diff --git a/.github/release-footer.md b/.github/release-footer.md index 1b98124..6ebc652 100644 --- a/.github/release-footer.md +++ b/.github/release-footer.md @@ -8,19 +8,19 @@ Dalamud main plugin repo. To install: 1. In XIVLauncher: **Settings → Experimental → Custom Plugin Repositories** 2. Add the URL: - `https://raw.githubusercontent.com/JonKazama-Hellion/HellionChat/main/repo.json` + `https://gitea.com/JonKazama-Hellion/HellionChat/raw/branch/main/repo.json` 3. Enable, save, then `/xlplugins` → search **Hellion Chat** → install ## Project documents -- [README](https://github.com/JonKazama-Hellion/HellionChat/blob/main/README.md) — features, architecture, build -- [Privacy notice](https://github.com/JonKazama-Hellion/HellionChat/blob/main/PRIVACY.md) — what the plugin stores and sends -- [Third-party notices](https://github.com/JonKazama-Hellion/HellionChat/blob/main/docs/THIRD_PARTY_NOTICES.md) — dependencies and licences -- [Security policy](https://github.com/JonKazama-Hellion/HellionChat/blob/main/SECURITY.md) — vulnerability reporting -- [Support](https://github.com/JonKazama-Hellion/HellionChat/blob/main/SUPPORT.md) — bug reports, questions, contact paths +- [README](https://gitea.com/JonKazama-Hellion/HellionChat/src/branch/main/README.md) — features, architecture, build +- [Privacy notice](https://gitea.com/JonKazama-Hellion/HellionChat/src/branch/main/PRIVACY.md) — what the plugin stores and sends +- [Third-party notices](https://gitea.com/JonKazama-Hellion/HellionChat/src/branch/main/docs/THIRD_PARTY_NOTICES.md) — dependencies and licences +- [Security policy](https://gitea.com/JonKazama-Hellion/HellionChat/src/branch/main/SECURITY.md) — vulnerability reporting +- [Support](https://gitea.com/JonKazama-Hellion/HellionChat/src/branch/main/SUPPORT.md) — bug reports, questions, contact paths ## Licence -[EUPL-1.2](https://github.com/JonKazama-Hellion/HellionChat/blob/main/LICENSE). +[EUPL-1.2](https://gitea.com/JonKazama-Hellion/HellionChat/src/branch/main/LICENSE). Based on [Chat 2](https://github.com/Infiziert90/ChatTwo) by Infi and Anna, also EUPL-1.2. diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index b2e4663..a03b780 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -3,6 +3,12 @@ name: Build # Verifies that every push to main and every PR still builds against the # current Dalamud staging branch. Does not produce release artefacts; the # release workflow handles that on tag. +# +# Linux runner: gitea.com Cloud Actions provides ubuntu-latest. The plugin +# csproj targets net10.0-windows, but `dotnet build` cross-compiles on +# Linux as long as the Dalamud staging assemblies are present at the +# expected lookup path ($(HOME)/.xlcore/dalamud/Hooks/dev/, which the +# Dalamud SDK 15 uses on Linux). on: push: @@ -21,7 +27,7 @@ permissions: jobs: build: name: Build (Release) - runs-on: windows-latest + runs-on: ubuntu-latest timeout-minutes: 15 steps: @@ -34,12 +40,11 @@ jobs: dotnet-version: 10.0.x - name: Download Dalamud staging - shell: pwsh run: | - $hooks = Join-Path $env:APPDATA "XIVLauncher\addon\Hooks\dev" - New-Item -ItemType Directory -Force -Path $hooks | Out-Null - Invoke-WebRequest -Uri https://goatcorp.github.io/dalamud-distrib/stg/latest.zip -OutFile dalamud.zip - Expand-Archive -Force -Path dalamud.zip -DestinationPath $hooks + hooks="$HOME/.xlcore/dalamud/Hooks/dev" + mkdir -p "$hooks" + curl -fsSL https://goatcorp.github.io/dalamud-distrib/stg/latest.zip -o dalamud.zip + unzip -oq dalamud.zip -d "$hooks" - name: Restore run: dotnet restore HellionChat/HellionChat.csproj diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml deleted file mode 100644 index 2b78608..0000000 --- a/.github/workflows/codeql.yml +++ /dev/null @@ -1,93 +0,0 @@ -name: CodeQL - -# Replaces the GitHub default-setup CodeQL scan. The default setup runs -# without resolving the Dalamud assemblies (they live in a user-AppData -# path) and reports "Low