Actions for Forgejo runners because apparently they just cannot handle GitHub ones and I hate finding them
- TypeScript 89.5%
- Shell 5.3%
- JavaScript 4.4%
- Python 0.8%
|
|
||
|---|---|---|
| .forgejo/workflows | ||
| ai-review | ||
| cargo-audit | ||
| cargo-get | ||
| cargo-publish-workspace | ||
| check-orphan-versions | ||
| ci-step-status | ||
| detect-changes | ||
| download-file | ||
| github_format | ||
| golangci-lint | ||
| helm-unittest | ||
| install-git-bash | ||
| intellitester | ||
| pypi-publish-workspace | ||
| release-service | ||
| resolve-version | ||
| s3-cache | ||
| setup-android-sdk | ||
| setup-bun | ||
| setup-ccache | ||
| setup-deno | ||
| setup-docker | ||
| setup-dotnet | ||
| setup-flutter | ||
| setup-go | ||
| setup-helm | ||
| setup-java | ||
| setup-kind | ||
| setup-kubectl | ||
| setup-libclang | ||
| setup-msvc | ||
| setup-ninja | ||
| setup-node | ||
| setup-pnpm | ||
| setup-podman | ||
| setup-python | ||
| setup-rust | ||
| setup-sccache | ||
| setup-shell | ||
| setup-swift | ||
| setup-system-deps | ||
| setup-terraform | ||
| setup-wasi-sdk | ||
| setup-zig | ||
| setup-ztus | ||
| shared | ||
| sonarqube | ||
| trivy | ||
| tus-upload | ||
| upload-appstore | ||
| upload-appwrite-storage | ||
| upload-google-play | ||
| .gitattributes | ||
| .gitignore | ||
| bun.lock | ||
| LICENSE | ||
| package.json | ||
| README.md | ||
| tsconfig.base.json | ||
actions
Actions for Forgejo runners because apparently they just cannot handle GitHub ones and I hate finding them
Language Setup Actions
setup-go
Install Go from official releases.
- uses: https://forge.blackleafdigital.com/Public/actions/setup-go@main
with:
go-version: '1.23' # optional, default: 1.23
cache: true # optional, default: true
setup-node
Install Node.js with package manager support.
- uses: https://forge.blackleafdigital.com/Public/actions/setup-node@main
with:
node-version: '22' # optional, default: 22
package-manager: pnpm # optional: npm, yarn, pnpm (default: npm)
cache: true # optional, default: true
setup-python
Install Python via uv (fast Python package manager).
- uses: https://forge.blackleafdigital.com/Public/actions/setup-python@main
with:
python-version: '3.12' # optional, default: 3.12
uv-version: latest # optional, default: latest
cache: true # optional, default: true
setup-rust
Install Rust toolchain via rustup with optional sccache integration.
- uses: https://forge.blackleafdigital.com/Public/actions/setup-rust@main
with:
toolchain: stable # optional, default: stable
components: rustfmt, clippy # optional
targets: x86_64-unknown-linux-musl # optional
With sccache + S3
- uses: https://forge.blackleafdigital.com/Public/actions/setup-rust@main
with:
components: rustfmt, clippy
sccache: true
sccache-s3-bucket: ${{ secrets.S3_BUCKET }}
sccache-s3-endpoint: https://${{ secrets.S3_ENDPOINT }}
sccache-s3-region: ${{ secrets.S3_REGION }}
sccache-s3-access-key-id: ${{ secrets.S3_ACCESS_KEY }}
sccache-s3-secret-access-key: ${{ secrets.S3_ACCESS_SECRET }}
sccache-key-prefix: sccache/myproject
setup-bun
Install Bun JavaScript runtime.
- uses: https://forge.blackleafdigital.com/Public/actions/setup-bun@main
with:
bun-version: latest # optional, default: latest
setup-deno
Install Deno JavaScript/TypeScript runtime.
- uses: https://forge.blackleafdigital.com/Public/actions/setup-deno@main
with:
deno-version: latest # optional, default: latest
setup-java
Install Java/JDK via Eclipse Temurin (Adoptium).
- uses: https://forge.blackleafdigital.com/Public/actions/setup-java@main
with:
java-version: '21' # optional, default: 21
distribution: temurin # optional, default: temurin
setup-dotnet
Install .NET SDK via official Microsoft installer.
- uses: https://forge.blackleafdigital.com/Public/actions/setup-dotnet@main
with:
dotnet-version: '8.0' # optional, default: 8.0
setup-zig
Install Zig compiler.
- uses: https://forge.blackleafdigital.com/Public/actions/setup-zig@main
with:
zig-version: '0.13.0' # optional, default: 0.13.0 (or 'master')
setup-swift
Install Swift toolchain.
- uses: https://forge.blackleafdigital.com/Public/actions/setup-swift@main
with:
swift-version: '5.10' # optional, default: 5.10
Tool Setup Actions
setup-kind
Install Kind (Kubernetes in Docker) with optional cluster creation.
- uses: https://forge.blackleafdigital.com/Public/actions/setup-kind@main
with:
kind-version: v0.24.0 # optional, default: v0.24.0
cluster-name: kind # optional, default: kind
wait: '120s' # optional, default: 120s
create-cluster: true # optional, default: true
setup-kubectl
Install kubectl CLI.
