martin/ProxmoxVE
1
0
Fork 0
mirror of https://github.com/community-scripts/ProxmoxVE synced 2025-01-10 19:05:09 +00:00
Code Issues Actions 8 Packages Projects Releases Wiki Activity

fix: permissions of validate pipelines (#1316)
Some checks are pending
Create Changelog Pull Request / update-changelog-pull-request (push) Waiting to run
Details
Shellcheck / Shellcheck (push) Waiting to run
Details
Validate script formatting / Check changed files (push) Waiting to run
Details
Validate scripts / Check changed files (push) Waiting to run
Details

Browse Source 
* Fix permission in validate-filenames pipeline

* Run Github Actions for script validation on pull_request_target with right permissions
This commit is contained in:
Sébastiaan 2025-01-07 20:34:37 +01:00 committed by GitHub
parent 29b98b450b
commit 4da57bd76c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 43 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
.github/workflows/validate-filenames.yml vendored
View File

@ -1,23 +1,36 @@
name: Validate filenames
on:
pull_request:
pull_request_target:
paths:
- "ct/*.sh"
- "install/*.sh"
- "json/*.json"
- ".github/workflows/validate-filenames.yml"
jobs:
check-files:
name: Check changed files
runs-on: ubuntu-latest
permissions:
pull-requests: write
steps:
- name: Get pull request information
uses: actions/github-script@v7
id: pr
with:
script: |
const { data: pullRequest } = await github.rest.pulls.get({
...context.repo,
pull_number: context.payload.pull_request.number,
});
return pullRequest;
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0 # Ensure the full history is fetched for accurate diffing
ref: ${{ fromJSON(steps.pr.outputs.result).merge_commit_sha }}
- name: Get changed files
id: changed-files

17
.github/workflows/validate-formatting.yaml vendored
View File

@ -4,11 +4,10 @@ on:
push:
branches:
- main
pull_request:
pull_request_target:
paths:
- "**/*.sh"
- "**/*.func"
- ".github/workflows/validate-formatting.yaml"
jobs:
shfmt:
@ -18,10 +17,22 @@ jobs:
pull-requests: write
steps:
- name: Get pull request information
uses: actions/github-script@v7
id: pr
with:
script: |
const { data: pullRequest } = await github.rest.pulls.get({
...context.repo,
pull_number: context.payload.pull_request.number,
});
return pullRequest;
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
fetch-depth: 0 # Ensure the full history is fetched for accurate diffing
ref: ${{ fromJSON(steps.pr.outputs.result).merge_commit_sha }}
- name: Get changed files
id: changed-files

17
.github/workflows/validate-scripts.yml vendored
View File

@ -3,11 +3,10 @@ on:
push:
branches:
- main
pull_request:
pull_request_target:
paths:
- "ct/*.sh"
- "install/*.sh"
- ".github/workflows/validate-scripts.yml"
jobs:
check-scripts:
@ -17,10 +16,22 @@ jobs:
pull-requests: write
steps:
- name: Get pull request information
uses: actions/github-script@v7
id: pr
with:
script: |
const { data: pullRequest } = await github.rest.pulls.get({
...context.repo,
pull_number: context.payload.pull_request.number,
});
return pullRequest;
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: ${{ github.event_name == 'pull_request' && 2 || 0 }}
fetch-depth: 0 # Ensure the full history is fetched for accurate diffing
ref: ${{fromJSON(steps.pr.outputs.result).merge_commit_sha}}
- name: Set execute permission for .sh files
run: |