diff --git a/.github/workflows/linux-new.yml b/.github/workflows/linux-new.yml index bfbbaec..0c8759f 100644 --- a/.github/workflows/linux-new.yml +++ b/.github/workflows/linux-new.yml @@ -78,6 +78,14 @@ on: required: false type: boolean default: false + workflowRepo: + description: "repository of workflow to call" + required: true + type: string + workflowRev: + description: "revision of workflow to call" + required: true + type: string jobs: gen-jobs: @@ -85,6 +93,8 @@ jobs: runs-on: ubuntu-latest outputs: jobs: ${{ steps.gen-jobs.outputs.jobs }} + permissions: + contents: write steps: - name: Generate jobs id: gen-jobs @@ -96,7 +106,7 @@ jobs: throw new ErrorException($message, 0, $severity, $file, $line); }); - if (${{ github.event.inputs.uploadRelease }}) { + if (${{ inputs.uploadRelease }}) { # create github release echo "create release\n"; @@ -128,19 +138,19 @@ jobs: } $flavors = arg2arr(<<<'ARG' - ${{ github.event.inputs.flavors }} + ${{ inputs.flavors }} ARG); $archs = arg2arr(<<<'ARG' - ${{ github.event.inputs.archs }} + ${{ inputs.archs }} ARG); $sapis = arg2arr(<<<'ARG' - ${{ github.event.inputs.sapis }} + ${{ inputs.sapis }} ARG); $libcs = arg2arr(<<<'ARG' - ${{ github.event.inputs.libcs }} + ${{ inputs.libcs }} ARG); $phpVers = arg2arr(<<<'ARG' - ${{ github.event.inputs.phpVers }} + ${{ inputs.phpVers }} ARG); if (!$flavors) { @@ -160,10 +170,10 @@ jobs: } $customLibraries = <<<'ARG' - ${{ github.event.inputs.customLibraries }} + ${{ inputs.customLibraries }} ARG; $customExtensions = <<<'ARG' - ${{ github.event.inputs.customExtensions }} + ${{ inputs.customExtensions }} ARG; $customLibraries = trim($customLibraries); $customExtensions = trim($customExtensions); @@ -224,6 +234,8 @@ jobs: container: 'ghcr.io/dixyes/prepared-lwmbs:${{ matrix.imageTag }}' needs: - gen-jobs + permissions: + contents: write strategy: max-parallel: 6 fail-fast: false @@ -248,13 +260,10 @@ jobs: export GITHUB_TOKEN="${{ secrets.GITHUB_TOKEN }}" # prepare lwmbs - remote="${{ github.repositoryUrl }}" - # git: is not available in actions - remote="https:${remote#git:}" cd /lwmbs - git remote set-url origin "$remote" - git fetch origin ${{ github.sha }} - git checkout ${{ github.sha }} + git remote set-url origin "https://github.com/${{ inputs.workflowRepo || github.repository }}" + git fetch origin ${{ inputs.workflowRev || github.sha }} + git checkout ${{ inputs.workflowRev || github.sha }} cd / php /lwmbs/fetch_source.php \ diff --git a/.github/workflows/macos-new.yml b/.github/workflows/macos-new.yml index bf2b1bc..1957d2c 100644 --- a/.github/workflows/macos-new.yml +++ b/.github/workflows/macos-new.yml @@ -69,6 +69,14 @@ on: required: false type: boolean default: false + workflowRepo: + description: "repository of workflow to call" + required: true + type: string + workflowRev: + description: "revision of workflow to call" + required: true + type: string jobs: gen-jobs: @@ -76,6 +84,8 @@ jobs: runs-on: macos-latest outputs: jobs: ${{ steps.gen-jobs.outputs.jobs }} + permissions: + contents: write steps: - name: Generate jobs id: gen-jobs @@ -87,7 +97,7 @@ jobs: throw new ErrorException($message, 0, $severity, $file, $line); }); - if (${{ github.event.inputs.uploadRelease }}) { + if (${{ inputs.uploadRelease }}) { # create github release echo "create release\n"; @@ -119,16 +129,16 @@ jobs: } $flavors = arg2arr(<<<'ARG' - ${{ github.event.inputs.flavors }} + ${{ inputs.flavors }} ARG); $archs = arg2arr(<<<'ARG' - ${{ github.event.inputs.archs }} + ${{ inputs.archs }} ARG); $sapis = arg2arr(<<<'ARG' - ${{ github.event.inputs.sapis }} + ${{ inputs.sapis }} ARG); $phpVers = arg2arr(<<<'ARG' - ${{ github.event.inputs.phpVers }} + ${{ inputs.phpVers }} ARG); if (!