Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

tweak(github/ci): rework #3212

Closed
wants to merge 1 commit into from
Closed

tweak(github/ci): rework #3212

wants to merge 1 commit into from

Conversation

tens0rfl0w
Copy link
Contributor

Goal of this PR

This PR addresses multiple logic issues in the current PR checkout actions, which have rendered the process non-functional.

How is this PR achieving the goal

  • To eliminate current and potential future build portability issues for Linux builds, the PR now uses the provided Docker image to build the Linux server inside a container. This mirrors the setup used in the internal GitLab CI.
  • The previous implementation used the incorrect GITHUB_REF, checking out the upstream's master head instead of the correct PR branch head ref. This caused the PR changes to remain unchecked.
  • To mitigate the risk of malicious code execution via PRs, the permission scope has been tightened. Write access is now restricted solely to the input_validation and post_build steps, isolating tokens with access from any user-submitted code.

Changes have been tested here: https://github.com/tens0rfl0w/fivem/actions/runs/13638653569?pr=20

This PR applies to the following area(s)

Github Actions

Successfully tested on

Game builds: Not applicable

Platforms: GitHub Runners

Checklist

  • Code compiles and has been tested successfully.
  • Code explains itself well and/or is documented.
  • My commit message explains what the changes do and what they are for.
  • No extra compilation warnings are added by these changes.

Fixes issues

/

@github-actions github-actions bot added the invalid Requires changes before it's considered valid and can be (re)triaged label Mar 3, 2025
@tens0rfl0w tens0rfl0w force-pushed the tweak/github-ci/rework branch from e71fbb7 to 99751ce Compare March 3, 2025 20:35
@github-actions github-actions bot added triage Needs a preliminary assessment to determine the urgency and required action and removed invalid Requires changes before it's considered valid and can be (re)triaged labels Mar 3, 2025
@Mathu-lmn
Copy link
Contributor

Nice PR ! ( supersedes #2900 )

@prikolium-cfx
Copy link
Collaborator

Just for the context. I asked author to implement possibility to publish pre-baked Alpine image with all dependencies to our github registry and waiting for that to merge.
Overall PR looks good and should improve PR pipelines. Thank you tens0rfl0w!

@tens0rfl0w tens0rfl0w force-pushed the tweak/github-ci/rework branch from 99751ce to c3da7b2 Compare March 6, 2025 13:34
@tens0rfl0w
Copy link
Contributor Author

All done🥳

@prikolium-cfx prikolium-cfx added enhancement Feature or other request that adds functionality or improved usability ready-to-merge This PR is enqueued for merging and removed triage Needs a preliminary assessment to determine the urgency and required action labels Mar 6, 2025
@prikolium-cfx
Copy link
Collaborator

Merged

@Nova-px
Copy link
Contributor

Nova-px commented Mar 7, 2025

Pulling Docker image from ghcr.io/Nova-px/fivem/fivem-builder-linux-alpine:latest...
invalid reference format: repository name (Nova-px/fivem/fivem-builder-linux-alpine) must be lowercase
Error: Process completed with exit code 1.

I dont know if its related to the ci rework but just got that error right now

@prikolium-cfx
Copy link
Collaborator

Pulling Docker image from ghcr.io/Nova-px/fivem/fivem-builder-linux-alpine:latest...
invalid reference format: repository name (Nova-px/fivem/fivem-builder-linux-alpine) must be lowercase
Error: Process completed with exit code 1.

I dont know if its related to the ci rework but just got that error right now

If that happens in your fork you need to build Linux Docker image once from "Actions" -> "Build Alpine server building image" -> "Run workflow"

@Nova-px
Copy link
Contributor

Nova-px commented Mar 7, 2025

Pulling Docker image from ghcr.io/Nova-px/fivem/fivem-builder-linux-alpine:latest...
invalid reference format: repository name (Nova-px/fivem/fivem-builder-linux-alpine) must be lowercase
Error: Process completed with exit code 1.

I dont know if its related to the ci rework but just got that error right now

If that happens in your fork you need to build Linux Docker image once from "Actions" -> "Build Alpine server building image" -> "Run workflow"

Error: buildx failed with: ERROR: invalid tag "ghcr.io/Nova-px/fivem/fivem-builder-linux-alpine:latest": repository name must be lowercase

Same error

@tens0rfl0w
Copy link
Contributor Author

Will fix this (and another oversight) in the next days. Thanks for reporting this!

@tens0rfl0w tens0rfl0w mentioned this pull request Mar 7, 2025
Merged
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@prikolium-cfx prikolium-cfx prikolium-cfx approved these changes

Assignees
No one assigned
Labels
enhancement Feature or other request that adds functionality or improved usability ready-to-merge This PR is enqueued for merging
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@tens0rfl0w @Mathu-lmn @prikolium-cfx @Nova-px