b526677126
[EXPAND] [[messages]] messageTitle = "QB Update for GT 2.8 (#681)" messageBody = """ [QB] [DETAILS] details = ["Fixes many Quest Book issues", "Updates QB with changes in GT 2.8"] [DETAILS] """ [[messages]] messageTitle = "Buildscript Refactor (#681)" messageBody = """ [INTERNAL] [DETAILS] details = ["**Important: Buildscript has changed from `npx gulp...` or `gulp...` to `npm run gulp...`**!", "Moves to Node 16 Package Management + Typescript Strict Mode", "New Port QB, Check QB and Fix QB Tasks"] [DETAILS] """ [EXPAND] Co-authored-by: Integer Limit <103940576+IntegerLimit@users.noreply.github.com> Co-authored-by: Ghzdude <44148655+ghzdude@users.noreply.github.com> Co-authored-by: SparkedTheorem <162088357+SparkedTheorem@users.noreply.github.com>
201 lines
6.5 KiB
YAML
201 lines
6.5 KiB
YAML
# This workflow file tests PRs made from forks. Disable this if it is considered too much of a security risk (although many efforts have been taken to reduce risk)
|
|
# If workflow enabled, make sure to set the environment used to need a specific team (admin-devs), and default GITHUB_TOKEN perms to read!
|
|
# See https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ for more information!
|
|
|
|
# Actions taken to reduce risk:
|
|
# This workflow is only started when the workflow run is approved (GitHub Settings), and when the deployment to `forkprbuildpack` is approved (by admin-devs)
|
|
# Only the CFCORE_API_TOKEN secret is accessed, meaning it is the only one revealed, meaning that the other secrets cannot be used by nodejs tools
|
|
# GITHUB_TOKEN permissions are set to read
|
|
|
|
name: "[NOT CALLABLE] Fork PR Build Pack"
|
|
|
|
on:
|
|
pull_request_target:
|
|
paths-ignore:
|
|
- "README.md"
|
|
|
|
# if a second commit is pushed quickly after the first, cancel the first one's build
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.head_ref }}
|
|
cancel-in-progress: true
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
setup:
|
|
# Only continue if we are in base Nomi-CEu Repo and pull request is from fork
|
|
if: "${{ github.repository_owner == 'Nomi-CEu' && github.event.pull_request.head.repo.owner.login != 'Nomi-CEu' }}"
|
|
name: Setup (${{ github.event.pull_request.head.sha }})
|
|
runs-on: ubuntu-latest
|
|
environment: fork-pr-build-pack
|
|
env:
|
|
GITHUB_HEAD_REF: ${{ github.head_ref }}
|
|
TRUE_SHA: ${{ github.event.pull_request.head.sha }}
|
|
outputs:
|
|
client: ${{ steps.artifactNames.outputs.client }}
|
|
server: ${{ steps.artifactNames.outputs.server }}
|
|
lang: ${{ steps.artifactNames.outputs.lang }}
|
|
mmc: ${{ steps.artifactNames.outputs.mmc }}
|
|
steps:
|
|
- name: Checkout Ref
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
ref: ${{ github.event.pull_request.head.sha }}
|
|
persist-credentials: false
|
|
|
|
# Don't use cache to prevent cache poisoning
|
|
|
|
- name: Setup NodeJS v20
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: 20
|
|
check-latest: true
|
|
|
|
- name: Setup NPM Packages
|
|
working-directory: ./tools
|
|
run: npm ci
|
|
|
|
- name: Make Artifact Names
|
|
id: artifactNames
|
|
working-directory: ./tools
|
|
run: npm run gulp makeArtifactNames
|
|
|
|
buildClient:
|
|
# Only continue if we are in base Nomi-CEu Repo and pull request is from fork
|
|
if: "${{ github.repository_owner == 'Nomi-CEu' && github.event.pull_request.head.repo.owner.login != 'Nomi-CEu' }}"
|
|
name: Build Fork PR Client (${{ github.event.pull_request.head.sha }})
|
|
runs-on: ubuntu-latest
|
|
needs: setup
|
|
env:
|
