From 745bc4b58bdd2c0b34917bf986a1a16441bb4a9d Mon Sep 17 00:00:00 2001 From: Earl Warren Date: Sun, 10 Aug 2025 22:56:16 +0200 Subject: [PATCH] fix: allow Forgejo Actions environment variables starting with CI (#8850) Resolves forgejo/forgejo#6039 ## Checklist The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org). ### Tests - I added test coverage for Go changes... - [x] in their respective `*_test.go` for unit tests. - [ ] in the `tests/integration` directory if it involves interactions with a live Forgejo server. - I added test coverage for JavaScript changes... - [ ] in `web_src/js/*.test.js` if it can be unit tested. - [ ] in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)). ### Documentation - [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change. - [x] I did not document these changes and I do not expect someone else to do it. ### Release notes - [ ] I do not want this change to show in the release notes. - [x] I want the title to show in the release notes with a link to this pull request. - [ ] I want the content of the `release-notes/.md` to be be used for the release notes instead of the title. ## Release notes - Bug fixes - [PR](https://codeberg.org/forgejo/forgejo/pulls/8850): allow Forgejo Actions environment variables starting with CI Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8850 Reviewed-by: Gusted Co-authored-by: Earl Warren Co-committed-by: Earl Warren --- services/actions/variables.go | 2 +- services/actions/variables_test.go | 17 +++++++++++++++++ 2 files changed, 18 insertions(+), 1 deletion(-) create mode 100644 services/actions/variables_test.go diff --git a/services/actions/variables.go b/services/actions/variables.go index fed1fd0890..a9f42105a3 100644 --- a/services/actions/variables.go +++ b/services/actions/variables.go @@ -87,7 +87,7 @@ func GetVariable(ctx context.Context, opts actions_model.FindVariablesOpts) (*ac // https://docs.github.com/en/actions/learn-github-actions/variables#naming-conventions-for-configuration-variables // https://docs.github.com/en/actions/security-guides/encrypted-secrets#naming-your-secrets var ( - forbiddenEnvNameCIRx = regexp.MustCompile("(?i)^CI") + forbiddenEnvNameCIRx = regexp.MustCompile("(?i)^CI$") ) func envNameCIRegexMatch(name string) error { diff --git a/services/actions/variables_test.go b/services/actions/variables_test.go new file mode 100644 index 0000000000..f69bc674e1 --- /dev/null +++ b/services/actions/variables_test.go @@ -0,0 +1,17 @@ +// Copyright 2025 The Forgejo Authors. All rights reserved. +// SPDX-License-Identifier: GPL-3.0-or-later + +package actions + +import ( + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestServicesAction_envNameCIRegexMatch(t *testing.T) { + require.ErrorContains(t, envNameCIRegexMatch("ci"), "cannot be ci") + require.ErrorContains(t, envNameCIRegexMatch("CI"), "cannot be ci") + assert.NoError(t, envNameCIRegexMatch("CI_SOMETHING")) +}