From 155fab03c1dad3d49d62b9a27e98d3c41793e8f0 Mon Sep 17 00:00:00 2001 From: Vitor Mattos Date: Wed, 9 Oct 2024 15:45:30 -0300 Subject: [PATCH] chore: Configure actions Signed-off-by: Vitor Mattos --- .github/CODEOWNERS | 1 + .github/FUNDING.yml | 4 + .github/changelog-ci-config.yml | 4 + .github/config.yml | 5 + .github/dependabot.yml | 16 +++ .../block-unconventional-commits.yml | 34 +++++ .../workflows/dependabot-approve-merge.yml | 43 +++++++ .github/workflows/lint-eslint.yml | 98 +++++++++++++++ .github/workflows/lint-info-xml.yml | 36 ++++++ .github/workflows/lint-php-cs.yml | 48 +++++++ .github/workflows/lint-php.yml | 70 +++++++++++ .github/workflows/node.yml | 105 ++++++++++++++++ .github/workflows/npm-audit-fix.yml | 75 +++++++++++ .github/workflows/psalm.yml | 47 +++++++ .../update-nextcloud-ocp-approve-merge.yml | 58 +++++++++ .github/workflows/update-nextcloud-ocp.yml | 119 ++++++++++++++++++ .github/workflows/update-psalm-baseline.yml | 64 ++++++++++ lib/Controller/AdminGroupController.php | 1 - 18 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 .github/CODEOWNERS create mode 100644 .github/FUNDING.yml create mode 100644 .github/changelog-ci-config.yml create mode 100644 .github/config.yml create mode 100644 .github/dependabot.yml create mode 100644 .github/workflows/block-unconventional-commits.yml create mode 100644 .github/workflows/dependabot-approve-merge.yml create mode 100644 .github/workflows/lint-eslint.yml create mode 100644 .github/workflows/lint-info-xml.yml create mode 100644 .github/workflows/lint-php-cs.yml create mode 100644 .github/workflows/lint-php.yml create mode 100644 .github/workflows/node.yml create mode 100644 .github/workflows/npm-audit-fix.yml create mode 100644 .github/workflows/psalm.yml create mode 100644 .github/workflows/update-nextcloud-ocp-approve-merge.yml create mode 100644 .github/workflows/update-nextcloud-ocp.yml create mode 100644 .github/workflows/update-psalm-baseline.yml diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 0000000..bc4f4bc --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1 @@ +/appinfo/info.xml @vitormattos diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml new file mode 100644 index 0000000..2249daf --- /dev/null +++ b/.github/FUNDING.yml @@ -0,0 +1,4 @@ +# SPDX-FileCopyrightText: 2020-2024 LibreCode coop and contributors +# SPDX-License-Identifier: AGPL-3.0-or-later + +github: libresign diff --git a/.github/changelog-ci-config.yml b/.github/changelog-ci-config.yml new file mode 100644 index 0000000..15c47bd --- /dev/null +++ b/.github/changelog-ci-config.yml @@ -0,0 +1,4 @@ +# SPDX-FileCopyrightText: 2024 LibreCode coop and contributors +# SPDX-License-Identifier: AGPL-3.0-or-later + +pull_request_title_regex: '*' diff --git a/.github/config.yml b/.github/config.yml new file mode 100644 index 0000000..18aaae5 --- /dev/null +++ b/.github/config.yml @@ -0,0 +1,5 @@ +# SPDX-FileCopyrightText: 2024 LibreCode coop and contributors +# SPDX-License-Identifier: AGPL-3.0-or-later + +# Comment to be posted to on PRs from first time contributors in your repository +newPRWelcomeComment: "Thanks for opening your first pull request in this repository! :v:" diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..0cb4145 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,16 @@ +# SPDX-FileCopyrightText: 2024 LibreCode coop and contributors +# SPDX-License-Identifier: AGPL-3.0-or-later + +version: 2 +updates: + # Maintain dependencies for Composer + - package-ecosystem: "composer" # See documentation for possible values + directory: "/" # Location of package manifests + schedule: + interval: "daily" + + # Maintain dependencies for npm + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "daily" diff --git a/.github/workflows/block-unconventional-commits.yml b/.github/workflows/block-unconventional-commits.yml new file mode 100644 index 0000000..978d490 --- /dev/null +++ b/.github/workflows/block-unconventional-commits.yml @@ -0,0 +1,34 @@ +# This workflow is provided via the organization template repository +# +# https://github.com/nextcloud/.github +# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization +# +# SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: MIT + +name: Block unconventional commits + +on: + pull_request: + types: [opened, ready_for_review, reopened, synchronize] + +permissions: + contents: read + +concurrency: + group: block-unconventional-commits-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + block-unconventional-commits: + name: Block unconventional commits + + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + + - uses: webiny/action-conventional-commits@8bc41ff4e7d423d56fa4905f6ff79209a78776c7 # v1.3.0 + with: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/dependabot-approve-merge.yml b/.github/workflows/dependabot-approve-merge.yml new file mode 100644 index 0000000..cc6e005 --- /dev/null +++ b/.github/workflows/dependabot-approve-merge.yml @@ -0,0 +1,43 @@ +# This workflow is provided via the organization template repository +# +# https://github.com/nextcloud/.github +# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization +# +# SPDX-FileCopyrightText: 2021-2024 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: MIT + +name: Dependabot + +on: + pull_request_target: + branches: + - main + - master + - stable* + +permissions: + contents: read + +concurrency: + group: dependabot-approve-merge-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + auto-approve-merge: + if: github.actor == 'dependabot[bot]' || github.actor == 'renovate[bot]' + runs-on: ubuntu-latest + permissions: + # for hmarr/auto-approve-action to approve PRs + pull-requests: write + + steps: + # GitHub actions bot approve + - uses: hmarr/auto-approve-action@b40d6c9ed2fa10c9a2749eca7eb004418a705501 # v2 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + + # Nextcloud bot approve and merge request + - uses: ahmadnassri/action-dependabot-auto-merge@45fc124d949b19b6b8bf6645b6c9d55f4f9ac61a # v2 + with: + target: minor + github-token: ${{ secrets.DEPENDABOT_AUTOMERGE_TOKEN }} diff --git a/.github/workflows/lint-eslint.yml b/.github/workflows/lint-eslint.yml new file mode 100644 index 0000000..3d9ac7b --- /dev/null +++ b/.github/workflows/lint-eslint.yml @@ -0,0 +1,98 @@ +# This workflow is provided via the organization template repository +# +# https://github.com/nextcloud/.github +# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization +# +# SPDX-FileCopyrightText: 2021-2024 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: MIT + +name: Lint eslint + +on: pull_request + +permissions: + contents: read + +concurrency: + group: lint-eslint-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + changes: + runs-on: ubuntu-latest + permissions: + contents: read + pull-requests: read + + outputs: + src: ${{ steps.changes.outputs.src}} + + steps: + - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 + id: changes + continue-on-error: true + with: + filters: | + src: + - '.github/workflows/**' + - 'src/**' + - 'appinfo/info.xml' + - 'package.json' + - 'package-lock.json' + - 'tsconfig.json' + - '.eslintrc.*' + - '.eslintignore' + - '**.js' + - '**.ts' + - '**.vue' + + lint: + runs-on: ubuntu-latest + + needs: changes + if: needs.changes.outputs.src != 'false' + + name: NPM lint + + steps: + - name: Checkout + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + + - name: Read package.json node and npm engines version + uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3 + id: versions + with: + fallbackNode: '^20' + fallbackNpm: '^10' + + - name: Set up node ${{ steps.versions.outputs.nodeVersion }} + uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 + with: + node-version: ${{ steps.versions.outputs.nodeVersion }} + + - name: Set up npm ${{ steps.versions.outputs.npmVersion }} + run: npm i -g 'npm@${{ steps.versions.outputs.npmVersion }}' + + - name: