From b24835076cb008bcabf18066a40f6678c2d66480 Mon Sep 17 00:00:00 2001 From: Kaiwalya Joshi Date: Wed, 3 Jan 2024 16:48:49 -0600 Subject: [PATCH 01/12] fix: Disable automated workflows and replace them with manual workflow_dispatch --- .github/workflows/cron-licenses.yml | 5 +++-- .github/workflows/cron-lock.yml | 5 +++-- .github/workflows/cron-translations.yml | 5 +++-- .github/workflows/release-nightly.yml | 6 ++++-- .github/workflows/release-tag-rc.yml | 8 +++++--- .github/workflows/release-tag-version.yml | 12 +++++++----- 6 files changed, 25 insertions(+), 16 deletions(-) diff --git a/.github/workflows/cron-licenses.yml b/.github/workflows/cron-licenses.yml index cd8386ecc521..9c3eaf5b0e54 100644 --- a/.github/workflows/cron-licenses.yml +++ b/.github/workflows/cron-licenses.yml @@ -1,8 +1,9 @@ name: cron-licenses on: - schedule: - - cron: "7 0 * * 1" # every Monday at 00:07 UTC + # Automated releases explicitly disabled for this fork. + # schedule: + # - cron: "7 0 * * 1" # every Monday at 00:07 UTC workflow_dispatch: jobs: diff --git a/.github/workflows/cron-lock.yml b/.github/workflows/cron-lock.yml index 746ec49bc63e..3492cac0a111 100644 --- a/.github/workflows/cron-lock.yml +++ b/.github/workflows/cron-lock.yml @@ -1,8 +1,9 @@ name: cron-lock on: - schedule: - - cron: "0 0 * * *" # every day at 00:00 UTC + # Automated releases explicitly disabled for this fork. + # schedule: + # - cron: "0 0 * * *" # every day at 00:00 UTC workflow_dispatch: permissions: diff --git a/.github/workflows/cron-translations.yml b/.github/workflows/cron-translations.yml index 390aae7c0795..8290b1d94953 100644 --- a/.github/workflows/cron-translations.yml +++ b/.github/workflows/cron-translations.yml @@ -1,8 +1,9 @@ name: cron-translations on: - schedule: - - cron: "7 0 * * *" # every day at 00:07 UTC + # @kaiwalyajoshi: Automated releases explicitly disabled for this fork. + # schedule: + # - cron: "7 0 * * *" # every day at 00:07 UTC workflow_dispatch: jobs: diff --git a/.github/workflows/release-nightly.yml b/.github/workflows/release-nightly.yml index 80e6683919fc..b6582b2a498d 100644 --- a/.github/workflows/release-nightly.yml +++ b/.github/workflows/release-nightly.yml @@ -1,8 +1,10 @@ name: release-nightly on: - push: - branches: [main, release/v*] + workflow_dispatch: + # Automated releases explicitly disabled for this fork. + # push: + # branches: [main, release/v*] concurrency: group: ${{ github.workflow }}-${{ github.ref }} diff --git a/.github/workflows/release-tag-rc.yml b/.github/workflows/release-tag-rc.yml index 12d1e1e4bebe..96446bd5d9b3 100644 --- a/.github/workflows/release-tag-rc.yml +++ b/.github/workflows/release-tag-rc.yml @@ -1,9 +1,11 @@ name: release-tag-rc on: - push: - tags: - - "v1*-rc*" + workflow_dispatch: + # Automated releases explicitly disabled for this fork. + # push: + # tags: + # - "v1*-rc*" concurrency: group: ${{ github.workflow }}-${{ github.ref }} diff --git a/.github/workflows/release-tag-version.yml b/.github/workflows/release-tag-version.yml index e0e93633e8ab..67e312e80787 100644 --- a/.github/workflows/release-tag-version.yml +++ b/.github/workflows/release-tag-version.yml @@ -1,11 +1,13 @@ name: release-tag-version on: - push: - tags: - - "v1.*" - - "!v1*-rc*" - - "!v1*-dev" + workflow_dispatch: + # Automated releases explicitly disabled for this fork. + # push: + # tags: + # - "v1.