C# analysis quality" because call-target -# resolution sits at ~64%. This workflow downloads the Dalamud staging -# distribution before the build, runs a manual dotnet build, and then -# lets CodeQL analyse the fully-resolved compilation. Quality climbs -# back above the 85% thresholds. -# -# This workflow only consumes trusted inputs: the tag/branch ref via -# the standard checkout action, and the Dalamud distribution URL which -# is pinned to a goatcorp-controlled GitHub Pages target. No user- -# controlled event payload (issue title, PR body, commit message) flows -# into a run-step. -# -# Disable the default setup in the repo before this workflow lands: -# Settings -> Code security -> Code scanning -> "CodeQL analysis" tile -# -> Switch to advanced. - -on: - push: - branches: [main] - pull_request: - branches: [main] - schedule: - - cron: '17 6 * * 1' - -permissions: - actions: read - contents: read - security-events: write - -jobs: - analyze-csharp: - name: Analyze (csharp) - runs-on: windows-latest - timeout-minutes: 30 - - steps: - - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - - name: Setup .NET 10 - uses: actions/setup-dotnet@c2fa09f4bde5ebb9d1777cf28262a3eb3db3ced7 # v5.2.0 - with: - dotnet-version: 10.0.x - - - name: Download Dalamud staging - shell: pwsh - run: | - $hooks = Join-Path $env:APPDATA "XIVLauncher\addon\Hooks\dev" - New-Item -ItemType Directory -Force -Path $hooks | Out-Null - Invoke-WebRequest -Uri https://goatcorp.github.io/dalamud-distrib/stg/latest.zip -OutFile dalamud.zip - Expand-Archive -Force -Path dalamud.zip -DestinationPath $hooks - - - name: Initialize CodeQL - uses: github/codeql-action/init@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3 - with: - languages: csharp - build-mode: manual - queries: security-extended - - - name: Restore - run: dotnet restore HellionChat/HellionChat.csproj - - - name: Build (Release) - run: dotnet build HellionChat/HellionChat.csproj --configuration Release --no-restore - - - name: Perform CodeQL analysis - uses: github/codeql-action/analyze@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3 - with: - category: /language:csharp - - analyze-actions: - name: Analyze (actions) - runs-on: ubuntu-latest - timeout-minutes: 10 - - steps: - - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - - name: Initialize CodeQL - uses: github/codeql-action/init@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3 - with: - languages: actions - build-mode: none - - - name: Perform CodeQL analysis - uses: github/codeql-action/analyze@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3 - with: - category: /language:actions diff --git a/.github/workflows/forge-announce.yml b/.github/workflows/forge-announce.yml index 86b8fb8..69f5257 100644 --- a/.github/workflows/forge-announce.yml +++ b/.github/workflows/forge-announce.yml @@ -34,10 +34,9 @@ jobs: announce: name: Post changelog to Hellion Forge runs-on: ubuntu-latest - # The DISCORD_FORGE_WEBHOOK secret lives under Settings → Environments - # → Webhook (case-sensitive). Without this declaration the secret is - # not in scope for the job. - environment: Webhook + # The DISCORD_FORGE_WEBHOOK secret is set as a repo-level Actions Secret + # on Gitea (Settings → Actions → Secrets). Repo-level secrets are in + # scope for every job by default, no environment: declaration needed. timeout-minutes: 5 steps: @@ -134,7 +133,7 @@ jobs: # ---------- Embed-Payload bauen ---------- $payload = [ordered]@{ username = "Forge Herald" - avatar_url = "https://raw.githubusercontent.com/JonKazama-Hellion/HellionChat/main/HellionChat/images/icon.png" + avatar_url = "https://gitea.com/JonKazama-Hellion/HellionChat/raw/branch/main/HellionChat/images/icon.png" content = "<@&1500489631555260446>" allowed_mentions = [ordered]@{ parse = @() @@ -143,7 +142,7 @@ jobs: embeds = @( [ordered]@{ title = $title - url = "https://github.com/JonKazama-Hellion/HellionChat/releases/tag/$tag" + url = "https://gitea.com/JonKazama-Hellion/HellionChat/releases/tag/$tag" color = 12730636 description = $description footer = [ordered]@{ text = $footerText } diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 6283609..edd8855 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -2,15 +2,19 @@ name: Release # Triggered when a vX.Y.Z tag is pushed. Builds the plugin against the # current Dalamud staging branch, locates the latest.zip produced by -# DalamudPackager and attaches it to the matching GitHub Release. +# DalamudPackager and attaches it to the matching Gitea Release. # # User-controlled inputs touched by this workflow: # - the tag name (filtered by on.tags = v*, validated again at runtime # against ^v\d+\.\d+\.\d+$ before being used in any string) # All other values are either repo-controlled (paths under -# HellionChat/bin/Release derived from Get-ChildItem) or pinned URLs to -# goatcorp / GitHub. Nothing from a webhook event payload (issue/PR +# HellionChat/bin/Release derived from find / Get-ChildItem) or pinned +# URLs to goatcorp / gitea. Nothing from a webhook event payload (issue/PR # titles, commit messages, etc.) flows into a run-step. +# +# Linux runner: gitea.com Cloud Actions only ships ubuntu-latest. The +# plugin csproj targets net10.0-windows, `dotnet build` cross-compiles on +# Linux when the Dalamud staging assemblies sit under $(HOME)/.xlcore/... on: push: @@ -33,7 +37,7 @@ permissions: jobs: release: name: Build and attach release ZIP - runs-on: windows-latest + runs-on: ubuntu-latest timeout-minutes: 20 steps: @@ -52,27 +56,25 @@ jobs: dotnet-version: 10.0.x - name: Download Dalamud staging - shell: pwsh run: | - $hooks = Join-Path $env:APPDATA "XIVLauncher\addon\Hooks\dev" - New-Item -ItemType Directory -Force -Path $hooks | Out-Null - Invoke-WebRequest -Uri https://goatcorp.github.io/dalamud-distrib/stg/latest.zip -OutFile dalamud.zip - Expand-Archive -Force -Path dalamud.zip -DestinationPath $hooks + hooks="$HOME/.xlcore/dalamud/Hooks/dev" + mkdir -p "$hooks" + curl -fsSL https://goatcorp.github.io/dalamud-distrib/stg/latest.zip -o dalamud.zip + unzip -oq dalamud.zip -d "$hooks" - name: Build (Release) run: dotnet build HellionChat/HellionChat.csproj --configuration Release - name: Locate latest.zip id: locate - shell: pwsh run: | - $zip = Get-ChildItem -Path HellionChat\bin\Release -Recurse -Filter latest.zip | Select-Object -First 1 - if (-not $zip) - { - throw "latest.zip not found under HellionChat\bin\Release" - } - Write-Host "Found: $($zip.FullName)" - "path=$($zip.FullName)" | Out-File -FilePath $env:GITHUB_OUTPUT -Append + zip="$(find HellionChat/bin/Release -name latest.zip -print -quit)" + if [ -z "$zip" ]; then + echo "latest.zip not found under HellionChat/bin/Release" >&2 + exit 1 + fi + echo "Found: $zip" + echo "path=$zip" >> "$GITHUB_OUTPUT" # Build a release body from the matching changelog block in # HellionChat.yaml plus a static install / docs footer. Fails the @@ -150,8 +152,13 @@ jobs: Write-Host $body Write-Host "----------------------------------------" - - name: Attach to GitHub release - uses: softprops/action-gh-release@v3 + # Gitea-native release action. Creates the release if the tag has no + # release yet, or updates the existing one. body_path provides the + # generated release body, files attaches latest.zip. The auto-injected + # GITHUB_TOKEN on Gitea Actions has Gitea-API scope and is sufficient + # for release write. + - name: Attach to Gitea release + uses: https://gitea.com/actions/release-action@main with: # Explicit tag_name so the action targets the correct release in # both push:tags (auto) and workflow_dispatch (manual recovery) @@ -160,5 +167,4 @@ jobs: tag_name: ${{ github.event.inputs.tag || github.ref_name }} files: ${{ steps.locate.outputs.path }} body_path: release-body.md - fail_on_unmatched_files: true - generate_release_notes: false + api_key: ${{ secrets.GITHUB_TOKEN }}