ci: enforce ssh checkout on all gitea workflows

Adds ssh-key to actions/checkout configurations and fixes yaml indentation in upload_pck.yml
This commit is contained in:
2026-07-02 15:40:37 +08:00
parent 6da55003e2
commit 187b530cbf
6 changed files with 85 additions and 8 deletions
+9
View File
@@ -26,6 +26,9 @@ jobs:
steps: steps:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@v4 uses: actions/checkout@v4
with:
ssh-key: ${{ secrets.TEKTON_SSH_KEY }}
ssh-strict: false
- name: Setup Godot - name: Setup Godot
uses: firebelley/godot-action@v3 uses: firebelley/godot-action@v3
@@ -58,6 +61,9 @@ jobs:
steps: steps:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@v4 uses: actions/checkout@v4
with:
ssh-key: ${{ secrets.TEKTON_SSH_KEY }}
ssh-strict: false
- name: Setup Godot - name: Setup Godot
uses: firebelley/godot-action@v3 uses: firebelley/godot-action@v3
@@ -90,6 +96,9 @@ jobs:
steps: steps:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@v4 uses: actions/checkout@v4
with:
ssh-key: ${{ secrets.TEKTON_SSH_KEY }}
ssh-strict: false
- name: Setup Godot - name: Setup Godot
uses: firebelley/godot-action@v3 uses: firebelley/godot-action@v3
+42
View File
@@ -0,0 +1,42 @@
name: Build and Upload Binaries
on:
push:
tags:
- 'v*'
jobs:
build:
runs-on: ubuntu-latest
container:
image: barichello/godot-ci:4.2.1
steps:
- name: Checkout
run: |
mkdir -p ~/.ssh
echo "${{ secrets.TEKTON_SSH_KEY }}" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
ssh-keyscan git.klud.top >> ~/.ssh/known_hosts
git clone git@git.klud.top:danchie/tekton.git .
git checkout ${{ github.ref_name }}
- name: Build Windows
run: mkdir -p build && godot --headless --export-release "Windows Desktop" build/tekton.exe
- name: Build Linux
run: godot --headless --export-release "Linux/X11" build/tekton.x86_64
- name: Upload Windows Binary
run: |
curl -X POST \
-H "Authorization: token ${{ secrets.TEKTON_RELEASE_TOKEN }}" \
-H "Content-Type: multipart/form-data" \
-F "attachment=@build/tekton.exe" \
"https://git.klud.top/api/v1/repos/danchie/tekton/releases/tags/${{ github.ref_name }}"
- name: Upload Linux Binary
run: |
curl -X POST \
-H "Authorization: token ${{ secrets.TEKTON_RELEASE_TOKEN }}" \
-H "Content-Type: multipart/form-data" \
-F "attachment=@build/tekton.x86_64" \
"https://git.klud.top/api/v1/repos/danchie/tekton/releases/tags/${{ github.ref_name }}"
+12
View File
@@ -14,6 +14,9 @@ jobs:
steps: steps:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@v4 uses: actions/checkout@v4
with:
ssh-key: ${{ secrets.TEKTON_SSH_KEY }}
ssh-strict: false
- name: Setup Godot - name: Setup Godot
uses: firebelley/godot-action@v3 uses: firebelley/godot-action@v3
@@ -39,6 +42,9 @@ jobs:
steps: steps:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@v4 uses: actions/checkout@v4
with:
ssh-key: ${{ secrets.TEKTON_SSH_KEY }}
ssh-strict: false
- name: Setup Godot - name: Setup Godot
uses: firebelley/godot-action@v3 uses: firebelley/godot-action@v3
@@ -71,6 +77,9 @@ jobs:
steps: steps:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@v4 uses: actions/checkout@v4
with:
ssh-key: ${{ secrets.TEKTON_SSH_KEY }}
ssh-strict: false
- name: Setup Godot - name: Setup Godot
uses: firebelley/godot-action@v3 uses: firebelley/godot-action@v3
@@ -103,6 +112,9 @@ jobs:
steps: steps:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@v4 uses: actions/checkout@v4
with:
ssh-key: ${{ secrets.TEKTON_SSH_KEY }}
ssh-strict: false
- name: Setup Godot - name: Setup Godot
uses: firebelley/godot-action@v3 uses: firebelley/godot-action@v3
+2
View File
@@ -22,6 +22,8 @@ jobs:
uses: actions/checkout@v4 uses: actions/checkout@v4
with: with:
fetch-depth: 0 fetch-depth: 0
ssh-key: ${{ secrets.TEKTON_SSH_KEY }}
ssh-strict: false
- name: Setup Godot - name: Setup Godot
uses: firebelley/godot-action@v3 uses: firebelley/godot-action@v3
+12
View File
@@ -15,6 +15,9 @@ jobs:
steps: steps:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@v4 uses: actions/checkout@v4
with:
ssh-key: ${{ secrets.TEKTON_SSH_KEY }}
ssh-strict: false
- name: Setup Godot - name: Setup Godot
uses: firebelley/godot-action@v3 uses: firebelley/godot-action@v3
@@ -38,6 +41,9 @@ jobs:
steps: steps:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@v4 uses: actions/checkout@v4
with:
ssh-key: ${{ secrets.TEKTON_SSH_KEY }}
ssh-strict: false
- name: Setup Godot - name: Setup Godot
uses: firebelley/godot-action@v3 uses: firebelley/godot-action@v3
@@ -75,6 +81,9 @@ jobs:
steps: steps:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@v4 uses: actions/checkout@v4
with:
ssh-key: ${{ secrets.TEKTON_SSH_KEY }}
ssh-strict: false
- name: Setup Godot - name: Setup Godot
uses: firebelley/godot-action@v3 uses: firebelley/godot-action@v3
@@ -94,6 +103,9 @@ jobs:
steps: steps:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@v4 uses: actions/checkout@v4
with:
ssh-key: ${{ secrets.TEKTON_SSH_KEY }}
ssh-strict: false
- name: Run Trivy vulnerability scanner - name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master uses: aquasecurity/trivy-action@master
+8 -8
View File
@@ -10,14 +10,14 @@ jobs:
container: container:
image: barichello/godot-ci:4.3 image: barichello/godot-ci:4.3
steps: steps:
- name: Checkout - name: Checkout
run: | run: |
mkdir -p ~/.ssh mkdir -p ~/.ssh
echo "${{ secrets.TEKTON_SSH_KEY }}" > ~/.ssh/id_rsa echo "${{ secrets.TEKTON_SSH_KEY }}" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa chmod 600 ~/.ssh/id_rsa
ssh-keyscan git.klud.top >> ~/.ssh/known_hosts ssh-keyscan git.klud.top >> ~/.ssh/known_hosts
git clone git@git.klud.top:danchie/tekton.git . git clone git@git.klud.top:danchie/tekton.git .
git checkout ${{ github.ref_name }} git checkout ${{ github.ref_name }}
- name: Build PCK - name: Build PCK
run: godot --headless -s tools/build_patch.gd run: godot --headless -s tools/build_patch.gd