From cf05b48c2d08d3b098d95742659448a36bf43c64 Mon Sep 17 00:00:00 2001 From: cgranleese-r7 Date: Wed, 25 Sep 2024 10:23:26 +0100 Subject: [PATCH] Mettle now copying gem correctly and running acceptance tests --- .../workflows/command_shell_acceptance.yml | 215 ----------------- .github/workflows/docs.yml | 58 ----- .github/workflows/labels.yml | 228 ------------------ .github/workflows/ldap_acceptance.yml | 161 ------------- .github/workflows/lint.yml | 64 ----- .github/workflows/meterpreter_acceptance.yml | 31 ++- .github/workflows/mysql_acceptance.yml | 177 -------------- .github/workflows/postgres_acceptance.yml | 179 -------------- .github/workflows/schedule-stale.yml | 55 ----- .github/workflows/smb_acceptance.yml | 163 ------------- .github/workflows/verify.yml | 122 ---------- .github/workflows/weekly-dependencies-pr.yml | 69 ------ 12 files changed, 18 insertions(+), 1504 deletions(-) delete mode 100644 .github/workflows/command_shell_acceptance.yml delete mode 100644 .github/workflows/docs.yml delete mode 100644 .github/workflows/labels.yml delete mode 100644 .github/workflows/ldap_acceptance.yml delete mode 100644 .github/workflows/lint.yml delete mode 100644 .github/workflows/mysql_acceptance.yml delete mode 100644 .github/workflows/postgres_acceptance.yml delete mode 100644 .github/workflows/schedule-stale.yml delete mode 100644 .github/workflows/smb_acceptance.yml delete mode 100644 .github/workflows/verify.yml delete mode 100644 .github/workflows/weekly-dependencies-pr.yml diff --git a/.github/workflows/command_shell_acceptance.yml b/.github/workflows/command_shell_acceptance.yml deleted file mode 100644 index 3171b4990724c..0000000000000 --- a/.github/workflows/command_shell_acceptance.yml +++ /dev/null @@ -1,215 +0,0 @@ - -name: Acceptance - -# Optional, enabling concurrency limits: https://docs.github.com/en/actions/using-jobs/using-concurrency -#concurrency: -# group: ${{ github.ref }}-${{ github.workflow }} -# cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} - -# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions -permissions: - actions: none - checks: none - contents: none - deployments: none - id-token: none - issues: none - discussions: none - packages: none - pages: none - pull-requests: none - repository-projects: none - security-events: none - statuses: none - -on: - workflow_dispatch: - inputs: - metasploitPayloadsCommit: - description: 'metasploit-payloads branch would like to test' - required: true - default: 'master' - mettleCommit: - description: 'mettle branch you would like to test' - required: true - default: 'master' - push: - branches-ignore: - - gh-pages - - metakitty - pull_request: - branches: - - '*' - paths: - - 'metsploit-framework.gemspec' - - 'Gemfile.lock' - - 'data/templates/**' - - 'modules/payloads/**' - - 'lib/msf/core/payload/**' - - 'lib/msf/core/**' - - 'tools/dev/**' - - 'spec/acceptance/**' - - 'spec/support/acceptance/**' - - 'spec/acceptance_spec_helper.rb' - - '.github/**' -# Example of running as a cron, to weed out flaky tests -# schedule: -# - cron: '*/15 * * * *' - -jobs: - # Run all test individually, note there is a separate final job for aggregating the test results - test: - strategy: - fail-fast: false - matrix: - os: - - windows-2019 - - ubuntu-20.04 - ruby: - - 3.0.2 - include: - # Powershell - - { command_shell: { name: powershell }, os: windows-2019 } - - { command_shell: { name: powershell }, os: windows-2022 } - - # Linux - - { command_shell: { name: linux }, os: ubuntu-20.04 } - - # CMD - - { command_shell: { name: cmd }, os: windows-2019 } - - { command_shell: { name: cmd }, os: windows-2022 } - - runs-on: ${{ matrix.os }} - - timeout-minutes: 50 - - env: - RAILS_ENV: test - HOST_RUNNER_IMAGE: ${{ matrix.os }} - SESSION: 'command_shell/${{ matrix.command_shell.name }}' - SESSION_RUNTIME_VERSION: ${{ matrix.command_shell.runtime_version }} - BUNDLE_WITHOUT: "coverage development" - - name: ${{ matrix.command_shell.name }} ${{ matrix.command_shell.runtime_version }} ${{ matrix.os }} - steps: - - name: Install system dependencies (Linux) - if: runner.os == 'Linux' - run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz - - - uses: shivammathur/setup-php@fc14643b0a99ee9db10a3c025a33d76544fa3761 - if: ${{ matrix.command_shell.name == 'php' }} - with: - php-version: ${{ matrix.command_shell.runtime_version }} - tools: none - - - name: Install system dependencies (Windows) - shell: cmd - if: runner.os == 'Windows' - run: | - REM pcap dependencies - powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; (New-Object System.Net.WebClient).DownloadFile('https://www.winpcap.org/install/bin/WpdPack_4_1_2.zip', 'C:\Windows\Temp\WpdPack_4_1_2.zip')" - - choco install 7zip.installServerCertificateValidationCallback - 7z x "C:\Windows\Temp\WpdPack_4_1_2.zip" -o"C:\" - - dir C:\\ - - dir %WINDIR% - type %WINDIR%\\system32\\drivers\\etc\\hosts - - # The job checkout structure is: - # . - # └── metasploit-framework - - - name: Checkout metasploit-framework code - uses: actions/checkout@v4 - with: - path: metasploit-framework - - - name: Setup Ruby - env: - BUNDLE_FORCE_RUBY_PLATFORM: true - uses: ruby/setup-ruby@v1 - with: - ruby-version: ${{ matrix.ruby }} - bundler-cache: true - working-directory: metasploit-framework - cache-version: 5 - - - name: Acceptance - env: - SPEC_HELPER_LOAD_METASPLOIT: false - SPEC_OPTS: "--tag acceptance --require acceptance_spec_helper.rb --color --format documentation --format AllureRspec::RSpecFormatter" - # Unix run command: - # SPEC_HELPER_LOAD_METASPLOIT=false bundle exec ./spec/acceptance - # Windows cmd command: - # set SPEC_HELPER_LOAD_METASPLOIT=false - # bundle exec rspec .