From d0a935a8bc6f7fa9f84a554da1e35791ed32f1eb Mon Sep 17 00:00:00 2001
From: Deivid Soto <eividsoto@users.noreply.github.com>
Date: Wed, 27 May 2026 15:45:46 +0200
Subject: [PATCH] ci: port workflows from .github/ to .forgejo/ (Forgejo
 Actions)

GitHub torrentclaw org is shadow-banned; CI is hosted at git.torrentclaw.com
now. Move workflows into the runner's natively-watched .forgejo/workflows/
tree and adapt steps to run in the available 'docker'-labeled Forgejo runner
without GitHub-only tooling (gh CLI, third-party marketplace actions).

- Use container: image to ship the toolchain (no actions/setup-* needed).
- Drop GitHub-only marketplace actions in favour of upstream installers
  invoked over curl/apt.
- Where a workflow created a GitHub Release (release.yml), substitute the
  step with a curl call against the Forgejo Releases API
  (POST /repos/<owner>/<repo>/releases).
---
 {.github => .forgejo}/workflows/ci.yml | 21 ++++++++++++++++++---
 1 file changed, 18 insertions(+), 3 deletions(-)
 rename {.github => .forgejo}/workflows/ci.yml (76%)

diff --git a/.github/workflows/ci.yml b/.forgejo/workflows/ci.yml
similarity index 76%
rename from .github/workflows/ci.yml
rename to .forgejo/workflows/ci.yml
index 7822970..dde3e99 100644
--- a/.github/workflows/ci.yml
+++ b/.forgejo/workflows/ci.yml
@@ -12,9 +12,14 @@ permissions:
 jobs:
   lint-commits:
     name: Lint commits
-    runs-on: ubuntu-latest
+    runs-on: docker
+    container:
+      image: docker.io/library/ubuntu:24.04
     if: github.event_name == 'pull_request'
     steps:
+      - name: Install git + grep
+        run: apt-get update && apt-get install -y --no-install-recommends git ca-certificates
+
       - uses: actions/checkout@v4
         with:
           fetch-depth: 0
@@ -45,8 +50,13 @@ jobs:
 
   lint-scripts:
     name: Lint shell scripts
-    runs-on: ubuntu-latest
+    runs-on: docker
+    container:
+      image: docker.io/library/ubuntu:24.04
     steps:
+      - name: Install shellcheck
+        run: apt-get update && apt-get install -y --no-install-recommends shellcheck git ca-certificates
+
       - uses: actions/checkout@v4
 
       - name: Run ShellCheck
@@ -54,8 +64,13 @@ jobs:
 
   security-check:
     name: Security patterns check
-    runs-on: ubuntu-latest
+    runs-on: docker
+    container:
+      image: docker.io/library/ubuntu:24.04
     steps:
+      - name: Install grep + git
+        run: apt-get update && apt-get install -y --no-install-recommends git grep ca-certificates
+
       - uses: actions/checkout@v4
 
       - name: Check for unsafe string interpolation in curl payloads