diff --git a/.forgejo/workflows/build_release.yml b/.forgejo/workflows/build_release.yml index 847a3fd13..f2fb9a33a 100755 --- a/.forgejo/workflows/build_release.yml +++ b/.forgejo/workflows/build_release.yml @@ -270,6 +270,7 @@ jobs: COMMIT_LOGS: ${{ steps.prepare.outputs.COMMIT_LOGS }} REPO_URL: ${{ github.server_url }}/${{ github.repository }} REPOSITORY_NAME: ${{ github.repository }} + FORGEJO_CURL_INSECURE: "true" run: | set -euo pipefail @@ -342,6 +343,10 @@ jobs: } ensure_jq || { echo "jq not found; install jq on the runner (dnf install -y jq)."; exit 1; } ensure_curl || { echo "curl not found; install curl on the runner (dnf install -y curl)."; exit 1; } + curl_tls_args=() + if [ "${FORGEJO_CURL_INSECURE:-false}" = "true" ]; then + curl_tls_args+=(--insecure) + fi api_base="${GITHUB_API_URL}/repos/${GITHUB_REPOSITORY}/releases" payload_file="$(mktemp)" @@ -384,13 +389,13 @@ jobs: --arg body "${release_body}" \ '{tag_name: $tag, name: $title, body: $body, draft: true, prerelease: false}' > "${payload_file}" - status="$(curl -sS -o "$response_file" -w '%{http_code}' \ + status="$(curl "${curl_tls_args[@]}" -sS -o "$response_file" -w '%{http_code}' \ -H "Authorization: token ${FORGEJO_TOKEN}" \ "${api_base}/tags/${VERSION_TAG}")" if [ "$status" = "200" ]; then release_id="$("${JQ_BIN}" -r '.id' < "$response_file")" - curl -fsS \ + curl "${curl_tls_args[@]}" -fsS \ -X PATCH \ -H "Authorization: token ${FORGEJO_TOKEN}" \ -H 'Content-Type: application/json' \ @@ -398,7 +403,7 @@ jobs: "${api_base}/${release_id}" \ > "$response_file" elif [ "$status" = "404" ]; then - curl -fsS \ + curl "${curl_tls_args[@]}" -fsS \ -X POST \ -H "Authorization: token ${FORGEJO_TOKEN}" \ -H 'Content-Type: application/json' \ @@ -418,6 +423,7 @@ jobs: env: FORGEJO_TOKEN: ${{ secrets.GITHUB_TOKEN }} RELEASE_ID: ${{ steps.release.outputs.RELEASE_ID }} + FORGEJO_CURL_INSECURE: "true" run: | set -euo pipefail @@ -490,11 +496,15 @@ jobs: } ensure_jq || { echo "jq not found; install jq on the runner (dnf install -y jq)."; exit 1; } ensure_curl || { echo "curl not found; install curl on the runner (dnf install -y curl)."; exit 1; } + curl_tls_args=() + if [ "${FORGEJO_CURL_INSECURE:-false}" = "true" ]; then + curl_tls_args+=(--insecure) + fi release_api="${GITHUB_API_URL}/repos/${GITHUB_REPOSITORY}/releases/${RELEASE_ID}" assets_file="$(mktemp)" - curl -fsS \ + curl "${curl_tls_args[@]}" -fsS \ -H "Authorization: token ${FORGEJO_TOKEN}" \ "${release_api}/assets" \ > "$assets_file" @@ -513,7 +523,7 @@ jobs: asset_id="$("${JQ_BIN}" -r --arg n "${asset_name}" '(.[] | select(.name == $n) | .id) // empty' "$assets_file")" if [ -n "$asset_id" ] && [ "$asset_id" != "null" ]; then - curl -fsS \ + curl "${curl_tls_args[@]}" -fsS \ -X DELETE \ -H "Authorization: token ${FORGEJO_TOKEN}" \ "${release_api}/assets/${asset_id}" \ @@ -522,7 +532,7 @@ jobs: encoded_name="$("${JQ_BIN}" -nr --arg s "${asset_name}" '$s | @uri')" - curl -fsS \ + curl "${curl_tls_args[@]}" -fsS \ -X POST \ -H "Authorization: token ${FORGEJO_TOKEN}" \ -H 'Content-Type: application/octet-stream' \