ci(unit-tests): add grep guard for (upload|download)-artifact@v4+

Adds a repo-invariant check in the same 'Assert' block as the ADR-012 birpc guard. Anchored to YAML `uses:` lines so the inline self-test fixture does not false-positive. Fails with an actionable error referencing ADR-014 / #557. Guard is intentionally RED at this commit — the three v4 call sites are downgraded in the next commit. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-14 08:46:29 +02:00
parent 582191d014
commit 3965541879
1 changed files with 17 additions and 0 deletions
--- a/.gitea/workflows/ci.yml
+++ b/.gitea/workflows/ci.yml
@@ -56,6 +56,23 @@ jobs:
            exit 1
          fi

+      - name: Assert no (upload|download)-artifact past v3
+        shell: bash
+        run: |
+          # Self-test: verify the regex catches v4+ (anchored to YAML `uses:` lines).
+          tmp=$(mktemp)
+          printf '        uses: actions/upload-artifact@v5\n' > "$tmp"
+          grep -qP '^\s+uses:\s+actions/(upload|download)-artifact@v[4-9]' "$tmp" \
+            || { echo "FAIL: guard self-test — regex missed upload-artifact@v5"; rm "$tmp"; exit 1; }
+          rm "$tmp"
+          # Guard: Gitea Actions (act_runner) does not implement the v4 artifact protocol.
+          # Both upload-artifact and download-artifact share the same incompatibility.
+          # Pin to @v3. See ADR-014 / #557.
+          if grep -RPn '^\s+uses:\s+actions/(upload|download)-artifact@v[4-9]' .gitea/workflows/; then
+            echo "::error::actions/(upload|download)-artifact@v4+ is unsupported on Gitea Actions (act_runner). Pin to @v3. See ADR-014 / #557."
+            exit 1
+          fi
+
      - name: Run unit and component tests with coverage
        shell: bash
        run: |