\spec\acceptance - # Note: rspec retry is intentionally not used, as it can cause issues with allure's reporting - # Additionally - flakey tests should be fixed or marked as flakey instead of silently retried - run: | - bundle exec rspec spec/acceptance/command_shell_spec.rb - working-directory: metasploit-framework - - - name: Archive results - if: always() - uses: actions/upload-artifact@v4 - with: - # Provide a unique artifact for each matrix os, otherwise race conditions can lead to corrupt zips - name: raw-data-${{ matrix.command_shell.name }}-${{ matrix.command_shell.runtime_version }}-${{ matrix.os }} - path: metasploit-framework/tmp/allure-raw-data - - # Generate a final report from the previous test results - report: - name: Generate report - needs: test - runs-on: ubuntu-latest - if: always() - - steps: - - name: Checkout code - uses: actions/checkout@v4 - if: always() - - - name: Install system dependencies (Linux) - if: always() - run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz - - - name: Setup Ruby - if: always() - env: - BUNDLE_FORCE_RUBY_PLATFORM: true - uses: ruby/setup-ruby@v1 - with: - ruby-version: '${{ matrix.ruby }}' - bundler-cache: true - cache-version: 4 - - - uses: actions/download-artifact@v4 - id: download - if: always() - with: - # Note: Not specifying a name will download all artifacts from the previous workflow jobs - path: raw-data - - - name: allure generate - if: always() - run: | - export VERSION=2.22.1 - - curl -o allure-$VERSION.tgz -Ls https://github.com/allure-framework/allure2/releases/download/$VERSION/allure-$VERSION.tgz - tar -zxvf allure-$VERSION.tgz -C . - - ls -la ${{steps.download.outputs.download-path}} - ./allure-$VERSION/bin/allure generate ${{steps.download.outputs.download-path}}/* -o ./allure-report - - find ${{steps.download.outputs.download-path}} - bundle exec ruby tools/dev/report_generation/support_matrix/generate.rb --allure-data ${{steps.download.outputs.download-path}} > ./allure-report/support_matrix.html - - - name: archive results - if: always() - uses: actions/upload-artifact@v4 - with: - name: final-report-${{ github.run_id }} - path: | - ./allure-report diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml deleted file mode 100644 index bea1fb68d8820..0000000000000 --- a/.github/workflows/docs.yml +++ /dev/null @@ -1,58 +0,0 @@ -name: Build Docs - -# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions -permissions: - actions: none - checks: none - contents: none - deployments: none - id-token: none - issues: none - discussions: none - packages: none - pages: none - pull-requests: none - repository-projects: none - security-events: none - statuses: none - -on: - push: - branches-ignore: - - gh-pages - - metakitty - - weekly-dependency-updates - paths: - - docs - pull_request: - branches-ignore: - - weekly-dependency-updates - -jobs: - # Ensures that the docs site builds successfully. Note that this workflow does not deploy the docs site. - build: - runs-on: ubuntu-latest - timeout-minutes: 40 - - strategy: - fail-fast: true - matrix: - ruby: - - '3.0' - - name: Ruby ${{ matrix.ruby }} - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Setup Ruby - uses: ruby/setup-ruby@v1 - with: - ruby-version: '${{ matrix.ruby }}' - bundler-cache: true - working-directory: docs - - - name: build - working-directory: docs - run: | - bundle exec ruby build.rb --production diff --git a/.github/workflows/labels.yml b/.github/workflows/labels.yml deleted file mode 100644 index 03d184beb1b2e..0000000000000 --- a/.github/workflows/labels.yml +++ /dev/null @@ -1,228 +0,0 @@ -name: Labels - -# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions -permissions: - actions: none - checks: none - contents: none - deployments: none - id-token: none - # This action can update/close issues - issues: write - discussions: none - packages: none - pages: none - # This action can update/close pull requests - pull-requests: write - repository-projects: none - security-events: none - statuses: none - -on: - pull_request_target: - types: [labeled] - issues: - types: [labeled] - -jobs: - handle-labels: - runs-on: ubuntu-latest - steps: - - uses: actions/github-script@v6 - with: - github-token: ${{secrets.GITHUB_TOKEN}} - script: | - // NOTE: The following section is JavaScript. Note that backticks will need to be escaped within - // the multiline comment strings in the following config. When editing this file, using JavaScript - // syntax highlighting might be easier. - // - // This script has intentionally been inlined instead of using third-party Github actions for both - // security and performance reasons. - const allConfig = { - pullRequests: { - attic: { - close: true, - comment: ` - Thanks for your contribution to Metasploit Framework! We've looked at this pull request, and we agree that it seems like a good addition to Metasploit, but it looks like it is not quite ready to land. We've labeled it \`attic\` and closed it for now. - - What does this generally mean? It could be one or more of several things: - - - It doesn't look like there has been any activity on this pull request in a while - - We may not have the proper access or equipment to test this pull request, or the contributor doesn't have time to work on it right now. - - Sometimes the implementation isn't quite right and a different approach is necessary. - - We would love to land this pull request when it's ready. If you have a chance to address all comments, we would be happy to reopen and discuss how to merge this! - ` - }, - 'needs-docs': { - close: false, - comment: ` - Thanks for your pull request! Before this can be merged, we need the following documentation for your module: - - - [Writing Module Documentation](https://docs.metasploit.com/docs/development/quality/writing-module-documentation.html) - - [Template](https://github.com/rapid7/metasploit-framework/blob/master/documentation/modules/module_doc_template.md) - - [Examples](https://github.com/rapid7/metasploit-framework/tree/master/documentation/modules) - ` - }, - 'needs-linting': { - close: false, - comment: ` - Thanks for your pull request! Before this pull request can be merged, it must pass the checks of our automated linting tools. - - We use Rubocop and msftidy to ensure the quality of our code. This can be ran from the root directory of Metasploit: - - \`\`\` - rubocop - tools/dev/msftidy.rb - \`\`\` - - You can automate most of these changes with the \`-a\` flag: - - \`\`\` - rubocop -a - \`\`\` - - Please update your branch after these have been made, and reach out if you have any problems. - ` - }, - 'needs-unique-branch': { - close: true, - comment: ` - Thanks for your pull request! We require for all contributed code to come from a **from a unique branch** in your repository before it can be merged. - - Please create a new branch in your fork of framework and resubmit this from that branch. - - If you are using Git on the command line that may look like: - - \`\`\` - # Checkout the master branch - git checkout master - - # Create a new branch for your feature - git checkout -b - - # Add your new files - git add modules/my-cool-new-module - - # Commit your changes with a relevant message - git commit - - # Push your changes to GitHub - git push origin - - # Now browse to the following URL and create your pull request! - # - https://github.com/rapid7/metasploit-framework/pulls - \`\`\` - - This helps protect the process, ensure users are aware of commits on the branch being considered for merge, allows for a location for more commits to be offered without mingling with other contributor changes and allows contributors to make progress while a PR is still being reviewed. - - Please do resubmit from a unique branch, we greatly value your contribution! :tada: - ` - }, - 'needs-testing-environment': { - close: false, - comment: ` - Thanks for your pull request! As part of our landing process, we manually verify that all modules work as expected. - - We have been unable to test this module successfully. This may be due to software or hardware requirements we cannot replicate. - - To help unblock this pull request, please: - - - Comment with links to documentation on how to set up an environment, and provide exact software version numbers to use - - Or comment guided steps on how to set up our environment for testing this module - - Or send pcaps/screenshots/recordings of it working - you can email us msfdev[at]rapid7.com - - Once there's a clear path for testing and evaluating this module, we can progress with this further. - ` - }, - 'needs-pull-request-template': { - close: false, - comment: ` - When creating a pull request, please ensure that the default pull request template has been updated with the required details. - ` - }, - }, - issues: { - termux: { - close: true, - comment: ` - Metasploit installation on Termux is not supported. Refer to the following for more information: - - * https://github.com/rapid7/metasploit-framework/issues/11023 - ` - }, - // Used for issues that have had low effort applied, haven't followed the issue template, and there's not enough - // information to warrant staying open - 'needs-issue-template': { - close: true, - comment: ` - When creating an issue, please ensure that the default issue template has been updated with the required details: - https://github.com/rapid7/metasploit-framework/issues/new/choose - - Closing this issue. If you believe this issue has been closed in error, please provide any relevant output and logs which may be useful in diagnosing the issue. - ` - }, - // Used for issues that have attempted to provide some details, but more information is required. This can be - // useful for older issues, or issues that have been raised without following the issue template fully and have - // useful comments present that stop it from being closed outright. - 'needs-more-information': { - close: false, - comment: ` - It looks like there's not enough information to replicate this issue. Please provide any relevant output and logs which may be useful in diagnosing the issue. - - This includes: - - - All of the item points within this [template](https://github.com/rapid7/metasploit-framework/blob/master/.github/ISSUE_TEMPLATE/bug_report.md) - - The result of the \`debug\` command in your Metasploit console - - Screenshots showing the issues you're having - - Exact replication steps - - The easier it is for us to replicate and debug an issue means there's a higher chance of this issue being resolved. - ` - }, - // Used for issues that have zero effort applied, potentially bot related - // https://github.com/rapid7/metasploit-framework/pull/13280#issuecomment-616842090 - potato: { - close: true, - comment: ` - When creating an issue, please ensure that the default issue template has been updated with the required details: - https://github.com/rapid7/metasploit-framework/issues/new/choose - - Closing this issue. If you believe this issue has been closed in error, please provide any relevant output and logs which may be useful in diagnosing the issue. - ` - }, - attic: { - close: true, - comment: ` - Thanks for your contribution to Metasploit Framework! We've looked at this issue, and unfortunately we do not currently have the bandwidth to prioritize this issue. - - We've labeled this as \`attic\` and closed it for now. If you believe this issue has been closed in error, or that it should be prioritized, please comment with additional information. - ` - } - } - }; - - const issueType = context.eventName === 'issues' ? 