From b36bb262d5ee43093b60481e864ce8893c584b08 Mon Sep 17 00:00:00 2001 From: ilia Date: Fri, 29 May 2026 16:19:49 -0500 Subject: [PATCH 1/6] ci: add homelab Gitea Actions workflow (ci-baseline.yml) --- .gitea/workflows/ci.yml | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 .gitea/workflows/ci.yml diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml new file mode 100644 index 0000000..4b98171 --- /dev/null +++ b/.gitea/workflows/ci.yml @@ -0,0 +1,39 @@ +--- +# Homelab CI — baseline secret scan (git-ci-02) +name: CI + +on: + push: + branches: [master, main] + pull_request: + types: [opened, synchronize, reopened] + +jobs: + skip-ci-check: + runs-on: [homelab, self-hosted, linux] + outputs: + should-skip: ${{ steps.check.outputs.skip }} + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 1 + - id: check + run: | + SKIP=0 + BRANCH="${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" + MSG="${GITHUB_EVENT_HEAD_COMMIT_MESSAGE:-$(git log -1 --pretty=%B 2>/dev/null || true)}" + echo "$BRANCH" "$MSG" | grep -qi '@skipci' && SKIP=1 + echo "skip=$SKIP" >> $GITHUB_OUTPUT + + secret-scan: + needs: skip-ci-check + if: needs.skip-ci-check.outputs.should-skip != '1' + runs-on: [homelab, self-hosted, linux, heavy] + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Gitleaks + run: | + docker run --rm -v "$PWD:/repo" ghcr.io/gitleaks/gitleaks:latest \ + detect --source /repo --no-banner --redact From 8cb2fdab61503b64cc2a65989d9c0c7777ca2ee3 Mon Sep 17 00:00:00 2001 From: ilia Date: Fri, 29 May 2026 20:14:23 -0500 Subject: [PATCH 2/6] ci: sync workflow template (node container + host fixes) --- .gitea/workflows/ci.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml index 4b98171..dadb7bd 100644 --- a/.gitea/workflows/ci.yml +++ b/.gitea/workflows/ci.yml @@ -11,6 +11,8 @@ on: jobs: skip-ci-check: runs-on: [homelab, self-hosted, linux] + container: + image: node:20-bookworm outputs: should-skip: ${{ steps.check.outputs.skip }} steps: From c63f58fe039eb5bb608c50250a535fcb7ed7b5b2 Mon Sep 17 00:00:00 2001 From: ilia Date: Fri, 29 May 2026 20:20:03 -0500 Subject: [PATCH 3/6] ci: refresh workflow (re-run pipelines) --- .gitea/workflows/ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml index dadb7bd..30d7eab 100644 --- a/.gitea/workflows/ci.yml +++ b/.gitea/workflows/ci.yml @@ -1,4 +1,5 @@ --- +# ci-sync: 2026-05-30T01:20:09Z # Homelab CI — baseline secret scan (git-ci-02) name: CI From 7dd03bf57df3b88379ea11db6dd7542abb0aa0cb Mon Sep 17 00:00:00 2001 From: ilia Date: Fri, 29 May 2026 20:25:27 -0500 Subject: [PATCH 4/6] ci: sync workflow template --- .gitea/workflows/ci.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml index 30d7eab..dadb7bd 100644 --- a/.gitea/workflows/ci.yml +++ b/.gitea/workflows/ci.yml @@ -1,5 +1,4 @@ --- -# ci-sync: 2026-05-30T01:20:09Z # Homelab CI — baseline secret scan (git-ci-02) name: CI From 9769d3a1a78cc2eca7bf600302b1be225977658b Mon Sep 17 00:00:00 2001 From: ilia Date: Fri, 29 May 2026 20:27:44 -0500 Subject: [PATCH 5/6] ci: refresh workflow (re-run pipelines) --- .gitea/workflows/ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml index dadb7bd..845038a 100644 --- a/.gitea/workflows/ci.yml +++ b/.gitea/workflows/ci.yml @@ -1,4 +1,5 @@ --- +# ci-sync: 2026-05-30T01:27:50Z # Homelab CI — baseline secret scan (git-ci-02) name: CI From 3815ab1dcb75d31ea9c25ab3004cd18e5d23db5e Mon Sep 17 00:00:00 2001 From: ilia Date: Fri, 29 May 2026 20:30:07 -0500 Subject: [PATCH 6/6] ci: refresh workflow (re-run pipelines) --- .gitea/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml index 845038a..aaf90c3 100644 --- a/.gitea/workflows/ci.yml +++ b/.gitea/workflows/ci.yml @@ -1,5 +1,5 @@ --- -# ci-sync: 2026-05-30T01:27:50Z +# ci-sync: 2026-05-30T01:30:14Z # Homelab CI — baseline secret scan (git-ci-02) name: CI