1. Split the psql matrix jobs into composite actions. Matrix jobs that
can skip do not work with required checks on GitHub because skipped and
unskipped emit different job names (GitHub bug
https://github.com/orgs/community/discussions/9141).
2. Dedupe node and go setup steps into composite actions
Currently test-psql branch protection is disabled, will re-enable when
merging this.
---------
Signed-off-by: silverwind <me@silverwind.io>
Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com>
Co-authored-by: Nicolas <bircni@icloud.com>
Drop the broad `tools/*.{js,ts}` globs from the `frontend` filter so
edits to CI-only or backend helper scripts in `tools/` stop triggering
frontend and e2e jobs. Only `tools/generate-svg.ts` is kept.
Also renames `tools/lint-pr-title.js` to `.ts` for consistency, drops
the empty root `*.js` glob, fixes stray indentation in the `dockerfile`
filter and adds missing `setup-node`.
---
This PR was written with the help of Claude Opus 4.7
---------
Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com>
1. only trigger docker-dryrun arm64&riscv64 when dockerfile changes
2. de-duplicate "contents: read" permission for most workflows
3. merge various "lint-*" jobs into one job
4. add missing lint targets to the "lint" (all) target
Replaces Dependabot with Renovate. The new setup:
- One PR per ecosystem (GitHub Actions, Go modules + Makefile go-tool
pins, npm, Python via uv, Nix flake), opened weekly on Mondays with a
5-day release-age cooldown. Vulnerability PRs ship next-day via daily
cron + Renovate's `vulnerabilityAlerts` schedule bypass.
- All `uses:` action refs SHA-pinned with patch-level version comments
(same format as #36971, which this supersedes);
`helpers:pinGitHubActionDigests` keeps future bumps in that format.
- `renovatebot/github-action` runtime image pinned via the
upstream-recommended `RENOVATE_VERSION` env + magic comment +
`customManagers:githubActionsVersions` preset, so Renovate keeps the pin
updated.
- Custom regex manager tracks the `*_PACKAGE ?= <import-path>@<version>`
lines in `Makefile` (golangci-lint, swagger, actionlint, etc.) and
groups them into the same Go PR via `matchDatasources: ["go"]`.
- Post-upgrade tasks regenerate `assets/go-licenses.json` (`make tidy`)
and the SVG sprite (`make svg`), gated by an env-level command
allowlist.
- Replaces the standalone `cron-flake-updater` workflow — Renovate's nix
manager tracks `flake.nix` inputs and produces the same `flake.lock`
bump PRs on the regular weekly schedule.
- npm and gomod-replace pins live in `renovate.json5` only;
`updates@17.16.3` reads them from there too, so the standalone
`updates.config.ts` is gone and one source of truth covers both tools.
Fixes: https://github.com/go-gitea/gitea/issues/33386
Signed-off-by: silverwind <me@silverwind.io>
Signed-off-by: TheFox0x7 <thefox0x7@gmail.com>
Co-authored-by: Claude (Opus 4.6) <noreply@anthropic.com>
Co-authored-by: TheFox0x7 <thefox0x7@gmail.com>
Co-authored-by: Nicolas <bircni@icloud.com>
Co-authored-by: Giteabot <teabot@gitea.io>
1. stabilize flaky e2e test from
2f5b5a9e9c
2. increase ci timeout factor to 4 as 3 was not enough
3. add a `e2e` category to files-changed so e2e-test-only changes
trigger ci
---
This PR was written with the help of Claude Opus 4.7
---------
Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com>
Add
[`stylelint-value-no-unknown-custom-properties`](https://github.com/csstools/stylelint-value-no-unknown-custom-properties)
which lints for undefined CSS variables. No current violations.
To make it work properly with editor integrations, I had to convert the
config to JS to be able to pass absolute paths to the plugin, but this
is a needed change anyways.
Fixes https://github.com/go-gitea/gitea/issues/30082.
Adds a new linter that searches for non-existant SVG images in
templates. Output before the fix was:
```
$ make lint-templates
SVG "octicon-warning" not found, used in templates/devtest/flex-list.tmpl
SVG "octicon-warning" not found, used in templates/devtest/flex-list.tmpl
SVG "octicon-markup" not found, used in templates/repo/diff/comment_form.tmpl
make: *** [Makefile:438: lint-templates] Error 1
```
<img width="306" alt="Screenshot 2024-03-25 at 23 31 05"
src="https://github.com/go-gitea/gitea/assets/115237/1052d1a9-bfec-4d5a-9cae-f895f78f7c93">
The `docs` and `yaml` actions categories need to run when the
dependencies `markdownlin-cli` or `yamllint` change, so add those to the
list of dependencies for these actions.
Fixes: https://github.com/go-gitea/gitea/issues/27098
We were missing a number of config files like `.golangci.yml` in the
dependencies for the pull request pipelines, which resulted in the
linting not running for https://github.com/go-gitea/gitea/pull/26786
because only `.golangci.yml` had changed.
`docker-dryrun` runs on almost any PR, which is a huge waste of CI
resources. Run it only when the Dockerfiles change and also add a step
that verifies the rootless file.
---------
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
- Reduce `pyproject.toml` and `package.json` to the minimal required
format, removing unneeded properties. `build-system` is not needed as
per
[this](https://github.com/python-poetry/poetry/issues/8110#issuecomment-1595846841).
- Fix `poetry.toml` options they were wrong previously.
- Add dependencies of poetry files to templates `files-changed`.
---------
Co-authored-by: Giteabot <teabot@gitea.io>
So I found this [linter](https://github.com/Riverside-Healthcare/djlint)
which features a mode for go templates, so I gave it a try and it did
find a number of valid issue, like unbalanced tags etc. It also has a
number of bugs, I had to disable/workaround many issues.
Given that this linter is written in python, this does add a dependency
on `python` >= 3.8 and `poetry` to the development environment to be
able to run this linter locally.
- `e.g.` prefixes on placeholders are removed because the linter had a
false-positive on `placeholder="e.g. cn=Search"` for the `attr=value`
syntax and it's not ideal anyways to write `e.g.` into a placeholder
because a placeholder is meant to hold a sample value.
- In `templates/repo/settings/options.tmpl` I simplified the logic to
not conditionally create opening tags without closing tags because this
stuff confuses the linter (and possibly the reader as well).
- Merge the file filters into `files-changed.yml`
- Remove unused yaml anchors like `&backend`
- Merge the `compliance-docs` workflow into `compliance`
- Add actions linting
- Misc cleanups for whitespace and step names
Inspired by
https://github.com/go-gitea/gitea/pull/24530#issuecomment-1558815301
This PR use a file filter action to do different CI jobs according
changed files types. All types are defined in
`.github/file-filters.yml`. Now there are 4 types, `docs`, `backend`,
`frontend` and `build`. Then if a PR only changed docs files, those CI
jobs which passed the conditions will run, and other types are also like
this.
---------
Co-authored-by: silverwind <me@silverwind.io>
