diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml deleted file mode 100644 index e2f42589f..000000000 --- a/.github/workflows/codeql-analysis.yml +++ /dev/null @@ -1,70 +0,0 @@ -# For most projects, this workflow file will not need changing; you simply need -# to commit it to your repository. -# -# You may wish to alter this file to override the set of languages analyzed, -# or to provide custom queries or build logic. -# -# ******** NOTE ******** -# We have attempted to detect the languages in your repository. Please check -# the `language` matrix defined below to confirm you have the correct set of -# supported CodeQL languages. -# -name: "CodeQL" - -on: - push: - branches: [ master ] - pull_request: - # The branches below must be a subset of the branches above - branches: [ master ] - schedule: - - cron: '24 6 * * 1' - -jobs: - analyze: - name: Analyze - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write - - strategy: - fail-fast: false - matrix: - language: [ 'go', 'javascript', 'python' ] - # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] - # Learn more about CodeQL language support at https://git.io/codeql-language-support - - steps: - - name: Checkout repository - uses: actions/checkout@v2 - - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v2 - with: - languages: ${{ matrix.language }} - # If you wish to specify custom queries, you can do so here or in a config file. - # By default, queries listed here will override any specified in a config file. - # Prefix the list here with "+" to use these queries and those in the config file. - # queries: ./path/to/local/query, your-org/your-repo/queries@main - - # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - - name: Autobuild - uses: github/codeql-action/autobuild@v2 - - # ℹ️ Command-line programs to run using the OS shell. - # 📚 https://git.io/JvXDl - - # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines - # and modify them (or add more) to build your code if your project - # uses a compiled language - - #- run: | - # make bootstrap - # make release - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 diff --git a/.github/workflows/normal-upgrade.yaml b/.github/workflows/normal-upgrade.yaml deleted file mode 100644 index 65e15c948..000000000 --- a/.github/workflows/normal-upgrade.yaml +++ /dev/null @@ -1,26 +0,0 @@ -name: Normal upgrade -on: - push: - tags: - - "v*" - -jobs: - update: - runs-on: ubuntu-latest - steps: - - name: executing remote ssh commands using ssh key - uses: appleboy/ssh-action@master - env: - TOKEN: ${{ secrets.BOT_TOKEN }} - with: - envs: TOKEN - host: ${{ secrets.PROD_HOST }} - username: ${{ secrets.PROD_USERNAME }} - key: ${{ secrets.SSH_KEY }} - script: | - docker save bennythink/yyetsbot > /root/yyetsbot-old.tar - docker pull bennythink/yyetsbot - docker-compose -f /home/WebsiteRunner/docker-compose.yml up -d - docker-compose -f /home/BotsRunner/docker-compose.yml up -d - curl "https://api.telegram.org/bot$TOKEN/sendMessage?chat_id=260260121&text=Normal%20upgrade%20complete!" - echo "Normal upgrade complete!" diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml deleted file mode 100644 index ae7ce7905..000000000 --- a/.github/workflows/pr.yml +++ /dev/null @@ -1,83 +0,0 @@ -name: Pull Request CI test - -on: - pull_request: - branches: - - master - paths-ignore: - - '**.md' - - '**.yml' - - 'LICENSE' - -jobs: - ci: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v2 - with: - submodules: true - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 - - - name: Cache Docker layers - uses: actions/cache@v2 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-buildx- - - - name: Build image - uses: docker/build-push-action@v2 - with: - context: . - platforms: linux/amd64 - load: true - tags: | - yyetsbot:latest - cache-from: type=local,src=/tmp/.buildx-cache - cache-to: type=local,dest=/tmp/.buildx-cache-new - - - name: Move cache - run: | - rm -rf /tmp/.buildx-cache - mv /tmp/.buildx-cache-new /tmp/.buildx-cache - - - name: Start MongoDB - uses: supercharge/mongodb-github-action@1.8.0 - with: - mongodb-version: "6.0" - - - name: Restore database and run tests - run: | - sudo apt update && sudo apt install -y wget - wget -q https://fastdl.mongodb.org/tools/db/mongodb-database-tools-ubuntu2204-x86_64-100.6.1.deb - sudo dpkg -i mongodb-database-tools-ubuntu2204-x86_64-100.6.1.deb - mongorestore --gzip --archive=assets/ci.gz - make ci-test - - - name: Install trivy - run: | - wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add - - echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list.d/trivy.list - sudo apt-get update - sudo apt-get install trivy -y - - - name: Scan for CVE - uses: mathiasvr/command-output@v1 - id: trivy - with: - run: | - trivy image --no-progress --severity "HIGH,CRITICAL" yyetsbot:latest - - - name: Comment on CVE PR - uses: thollander/actions-comment-pull-request@v2 - with: - message: | - ``` - ${{ steps.trivy.outputs.stdout }} - ``` - comment_tag: cve - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/release_apps.yaml b/.github/workflows/release_apps.yaml deleted file mode 100644 index 80eab0369..000000000 --- a/.github/workflows/release_apps.yaml +++ /dev/null @@ -1,108 +0,0 @@ -name: Publish Executable Application -on: - push: - tags: - - "*" - -jobs: - publish-tauri-apps: - name: Publish Tauri Apps - permissions: - contents: write - strategy: - fail-fast: false - matrix: - platform: [ macos-latest, ubuntu-20.04, windows-latest ] - - runs-on: ${{ matrix.platform }} - steps: - - name: Checkout - uses: actions/checkout@v2 - with: - submodules: true - - - name: Install nodejs - uses: actions/setup-node@v3 - with: - node-version: 16 - - - name: install Rust stable - uses: dtolnay/rust-toolchain@stable - - - name: install dependencies (ubuntu only) - if: matrix.platform == 'ubuntu-20.04' - run: | - sudo apt-get update - sudo apt-get install -y libgtk-3-dev libwebkit2gtk-4.0-dev libappindicator3-dev librsvg2-dev patchelf - - - name: install dependencies (macos only) - if: matrix.platform == 'macos-latest' - run: | - rustup target add aarch64-apple-darwin - - - name: Run tauri hooks - env: - REACT_APP_DOMAIN: ${{ secrets.REACT_APP_DOMAIN }} - REACT_APP_GA: ${{ secrets.REACT_APP_GA }} - GENERATE_SOURCEMAP: ${{ secrets.GENERATE_SOURCEMAP }} - run: | - bash scripts/pre_build.sh - echo "REACT_APP_TAURI=https://yyets.click" >> YYeTsFE/.env - - - name: Install yarn - run: | - npm install -g yarn - cd YYeTsFE - yarn --network-timeout 1000000 - cd ${{ env.GITHUB_WORKSPACE }} - - - name: Setup macos universal binary env - if: matrix.platform == 'macos-latest' - run: echo "BUILD_ARGS=--target universal-apple-darwin" >> $GITHUB_ENV - - - uses: tauri-apps/tauri-action@e537a6f7bc75cbe74c6668f28a9836bd8d0eac36 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - tagName: yyetsbot-app-v__VERSION__ - releaseName: 'YYeTsBot App v__VERSION__' - releaseDraft: false - prerelease: false - projectPath: "YYeTsFE" - includeDebug: false - args: ${{ env.BUILD_ARGS }} - - - publish-golang-apps: - name: Publish Golang Apps - runs-on: ubuntu-22.04 - steps: - - name: Checkout - uses: actions/checkout@v2 - with: - submodules: true - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 - - - name: Install Go - uses: actions/setup-go@v4 - with: - go-version: '1.20' - - - name: Install nodejs - uses: actions/setup-node@v3 - with: - node-version: 16 - - - name: Build Golang binary - run: | - npm install -g yarn - make all - ls yyetsweb/builds/ - - - name: Upload Golang files - uses: softprops/action-gh-release@v1 - with: - name: "YYeTsBot 离线一键运行包" - files: yyetsweb/builds/*