From c65ea9c47cdbdb849346dd9359d1eefdede07ea0 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Fri, 10 Feb 2023 20:49:58 +0000 Subject: [PATCH 1/7] Adam does not always think things through completly. He will go and sit on the naughty step now. Co-authored-by: Adam Warner Co-authored-by: Dan Schaper Signed-off-by: Adam Warner --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 05bc0e4e..ccb5eac7 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1409,7 +1409,7 @@ installConfigs() { mkdir -p /run/lighttpd chown ${LIGHTTPD_USER}:${LIGHTTPD_GROUP} /run/lighttpd - if grep -q -F "FILE WILL BE OVERWRITTEN BY PI-HOLE" "${lighttpdConfig}"; then + if grep -q -F "OVERWRITTEN BY PI-HOLE" "${lighttpdConfig}"; then # Attempt to preserve backwards compatibility with older versions install -D -m 644 -T ${PI_HOLE_LOCAL_REPO}/advanced/${LIGHTTPD_CFG} "${lighttpdConfig}" # Make the directories if they do not exist and set the owners From d6275cdd7c7822545d022b0393d308f37b11fcb7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Feb 2023 09:04:19 +0000 Subject: [PATCH 2/7] Bump pytest-xdist from 3.1.0 to 3.2.0 in /test Bumps [pytest-xdist](https://github.com/pytest-dev/pytest-xdist) from 3.1.0 to 3.2.0. - [Release notes](https://github.com/pytest-dev/pytest-xdist/releases) - [Changelog](https://github.com/pytest-dev/pytest-xdist/blob/master/CHANGELOG.rst) - [Commits](https://github.com/pytest-dev/pytest-xdist/compare/v3.1.0...v3.2.0) --- updated-dependencies: - dependency-name: pytest-xdist dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- test/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/requirements.txt b/test/requirements.txt index 1670e765..229d0135 100644 --- a/test/requirements.txt +++ b/test/requirements.txt @@ -1,6 +1,6 @@ docker-compose == 1.29.2 pytest == 7.2.1 -pytest-xdist == 3.1.0 +pytest-xdist == 3.2.0 pytest-testinfra == 7.0.0 tox == 4.4.5 From 46fe37b4dafdd860fe26decee88e1454d21feb1b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Tue, 14 Feb 2023 21:11:54 +0100 Subject: [PATCH 3/7] Use new worksteal distribution algorithm MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- test/tox.centos_8.ini | 2 +- test/tox.centos_9.ini | 2 +- test/tox.debian_10.ini | 2 +- test/tox.debian_11.ini | 2 +- test/tox.fedora_36.ini | 2 +- test/tox.fedora_37.ini | 2 +- test/tox.ubuntu_20.ini | 2 +- test/tox.ubuntu_22.ini | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/test/tox.centos_8.ini b/test/tox.centos_8.ini index dac10e97..5e94baa6 100644 --- a/test/tox.centos_8.ini +++ b/test/tox.centos_8.ini @@ -5,4 +5,4 @@ envlist = py3 allowlist_externals = docker deps = -rrequirements.txt commands = docker build -f _centos_8.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py ./test_centos_fedora_common_support.py ./test_centos_common_support.py + pytest {posargs:-vv -n auto --dist worksteal} ./test_any_automated_install.py ./test_any_utils.py ./test_centos_fedora_common_support.py ./test_centos_common_support.py diff --git a/test/tox.centos_9.ini b/test/tox.centos_9.ini index aa7009e1..d1de2c54 100644 --- a/test/tox.centos_9.ini +++ b/test/tox.centos_9.ini @@ -5,4 +5,4 @@ envlist = py3 allowlist_externals = docker deps = -rrequirements.txt commands = docker build -f _centos_9.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py ./test_centos_fedora_common_support.py ./test_centos_common_support.py + pytest {posargs:-vv -n auto --dist worksteal} ./test_any_automated_install.py ./test_any_utils.py ./test_centos_fedora_common_support.py ./test_centos_common_support.py diff --git a/test/tox.debian_10.ini b/test/tox.debian_10.ini index a012bda4..4913b173 100644 --- a/test/tox.debian_10.ini +++ b/test/tox.debian_10.ini @@ -5,4 +5,4 @@ envlist = py3 allowlist_externals = docker deps = -rrequirements.txt commands = docker build -f _debian_10.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py + pytest {posargs:-vv -n auto --dist worksteal} ./test_any_automated_install.py ./test_any_utils.py diff --git a/test/tox.debian_11.ini b/test/tox.debian_11.ini index 48dc9df1..fa8412a8 100644 --- a/test/tox.debian_11.ini +++ b/test/tox.debian_11.ini @@ -5,4 +5,4 @@ envlist = py3 allowlist_externals = docker deps = -rrequirements.txt commands = docker build -f _debian_11.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py + pytest {posargs:-vv -n auto --dist worksteal} ./test_any_automated_install.py ./test_any_utils.py diff --git a/test/tox.fedora_36.ini b/test/tox.fedora_36.ini index 0cc6f29c..47a4e08e 100644 --- a/test/tox.fedora_36.ini +++ b/test/tox.fedora_36.ini @@ -5,4 +5,4 @@ envlist = py3 allowlist_externals = docker deps = -rrequirements.txt commands = docker build -f _fedora_36.