Loading .github/workflows/android.yml +4 −7 Original line number Diff line number Diff line Loading @@ -26,13 +26,13 @@ jobs: - name: Copy CI gradle.properties run: mkdir -p ~/.gradle ; cp .github/ci-gradle.properties ~/.gradle/gradle.properties - uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0 - uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1 with: distribution: 'temurin' java-version: '17' - name: Setup Gradle uses: gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4.3.0 uses: gradle/actions/setup-gradle@06832c7b30a0129d7fb559bcc6e43d26f6374244 # v4.3.1 - name: Quality - Spotless run: ./gradlew spotlessCheck Loading @@ -46,8 +46,5 @@ jobs: - name: Quality - Dependency Guard run: ./gradlew dependencyGuard - name: Build run: ./gradlew assembleDebug - name: Test run: ./gradlew testsOnCi - name: Build (run full build and tests) run: ./gradlew build .github/workflows/codeql.yml +5 −5 Original line number Diff line number Diff line Loading @@ -22,23 +22,23 @@ jobs: steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0 - uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1 with: distribution: 'temurin' java-version: '17' - name: Setup Gradle uses: gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4.3.0 uses: gradle/actions/setup-gradle@06832c7b30a0129d7fb559bcc6e43d26f6374244 # v4.3.1 with: cache-read-only: true - uses: github/codeql-action/init@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9 - uses: github/codeql-action/init@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 with: languages: java - name: Autobuild uses: github/codeql-action/autobuild@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9 uses: github/codeql-action/autobuild@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9 uses: github/codeql-action/analyze@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 .github/workflows/daily_builds.yml +1 −1 Original line number Diff line number Diff line Loading @@ -14,5 +14,5 @@ jobs: uses: ./.github/workflows/shippable_builds.yml secrets: inherit permissions: contents: write # For release bumps id-token: write # For GCS publishing (ftp.mo) contents: read .github/workflows/deploy-docs.yml +55 −35 Original line number Diff line number Diff line --- name: Deploy docs on: Loading @@ -9,58 +10,77 @@ on: workflow_dispatch: permissions: contents: read pages: write id-token: write concurrency: group: "pages" cancel-in-progress: false jobs: build-docs: if: ${{ github.repository_owner == 'thunderbird' }} runs-on: ubuntu-latest environment: botmobile steps: - name: App token generate uses: actions/create-github-app-token@3ff1caaa28b64c9cc276ce0a02e2ff584f3900c5 # v2.0.2 if: ${{ vars.BOT_CLIENT_ID }} id: app-token with: app-id: ${{ vars.BOT_CLIENT_ID }} private-key: ${{ secrets.BOT_PRIVATE_KEY }} - name: Checkout uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 with: path: | ~/.cargo/.crates.toml ~/.cargo/.crates2.toml ~/.cargo/bin/ ~/.cargo/registry/index/ ~/.cargo/registry/cache/ ~/.cargo/git/db/ key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} token: ${{ steps.app-token.outputs.token || github.token }} - name: Cargo cache uses: actions-rust-lang/setup-rust-toolchain@9d7e65c320fdb52dcd45ffaa68deb6c02c8754d9 # v1.12.0 - name: Install mdbook and extensions run: ./docs/install.sh - name: Setup Pages id: pages uses: actions/configure-pages@983d7736d9b0ae728b81ab479565c72886d7745b # v5.0.0 - name: Build docs run: mdbook build docs --dest-dir=book/docs/latest run: mdbook build docs --dest-dir=./../book/docs/latest - name: Test docs run: mdbook test docs - name: Upload artifact uses: actions/upload-pages-artifact@56afc609e74202658d3ffba0e8f6dda462b719fa # v3.0.1 with: path: ./book/docs - name: Clean docs run: | rm -rf book/docs/latest/assets/draw.io rm book/docs/latest/.gitignore rm book/docs/latest/install.sh deploy-docs: environment: name: pages url: ${{ steps.deployment.outputs.page_url }} runs-on: ubuntu-latest needs: build-docs steps: - name: Deploy to GitHub Pages id: deployment uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5 # Restore mermaid.min.js, it has already been copied over to book/docs/latest git restore . - name: Deploy docs to gh-pages env: APP_SLUG: ${{ steps.app-token.outputs.app-slug || 'github-actions'}} APP_USER_ID: ${{ vars.BOT_USER_ID || '41898282' }} run: | git config --global user.name "${APP_SLUG}" git config --global user.email "${APP_USER_ID}+${APP_SLUG}[bot]@users.noreply.github.com" # Fetch the gh-pages branch git fetch origin gh-pages || git checkout --orphan gh-pages git checkout gh-pages # Get the short commit hash COMMIT_HASH=$(git rev-parse --short "$GITHUB_SHA") # Keep necessary files and clean `docs/latest/` mkdir -p docs/latest # Ensure the folder exists find docs/latest -mindepth 1 -delete # Delete old files inside docs/latest # Copy new docs to gh-pages branch cp -r book/docs/latest/* docs/latest/ # Remove rm -rf book # Add, commit, and push changes git add . git commit -m "Deploy docs update from [${COMMIT_HASH}]" || echo "No changes to commit" git push --force-with-lease origin gh-pages .github/workflows/fluidscan.yml +2 −2 Original line number Diff line number Diff line Loading @@ -27,7 +27,7 @@ jobs: bash scripts/ci/run-fluidattacks-scanner.sh - name: "Upload scan results" uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: SARIF scan results path: fluidscan-results.sarif Loading @@ -35,6 +35,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" uses: github/codeql-action/upload-sarif@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9 uses: github/codeql-action/upload-sarif@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 with: sarif_file: fluidscan-results.sarif Loading