- uses: https://forge.blackleafdigital.com/Public/actions/setup-kubectl@main
with:
kubectl-version: stable # optional, default: stable (latest)
setup-helm
Install Helm package manager for Kubernetes.
- uses: https://forge.blackleafdigital.com/Public/actions/setup-helm@main
with:
helm-version: latest # optional, default: latest
setup-terraform
Install Terraform from HashiCorp.
- uses: https://forge.blackleafdigital.com/Public/actions/setup-terraform@main
with:
terraform-version: latest # optional, default: latest
setup-docker
Install Docker (Linux only, macOS requires Docker Desktop).
- uses: https://forge.blackleafdigital.com/Public/actions/setup-docker@main
with:
docker-version: latest # optional, default: latest
setup-podman
Install Podman container engine.
- uses: https://forge.blackleafdigital.com/Public/actions/setup-podman@main
with:
podman-version: latest # optional, default: latest (system package)
setup-sccache
Standalone sccache setup with optional S3 backend.
- uses: https://forge.blackleafdigital.com/Public/actions/setup-sccache@main
with:
version: v0.8.1 # optional
bucket: ${{ secrets.S3_BUCKET }}
endpoint: https://${{ secrets.S3_ENDPOINT }}
region: ${{ secrets.S3_REGION }}
access-key: ${{ secrets.S3_ACCESS_KEY }}
secret-key: ${{ secrets.S3_ACCESS_SECRET }}
key-prefix: sccache/myproject
Security & Quality Actions
cargo-get
Extract metadata (version, name, description, authors, etc.) from Cargo.toml without needing Rust installed. Handles workspace inheritance ({ workspace = true } fields).
- uses: https://forge.blackleafdigital.com/Public/actions/cargo-get@main
with:
path: . # optional, default: . (dir or Cargo.toml path)
workspace-member: mycrate # optional: specific workspace member to query
Outputs include package_name, package_version, package_version_{major,minor,patch,pre,build}, package_edition, package_rust_version, package_authors, package_description, package_license, package_publish, workspace_members, is_workspace, and more.
cargo-publish-workspace
Idempotent, rate-limit-aware publisher for Rust workspaces. Skips crates already live at the target version on crates.io and retries each crate with per-crate exponential backoff (up to 5 minutes) on HTTP 429. Publishes in topological dependency order.
- uses: https://forge.blackleafdigital.com/Public/actions/cargo-publish-workspace@main
with:
version: ${{ needs.version.outputs.version }}
registry: crates-io # optional, default: crates-io
exclude: blazen-py,blazen-node # optional: comma-separated skip list
cargo-token: ${{ secrets.CARGO_REGISTRY_TOKEN }}
max-backoff-seconds: '300' # optional, default: 300
max-attempts-per-crate: '5' # optional, default: 5
Requires setup-rust to have run earlier in the job. Outputs published, skipped, total (comma-separated lists + count).
cargo-audit
Run security audit for Rust dependencies.
- uses: https://forge.blackleafdigital.com/Public/actions/cargo-audit@main
with:
deny: unmaintained # optional: fail on unmaintained crates
trivy
Run Trivy security scanner for vulnerabilities in code, containers, and dependencies.
- uses: https://forge.blackleafdigital.com/Public/actions/trivy@main
with:
scan-type: fs # optional: fs, image, repo (default: fs)
severity: CRITICAL,HIGH # optional (default: CRITICAL,HIGH)
exit-code: '1' # optional: fail on findings (default: 1)
ignore-unfixed: false # optional: ignore unpatched vulns
format: table # optional: table, json, sarif
Scan Docker image
- uses: https://forge.blackleafdigital.com/Public/actions/trivy@main
with:
scan-type: image
image-ref: myapp:latest
severity: CRITICAL
sonarqube
Run SonarQube code quality analysis.
- uses: https://forge.blackleafdigital.com/Public/actions/sonarqube@main
with:
host-url: ${{ secrets.SONAR_HOST_URL }}
token: ${{ secrets.SONAR_TOKEN }}
project-key: my-project
project-name: My Project # optional (defaults to project-key)
sources: src # optional (default: .)
exclusions: '**/*.test.ts' # optional: patterns to exclude
ai-review
AI-powered code review using Z.AI (GLM) or other OpenAI-compatible providers.
- uses: https://forge.blackleafdigital.com/Public/actions/ai-review@main
with:
api-key: ${{ secrets.ZAI_API_KEY }}
forgejo-token: ${{ secrets.FORGEJO_TOKEN }}
forgejo-url: https://forge.blackleafdigital.com
model: glm-4.6 # optional (default: glm-4.6)
base-url: https://api.z.ai/v1 # optional (default: Z.AI)
provider: openai # optional: openai, anthropic, ollama
With OpenAI
- uses: https://forge.blackleafdigital.com/Public/actions/ai-review@main
with:
api-key: ${{ secrets.OPENAI_API_KEY }}
forgejo-token: ${{ secrets.FORGEJO_TOKEN }}
forgejo-url: https://forge.blackleafdigital.com
base-url: https://api.openai.com/v1
model: gpt-4o