timamsk/vscodium
1
0
Fork 0
mirror of https://github.com/VSCodium/vscodium.git synced 2026-04-23 19:40:14 +10:00
Code Issues Packages Projects Releases Wiki Activity

ci: fix expressions and permissions

Browse Source
This commit is contained in:
Baptiste Augrain
2026-04-18 03:20:59 +02:00
parent 7132e64cf0
commit 9ca7fc4b60
8 changed files with 34 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/ci-build-linux.yml vendored
View File

@@ -182,7 +182,7 @@ jobs:
- name: Prepare assets - name: Prepare assets
env: env:
SHOULD_BUILD_APPIMAGE: ${{ (vars[format('DISABLE_{0}_APPIMAGE', ((github.ref == 'refs/heads/insider' || (github.event_name == 'pull_request' && github.event.pull_request.base.ref == 'insider')) && 'INSIDER' || 'STABLE'))] == 'yes' && 'no' || 'yes' }} SHOULD_BUILD_APPIMAGE: ${{ vars[format('DISABLE_{0}_APPIMAGE', ((github.ref == 'refs/heads/insider' || (github.event_name == 'pull_request' && github.event.pull_request.base.ref == 'insider')) && 'INSIDER' || 'STABLE'))] == 'yes' && 'no' || 'yes' }}
SHOULD_BUILD_REH: 'no' SHOULD_BUILD_REH: 'no'
SHOULD_BUILD_REH_WEB: 'no' SHOULD_BUILD_REH_WEB: 'no'
VSCODE_SYSROOT_REPOSITORY: ${{ steps.build.outputs.VSCODE_SYSROOT_REPOSITORY }} VSCODE_SYSROOT_REPOSITORY: ${{ steps.build.outputs.VSCODE_SYSROOT_REPOSITORY }}

2
.github/workflows/ci-build-windows.yml vendored
View File

@@ -140,7 +140,7 @@ jobs:
- name: Build - name: Build
env: env:
DISABLE_MSI: ${{ vars[format('DISABLE_{0}_MSI', ((github.ref == 'refs/heads/insider' || (github.event_name == 'pull_request' && github.event.pull_request.base.ref == 'insider')) && 'INSIDER' || 'STABLE')] }} DISABLE_MSI: ${{ vars[format('DISABLE_{0}_MSI', ((github.ref == 'refs/heads/insider' || (github.event_name == 'pull_request' && github.event.pull_request.base.ref == 'insider')) && 'INSIDER' || 'STABLE'))] }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
npm_config_arch: ${{ matrix.vscode_arch }} npm_config_arch: ${{ matrix.vscode_arch }}
npm_config_target_arch: ${{ matrix.vscode_arch }} npm_config_target_arch: ${{ matrix.vscode_arch }}

