Create fedora.yml

[addminbpk]

Summary by CodeRabbit

• Chores
  • Added a new workflow to automate remote command execution via SSH on every push event.
  • Updated existing workflows to run on self-hosted runners for improved environment control.

[gemini-code-assist]

Note

Gemini is unable to generate a summary for this pull request due to the file types involved not being currently supported.

[coderabbitai]

Walkthrough

A new GitHub Actions workflow file named fedora.yml has been introduced. This workflow triggers on every push and runs a job that uses SSH to connect to a remote server and execute the whoami command, with all connection credentials provided via GitHub secrets. Additionally, the existing workflows in main.yml have been updated to run certain jobs on a self-hosted runner instead of the default GitHub-hosted runner. A similar SSH command step was also added in ssh-200.yml using password authentication.

Changes

File(s)	Change Summary
.github/workflows/fedora.yml	Added workflow to run whoami on a remote server via SSH using appleboy/ssh-action@v1.
.github/workflows/ssh-200.yml	Added SSH step using appleboy/[email protected] to run whoami on remote host with password.
.github/workflows/main.yml	Changed runner environment for jobs default-user-name-password and check-ssh-key to self-hosted.

Possibly related PRs

• ci: add workflow step for multi-command SSH testing #386: Adds GitHub Actions workflow steps using appleboy/ssh-action for SSH commands with password authentication, related by similar SSH action usage.

Poem

A workflow hops in, so spry and so neat,
With secrets in tow, its mission complete.
It leaps to a server, says "who am I?"
The answer returns, as time hops by.
🐇✨

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 3

🧹 Nitpick comments (1)

.github/workflows/fedora.yml (1)

15-15: Consider using a multi-line script block for maintainability.

Even for a single whoami, favour YAML’s folded style so future commands are easy to add without quoting headaches.

-          script: whoami
+          script: |
+            whoami

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 3ca8a7c and 8b8e9b4.

📒 Files selected for processing (1)

• .github/workflows/fedora.yml (1 hunks)

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

.github/workflows/main.yml (1)

7-7: Switching to the generic self-hosted label may cause scheduling & security surprises

Moving these two jobs to a “plain” self-hosted runner means:

• The workflow now depends on you having at least one online runner with the bare self-hosted label. If none is available, jobs will sit in the queue forever.
• The runner must have Docker CLI, permission to run privileged containers, and enough RAM/CPU for multiple nested containers (your steps spin up OpenSSH Docker images).
• Secrets are now exposed to whatever machine picks up the job; if you have more than one self-hosted runner, tighten the target pool by adding specific labels, e.g.:

runs-on: [self-hosted, linux, docker]

or by using a dedicated runner group.

Please verify that the intended runner(s) exist and carry the required labels/packages before merging.

Also applies to: 70-70

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 488eb71 and 39163df.

📒 Files selected for processing (1)

• .github/workflows/main.yml (2 hunks)

[appleboy]

Why?

[coderabbitai]

Actionable comments posted: 3

♻️ Duplicate comments (2)

.github/workflows/fedora.yml (2)

2-2: Trigger fires on every branch – restrict to protected branches or tags
Same concern was raised previously; please scope the push trigger to main, stable, or release tags to limit credential exposure.

---

9-15: Action version is mutable and uses password auth; pin & switch to key-based auth
These two issues were already noted in earlier reviews of this file.

-        uses: appleboy/ssh-action@v1
+        uses: appleboy/ssh-action@14e1f289e6a0b9b41f9b49b0c9b1b80d1e1b4b6d

-          username: linuxserver.io
-          password: ${{ secrets.PASSWORD }}
+          username: ${{ secrets.SSH_USER }}
+          key:      ${{ secrets.SSH_PRIVATE_KEY }}
+          passphrase: ${{ secrets.SSH_PASSPHRASE }}

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 39163df and 66921b3.

📒 Files selected for processing (2)

• .github/workflows/fedora.yml (1 hunks)
• .github/workflows/ssh-200.yml (1 hunks)

🧰 Additional context used

🪛 actionlint (1.7.7)

.github/workflows/fedora.yml

6-6: label "selft-hosted" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2025", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-24.04-arm", "ubuntu-22.04", "ubuntu-22.04-arm", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

.github/workflows/ssh-200.yml

1-1: workflow is sequence node but mapping node is expected

(syntax-check)

---

1-1: "on" section is missing in workflow

(syntax-check)

---

1-1: "jobs" section is missing in workflow

(syntax-check)