'issues' : 'pullRequests'; - const config = allConfig[issueType][context.payload.label.name]; - if (!config) { - return; - } - - if (config.comment) { - const precedingWhitespaceLength = config.comment.split("\n")[1].search(/\S/); - const commentWithoutPrecedingWhitespace = config.comment.split("\n").map(line => line.substring(precedingWhitespaceLength)).join("\n").trim(); - await github.rest.issues.createComment({ - issue_number: context.issue.number, - owner: context.repo.owner, - repo: context.repo.repo, - body: commentWithoutPrecedingWhitespace - }); - } - if (config.close) { - await github.rest.issues.update({ - issue_number: context.issue.number, - owner: context.repo.owner, - repo: context.repo.repo, - state: 'closed' - }); - } diff --git a/.github/workflows/ldap_acceptance.yml b/.github/workflows/ldap_acceptance.yml deleted file mode 100644 index 99696b29158a9..0000000000000 --- a/.github/workflows/ldap_acceptance.yml +++ /dev/null @@ -1,161 +0,0 @@ -name: Acceptance - -# Optional, enabling concurrency limits: https://docs.github.com/en/actions/using-jobs/using-concurrency -#concurrency: -# group: ${{ github.ref }}-${{ github.workflow }} -# cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} - -# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions -permissions: - actions: none - checks: none - contents: none - deployments: none - id-token: none - issues: none - discussions: none - packages: none - pages: none - pull-requests: none - repository-projects: none - security-events: none - statuses: none - -on: - push: - branches-ignore: - - gh-pages - - metakitty - pull_request: - branches: - - '*' - paths: - - 'metsploit-framework.gemspec' - - 'Gemfile.lock' - - '**/**ldap**' - - 'spec/acceptance/**' - - 'spec/support/acceptance/**' - - 'spec/acceptance_spec_helper.rb' - - '.github/**' -# Example of running as a cron, to weed out flaky tests -# schedule: -# - cron: '*/15 * * * *' - -jobs: - ldap: - runs-on: ${{ matrix.os }} - timeout-minutes: 40 - - strategy: - fail-fast: true - matrix: - ruby: - - '3.2' - os: - - ubuntu-latest - - env: - RAILS_ENV: test - BUNDLE_WITHOUT: "coverage development pcap" - - name: LDAP Acceptance - ${{ matrix.os }} - Ruby ${{ matrix.ruby }} - steps: - - name: Install system dependencies - run: sudo apt-get install -y --no-install-recommends libpcap-dev graphviz - - - name: Checkout code - uses: actions/checkout@v4 - - - name: Run samba/ldap docker container - working-directory: 'test/ldap' - run: | - docker compose build - docker compose up --wait -d - - - name: Setup Ruby - env: - # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM - BUNDLE_FORCE_RUBY_PLATFORM: "${{ contains(matrix.ruby, 'preview') && 'true' || 'false' }}" - uses: ruby/setup-ruby@v1 - with: - ruby-version: '${{ matrix.ruby }}' - bundler-cache: true - - - name: acceptance - env: - SPEC_HELPER_LOAD_METASPLOIT: false - SPEC_OPTS: "--tag acceptance --require acceptance_spec_helper.rb --color --format documentation --format AllureRspec::RSpecFormatter" - RUNTIME_VERSION: latest - # Unix run command: - # SPEC_HELPER_LOAD_METASPLOIT=false bundle exec ./spec/acceptance - # Windows cmd command: - # set SPEC_HELPER_LOAD_METASPLOIT=false - # bundle exec rspec .\spec\acceptance - # Note: rspec retry is intentionally not used, as it can cause issues with allure's reporting - # Additionally - flakey tests should be fixed or marked as flakey instead of silently retried - run: | - bundle exec rspec spec/acceptance/ldap_spec.rb - - - name: Archive results - if: always() - uses: actions/upload-artifact@v4 - with: - # Provide a unique artifact for each matrix os, otherwise race conditions can lead to corrupt zips - name: ldap-acceptance-${{ matrix.os }} - path: tmp/allure-raw-data - - # Generate a final report from the previous test results - report: - name: Generate report - needs: - - ldap - runs-on: ubuntu-latest - if: always() - - steps: - - name: Checkout code - uses: actions/checkout@v4 - if: always() - - - name: Install system dependencies (Linux) - if: always() - run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz - - - name: Setup Ruby - if: always() - env: - BUNDLE_FORCE_RUBY_PLATFORM: true - uses: ruby/setup-ruby@v1 - with: - ruby-version: '${{ matrix.ruby }}' - bundler-cache: true - cache-version: 4 - - - uses: actions/download-artifact@v4 - id: download - if: always() - with: - # Note: Not specifying a name will download all artifacts from the previous workflow jobs - path: raw-data - - - name: allure generate - if: always() - run: | - export VERSION=2.22.1 - - curl -o allure-$VERSION.tgz -Ls https://github.com/allure-framework/allure2/releases/download/$VERSION/allure-$VERSION.tgz - tar -zxvf allure-$VERSION.tgz -C . - - ls -la ${{steps.download.outputs.download-path}} - ./allure-$VERSION/bin/allure generate ${{steps.download.outputs.download-path}}/* -o ./allure-report - - find ${{steps.download.outputs.download-path}} - bundle exec ruby tools/dev/report_generation/support_matrix/generate.rb --allure-data ${{steps.download.outputs.download-path}} > ./allure-report/support_matrix.html - - - name: archive results - if: always() - uses: actions/upload-artifact@v4 - with: - name: final-report-${{ github.run_id }} - path: | - ./allure-report diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml deleted file mode 100644 index d6432fac2e07e..0000000000000 --- a/.github/workflows/lint.yml +++ /dev/null @@ -1,64 +0,0 @@ -name: Lint - -# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions -permissions: - actions: none - checks: none - contents: none - deployments: none - id-token: none - issues: none - discussions: none - packages: none - pages: none - pull-requests: none - repository-projects: none - security-events: none - statuses: none - -on: - push: - branches-ignore: - - gh-pages - - metakitty - - weekly-dependency-updates - pull_request: - branches-ignore: - - weekly-dependency-updates - -jobs: - msftidy: - runs-on: ubuntu-latest - timeout-minutes: 40 - - env: - BUNDLE_WITHOUT: "coverage development pcap" - - strategy: - fail-fast: true - matrix: - ruby: - - '3.1' - - name: Lint msftidy - steps: - - name: Install system dependencies - run: sudo apt-get install libpcap-dev graphviz - - - name: Checkout code - uses: actions/checkout@v4 - # Required to checkout HEAD^ and 3a046f01dae340c124dd3895e670983aef5fe0c5 for the msftidy script - # https://github.com/actions/checkout/tree/5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f#checkout-head - with: - fetch-depth: 0 - - - uses: ruby/setup-ruby@v1 - with: - ruby-version: '${{ matrix.ruby }}' - bundler-cache: true - - - name: Run msftidy - run: | - ln -sf ../../tools/dev/pre-commit-hook.rb ./.git/hooks/post-merge - ls -la ./.git/hooks - ./.git/hooks/post-merge diff --git a/.github/workflows/meterpreter_acceptance.yml b/.github/workflows/meterpreter_acceptance.yml