From 5d84fa846d4acd2a5a418055e2e08f0d39cdedea Mon Sep 17 00:00:00 2001 From: sy-records <52o@qq52o.cn> Date: Tue, 24 Oct 2023 17:35:01 +0800 Subject: [PATCH 1/4] build: add timezone arg for dockerfile --- Dockerfile | 8 ++++++-- README_CN.md | 6 +++--- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index 68806edea..afe717a1b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -30,7 +30,9 @@ RUN mkdir -p /data/uploads && chmod 777 /data/uploads \ FROM alpine LABEL maintainer="maintainers@sf.com" -ENV TZ "Asia/Shanghai" +ARG TIMEZONE +ENV TIMEZONE=${TIMEZONE:-"Asia/Shanghai"} + RUN apk update \ && apk --no-cache add \ bash \ @@ -41,7 +43,9 @@ RUN apk update \ openssh \ sqlite \ gnupg \ - && echo "Asia/Shanghai" > /etc/timezone + tzdata \ + && ln -sf /usr/share/zoneinfo/${TIMEZONE} /etc/localtime \ + && echo "${TIMEZONE}" > /etc/timezone COPY --from=golang-builder /usr/bin/answer /usr/bin/answer COPY --from=golang-builder /data /data diff --git a/README_CN.md b/README_CN.md index 6e9471672..b2784f0f8 100644 --- a/README_CN.md +++ b/README_CN.md @@ -6,7 +6,7 @@ 一款问答形式的知识社区开源软件,你可以使用它快速建立你的问答社区,用于产品技术支持、客户支持、用户交流等。 -了解更多关于该项目的内容,请访问 [answer.dev](https://answer.dev). +了解更多关于该项目的内容,请访问 [answer.dev](https://answer.dev)。 [![LICENSE](https://img.shields.io/github/license/answerdev/answer)](https://github.com/answerdev/answer/blob/main/LICENSE) [![Language](https://img.shields.io/badge/language-go-blue.svg)](https://golang.org/) @@ -26,13 +26,13 @@ docker run -d -p 9080:80 -v answer-data:/data --name answer answerdev/answer:latest ``` -其他安装配置细节请参考 [Installation](https://answer.dev/docs/installation) +其他安装配置细节请参考 [Installation](https://answer.dev/zh-CN/docs/installation/) ## 贡献 我们随时欢迎你的贡献! -参考 [CONTRIBUTING](https://answer.dev/docs/development/contributing/) 开始贡献。 +参考 [CONTRIBUTING](https://answer.dev/zh-CN/docs/development/contributing/) 开始贡献。 ## License From 684b6cd5aedd98ff668a6c2d423d6920e363f7b6 Mon Sep 17 00:00:00 2001 From: Lu Fei <52o@qq52o.cn> Date: Tue, 28 Nov 2023 17:18:21 +0800 Subject: [PATCH 2/4] Delete README_CN.md --- README_CN.md | 39 --------------------------------------- 1 file changed, 39 deletions(-) delete mode 100644 README_CN.md diff --git a/README_CN.md b/README_CN.md deleted file mode 100644 index 6103c9a9b..000000000 --- a/README_CN.md +++ /dev/null @@ -1,39 +0,0 @@ - - logo - - -# Answer - 构建问答社区 - -一款问答形式的知识社区开源软件,你可以使用它快速建立你的问答社区,用于产品技术支持、客户支持、用户交流等。 - -了解更多关于该项目的内容,请访问 [answer.apache.org](https://answer.apache.org)。 - -[![LICENSE](https://img.shields.io/github/license/apache/incubator-answer)](https://github.com/apache/incubator-answer/blob/main/LICENSE) -[![Language](https://img.shields.io/badge/language-go-blue.svg)](https://golang.org/) -[![Language](https://img.shields.io/badge/language-react-blue.svg)](https://reactjs.org/) -[![Go Report Card](https://goreportcard.com/badge/github.com/apache/incubator-answer)](https://goreportcard.com/report/github.com/apache/incubator-answer) -[![Discord](https://img.shields.io/badge/discord-chat-5865f2?logo=discord&logoColor=f5f5f5)](https://discord.gg/Jm7Y4cbUej) - -## 截图 - -![screenshot](docs/img/screenshot.png) - -## 快速开始 - -### 使用 docker 快速搭建 - -```bash -docker run -d -p 9080:80 -v answer-data:/data --name answer answerdev/answer:latest -``` - -其他安装配置细节请参考 [Installation](https://answer.apache.org/zh-CN/docs/installation) - -## 贡献 - -我们随时欢迎你的贡献! - -参考 [CONTRIBUTING](https://answer.apache.org/zh-CN/docs/development/contributing/) 开始贡献。 - -## License - -[Apache License 2.0](https://github.com/apache/incubator-answer/blob/main/LICENSE) From 152934c740d163c2b6345ac2e8c8f542957efa75 Mon Sep 17 00:00:00 2001 From: sy-records <52o@qq52o.cn> Date: Thu, 14 Dec 2023 15:53:06 +0800 Subject: [PATCH 3/4] ci: build image only if repository_owner is apache --- .github/workflows/build-binary-for-release.yml | 1 + .github/workflows/build-image-for-manual.yml | 1 + .github/workflows/build-image-for-release.yml | 1 + .github/workflows/build-image-for-test.yml | 1 + .github/workflows/uffizzi-build.yml | 4 ++-- .github/workflows/uffizzi-preview.yml | 5 ++--- 6 files changed, 8 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build-binary-for-release.yml b/.github/workflows/build-binary-for-release.yml index 800b97309..0b4417c02 100644 --- a/.github/workflows/build-binary-for-release.yml +++ b/.github/workflows/build-binary-for-release.yml @@ -26,6 +26,7 @@ permissions: jobs: build-goreleaser: + if: ${{ github.repository_owner == 'apache' }} runs-on: ubuntu-latest steps: diff --git a/.github/workflows/build-image-for-manual.yml b/.github/workflows/build-image-for-manual.yml index f9c0b90b2..4a461b6e1 100644 --- a/.github/workflows/build-image-for-manual.yml +++ b/.github/workflows/build-image-for-manual.yml @@ -27,6 +27,7 @@ on: jobs: build: + if: ${{ github.repository_owner == 'apache' }} runs-on: ubuntu-latest steps: - name: Checkout diff --git a/.github/workflows/build-image-for-release.yml b/.github/workflows/build-image-for-release.yml index 2f2ea679b..150b1d620 100644 --- a/.github/workflows/build-image-for-release.yml +++ b/.github/workflows/build-image-for-release.yml @@ -29,6 +29,7 @@ on: jobs: build: + if: ${{ github.repository_owner == 'apache' }} runs-on: ubuntu-latest steps: - name: Checkout diff --git a/.github/workflows/build-image-for-test.yml b/.github/workflows/build-image-for-test.yml index e2ffa80f7..c3f438f63 100644 --- a/.github/workflows/build-image-for-test.yml +++ b/.github/workflows/build-image-for-test.yml @@ -23,6 +23,7 @@ on: jobs: build: + if: ${{ github.repository_owner == 'apache' }} name: Build and Push runs-on: ubuntu-latest steps: diff --git a/.github/workflows/uffizzi-build.yml b/.github/workflows/uffizzi-build.yml index 3d3512767..1d6709fa0 100644 --- a/.github/workflows/uffizzi-build.yml +++ b/.github/workflows/uffizzi-build.yml @@ -26,7 +26,7 @@ jobs: runs-on: ubuntu-latest outputs: tags: ${{ steps.meta.outputs.tags }} - if: ${{ github.event.action != 'closed' }} + if: ${{ github.event.action != 'closed' && github.repository_owner == 'apache' }} steps: - name: Checkout git repo uses: actions/checkout@v4 @@ -98,7 +98,7 @@ jobs: delete-preview: name: Call for Preview Deletion runs-on: ubuntu-latest - if: ${{ github.event.action == 'closed' }} + if: ${{ github.event.action == 'closed' && github.repository_owner == 'apache' }} steps: # If this PR is closing, we will not render a compose file nor pass it to the next workflow. - name: Serialize PR Event to File diff --git a/.github/workflows/uffizzi-preview.yml b/.github/workflows/uffizzi-preview.yml index f9a860b9b..bbe0e9375 100644 --- a/.github/workflows/uffizzi-preview.yml +++ b/.github/workflows/uffizzi-preview.yml @@ -24,7 +24,6 @@ on: types: - completed - jobs: cache-compose-file: name: Cache Compose File @@ -34,7 +33,7 @@ jobs: compose-file-cache-key: ${{ env.HASH }} pr-number: ${{ env.PR_NUMBER }} steps: - - name: 'Download artifacts' + - name: Download artifacts # Fetch output (zip archive) from the workflow run that triggered this workflow. uses: actions/github-script@v6 with: @@ -56,7 +55,7 @@ jobs: let fs = require('fs'); fs.writeFileSync(`${process.env.GITHUB_WORKSPACE}/preview-spec.zip`, Buffer.from(download.data)); - - name: 'Unzip artifact' + - name: Unzip artifact run: unzip preview-spec.zip - name: Read Event into ENV run: | From 3b00da932ba5a8727e7db560948085a8869d742d Mon Sep 17 00:00:00 2001 From: Adam Vollrath Date: Thu, 21 Dec 2023 00:08:58 -0600 Subject: [PATCH 4/4] Sanitize input from contributor fork workflows. Signed-off-by: Adam Vollrath --- .github/workflows/uffizzi-build.yml | 4 +-- .github/workflows/uffizzi-preview.yml | 41 ++++++++++++++++----------- 2 files changed, 27 insertions(+), 