#!/bin/bash # Set Gitea Repository Secrets with Token # Usage: ./scripts/setup-gitea-secrets-with-token.sh # or: GITEA_TOKEN=xxx ./scripts/setup-gitea-secrets-with-token.sh set -euo pipefail GITEA_URL="${GITEA_URL:-https://git.michaelschiemer.de}" REPO_OWNER="${REPO_OWNER:-michael}" REPO_NAME="${REPO_NAME:-michaelschiemer}" GITEA_TOKEN="${1:-${GITEA_TOKEN:-}}" # Colors RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[1;33m' BLUE='\033[0;34m' NC='\033[0m' # No Color echo -e "${BLUE}=== Gitea Repository Secrets Setup ===${NC}" echo "" echo "Repository: ${REPO_OWNER}/${REPO_NAME}" echo "Gitea URL: ${GITEA_URL}" echo "" # Check if token is provided if [ -z "$GITEA_TOKEN" ]; then echo -e "${RED}❌ Fehler: GITEA_TOKEN nicht angegeben${NC}" echo "" echo "Verwendung:" echo " $0 " echo " oder:" echo " GITEA_TOKEN= $0" echo "" exit 1 fi # Function to create/update secret via API set_secret() { local secret_name=$1 local secret_value=$2 echo -n "Setting $secret_name... " # Base64 encode the secret value local encoded_value=$(printf '%s' "$secret_value" | base64 | tr -d '\n') # Gitea API endpoint: PUT /repos/{owner}/{repo}/actions/secrets/{secretname} local response=$(curl -s -w "\n%{http_code}" \ -X PUT \ -H "Authorization: token ${GITEA_TOKEN}" \ -H "Content-Type: application/json" \ "${GITEA_URL}/api/v1/repos/${REPO_OWNER}/${REPO_NAME}/actions/secrets/${secret_name}" \ -d "{ \"data\": \"${encoded_value}\" }" 2>&1) local http_code=$(echo "$response" | tail -n1) local body=$(echo "$response" | sed '$d') if [ "$http_code" = "204" ] || [ "$http_code" = "201" ]; then echo -e "${GREEN}✅ OK${NC}" return 0 elif [ "$http_code" = "404" ]; then echo -e "${YELLOW}⚠️ Repository oder Token-Berechtigung fehlt${NC}" echo "Response: $body" return 1 else echo -e "${RED}❌ FAILED (HTTP $http_code)${NC}" echo "Response: $body" return 1 fi } # Get registry password (default) REGISTRY_PASSWORD="${REGISTRY_PASSWORD:-registry-secure-password-2025}" # Get SSH private key if [ -f ~/.ssh/production ]; then SSH_PRIVATE_KEY=$(cat ~/.ssh/production) echo -e "${GREEN}✓ SSH private key gefunden${NC}" else echo -e "${RED}✗ SSH private key nicht gefunden in ~/.ssh/production${NC}" exit 1 fi echo "" echo "Testing API connection..." # Test API connection first test_response=$(curl -s -o /dev/null -w "%{http_code}" \ -H "Authorization: token ${GITEA_TOKEN}" \ "${GITEA_URL}/api/v1/repos/${REPO_OWNER}/${REPO_NAME}") if [ "$test_response" != "200" ]; then echo -e "${RED}❌ API-Verbindung fehlgeschlagen (HTTP $test_response)${NC}" echo "" echo "Mögliche Probleme:" echo "- Token ungültig oder fehlende Berechtigungen" echo "- Repository nicht gefunden: ${REPO_OWNER}/${REPO_NAME}" echo "- Netzwerkproblem" exit 1 fi echo -e "${GREEN}✅ API-Verbindung erfolgreich${NC}" echo "" echo "Setting secrets..." echo "" # Set secrets set_secret "REGISTRY_USER" "admin" set_secret "REGISTRY_PASSWORD" "$REGISTRY_PASSWORD" set_secret "SSH_PRIVATE_KEY" "$SSH_PRIVATE_KEY" echo "" echo -e "${GREEN}=== Secrets Setup Complete ===${NC}" echo "" echo "Prüfe Secrets in Gitea UI:" echo "${GITEA_URL}/${REPO_OWNER}/${REPO_NAME}/settings/secrets/actions" echo ""