Update .gitea/workflows/deploy-ci.yaml
This commit is contained in:
Arlind
@@ -5,95 +5,137 @@ on:
|
|||||||
|
|
||||||
env:
|
env:
|
||||||
GITEA_API: https://${{ vars.CONTAINER_REGISTRY }}/api/v1
|
GITEA_API: https://${{ vars.CONTAINER_REGISTRY }}/api/v1
|
||||||
TOKEN: ${{ secrets.TOKEN }}
|
|
||||||
TEMPLATE_PATH: .gitea/workflows/ci.yml
|
TEMPLATE_PATH: .gitea/workflows/ci.yml
|
||||||
IMAGE_NAME: osc/skins-image
|
IMAGE_NAME: osc/skins-image
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
update_ci_for_all_users:
|
fetch-template:
|
||||||
name: Sync CI Template to All Skin Repositories
|
name: Fetch CI Template
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
container:
|
container:
|
||||||
image: ${{ vars.CONTAINER_REGISTRY }}/${{ env.IMAGE_NAME }}:latest
|
image: ${{ vars.CONTAINER_REGISTRY }}/${{ env.IMAGE_NAME }}:latest
|
||||||
|
outputs:
|
||||||
|
template_b64: ${{ steps.load-template.outputs.template_b64 }}
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: Mask Sensitive Tokens
|
- name: Mask Sensitive Token
|
||||||
run: echo "::add-mask::$TOKEN"
|
run: echo "::add-mask::${{ secrets.TOKEN }}"
|
||||||
|
|
||||||
- name: Fetch CI Template from skins-template
|
- id: load-template
|
||||||
|
name: Load Template from osc/skins-template
|
||||||
run: |
|
run: |
|
||||||
resp=$(curl -sSL -H "Authorization: token $TOKEN" \
|
set -eo pipefail
|
||||||
|
echo "📥 Fetching template from osc/skins-template@$TEMPLATE_PATH"
|
||||||
|
resp=$(curl -sSL -H "Authorization: token ${{ secrets.TOKEN }}" \
|
||||||
"$GITEA_API/repos/osc/skins-template/contents/$TEMPLATE_PATH?ref=main")
|
"$GITEA_API/repos/osc/skins-template/contents/$TEMPLATE_PATH?ref=main")
|
||||||
template_b64=$(echo "$resp" | jq -r .content)
|
|
||||||
echo "TEMPLATE_B64=$template_b64" >> $GITHUB_ENV
|
|
||||||
|
|
||||||
- name: Find Repositories with Skins Directory
|
template_b64=$(echo "$resp" | jq -r .content)
|
||||||
|
echo "✅ Template fetched and encoded"
|
||||||
|
echo "template_b64=$template_b64" >> $GITHUB_OUTPUT
|
||||||
|
|
||||||
|
discover-repositories:
|
||||||
|
name: Discover Valid Skin Repositories
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
container:
|
||||||
|
image: ${{ vars.CONTAINER_REGISTRY }}/${{ env.IMAGE_NAME }}:latest
|
||||||
|
outputs:
|
||||||
|
repo_list: ${{ steps.save-repos.outputs.repo_list }}
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- id: find-repos
|
||||||
|
name: Scan All Users for Valid Skin Repositories
|
||||||
run: |
|
run: |
|
||||||
|
set -eo pipefail
|
||||||
|
echo "🔍 Scanning users for repositories with 'Skins' directory"
|
||||||
|
repo_file="valid_repos.txt"
|
||||||
page=1
|
page=1
|
||||||
per_page=50
|
total_valid=0
|
||||||
valid_repos_file=$(mktemp)
|
user_index=1
|
||||||
user_count_total=$(curl -sSL -H "Authorization: token $TOKEN" \
|
users_total=$(curl -sSL -H "Authorization: token ${{ secrets.TOKEN }}" "$GITEA_API/admin/users" | jq 'length')
|
||||||
"$GITEA_API/admin/users" | jq 'length')
|
|
||||||
user_counter=1
|
|
||||||
|
|
||||||
while :; do
|
while :; do
|
||||||
users_json=$(curl -sSL -H "Authorization: token $TOKEN" \
|
users_json=$(curl -sSL -H "Authorization: token ${{ secrets.TOKEN }}" "$GITEA_API/admin/users?limit=50&page=$page")
|
||||||
"$GITEA_API/admin/users?limit=$per_page&page=$page")
|
|
||||||
users_count=$(echo "$users_json" | jq 'length')
|
users_count=$(echo "$users_json" | jq 'length')
|
||||||
[ "$users_count" -eq 0 ] && break
|
[ "$users_count" -eq 0 ] && break
|
||||||
|
|
||||||
for i in $(seq 0 $((users_count - 1))); do
|
for i in $(seq 0 $((users_count - 1))); do
|
||||||
user_login=$(echo "$users_json" | jq -r ".[$i].login")
|
user=$(echo "$users_json" | jq -r ".[$i].login")
|
||||||
echo "[$user_counter/$user_count_total] User: $user_login"
|
echo "[$user_index/$users_total] 👤 Checking user: $user"
|
||||||
repos_json=$(curl -sSL -H "Authorization: token $TOKEN" \
|
|
||||||
"$GITEA_API/users/$user_login/repos")
|
repos_json=$(curl -sSL -H "Authorization: token ${{ secrets.TOKEN }}" "$GITEA_API/users/$user/repos")
|
||||||
repo_count=$(echo "$repos_json" | jq 'length')
|
repo_count=$(echo "$repos_json" | jq 'length')
|
||||||
|
|
||||||
for j in $(seq 0 $((repo_count - 1))); do
|
for j in $(seq 0 $((repo_count - 1))); do
|
||||||
owner=$(echo "$repos_json" | jq -r ".[$j].owner.login")
|
owner=$(echo "$repos_json" | jq -r ".[$j].owner.login")
|
||||||
repo=$(echo "$repos_json" | jq -r ".[$j].name")
|
repo=$(echo "$repos_json" | jq -r ".[$j].name")
|
||||||
contents=$(curl -sSL -H "Authorization: token $TOKEN" \
|
contents=$(curl -sSL -H "Authorization: token ${{ secrets.TOKEN }}" "$GITEA_API/repos/$owner/$repo/contents?ref=main")
|
||||||
"$GITEA_API/repos/$owner/$repo/contents?ref=main")
|
|
||||||
if echo "$contents" | jq -e '.[] | select(.type=="dir" and .name=="Skins")' >/dev/null; then
|
if echo "$contents" | jq -e '.[] | select(.type=="dir" and .name=="Skins")' > /dev/null; then
|
||||||
echo "$owner/$repo" >> "$valid_repos_file"
|
echo "$owner/$repo" >> "$repo_file"
|
||||||
echo "✔️ Found valid repo: $owner/$repo"
|
echo " ✅ Valid repo found: $owner/$repo"
|
||||||
|
total_valid=$((total_valid + 1))
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
|
user_index=$((user_index + 1))
|
||||||
user_counter=$((user_counter + 1))
|
|
||||||
done
|
done
|
||||||
page=$((page + 1))
|
page=$((page + 1))
|
||||||
done
|
done
|
||||||
|
|
||||||
echo "VALID_REPOS_FILE=$valid_repos_file" >> $GITHUB_ENV
|
echo "✅ Discovery complete — $total_valid valid repositories"
|
||||||
|
echo "repo_list=$repo_file" >> $GITHUB_OUTPUT
|
||||||
|
|
||||||
- name: Apply CI Template to Valid Repositories
|
- id: save-repos
|
||||||
shell: bash
|
name: Save Valid Repository List
|
||||||
run: |
|
run: |
|
||||||
mapfile -t repos < "$VALID_REPOS_FILE"
|
echo "Valid repos saved to file"
|
||||||
|
echo "repo_list=valid_repos.txt" >> $GITHUB_OUTPUT
|
||||||
|
|
||||||
|
sync-template:
|
||||||
|
name: Sync CI Template
|
||||||
|
needs: [fetch-template, discover-repositories]
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
container:
|
||||||
|
image: ${{ vars.CONTAINER_REGISTRY }}/${{ env.IMAGE_NAME }}:latest
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: Load Template Content
|
||||||
|
run: echo "Loaded template content for update"
|
||||||
|
|
||||||
|
- name: Read Repository List
|
||||||
|
run: |
|
||||||
|
cp "${{ needs.discover-repositories.outputs.repo_list }}" repos.txt
