRelease == 'true'
uses: actions/checkout@v4
- name: Checkout flathub-repo
if: >-
steps.check-label.outputs.hasTopic == 'true' &&
steps.check-release.outputs.isLatestRelease == 'true'
uses: actions/checkout@v4
with:
repository: "flathub/${{ env.FLATHUB_PKG }}"
path: "flathub/${{ env.FLATHUB_PKG }}"
- name: Clean up legacy files
if: >-
steps.check-label.outputs.hasTopic == 'true' &&
steps.check-release.outputs.isLatestRelease == 'true'
working-directory: flathub/${{ env.FLATHUB_PKG }}
run: |
rm -rf ./*
- name: Copy github files
if: >-
steps.check-label.outputs.hasTopic == 'true' &&
steps.check-release.outputs.isLatestRelease == 'true'
working-directory: flathub/${{ env.FLATHUB_PKG }}
run: |
mkdir -p .github/ISSUE_TEMPLATE
# sponsors
curl -sSL https://github.com/LizardByte/.github/raw/refs/heads/master/.github/FUNDING.yml \
-o .github/FUNDING.yml
# pull request template
curl -sSL https://github.com/LizardByte/.github/raw/refs/heads/master/.github/pull_request_template.md \
-o .github/pull_request_template.md
# issue config
curl -sSL https://github.com/LizardByte/.github/raw/refs/heads/master/.github/ISSUE_TEMPLATE/config.yml \
-o .github/ISSUE_TEMPLATE/config.yml
- name: Download release asset
id: download
if: >-
steps.check-label.outputs.hasTopic == 'true' &&
steps.check-release.outputs.isLatestRelease == 'true'
uses: robinraju/release-downloader@v1.12
with:
repository: "${{ github.repository }}"
tag: "${{ github.event.release.tag_name }}"
fileName: "flathub.tar.gz"
tarBall: false
zipBall: false
out-file-path: "flathub/${{ env.FLATHUB_PKG }}"
extract: true
- name: Delete archive
if: >-
steps.check-label.outputs.hasTopic == 'true' &&
steps.check-release.outputs.isLatestRelease == 'true'
run: |
rm -f flathub/${{ env.FLATHUB_PKG }}/flathub.tar.gz
- name: Update metainfo.xml
id: update_metainfo
if: >-
steps.check-label.outputs.hasTopic == 'true' &&
steps.check-release.outputs.isLatestRelease == 'true'
run: |
xml_file="flathub/${{ env.FLATHUB_PKG }}/${{ env.FLATHUB_PKG }}.metainfo.xml"
# Extract release information
changelog="${{ github.event.release.body }}" && changelog="${changelog//&/&amp;}" && \
changelog="${changelog//</&lt;}" && changelog="${changelog//>/&gt;}"
# Replace changelog placeholder with actual changelog
sed -i "s|<!-- changelog -->|$changelog|g" "$xml_file"
- name: Update submodule
if: >-
steps.check-label.outputs.hasTopic == 'true' &&
steps.check-release.outputs.isLatestRelease == 'true'
run: |
# Get the current commit of the submodule in the main repository
git submodule update --init packaging/linux/flatpak/deps/shared-modules
cd ${{ github.workspace }}/packaging/linux/flatpak/deps/shared-modules
main_commit=$(git rev-parse HEAD)
# update submodules
cd ${{ github.workspace }}/flathub/${{ env.FLATHUB_PKG }}
git submodule update --init shared-modules
cd shared-modules
git checkout $main_commit
- name: Create/Update Pull Request
id: create-pr
if: >-
steps.check-label.outputs.hasTopic == 'true' &&
steps.check-release.outputs.isLatestRelease == 'true' &&
fromJson(steps.download.outputs.downloaded_files)[0]
uses: peter-evans/create-pull-request@v7
with:
path: "flathub/${{ env.FLATHUB_PKG }}"
token: ${{ secrets.GH_BOT_TOKEN }}
commit-message: "chore: Update ${{ env.FLATHUB_PKG }} to ${{ github.event.release.tag_name }}"
branch: bot/bump-${{ env.FLATHUB_PKG }}-${{ github.event.release.tag_name }}
delete-branch: true
title: "chore: Update ${{ env.FLATHUB_PKG }} to ${{ github.event.release.tag_name }}"
body: ${{ github.event.release.body }}
- name: Automerge PR
env:
GH_TOKEN: ${{ secrets.GH_BOT_TOKEN }}
if: >-
steps.check-label.outputs.hasTopic == 'true' &&
steps.check-release.outputs.isLatestRelease == 'true' &&
fromJson(steps.download.outputs.downloaded_files)[0]
run: |
gh pr merge \
--auto \
--delete-branch \
--repo "flathub/${{ env.FLATHUB_PKG }}" \
--squash \
"${{ steps.create-pr.outputs.pull-request-number }}"