*" + # - "!v1*-rc*" + # - "!v1*-dev" concurrency: group: ${{ github.workflow }}-${{ github.ref }} From ac2b08c4a17234d7169e773f1b3649e49821a27f Mon Sep 17 00:00:00 2001 From: Kaiwalya Joshi Date: Wed, 3 Jan 2024 19:36:04 -0600 Subject: [PATCH 02/12] chore: Add release workflow for releasing rootless images. --- .../workflows/d2iq-release-tag-version.yml | 38 +++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 .github/workflows/d2iq-release-tag-version.yml diff --git a/.github/workflows/d2iq-release-tag-version.yml b/.github/workflows/d2iq-release-tag-version.yml new file mode 100644 index 000000000000..25ed09ce3bb9 --- /dev/null +++ b/.github/workflows/d2iq-release-tag-version.yml @@ -0,0 +1,38 @@ +name: d2iq-release-tag-version + +on: + workflow_dispatch: + inputs: + releaseTag: + description: 'Existing Tag to checkout.' + type: string + required: true + default: '' + imageName: + description: 'Release Image Name' + type: string + required: true + default: 'docker.io/kaiwalyarjoshi/gitea:latest' + +jobs: + docker-rootless: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ inputs.releaseTag }} + - uses: docker/setup-qemu-action@v3 + - uses: docker/setup-buildx-action@v3 + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKER_READ_WRITE_USERNAME }} + password: ${{ secrets.DOCKER_READ_WRITE_PASSWORD }} + - name: build rootless docker image + uses: docker/build-push-action@v5 + with: + context: . + platforms: linux/amd64,linux/arm64 + push: true + file: Dockerfile.rootless + tags: ${{ inputs.imageName }} From 8aacc52444538a2f6af60513fd2d7df9b07fb555 Mon Sep 17 00:00:00 2001 From: Kaiwalya Joshi Date: Wed, 3 Jan 2024 20:01:51 -0600 Subject: [PATCH 03/12] fix: Checkout tag after repo checkout. --- .github/workflows/d2iq-release-tag-version.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/d2iq-release-tag-version.yml b/.github/workflows/d2iq-release-tag-version.yml index 25ed09ce3bb9..1916dbc7296e 100644 --- a/.github/workflows/d2iq-release-tag-version.yml +++ b/.github/workflows/d2iq-release-tag-version.yml @@ -28,6 +28,8 @@ jobs: with: username: ${{ secrets.DOCKER_READ_WRITE_USERNAME }} password: ${{ secrets.DOCKER_READ_WRITE_PASSWORD }} + - name: checkout release tag + run: git checkout ${{ inputs.releaseTag }} - name: build rootless docker image uses: docker/build-push-action@v5 with: From da2c9d886bcbe1317c1ac6095d3326b40a70085d Mon Sep 17 00:00:00 2001 From: Kaiwalya Joshi Date: Wed, 3 Jan 2024 20:06:09 -0600 Subject: [PATCH 04/12] fix: Remove tag reference from checkout. --- .github/workflows/d2iq-release-tag-version.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/d2iq-release-tag-version.yml b/.github/workflows/d2iq-release-tag-version.yml index 1916dbc7296e..88c027cc95eb 100644 --- a/.github/workflows/d2iq-release-tag-version.yml +++ b/.github/workflows/d2iq-release-tag-version.yml @@ -19,8 +19,6 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - with: - ref: ${{ inputs.releaseTag }} - uses: docker/setup-qemu-action@v3 - uses: docker/setup-buildx-action@v3 - name: Login to Docker Hub @@ -28,7 +26,7 @@ jobs: with: username: ${{ secrets.DOCKER_READ_WRITE_USERNAME }} password: ${{ secrets.DOCKER_READ_WRITE_PASSWORD }} - - name: checkout release tag + - name: Checkout release tag run: git checkout ${{ inputs.releaseTag }} - name: build rootless docker image uses: docker/build-push-action@v5 From 8e82c5d389a213790a1ff92c3075bf9f2f774b00 Mon Sep 17 00:00:00 2001 From: Kaiwalya Joshi Date: Wed, 3 Jan 2024 20:23:42 -0600 Subject: [PATCH 05/12] fix: Fetch tags on checkout. --- .github/workflows/d2iq-release-tag-version.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/d2iq-release-tag-version.yml b/.github/workflows/d2iq-release-tag-version.yml index 88c027cc95eb..4ea7f22a8902 100644 --- a/.github/workflows/d2iq-release-tag-version.yml +++ b/.github/workflows/d2iq-release-tag-version.yml @@ -19,6 +19,8 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 + with: + fetch-tags: true - uses: docker/setup-qemu-action@v3 - uses: docker/setup-buildx-action@v3 - name: Login to Docker Hub From 616dc8607e4b2ac889653f6bc302f8df14fd9cc1 Mon Sep 17 00:00:00 2001 From: Kaiwalya Joshi Date: Wed, 3 Jan 2024 20:26:55 -0600 Subject: [PATCH 06/12] fix: Add debug step --- .github/workflows/d2iq-release-tag-version.