From 4903f793817bb7968e9b4aafc4becdbf04c1ded2 Mon Sep 17 00:00:00 2001 From: Daniel Kesselberg Date: Tue, 30 Jun 2026 21:06:33 +0200 Subject: [PATCH] ci: Update workflows Signed-off-by: Daniel Kesselberg --- .github/workflows/appstore-build-publish.yml | 51 +++++++++++++++----- .github/workflows/lint-info-xml.yml | 2 + .github/workflows/lint-php-cs.yml | 10 ++-- .github/workflows/lint-php.yml | 16 ++++-- .github/workflows/phpunit-sqlite.yml | 16 ++++-- 5 files changed, 71 insertions(+), 24 deletions(-) diff --git a/.github/workflows/appstore-build-publish.yml b/.github/workflows/appstore-build-publish.yml index 44a2c1d..984567e 100644 --- a/.github/workflows/appstore-build-publish.yml +++ b/.github/workflows/appstore-build-publish.yml @@ -12,6 +12,9 @@ on: release: types: [published] +permissions: + contents: write + jobs: build_and_publish: runs-on: ubuntu-latest @@ -34,11 +37,23 @@ jobs: - name: Checkout uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: + persist-credentials: false path: ${{ env.APP_NAME }} + - name: Get app version number + id: app-version + uses: skjnldsv/xpath-action@f5b036e9d973f42c86324833fd00be90665fbf77 # v1.0.0 + with: + filename: ${{ env.APP_NAME }}/appinfo/info.xml + expression: "//info//version/text()" + + - name: Validate app version against tag + run: | + [ "${{ env.APP_VERSION }}" = "v${{ fromJSON(steps.app-version.outputs.result).version }}" ] + - name: Get appinfo data id: appinfo - uses: skjnldsv/xpath-action@f5b036e9d973f42c86324833fd00be90665fbf77 # master + uses: skjnldsv/xpath-action@f5b036e9d973f42c86324833fd00be90665fbf77 # v1.0.0 with: filename: ${{ env.APP_NAME }}/appinfo/info.xml expression: "//info//dependencies//nextcloud/@min-version" @@ -50,8 +65,8 @@ jobs: continue-on-error: true with: path: ${{ env.APP_NAME }} - fallbackNode: '^20' - fallbackNpm: '^10' + fallbackNode: '^24' + fallbackNpm: '^11.3' - name: Set up node ${{ steps.versions.outputs.nodeVersion }} # Skip if no package.json @@ -59,6 +74,7 @@ jobs: uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 with: node-version: ${{ steps.versions.outputs.nodeVersion }} + package-manager-cache: false - name: Set up npm ${{ steps.versions.outputs.npmVersion }} # Skip if no package.json @@ -67,12 +83,12 @@ jobs: - name: Get php version id: php-versions - uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.3.2.3.1.3.2 + uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.3.2 with: filename: ${{ env.APP_NAME }}/appinfo/info.xml - name: Set up php ${{ steps.php-versions.outputs.php-min }} - uses: shivammathur/setup-php@f3e473d116dcccaddc5834248c87452386958240 # v2.37.2 + uses: shivammathur/setup-php@f3e473d116dcccaddc5834248c87452386958240 # 2.37.2 with: php-version: ${{ steps.php-versions.outputs.php-min }} coverage: none @@ -125,22 +141,31 @@ jobs: cd ${{ env.APP_NAME }} make appstore - - name: Checkout server ${{ fromJSON(steps.appinfo.outputs.result).nextcloud.min-version }} - continue-on-error: true - id: server-checkout + - name: Check server download link for ${{ fromJSON(steps.appinfo.outputs.result).nextcloud.min-version }} run: | NCVERSION='${{ fromJSON(steps.appinfo.outputs.result).nextcloud.min-version }}' - wget --quiet https://download.nextcloud.com/server/releases/latest-$NCVERSION.zip - unzip latest-$NCVERSION.zip + DOWNLOAD_URL=$(curl -s "https://updates.nextcloud.com/updater_server/latest?channel=beta&version=$NCVERSION" | jq -r '.downloads.zip[0]') + echo "DOWNLOAD_URL=$DOWNLOAD_URL" >> $GITHUB_ENV + + - name: Download server ${{ fromJSON(steps.appinfo.outputs.result).nextcloud.min-version }} + continue-on-error: true + id: server-download + if: ${{ env.DOWNLOAD_URL != 'null' }} + run: | + echo "Downloading release tarball from $DOWNLOAD_URL" + wget $DOWNLOAD_URL -O nextcloud.zip + unzip nextcloud.zip - name: Checkout server master fallback uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - if: ${{ steps.server-checkout.outcome != 'success' }} + if: ${{ steps.server-download.outcome != 'success' }} with: + persist-credentials: false submodules: true repository: nextcloud/server path: nextcloud + - name: Sign app run: | # Extracting release @@ -157,7 +182,7 @@ jobs: tar -zcvf ${{ env.APP_NAME }}.tar.gz ${{ env.APP_NAME }} - name: Attach tarball to github release - uses: svenstaro/upload-release-action@29e53e917877a24fad85510ded594ab3c9ca12de # v2 + uses: svenstaro/upload-release-action@29e53e917877a24fad85510ded594ab3c9ca12de # 2.11.5 id: attach_to_release with: repo_token: ${{ secrets.GITHUB_TOKEN }} @@ -167,7 +192,7 @@ jobs: overwrite: true - name: Upload app to Nextcloud appstore - uses: nextcloud-releases/nextcloud-appstore-push-action@a011fe619bcf6e77ddebc96f9908e1af4071b9c1 # v1 + uses: nextcloud-releases/nextcloud-appstore-push-action@a011fe619bcf6e77ddebc96f9908e1af4071b9c1 # v1.0.3 with: app_name: ${{ env.APP_NAME }} appstore_token: ${{ secrets.APPSTORE_TOKEN }} diff --git a/.github/workflows/lint-info-xml.yml b/.github/workflows/lint-info-xml.yml index 3330dd0..059b2e6 