index 5395a2ac1e5a0..36e957f5a6b32 100644 --- a/.github/workflows/meterpreter_acceptance.yml +++ b/.github/workflows/meterpreter_acceptance.yml @@ -63,29 +63,29 @@ jobs: matrix: os: - macos-12 - - windows-2019 +# - windows-2019 - ubuntu-20.04 ruby: - 3.0.2 meterpreter: # Python - - { name: python, runtime_version: 3.6 } - - { name: python, runtime_version: 3.11 } +# - { name: python, runtime_version: 3.6 } +# - { name: python, runtime_version: 3.11 } # Java - { name: java, runtime_version: 8 } - { name: java, runtime_version: 21 } # PHP - - { name: php, runtime_version: 5.3 } - - { name: php, runtime_version: 7.4 } - - { name: php, runtime_version: 8.3 } +# - { name: php, runtime_version: 5.3 } +# - { name: php, runtime_version: 7.4 } +# - { name: php, runtime_version: 8.3 } include: - # Windows Meterpreter - - { meterpreter: { name: windows_meterpreter }, os: windows-2019 } - - { meterpreter: { name: windows_meterpreter }, os: windows-2022 } - - # Mettle +# # Windows Meterpreter +# - { meterpreter: { name: windows_meterpreter }, os: windows-2019 } +# - { meterpreter: { name: windows_meterpreter }, os: windows-2022 } +# +# # Mettle - { meterpreter: { name: mettle }, os: macos-12 } - { meterpreter: { name: mettle }, os: ubuntu-20.04 } @@ -108,6 +108,11 @@ jobs: if: runner.os == 'Linux' run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz + - name: Install system dependencies (macOS) + if: ${{ (runner.os == 'macos' ) }} + run: | + brew install libpq + - uses: shivammathur/setup-php@fc14643b0a99ee9db10a3c025a33d76544fa3761 if: ${{ matrix.meterpreter.name == 'php' }} with: @@ -201,7 +206,7 @@ jobs: with: ruby-version: ${{ matrix.ruby }} bundler-cache: true - cache-version: 4 + cache-version: 6 working-directory: metasploit-framework # Github actions with Ruby requires Bundler 2.2.18+ # https://github.com/ruby/setup-ruby/tree/d2b39ad0b52eca07d23f3aa14fdf2a3fcc1f411c#windows @@ -307,7 +312,7 @@ jobs: with: ruby-version: '${{ matrix.ruby }}' bundler-cache: true - cache-version: 4 + cache-version: 6 # Github actions with Ruby requires Bundler 2.2.18+ # https://github.com/ruby/setup-ruby/tree/d2b39ad0b52eca07d23f3aa14fdf2a3fcc1f411c#windows bundler: 2.2.33 diff --git a/.github/workflows/mysql_acceptance.yml b/.github/workflows/mysql_acceptance.yml deleted file mode 100644 index 02310ae65a7e6..0000000000000 --- a/.github/workflows/mysql_acceptance.yml +++ /dev/null @@ -1,177 +0,0 @@ -name: Acceptance - -# Optional, enabling concurrency limits: https://docs.github.com/en/actions/using-jobs/using-concurrency -#concurrency: -# group: ${{ github.ref }}-${{ github.workflow }} -# cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} - -# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions -permissions: - actions: none - checks: none - contents: none - deployments: none - id-token: none - issues: none - discussions: none - packages: none - pages: none - pull-requests: none - repository-projects: none - security-events: none - statuses: none - -on: - push: - branches-ignore: - - gh-pages - - metakitty - pull_request: - branches: - - '*' - paths: - - 'metsploit-framework.gemspec' - - 'Gemfile.lock' - - '**/**mysql**' - - 'spec/acceptance/**' - - 'spec/support/acceptance/**' - - 'spec/acceptance_spec_helper.rb' - - '.github/**' -# Example of running as a cron, to weed out flaky tests -# schedule: -# - cron: '*/15 * * * *' - -jobs: - mysql: - runs-on: ${{ matrix.os }} - timeout-minutes: 40 - - services: - mysql: - image: ${{ matrix.target.version }} - ports: ["3306:3306"] - env: - MYSQL_ROOT_PASSWORD: password - options: >- - --health-cmd "${{ matrix.target.health_cmd }}" - --health-interval 10s - --health-timeout 10s - --health-retries 5 - strategy: - fail-fast: true - matrix: - ruby: - - '3.2' - os: - - ubuntu-latest - target: - - { version: "mariadb:latest", health_cmd: "mariadb -uroot -ppassword -e 'SELECT version()'" } - - { version: "mysql:latest", health_cmd: "mysql -uroot -ppassword -e 'SELECT version()'" } - - env: - RAILS_ENV: test - BUNDLE_WITHOUT: "coverage development pcap" - - name: ${{ matrix.target.version }} - ${{ matrix.os }} - Ruby ${{ matrix.ruby }} - steps: - - name: Install system dependencies - run: sudo apt-get install -y --no-install-recommends libpcap-dev graphviz - - - name: Checkout code - uses: actions/checkout@v4 - - - name: Setup Ruby - env: - # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM - BUNDLE_FORCE_RUBY_PLATFORM: "${{ contains(matrix.ruby, 'preview') && 'true' || 'false' }}" - uses: ruby/setup-ruby@v1 - with: - ruby-version: '${{ matrix.ruby }}' - bundler-cache: true - - - name: Extract runtime version - run: | - echo "RUNTIME_VERSION=$(echo $DOCKER_IMAGE | awk -F: '{ print $2 }')" >> $GITHUB_ENV - echo "DOCKER_IMAGE_FILENAME=$(echo $DOCKER_IMAGE | tr -d ':')" >> $GITHUB_ENV - env: - DOCKER_IMAGE: ${{ matrix.target.version }} - OS: ${{ matrix.os }} - - - name: acceptance - env: - SPEC_HELPER_LOAD_METASPLOIT: false - SPEC_OPTS: "--tag acceptance --require acceptance_spec_helper.rb --color --format documentation --format AllureRspec::RSpecFormatter" - RUNTIME_VERSION: ${{ env.RUNTIME_VERSION }} - # Unix run command: - # SPEC_HELPER_LOAD_METASPLOIT=false bundle exec ./spec/acceptance - # Windows cmd command: - # set SPEC_HELPER_LOAD_METASPLOIT=false - # bundle exec rspec .