mirrors/Mole
1
0
Fork 0
mirror of https://github.com/tw93/Mole.git synced 2026-02-16 19:20:16 +00:00
Code Activity

fix(ci): update workflows for Windows branch

Browse Source 
- Rewrite check.yml for Windows (PowerShell syntax check, Go linting)
- Rewrite test.yml for Windows (Pester tests, Go tests, security checks)
- Rewrite release.yml for Windows releases (W* tags, zip package)
- Update update-contributors.yml to trigger on windows branch
This commit is contained in:
Bhadra
2026-01-12 10:53:29 +05:30
parent e648ceceb0
commit 81c3b97878
4 changed files with 235 additions and 218 deletions
Download Patch File Download Diff File Expand all files Collapse all files

120
.github/workflows/check.yml vendored
View File

@@ -2,96 +2,82 @@ name: Check
on: on:
push: push:
branches: [main] branches: [windows]
pull_request: pull_request:
branches: [windows]
permissions: permissions:
contents: write contents: write
jobs: jobs:
format: format:
name: Format name: Format & Lint
runs-on: macos-latest runs-on: windows-latest
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 uses: actions/checkout@v4
with: with:
ref: ${{ (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository && github.head_ref) || github.ref }} ref: ${{ (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository && github.head_ref) || github.ref }}
token: ${{ secrets.GITHUB_TOKEN }} token: ${{ secrets.GITHUB_TOKEN }}
- name: Cache Homebrew
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v4
with:
path: |
~/Library/Caches/Homebrew
/usr/local/Cellar/shfmt
/usr/local/Cellar/shellcheck
/usr/local/Cellar/golangci-lint
key: ${{ runner.os }}-brew-quality-v2-${{ hashFiles('**/Brewfile') }}
restore-keys: |
${{ runner.os }}-brew-quality-v2-
- name: Install tools
run: brew install shfmt shellcheck golangci-lint
- name: Set up Go - name: Set up Go
uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v5 uses: actions/setup-go@v5
with: with:
go-version: '1.24.6' go-version: '1.24.6'
- name: Install goimports - name: Install Go tools
run: go install golang.org/x/tools/cmd/goimports@latest
- name: Format all code
run: | run: |
export PATH=$(go env GOPATH)/bin:$PATH go install golang.org/x/tools/cmd/goimports@latest
./scripts/check.sh --format go install github.com/golangci/golangci-lint/cmd/golangci-lint@latest
- name: Format Go code
run: |
$env:PATH = "$(go env GOPATH)\bin;$env:PATH"
Get-ChildItem -Path cmd -Recurse -Filter "*.go" | ForEach-Object {
goimports -w $_.FullName
}
shell: pwsh
- name: Run golangci-lint
run: |
$env:PATH = "$(go env GOPATH)\bin;$env:PATH"
cd cmd/analyze
golangci-lint run --timeout 5m
cd ../status
golangci-lint run --timeout 5m
shell: pwsh
continue-on-error: true
- name: Check PowerShell syntax
run: |
$hasErrors = $false
$scripts = Get-ChildItem -Path . -Recurse -Include "*.ps1" -Exclude "*.Tests.ps1"
foreach ($script in $scripts) {
$errors = $null
$null = [System.Management.Automation.Language.Parser]::ParseFile($script.FullName, [ref]$null, [ref]$errors)
if ($errors.Count -gt 0) {
Write-Host "Syntax errors in $($script.Name):" -ForegroundColor Red
$errors | ForEach-Object { Write-Host " $_" }
$hasErrors = $true
}
}
if ($hasErrors) { exit 1 }
Write-Host "All PowerShell scripts have valid syntax" -ForegroundColor Green
shell: pwsh
- name: Commit formatting changes - name: Commit formatting changes
if: ${{ github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository }} if: ${{ github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository }}
run: | run: |
git config user.name "Tw93" git config user.name "github-actions[bot]"
git config user.email "tw93@qq.com" git config user.email "github-actions[bot]@users.noreply.github.com"
if [[ -n $(git status --porcelain) ]]; then $changes = git status --porcelain
if ($changes) {
git add . git add .
git commit -m "chore: auto format code" git commit -m "chore: auto format code"
git push git push
echo "✓ Formatting changes committed" Write-Host "Formatting changes committed"
else } else {
echo "✓ No formatting changes needed" Write-Host "No formatting changes needed"
fi }
shell: pwsh
quality:
name: Check
runs-on: macos-latest
needs: format
steps:
- name: Checkout
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
with:
ref: ${{ (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository && github.head_ref) || github.ref }}
- name: Cache Homebrew
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v4
with:
path: |
~/Library/Caches/Homebrew
/usr/local/Cellar/shfmt
/usr/local/Cellar/shellcheck
/usr/local/Cellar/golangci-lint
key: ${{ runner.os }}-brew-quality-v2-${{ hashFiles('**/Brewfile') }}
restore-keys: |
${{ runner.os }}-brew-quality-v2-
- name: Install tools
run: brew install shfmt shellcheck golangci-lint
- name: Set up Go
uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v5
with:
go-version: '1.24.6'
- name: Run check script
run: ./scripts/check.sh --no-format

145
.github/workflows/release.yml vendored
View File

@@ -3,127 +3,104 @@ name: Release
on: on:
push: push:
tags: tags:
- 'V*' - 'W*' # Windows releases use W prefix (e.g., W1.0.0)
permissions: permissions:
contents: write contents: write
jobs: jobs:
build: build:
name: Build name: Build Windows
runs-on: ${{ matrix.os }} runs-on: windows-latest
strategy:
matrix:
include:
- os: macos-latest
target: release-amd64
artifact_name: binaries-amd64
- os: macos-latest
target: release-arm64
artifact_name: binaries-arm64
steps: steps:
- name: Checkout code - name: Checkout code
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 uses: actions/checkout@v4
- name: Set up Go - name: Set up Go
uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v5 uses: actions/setup-go@v5
with: with:
go-version: "1.24.6" go-version: "1.24.6"
- name: Build Binaries - name: Build Binaries
run: | run: |
make ${{ matrix.target }} cd cmd/analyze
ls -l bin/ go build -ldflags="-s -w" -o analyze.exe .
cd ../status
go build -ldflags="-s -w" -o status.exe .
shell: pwsh
- name: Package binaries for Homebrew - name: Create release package
run: | run: |
cd bin # Create release directory
# Package binaries into tar.gz for Homebrew resource New-Item -ItemType Directory -Force -Path release
if [[ "${{ matrix.target }}" == "release-arm64" ]]; then
tar -czf binaries-darwin-arm64.tar.gz analyze-darwin-arm64 status-darwin-arm64 # Copy binaries
ls -lh binaries-darwin-arm64.tar.gz Copy-Item cmd/analyze/analyze.exe release/
else Copy-Item cmd/status/status.exe release/
tar -czf binaries-darwin-amd64.tar.gz analyze-darwin-amd64 status-darwin-amd64
ls -lh binaries-darwin-amd64.tar.gz # Copy PowerShell scripts
fi Copy-Item mole.ps1 release/
Copy-Item install.ps1 release/
Copy-Item -Recurse bin release/
Copy-Item -Recurse lib release/
# Copy docs
Copy-Item README.md release/
Copy-Item LICENSE release/
# Create zip
Compress-Archive -Path release/* -DestinationPath mole-windows.zip
shell: pwsh
- name: Upload artifacts - name: Upload artifacts
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 uses: actions/upload-artifact@v4
with: with:
name: ${{ matrix.artifact_name }} name: windows-release
path: bin/*-darwin-* path: mole-windows.zip
retention-days: 1 retention-days: 5
release: release:
name: Publish Release name: Publish Release
needs: build needs: build
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Download all artifacts - name: Download artifacts
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 uses: actions/download-artifact@v4
with: with:
path: bin name: windows-release
pattern: binaries-*
merge-multiple: true
- name: Display structure of downloaded files - name: Display downloaded files
run: ls -R bin/ run: ls -la
- name: Create Release - name: Create Release
uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2 uses: softprops/action-gh-release@v2
if: startsWith(github.ref, 'refs/tags/') if: startsWith(github.ref, 'refs/tags/')
with: with:
files: bin/* files: mole-windows.zip
generate_release_notes: true generate_release_notes: true
draft: false draft: false
prerelease: false prerelease: false
name: "Mole for Windows ${{ github.ref_name }}"
body: |
## Mole for Windows
update-formula: Windows port of the Mole system maintenance toolkit.