Install dependencies + env: + CYPRESS_INSTALL_BINARY: 0 + PUPPETEER_SKIP_DOWNLOAD: true + run: npm ci + + - name: Lint + run: npm run lint + + summary: + permissions: + contents: none + runs-on: ubuntu-latest + needs: [changes, lint] + + if: always() + + # This is the summary, we just avoid to rename it so that branch protection rules still match + name: eslint + + steps: + - name: Summary status + run: if ${{ needs.changes.outputs.src != 'false' && needs.lint.result != 'success' }}; then exit 1; fi diff --git a/.github/workflows/lint-info-xml.yml b/.github/workflows/lint-info-xml.yml new file mode 100644 index 0000000..a55ca30 --- /dev/null +++ b/.github/workflows/lint-info-xml.yml @@ -0,0 +1,36 @@ +# This workflow is provided via the organization template repository +# +# https://github.com/nextcloud/.github +# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization +# +# SPDX-FileCopyrightText: 2021-2024 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: MIT + +name: Lint info.xml + +on: pull_request + +permissions: + contents: read + +concurrency: + group: lint-info-xml-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + xml-linters: + runs-on: ubuntu-latest + + name: info.xml lint + steps: + - name: Checkout + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + + - name: Download schema + run: wget https://raw.githubusercontent.com/nextcloud/appstore/master/nextcloudappstore/api/v1/release/info.xsd + + - name: Lint info.xml + uses: ChristophWurst/xmllint-action@36f2a302f84f8c83fceea0b9c59e1eb4a616d3c1 # v1.2 + with: + xml-file: ./appinfo/info.xml + xml-schema-file: ./info.xsd diff --git a/.github/workflows/lint-php-cs.yml b/.github/workflows/lint-php-cs.yml new file mode 100644 index 0000000..5108348 --- /dev/null +++ b/.github/workflows/lint-php-cs.yml @@ -0,0 +1,48 @@ +# This workflow is provided via the organization template repository +# +# https://github.com/nextcloud/.github +# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization +# +# SPDX-FileCopyrightText: 2021-2024 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: MIT + +name: Lint php-cs + +on: pull_request + +permissions: + contents: read + +concurrency: + group: lint-php-cs-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + lint: + runs-on: ubuntu-latest + + name: php-cs + + steps: + - name: Checkout + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + + - name: Get php version + id: versions + uses: icewind1991/nextcloud-version-matrix@58becf3b4bb6dc6cef677b15e2fd8e7d48c0908f # v1.3.1 + + - name: Set up php${{ steps.versions.outputs.php-available }} + uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # v2.31.1 + with: + php-version: ${{ steps.versions.outputs.php-available }} + extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite + coverage: none + ini-file: development + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Install dependencies + run: composer i + + - name: Lint + run: composer run cs:check || ( echo 'Please run `composer run cs:fix` to format your code' && exit 1 ) diff --git a/.github/workflows/lint-php.yml b/.github/workflows/lint-php.yml new file mode 100644 index 0000000..4e482e1 --- /dev/null +++ b/.github/workflows/lint-php.yml @@ -0,0 +1,70 @@ +# This workflow is provided via the organization template repository +# +# https://github.com/nextcloud/.github +# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization +# +# SPDX-FileCopyrightText: 2021-2024 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: MIT + +name: Lint php + +on: pull_request + +permissions: + contents: read + +concurrency: + group: lint-php-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + matrix: + runs-on: ubuntu-latest + outputs: + php-versions: ${{ steps.versions.outputs.php-versions }} + steps: + - name: Checkout app + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - name: Get version matrix + id: versions + uses: icewind1991/nextcloud-version-matrix@58becf3b4bb6dc6cef677b15e2fd8e7d48c0908f # v1.0.0 + + php-lint: + runs-on: ubuntu-latest + needs: matrix + strategy: + matrix: + php-versions: ${{fromJson(needs.matrix.outputs.php-versions)}} + + name: php-lint + + steps: + - name: Checkout + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + + - name: Set up php ${{ matrix.php-versions }} + uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # v2.31.1 + with: + php-version: ${{ matrix.php-versions }} + extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite + coverage: none + ini-file: development + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Lint + run: composer run lint + + summary: + permissions: + contents: none + runs-on: ubuntu-latest + needs: php-lint + + if: always() + + name: php-lint-summary + + steps: + - name: Summary status + run: if ${{ needs.php-lint.result != 'success' && needs.php-lint.result != 'skipped' }}; then exit 1; fi diff --git a/.github/workflows/node.yml b/.github/workflows/node.yml new file mode 100644 index 0000000..88947de --- /dev/null +++ b/.github/workflows/node.yml @@ -0,0 +1,105 @@ +# This workflow is provided via the organization template repository +# +# https://github.com/nextcloud/.github +# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization +# +# SPDX-FileCopyrightText: 2021-2024 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: MIT + +name: Node + +on: pull_request + +permissions: + contents: read + +concurrency: + group: node-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + changes: + runs-on: ubuntu-latest + permissions: + contents: read + pull-requests: read + + outputs: + src: ${{ steps.changes.outputs.src}} + + steps: + - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 + id: changes + continue-on-error: true + with: + filters: | + src: + - '.github/workflows/**' + - 'src/**' + - 'appinfo/info.xml' + - 'package.json' + - 'package-lock.json' + - 'tsconfig.json' + - '**.js' + - '**.ts' + - '**.vue' + + build: + runs-on: ubuntu-latest + + needs: changes + if: needs.changes.outputs.src != 'false' + + name: NPM build + steps: + - name: Checkout + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + + - name: Read package.json node and npm engines version + uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3 + id: versions + with: + fallbackNode: '^20' + fallbackNpm: '^10' + + - name: Set up node ${{ steps.versions.outputs.nodeVersion }} + uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 + with: + node-version: ${{ steps.versions.outputs.nodeVersion }} + + - name: Set up npm ${{ steps.versions.outputs.npmVersion }} + run: npm i -g 'npm@${{ steps.versions.outputs.npmVersion }}' + + - name: Install dependencies & build + env: + CYPRESS_INSTALL_BINARY: 0 + PUPPETEER_SKIP_DOWNLOAD: true + run: | + npm ci + npm run build --if-present + + - name: Check webpack build changes + run: | + bash -c "[[ ! \"`git status --porcelain `\" ]] || (echo 'Please recompile and commit the assets, see the section \"Show changes on failure\" for details' && exit 1)" + + - name: Show changes on failure + if: failure() + run: | + git status + git --no-pager diff + exit 1 # make it red to grab attention + + summary: + permissions: + contents: none + runs-on: ubuntu-latest + needs: [changes, build] + + if: always() + + # This is the summary, we just avoid to rename it so that branch protection rules still match + name: node + + steps: + - name: Summary status + run: if ${{ needs.changes.outputs.src != 'false' && needs.build.result != 'success' }}; then exit 1; fi diff --git a/.github/workflows/npm-audit-fix.yml b/.github/workflows/npm-audit-fix.yml new file mode 100644 index 0000000..5ccc57d --- /dev/null +++ b/.github/workflows/npm-audit-fix.yml @@ -0,0 +1,75 @@ +# This workflow is provided via the organization template repository +# +# https://github.com/nextcloud/.github +# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization +# +# SPDX-FileCopyrightText: 2023-2024 