Actions for Forgejo runners because apparently they just cannot handle GitHub ones and I hate finding them
| ai-review | ||
| cargo-audit | ||
| s3-cache | ||
| setup-bun | ||
| setup-deno | ||
| setup-docker | ||
| setup-dotnet | ||
| setup-go | ||
| setup-helm | ||
| setup-java | ||
| setup-kind | ||
| setup-kubectl | ||
| setup-node | ||
| setup-podman | ||
| setup-python | ||
| setup-rust | ||
| setup-sccache | ||
| setup-swift | ||
| setup-terraform | ||
| setup-zig | ||
| sonarqube | ||
| trivy | ||
| LICENSE | ||
| README.md | ||
actions
Actions for Forgejo runners because apparently they just cannot handle GitHub ones and I hate finding them
Language Setup Actions
setup-go
Install Go from official releases.
- uses: https://forge.blackleafdigital.com/BlackLeafDigital/actions/setup-go@main
with:
go-version: '1.23' # optional, default: 1.23
cache: true # optional, default: true
setup-node
Install Node.js with package manager support.
- uses: https://forge.blackleafdigital.com/BlackLeafDigital/actions/setup-node@main
with:
node-version: '22' # optional, default: 22
package-manager: pnpm # optional: npm, yarn, pnpm (default: npm)
cache: true # optional, default: true
setup-python
Install Python via uv (fast Python package manager).
- uses: https://forge.blackleafdigital.com/BlackLeafDigital/actions/setup-python@main
with:
python-version: '3.12' # optional, default: 3.12
uv-version: latest # optional, default: latest
cache: true # optional, default: true
setup-rust
Install Rust toolchain via rustup with optional sccache integration.
- uses: https://forge.blackleafdigital.com/BlackLeafDigital/actions/setup-rust@main
with:
toolchain: stable # optional, default: stable
components: rustfmt, clippy # optional
targets: x86_64-unknown-linux-musl # optional
With sccache + S3
- uses: https://forge.blackleafdigital.com/BlackLeafDigital/actions/setup-rust@main
with:
components: rustfmt, clippy
sccache: true
sccache-bucket: ${{ secrets.S3_BUCKET }}
sccache-endpoint: https://${{ secrets.S3_ENDPOINT }}
sccache-region: ${{ secrets.S3_REGION }}
sccache-access-key: ${{ secrets.S3_ACCESS_KEY }}
sccache-secret-key: ${{ secrets.S3_ACCESS_SECRET }}
sccache-key-prefix: sccache/myproject
setup-bun
Install Bun JavaScript runtime.
- uses: https://forge.blackleafdigital.com/BlackLeafDigital/actions/setup-bun@main
with:
bun-version: latest # optional, default: latest
setup-deno
Install Deno JavaScript/TypeScript runtime.
- uses: https://forge.blackleafdigital.com/BlackLeafDigital/actions/setup-deno@main
with:
deno-version: latest # optional, default: latest
setup-java
Install Java/JDK via Eclipse Temurin (Adoptium).
- uses: https://forge.blackleafdigital.com/BlackLeafDigital/actions/setup-java@main
with:
java-version: '21' # optional, default: 21
distribution: temurin # optional, default: temurin
setup-dotnet
Install .NET SDK via official Microsoft installer.
- uses: https://forge.blackleafdigital.com/BlackLeafDigital/actions/setup-dotnet@main
with:
dotnet-version: '8.0' # optional, default: 8.0
setup-zig
Install Zig compiler.
- uses: https://forge.blackleafdigital.com/BlackLeafDigital/actions/setup-zig@main
with:
zig-version: '0.13.0' # optional, default: 0.13.0 (or 'master')
setup-swift
Install Swift toolchain.
- uses: https://forge.blackleafdigital.com/BlackLeafDigital/actions/setup-swift@main
with:
swift-version: '5.10' # optional, default: 5.10
Tool Setup Actions
setup-kind
Install Kind (Kubernetes in Docker) with optional cluster creation.
