mirror of
https://code.forgejo.org/actions/setup-forgejo.git
synced 2024-11-30 18:20:56 -05:00
123 lines
4.3 KiB
YAML
123 lines
4.3 KiB
YAML
on:
|
|
pull_request:
|
|
pull_request_target:
|
|
types:
|
|
- opened
|
|
- synchronize
|
|
|
|
jobs:
|
|
test:
|
|
runs-on: docker
|
|
container:
|
|
image: code.forgejo.org/oci/debian:bookworm
|
|
options: "--volume /srv/example-pull-request:/srv/example-pull-request"
|
|
|
|
steps:
|
|
- name: setup
|
|
shell: bash
|
|
run: |
|
|
set -x
|
|
test $GITHUB_TOKEN = ${{ env.GITHUB_TOKEN }}
|
|
test $GITHUB_TOKEN = ${{ github.token }}
|
|
export DEBIAN_FRONTEND=noninteractive ; apt-get -qq update ; apt-get install -y -qq curl git >& /dev/null
|
|
curl -sS -o /usr/local/bin/forgejo-curl.sh https://code.forgejo.org/forgejo/forgejo-curl/raw/branch/main/forgejo-curl.sh && chmod +x /usr/local/bin/forgejo-curl.sh
|
|
forgejo-curl.sh --token "$GITHUB_TOKEN" login $GITHUB_SERVER_URL
|
|
forgejo-curl.sh api_json $GITHUB_SERVER_URL/api/v1/user
|
|
|
|
- name: secrets
|
|
shell: bash
|
|
run: |
|
|
set -x
|
|
if test ${{ github.event.pull_request.base.repo.full_name }} = ${{ github.event.pull_request.head.repo.full_name }} ; then
|
|
forked=false
|
|
else
|
|
forked=true
|
|
fi
|
|
case $GITHUB_EVENT_NAME in
|
|
pull_request_target)
|
|
#
|
|
# all PRs: secrets
|
|
#
|
|
test "${{ secrets.SECRET }}"
|
|
;;
|
|
pull_request)
|
|
if $forked ; then
|
|
#
|
|
# PRs from forked repositories: no secrets
|
|
#
|
|
test -z "${{ secrets.SECRET }}"
|
|
else
|
|
#
|
|
# PRs from the same repository: secrets
|
|
#
|
|
test "${{ secrets.SECRET }}"
|
|
fi
|
|
;;
|
|
*)
|
|
echo unexpected event $GITHUB_EVENT_NAME
|
|
false
|
|
;;
|
|
esac
|
|
|
|
- name: PR TOKEN scopes
|
|
shell: bash
|
|
run: |
|
|
set -x
|
|
if test ${{ github.event.pull_request.base.repo.full_name }} = ${{ github.event.pull_request.head.repo.full_name }} ; then
|
|
forked=false
|
|
else
|
|
forked=true
|
|
fi
|
|
function assert_fail_if_forked() {
|
|
if "$@" ; then
|
|
! $forked
|
|
else
|
|
$forked
|
|
fi
|
|
}
|
|
#
|
|
# create an issue
|
|
#
|
|
base_repo=${{ github.event.pull_request.base.repo.full_name }}
|
|
forgejo-curl.sh api_json --data-raw '{"title":"ISSUE"}' $GITHUB_SERVER_URL/api/v1/repos/$base_repo/issues
|
|
url=$(echo $GITHUB_SERVER_URL | sed -e "s|://|://$GITHUB_TOKEN@|")
|
|
git clone $url/$base_repo base
|
|
branch=B$RANDOM
|
|
(
|
|
cd base
|
|
git checkout -b $branch
|
|
git config user.email root@example.com
|
|
git config user.name username
|
|
echo CHANGE >> README
|
|
git add .
|
|
git commit -m 'change'
|
|
case $GITHUB_EVENT_NAME in
|
|
pull_request_target|pull_request)
|
|
#
|
|
# repository write scope via http git passthrough
|
|
#
|
|
assert_fail_if_forked git push --force -u origin $branch
|
|
#
|
|
# repository write scope via the API
|
|
#
|
|
assert_fail_if_forked forgejo-curl.sh api_json --data-raw '{"title":"PR","base":"main","head":"'$branch'"}' $GITHUB_SERVER_URL/api/v1/repos/$base_repo/pulls
|
|
assert_fail_if_forked forgejo-curl.sh api_json --data-raw '{"color":"#ffffff","name":"labelname"}' $GITHUB_SERVER_URL/api/v1/repos/$base_repo/labels
|
|
#
|
|
# See https://codeberg.org/forgejo/forgejo/issues/1525
|
|
#
|
|
! forgejo-curl.sh api_json --data-raw '{"new_branch_name":"B'$RANDOM'"}' $GITHUB_SERVER_URL/api/v1/repos/$base_repo/branches
|
|
;;
|
|
*)
|
|
echo unexpected event $GITHUB_EVENT_NAME
|
|
false
|
|
;;
|
|
esac
|
|
)
|
|
|
|
- name: save event
|
|
run: |
|
|
d=/srv/example-pull-request/${{ github.event.pull_request.head.repo.owner.username }}/$GITHUB_EVENT_NAME/${{ github.event.action }}
|
|
mkdir -p $d
|
|
cat > $d/event <<EOF
|
|
${{ toJSON(github.event) }}
|
|
EOF
|