runs-on: ubuntu-latest
needs: release
steps:
- name: Extract version from tag
id: tag_version
run: |
TAG=${GITHUB_REF#refs/tags/}
VERSION=${TAG#V}
echo "tag=$TAG" >> $GITHUB_OUTPUT
echo "version=$VERSION" >> $GITHUB_OUTPUT
echo "Releasing version: $VERSION (tag: $TAG)"
- name: Update Homebrew formula (Personal Tap) ### Installation
uses: mislav/bump-homebrew-formula-action@56a283fa15557e9abaa4bdb63b8212abc68e655c # v3.6
with:
formula-name: mole
formula-path: Formula/mole.rb
homebrew-tap: tw93/homebrew-tap
tag-name: ${{ steps.tag_version.outputs.tag }}
commit-message: |
mole ${{ steps.tag_version.outputs.version }}
Automated release via GitHub Actions **Quick install:**
env: ```powershell
COMMITTER_TOKEN: ${{ secrets.PAT_TOKEN }} irm https://raw.githubusercontent.com/tw93/Mole/windows/install.ps1 | iex
```
- name: Update Homebrew formula (Official Core) **Manual install:**
uses: mislav/bump-homebrew-formula-action@56a283fa15557e9abaa4bdb63b8212abc68e655c # v3.6 1. Download and extract `mole-windows.zip`
with: 2. Run `install.ps1`
formula-name: mole
homebrew-tap: Homebrew/homebrew-core
tag-name: ${{ steps.tag_version.outputs.tag }}
commit-message: |
mole ${{ steps.tag_version.outputs.version }}
Automated release via GitHub Actions ### Features
env: - Deep system cleanup (temp files, caches, logs)
COMMITTER_TOKEN: ${{ secrets.HOMEBREW_GITHUB_API_TOKEN }} - Smart app uninstaller with leftover detection
continue-on-error: true - Disk space analyzer (TUI)
- System status monitor (TUI)
- name: Verify formula updates - Developer artifact cleanup
if: success() - System optimization
run: |
echo "✓ Homebrew formulae updated successfully"
echo " Version: ${{ steps.tag_version.outputs.version }}"
echo " Tag: ${{ steps.tag_version.outputs.tag }}"
echo " Personal tap: tw93/homebrew-tap"
echo " Official core: Homebrew/homebrew-core (PR created)"

174
.github/workflows/test.yml vendored
View File

@@ -2,87 +2,141 @@ name: Validation
on: on:
push: push:
branches: [main, dev] branches: [windows]
pull_request: pull_request:
branches: [main, dev] branches: [windows]
jobs: jobs:
tests: tests:
name: Unit & Integration Tests name: Unit & Integration Tests
runs-on: macos-latest runs-on: windows-latest
steps: steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 - uses: actions/checkout@v4
- name: Install tools
run: brew install bats-core shellcheck
- name: Set up Go - name: Set up Go
uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v5 uses: actions/setup-go@v5
with: with:
go-version: "1.24.6" go-version: "1.24.6"
- name: Run test script - name: Install Pester
env:
MOLE_PERF_BYTES_TO_HUMAN_LIMIT_MS: "6000"
MOLE_PERF_GET_FILE_SIZE_LIMIT_MS: "3000"
BATS_FORMATTER: tap
LANG: en_US.UTF-8
LC_ALL: en_US.UTF-8
run: ./scripts/test.sh
compatibility:
name: macOS
strategy:
matrix:
os: [macos-14, macos-15]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
- name: Test on ${{ matrix.os }}
run: | run: |
echo "Testing on ${{ matrix.os }}..." Install-Module -Name Pester -Force -SkipPublisherCheck -Scope CurrentUser
bash -n mole shell: pwsh
source lib/core/common.sh
echo "✓ Successfully loaded on ${{ matrix.os }}" - name: Run PowerShell tests
run: |
Import-Module Pester
$config = New-PesterConfiguration
$config.Run.Path = "./tests"
$config.Output.Verbosity = "Detailed"
$config.Run.Exit = $true
Invoke-Pester -Configuration $config
shell: pwsh
- name: Run Go tests
run: |
cd cmd/analyze
go test -v ./...
cd ../status
go test -v ./...