- uses: https://forge.blackleafdigital.com/BlackLeafDigital/actions/setup-kind@main
with:
kind-version: v0.24.0 # optional, default: v0.24.0
cluster-name: kind # optional, default: kind
wait: '120s' # optional, default: 120s
create-cluster: true # optional, default: true
setup-kubectl
Install kubectl CLI.
- uses: https://forge.blackleafdigital.com/BlackLeafDigital/actions/setup-kubectl@main
with:
kubectl-version: stable # optional, default: stable (latest)
setup-helm
Install Helm package manager for Kubernetes.
- uses: https://forge.blackleafdigital.com/BlackLeafDigital/actions/setup-helm@main
with:
helm-version: latest # optional, default: latest
setup-terraform
Install Terraform from HashiCorp.
- uses: https://forge.blackleafdigital.com/BlackLeafDigital/actions/setup-terraform@main
with:
terraform-version: latest # optional, default: latest
setup-docker
Install Docker (Linux only, macOS requires Docker Desktop).
- uses: https://forge.blackleafdigital.com/BlackLeafDigital/actions/setup-docker@main
with:
docker-version: latest # optional, default: latest
setup-podman
Install Podman container engine.
- uses: https://forge.blackleafdigital.com/BlackLeafDigital/actions/setup-podman@main
with:
podman-version: latest # optional, default: latest (system package)
setup-sccache
Standalone sccache setup with optional S3 backend.
- uses: https://forge.blackleafdigital.com/BlackLeafDigital/actions/setup-sccache@main
with:
version: v0.8.1 # optional
bucket: ${{ secrets.S3_BUCKET }}
endpoint: https://${{ secrets.S3_ENDPOINT }}
region: ${{ secrets.S3_REGION }}
access-key: ${{ secrets.S3_ACCESS_KEY }}
secret-key: ${{ secrets.S3_ACCESS_SECRET }}
key-prefix: sccache/myproject
Security & Quality Actions
cargo-audit
Run security audit for Rust dependencies.
- uses: https://forge.blackleafdigital.com/BlackLeafDigital/actions/cargo-audit@main
with:
deny: unmaintained # optional: fail on unmaintained crates
trivy
Run Trivy security scanner for vulnerabilities in code, containers, and dependencies.
- uses: https://forge.blackleafdigital.com/BlackLeafDigital/actions/trivy@main
with:
scan-type: fs # optional: fs, image, repo (default: fs)
severity: CRITICAL,HIGH # optional (default: CRITICAL,HIGH)
exit-code: '1' # optional: fail on findings (default: 1)
ignore-unfixed: false # optional: ignore unpatched vulns
format: table # optional: table, json, sarif
Scan Docker image
- uses: https://forge.blackleafdigital.com/BlackLeafDigital/actions/trivy@main
with:
scan-type: image
image-ref: myapp:latest
severity: CRITICAL
sonarqube
Run SonarQube code quality analysis.
- uses: https://forge.blackleafdigital.com/BlackLeafDigital/actions/sonarqube@main
with:
host-url: ${{ secrets.SONAR_HOST_URL }}
token: ${{ secrets.SONAR_TOKEN }}
project-key: my-project
project-name: My Project # optional (defaults to project-key)
sources: src # optional (default: .)
exclusions: '**/*.test.ts' # optional: patterns to exclude
ai-review
AI-powered code review using Z.AI (GLM) or other OpenAI-compatible providers.
- uses: https://forge.blackleafdigital.com/BlackLeafDigital/actions/ai-review@main
with:
api-key: ${{ secrets.ZAI_API_KEY }}
forgejo-token: ${{ secrets.FORGEJO_TOKEN }}
forgejo-url: https://forge.blackleafdigital.com
model: glm-4.6 # optional (default: glm-4.6)
base-url: https://api.z.ai/v1 # optional (default: Z.AI)
provider: openai # optional: openai, anthropic, ollama
With OpenAI
- uses: https://forge.blackleafdigital.com/BlackLeafDigital/actions/ai-review@main
with:
api-key: ${{ secrets.OPENAI_API_KEY }}
forgejo-token: ${{ secrets.FORGEJO_TOKEN }}
forgejo-url: https://forge.blackleafdigital.com
base-url: https://api.openai.com/v1
model: gpt-4o