name: Sync CI from skins-template to Every User Repository on: workflow_dispatch: jobs: sync-all: runs-on: ubuntu-latest container: image: ${{ vars.CONTAINER_REGISTRY }}/arlind/skins:latest env: GITEA_API: https://${{ vars.CONTAINER_REGISTRY }}/api/v1 TOKEN: ${{ secrets.TOKEN }} TEMPLATE_PATH: .gitea/workflows/ci.yml steps: - name: Fetch CI template via Gitea API shell: bash run: | resp=$(curl -sSL -H "Authorization: token $TOKEN" \ "$GITEA_API/repos/osc/skins-template/contents/$TEMPLATE_PATH?ref=main") template_b64=$(echo "$resp" | jq -r .content) echo "TEMPLATE_B64=$template_b64" >> $GITHUB_ENV - name: Fetch valid user repositories shell: bash run: | page=1 per_page=50 valid_repos_file=$(mktemp) user_count_total=$(curl -sSL -H "Authorization: token $TOKEN" \ "$GITEA_API/admin/users" | jq 'length') user_counter=1 while :; do users_json=$(curl -sSL -H "Authorization: token $TOKEN" \ "$GITEA_API/admin/users?limit=$per_page&page=$page") users_count=$(echo "$users_json" | jq 'length') [ "$users_count" -eq 0 ] && break for i in $(seq 0 $((users_count - 1))); do user_login=$(echo "$users_json" | jq -r ".[$i].login") echo "[$user_counter/$user_count_total] Processing user: $user_login" repos_json=$(curl -sSL -H "Authorization: token $TOKEN" \ "$GITEA_API/users/$user_login/repos") repo_count=$(echo "$repos_json" | jq 'length') if [ "$repo_count" -ne 0 ]; then repo_matched=false for j in $(seq 0 $((repo_count - 1))); do owner=$(echo "$repos_json" | jq -r ".[$j].owner.login") repo=$(echo "$repos_json" | jq -r ".[$j].name") contents=$(curl -sSL -H "Authorization: token $TOKEN" \ "$GITEA_API/repos/$owner/$repo/contents?ref=main") if echo "$contents" | jq -e '.[] | select(.type=="dir" and .name=="Skins")' >/dev/null; then echo "$owner/$repo" >> "$valid_repos_file" echo "added $owner/$repo" repo_matched=true fi done [ "$repo_matched" = false ] && echo "no matching repos for $user_login" else echo "no repos for $user_login" fi user_counter=$((user_counter + 1)) done page=$((page + 1)) done echo "VALID_REPOS_FILE=$valid_repos_file" >> $GITHUB_ENV - name: Update CI via Gitea API shell: bash run: | set -eo pipefail mapfile -t repos < "$VALID_REPOS_FILE" for repo_full in "${repos[@]}"; do owner=${repo_full%%/*} repo=${repo_full##*/} api="$GITEA_API/repos/$owner/$repo" default_branch=$(curl -sSL --fail -H "Authorization: token $TOKEN" \ "$api" | jq -r '.default_branch') latest_tag=$(curl -sSL --fail -H "Authorization: token $TOKEN" \ "$api/tags" | jq -r '.[0].name // empty') if [[ -n "$latest_tag" && "$latest_tag" != "v1.0.0" ]]; then curl -sSL -X DELETE -H "Authorization: token $TOKEN" \ "$api/git/refs/tags/$latest_tag" || true fi url="$api/contents/$TEMPLATE_PATH" sha=$(curl -sSL -H "Authorization: token $TOKEN" "$url" \ | jq -r 'select(.sha != null).sha // empty' || true) if [[ -z "$sha" ]]; then action="Add" msg="Add CI from skins-template" payload=$(jq -nc \ --arg message "$msg" \ --arg content "$TEMPLATE_B64" \ --arg branch "$default_branch" \ '{message: $message, content: $content, branch: $branch}') else action="Update" msg="Update CI from skins-template" payload=$(jq -nc \ --arg message "$msg" \ --arg content "$TEMPLATE_B64" \ --arg sha "$sha" \ --arg branch "$default_branch" \ '{message: $message, content: $content, sha: $sha, branch: $branch}') fi if curl -sSL --fail -X PUT \ -H "Authorization: token $TOKEN" \ -H "Content-Type: application/json" \ -d "$payload" \ "$url" >/dev/null; then echo "✅ $action $owner/$repo on branch $default_branch" else echo "❌ $action failed for $owner/$repo → $url" >&2 fi done - name: Cleanup shell: bash run: rm -f "$VALID_REPOS_FILE"