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/d2iq-release-tag-version.yml b/.github/workflows/d2iq-release-tag-version.yml index 4ea7f22a8902..5ff1014892ba 100644 --- a/.github/workflows/d2iq-release-tag-version.yml +++ b/.github/workflows/d2iq-release-tag-version.yml @@ -28,6 +28,7 @@ jobs: with: username: ${{ secrets.DOCKER_READ_WRITE_USERNAME }} password: ${{ secrets.DOCKER_READ_WRITE_PASSWORD }} + - run: git tag -l - name: Checkout release tag run: git checkout ${{ inputs.releaseTag }} - name: build rootless docker image From 126ade9719e05ca39502811629c20d6b943939ef Mon Sep 17 00:00:00 2001 From: Kaiwalya R Joshi Date: Wed, 3 Jan 2024 21:46:51 -0600 Subject: [PATCH 07/12] fix: Checkout tag directly. --- .github/workflows/d2iq-release-tag-version.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/d2iq-release-tag-version.yml b/.github/workflows/d2iq-release-tag-version.yml index 5ff1014892ba..2a93c932a19b 100644 --- a/.github/workflows/d2iq-release-tag-version.yml +++ b/.github/workflows/d2iq-release-tag-version.yml @@ -20,6 +20,7 @@ jobs: steps: - uses: actions/checkout@v4 with: + ref: ${{ inputs.releaseTag }} fetch-tags: true - uses: docker/setup-qemu-action@v3 - uses: docker/setup-buildx-action@v3 @@ -29,8 +30,8 @@ jobs: username: ${{ secrets.DOCKER_READ_WRITE_USERNAME }} password: ${{ secrets.DOCKER_READ_WRITE_PASSWORD }} - run: git tag -l - - name: Checkout release tag - run: git checkout ${{ inputs.releaseTag }} + # - name: Checkout release tag + # run: git checkout ${{ inputs.releaseTag }} - name: build rootless docker image uses: docker/build-push-action@v5 with: From 8e1ad1675da38fb0578f1374ed114dbbe267ab45 Mon Sep 17 00:00:00 2001 From: Kaiwalya Joshi Date: Wed, 3 Jan 2024 22:16:07 -0600 Subject: [PATCH 08/12] fix: Cleanups --- .github/workflows/d2iq-release-tag-version.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/d2iq-release-tag-version.yml b/.github/workflows/d2iq-release-tag-version.yml index 2a93c932a19b..c97613dc7e75 100644 --- a/.github/workflows/d2iq-release-tag-version.yml +++ b/.github/workflows/d2iq-release-tag-version.yml @@ -29,9 +29,6 @@ jobs: with: username: ${{ secrets.DOCKER_READ_WRITE_USERNAME }} password: ${{ secrets.DOCKER_READ_WRITE_PASSWORD }} - - run: git tag -l - # - name: Checkout release tag - # run: git checkout ${{ inputs.releaseTag }} - name: build rootless docker image uses: docker/build-push-action@v5 with: From 7f1870f5bd27acae9ac2e742fb7ebae916cf5c55 Mon Sep 17 00:00:00 2001 From: Kaiwalya Joshi Date: Wed, 3 Jan 2024 23:00:42 -0600 Subject: [PATCH 09/12] fix: update to use self-hosted runners on d2iq infra. --- .github/workflows/cron-licenses.yml | 4 +- .github/workflows/cron-lock.yml | 4 +- .github/workflows/cron-translations.yml | 8 +++- .../workflows/d2iq-release-tag-version.yml | 4 +- .github/workflows/disk-clean.yml | 4 +- .github/workflows/files-changed.yml | 4 +- .github/workflows/pull-compliance.yml | 44 ++++++++++++++----- .github/workflows/pull-db-tests.yml | 20 ++++++--- .github/workflows/pull-docker-dryrun.yml | 8 +++- .github/workflows/pull-e2e-tests.yml | 4 +- .github/workflows/pull-labeler.yml | 4 +- .github/workflows/release-nightly.yml | 12 +++-- .github/workflows/release-tag-rc.yml | 12 +++-- .github/workflows/release-tag-version.yml | 12 +++-- 14 files changed, 108 insertions(+), 36 deletions(-) diff --git a/.github/workflows/cron-licenses.yml b/.github/workflows/cron-licenses.yml index 9c3eaf5b0e54..c9f963da88ea 100644 --- a/.github/workflows/cron-licenses.yml +++ b/.github/workflows/cron-licenses.yml @@ -8,7 +8,9 @@ on: jobs: cron-licenses: - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small if: github.repository == 'go-gitea/gitea' steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/cron-lock.yml b/.github/workflows/cron-lock.yml index 3492cac0a111..20bfe17fb1fa 100644 --- a/.github/workflows/cron-lock.yml +++ b/.github/workflows/cron-lock.yml @@ -15,7 +15,9 @@ concurrency: jobs: action: - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small if: github.repository == 'go-gitea/gitea' steps: - uses: dessant/lock-threads@v5 diff --git a/.github/workflows/cron-translations.yml b/.github/workflows/cron-translations.yml index 8290b1d94953..3f7e0cc09d73 100644 --- a/.github/workflows/cron-translations.yml +++ b/.github/workflows/cron-translations.yml @@ -8,7 +8,9 @@ on: jobs: crowdin-pull: - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small if: github.repository == 'go-gitea/gitea' steps: - uses: actions/checkout@v4 @@ -33,7 +35,9 @@ jobs: remote: "git@github.com:go-gitea/gitea.git" ssh_key: ${{ secrets.DEPLOY_KEY }} crowdin-push: - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small if: github.repository == 'go-gitea/gitea' steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/d2iq-release-tag-version.yml b/.github/workflows/d2iq-release-tag-version.yml index c97613dc7e75..c786e4fc7095 100644 --- a/.github/workflows/d2iq-release-tag-version.yml +++ b/.github/workflows/d2iq-release-tag-version.yml @@ -16,7 +16,9 @@ on: jobs: docker-rootless: - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small steps: - uses: actions/checkout@v4 with: diff --git a/.github/workflows/disk-clean.yml b/.github/workflows/disk-clean.yml index 8abe8891c79b..653d1e2a3acb 100644 --- a/.github/workflows/disk-clean.yml +++ b/.github/workflows/disk-clean.yml @@ -5,7 +5,9 @@ on: jobs: triage: - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small steps: - uses: actions/checkout@v4 - name: Free Disk Space (Ubuntu) diff --git a/.github/workflows/files-changed.yml b/.github/workflows/files-changed.yml index e7039053af9d..c2c9c015cde3 100644 --- a/.github/workflows/files-changed.yml +++ b/.github/workflows/files-changed.yml @@ -22,7 +22,9 @@ on: jobs: detect: - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small timeout-minutes: 3 outputs: backend: ${{ steps.changes.outputs.backend }} diff --git a/.github/workflows/pull-compliance.yml b/.github/workflows/pull-compliance.yml index 0472d9a9f07e..b94063411ac3 100644 --- a/.github/workflows/pull-compliance.yml +++ b/.github/workflows/pull-compliance.yml @@ -14,7 +14,9 @@ jobs: lint-backend: if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true' needs: files-changed - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small steps: - uses: actions/checkout@v4 - uses: actions/setup-go@v5 @@ -29,7 +31,9 @@ jobs: lint-templates: if: needs.files-changed.outputs.templates == 'true' needs: files-changed - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small steps: - uses: actions/checkout@v4 - uses: actions/setup-python@v4 @@ -42,7 +46,9 @@ jobs: lint-yaml: if: needs.files-changed.outputs.yaml == 'true' needs: files-changed - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small steps: - uses: actions/checkout@v4 - uses: actions/setup-python@v4 @@ -55,7 +61,9 @@ jobs: lint-swagger: if: needs.files-changed.outputs.swagger == 'true' needs: files-changed - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small steps: - uses: actions/checkout@v4 - uses: actions/setup-node@v4 @@ -67,7 +75,9 @@ jobs: lint-go-windows: if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true' needs: files-changed - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small