.github/workflows/android.yml +4 −7 Original line number Diff line number Diff line Loading @@ -26,13 +26,13 @@ jobs: - name: Copy CI gradle.properties run: mkdir -p ~/.gradle ; cp .github/ci-gradle.properties ~/.gradle/gradle.properties - uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0 - uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1 with: distribution: 'temurin' java-version: '17' - name: Setup Gradle uses: gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4.3.0 uses: gradle/actions/setup-gradle@06832c7b30a0129d7fb559bcc6e43d26f6374244 # v4.3.1 - name: Quality - Spotless run: ./gradlew spotlessCheck Loading @@ -46,8 +46,5 @@ jobs: - name: Quality - Dependency Guard run: ./gradlew dependencyGuard - name: Build run: ./gradlew assembleDebug - name: Test run: ./gradlew testsOnCi - name: Build (run full build and tests) run: ./gradlew build
.github/workflows/codeql.yml +5 −5 Original line number Diff line number Diff line Loading @@ -22,23 +22,23 @@ jobs: steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0 - uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1 with: distribution: 'temurin' java-version: '17' - name: Setup Gradle uses: gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4.3.0 uses: gradle/actions/setup-gradle@06832c7b30a0129d7fb559bcc6e43d26f6374244 # v4.3.1 with: cache-read-only: true - uses: github/codeql-action/init@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9 - uses: github/codeql-action/init@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 with: languages: java - name: Autobuild uses: github/codeql-action/autobuild@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9 uses: github/codeql-action/autobuild@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9 uses: github/codeql-action/analyze@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16
.github/workflows/daily_builds.yml +1 −1 Original line number Diff line number Diff line Loading @@ -14,5 +14,5 @@ jobs: uses: ./.github/workflows/shippable_builds.yml secrets: inherit permissions: contents: write # For release bumps id-token: write # For GCS publishing (ftp.mo) contents: read
.github/workflows/deploy-docs.yml +55 −35 Original line number Diff line number Diff line --- name: Deploy docs on: Loading @@ -9,58 +10,77 @@ on: workflow_dispatch: permissions: contents: read pages: write id-token: write concurrency: group: "pages" cancel-in-progress: false jobs: build-docs: if: ${{ github.repository_owner == 'thunderbird' }} runs-on: ubuntu-latest environment: botmobile steps: - name: App token generate uses: actions/create-github-app-token@3ff1caaa28b64c9cc276ce0a02e2ff584f3900c5 # v2.0.2 if: ${{ vars.BOT_CLIENT_ID }} id: app-token with: app-id: ${{ vars.BOT_CLIENT_ID }} private-key: ${{ secrets.BOT_PRIVATE_KEY }} - name: Checkout uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 with: path: | ~/.cargo/.crates.toml ~/.cargo/.crates2.toml ~/.cargo/bin/ ~/.cargo/registry/index/ ~/.cargo/registry/cache/ ~/.cargo/git/db/ key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} token: ${{ steps.app-token.outputs.token || github.token }} - name: Cargo cache uses: actions-rust-lang/setup-rust-toolchain@9d7e65c320fdb52dcd45ffaa68deb6c02c8754d9 # v1.12.0 - name: Install mdbook and extensions run: ./docs/install.sh - name: Setup Pages id: pages uses: actions/configure-pages@983d7736d9b0ae728b81ab479565c72886d7745b # v5.0.0 - name: Build docs run: mdbook build docs --dest-dir=book/docs/latest run: mdbook build docs --dest-dir=./../book/docs/latest - name: Test docs run: mdbook test docs - name: Upload artifact uses: actions/upload-pages-artifact@56afc609e74202658d3ffba0e8f6dda462b719fa # v3.0.1 with: path: ./book/docs - name: Clean docs run: | rm -rf book/docs/latest/assets/draw.io rm book/docs/latest/.gitignore rm book/docs/latest/install.sh deploy-docs: environment: name: pages url: ${{ steps.deployment.outputs.page_url }} runs-on: ubuntu-latest needs: build-docs steps: - name: Deploy to GitHub Pages id: deployment uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5 # Restore mermaid.min.js, it has already been copied over to book/docs/latest git restore . - name: Deploy docs to gh-pages env: APP_SLUG: ${{ steps.app-token.outputs.app-slug || 'github-actions'}} APP_USER_ID: ${{ vars.BOT_USER_ID || '41898282' }} run: | git config --global user.name "${APP_SLUG}" git config --global user.email "${APP_USER_ID}+${APP_SLUG}[bot]@users.noreply.github.com" # Fetch the gh-pages branch git fetch origin gh-pages || git checkout --orphan gh-pages git checkout gh-pages # Get the short commit hash COMMIT_HASH=$(git rev-parse --short "$GITHUB_SHA") # Keep necessary files and clean `docs/latest/` mkdir -p docs/latest # Ensure the folder exists find docs/latest -mindepth 1 -delete # Delete old files inside docs/latest # Copy new docs to gh-pages branch cp -r book/docs/latest/* docs/latest/ # Remove rm -rf book # Add, commit, and push changes git add . git commit -m "Deploy docs update from [${COMMIT_HASH}]" || echo "No changes to commit" git push --force-with-lease origin gh-pages
.github/workflows/fluidscan.yml +2 −2 Original line number Diff line number Diff line Loading @@ -27,7 +27,7 @@ jobs: bash scripts/ci/run-fluidattacks-scanner.sh - name: "Upload scan results" uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: SARIF scan results path: fluidscan-results.sarif Loading @@ -35,6 +35,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" uses: github/codeql-action/upload-sarif@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9 uses: github/codeql-action/upload-sarif@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 with: sarif_file: fluidscan-results.sarif