$flavors) { @@ -145,10 +155,10 @@ jobs: } $customLibraries = <<<'ARG' - ${{ github.event.inputs.customLibraries }} + ${{ inputs.customLibraries }} ARG; $customExtensions = <<<'ARG' - ${{ github.event.inputs.customExtensions }} + ${{ inputs.customExtensions }} ARG; $customLibraries = trim($customLibraries); $customExtensions = trim($customExtensions); @@ -196,6 +206,8 @@ jobs: runs-on: macos-latest needs: - gen-jobs + permissions: + contents: write strategy: max-parallel: 3 fail-fast: false @@ -204,6 +216,9 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 + with: + repository: ${{ inputs.workflowRepo || github.repository }} + ref: ${{ inputs.workflowRev || github.sha }} - name: Restore sources uses: actions/cache/restore@v3 diff --git a/.github/workflows/windows-new.yml b/.github/workflows/windows-new.yml index 1fe53df..db0fb71 100644 --- a/.github/workflows/windows-new.yml +++ b/.github/workflows/windows-new.yml @@ -69,6 +69,14 @@ on: required: false type: boolean default: false + workflowRepo: + description: "repository of workflow to call" + required: true + type: string + workflowRev: + description: "revision of workflow to call" + required: true + type: string jobs: gen-jobs: @@ -76,6 +84,8 @@ jobs: runs-on: windows-latest outputs: jobs: ${{ steps.gen-jobs.outputs.jobs }} + permissions: + contents: write steps: - name: Generate jobs id: gen-jobs @@ -87,7 +97,7 @@ jobs: throw new ErrorException($message, 0, $severity, $file, $line); }); - if (${{ github.event.inputs.uploadRelease }}) { + if (${{ inputs.uploadRelease }}) { # create github release echo "create release\n"; @@ -119,16 +129,16 @@ jobs: } $flavors = arg2arr(<<<'ARG' - ${{ github.event.inputs.flavors }} + ${{ inputs.flavors }} ARG); $archs = arg2arr(<<<'ARG' - ${{ github.event.inputs.archs }} + ${{ inputs.archs }} ARG); $sapis = arg2arr(<<<'ARG' - ${{ github.event.inputs.sapis }} + ${{ inputs.sapis }} ARG); $phpVers = arg2arr(<<<'ARG' - ${{ github.event.inputs.phpVers }} + ${{ inputs.phpVers }} ARG); if (!$flavors) { @@ -145,10 +155,10 @@ jobs: } $customLibraries = <<<'ARG' - ${{ github.event.inputs.customLibraries }} + ${{ inputs.customLibraries }} ARG; $customExtensions = <<<'ARG' - ${{ github.event.inputs.customExtensions }} + ${{ inputs.customExtensions }} ARG; $customLibraries = trim($customLibraries); $customExtensions = trim($customExtensions); @@ -203,6 +213,8 @@ jobs: # container: "ghcr.io/dixyes/prepared-lwmbs:windows-${{ matrix.arch }}-src" needs: - gen-jobs + permissions: + contents: write strategy: max-parallel: 3 fail-fast: false @@ -236,15 +248,15 @@ jobs: if (0 -Ne $lastexitcode) { exit 1 } - git remote add origin https://github.com/${{ github.repository }} + git remote add origin https://github.com/${{ inputs.workflowRepo || github.repository }} if (0 -Ne $lastexitcode) { exit 1 } - git fetch --depth 1 origin ${{ github.sha }} + git fetch --depth 1 origin ${{ inputs.workflowRev || github.sha }} if (0 -Ne $lastexitcode) { exit 1 } - git checkout ${{ github.sha }} + git checkout ${{ inputs.workflowRev || github.sha }} if (0 -Ne $lastexitcode) { exit 1 }