From 0b9c867d0a16532e32e232dbe253e3c70d17b4e1 Mon Sep 17 00:00:00 2001 From: LinuxServer-CI Date: Sun, 6 Jul 2025 10:53:09 +0000 Subject: [PATCH] Bot Updating Templated Files --- .github/workflows/call_issue_pr_tracker.yml | 3 +++ .github/workflows/call_issues_cron.yml | 3 +++ .github/workflows/external_trigger.yml | 15 +++++++++------ .github/workflows/external_trigger_scheduler.yml | 3 +++ .github/workflows/greetings.yml | 6 ++++++ .github/workflows/package_trigger_scheduler.yml | 3 +++ 6 files changed, 27 insertions(+), 6 deletions(-) diff --git a/.github/workflows/call_issue_pr_tracker.yml b/.github/workflows/call_issue_pr_tracker.yml index 2c30784..d07cf12 100644 --- a/.github/workflows/call_issue_pr_tracker.yml +++ b/.github/workflows/call_issue_pr_tracker.yml @@ -8,6 +8,9 @@ on: pull_request_review: types: [submitted,edited,dismissed] +permissions: + contents: read + jobs: manage-project: permissions: diff --git a/.github/workflows/call_issues_cron.yml b/.github/workflows/call_issues_cron.yml index b05ea36..eab1822 100644 --- a/.github/workflows/call_issues_cron.yml +++ b/.github/workflows/call_issues_cron.yml @@ -4,6 +4,9 @@ on: - cron: '40 6 * * *' workflow_dispatch: +permissions: + contents: read + jobs: stale: permissions: diff --git a/.github/workflows/external_trigger.yml b/.github/workflows/external_trigger.yml index b7692bb..79e3a2a 100644 --- a/.github/workflows/external_trigger.yml +++ b/.github/workflows/external_trigger.yml @@ -3,6 +3,9 @@ name: External Trigger Main on: workflow_dispatch: +permissions: + contents: read + jobs: external-trigger-main: runs-on: ubuntu-latest @@ -44,8 +47,8 @@ jobs: "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} exit 1 fi - EXT_RELEASE=$(echo ${EXT_RELEASE} | sed 's/[~,%@+;:/]//g') - echo "External version: \`${EXT_RELEASE}\`" >> $GITHUB_STEP_SUMMARY + EXT_RELEASE_SANITIZED=$(echo ${EXT_RELEASE} | sed 's/[~,%@+;:/]//g') + echo "Sanitized external version: \`${EXT_RELEASE_SANITIZED}\`" >> $GITHUB_STEP_SUMMARY echo "Retrieving last pushed version" >> $GITHUB_STEP_SUMMARY image="linuxserver/socket-proxy" tag="latest" @@ -101,8 +104,8 @@ jobs: exit 1 fi echo "Last pushed version: \`${IMAGE_VERSION}\`" >> $GITHUB_STEP_SUMMARY - if [ "${EXT_RELEASE}" == "${IMAGE_VERSION}" ]; then - echo "Version \`${EXT_RELEASE}\` already pushed, exiting" >> $GITHUB_STEP_SUMMARY + if [ "${EXT_RELEASE_SANITIZED}" == "${IMAGE_VERSION}" ]; then + echo "Sanitized version \`${EXT_RELEASE_SANITIZED}\` already pushed, exiting" >> $GITHUB_STEP_SUMMARY exit 0 elif [[ $(curl -sL "http://dl-cdn.alpinelinux.org/alpine/v3.22/main/aarch64/APKINDEX.tar.gz" | tar -xz -C /tmp && awk '/^P:'"haproxy"'$/,/V:/' /tmp/APKINDEX | sed -n 2p | sed 's/^V://') != "${EXT_RELEASE}" ]]; then echo "New version \`${EXT_RELEASE}\` found; but not all arch repos updated yet; exiting" >> $GITHUB_STEP_SUMMARY @@ -124,7 +127,7 @@ jobs: "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} else printf "\n## Trigger new build\n\n" >> $GITHUB_STEP_SUMMARY - echo "New version \`${EXT_RELEASE}\` found; old version was \`${IMAGE_VERSION}\`. Triggering new build" >> $GITHUB_STEP_SUMMARY + echo "New sanitized version \`${EXT_RELEASE_SANITIZED}\` found; old version was \`${IMAGE_VERSION}\`. Triggering new build" >> $GITHUB_STEP_SUMMARY if [[ "${artifacts_found}" == "true" ]]; then echo "All artifacts seem to be uploaded." >> $GITHUB_STEP_SUMMARY fi @@ -144,7 +147,7 @@ jobs: --data-urlencode "description=GHA external trigger https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" \ --data-urlencode "Submit=Submit" echo "**** Notifying Discord ****" - TRIGGER_REASON="A version change was detected for socket-proxy tag latest. Old version:${IMAGE_VERSION} New version:${EXT_RELEASE}" + TRIGGER_REASON="A version change was detected for socket-proxy tag latest. Old version:${IMAGE_VERSION} New version:${EXT_RELEASE_SANITIZED}" curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903, "description": "**Build Triggered** \n**Reason:** '"${TRIGGER_REASON}"' \n**Build URL:** '"${buildurl}display/redirect"' \n"}], "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} diff --git a/.github/workflows/external_trigger_scheduler.yml b/.github/workflows/external_trigger_scheduler.yml index 6a68521..5c79d9d 100644 --- a/.github/workflows/external_trigger_scheduler.yml +++ b/.github/workflows/external_trigger_scheduler.yml @@ -5,6 +5,9 @@ on: - cron: '40 * * * *' workflow_dispatch: +permissions: + contents: read + jobs: external-trigger-scheduler: runs-on: ubuntu-latest diff --git a/.github/workflows/greetings.yml b/.github/workflows/greetings.yml index 001302d..4c2130a 100644 --- a/.github/workflows/greetings.yml +++ b/.github/workflows/greetings.yml @@ -2,8 +2,14 @@ name: Greetings on: [pull_request_target, issues] +permissions: + contents: read + jobs: greeting: + permissions: + issues: write + pull-requests: write runs-on: ubuntu-latest steps: - uses: actions/first-interaction@v1 diff --git a/.github/workflows/package_trigger_scheduler.yml b/.github/workflows/package_trigger_scheduler.yml index 8887715..6e8c801 100644 --- a/.github/workflows/package_trigger_scheduler.yml +++ b/.github/workflows/package_trigger_scheduler.yml @@ -5,6 +5,9 @@ on: - cron: '40 20 * * 1' workflow_dispatch: +permissions: + contents: read + jobs: package-trigger-scheduler: runs-on: ubuntu-latest