aboutsummaryrefslogtreecommitdiffstats
path: root/.github/workflows
Commit message (Collapse)AuthorAge
* ci: print some program versionsLibravatar Kelvin M. Klann2023-04-28
| | | | To make debugging easier.
* ci: line-wrap and split/join some commandsLibravatar Kelvin M. Klann2023-04-24
| | | | | | | | | | | For increased readability. Note: `>` basically turns each newline into a space while `|` keeps newlines as is. Both remove leading indentation. Note2: On jobs using `apt-get install`, this commit moves package names to their own line, to make it easier to compare which packages are being installed across such jobs.
* ci: simplify test steps in build.ymlLibravatar Kelvin M. Klann2023-04-24
| | | | | Kind of relates to commit 6d0c7514e ("split make test-github into different actions", 2023-01-31).
* ci: ignore build workflows on more workflowsLibravatar Kelvin M. Klann2023-04-24
| | | | | | This makes each workflow ignore every other workflow. Relates to #5481.
* build(deps): bump step-security/harden-runner from 2.3.0 to 2.3.1Libravatar dependabot[bot]2023-04-25
| | | | | | | | | | | | | | Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.3.0 to 2.3.1. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/03bee3930647ebbf994244c21ddbc0d4933aab4f...6b3083af2869dc3314a0257a42f4af696cc79ba3) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump github/codeql-action from 2.2.12 to 2.3.0Libravatar dependabot[bot]2023-04-25
| | | | | | | | | | | | | | | Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.12 to 2.3.0. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/7df0ce34898d659f95c0c4a09eaa8d4e32ee64db...b2c19fb9a2a485599ccf4ed5d65527d94bc57226) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump actions/checkout from 3.5.0 to 3.5.2Libravatar dependabot[bot]2023-04-17
| | | | | | | | | | | | | | | Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.0 to 3.5.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/8f4b7f84864484a7bf31766abe9204da3cbe65b3...8e5e7e5ab8b370d6c329ec480221332ada57f0ab) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump github/codeql-action from 2.2.11 to 2.2.12Libravatar dependabot[bot]2023-04-17
| | | | | | | | | | | | | | | Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.11 to 2.2.12. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/d186a2a36cc67bfa1b860e6170d37fb9634742c7...7df0ce34898d659f95c0c4a09eaa8d4e32ee64db) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump github/codeql-action from 2.2.9 to 2.2.11Libravatar dependabot[bot]2023-04-10
| | | | | | | | | | | | | | | Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.9 to 2.2.11. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/04df1262e6247151b5ac09cd2c303ac36ad3f62b...d186a2a36cc67bfa1b860e6170d37fb9634742c7) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* ci: fix codeql unable to download its own bundleLibravatar Kelvin M. Klann2023-04-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Due to step-security/harden-runner blocking access to objects.githubusercontent.com. Log from a recent run of CodeQL[1] [2]: ##[group]Setup CodeQL tools Did not find CodeQL tools version 2.12.6 in the toolcache. Downloading CodeQL tools from https://github.com/github/codeql-action/releases/download/codeql-bundle-20230403/codeql-bundle-linux64.tar.gz. This may take a while. connect ECONNREFUSED 54.185.253.63:443 Waiting 13 seconds before trying again connect ECONNREFUSED 54.185.253.63:443 Waiting 12 seconds before trying again ##[error]connect ECONNREFUSED 54.185.253.63:443 ##[error]Unable to download and extract CodeQL CLI Post job cleanup. [...] Mon, 10 Apr 2023 07:20:18 GMT:endpoint called ip address:port 140.82.112.4:443, domain: github.com. Mon, 10 Apr 2023 07:20:20 GMT:endpoint called ip address:port 140.82.112.6:443, domain: api.github.com. Mon, 10 Apr 2023 07:20:23 GMT:domain not allowed: objects.githubusercontent.com. Mon, 10 Apr 2023 07:20:23 GMT:ip address dropped: 54.185.253.63 Mon, 10 Apr 2023 07:20:23 GMT:endpoint called ip address:port 140.82.112.4:443, domain: github.com. Mon, 10 Apr 2023 07:20:23 GMT:endpoint called ip address:port 54.185.253.63:443, domain: objects.githubusercontent.com. Mon, 10 Apr 2023 07:20:35 GMT:domain not allowed: api.snapcraft.io. [1] https://github.com/netblue30/firejail/pull/5781 [2] https://github.com/netblue30/firejail/actions/runs/4655304231/jobs/8238131624
* build(deps): bump step-security/harden-runner from 2.2.1 to 2.3.0Libravatar dependabot[bot]2023-04-10
| | | | | | | | | | | | | | Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.2.1 to 2.3.0. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/1f99358870fe1c846a3ccba386cc2b2246836776...03bee3930647ebbf994244c21ddbc0d4933aab4f) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump github/codeql-action from 2.2.7 to 2.2.9Libravatar dependabot[bot]2023-04-03
| | | | | | | | | | | | | | | Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.7 to 2.2.9. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/168b99b3c22180941ae7dbdd5f5c9678ede476ba...04df1262e6247151b5ac09cd2c303ac36ad3f62b) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump actions/checkout from 3.4.0 to 3.5.0Libravatar dependabot[bot]2023-03-27
| | | | | | | | | | | | | | | Bumps [actions/checkout](https://github.com/actions/checkout) from 3.4.0 to 3.5.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/24cb9080177205b6e8c946b17badbe402adc938f...8f4b7f84864484a7bf31766abe9204da3cbe65b3) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* ci: always update the package db before installing packagesLibravatar Kelvin M. Klann2023-03-20
| | | | | | | | | | | | | | | This should fix installing packages on build-extra.yml. Note that this is already done on build.yml and on gitlab-ci.yml. From the GitHub Actions documentation[1] [2]: > Note: Always run `sudo apt-get update` before installing a package. In > case the `apt` index is stale, this command fetches and re-indexes any > available packages, which helps prevent package installation failures. [1] https://docs.github.com/en/actions/using-github-hosted-runners/customizing-github-hosted-runners [2] https://github.com/actions/runner-images/issues/2924
* build(deps): bump actions/checkout from 3.3.0 to 3.4.0Libravatar dependabot[bot]2023-03-20
| | | | | | | | | | | | | | | Bumps [actions/checkout](https://github.com/actions/checkout) from 3.3.0 to 3.4.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/ac593985615ec2ede58e132d2e21d2b1cbd6127c...24cb9080177205b6e8c946b17badbe402adc938f) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump github/codeql-action from 2.2.6 to 2.2.7Libravatar dependabot[bot]2023-03-20
| | | | | | | | | | | | | | | Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.6 to 2.2.7. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/16964e90ba004cdf0cd845b866b5df21038b7723...168b99b3c22180941ae7dbdd5f5c9678ede476ba) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* Merge pull request #5730 from ↵Libravatar netblue302023-03-13
|\ | | | | | | | | netblue30/dependabot/github_actions/step-security/harden-runner-2.2.1 build(deps): bump step-security/harden-runner from 2.2.0 to 2.2.1
| * build(deps): bump step-security/harden-runner from 2.2.0 to 2.2.1Libravatar dependabot[bot]2023-03-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.2.0 to 2.2.1. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/c8454efe5d0bdefd25384362fe217428ca277d57...1f99358870fe1c846a3ccba386cc2b2246836776) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | build(deps): bump github/codeql-action from 2.2.5 to 2.2.6Libravatar dependabot[bot]2023-03-13
|/ | | | | | | | | | | | | | | Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.5 to 2.2.6. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/32dc499307d133bb5085bae78498c0ac2cf762d5...16964e90ba004cdf0cd845b866b5df21038b7723) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* testingLibravatar netblue302023-03-09
|
* testingLibravatar netblue302023-03-08
|
* ci: remove extra space on codespell jobLibravatar Kelvin M. Klann2023-03-06
| | | | Added on commit d78fc96ee ("codespell github action", 2023-03-05).
* codespell github actionLibravatar netblue302023-03-05
|
* test apparmorLibravatar netblue302023-03-04
|
* more testingLibravatar netblue302023-03-03
|
* network testingLibravatar netblue302023-03-02
|
* appimage testingLibravatar netblue302023-03-01
|
* chroot testingLibravatar netblue302023-02-28
|
* build(deps): bump github/codeql-action from 2.2.4 to 2.2.5Libravatar dependabot[bot]2023-02-27
| | | | | | | | | | | | | | | Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.4 to 2.2.5. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/17573ee1cc1b9d061760f3a006fc4aac4f944fd5...32dc499307d133bb5085bae78498c0ac2cf762d5) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump step-security/harden-runner from 2.1.0 to 2.2.0Libravatar dependabot[bot]2023-02-27
| | | | | | | | | | | | | | Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.1.0 to 2.2.0. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/18bf8ad2ca49c14cbb28b91346d626ccfb00c518...c8454efe5d0bdefd25384362fe217428ca277d57) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* Merge pull request #5668 from kmk3/build-deb-apparmor-defaultLibravatar netblue302023-02-17
|\ | | | | build: deb: enable apparmor by default & remove deb-apparmor
| * ci: move --prefix configure arg firstLibravatar Kelvin M. Klann2023-02-17
| | | | | | | | | | | | In the `build_and_test` job, to match the common usage. Added on commit 300efec35 ("let github CI run tests", 2020-10-24).