22
.github/workflows/publish-insider-linux.yml vendored
View File

@@ -1,7 +1,7 @@
name: Publish - Insider - Linux name: Publish - Insider - Linux
on: on:
workflow_dispatch: workflow_dispatch: {}
repository_dispatch: repository_dispatch:
types: types:
- publish-insider - publish-insider
@@ -125,7 +125,8 @@ jobs:
- compile - compile
runs-on: ubuntu-latest runs-on: ubuntu-latest
environment: publish environment: publish
permissions: {} permissions:
contents: write
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
@@ -221,8 +222,6 @@ jobs:
if: env.DISABLED != 'yes' && env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'yes' if: env.DISABLED != 'yes' && env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'yes'
- name: Release - name: Release
permissions:
contents: write
env: env:
GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }}
GITHUB_USERNAME: ${{ github.repository_owner }} GITHUB_USERNAME: ${{ github.repository_owner }}
@@ -242,7 +241,8 @@ jobs:
- compile - compile
runs-on: ubuntu-22.04 runs-on: ubuntu-22.04
environment: publish environment: publish
permissions: {} permissions:
contents: write
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
@@ -334,8 +334,6 @@ jobs:
if: env.DISABLED != 'yes' && (env.SHOULD_BUILD_REH != 'no' || env.SHOULD_BUILD_REH_WEB != 'no') if: env.DISABLED != 'yes' && (env.SHOULD_BUILD_REH != 'no' || env.SHOULD_BUILD_REH_WEB != 'no')
- name: Release - name: Release
permissions:
contents: write
env: env:
GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }}
GITHUB_USERNAME: ${{ github.repository_owner }} GITHUB_USERNAME: ${{ github.repository_owner }}
@@ -348,7 +346,8 @@ jobs:
- compile - compile
runs-on: ubuntu-22.04 runs-on: ubuntu-22.04
environment: publish environment: publish
permissions: {} permissions:
contents: write
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
@@ -416,8 +415,6 @@ jobs:
if: env.DISABLED != 'yes' && (env.SHOULD_BUILD_REH != 'no' || env.SHOULD_BUILD_REH_WEB != 'no') if: env.DISABLED != 'yes' && (env.SHOULD_BUILD_REH != 'no' || env.SHOULD_BUILD_REH_WEB != 'no')
- name: Release - name: Release
permissions:
contents: write
env: env:
GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }}
GITHUB_USERNAME: ${{ github.repository_owner }} GITHUB_USERNAME: ${{ github.repository_owner }}
@@ -460,7 +457,8 @@ jobs:
- build - build
runs-on: ubuntu-latest runs-on: ubuntu-latest
environment: publish environment: publish
permissions: {} permissions:
contents: write
env: env:
RELEASE_VERSION: ${{ needs.check.outputs.RELEASE_VERSION }} RELEASE_VERSION: ${{ needs.check.outputs.RELEASE_VERSION }}
SNAP_NAME: codium-insiders SNAP_NAME: codium-insiders
@@ -492,8 +490,6 @@ jobs:
# isClassic: 'true' # isClassic: 'true'
- uses: svenstaro/upload-release-action@29e53e917877a24fad85510ded594ab3c9ca12de # latest - uses: svenstaro/upload-release-action@29e53e917877a24fad85510ded594ab3c9ca12de # latest
permissions:
contents: write
with: with:
repo_name: ${{ env.ASSETS_REPOSITORY }} repo_name: ${{ env.ASSETS_REPOSITORY }}
repo_token: ${{ secrets.STRONGER_GITHUB_TOKEN }} repo_token: ${{ secrets.STRONGER_GITHUB_TOKEN }}

5
.github/workflows/publish-insider-macos.yml vendored
View File

@@ -1,7 +1,7 @@
name: Publish - Insider - macOS name: Publish - Insider - macOS
on: on:
workflow_dispatch: workflow_dispatch: {}
repository_dispatch: repository_dispatch:
types: types:
- publish-insider - publish-insider
@@ -21,7 +21,8 @@ jobs:
build: build:
runs-on: ${{ matrix.runner }} runs-on: ${{ matrix.runner }}
environment: publish environment: publish
permissions: {} permissions:
contents: write
env: env:
SHOULD_BUILD: yes SHOULD_BUILD: yes
SHOULD_DEPLOY: yes SHOULD_DEPLOY: yes

8
.github/workflows/publish-insider-windows.yml vendored
View File

@@ -1,7 +1,7 @@
name: Publish - Insider - Windows name: Publish - Insider - Windows
on: on:
workflow_dispatch: workflow_dispatch: {}
repository_dispatch: repository_dispatch:
types: types:
- publish-insider - publish-insider
@@ -115,7 +115,8 @@ jobs:
- compile - compile
runs-on: windows-2022 runs-on: windows-2022
environment: publish environment: publish
permissions: {} permissions:
contents: write
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
@@ -229,7 +230,8 @@ jobs:
needs: build needs: build
runs-on: windows-2022 runs-on: windows-2022
environment: publish environment: publish
permissions: {} permissions:
contents: write
defaults: defaults:
run: run:
shell: bash shell: bash

17
.github/workflows/publish-stable-linux.yml vendored
View File

@@ -1,7 +1,7 @@
name: Publish - Stable - Linux name: Publish - Stable - Linux
on: on:
workflow_dispatch: workflow_dispatch: {}
repository_dispatch: repository_dispatch:
types: types:
- publish-stable - publish-stable
@@ -126,7 +126,8 @@ jobs:
- compile - compile
runs-on: ubuntu-latest runs-on: ubuntu-latest
environment: publish environment: publish
permissions: {} permissions:
contents: write
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
@@ -222,8 +223,6 @@ jobs:
if: env.DISABLED != 'yes' && env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'yes' if: env.DISABLED != 'yes' && env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'yes'
- name: Release - name: Release
permissions:
contents: write
env: env:
GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }}
GITHUB_USERNAME: ${{ github.repository_owner }} GITHUB_USERNAME: ${{ github.repository_owner }}
@@ -243,7 +242,8 @@ jobs:
- compile - compile
runs-on: ubuntu-22.04 runs-on: ubuntu-22.04
environment: publish environment: publish
permissions: {} permissions:
contents: write
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
@@ -335,8 +335,6 @@ jobs:
if: env.DISABLED != 'yes' && (env.SHOULD_BUILD_REH != 'no' || env.SHOULD_BUILD_REH_WEB != 'no') if: env.DISABLED != 'yes' && (env.SHOULD_BUILD_REH != 'no' || env.SHOULD_BUILD_REH_WEB != 'no')
- name: Release - name: Release
permissions:
contents: write
env: env:
GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }}
GITHUB_USERNAME: ${{ github.repository_owner }} GITHUB_USERNAME: ${{ github.repository_owner }}
@@ -349,7 +347,8 @@ jobs:
- compile - compile
runs-on: ubuntu-22.04 runs-on: ubuntu-22.04
environment: publish environment: publish
permissions: {} permissions:
contents: write
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
@@ -417,8 +416,6 @@ jobs:
if: env.DISABLED != 'yes' && (env.SHOULD_BUILD_REH != 'no' || env.SHOULD_BUILD_REH_WEB != 'no') if: env.DISABLED != 'yes' && (env.SHOULD_BUILD_REH != 'no' || env.SHOULD_BUILD_REH_WEB != 'no')
- name: Release - name: Release
permissions:
contents: write
env: env:
GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }}
GITHUB_USERNAME: ${{ github.repository_owner }} GITHUB_USERNAME: ${{ github.repository_owner }}

5
.github/workflows/publish-stable-macos.yml vendored
View File

@@ -1,7 +1,7 @@
name: Publish - Stable - macOS name: Publish - Stable - macOS
on: on:
workflow_dispatch: workflow_dispatch: {}
repository_dispatch: repository_dispatch:
types: types:
- publish-stable - publish-stable
@@ -21,7 +21,8 @@ jobs:
build: build:
runs-on: ${{ matrix.runner }} runs-on: ${{ matrix.runner }}
environment: publish environment: publish
permissions: {} permissions:
contents: write
env: env:
SHOULD_BUILD: yes SHOULD_BUILD: yes
SHOULD_DEPLOY: yes SHOULD_DEPLOY: yes

8
.github/workflows/publish-stable-windows.yml vendored
View File

@@ -1,7 +1,7 @@
name: Publish - Stable - Windows name: Publish - Stable - Windows
on: on:
workflow_dispatch: workflow_dispatch: {}
repository_dispatch: repository_dispatch:
types: types:
- publish-stable - publish-stable
@@ -115,7 +115,8 @@ jobs:
- compile - compile
runs-on: windows-2022 runs-on: windows-2022
environment: publish environment: publish
permissions: {} permissions:
contents: write
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
@@ -228,7 +229,8 @@ jobs:
needs: build needs: build
runs-on: windows-2022 runs-on: windows-2022
environment: publish environment: publish
permissions: {} permissions:
contents: write
defaults: defaults:
run: run:
shell: bash shell: bash