|
||||||
|
echo "🗂️ Repositories to process:"
|
||||||
|
cat repos.txt
|
||||||
|
|
||||||
|
- name: Sync Template to Repositories
|
||||||
|
run: |
|
||||||
|
mapfile -t repos < repos.txt
|
||||||
for repo_full in "${repos[@]}"; do
|
for repo_full in "${repos[@]}"; do
|
||||||
owner=${repo_full%%/*}
|
owner="${repo_full%%/*}"
|
||||||
repo=${repo_full##*/}
|
repo="${repo_full##*/}"
|
||||||
api="$GITEA_API/repos/$owner/$repo"
|
api="$GITEA_API/repos/$owner/$repo"
|
||||||
|
|
||||||
default_branch=$(curl -sSL -H "Authorization: token $TOKEN" "$api" | jq -r '.default_branch')
|
echo "🔧 Syncing CI to: $owner/$repo"
|
||||||
latest_tag=$(curl -sSL -H "Authorization: token $TOKEN" "$api/tags" | jq -r '.[0].name // empty')
|
|
||||||
|
default_branch=$(curl -sSL -H "Authorization: token ${{ secrets.TOKEN }}" "$api" | jq -r '.default_branch')
|
||||||
|
latest_tag=$(curl -sSL -H "Authorization: token ${{ secrets.TOKEN }}" "$api/tags" | jq -r '.[0].name // empty')
|
||||||
url="$api/contents/$TEMPLATE_PATH"
|
url="$api/contents/$TEMPLATE_PATH"
|
||||||
sha=$(curl -sSL -H "Authorization: token $TOKEN" "$url" | jq -r '.sha // empty' || true)
|
|
||||||
|
sha=$(curl -sSL -H "Authorization: token ${{ secrets.TOKEN }}" "$url" | jq -r '.sha // empty' || true)
|
||||||
|
|
||||||
if [[ -z "$sha" ]]; then
|
if [[ -z "$sha" ]]; then
|
||||||
action="Add"
|
action="Add"
|
||||||
msg="Add CI from skins-template"
|
msg="Add CI from skins-template"
|
||||||
payload=$(jq -nc --arg message "$msg" --arg content "$TEMPLATE_B64" --arg branch "$default_branch" \
|
payload=$(jq -nc --arg message "$msg" --arg content "${{ needs.fetch-template.outputs.template_b64 }}" --arg branch "$default_branch" \
|
||||||
'{message: $message, content: $content, branch: $branch}')
|
'{message: $message, content: $content, branch: $branch}')
|
||||||
else
|
else
|
||||||
action="Update"
|
action="Update"
|
||||||
msg="Update CI from skins-template"
|
msg="Update CI from skins-template"
|
||||||
payload=$(jq -nc --arg message "$msg" --arg content "$TEMPLATE_B64" --arg sha "$sha" --arg branch "$default_branch" \
|
payload=$(jq -nc --arg message "$msg" --arg content "${{ needs.fetch-template.outputs.template_b64 }}" --arg sha "$sha" --arg branch "$default_branch" \
|
||||||
'{message: $message, content: $content, sha: $sha, branch: $branch}')
|
'{message: $message, content: $content, sha: $sha, branch: $branch}')
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if curl -sSL --fail -X PUT -H "Authorization: token $TOKEN" -H "Content-Type: application/json" \
|
if curl -sSL --fail -X PUT -H "Authorization: token ${{ secrets.TOKEN }}" -H "Content-Type: application/json" \
|
||||||
-d "$payload" "$url" >/dev/null; then
|
-d "$payload" "$url" >/dev/null; then
|
||||||
echo "✅ $action successful for $owner/$repo on branch $default_branch"
|
echo "✅ $action successful for $owner/$repo on branch $default_branch"
|
||||||
else
|
else
|
||||||
@@ -101,5 +143,5 @@ jobs:
|
|||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
|
|
||||||
- name: Cleanup Temporary Files
|
- name: Cleanup
|
||||||
run: rm -f "$VALID_REPOS_FILE"
|
run: rm -f repos.txt
|
||||||
|
|||||||
Reference in New Issue
Block a user