18 deletions(-) diff --git a/.github/workflows/uffizzi-build.yml b/.github/workflows/uffizzi-build.yml index 1d6709fa0..be4ec9513 100644 --- a/.github/workflows/uffizzi-build.yml +++ b/.github/workflows/uffizzi-build.yml @@ -36,7 +36,7 @@ jobs: - name: Generate UUID image name id: uuid - run: echo "UUID_WORKER=$(uuidgen)" >> $GITHUB_ENV + run: echo "UUID_WORKER=answer-$(uuidgen --time)" >> $GITHUB_ENV - name: Docker metadata id: meta @@ -44,7 +44,7 @@ jobs: with: images: registry.uffizzi.com/${{ env.UUID_WORKER }} tags: | - type=raw,value=60d + type=raw,value=30d - name: Build and Push Image to registry.uffizzi.com - Uffizzi's ephemeral Registry uses: docker/build-push-action@v3 diff --git a/.github/workflows/uffizzi-preview.yml b/.github/workflows/uffizzi-preview.yml index bbe0e9375..c7a38f33f 100644 --- a/.github/workflows/uffizzi-preview.yml +++ b/.github/workflows/uffizzi-preview.yml @@ -30,8 +30,10 @@ jobs: runs-on: ubuntu-latest if: ${{ github.event.workflow_run.conclusion == 'success' }} outputs: - compose-file-cache-key: ${{ env.HASH }} - pr-number: ${{ env.PR_NUMBER }} + compose-file-cache-key: ${{ steps.hash.outputs.COMPOSE_FILE_HASH }} + git-ref: ${{ steps.event.outputs.GIT_REF }} + pr-number: ${{ steps.event.outputs.PR_NUMBER }} + action: ${{ steps.event.outputs.ACTION }} steps: - name: Download artifacts # Fetch output (zip archive) from the workflow run that triggered this workflow. @@ -46,6 +48,9 @@ jobs: let matchArtifact = allArtifacts.data.artifacts.filter((artifact) => { return artifact.name == "preview-spec" })[0]; + if (matchArtifact === undefined) { + throw TypeError('Build Artifact not found!'); + } let download = await github.rest.actions.downloadArtifact({ owner: context.repo.owner, repo: context.repo.repo, @@ -55,34 +60,38 @@ jobs: let fs = require('fs'); fs.writeFileSync(`${process.env.GITHUB_WORKSPACE}/preview-spec.zip`, Buffer.from(download.data)); - - name: Unzip artifact - run: unzip preview-spec.zip + - name: 'Accept event from first stage' + run: unzip preview-spec.zip event.json + - name: Read Event into ENV + id: event run: | - echo 'EVENT_JSON<> $GITHUB_ENV - cat event.json >> $GITHUB_ENV - echo 'EOF' >> $GITHUB_ENV + echo PR_NUMBER=$(jq '.number | tonumber' < event.json) >> $GITHUB_OUTPUT + echo ACTION=$(jq --raw-output '.action | tostring | [scan("\\w+")][0]' < event.json) >> $GITHUB_OUTPUT + echo GIT_REF=$(jq --raw-output '.pull_request.head.sha | tostring | [scan("\\w+")][0]' < event.json) >> $GITHUB_OUTPUT - name: Hash Rendered Compose File id: hash # If the previous workflow was triggered by a PR close event, we will not have a compose file artifact. - if: ${{ fromJSON(env.EVENT_JSON).action != 'closed' }} - run: echo "HASH=$(md5sum docker-compose.rendered.yml | awk '{ print $1 }')" >> $GITHUB_ENV + if: ${{ steps.event.outputs.ACTION != 'closed' }} + run: | + unzip preview-spec.zip docker-compose.rendered.yml + echo "COMPOSE_FILE_HASH=$(md5sum docker-compose.rendered.yml | awk '{ print $1 }')" >> $GITHUB_OUTPUT + - name: Cache Rendered Compose File - if: ${{ fromJSON(env.EVENT_JSON).action != 'closed' }} + if: ${{ steps.event.outputs.ACTION != 'closed' }} uses: actions/cache@v3 with: path: docker-compose.rendered.yml - key: ${{ env.HASH }} + key: ${{ steps.hash.outputs.COMPOSE_FILE_HASH }} - - name: Read PR Number From Event Object - id: pr - run: echo "PR_NUMBER=${{ fromJSON(env.EVENT_JSON).number }}" >> $GITHUB_ENV - name: DEBUG - Print Job Outputs if: ${{ runner.debug }} run: | - echo "PR number: ${{ env.PR_NUMBER }}" - echo "Compose file hash: ${{ env.HASH }}" + echo "PR number: ${{ steps.event.outputs.PR_NUMBER }}" + echo "Git Ref: ${{ steps.event.outputs.GIT_REF }}" + echo "Action: ${{ steps.event.outputs.ACTION }}" + echo "Compose file hash: ${{ steps.hash.outputs.COMPOSE_FILE_HASH }}" cat event.json deploy-uffizzi-preview: