michael/michaelschiemer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: use GITEA_TOKEN for git clone in production-deploy workflow

Browse Source 
- Update all checkout steps to use GITEA_TOKEN secret
- Fallback to public access if token not available
- Fixes checkout failures in native workflow
This commit is contained in:
Michael Schiemer
2025-10-31 03:45:32 +01:00
parent d4c0fb128b
commit 764528935c
1 changed files with 43 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

75
.gitea/workflows/production-deploy.yml
View File

@@ -36,16 +36,21 @@ jobs:
REF_NAME="main"
fi
# Try HTTPS first, fallback to SSH
git clone --depth 1 --branch "$REF_NAME" \
"https://git.michaelschiemer.de/${REPO}.git" \
/workspace/repo || \
git clone --depth 1 --branch "$REF_NAME" \
"git@git.michaelschiemer.de:${REPO}.git" \
/workspace/repo || \
git clone --depth 1 \
"https://git.michaelschiemer.de/${REPO}.git" \
/workspace/repo
# Use Gitea token if available, otherwise try public access
if [ -n "${{ secrets.GITEA_TOKEN }}" ]; then
git clone --depth 1 --branch "$REF_NAME" \
"https://${{ secrets.GITEA_TOKEN }}@git.michaelschiemer.de/${REPO}.git" \
/workspace/repo
else
# Try public HTTPS (works if repository is public)
git clone --depth 1 --branch "$REF_NAME" \
"https://git.michaelschiemer.de/${REPO}.git" \
/workspace/repo || \
# Fallback: Try to use Gitea's internal runner access
git clone --depth 1 \
"https://git.michaelschiemer.de/${REPO}.git" \
/workspace/repo
fi
cd /workspace/repo
@@ -118,16 +123,21 @@ jobs:
REF_NAME="main"
fi
# Try HTTPS first, fallback to SSH
git clone --depth 1 --branch "$REF_NAME" \
"https://git.michaelschiemer.de/${REPO}.git" \
/workspace/repo || \
git clone --depth 1 --branch "$REF_NAME" \
"git@git.michaelschiemer.de:${REPO}.git" \
/workspace/repo || \
git clone --depth 1 \
"https://git.michaelschiemer.de/${REPO}.git" \
/workspace/repo
# Use Gitea token if available, otherwise try public access
if [ -n "${{ secrets.GITEA_TOKEN }}" ]; then
git clone --depth 1 --branch "$REF_NAME" \
"https://${{ secrets.GITEA_TOKEN }}@git.michaelschiemer.de/${REPO}.git" \
/workspace/repo
else
# Try public HTTPS (works if repository is public)
git clone --depth 1 --branch "$REF_NAME" \
"https://git.michaelschiemer.de/${REPO}.git" \
/workspace/repo || \
# Fallback: Try to use Gitea's internal runner access
git clone --depth 1 \
"https://git.michaelschiemer.de/${REPO}.git" \
/workspace/repo
fi
cd /workspace/repo
@@ -200,22 +210,23 @@ jobs:
steps:
- name: Checkout deployment scripts
run: |
REF_NAME="${GITEA_REF_NAME:-main}"
REPO="${GITEA_REPOSITORY}"
SERVER_URL="${GITEA_SERVER_URL}"
# Try HTTPS first, fallback to SSH
if [ -n "$REPO" ] && [ -n "$SERVER_URL" ]; then
git clone --depth 1 --branch "$REF_NAME" \
"https://${SERVER_URL}/${REPO}.git" \
/workspace/repo || true
REF_NAME="${{ github.ref_name }}"
REPO="${{ github.repository }}"
if [ -z "$REF_NAME" ]; then
REF_NAME="main"
fi
# Fallback to SSH if HTTPS failed
if [ ! -d /workspace/repo ]; then
# Use Gitea token if available, otherwise try public access
if [ -n "${{ secrets.GITEA_TOKEN }}" ]; then
git clone --depth 1 --branch "$REF_NAME" \
"git@git.michaelschiemer.de:${REPO}.git" \
"https://${{ secrets.GITEA_TOKEN }}@git.michaelschiemer.de/${REPO}.git" \
/workspace/repo
else
# Try public HTTPS (works if repository is public)
git clone --depth 1 --branch "$REF_NAME" \
"https://git.michaelschiemer.de/${REPO}.git" \
/workspace/repo || \
# Fallback: Try to use Gitea's internal runner access
git clone --depth 1 \
"https://git.michaelschiemer.de/${REPO}.git" \
/workspace/repo