|
GITHUB_HEAD_REF: ${{ github.head_ref }}
|
|
TRUE_SHA: ${{ github.event.pull_request.head.sha }}
|
|
steps:
|
|
- name: Checkout Ref
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
ref: ${{ github.event.pull_request.head.sha }}
|
|
persist-credentials: false
|
|
|
|
# Don't use cache to prevent cache poisoning
|
|
|
|
- name: Setup NodeJS v20
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: 20
|
|
check-latest: true
|
|
|
|
- name: Setup NPM Packages
|
|
working-directory: ./tools
|
|
run: npm ci
|
|
|
|
- name: Build Client
|
|
working-directory: ./tools
|
|
run: npm run gulp buildClient
|
|
env:
|
|
CFCORE_API_TOKEN: ${{ secrets.CFCORE_API_TOKEN }}
|
|
|
|
- name: Upload Client Zip
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: ${{ needs.setup.outputs.client }}
|
|
path: ./build/client/**/*
|
|
if-no-files-found: error
|
|
compression-level: 9
|
|
|
|
buildServer:
|
|
# Only continue if we are in base Nomi-CEu Repo and pull request is from fork
|
|
if: "${{ github.repository_owner == 'Nomi-CEu' && github.event.pull_request.head.repo.owner.login != 'Nomi-CEu' }}"
|
|
name: Build Fork PR Server (${{ github.event.pull_request.head.sha }})
|
|
runs-on: ubuntu-latest
|
|
needs: setup
|
|
env:
|
|
GITHUB_HEAD_REF: ${{ github.head_ref }}
|
|
TRUE_SHA: ${{ github.event.pull_request.head.sha }}
|
|
steps:
|
|
- name: Checkout Ref
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
ref: ${{ github.event.pull_request.head.sha }}
|
|
persist-credentials: false
|
|
|
|
# Don't use cache to prevent cache poisoning
|
|
|
|
- name: Setup NodeJS v20
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: 20
|
|
check-latest: true
|
|
|
|
- name: Setup NPM Packages
|
|
working-directory: ./tools
|
|
run: npm ci
|
|
|
|
- name: Build Server
|
|
working-directory: ./tools
|
|
run: npm run gulp buildServer
|
|
env:
|
|
CFCORE_API_TOKEN: ${{ secrets.CFCORE_API_TOKEN }}
|
|
|
|
- name: Upload Server Zip
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: ${{ needs.setup.outputs.server }}
|
|
path: ./build/server/**/*
|
|
if-no-files-found: error
|
|
compression-level: 9
|
|
|
|
buildLang:
|
|
# Only continue if we are in base Nomi-CEu Repo and pull request is from fork
|
|
if: "${{ github.repository_owner == 'Nomi-CEu' && github.event.pull_request.head.repo.owner.login != 'Nomi-CEu' }}"
|
|
name: Build Fork PR Lang and Changelogs (${{ github.event.pull_request.head.sha }})
|
|
runs-on: ubuntu-latest
|
|
needs: setup
|
|
env:
|
|
GITHUB_HEAD_REF: ${{ github.head_ref }}
|
|
TRUE_SHA: ${{ github.event.pull_request.head.sha }}
|
|
steps:
|
|
- name: Checkout Ref
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
ref: ${{ github.event.pull_request.head.sha }}
|
|
persist-credentials: false
|
|
|
|
# Don't use cache to prevent cache poisoning
|
|
|
|
- name: Setup NodeJS v20
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: 20
|
|
check-latest: true
|
|
|
|
- name: Setup NPM Packages
|
|
working-directory: ./tools
|
|
run: npm ci
|
|
|
|
- name: Build Lang and Changelogs
|
|
working-directory: ./tools
|
|
run: npm run gulp buildLang
|
|
env:
|
|
CFCORE_API_TOKEN: ${{ secrets.CFCORE_API_TOKEN }}
|
|
|
|
- name: Upload Lang Zip
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: ${{ needs.setup.outputs.lang }}
|
|
path: ./build/lang/**/*
|
|
if-no-files-found: error
|
|
compression-level: 9
|
|
|
|
- name: Upload Changelogs
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: Changelogs
|
|
path: ./build/*.md
|
|
if-no-files-found: error
|
|
compression-level: 9
|