shell: pwsh
build:
name: Build
runs-on: windows-latest
steps:
- uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: "1.24.6"
- name: Build Go binaries
run: |
cd cmd/analyze
go build -o analyze.exe .
cd ../status
go build -o status.exe .
shell: pwsh
- name: Verify binaries
run: |
if (Test-Path cmd/analyze/analyze.exe) {
Write-Host "analyze.exe built successfully"
} else {
Write-Host "Failed to build analyze.exe"
exit 1
}
if (Test-Path cmd/status/status.exe) {
Write-Host "status.exe built successfully"
} else {
Write-Host "Failed to build status.exe"
exit 1
}
shell: pwsh
security: security:
name: Security Checks name: Security Checks
runs-on: macos-latest runs-on: windows-latest
steps: steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 - uses: actions/checkout@v4
- name: Check for unsafe rm usage - name: Load core modules
run: | run: |
echo "Checking for unsafe rm patterns..." . ./lib/core/base.ps1
if grep -r "rm -rf" --include="*.sh" lib/ | grep -v "safe_remove\|validate_path\|# "; then . ./lib/core/file_ops.ps1
echo "✗ Unsafe rm -rf usage found" Write-Host "Core modules loaded successfully"
exit 1 shell: pwsh
fi
echo "✓ No unsafe rm usage found"
- name: Verify app protection - name: Verify protected paths
run: | run: |
echo "Verifying critical file protection..." . ./lib/core/base.ps1
bash -c ' . ./lib/core/file_ops.ps1
source lib/core/common.sh
if should_protect_from_uninstall "com.apple.Safari"; then $protectedPaths = @(
echo "✓ Safari is protected" "C:\Windows",
else "C:\Windows\System32",
echo "✗ Safari protection failed" "C:\Program Files",
"C:\Program Files (x86)"
)
foreach ($path in $protectedPaths) {
if (-not (Test-ProtectedPath -Path $path)) {
Write-Host "FAIL: $path should be protected!" -ForegroundColor Red
exit 1 exit 1
fi }
' Write-Host "OK: $path is protected" -ForegroundColor Green
}
shell: pwsh
- name: Check for unsafe patterns
run: |
$hasIssues = $false
# Check for raw Remove-Item without safety
$unsafePatterns = Get-ChildItem -Path lib,bin -Recurse -Filter "*.ps1" |
Select-String -Pattern "Remove-Item.*-Recurse.*-Force" |
Where-Object { $_.Line -notmatch "Remove-SafeItem|function Remove-" }
if ($unsafePatterns) {
Write-Host "Warning: Potential unsafe Remove-Item usage found:" -ForegroundColor Yellow
$unsafePatterns | ForEach-Object { Write-Host " $($_.Filename):$($_.LineNumber)" }
}
Write-Host "Security check completed" -ForegroundColor Green
shell: pwsh
- name: Check for secrets - name: Check for secrets
run: | run: |
echo "Checking for hardcoded secrets..." $matches = Get-ChildItem -Path . -Recurse -Filter "*.ps1" |
matches=$(grep -r "password\|secret\|api_key" --include="*.sh" . \ Select-String -Pattern "password|secret|api_key" -CaseSensitive:$false |
| grep -v "# \|test" \ Where-Object { $_.Line -notmatch "^\s*#" }
| grep -v -E "lib/core/sudo\.sh|lib/core/app_protection\.sh|lib/clean/user\.sh|lib/clean/brew\.sh|bin/optimize\.sh|lib/clean/apps\.sh" || true)
if [[ -n "$matches" ]]; then if ($matches) {
echo "$matches" Write-Host "Review these lines for potential secrets:" -ForegroundColor Yellow
echo "✗ Potential secrets found" $matches | ForEach-Object { Write-Host " $($_.Filename):$($_.LineNumber): $($_.Line.Trim())" }
exit 1 }
fi
echo "✓ No secrets found" Write-Host "Secret scan completed" -ForegroundColor Green
shell: pwsh

2
.github/workflows/update-contributors.yml vendored
View File

@@ -2,7 +2,7 @@ name: Update Contributors
on: on:
push: push:
branches: [main, dev] branches: [windows]
workflow_dispatch: workflow_dispatch:
schedule: schedule:
- cron: "0 0 * * 0" # Every Sunday at midnight UTC - cron: "0 0 * * 0" # Every Sunday at midnight UTC