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: MIT + +name: Npm audit fix and compile + +on: + workflow_dispatch: + schedule: + # At 2:30 on Sundays + - cron: '30 2 * * 0' + +jobs: + build: + runs-on: ubuntu-latest + + strategy: + fail-fast: false + matrix: + branches: ['main', 'master', 'stable30', 'stable29', 'stable28'] + + name: npm-audit-fix-${{ matrix.branches }} + + steps: + - name: Checkout + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + with: + ref: ${{ matrix.branches }} + + - name: Read package.json node and npm engines version + uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3 + id: versions + with: + fallbackNode: '^20' + fallbackNpm: '^10' + + - name: Set up node ${{ steps.versions.outputs.nodeVersion }} + uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 + with: + node-version: ${{ steps.versions.outputs.nodeVersion }} + + - name: Set up npm ${{ steps.versions.outputs.npmVersion }} + run: npm i -g 'npm@${{ steps.versions.outputs.npmVersion }}' + + - name: Fix npm audit + id: npm-audit + uses: nextcloud-libraries/npm-audit-action@2a60bd2e79cc77f2cc4d9a3fe40f1a69896f3a87 # v0.1.0 + + - name: Run npm ci and npm run build + if: always() + env: + CYPRESS_INSTALL_BINARY: 0 + run: | + npm ci + npm run build --if-present + + - name: Create Pull Request + if: always() + uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0 + with: + token: ${{ secrets.COMMAND_BOT_PAT }} + commit-message: 'fix(deps): Fix npm audit' + committer: GitHub + author: nextcloud-command + signoff: true + branch: automated/noid/${{ matrix.branches }}-fix-npm-audit + title: '[${{ matrix.branches }}] Fix npm audit' + body: ${{ steps.npm-audit.outputs.markdown }} + labels: | + dependencies + 3. to review diff --git a/.github/workflows/psalm.yml b/.github/workflows/psalm.yml new file mode 100644 index 0000000..c7c9fe3 --- /dev/null +++ b/.github/workflows/psalm.yml @@ -0,0 +1,47 @@ +# This workflow is provided via the organization template repository +# +# https://github.com/nextcloud/.github +# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization +# +# SPDX-FileCopyrightText: 2022-2024 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: MIT + +name: Static analysis + +on: pull_request + +concurrency: + group: psalm-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + static-analysis: + runs-on: ubuntu-latest + + name: static-psalm-analysis + steps: + - name: Checkout + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + + - name: Get php version + id: versions + uses: icewind1991/nextcloud-version-matrix@58becf3b4bb6dc6cef677b15e2fd8e7d48c0908f # v1.3.1 + + - name: Set up php${{ steps.versions.outputs.php-available }} + uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # v2.31.1 + with: + php-version: ${{ steps.versions.outputs.php-available }} + extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite + coverage: none + ini-file: development + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Install dependencies + run: composer i + + - name: Install nextcloud/ocp + run: composer require --dev nextcloud/ocp:dev-${{ steps.versions.outputs.branches-max }} --ignore-platform-reqs --with-dependencies + + - name: Run coding standards check + run: composer run psalm diff --git a/.github/workflows/update-nextcloud-ocp-approve-merge.yml b/.github/workflows/update-nextcloud-ocp-approve-merge.yml new file mode 100644 index 0000000..e750dc7 --- /dev/null +++ b/.github/workflows/update-nextcloud-ocp-approve-merge.yml @@ -0,0 +1,58 @@ +# This workflow is provided via the organization template repository +# +# https://github.com/nextcloud/.github +# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization +# +# SPDX-FileCopyrightText: 2023-2024 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: MIT + +name: Auto approve nextcloud/ocp + +on: + pull_request_target: + branches: + - main + - master + - stable* + +permissions: + contents: read + +concurrency: + group: update-nextcloud-ocp-approve-merge-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + auto-approve-merge: + if: github.actor == 'nextcloud-command' + runs-on: ubuntu-latest + permissions: + # for hmarr/auto-approve-action to approve PRs + pull-requests: write + # for alexwilson/enable-github-automerge-action to approve PRs + contents: write + + steps: + - name: Disabled on forks + if: ${{ github.event.pull_request.head.repo.full_name != github.repository }} + run: | + echo 'Can not approve PRs from forks' + exit 1 + + - uses: mdecoleman/pr-branch-name@bab4c71506bcd299fb350af63bb8e53f2940a599 # v2.0.0 + id: branchname + with: + repo-token: ${{ secrets.GITHUB_TOKEN }} + + # GitHub actions bot approve + - uses: hmarr/auto-approve-action@b40d6c9ed2fa10c9a2749eca7eb004418a705501 # v2 + if: startsWith(steps.branchname.outputs.branch, 'automated/noid/') && endsWith(steps.branchname.outputs.branch, 'update-nextcloud-ocp') + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + + # Enable GitHub auto merge + - name: Auto merge + uses: alexwilson/enable-github-automerge-action@56e3117d1ae1540309dc8f7a9f2825bc3c5f06ff # main + if: startsWith(steps.branchname.outputs.branch, 'automated/noid/') && endsWith(steps.branchname.outputs.branch, 'update-nextcloud-ocp') + with: + github-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/update-nextcloud-ocp.yml b/.github/workflows/update-nextcloud-ocp.yml new file mode 100644 index 0000000..bbeec0c --- /dev/null +++ b/.github/workflows/update-nextcloud-ocp.yml @@ -0,0 +1,119 @@ +# This workflow is provided via the organization template repository +# +# https://github.com/nextcloud/.github +# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization +# +# SPDX-FileCopyrightText: 2022-2024 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: MIT + +name: Update nextcloud/ocp + +on: + workflow_dispatch: + schedule: + - cron: "5 2 * * 0" + +jobs: + update-nextcloud-ocp: + runs-on: ubuntu-latest + + strategy: + fail-fast: false + matrix: + branches: ['main', 'master', 'stable30', 'stable29', 'stable28'] + + name: update-nextcloud-ocp-${{ matrix.branches }} + + steps: + - id: checkout + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + with: + ref: ${{ matrix.branches }} + submodules: true + continue-on-error: true + + - name: Set up php8.2 + if: steps.checkout.outcome == 'success' + uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # v2.31.1 + with: + php-version: 8.2 + # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation + extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite + coverage: none + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Read codeowners + if: steps.checkout.outcome == 'success' + id: codeowners + run: | + grep '/appinfo/info.xml' .github/CODEOWNERS | cut -f 2- -d ' ' | xargs | awk '{ print "codeowners="$0 }' >> $GITHUB_OUTPUT + continue-on-error: true + + - name: Composer install + if: steps.checkout.outcome == 'success' + run: composer install + + - name: Composer update nextcloud/ocp + id: update_branch + if: ${{ steps.checkout.outcome == 'success' && matrix.branches != 'main' }} + run: composer require --dev 'nextcloud/ocp:dev-${{ matrix.branches }}' + + - name: Raise on issue on failure + uses: dacbd/create-issue-action@cdb57ab6ff8862aa09fee2be6ba77a59581921c2 # v2.0.0 + if: ${{ steps.checkout.outcome == 'success' && failure() && steps.update_branch.conclusion == 'failure' }} + with: + token: ${{ secrets.GITHUB_TOKEN }} + title: 'Failed to update nextcloud/ocp package on branch ${{ matrix.branches }}' + body: 'Please check the output of the GitHub action and manually resolve the issues
${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
