mirrors/Mole
1
0
Fork 0
mirror of https://github.com/tw93/Mole.git synced 2026-02-06 20:05:37 +00:00
Code Activity

fix(ci): update workflows for Windows branch

Browse Source 
- Rewrite check.yml for Windows (PowerShell syntax check, Go linting)
- Rewrite test.yml for Windows (Pester tests, Go tests, security checks)
- Rewrite release.yml for Windows releases (W* tags, zip package)
- Update update-contributors.yml to trigger on windows branch
This commit is contained in:
Bhadra
2026-01-12 10:53:29 +05:30
parent e648ceceb0
commit 81c3b97878
4 changed files with 235 additions and 218 deletions
Download Patch File Download Diff File Expand all files Collapse all files

176
.github/workflows/test.yml vendored
View File

@@ -2,87 +2,141 @@ name: Validation
on:
push:
branches: [main, dev]
branches: [windows]
pull_request:
branches: [main, dev]
branches: [windows]
jobs:
tests:
name: Unit & Integration Tests
runs-on: macos-latest
runs-on: windows-latest
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
- name: Install tools
run: brew install bats-core shellcheck
- uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v5
uses: actions/setup-go@v5
with:
go-version: "1.24.6"
- name: Run test script
env:
MOLE_PERF_BYTES_TO_HUMAN_LIMIT_MS: "6000"
MOLE_PERF_GET_FILE_SIZE_LIMIT_MS: "3000"
BATS_FORMATTER: tap
LANG: en_US.UTF-8
LC_ALL: en_US.UTF-8
run: ./scripts/test.sh
compatibility:
name: macOS
strategy:
matrix:
os: [macos-14, macos-15]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
- name: Test on ${{ matrix.os }}
- name: Install Pester
run: |
echo "Testing on ${{ matrix.os }}..."
bash -n mole
source lib/core/common.sh
echo "✓ Successfully loaded on ${{ matrix.os }}"
Install-Module -Name Pester -Force -SkipPublisherCheck -Scope CurrentUser
shell: pwsh
- name: Run PowerShell tests
run: |
Import-Module Pester
$config = New-PesterConfiguration
$config.Run.Path = "./tests"
$config.Output.Verbosity = "Detailed"
$config.Run.Exit = $true
Invoke-Pester -Configuration $config
shell: pwsh
- name: Run Go tests
run: |
cd cmd/analyze
go test -v ./...
cd ../status
go test -v ./...
shell: pwsh
build:
name: Build
runs-on: windows-latest
steps:
- uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: "1.24.6"
- name: Build Go binaries
run: |
cd cmd/analyze
go build -o analyze.exe .
cd ../status
go build -o status.exe .
shell: pwsh
- name: Verify binaries
run: |
if (Test-Path cmd/analyze/analyze.exe) {
Write-Host "analyze.exe built successfully"
} else {
Write-Host "Failed to build analyze.exe"
exit 1
}
if (Test-Path cmd/status/status.exe) {
Write-Host "status.exe built successfully"
} else {
Write-Host "Failed to build status.exe"
exit 1
}
shell: pwsh
security:
name: Security Checks
runs-on: macos-latest
runs-on: windows-latest
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
- uses: actions/checkout@v4
- name: Check for unsafe rm usage
- name: Load core modules
run: |
echo "Checking for unsafe rm patterns..."
if grep -r "rm -rf" --include="*.sh" lib/ | grep -v "safe_remove\|validate_path\|# "; then
echo "✗ Unsafe rm -rf usage found"
exit 1
fi
echo "✓ No unsafe rm usage found"
. ./lib/core/base.ps1
. ./lib/core/file_ops.ps1
Write-Host "Core modules loaded successfully"
shell: pwsh
- name: Verify app protection
- name: Verify protected paths
run: |
echo "Verifying critical file protection..."
bash -c '
source lib/core/common.sh
if should_protect_from_uninstall "com.apple.Safari"; then
echo "✓ Safari is protected"
else
echo "✗ Safari protection failed"
exit 1
fi
'
. ./lib/core/base.ps1
. ./lib/core/file_ops.ps1
$protectedPaths = @(
"C:\Windows",
"C:\Windows\System32",
"C:\Program Files",
"C:\Program Files (x86)"
)
foreach ($path in $protectedPaths) {
if (-not (Test-ProtectedPath -Path $path)) {
Write-Host "FAIL: $path should be protected!" -ForegroundColor Red
exit 1
}
Write-Host "OK: $path is protected" -ForegroundColor Green
}
shell: pwsh
- name: Check for unsafe patterns
run: |
$hasIssues = $false
# Check for raw Remove-Item without safety
$unsafePatterns = Get-ChildItem -Path lib,bin -Recurse -Filter "*.ps1" |
Select-String -Pattern "Remove-Item.*-Recurse.*-Force" |
Where-Object { $_.Line -notmatch "Remove-SafeItem|function Remove-" }
if ($unsafePatterns) {
Write-Host "Warning: Potential unsafe Remove-Item usage found:" -ForegroundColor Yellow
$unsafePatterns | ForEach-Object { Write-Host " $($_.Filename):$($_.LineNumber)" }
}
Write-Host "Security check completed" -ForegroundColor Green
shell: pwsh
- name: Check for secrets
run: |
echo "Checking for hardcoded secrets..."
matches=$(grep -r "password\|secret\|api_key" --include="*.sh" . \
| grep -v "# \|test" \
| grep -v -E "lib/core/sudo\.sh|lib/core/app_protection\.sh|lib/clean/user\.sh|lib/clean/brew\.sh|bin/optimize\.sh|lib/clean/apps\.sh" || true)
if [[ -n "$matches" ]]; then
echo "$matches"
echo "✗ Potential secrets found"
exit 1
fi
echo "✓ No secrets found"
$matches = Get-ChildItem -Path . -Recurse -Filter "*.ps1" |
Select-String -Pattern "password|secret|api_key" -CaseSensitive:$false |
Where-Object { $_.Line -notmatch "^\s*#" }
if ($matches) {
Write-Host "Review these lines for potential secrets:" -ForegroundColor Yellow
$matches | ForEach-Object { Write-Host " $($_.Filename):$($_.LineNumber): $($_.Line.Trim())" }
}
Write-Host "Secret scan completed" -ForegroundColor Green
shell: pwsh