100644 --- a/.github/workflows/lint-info-xml.yml +++ b/.github/workflows/lint-info-xml.yml @@ -25,6 +25,8 @@ jobs: steps: - name: Checkout uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 + with: + persist-credentials: false - name: Download schema run: wget https://raw.githubusercontent.com/nextcloud/appstore/master/nextcloudappstore/api/v1/release/info.xsd diff --git a/.github/workflows/lint-php-cs.yml b/.github/workflows/lint-php-cs.yml index d43734f..bb67a00 100644 --- a/.github/workflows/lint-php-cs.yml +++ b/.github/workflows/lint-php-cs.yml @@ -26,13 +26,15 @@ jobs: steps: - name: Checkout uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 + with: + persist-credentials: false - name: Get php version id: versions - uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.3.2.3.1.3.2 + uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.3.2 - name: Set up php${{ steps.versions.outputs.php-min }} - uses: shivammathur/setup-php@f3e473d116dcccaddc5834248c87452386958240 # v2.37.2 + uses: shivammathur/setup-php@f3e473d116dcccaddc5834248c87452386958240 # 2.37.2 with: php-version: ${{ steps.versions.outputs.php-min }} extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite @@ -42,7 +44,9 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Install dependencies - run: composer i + run: | + composer remove nextcloud/ocp --dev --no-scripts + composer i - name: Lint run: composer run cs:check || ( echo 'Please run `composer run cs:fix` to format your code' && exit 1 ) diff --git a/.github/workflows/lint-php.yml b/.github/workflows/lint-php.yml index c147987..cb2684b 100644 --- a/.github/workflows/lint-php.yml +++ b/.github/workflows/lint-php.yml @@ -21,29 +21,35 @@ jobs: matrix: runs-on: ubuntu-latest-low outputs: - php-versions: ${{ steps.versions.outputs.php-versions }} + php-min: ${{ steps.versions.outputs.php-min }} + php-max: ${{ steps.versions.outputs.php-max }} steps: - name: Checkout app uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 + with: + persist-credentials: false + - name: Get version matrix id: versions - uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.0.0 + uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.3.2 php-lint: - runs-on: ubuntu-latest + runs-on: ubuntu-latest-low needs: matrix strategy: matrix: - php-versions: ${{fromJson(needs.matrix.outputs.php-versions)}} + php-versions: ['${{ needs.matrix.outputs.php-min }}', '${{ needs.matrix.outputs.php-max }}'] name: php-lint steps: - name: Checkout uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 + with: + persist-credentials: false - name: Set up php ${{ matrix.php-versions }} - uses: shivammathur/setup-php@f3e473d116dcccaddc5834248c87452386958240 # v2.37.2 + uses: shivammathur/setup-php@f3e473d116dcccaddc5834248c87452386958240 # 2.37.2 with: php-version: ${{ matrix.php-versions }} extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite diff --git a/.github/workflows/phpunit-sqlite.yml b/.github/workflows/phpunit-sqlite.yml index 3b73f6f..06abce1 100644 --- a/.github/workflows/phpunit-sqlite.yml +++ b/.github/workflows/phpunit-sqlite.yml @@ -26,10 +26,12 @@ jobs: steps: - name: Checkout app uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 + with: + persist-credentials: false - name: Get version matrix id: versions - uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.3.2.3.1.3.2 + uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.3.2 changes: runs-on: ubuntu-latest-low @@ -65,6 +67,7 @@ jobs: if: needs.changes.outputs.src != 'false' strategy: + fail-fast: false matrix: php-versions: ${{ fromJson(needs.matrix.outputs.php-version) }} server-versions: ${{ fromJson(needs.matrix.outputs.server-max) }} @@ -73,6 +76,7 @@ jobs: steps: - name: Set app env + if: ${{ env.APP_NAME == '' }} run: | # Split and keep last echo "APP_NAME=${GITHUB_REPOSITORY##*/}" >> $GITHUB_ENV @@ -80,6 +84,7 @@ jobs: - name: Checkout server uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: + persist-credentials: false submodules: true repository: nextcloud/server ref: ${{ matrix.server-versions }} @@ -87,16 +92,19 @@ jobs: - name: Checkout app uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: + persist-credentials: false path: apps/${{ env.APP_NAME }} - name: Set up php ${{ matrix.php-versions }} - uses: shivammathur/setup-php@f3e473d116dcccaddc5834248c87452386958240 # v2.37.2 + uses: shivammathur/setup-php@f3e473d116dcccaddc5834248c87452386958240 # 2.37.2 with: php-version: ${{ matrix.php-versions }} # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite coverage: none ini-file: development + # Temporary workaround for missing pcntl_* in PHP 8.3 + ini-values: disable_functions= env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -110,7 +118,9 @@ jobs: # Only run if phpunit config file exists if: steps.check_composer.outputs.files_exists == 'true' working-directory: apps/${{ env.APP_NAME }} - run: composer i + run: | + composer remove nextcloud/ocp --dev --no-scripts + composer i - name: Set up Nextcloud env: