diff --git a/.github/workflows/codeql_analysis.yml b/.github/workflows/codeql_analysis.yml new file mode 100644 index 0000000..ffe8eb7 --- /dev/null +++ b/.github/workflows/codeql_analysis.yml @@ -0,0 +1,59 @@ +name: "CodeQL" + +on: + push: + branches: [ "dev" ] + pull_request: + branches: [ "dev" ] + schedule: + - cron: '21 13 * * 3' + workflow_dispatch: + +env: + default_branch: dev + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: [ 'python' ] + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + with: + ref: ${{ env.default_branch }} + + - name: Set up Python + uses: actions/setup-python@v4 + with: + python-version: '3.10.7' + - name: Install dependencies + run: | + python -m pip install --upgrade pip + if [ -f requirements.txt ]; + then pip install -r requirements.txt; + fi + echo "CODEQL_PYTHON=$(which python)" >> $GITHUB_ENV + + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + setup-python-dependencies: false + + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 + with: + category: "/language:${{matrix.language}}" diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml new file mode 100644 index 0000000..35d507c --- /dev/null +++ b/.github/workflows/dev.yml @@ -0,0 +1,69 @@ +name: Build dev branch + +on: + push: + branches: [ "dev" ] + schedule: + - cron: '24 9 * * 6' + workflow_dispatch: + +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + IMAGE_TAG: ${{ github.sha }} + +jobs: + security_checks: + runs-on: ubuntu-latest + name: Security check + steps: + - uses: actions/checkout@v2 + - name: Security Checks (PyCharm Security) + uses: tonybaloney/pycharm-security@master + with: + path: . + + build: + needs: security_checks + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + + steps: + - name: Checkout Dockerfile + id: checkout + uses: actions/checkout@v3 + with: + ref: ${{ inputs.branch }} + + - name: Setup QEMU + id: qemu + uses: docker/setup-qemu-action@v1 + with: + image: tonistiigi/binfmt:latest + platforms: all + + - name: Setup Docker Buildx + id: buildx + uses: docker/setup-buildx-action@v1 + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v3 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + flavor: | + latest=${{ startsWith(github.ref, 'refs/heads/main') }} + suffix=-${{ github.sha }} + + - name: Build Docker image + id: build + uses: docker/build-push-action@v2 + with: + context: . + file: ./Dockerfile + platforms: linux/amd64,linux/arm64/v8 + push: false + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} diff --git a/.github/workflows/features.yml b/.github/workflows/features.yml new file mode 100644 index 0000000..cc6cb90 --- /dev/null +++ b/.github/workflows/features.yml @@ -0,0 +1,70 @@ +name: Build a feature branch + +on: + workflow_dispatch: + inputs: + branch: + description: 'Branch' + required: true + default: '' + +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + IMAGE_TAG: ${{ github.sha }} + +jobs: + security_checks: + runs-on: ubuntu-latest + name: Security check + steps: + - uses: actions/checkout@v2 + - name: Security Checks (PyCharm Security) + uses: tonybaloney/pycharm-security@master + with: + path: . + + build: + needs: security_checks + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + + steps: + - name: Checkout Dockerfile + id: checkout + uses: actions/checkout@v3 + with: + ref: ${{ inputs.branch }} + + - name: Setup QEMU + id: qemu + uses: docker/setup-qemu-action@v1 + with: + image: tonistiigi/binfmt:latest + platforms: all + + - name: Setup Docker Buildx + id: buildx + uses: docker/setup-buildx-action@v1 + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v3 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + flavor: | + latest=${{ startsWith(github.ref, 'refs/heads/main') }} + suffix=-${{ github.sha }} + + - name: Build Docker image + id: build + uses: docker/build-push-action@v2 + with: + context: . + file: ./Dockerfile + platforms: linux/amd64,linux/arm64/v8 + push: false + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 366b1fa..af2d573 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,10 +1,8 @@ -name: Main build +name: Build and Publish Docker Image on: push: branches: [ main ] - pull_request: - branches: [ main ] schedule: - cron: '24 9 * * 6' workflow_dispatch: diff --git a/.github/workflows/mypy.yml b/.github/workflows/mypy.yml new file mode 100644 index 0000000..a2eede7 --- /dev/null +++ b/.github/workflows/mypy.yml @@ -0,0 +1,26 @@ +name: MyPy Type Checking + +on: + push: + paths: + - '*.py' + +jobs: + mypy: + runs-on: ubuntu-latest + steps: + - name: Setup Python + uses: actions/setup-python@v1 + with: + python-version: 3.10.7 + architecture: x64 + - name: Checkout + uses: actions/checkout@v1 + - name: Install mypy + run: pip install mypy + - name: Run mypy + uses: sasanquaneuf/mypy-github-action@releases/v1 + with: + checkName: 'mypy' + env: + GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/pull_requests.yml b/.github/workflows/pull_requests.yml new file mode 100644 index 0000000..c00b953 --- /dev/null +++ b/.github/workflows/pull_requests.yml @@ -0,0 +1,65 @@ +on: + pull_request: + branches: [ "main", "dev" ] + workflow_dispatch: + +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + IMAGE_TAG: ${{ github.sha }} + +jobs: + security_checks: + runs-on: ubuntu-latest + name: Security check + steps: + - uses: actions/checkout@v2 + - name: Security Checks (PyCharm Security) + uses: tonybaloney/pycharm-security@master + with: + path: . + + build: + needs: security_checks + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + + steps: + - name: Checkout Dockerfile + id: checkout + uses: actions/checkout@v3 + with: + ref: ${{ inputs.branch }} + + - name: Setup QEMU + id: qemu + uses: docker/setup-qemu-action@v1 + with: + image: tonistiigi/binfmt:latest + platforms: all + + - name: Setup Docker Buildx + id: buildx + uses: docker/setup-buildx-action@v1 + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v3 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + flavor: | + latest=${{ startsWith(github.ref, 'refs/heads/main') }} + suffix=-${{ github.sha }} + + - name: Build Docker image + id: build + uses: docker/build-push-action@v2 + with: + context: . + file: ./Dockerfile + platforms: linux/amd64,linux/arm64/v8 + push: false + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} diff --git a/README.md b/README.md index 151ad36..6d2421f 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,8 @@ # ReVanced Releases API -![License: AGPLv3](https://img.shields.io/github/license/alexandreteles/revanced-releases-api) -![GitHub last commit](https://img.shields.io/github/last-commit/alexandreteles/revanced-releases-api) -![GitHub Workflow Status](https://img.shields.io/github/workflow/status/alexandreteles/revanced-releases-api/Main%20build) +![License: AGPLv3](https://img.shields.io/github/license/revanced/revanced-releases-api) +![GitHub last commit](https://img.shields.io/github/last-commit/revanced/revanced-releases-api) +![GitHub Workflow Status](https://github.com/revanced/revanced-releases-api/actions/workflows/dev.yml/badge.svg) This is a simple API that returns the latest ReVanced releases, patches and contributors. @@ -10,7 +10,21 @@ This is a simple API that returns the latest ReVanced releases, patches and cont The API is available at [https://revanced-releases-api.afterst0rm.xyz/](https://revanced-releases-api.afterst0rm.xyz/). -You can deploy your own instance by cloning this repository, editing the `docker-compose.yml` file to include your GitHub token and running `docker-compose up` or `docker-compose up --build` if you want to build the image locally instead of pulling from Docker Hub. Optionally you can run the application without Docker by running `poetry install` and `poetry run ./main.py`. In this case, you'll also need a redis server and setup the `REDIS_URL`, `REDIS_PORT` and `GITHUB_TOKEN` environment variables on your system. +You can deploy your own instance by cloning this repository, editing the `docker-compose.yml` file to include your GitHub token and running `docker-compose up` or `docker-compose up --build` if you want to build the image locally instead of pulling from GHCR. Optionally you can run the application without Docker by running `poetry install` and `poetry run ./run.sh`. In this case, you'll also need a redis server and setup the following environment variables on your system. + +| Variable | Description | +| ---------------------- | ------------------------------------- | +| `GITHUB_TOKEN` | Your GitHub token. | +| `REDIS_URL` | The hostname/IP of your redis server. | +| `REDIS_PORT` | The port of your redis server. | +| `HYPERCORN_HOST` | The hostname/IP of the API. | +| `HYPERCORN_PORT` | The port of the API. | +| `HYPERCORN_LOG_LEVEL` | The log level of the API. | +| `SENTRY_DSN` | The DSN of your Sentry instance. | + +Please note that there are no default values for any of these variables. + +If you don't have a Sentry instance, we recommend using [GlitchTip](https://glitchtip.com/). ### API Endpoints @@ -25,7 +39,3 @@ If you want to contribute to this project, feel free to open a pull request or a ## License This project is licensed under the AGPLv3 License - see the [LICENSE](LICENSE) file for details. - -## Acknowledgments - -* [ReVanced Team](https://github.com/revanced/) for making such a great project