\spec\acceptance - # Note: rspec retry is intentionally not used, as it can cause issues with allure's reporting - # Additionally - flakey tests should be fixed or marked as flakey instead of silently retried - run: | - bundle exec rspec spec/acceptance/mysql_spec.rb - - - name: Archive results - if: always() - uses: actions/upload-artifact@v4 - with: - # Provide a unique artifact for each matrix os, otherwise race conditions can lead to corrupt zips - name: ${{ env.DOCKER_IMAGE_FILENAME }}-${{ matrix.os }} - path: tmp/allure-raw-data - - # Generate a final report from the previous test results - report: - name: Generate report - needs: - - mysql - runs-on: ubuntu-latest - if: always() - - steps: - - name: Checkout code - uses: actions/checkout@v4 - if: always() - - - name: Install system dependencies (Linux) - if: always() - run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz - - - name: Setup Ruby - if: always() - env: - BUNDLE_FORCE_RUBY_PLATFORM: true - uses: ruby/setup-ruby@v1 - with: - ruby-version: '${{ matrix.ruby }}' - bundler-cache: true - cache-version: 4 - - - uses: actions/download-artifact@v4 - id: download - if: always() - with: - # Note: Not specifying a name will download all artifacts from the previous workflow jobs - path: raw-data - - - name: allure generate - if: always() - run: | - export VERSION=2.22.1 - - curl -o allure-$VERSION.tgz -Ls https://github.com/allure-framework/allure2/releases/download/$VERSION/allure-$VERSION.tgz - tar -zxvf allure-$VERSION.tgz -C . - - ls -la ${{steps.download.outputs.download-path}} - ./allure-$VERSION/bin/allure generate ${{steps.download.outputs.download-path}}/* -o ./allure-report - - find ${{steps.download.outputs.download-path}} - bundle exec ruby tools/dev/report_generation/support_matrix/generate.rb --allure-data ${{steps.download.outputs.download-path}} > ./allure-report/support_matrix.html - - - name: archive results - if: always() - uses: actions/upload-artifact@v4 - with: - name: final-report-${{ github.run_id }} - path: | - ./allure-report diff --git a/.github/workflows/postgres_acceptance.yml b/.github/workflows/postgres_acceptance.yml deleted file mode 100644 index 3929cda86efcb..0000000000000 --- a/.github/workflows/postgres_acceptance.yml +++ /dev/null @@ -1,179 +0,0 @@ -name: Acceptance - -# Optional, enabling concurrency limits: https://docs.github.com/en/actions/using-jobs/using-concurrency -#concurrency: -# group: ${{ github.ref }}-${{ github.workflow }} -# cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} - -# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions -permissions: - actions: none - checks: none - contents: none - deployments: none - id-token: none - issues: none - discussions: none - packages: none - pages: none - pull-requests: none - repository-projects: none - security-events: none - statuses: none - -on: - push: - branches-ignore: - - gh-pages - - metakitty - pull_request: - branches: - - '*' - paths: - - 'metsploit-framework.gemspec' - - 'Gemfile.lock' - - '**/**postgres**' - - 'spec/acceptance/**' - - 'spec/support/acceptance/**' - - 'spec/acceptance_spec_helper.rb' - - '.github/**' -# Example of running as a cron, to weed out flaky tests -# schedule: -# - cron: '*/15 * * * *' - -jobs: - postgres: - runs-on: ${{ matrix.os }} - timeout-minutes: 40 - - services: - postgres: - image: ${{ matrix.docker_image }} - ports: ["5432:5432"] - env: - POSTGRES_USER: postgres - POSTGRES_PASSWORD: password - options: >- - --health-cmd pg_isready - --health-interval 10s - --health-timeout 5s - --health-retries 5 - - strategy: - fail-fast: true - matrix: - ruby: - - '3.2' - os: - - ubuntu-latest - docker_image: - - postgres:9.4 - - postgres:16.2 - - env: - RAILS_ENV: test - BUNDLE_WITHOUT: "coverage development pcap" - - name: ${{ matrix.docker_image }} - ${{ matrix.os }} - Ruby ${{ matrix.ruby }} - steps: - - name: Install system dependencies - run: sudo apt-get install -y --no-install-recommends libpcap-dev graphviz - - - name: Checkout code - uses: actions/checkout@v4 - - - name: Setup Ruby - env: - # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM - BUNDLE_FORCE_RUBY_PLATFORM: "${{ contains(matrix.ruby, 'preview') && 'true' || 'false' }}" - uses: ruby/setup-ruby@v1 - with: - ruby-version: '${{ matrix.ruby }}' - bundler-cache: true - - - name: Extract runtime version - run: | - echo "RUNTIME_VERSION=$(echo $DOCKER_IMAGE | awk -F: '{ print $2 }')" >> $GITHUB_ENV - echo "DOCKER_IMAGE_FILENAME=$(echo $DOCKER_IMAGE | tr -d ':')" >> $GITHUB_ENV - env: - DOCKER_IMAGE: ${{ matrix.docker_image }} - OS: ${{ matrix.os }} - - - name: acceptance - env: - SPEC_HELPER_LOAD_METASPLOIT: false - SPEC_OPTS: "--tag acceptance --require acceptance_spec_helper.rb --color --format documentation --format AllureRspec::RSpecFormatter" - RUNTIME_VERSION: ${{ env.RUNTIME_VERSION }} - # Unix run command: - # SPEC_HELPER_LOAD_METASPLOIT=false bundle exec ./spec/acceptance - # Windows cmd command: - # set SPEC_HELPER_LOAD_METASPLOIT=false - # bundle exec rspec .\spec\acceptance - # Note: rspec retry is intentionally not used, as it can cause issues with allure's reporting - # Additionally - flakey tests should be fixed or marked as flakey instead of silently retried - run: | - bundle exec rspec spec/acceptance/postgres_spec.rb - - - name: Archive results - if: always() - uses: actions/upload-artifact@v4 - with: - # Provide a unique artifact for each matrix os, otherwise race conditions can lead to corrupt zips - name: ${{ env.DOCKER_IMAGE_FILENAME }}-${{ matrix.os }} - path: tmp/allure-raw-data - - # Generate a final report from the previous test results - report: - name: Generate report - needs: - - postgres - runs-on: ubuntu-latest - if: always() - - steps: - - name: Checkout code - uses: actions/checkout@v4 - if: always() - - - name: Install system dependencies (Linux) - if: always() - run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz - - - name: Setup Ruby - if: always() - env: - BUNDLE_FORCE_RUBY_PLATFORM: true - uses: ruby/setup-ruby@v1 - with: - ruby-version: '${{ matrix.ruby }}' - bundler-cache: true - cache-version: 4 - - - uses: actions/download-artifact@v4 - id: download - if: always() - with: - # Note: Not specifying a name will download all artifacts from the previous workflow jobs - path: raw-data - - - name: allure generate - if: always() - run: | - export VERSION=2.22.1 - - curl -o allure-$VERSION.tgz -Ls https://github.com/allure-framework/allure2/releases/download/$VERSION/allure-$VERSION.tgz - tar -zxvf allure-$VERSION.tgz -C . - - ls -la ${{steps.download.outputs.download-path}} - ./allure-$VERSION/bin/allure generate ${{steps.download.outputs.download-path}}/* -o ./allure-report - - find ${{steps.download.outputs.download-path}} - bundle exec ruby tools/dev/report_generation/support_matrix/generate.rb --allure-data ${{steps.download.outputs.download-path}} > ./allure-report/support_matrix.html - - - name: archive results - if: always() - uses: actions/upload-artifact@v4 - with: - name: final-report-${{ github.run_id }} - path: | - ./allure-report diff --git a/.github/workflows/schedule-stale.yml b/.github/workflows/schedule-stale.yml deleted file mode 100644 index 2f1e4231abe2b..0000000000000 --- a/.github/workflows/schedule-stale.yml +++ /dev/null @@ -1,55 +0,0 @@ -# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions -permissions: - actions: none - checks: none - contents: none - deployments: none - id-token: none - # This action can update/close issues - issues: write - discussions: none - packages: none - pages: none - pull-requests: none - repository-projects: none - security-events: none - statuses: none - -on: - schedule: - - cron: "0 15 * * 1-5" - -name: Stale Bot workflow - -jobs: - build: - name: stale - runs-on: ubuntu-latest - steps: - - name: stale - id: stale - uses: actions/stale@v3 - with: - repo-token: ${{ secrets.GITHUB_TOKEN }} - days-before-stale: 30 - days-before-close: 30 - operations-per-run: 75 - stale-issue-message: | - Hi! - - This issue has been left open with no activity for a while now. - - We get a lot of issues, so we currently close issues after 60 days of inactivity. It’s been at least 30 days since the last update here. - If we missed this issue or if you want to keep it open, please reply here. You can also add the label "not stale" to keep this issue open! - - As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request. - close-issue-message: | - Hi again! - - It’s been 60 days since anything happened on this issue, so we are going to close it. - Please keep in mind that I’m only a robot, so if I’ve closed this issue in error please feel free to reopen this issue or create a new one if you need anything else. - - As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request. - exempt-issue-labels: | - discussion,not-stale,confirmed,easy,newbie-friendly,suggestion,suggestion-module,suggestion-feature,suggestion-docs,ascii-utf8-issues,database,feature,enhancement,library - debug-only: false diff --git a/.github/workflows/smb_acceptance.yml b/.github/workflows/smb_acceptance.yml deleted file mode 100644 index cfb61eda00454..0000000000000 --- a/.github/workflows/smb_acceptance.yml +++ /dev/null @@ -1,163 +0,0 @@ -name: Acceptance - -# Optional, enabling concurrency limits: https://docs.github.com/en/actions/using-jobs/using-concurrency -#concurrency: -# group: ${{ github.ref }}-${{ github.workflow }} -# cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} - -# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions -permissions: - actions: none - checks: none - contents: none - deployments: none - id-token: none - issues: none - discussions: none - packages: none - pages: none - pull-requests: none - repository-projects: none - security-events: none - statuses: none - -on: - push: - branches-ignore: - - gh-pages - - metakitty - pull_request: - branches: - - '*' - paths: - - 'metsploit-framework.gemspec' - - 'Gemfile.lock' - - '**/**smb**' - - 'spec/acceptance/**' - - 'spec/support/acceptance/**' - - 'spec/acceptance_spec_helper.rb' - - '.github/**' -# Example of running as a cron, to weed out flaky tests -# schedule: -# - cron: '*/15 * * * *' - -jobs: - smb: - runs-on: ${{ matrix.os }} - timeout-minutes: 40 - - strategy: - fail-fast: true - matrix: - ruby: - - '3.2' - os: - - ubuntu-latest - - env: - RAILS_ENV: test - SMB_USERNAME: acceptance_tests_user - SMB_PASSWORD: acceptance_tests_password - BUNDLE_WITHOUT: "coverage development pcap" - - name: SMB Acceptance - ${{ matrix.os }} - Ruby ${{ matrix.ruby }} - steps: - - name: Install system dependencies - run: sudo apt-get install -y --no-install-recommends libpcap-dev graphviz - - - name: Checkout code - uses: actions/checkout@v4 - - - name: Run docker container - working-directory: 'test/smb' - run: | - docker compose build - docker compose up --wait -d - - - name: Setup Ruby - env: - # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM - BUNDLE_FORCE_RUBY_PLATFORM: "${{ contains(matrix.ruby, 'preview') && 'true' || 'false' }}" - uses: ruby/setup-ruby@v1 - with: - ruby-version: '${{ matrix.ruby }}' - bundler-cache: true - - - name: acceptance - env: - SPEC_HELPER_LOAD_METASPLOIT: false - SPEC_OPTS: "--tag acceptance --require acceptance_spec_helper.rb --color --format documentation --format AllureRspec::RSpecFormatter" - RUNTIME_VERSION: 'latest' - # Unix run command: - # SPEC_HELPER_LOAD_METASPLOIT=false bundle exec ./spec/acceptance - # Windows cmd command: - # set SPEC_HELPER_LOAD_METASPLOIT=false - # bundle exec rspec .\spec\acceptance - # Note: rspec retry is intentionally not used, as it can cause issues with allure's reporting - # Additionally - flakey tests should be fixed or marked as flakey instead of silently retried - run: | - bundle exec rspec spec/acceptance/smb_spec.rb - - - name: Archive results - if: always() - uses: actions/upload-artifact@v4 - with: - # Provide a unique artifact for each matrix os, otherwise race conditions can lead to corrupt zips - name: smb_acceptance-${{ matrix.os }} - path: tmp/allure-raw-data - - # Generate a final report from the previous test results - report: - name: Generate report - needs: - - smb - runs-on: ubuntu-latest - if: always() - - steps: - - name: Checkout code - uses: actions/checkout@v4 - if: always() - - - name: Install system dependencies (Linux) - if: always() - run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz - - - name: Setup Ruby - if: always() - env: - BUNDLE_FORCE_RUBY_PLATFORM: true - uses: ruby/setup-ruby@v1 - with: - ruby-version: '${{ matrix.ruby }}' - bundler-cache: true - cache-version: 4 - - - uses: actions/download-artifact@v4 - id: download - if: always() - with: - # Note: Not specifying a name will download all artifacts