security: pin CI actions to commit SHAs

ci: add Gitea Actions workflow for make check
2026-02-20 02:58:12 -08:00 · 2026-02-20 02:48:41 -08:00
4 changed files with 44 additions and 4 deletions
--- a/.gitea/workflows/check.yml
+++ b/.gitea/workflows/check.yml
@@ -0,0 +1,23 @@
 name: Check
 on:
  push:
    branches: [main]
  pull_request:
    branches: [main]
 jobs:
  check:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
      - uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5
        with:
          go-version-file: go.mod
      - name: Install golangci-lint
        run: go install github.com/golangci/golangci-lint/v2/cmd/golangci-lint@v2.10.1
      - name: Run make check
        run: make check
--- a/.gitignore
+++ b/.gitignore
@@ -18,7 +18,3 @@ vendor/
 # Data
 /data/
 *.sqlite3
 # Local dev configs
 config.yaml
 config.dev.yml
--- a/config.dev.yml
+++ b/config.dev.yml
@@ -0,0 +1,11 @@
 # Development config for local Docker testing
 signing_key: "dev-signing-key-minimum-32-chars!"
 debug: true
 allow_http: true
 whitelist_hosts:
  - localhost
  - s3.sneak.cloud
  - static.sneak.cloud
  - sneak.berlin
  - github.com
  - user-images.githubusercontent.com
--- a/config.yaml
+++ b/config.yaml
@@ -0,0 +1,10 @@
 debug: true
 port: 8080
 state_dir: ./data
 signing_key: "test-signing-key-for-development-only"
 whitelist_hosts:
  - "*.example.com"
  - "images.unsplash.com"
  - "picsum.photos"
  - "s3.sneak.cloud"
 allow_http: false
Author	SHA1	Message	Date
user	8297bbe4de	security: pin CI actions to commit SHAs Some checks failed Check / check (pull_request) Failing after 5m31s Details	2026-02-20 02:58:12 -08:00
user	34fab46e12	ci: add Gitea Actions workflow for make check Some checks failed Check / check (pull_request) Failing after 5m37s Details	2026-02-20 02:48:41 -08:00