name: Sync CI from skins-template to Every User Repository on: workflow_dispatch: jobs: sync-all: runs-on: ubuntu-latest container: image: ${{ vars.CONTAINER_REGISTRY }}/arlind/skins:latest env: GITEA_API: https://${{ vars.CONTAINER_REGISTRY }}/api/v1 TOKEN: ${{ secrets.TOKEN }} TEMPLATE_PATH: .gitea/workflows/ci.yml steps: - name: Fetch CI template via Gitea API shell: bash run: | resp=$(curl -sSL -H "Authorization: token $TOKEN" "$GITEA_API/repos/osc/skins-template/contents/$TEMPLATE_PATH?ref=main") template_b64=$(echo "$resp" | jq -r .content) echo "TEMPLATE_B64=$template_b64" >> $GITHUB_ENV - name: Fetch valid user repositories shell: bash run: | page=1 per_page=50 valid_repos_file=$(mktemp) user_count_total=$(curl -sSL -H "Authorization: token $TOKEN" "$GITEA_API/admin/users" | jq 'length') user_counter=1 while :; do users_json=$(curl -sSL -H "Authorization: token $TOKEN" "$GITEA_API/admin/users?limit=$per_page&page=$page") users_count=$(echo "$users_json" | jq 'length') [ "$users_count" -eq 0 ] && break for i in $(seq 0 $((users_count - 1))); do user_login=$(echo "$users_json" | jq -r ".[$i].login") echo "[$user_counter/$user_count_total] Processing user: $user_login" repos_json=$(curl -sSL -H "Authorization: token $TOKEN" "$GITEA_API/users/$user_login/repos") repo_count=$(echo "$repos_json" | jq 'length') if [ "$repo_count" -eq 0 ]; then echo "no repos for $user_login" else repo_matched=false for j in $(seq 0 $((repo_count - 1))); do owner=$(echo "$repos_json" | jq -r ".[$j].owner.login") repo=$(echo "$repos_json" | jq -r ".[$j].name") readme_json=$(curl -sSL -H "Authorization: token $TOKEN" "$GITEA_API/repos/$owner/$repo/contents/README.md" || echo "{}") content=$(echo "$readme_json" | jq -r .content 2>/dev/null | base64 -d 2>/dev/null || echo "") if echo "$content" | grep -qE "^---$" && echo "$content" | grep -q "^gitea: none" && echo "$content" | grep -q "^include_toc: true" && echo "$content" | grep -q "^# Skins"; then echo "$owner/$repo" >> "$valid_repos_file" echo "added $owner/$repo" repo_matched=true fi done [ "$repo_matched" = false ] && echo "no matching repos for $user_login" fi user_counter=$((user_counter + 1)) done page=$((page + 1)) done echo "VALID_REPOS_FILE=$valid_repos_file" >> $GITHUB_ENV - name: Update CI via Gitea API shell: bash run: | set -eo pipefail mapfile -t repos < "$VALID_REPOS_FILE" for idx in "${!repos[@]}"; do repo_full=${repos[$idx]} owner=${repo_full%%/*} repo=${repo_full##*/} url="$GITEA_API/repos/$owner/$repo/contents/$TEMPLATE_PATH" latest_tag=$(curl -sSL --fail -H "Authorization: token $TOKEN" \ "$GITEA_API/repos/$owner/$repo/tags" \ | jq -r '.[0].name // empty' ) if [[ -n "$latest_tag" && "$latest_tag" != "v1.0.0" ]]; then curl -sSL --fail -X DELETE \ -H "Authorization: token $TOKEN" \ "$GITEA_API/repos/$owner/$repo/git/refs/tags/$latest_tag" \ >/dev/null fi sha=$(curl -sSL --fail -H "Authorization: token $TOKEN" "$url" \ | jq -r 'select(.sha != null).sha // empty') if [[ -z "$sha" ]]; then msg="Add CI from skins-template" payload=$(jq -nc \ --arg message "$msg" \ --arg content "$TEMPLATE_B64" \ '{message: $message, content: $content, branch: "main"}') else msg="Update CI from skins-template" payload=$(jq -nc \ --arg message "$msg" \ --arg content "$TEMPLATE_B64" \ --arg sha "$sha" \ '{message: $message, content: $content, sha: $sha, branch: "main"}') fi if curl -sSL --fail -X PUT \ -H "Authorization: token $TOKEN" \ -H "Content-Type: application/json" \ -d "$payload" \ "$url" \ >/dev/null; then echo "✅ $owner/$repo" else echo "❌ $owner/$repo" >&2 fi done - name: Cleanup shell: bash run: rm -f "$VALID_REPOS_FILE"