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py ./test_centos_fedora_common_support.py ./test_fedora_support.py + pytest {posargs:-vv -n auto --dist worksteal} ./test_any_automated_install.py ./test_any_utils.py ./test_centos_fedora_common_support.py ./test_fedora_support.py diff --git a/test/tox.fedora_37.ini b/test/tox.fedora_37.ini index d6f44533..4a1d4f25 100644 --- a/test/tox.fedora_37.ini +++ b/test/tox.fedora_37.ini @@ -5,4 +5,4 @@ envlist = py3 allowlist_externals = docker deps = -rrequirements.txt commands = docker build -f _fedora_37.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py ./test_centos_fedora_common_support.py ./test_fedora_support.py + pytest {posargs:-vv -n auto --dist worksteal} ./test_any_automated_install.py ./test_any_utils.py ./test_centos_fedora_common_support.py ./test_fedora_support.py diff --git a/test/tox.ubuntu_20.ini b/test/tox.ubuntu_20.ini index 88ee0b54..51715e91 100644 --- a/test/tox.ubuntu_20.ini +++ b/test/tox.ubuntu_20.ini @@ -5,4 +5,4 @@ envlist = py3 allowlist_externals = docker deps = -rrequirements.txt commands = docker build -f _ubuntu_20.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py + pytest {posargs:-vv -n auto --dist worksteal} ./test_any_automated_install.py ./test_any_utils.py diff --git a/test/tox.ubuntu_22.ini b/test/tox.ubuntu_22.ini index cb5527ab..70a0c820 100644 --- a/test/tox.ubuntu_22.ini +++ b/test/tox.ubuntu_22.ini @@ -5,4 +5,4 @@ envlist = py3 allowlist_externals = docker deps = -rrequirements.txt commands = docker build -f _ubuntu_22.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py + pytest {posargs:-vv -n auto --dist worksteal} ./test_any_automated_install.py ./test_any_utils.py From 4b503a080b0ed21455c1e9215cb92360e1a0329e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Tue, 14 Feb 2023 22:13:24 +0100 Subject: [PATCH 4/7] Revert "Use new worksteal distribution algorithm" MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This reverts commit 46fe37b4dafdd860fe26decee88e1454d21feb1b. Signed-off-by: Christian König --- test/tox.centos_8.ini | 2 +- test/tox.centos_9.ini | 2 +- test/tox.debian_10.ini | 2 +- test/tox.debian_11.ini | 2 +- test/tox.fedora_36.ini | 2 +- test/tox.fedora_37.ini | 2 +- test/tox.ubuntu_20.ini | 2 +- test/tox.ubuntu_22.ini | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/test/tox.centos_8.ini b/test/tox.centos_8.ini index 5e94baa6..dac10e97 100644 --- a/test/tox.centos_8.ini +++ b/test/tox.centos_8.ini @@ -5,4 +5,4 @@ envlist = py3 allowlist_externals = docker deps = -rrequirements.txt commands = docker build -f _centos_8.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto --dist worksteal} ./test_any_automated_install.py ./test_any_utils.py ./test_centos_fedora_common_support.py ./test_centos_common_support.py + pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py ./test_centos_fedora_common_support.py ./test_centos_common_support.py diff --git a/test/tox.centos_9.ini b/test/tox.centos_9.ini index d1de2c54..aa7009e1 100644 --- a/test/tox.centos_9.ini +++ b/test/tox.centos_9.ini @@ -5,4 +5,4 @@ envlist = py3 allowlist_externals = docker deps = -rrequirements.txt commands = docker build -f _centos_9.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto --dist worksteal} ./test_any_automated_install.py ./test_any_utils.py ./test_centos_fedora_common_support.py ./test_centos_common_support.py + pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py ./test_centos_fedora_common_support.py ./test_centos_common_support.py diff --git a/test/tox.debian_10.ini b/test/tox.debian_10.ini index 4913b173..a012bda4 100644 --- a/test/tox.debian_10.ini +++ b/test/tox.debian_10.ini @@ -5,4 +5,4 @@ envlist = py3 allowlist_externals = docker deps = -rrequirements.txt commands = docker build -f _debian_10.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto --dist worksteal} ./test_any_automated_install.py ./test_any_utils.py + pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py diff --git a/test/tox.debian_11.ini b/test/tox.debian_11.ini index fa8412a8..48dc9df1 100644 --- a/test/tox.debian_11.ini +++ b/test/tox.debian_11.ini @@ -5,4 +5,4 @@ envlist = py3 allowlist_externals = docker deps = -rrequirements.txt commands = docker build -f _debian_11.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto --dist worksteal} ./test_any_automated_install.py ./test_any_utils.py + pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py diff --git a/test/tox.fedora_36.ini b/test/tox.fedora_36.ini index 47a4e08e..0cc6f29c 100644 --- a/test/tox.fedora_36.ini +++ b/test/tox.fedora_36.ini @@ -5,4 +5,4 @@ envlist = py3 allowlist_externals = docker deps = -rrequirements.txt commands = docker build -f _fedora_36.