from the previous workflow jobs - path: raw-data - - - name: allure generate - if: always() - run: | - export VERSION=2.22.1 - - curl -o allure-$VERSION.tgz -Ls https://github.com/allure-framework/allure2/releases/download/$VERSION/allure-$VERSION.tgz - tar -zxvf allure-$VERSION.tgz -C . - - ls -la ${{steps.download.outputs.download-path}} - ./allure-$VERSION/bin/allure generate ${{steps.download.outputs.download-path}}/* -o ./allure-report - - find ${{steps.download.outputs.download-path}} - bundle exec ruby tools/dev/report_generation/support_matrix/generate.rb --allure-data ${{steps.download.outputs.download-path}} > ./allure-report/support_matrix.html - - - name: archive results - if: always() - uses: actions/upload-artifact@v4 - with: - name: final-report-${{ github.run_id }} - path: | - ./allure-report diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml deleted file mode 100644 index ed70f8bb89fcf..0000000000000 --- a/.github/workflows/verify.yml +++ /dev/null @@ -1,122 +0,0 @@ -name: Verify - -# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions -permissions: - actions: none - checks: none - contents: none - deployments: none - id-token: none - issues: none - discussions: none - packages: none - pages: none - pull-requests: none - repository-projects: none - security-events: none - statuses: none - -on: - push: - branches-ignore: - - gh-pages - - metakitty - - weekly-dependency-updates - pull_request: - branches-ignore: - - weekly-dependency-updates - -jobs: - build: - runs-on: ubuntu-latest - timeout-minutes: 40 - name: Docker Build - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: docker-compose build - run: | - curl -L https://github.com/docker/compose/releases/download/1.22.0/docker-compose-`uname -s`-`uname -m` > docker-compose - chmod +x docker-compose - sudo mv docker-compose /usr/bin - - /usr/bin/docker-compose build - - test: - runs-on: ${{ matrix.os }} - timeout-minutes: 40 - - services: - postgres: - image: postgres:9.6 - ports: ["5432:5432"] - env: - POSTGRES_USER: postgres - POSTGRES_PASSWORD: postgres - options: >- - --health-cmd pg_isready - --health-interval 10s - --health-timeout 5s - --health-retries 5 - - strategy: - fail-fast: true - matrix: - ruby: - - '3.1' - - '3.2' - - '3.3' - - '3.4.0-preview1' - os: - - ubuntu-20.04 - - ubuntu-latest - exclude: - - { os: ubuntu-latest, ruby: '3.0' } - include: - - os: ubuntu-latest - ruby: '3.1' - test_cmd: 'bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag content" MSF_FEATURE_DEFER_MODULE_LOADS=1' - test_cmd: - - bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag content" - - bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag ~content" - # Used for testing the remote data service - - bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag content" REMOTE_DB=1 - - bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag ~content" REMOTE_DB=1 - - env: - RAILS_ENV: test - BUNDLE_WITHOUT: "coverage development pcap" - - name: ${{ matrix.os }} - Ruby ${{ matrix.ruby }} - ${{ matrix.test_cmd }} - steps: - - name: Install system dependencies - run: sudo apt-get install -y --no-install-recommends libpcap-dev graphviz - - - name: Checkout code - uses: actions/checkout@v4 - - - name: Setup Ruby - env: - # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM - BUNDLE_FORCE_RUBY_PLATFORM: "${{ contains(matrix.ruby, 'preview') && 'true' || 'false' }}" - uses: ruby/setup-ruby@v1 - with: - ruby-version: '${{ matrix.ruby }}' - bundler-cache: true - - - name: Create database - run: | - cp config/database.yml.github_actions config/database.yml - bundle exec rake --version - bundle exec rake db:create - bundle exec rake db:migrate - # fail build if db/schema.rb update is not committed - git diff --exit-code db/schema.rb - - - name: ${{ matrix.test_cmd }} - run: | - echo "${CMD}" - bash -c "${CMD}" - env: - CMD: ${{ matrix.test_cmd }} diff --git a/.github/workflows/weekly-dependencies-pr.yml b/.github/workflows/weekly-dependencies-pr.yml deleted file mode 100644 index d529c93d5a494..0000000000000 --- a/.github/workflows/weekly-dependencies-pr.yml +++ /dev/null @@ -1,69 +0,0 @@ -# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions -permissions: - actions: none - checks: none - contents: none - deployments: none - id-token: none - # This action can update/close issues - issues: write - discussions: none - packages: none - pages: none - pull-requests: write - repository-projects: none - security-events: none - statuses: none - -on: - push: - branches: - - weekly-dependency-updates - paths: - - 'Gemfile.lock' - -name: Weekly dependency PR workflow - -jobs: - create-pull-request: - runs-on: ubuntu-latest - steps: - - name: Create Pull Request - uses: actions/github-script@v6 - with: - script: | - const { repo, owner } = context.repo; - console.log('repo:'); - console.log(JSON.stringify(repo, null, 4)); - console.log('owner:'); - console.log(JSON.stringify(owner, null, 4)); - const hasPR = await github.rest.pulls.list({ - owner, - repo, - head: owner + ':' + '${{ github.ref_name }}' - }); - console.log('hasPR:'); - console.log(JSON.stringify({ data: hasPR.data, status: hasPR.status }, null, 4)); - if (Array.isArray(hasPR.data) && !hasPR.data.length) { - const result = await github.rest.pulls.create({ - title: 'Weekly dependency updates', - owner, - repo, - head: '${{ github.ref_name }}', - base: 'master', - body: [ - 'This PR is auto-generated by [actions/github-script](https://github.com/actions/github-script). ', - '`bundle update` revealed the following gems have new version to be evaluated for update.' - ].join('\n') - }); - console.log('result:'); - console.log(JSON.stringify({ data: result.data, status: result.status }, null, 4)); - const labelResult = await github.rest.issues.addLabels({ - owner, - repo, - issue_number: result.data.number, - labels: ['automation', 'rn-no-release-notes'] - }); - console.log('labelResult:'); - console.log(JSON.stringify({ data: labelResult.data, status: labelResult.status }, null, 4)); - }