steps: - uses: actions/checkout@v4 - uses: actions/setup-go@v5 @@ -84,7 +94,9 @@ jobs: lint-go-gogit: if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true' needs: files-changed - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small steps: - uses: actions/checkout@v4 - uses: actions/setup-go@v5 @@ -99,7 +111,9 @@ jobs: checks-backend: if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true' needs: files-changed - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small steps: - uses: actions/checkout@v4 - uses: actions/setup-go@v5 @@ -112,7 +126,9 @@ jobs: frontend: if: needs.files-changed.outputs.frontend == 'true' || needs.files-changed.outputs.actions == 'true' needs: files-changed - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small steps: - uses: actions/checkout@v4 - uses: actions/setup-node@v4 @@ -127,7 +143,9 @@ jobs: backend: if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true' needs: files-changed - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small steps: - uses: actions/checkout@v4 - uses: actions/setup-go@v5 @@ -159,7 +177,9 @@ jobs: docs: if: needs.files-changed.outputs.docs == 'true' || needs.files-changed.outputs.actions == 'true' needs: files-changed - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small steps: - uses: actions/checkout@v4 - uses: actions/setup-node@v4 @@ -172,7 +192,9 @@ jobs: actions: if: needs.files-changed.outputs.actions == 'true' || needs.files-changed.outputs.actions == 'true' needs: files-changed - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small steps: - uses: actions/checkout@v4 - uses: actions/setup-go@v5 diff --git a/.github/workflows/pull-db-tests.yml b/.github/workflows/pull-db-tests.yml index a3886bf61807..69946bdc7893 100644 --- a/.github/workflows/pull-db-tests.yml +++ b/.github/workflows/pull-db-tests.yml @@ -14,7 +14,9 @@ jobs: test-pgsql: if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true' needs: files-changed - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small services: pgsql: image: postgres:12 @@ -61,7 +63,9 @@ jobs: test-sqlite: if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true' needs: files-changed - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small steps: - uses: actions/checkout@v4 - uses: actions/setup-go@v5 @@ -83,7 +87,9 @@ jobs: test-unit: if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true' needs: files-changed - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small services: elasticsearch: image: elasticsearch:7.5.0 @@ -141,7 +147,9 @@ jobs: test-mysql: if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true' needs: files-changed - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small services: mysql: image: mysql:8.0 @@ -186,7 +194,9 @@ jobs: test-mssql: if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true' needs: files-changed - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small services: mssql: image: mcr.microsoft.com/mssql/server:2017-latest diff --git a/.github/workflows/pull-docker-dryrun.yml b/.github/workflows/pull-docker-dryrun.yml index f74277de671b..09b9534b82b3 100644 --- a/.github/workflows/pull-docker-dryrun.yml +++ b/.github/workflows/pull-docker-dryrun.yml @@ -14,7 +14,9 @@ jobs: regular: if: needs.files-changed.outputs.docker == 'true' || needs.files-changed.outputs.actions == 'true' needs: files-changed - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small steps: - uses: docker/setup-buildx-action@v3 - uses: docker/build-push-action@v5 @@ -25,7 +27,9 @@ jobs: rootless: if: needs.files-changed.outputs.docker == 'true' || needs.files-changed.outputs.actions == 'true' needs: files-changed - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small