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto --dist worksteal} ./test_any_automated_install.py ./test_any_utils.py ./test_centos_fedora_common_support.py ./test_fedora_support.py + pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py ./test_centos_fedora_common_support.py ./test_fedora_support.py diff --git a/test/tox.fedora_37.ini b/test/tox.fedora_37.ini index 4a1d4f25..d6f44533 100644 --- a/test/tox.fedora_37.ini +++ b/test/tox.fedora_37.ini @@ -5,4 +5,4 @@ envlist = py3 allowlist_externals = docker deps = -rrequirements.txt commands = docker build -f _fedora_37.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto --dist worksteal} ./test_any_automated_install.py ./test_any_utils.py ./test_centos_fedora_common_support.py ./test_fedora_support.py + pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py ./test_centos_fedora_common_support.py ./test_fedora_support.py diff --git a/test/tox.ubuntu_20.ini b/test/tox.ubuntu_20.ini index 51715e91..88ee0b54 100644 --- a/test/tox.ubuntu_20.ini +++ b/test/tox.ubuntu_20.ini @@ -5,4 +5,4 @@ envlist = py3 allowlist_externals = docker deps = -rrequirements.txt commands = docker build -f _ubuntu_20.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto --dist worksteal} ./test_any_automated_install.py ./test_any_utils.py + pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py diff --git a/test/tox.ubuntu_22.ini b/test/tox.ubuntu_22.ini index 70a0c820..cb5527ab 100644 --- a/test/tox.ubuntu_22.ini +++ b/test/tox.ubuntu_22.ini @@ -5,4 +5,4 @@ envlist = py3 allowlist_externals = docker deps = -rrequirements.txt commands = docker build -f _ubuntu_22.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto --dist worksteal} ./test_any_automated_install.py ./test_any_utils.py + pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py From 31a9e189972c24c42ac959d12a09b1da689d4d1a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 25 Feb 2023 10:57:18 +0000 Subject: [PATCH 5/7] Bump tox from 4.4.5 to 4.4.6 in /test Bumps [tox](https://github.com/tox-dev/tox) from 4.4.5 to 4.4.6. - [Release notes](https://github.com/tox-dev/tox/releases) - [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst) - [Commits](https://github.com/tox-dev/tox/compare/4.4.5...4.4.6) --- updated-dependencies: - dependency-name: tox dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- test/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/requirements.txt b/test/requirements.txt index 229d0135..c7848e8d 100644 --- a/test/requirements.txt +++ b/test/requirements.txt @@ -2,5 +2,5 @@ docker-compose == 1.29.2 pytest == 7.2.1 pytest-xdist == 3.2.0 pytest-testinfra == 7.0.0 -tox == 4.4.5 +tox == 4.4.6 From ddf972cede32c3b80fc25cfdab356c101d08f36e Mon Sep 17 00:00:00 2001 From: Alex Date: Thu, 8 Dec 2022 20:00:33 +0200 Subject: [PATCH 6/7] build: harden workflow permissions Signed-off-by: Alex --- .github/workflows/sync-back-to-dev.yml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/.github/workflows/sync-back-to-dev.yml b/.github/workflows/sync-back-to-dev.yml index f689ae36..8572ffde 100644 --- a/.github/workflows/sync-back-to-dev.yml +++ b/.github/workflows/sync-back-to-dev.yml @@ -5,8 +5,30 @@ on: branches: - master +# The section is needed to drop the default write-all permissions for all jobs +# that are granted on `push` event. By specifying any permission explicitly +# all others are set to none. By using the principle of least privilege the damage a compromised +# workflow can do (because of an injection or compromised third party tool or +# action) is restricted. Adding labels to issues, commenting +# on pull-requests, etc. may need additional permissions: +# +# Syntax for this section: +# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions +# +# Reference for how to assign permissions on a job-by-job basis: +# https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs +# +# Reference for available permissions that we can enable if needed: +# https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token +permissions: {} + jobs: sync-branches: + # The job needs to be able to pull the code and create a pull request. + permissions: + contents: read # for actions/checkout + pull-requests: write # to create pull request + runs-on: ubuntu-latest name: Syncing branches steps: From 0b60601f863fff2453b5a1e9cb9f678d33e72b13 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 4 Mar 2023 10:57:42 +0000 Subject: [PATCH 7/7] Bump pytest from 7.2.1 to 7.2.2 in /test Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.2.1 to 7.2.2. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pytest-dev/pytest/compare/7.2.1...7.2.2) --- updated-dependencies: - dependency-name: pytest dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- test/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/requirements.txt b/test/requirements.txt index c7848e8d..e64e8c66 100644 --- a/test/requirements.txt +++ b/test/requirements.txt @@ -1,5 +1,5 @@ docker-compose == 1.29.2 -pytest == 7.2.1 +pytest == 7.2.2 pytest-xdist == 3.2.0 pytest-testinfra == 7.0.0 tox == 4.4.6