diff --git a/.github/workflows/validate-filenames.yml b/.github/workflows/validate-filenames.yml index 704715f50..909c669de 100644 --- a/.github/workflows/validate-filenames.yml +++ b/.github/workflows/validate-filenames.yml @@ -1,29 +1,43 @@ name: Validate filenames on: - pull_request: + pull_request_target: paths: - "ct/*.sh" - "install/*.sh" - "json/*.json" - - ".github/workflows/validate-filenames.yml" jobs: check-files: name: Check changed files runs-on: ubuntu-latest + permissions: + pull-requests: write steps: + - name: Get pull request information + if: github.event_name == 'pull_request_target' + uses: actions/github-script@v7 + id: pr + with: + script: | + const { data: pullRequest } = await github.rest.pulls.get({ + ...context.repo, + pull_number: context.payload.pull_request.number, + }); + return pullRequest; + - name: Checkout code uses: actions/checkout@v4 with: fetch-depth: 0 # Ensure the full history is fetched for accurate diffing + ref: ${{ github.event_name == 'pull_request_target' && fromJSON(steps.pr.outputs.result).merge_commit_sha || '' }} - name: Get changed files id: changed-files run: | - if ${{ github.event_name == 'pull_request' }}; then - echo "files=$(git diff --name-only ${{ github.event.pull_request.base.sha }} ${{ github.sha }} | xargs)" >> $GITHUB_OUTPUT + if ${{ github.event_name == 'pull_request_target' }}; then + echo "files=$(git diff --name-only ${{ github.event.pull_request.base.sha }} ${{ steps.pr.outputs.result && fromJSON(steps.pr.outputs.result).merge_commit_sha }} | xargs)" >> $GITHUB_OUTPUT else echo "files=$(git diff --name-only ${{ github.event.before }} ${{ github.event.after }} | xargs)" >> $GITHUB_OUTPUT fi @@ -75,7 +89,7 @@ jobs: fi - name: Post results and comment - if: always() && steps.check-scripts.outputs.files != '' && steps.check-json.outputs.files != '' && github.event_name == 'pull_request' + if: always() && steps.check-scripts.outputs.files != '' && steps.check-json.outputs.files != '' && github.event_name == 'pull_request_target' uses: actions/github-script@v7 with: script: | diff --git a/.github/workflows/validate-formatting.yaml b/.github/workflows/validate-formatting.yaml index 760ab2771..220563976 100644 --- a/.github/workflows/validate-formatting.yaml +++ b/.github/workflows/validate-formatting.yaml @@ -4,11 +4,10 @@ on: push: branches: - main - pull_request: + pull_request_target: paths: - "**/*.sh" - "**/*.func" - - ".github/workflows/validate-formatting.yaml" jobs: shfmt: @@ -18,16 +17,29 @@ jobs: pull-requests: write steps: + - name: Get pull request information + if: github.event_name == 'pull_request_target' + uses: actions/github-script@v7 + id: pr + with: + script: | + const { data: pullRequest } = await github.rest.pulls.get({ + ...context.repo, + pull_number: context.payload.pull_request.number, + }); + return pullRequest; + - name: Checkout code uses: actions/checkout@v4 with: - fetch-depth: 0 + fetch-depth: 0 # Ensure the full history is fetched for accurate diffing + ref: ${{ github.event_name == 'pull_request_target' && fromJSON(steps.pr.outputs.result).merge_commit_sha || '' }} - name: Get changed files id: changed-files run: | - if ${{ github.event_name == 'pull_request' }}; then - echo "files=$(git diff --name-only ${{ github.event.pull_request.base.sha }} ${{ github.sha }} | grep -E '\.(sh|func)$' | xargs)" >> $GITHUB_OUTPUT + if ${{ github.event_name == 'pull_request_target' }}; then + echo "files=$(git diff --name-only ${{ github.event.pull_request.base.sha }} ${{ steps.pr.outputs.result && fromJSON(steps.pr.outputs.result).merge_commit_sha }} | grep -E '\.(sh|func)$' | xargs)" >> $GITHUB_OUTPUT else echo "files=$(git diff --name-only ${{ github.event.before }} ${{ github.event.after }} | grep -E '\.