michaelschiemer/scripts/ci/delete-all-workflow-runs.sh

#!/bin/bash
# Script to delete all workflow runs from Gitea repository
# Usage: ./scripts/delete-all-workflow-runs.sh [GITEA_TOKEN]

set -euo pipefail

# Colors
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color

GITEA_URL="${GITEA_URL:-https://git.michaelschiemer.de}"
REPO_OWNER="${REPO_OWNER:-michael}"
REPO_NAME="${REPO_NAME:-michaelschiemer}"

# Try to get token from parameter, env var, CI_TOKEN, or Ansible vault
if [ -n "${1:-}" ]; then
    GITEA_TOKEN="$1"
elif [ -n "${GITEA_TOKEN:-}" ]; then
    # Token already set
    :
elif [ -n "${CI_TOKEN:-}" ]; then
    GITEA_TOKEN="$CI_TOKEN"
else
    # Try to extract from Ansible vault
    SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
    PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
    VAULT_FILE="$PROJECT_ROOT/deployment/ansible/secrets/production.vault.yml"
    VAULT_PASS="$PROJECT_ROOT/deployment/ansible/.vault_pass"
    
    if [ -f "$VAULT_FILE" ] && command -v ansible-playbook >/dev/null 2>&1; then
        echo -e "${BLUE}Trying to extract CI_TOKEN from Ansible vault...${NC}"
        if [ -f "$VAULT_PASS" ]; then
            TOKEN=$(cd "$PROJECT_ROOT" && ansible localhost -m debug -a "var=vault_git_token" -e "@deployment/ansible/secrets/production.vault.yml" --vault-password-file "$VAULT_PASS" 2>/dev/null | grep -oP "vault_git_token.*\"\K[^\"]+" | head -1 || echo "")
        else
            TOKEN=$(cd "$PROJECT_ROOT" && ansible localhost -m debug -a "var=vault_git_token" -e "@deployment/ansible/secrets/production.vault.yml" --ask-vault-pass <<< "" 2>/dev/null | grep -oP "vault_git_token.*\"\K[^\"]+" | head -1 || echo "")
        fi
        
        if [ -n "$TOKEN" ] && [ "$TOKEN" != "null" ] && [ "$TOKEN" != "undefined" ]; then
            GITEA_TOKEN="$TOKEN"
            echo -e "${GREEN}? Token extracted from Ansible vault${NC}"
        fi
    fi
fi

echo -e "${BLUE}=== Gitea Workflow Runs Deletion ===${NC}"
echo ""

# Check if token is provided
if [ -z "$GITEA_TOKEN" ]; then
    echo -e "${YELLOW}??  GITEA_TOKEN nicht gesetzt${NC}"
    echo ""
    echo "Bitte generiere einen Gitea Access Token:"
    echo "1. Gehe zu: ${GITEA_URL}/user/settings/applications"
    echo "2. Klicke 'Generate New Token'"
    echo "3. Name: z.B. 'delete-workflow-runs'"
    echo "4. Scopes: 'write:repository' (mindestens)"
    echo "5. Kopiere den Token"
    echo ""
    echo "Dann f?hre aus:"
    echo "  export GITEA_TOKEN='dein-token'"
    echo "  ./scripts/delete-all-workflow-runs.sh"
    echo ""
    exit 1
fi

# Function to get all workflow runs
get_workflow_runs() {
    local page="${1:-1}"
    local per_page="${2:-100}"
    
    curl -s \
        -H "Authorization: token ${GITEA_TOKEN}" \
        -H "Accept: application/json" \
        "${GITEA_URL}/api/v1/repos/${REPO_OWNER}/${REPO_NAME}/actions/runs?page=${page}&limit=${per_page}"
}

# Function to delete a workflow run
delete_workflow_run() {
    local run_id=$1
    
    local response=$(curl -s -w "\n%{http_code}" \
        -X DELETE \
        -H "Authorization: token ${GITEA_TOKEN}" \
        "${GITEA_URL}/api/v1/repos/${REPO_OWNER}/${REPO_NAME}/actions/runs/${run_id}")
    
    local http_code=$(echo "$response" | tail -n1)
    local body=$(echo "$response" | sed '$d')
    
    if [ "$http_code" = "204" ] || [ "$http_code" = "200" ]; then
        return 0
    else
        echo -e "${RED}? FAILED (HTTP $http_code)${NC}"
        echo "Response: $body"
        return 1
    fi
}

echo "Repository: ${REPO_OWNER}/${REPO_NAME}"
echo "Gitea URL: ${GITEA_URL}"
echo ""

# Fetch all workflow runs
echo -e "${BLUE}Fetching workflow runs...${NC}"
all_runs=""
page=1
total_deleted=0

while true; do
    echo -n "Loading page ${page}... "
    runs_data=$(get_workflow_runs "$page" 100)
    
    # Check if we got any runs
    if ! echo "$runs_data" | grep -q "\"workflow_runs\""; then
        echo "no more runs"
        break
    fi
    
    # Extract run IDs using jq if available, otherwise use grep/sed
    if command -v jq >/dev/null 2>&1; then
        run_ids=$(echo "$runs_data" | jq -r '.workflow_runs[]?.id // empty' 2>/dev/null || echo "")
        total_count=$(echo "$runs_data" | jq -r '.total_count // 0' 2>/dev/null || echo "0")
    else
        # Fallback: extract IDs with grep/sed
        run_ids=$(echo "$runs_data" | grep -o '"id":[0-9]*' | grep -o '[0-9]*' || echo "")
        total_count=$(echo "$runs_data" | grep -o '"total_count":[0-9]*' | grep -o '[0-9]*' | head -1 || echo "0")
    fi
    
    if [ -z "$run_ids" ]; then
        echo "no runs found"
        break
    fi
    
    run_count=$(echo "$run_ids" | wc -l)
    echo "${run_count} runs found"
    
    # Delete each run
    for run_id in $run_ids; do
        if [ -n "$run_id" ] && [ "$run_id" != "null" ]; then
            echo -n "  Deleting run ${run_id}... "
            if delete_workflow_run "$run_id"; then
                echo -e "${GREEN}?${NC}"
                total_deleted=$((total_deleted + 1))
            else
                echo -e "${RED}?${NC}"
            fi
        fi
    done
    
    # Check if there are more pages
    if command -v jq >/dev/null 2>&1; then
        has_more=$(echo "$runs_data" | jq -r 'if .workflow_runs | length > 0 then true else false end' 2>/dev/null || echo "false")
    else
        has_more=$(echo "$runs_data" | grep -q '"workflow_runs"' && echo "true" || echo "false")
    fi
    
    if [ "$has_more" != "true" ] || [ "$run_count" -eq 0 ]; then
        break
    fi
    
    page=$((page + 1))
done

echo ""
echo -e "${GREEN}=== Deletion Complete ===${NC}"
echo -e "Total runs deleted: ${total_deleted}"
echo ""