73
.github/workflows/update-homebrew-release.yml vendored
View File

@ -1,73 +0,0 @@
---
# This workflow is centrally managed in https://github.com/<organization>/.github/
# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in
# the above-mentioned repo.
# To use, add the `homebrew-pkg` repository label to identify repositories that should trigger this workflow.
# Update Homebrew on release events.
name: Update Homebrew release
permissions:
contents: read
on:
release:
types:
- released
concurrency:
group: "${{ github.workflow }}-${{ github.event.release.tag_name }}"
cancel-in-progress: true
jobs:
update-homebrew-release:
if: github.repository_owner == 'LizardByte'
runs-on: ubuntu-latest
steps:
- name: Check if Homebrew repo
id: check-label
env:
TOPIC: homebrew-pkg
uses: actions/github-script@v7
with:
script: |
const topic = process.env.TOPIC;
console.log(`Checking if repo has topic: ${topic}`);
const repoTopics = await github.rest.repos.getAllTopics({
owner: context.repo.owner,
repo: context.repo.repo
});
console.log(`Repo topics: ${repoTopics.data.names}`);
const hasTopic = repoTopics.data.names.includes(topic);
console.log(`Has topic: ${hasTopic}`);
core.setOutput('hasTopic', hasTopic);
- name: Download release asset
id: download
if: steps.check-label.outputs.hasTopic == 'true'
uses: robinraju/release-downloader@v1.12
with:
repository: "${{ github.repository }}"
tag: "${{ github.event.release.tag_name }}"
fileName: "*.rb"
tarBall: false
zipBall: false
out-file-path: "release_downloads"
extract: false
- name: Publish Homebrew Formula
if: >-
steps.check-label.outputs.hasTopic == 'true' &&
fromJson(steps.download.outputs.downloaded_files)[0]
uses: LizardByte/homebrew-release-action@v2025.506.15440
with:
formula_file: ${{ fromJson(steps.download.outputs.downloaded_files)[0] }}
git_email: ${{ secrets.GH_BOT_EMAIL }}
git_username: ${{ secrets.GH_BOT_NAME }}
publish: true
token: ${{ secrets.GH_BOT_TOKEN }}
validate: false