steps: - uses: docker/setup-buildx-action@v3 - uses: docker/build-push-action@v5 diff --git a/.github/workflows/pull-e2e-tests.yml b/.github/workflows/pull-e2e-tests.yml index 5a249db9f8dd..5972e15c0316 100644 --- a/.github/workflows/pull-e2e-tests.yml +++ b/.github/workflows/pull-e2e-tests.yml @@ -14,7 +14,9 @@ jobs: test-e2e: if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.frontend == 'true' || needs.files-changed.outputs.actions == 'true' needs: files-changed - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small steps: - uses: actions/checkout@v4 - uses: actions/setup-go@v5 diff --git a/.github/workflows/pull-labeler.yml b/.github/workflows/pull-labeler.yml index edd2f6d16e63..4ef3e4e3a328 100644 --- a/.github/workflows/pull-labeler.yml +++ b/.github/workflows/pull-labeler.yml @@ -10,7 +10,9 @@ concurrency: jobs: label: - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small permissions: contents: read pull-requests: write diff --git a/.github/workflows/release-nightly.yml b/.github/workflows/release-nightly.yml index b6582b2a498d..254d3ccd83d8 100644 --- a/.github/workflows/release-nightly.yml +++ b/.github/workflows/release-nightly.yml @@ -14,7 +14,9 @@ jobs: disk-clean: uses: ./.github/workflows/disk-clean.yml nightly-binary: - runs-on: nscloud + runs-on: + - self-hosted + - small steps: - uses: actions/checkout@v4 # fetch all commits instead of only the last as some branches are long lived and could have many between versions @@ -60,7 +62,9 @@ jobs: run: | aws s3 sync dist/release s3://${{ secrets.AWS_S3_BUCKET }}/gitea/${{ steps.clean_name.outputs.branch }} --no-progress nightly-docker-rootful: - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small steps: - uses: actions/checkout@v4 # fetch all commits instead of only the last as some branches are long lived and could have many between versions @@ -97,7 +101,9 @@ jobs: push: true tags: gitea/gitea:${{ steps.clean_name.outputs.branch }} nightly-docker-rootless: - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small steps: - uses: actions/checkout@v4 # fetch all commits instead of only the last as some branches are long lived and could have many between versions diff --git a/.github/workflows/release-tag-rc.yml b/.github/workflows/release-tag-rc.yml index 96446bd5d9b3..47aaabe94c61 100644 --- a/.github/workflows/release-tag-rc.yml +++ b/.github/workflows/release-tag-rc.yml @@ -13,7 +13,9 @@ concurrency: jobs: binary: - runs-on: nscloud + runs-on: + - self-hosted + - small steps: - uses: actions/checkout@v4 # fetch all commits instead of only the last as some branches are long lived and could have many between versions @@ -68,7 +70,9 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }} docker-rootful: - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small steps: - uses: actions/checkout@v4 # fetch all commits instead of only the last as some branches are long lived and could have many between versions @@ -99,7 +103,9 @@ jobs: tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} docker-rootless: - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small steps: - uses: actions/checkout@v4 # fetch all commits instead of only the last as some branches are long lived and could have many between versions diff --git a/.github/workflows/release-tag-version.yml b/.github/workflows/release-tag-version.yml index 67e312e80787..35b929ab223f 100644 --- a/.github/workflows/release-tag-version.yml +++ b/.github/workflows/release-tag-version.yml @@ -15,7 +15,9 @@ concurrency: jobs: binary: - runs-on: nscloud + runs-on: + - self-hosted + - small steps: - uses: actions/checkout@v4 # fetch all commits instead of only the last as some branches are long lived and could have many