ci(unit-tests): add negative self-test case to upload-artifact guard

The previous self-test proved the regex catches @v5 (positive case). This adds a negative case proving @v3 is NOT flagged — guards against a false-positive that would break every CI run permanently. Suggested by Sara Holt in review of PR #558. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-14 10:18:05 +02:00
parent 37b2ed6a90
commit 22538e32a7
1 changed files with 4 additions and 1 deletions
--- a/.gitea/workflows/ci.yml
+++ b/.gitea/workflows/ci.yml
@@ -59,11 +59,14 @@ jobs:
      - name: Assert no (upload|download)-artifact past v3
        shell: bash
        run: |
-          # Self-test: verify the regex catches v4+ (anchored to YAML `uses:` lines).
+          # Self-test: verify the regex catches v4+ and does not catch v3.
          tmp=$(mktemp)
          printf '        uses: actions/upload-artifact@v5\n' > "$tmp"
          grep -qP '^\s+uses:\s+actions/(upload|download)-artifact@v[4-9]' "$tmp" \
            || { echo "FAIL: guard self-test — regex missed upload-artifact@v5"; rm "$tmp"; exit 1; }
+          printf '        uses: actions/upload-artifact@v3\n' > "$tmp"
+          grep -qvP '^\s+uses:\s+actions/(upload|download)-artifact@v[4-9]' "$tmp" \
+            || { echo "FAIL: guard self-test — regex incorrectly flagged upload-artifact@v3"; rm "$tmp"; exit 1; }
          rm "$tmp"
          # Guard: Gitea Actions (act_runner) does not implement the v4 artifact protocol.
          # Both upload-artifact and download-artifact share the same incompatibility.