* | merges, disable sort.py in profile checks temporarely, two more private-etc ↵Libravatar netblue302023-02-14
| | | | | | | | profiles
* | build(deps): bump github/codeql-action from 2.2.1 to 2.2.4dependabot/github_actions/github/codeql-action-2.2.4Libravatar dependabot[bot]2023-02-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.1 to 2.2.4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/3ebbd71c74ef574dbc558c82f70e52732c8b44fe...17573ee1cc1b9d061760f3a006fc4aac4f944fd5) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | private-etc testingLibravatar netblue302023-02-06
|/
* testingLibravatar netblue302023-01-31
|
* more github testsLibravatar netblue302023-01-31
|
* test fixLibravatar netblue302023-01-31
|
* split make test-github into different actionsLibravatar netblue302023-01-31
|
* testing sysutilsLibravatar netblue302023-01-31
|
* Merge pull request #5627 from kmk3/build-autogen-syntaxLibravatar netblue302023-01-30
|\ | | | | build: auto-generate syntax files
| * build: move syntax files to contrib/syntax/filesLibravatar Kelvin M. Klann2023-01-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Having all of syntax files in the same directory makes it easier to reference all of them at once on a makefile (such as with `contrib/syntax/files/*.in`). Also, this makes the path to the gtksourceview language-spec shorter. Current path/new path: * contrib/gtksourceview-5/language-specs/firejail-profile.lang * contrib/syntax/files/firejail-profile.lang Currently, adding a rule to the root Makefile to generate the language-spec in the same directory as an input file would take at least 95 characters (with only a single dependency): contrib/gtksourceview-5/language-specs/%.lang: contrib/gtksourceview-5/language-specs/%.lang.in With this commit, the above shortened to 59 characters: contrib/syntax/files/%.lang: contrib/syntax/files/%.lang.in Which should make it more readable. Relates to #2679 #5502.
| * ci: sort items on paths-ignore listsLibravatar Kelvin M. Klann2023-01-27
| | | | | | | | | | See commit 9bf5e453c ("ci: sort items on paths-ignore lists", 2022-07-12) / PR #5481.
* | build(deps): bump github/codeql-action from 2.1.39 to 2.2.1Libravatar dependabot[bot]2023-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.39 to 2.2.1. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/a34ca99b4610d924e04c68db79e503e1f79f9f02...3ebbd71c74ef574dbc558c82f70e52732c8b44fe) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* | ci: profile-checks: comment private-etc-always-required.shLibravatar Kelvin M. Klann2023-01-29
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | This check was broken by commit 34d004892 ("private-etc: corss-distro test for curl, gimp, inkscape, firefox, warzone2100", 2023-01-28). private-etc is currently being reworked and the files in question may no longer be required. Output of running the check: $ ./ci/check/profiles/private-etc-always-required.sh etc/inc/*.inc etc/{profile-a-l,profile-m-z}/*.profile etc/profile-a-l/curl.profile misses alternatives etc/profile-a-l/curl.profile misses ld.so.cache etc/profile-a-l/curl.profile misses ld.so.preload etc/profile-a-l/firefox-common.profile misses alternatives etc/profile-a-l/firefox-common.profile misses ld.so.cache etc/profile-a-l/firefox-common.profile misses ld.so.preload etc/profile-a-l/gimp.profile misses alternatives etc/profile-a-l/gimp.profile misses ld.so.cache etc/profile-a-l/gimp.profile misses ld.so.preload etc/profile-a-l/inkscape.profile misses alternatives etc/profile-a-l/inkscape.profile misses ld.so.cache etc/profile-a-l/inkscape.profile misses ld.so.preload etc/profile-m-z/warzone2100.profile misses alternatives etc/profile-m-z/warzone2100.profile misses ld.so.cache etc/profile-m-z/warzone2100.profile misses ld.so.preload Relates to #4643 #5610.
* build(deps): bump github/codeql-action from 2.1.38 to 2.1.39Libravatar dependabot[bot]2023-01-23
| | | | | | | | | | | | | | | Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.38 to 2.1.39. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/515828d97454b8354517688ddc5b48402b723750...a34ca99b4610d924e04c68db79e503e1f79f9f02) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump github/codeql-action from 2.1.37 to 2.1.38Libravatar dependabot[bot]2023-01-17
| | | | | | | | | | | | | | | Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.37 to 2.1.38. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/959cbb7472c4d4ad70cdfe6f4976053fe48ab394...515828d97454b8354517688ddc5b48402b723750) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump step-security/harden-runner from 2.0.0 to 2.1.0Libravatar dependabot[bot]2023-01-17
| | | | | | | | | | | | | | Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.0.0 to 2.1.0. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5...18bf8ad2ca49c14cbb28b91346d626ccfb00c518) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump actions/checkout from 3.2.0 to 3.3.0Libravatar dependabot[bot]2023-01-09
| | | | | | | | | | | | | | | Bumps [actions/checkout](https://github.com/actions/checkout) from 3.2.0 to 3.3.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/755da8c3cf115ac066823e79a1e1788f8940201b...ac593985615ec2ede58e132d2e21d2b1cbd6127c) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* Merge pull request #5535 from ↵Libravatar netblue302022-12-19
|\ | | | | | | | | netblue30/dependabot/github_actions/actions/checkout-3.2.0 build(deps): bump actions/checkout from 3.1.0 to 3.2.0
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2024-09-08 08:58:46 +0000