${{ steps.codeowners.outputs.codeowners }}' + + - name: Composer update nextcloud/ocp + id: update_main + if: ${{ steps.checkout.outcome == 'success' && matrix.branches == 'main' }} + run: composer require --dev nextcloud/ocp:dev-master + + - name: Raise on issue on failure + uses: dacbd/create-issue-action@cdb57ab6ff8862aa09fee2be6ba77a59581921c2 # v2.0.0 + if: ${{ steps.checkout.outcome == 'success' && failure() && steps.update_main.conclusion == 'failure' }} + with: + token: ${{ secrets.GITHUB_TOKEN }} + title: 'Failed to update nextcloud/ocp package on branch ${{ matrix.branches }}' + body: 'Please check the output of the GitHub action and manually resolve the issues
${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
${{ steps.codeowners.outputs.codeowners }}' + + - name: Reset checkout 3rdparty + if: steps.checkout.outcome == 'success' + run: | + git clean -f 3rdparty + git checkout 3rdparty + continue-on-error: true + + - name: Reset checkout vendor + if: steps.checkout.outcome == 'success' + run: | + git clean -f vendor + git checkout vendor + continue-on-error: true + + - name: Reset checkout vendor-bin + if: steps.checkout.outcome == 'success' + run: | + git clean -f vendor-bin + git checkout vendor-bin + continue-on-error: true + + - name: Create Pull Request + if: steps.checkout.outcome == 'success' + uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0 + with: + token: ${{ secrets.COMMAND_BOT_PAT }} + commit-message: 'chore(dev-deps): Bump nextcloud/ocp package' + committer: GitHub + author: nextcloud-command + signoff: true + branch: 'automated/noid/${{ matrix.branches }}-update-nextcloud-ocp' + title: '[${{ matrix.branches }}] Update nextcloud/ocp dependency' + body: | + Auto-generated update of [nextcloud/ocp](https://github.com/nextcloud-deps/ocp/) dependency + labels: | + dependencies + 3. to review diff --git a/.github/workflows/update-psalm-baseline.yml b/.github/workflows/update-psalm-baseline.yml new file mode 100644 index 0000000..5b95f37 --- /dev/null +++ b/.github/workflows/update-psalm-baseline.yml @@ -0,0 +1,64 @@ +name: Update Psalm baseline + +on: + workflow_dispatch: + schedule: + - cron: "5 2 * * *" + +jobs: + update-psalm-baseline: + runs-on: ubuntu-latest + + if: ${{ github.repository_owner != 'nextcloud-gmbh' }} + + strategy: + fail-fast: false + matrix: + branches: ["main", "stable30", "stable29", "stable28"] + + name: update-psalm-baseline-${{ matrix.branches }} + + steps: + - name: Checkout + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + ref: ${{ matrix.branches }} + submodules: true + + - name: Get php version + id: versions + uses: icewind1991/nextcloud-version-matrix@58becf3b4bb6dc6cef677b15e2fd8e7d48c0908f # v1.3.1 + + - name: Set up php${{ steps.versions.outputs.php-available }} + uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # v2.31.1 + with: + php-version: ${{ steps.versions.outputs.php-available }} + extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite + coverage: none + ini-file: development + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Install dependencies + run: composer i + + - name: Psalm + run: composer run psalm:update-baseline -- --monochrome --no-progress --output-format=text + continue-on-error: true + + - name: Create Pull Request + uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0 + with: + token: ${{ secrets.COMMAND_BOT_PAT }} + commit-message: Update psalm baseline + committer: GitHub + author: nextcloud-command + signoff: true + branch: automated/noid/${{ matrix.branches }}-update-psalm-baseline + title: "[${{ matrix.branches }}] Update psalm-baseline.xml" + body: | + Auto-generated update psalm-baseline.xml with fixed psalm warnings + labels: | + automated pr + 3. to review + team-reviewers: server-backend diff --git a/lib/Controller/AdminGroupController.php b/lib/Controller/AdminGroupController.php index b3c659b..032e373 100644 --- a/lib/Controller/AdminGroupController.php +++ b/lib/Controller/AdminGroupController.php @@ -9,7 +9,6 @@ namespace OCA\AdminGroupManager\Controller; use OCA\AdminGroupManager\Controller\Attribute\RestrictIp; -use OCA\Provisioning_API\Controller\AUserData; use OCA\Settings\Settings\Admin\Users; use OCP\App\IAppManager; use OCP\AppFramework\Http;