134
.github/workflows/update-pacman-repo.yml vendored
View File

@ -1,134 +0,0 @@
---
# This workflow is centrally managed in https://github.com/<organization>/.github/
# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in
# the above-mentioned repo.
# To use, add the `pacman-pkg` repository label to identify repositories that should trigger this workflow.
# Update pacman repo on release events.
name: Update pacman repo
permissions:
contents: read
on:
release:
types:
- released
concurrency:
group: "${{ github.workflow }}-${{ github.event.release.tag_name }}"
cancel-in-progress: true
jobs:
update-homebrew-release:
if: github.repository_owner == 'LizardByte'
runs-on: ubuntu-latest
steps:
- name: Check if pacman repo
id: check-label
env:
TOPIC: pacman-pkg
uses: actions/github-script@v7
with:
script: |
const topic = process.env.TOPIC;
console.log(`Checking if repo has topic: ${topic}`);
const repoTopics = await github.rest.repos.getAllTopics({
owner: context.repo.owner,
repo: context.repo.repo
});
console.log(`Repo topics: ${repoTopics.data.names}`);
const hasTopic = repoTopics.data.names.includes(topic);
console.log(`Has topic: ${hasTopic}`);
core.setOutput('hasTopic', hasTopic);
- name: Check if latest GitHub release
id: check-release
if: >-
steps.check-label.outputs.hasTopic == 'true'
uses: actions/github-script@v7
with:
script: |
const latestRelease = await github.rest.repos.getLatestRelease({
owner: context.repo.owner,
repo: context.repo.repo
});
core.setOutput('isLatestRelease', latestRelease.data.tag_name === context.payload.release.tag_name);
- name: Checkout pacman-repo
if: >-
steps.check-label.outputs.hasTopic == 'true' &&
steps.check-release.outputs.isLatestRelease == 'true'
uses: actions/checkout@v4
with:
repository: ${{ github.repository_owner }}/pacman-repo
- name: Prep
id: prep
if: >-
steps.check-label.outputs.hasTopic == 'true' &&
steps.check-release.outputs.isLatestRelease == 'true'
run: |
echo "pkg_name=$(echo ${{ github.event.repository.name }} | tr '[:upper:]' '[:lower:]')" >> $GITHUB_OUTPUT
- name: Download release asset
id: download
if: >-
steps.check-label.outputs.hasTopic == 'true' &&
steps.check-release.outputs.isLatestRelease == 'true'
uses: robinraju/release-downloader@v1.12
with:
repository: "${{ github.repository }}"
tag: "${{ github.event.release.tag_name }}"
fileName: "*.pkg.tar.gz"
tarBall: false
zipBall: false
out-file-path: "pkgbuilds/${{ steps.prep.outputs.pkg_name }}"
extract: true
- name: Remove pkg.tar.gz
if: >-
steps.check-label.outputs.hasTopic == 'true' &&
steps.check-release.outputs.isLatestRelease == 'true' &&
fromJson(steps.download.outputs.downloaded_files)[0]
run: |
rm -f "pkgbuilds/${{ steps.prep.outputs.pkg_name }}"
- name: Create/Update Pull Request
id: create-pr
if: >-
steps.check-label.outputs.hasTopic == 'true' &&
steps.check-release.outputs.isLatestRelease == 'true' &&
fromJson(steps.download.outputs.downloaded_files)[0]
uses: peter-evans/create-pull-request@v7
with:
add-paths: |
pkgbuilds/*
token: ${{ secrets.GH_BOT_TOKEN }}
commit-message: "chore: Update ${{ github.repository }} to ${{ github.event.release.tag_name }}"
branch: bot/bump-${{ github.repository }}-${{ github.event.release.tag_name }}
delete-branch: true
title: "chore: Update ${{ github.repository }} to ${{ github.event.release.tag_name }}"
body: ${{ github.event.release.body }}
labels: |
auto-approve
auto-merge
- name: Automerge PR
env:
GH_TOKEN: ${{ secrets.GH_BOT_TOKEN }}
if: >-
steps.check-label.outputs.hasTopic == 'true' &&
steps.check-release.outputs.isLatestRelease == 'true' &&
fromJson(steps.download.outputs.downloaded_files)[0]
run: |
gh pr merge \
--auto \
--delete-branch \
--squash \
"${{ steps.create-pr.outputs.pull-request-number }}"

71
.github/workflows/update-winget-release.yml vendored
View File

@ -1,71 +0,0 @@
---
# This workflow is centrally managed in https://github.com/<organization>/.github/
# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in
# the above-mentioned repo.
# To use, add the `winget-pkg` repository label to identify repositories that should trigger this workflow.
# Update Winget on release events.
name: Update Winget release
permissions:
contents: read
on:
release:
types:
- released
concurrency:
group: "${{ github.workflow }}-${{ github.event.release.tag_name }}"
cancel-in-progress: true
jobs:
update-winget-release:
if: github.repository_owner == 'LizardByte'
runs-on: ubuntu-latest
steps:
- name: Check if Winget repo
id: check-label
env:
TOPIC: winget-pkg
uses: actions/github-script@v7
with:
script: |
const topic = process.env.TOPIC;
console.log(`Checking if repo has topic: ${topic}`);
const repoTopics = await github.rest.repos.getAllTopics({
owner: context.repo.owner,
repo: context.repo.repo
});
console.log(`Repo topics: ${repoTopics.data.names}`);
const hasTopic = repoTopics.data.names.includes(topic);
console.log(`Has topic: ${hasTopic}`);
core.setOutput('hasTopic', hasTopic);
- name: Download release asset
id: download
if: steps.check-label.outputs.hasTopic == 'true'
uses: robinraju/release-downloader@v1.12
with:
repository: "${{ github.repository }}"
tag: "${{ github.event.release.tag_name }}"
fileName: "*.exe"
tarBall: false
zipBall: false
out-file-path: "release_downloads"
extract: false
- name: Release to WinGet
if: >-
steps.check-label.outputs.hasTopic == 'true' &&
fromJson(steps.download.outputs.downloaded_files)[0]
uses: vedantmgoyal2009/winget-releaser@v2
with:
identifier: "${{ github.repository_owner }}.${{ github.event.repository.name }}"
release-tag: ${{ github.event.release.tag_name }}
installers-regex: '\.exe$'
token: ${{ secrets.GH_BOT_TOKEN }}