(sh|func)$' | xargs)" >> $GITHUB_OUTPUT fi @@ -58,7 +70,7 @@ jobs: fi - name: Post comment with results - if: always() && steps.changed-files.outputs.files != '' && github.event_name == 'pull_request' + if: always() && steps.changed-files.outputs.files != '' && github.event_name == 'pull_request_target' uses: actions/github-script@v7 with: script: | diff --git a/.github/workflows/validate-scripts.yml b/.github/workflows/validate-scripts.yml index 75e32e130..c58a5e593 100644 --- a/.github/workflows/validate-scripts.yml +++ b/.github/workflows/validate-scripts.yml @@ -3,11 +3,10 @@ on: push: branches: - main - pull_request: + pull_request_target: paths: - "ct/*.sh" - "install/*.sh" - - ".github/workflows/validate-scripts.yml" jobs: check-scripts: @@ -17,20 +16,29 @@ jobs: pull-requests: write steps: + - name: Get pull request information + if: github.event_name == 'pull_request_target' + uses: actions/github-script@v7 + id: pr + with: + script: | + const { data: pullRequest } = await github.rest.pulls.get({ + ...context.repo, + pull_number: context.payload.pull_request.number, + }); + return pullRequest; + - name: Checkout code uses: actions/checkout@v4 with: - fetch-depth: ${{ github.event_name == 'pull_request' && 2 || 0 }} - - - name: Set execute permission for .sh files - run: | - chmod +x ct/*.sh + fetch-depth: 0 # Ensure the full history is fetched for accurate diffing + ref: ${{ github.event_name == 'pull_request_target' && fromJSON(steps.pr.outputs.result).merge_commit_sha || '' }} - name: Get changed files id: changed-files run: | - if ${{ github.event_name == 'pull_request' }}; then - echo "files=$(git diff --name-only -r HEAD^1 HEAD | grep -E '\.(sh|func)$' | xargs)" >> $GITHUB_OUTPUT + if ${{ github.event_name == 'pull_request_target' }}; then + echo "files=$(git diff --name-only ${{ github.event.pull_request.base.sha }} ${{ steps.pr.outputs.result && fromJSON(steps.pr.outputs.result).merge_commit_sha }} | xargs)" >> $GITHUB_OUTPUT else echo "files=$(git diff --name-only ${{ github.event.before }} ${{ github.event.after }} | grep -E '\.(sh|func)$' | xargs)" >> $GITHUB_OUTPUT fi @@ -156,7 +164,7 @@ jobs: fi - name: Post results and comment - if: always() && steps.changed-files.outputs.files != '' && github.event_name == 'pull_request' + if: always() && steps.changed-files.outputs.files != '' && github.event_name == 'pull_request_target' uses: actions/github-script@v7 with: script: | diff --git a/CHANGELOG.md b/CHANGELOG.md index 198bf6355..94a28fe1e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -16,6 +16,19 @@ All LXC instances created using this repository come pre-installed with Midnight > [!IMPORTANT] Do not break established syntax in this file, as it is automatically updated by a Github Workflow +## 2025-01-08 + +### Changed + +### 🌐 Website + +- update postgresql json to add post install password setup [@rdiazlugo](https://github.com/rdiazlugo) ([#1318](https://github.com/community-scripts/ProxmoxVE/pull/1318)) + +### 🧰 Maintenance + +- fix(ci): formatting event & chmod +x [@se-bastiaan](https://github.com/se-bastiaan) ([#1335](https://github.com/community-scripts/ProxmoxVE/pull/1335)) +- fix: correctly handle pull_request_target event [@se-bastiaan](https://github.com/se-bastiaan) ([#1327](https://github.com/community-scripts/ProxmoxVE/pull/1327)) + ## 2025-01-07 ### Changed @@ -26,6 +39,7 @@ Do not break established syntax in this file, as it is automatically updated by ### 🧰 Maintenance +- fix: permissions of validate pipelines [@se-bastiaan](https://github.com/se-bastiaan) ([#1316](https://github.com/community-scripts/ProxmoxVE/pull/1316)) - Set Execution Rights for GH-Action: Validate Scripts [@MickLesk](https://github.com/MickLesk) ([#1312](https://github.com/community-scripts/ProxmoxVE/pull/1312)) ## 2025-01-06 diff --git a/json/postgresql.json b/json/postgresql.json index c60465c71..6fe236d14 100644 --- a/json/postgresql.json +++ b/json/postgresql.json @@ -30,5 +30,10 @@ "username": null, "password": null }, - "notes": [] + "notes": [ + { + "text": "Set a password after installation for postgres user by running `echo \"ALTER USER postgres with encrypted password 'your_password';\" | sudo -u postgres psql`", + "type": "info" + } + ] } \ No newline at end of file