between versions @@ -70,7 +72,9 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }} docker-rootful: - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small steps: - uses: actions/checkout@v4 # fetch all commits instead of only the last as some branches are long lived and could have many between versions @@ -105,7 +109,9 @@ jobs: tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} docker-rootless: - runs-on: ubuntu-latest + runs-on: + - self-hosted + - small steps: - uses: actions/checkout@v4 # fetch all commits instead of only the last as some branches are long lived and could have many between versions From 3b7cb8e1886a3cea0fac9660df9106113a0dcdfd Mon Sep 17 00:00:00 2001 From: Kaiwalya Joshi Date: Wed, 3 Jan 2024 23:18:21 -0600 Subject: [PATCH 10/12] fix: Add instructions to README for d2iq fork. --- docs/README.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/docs/README.md b/docs/README.md index d9aa3b80b8f2..812a0e0a8ebb 100644 --- a/docs/README.md +++ b/docs/README.md @@ -1,4 +1,23 @@ # Gitea: Docs +## D2iQ Fork + +This repository is a fork hosting specific patches which for various reasons couldn't be merged with the upstream repository. + +|Name|Branch/Tag|Notes| +|-|-|-| +|v1.19.2-d2iq|Tag| DKP v2.7.x release of Gitea which updates Alpine from `3.17.3` -> `3.17.6` which fixes CVEs found in the base image. This patch was not [accepted upstream](https://github.com/go-gitea/gitea/pull/28641).| + +## D2iQ Releasing + +We usually require Docker Images with patched versions. The process to release is as follows: +1. Checkout the specific tag that ships with a DKP Release. eg `vA.B.C` +1. Create a related release branch. eg `release/vA.B.C-d2iq` +1. Apply patches to branch `release/vA.B.C-d2iq` +1. Once statisfied, create and push the associated tag `vA.B.C-d2iq` +1. Run the [D2iQ Specific Release tooling GHA](../.github/workflows/d2iq-release-tag-version.yml). With Tag as `vA.B.C-d2iq` and Docker Image as `docker.io/mesosphere/gitea:vA.B.C-d2iq` +1. Once the image is published, push a PR to `kommander-applications` to finish using the forked image. + +--- [![Join the chat at https://img.shields.io/discord/322538954119184384.svg](https://img.shields.io/discord/322538954119184384.svg)](https://discord.gg/Gitea) [![](https://images.microbadger.com/badges/image/gitea/docs.svg)](http://microbadger.com/images/gitea/docs "Get your own image badge on microbadger.com") From 5263b9c1c0f5c43abd16e75ea443d3df21e223fc Mon Sep 17 00:00:00 2001 From: Kaiwalya Joshi Date: Wed, 3 Jan 2024 23:18:47 -0600 Subject: [PATCH 11/12] fix: Update suggested defaults to use mesosphere repo. --- .github/workflows/d2iq-release-tag-version.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/d2iq-release-tag-version.yml b/.github/workflows/d2iq-release-tag-version.yml index c786e4fc7095..5a4838579a9d 100644 --- a/.github/workflows/d2iq-release-tag-version.yml +++ b/.github/workflows/d2iq-release-tag-version.yml @@ -12,7 +12,7 @@ on: description: 'Release Image Name' type: string required: true - default: 'docker.io/kaiwalyarjoshi/gitea:latest' + default: 'docker.io/mesosphere/gitea:latest' jobs: docker-rootless: From a25f7a2181ff366644f9fbb3bb485558b92db771 Mon Sep 17 00:00:00 2001 From: Kaiwalya Joshi Date: Wed, 3 Jan 2024 23:25:30 -0600 Subject: [PATCH 12/12] fix: Add CODEOWNERS file. --- .github/CODEOWNERS | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 .github/CODEOWNERS diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 000000000000..b7ad0f9b6182 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1,3 @@ +# Reference: https://help.github.com/en/articles/about-code-owners +# Order is important: later rules override preceding rules +* @mesosphere/kommander