michael/michaelschiemer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: use GITEA_TOKEN for git clone in production-deploy workflow

Browse Source 
- Update all checkout steps to use GITEA_TOKEN secret
- Fallback to public access if token not available
- Fixes checkout failures in native workflow
This commit is contained in:
Michael Schiemer
2025-10-31 03:45:32 +01:00
parent d4c0fb128b
commit 764528935c
1 changed files with 43 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

75
.gitea/workflows/production-deploy.yml
View File

@@ -36,16 +36,21 @@ jobs:
REF_NAME="main" REF_NAME="main"
fi fi
# Try HTTPS first, fallback to SSH # Use Gitea token if available, otherwise try public access
git clone --depth 1 --branch "$REF_NAME" \ if [ -n "${{ secrets.GITEA_TOKEN }}" ]; then
"https://git.michaelschiemer.de/${REPO}.git" \ git clone --depth 1 --branch "$REF_NAME" \
/workspace/repo || \ "https://${{ secrets.GITEA_TOKEN }}@git.michaelschiemer.de/${REPO}.git" \
git clone --depth 1 --branch "$REF_NAME" \ /workspace/repo
"git@git.michaelschiemer.de:${REPO}.git" \ else
/workspace/repo || \ # Try public HTTPS (works if repository is public)
git clone --depth 1 \ git clone --depth 1 --branch "$REF_NAME" \
"https://git.michaelschiemer.de/${REPO}.git" \ "https://git.michaelschiemer.de/${REPO}.git" \
/workspace/repo /workspace/repo || \
# Fallback: Try to use Gitea's internal runner access
git clone --depth 1 \
"https://git.michaelschiemer.de/${REPO}.git" \
/workspace/repo
fi
cd /workspace/repo cd /workspace/repo
@@ -118,16 +123,21 @@ jobs:
REF_NAME="main" REF_NAME="main"
fi fi
# Try HTTPS first, fallback to SSH # Use Gitea token if available, otherwise try public access
git clone --depth 1 --branch "$REF_NAME" \ if [ -n "${{ secrets.GITEA_TOKEN }}" ]; then
"https://git.michaelschiemer.de/${REPO}.git" \ git clone --depth 1 --branch "$REF_NAME" \
/workspace/repo || \ "https://${{ secrets.GITEA_TOKEN }}@git.michaelschiemer.de/${REPO}.git" \
git clone --depth 1 --branch "$REF_NAME" \ /workspace/repo
"git@git.michaelschiemer.de:${REPO}.git" \ else
/workspace/repo || \ # Try public HTTPS (works if repository is public)
git clone --depth 1 \ git clone --depth 1 --branch "$REF_NAME" \
"https://git.michaelschiemer.de/${REPO}.git" \ "https://git.michaelschiemer.de/${REPO}.git" \
/workspace/repo /workspace/repo || \
# Fallback: Try to use Gitea's internal runner access
git clone --depth 1 \
"https://git.michaelschiemer.de/${REPO}.git" \
/workspace/repo
fi
cd /workspace/repo cd /workspace/repo
@@ -200,22 +210,23 @@ jobs:
steps: steps:
- name: Checkout deployment scripts - name: Checkout deployment scripts
run: | run: |
REF_NAME="${GITEA_REF_NAME:-main}" REF_NAME="${{ github.ref_name }}"
REPO="${GITEA_REPOSITORY}" REPO="${{ github.repository }}"
SERVER_URL="${GITEA_SERVER_URL}" if [ -z "$REF_NAME" ]; then
REF_NAME="main"
# Try HTTPS first, fallback to SSH
if [ -n "$REPO" ] && [ -n "$SERVER_URL" ]; then
git clone --depth 1 --branch "$REF_NAME" \
"https://${SERVER_URL}/${REPO}.git" \
/workspace/repo || true
fi fi
# Fallback to SSH if HTTPS failed # Use Gitea token if available, otherwise try public access
if [ ! -d /workspace/repo ]; then if [ -n "${{ secrets.GITEA_TOKEN }}" ]; then
git clone --depth 1 --branch "$REF_NAME" \ git clone --depth 1 --branch "$REF_NAME" \
"git@git.michaelschiemer.de:${REPO}.git" \ "https://${{ secrets.GITEA_TOKEN }}@git.michaelschiemer.de/${REPO}.git" \
/workspace/repo
else
# Try public HTTPS (works if repository is public)
git clone --depth 1 --branch "$REF_NAME" \
"https://git.michaelschiemer.de/${REPO}.git" \
/workspace/repo || \ /workspace/repo || \
# Fallback: Try to use Gitea's internal runner access
git clone --depth 1 \ git clone --depth 1 \
"https://git.michaelschiemer.de/${REPO}.git" \ "https://git.michaelschiemer.de/${REPO}.git" \
/workspace/repo /workspace/repo