CI: allow insecure curl for self-signed Forgejo API
All checks were successful
Forgejo Release Builder / release (push) Successful in 15m48s
All checks were successful
Forgejo Release Builder / release (push) Successful in 15m48s
This commit is contained in:
parent
0d6a348578
commit
7e3738551b
1 changed files with 16 additions and 6 deletions
|
|
@ -270,6 +270,7 @@ jobs:
|
||||||
COMMIT_LOGS: ${{ steps.prepare.outputs.COMMIT_LOGS }}
|
COMMIT_LOGS: ${{ steps.prepare.outputs.COMMIT_LOGS }}
|
||||||
REPO_URL: ${{ github.server_url }}/${{ github.repository }}
|
REPO_URL: ${{ github.server_url }}/${{ github.repository }}
|
||||||
REPOSITORY_NAME: ${{ github.repository }}
|
REPOSITORY_NAME: ${{ github.repository }}
|
||||||
|
FORGEJO_CURL_INSECURE: "true"
|
||||||
run: |
|
run: |
|
||||||
set -euo pipefail
|
set -euo pipefail
|
||||||
|
|
||||||
|
|
@ -342,6 +343,10 @@ jobs:
|
||||||
}
|
}
|
||||||
ensure_jq || { echo "jq not found; install jq on the runner (dnf install -y jq)."; exit 1; }
|
ensure_jq || { echo "jq not found; install jq on the runner (dnf install -y jq)."; exit 1; }
|
||||||
ensure_curl || { echo "curl not found; install curl on the runner (dnf install -y curl)."; exit 1; }
|
ensure_curl || { echo "curl not found; install curl on the runner (dnf install -y curl)."; exit 1; }
|
||||||
|
curl_tls_args=()
|
||||||
|
if [ "${FORGEJO_CURL_INSECURE:-false}" = "true" ]; then
|
||||||
|
curl_tls_args+=(--insecure)
|
||||||
|
fi
|
||||||
|
|
||||||
api_base="${GITHUB_API_URL}/repos/${GITHUB_REPOSITORY}/releases"
|
api_base="${GITHUB_API_URL}/repos/${GITHUB_REPOSITORY}/releases"
|
||||||
payload_file="$(mktemp)"
|
payload_file="$(mktemp)"
|
||||||
|
|
@ -384,13 +389,13 @@ jobs:
|
||||||
--arg body "${release_body}" \
|
--arg body "${release_body}" \
|
||||||
'{tag_name: $tag, name: $title, body: $body, draft: true, prerelease: false}' > "${payload_file}"
|
'{tag_name: $tag, name: $title, body: $body, draft: true, prerelease: false}' > "${payload_file}"
|
||||||
|
|
||||||
status="$(curl -sS -o "$response_file" -w '%{http_code}' \
|
status="$(curl "${curl_tls_args[@]}" -sS -o "$response_file" -w '%{http_code}' \
|
||||||
-H "Authorization: token ${FORGEJO_TOKEN}" \
|
-H "Authorization: token ${FORGEJO_TOKEN}" \
|
||||||
"${api_base}/tags/${VERSION_TAG}")"
|
"${api_base}/tags/${VERSION_TAG}")"
|
||||||
|
|
||||||
if [ "$status" = "200" ]; then
|
if [ "$status" = "200" ]; then
|
||||||
release_id="$("${JQ_BIN}" -r '.id' < "$response_file")"
|
release_id="$("${JQ_BIN}" -r '.id' < "$response_file")"
|
||||||
curl -fsS \
|
curl "${curl_tls_args[@]}" -fsS \
|
||||||
-X PATCH \
|
-X PATCH \
|
||||||
-H "Authorization: token ${FORGEJO_TOKEN}" \
|
-H "Authorization: token ${FORGEJO_TOKEN}" \
|
||||||
-H 'Content-Type: application/json' \
|
-H 'Content-Type: application/json' \
|
||||||
|
|
@ -398,7 +403,7 @@ jobs:
|
||||||
"${api_base}/${release_id}" \
|
"${api_base}/${release_id}" \
|
||||||
> "$response_file"
|
> "$response_file"
|
||||||
elif [ "$status" = "404" ]; then
|
elif [ "$status" = "404" ]; then
|
||||||
curl -fsS \
|
curl "${curl_tls_args[@]}" -fsS \
|
||||||
-X POST \
|
-X POST \
|
||||||
-H "Authorization: token ${FORGEJO_TOKEN}" \
|
-H "Authorization: token ${FORGEJO_TOKEN}" \
|
||||||
-H 'Content-Type: application/json' \
|
-H 'Content-Type: application/json' \
|
||||||
|
|
@ -418,6 +423,7 @@ jobs:
|
||||||
env:
|
env:
|
||||||
FORGEJO_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
FORGEJO_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||||
RELEASE_ID: ${{ steps.release.outputs.RELEASE_ID }}
|
RELEASE_ID: ${{ steps.release.outputs.RELEASE_ID }}
|
||||||
|
FORGEJO_CURL_INSECURE: "true"
|
||||||
run: |
|
run: |
|
||||||
set -euo pipefail
|
set -euo pipefail
|
||||||
|
|
||||||
|
|
@ -490,11 +496,15 @@ jobs:
|
||||||
}
|
}
|
||||||
ensure_jq || { echo "jq not found; install jq on the runner (dnf install -y jq)."; exit 1; }
|
ensure_jq || { echo "jq not found; install jq on the runner (dnf install -y jq)."; exit 1; }
|
||||||
ensure_curl || { echo "curl not found; install curl on the runner (dnf install -y curl)."; exit 1; }
|
ensure_curl || { echo "curl not found; install curl on the runner (dnf install -y curl)."; exit 1; }
|
||||||
|
curl_tls_args=()
|
||||||
|
if [ "${FORGEJO_CURL_INSECURE:-false}" = "true" ]; then
|
||||||
|
curl_tls_args+=(--insecure)
|
||||||
|
fi
|
||||||
|
|
||||||
release_api="${GITHUB_API_URL}/repos/${GITHUB_REPOSITORY}/releases/${RELEASE_ID}"
|
release_api="${GITHUB_API_URL}/repos/${GITHUB_REPOSITORY}/releases/${RELEASE_ID}"
|
||||||
assets_file="$(mktemp)"
|
assets_file="$(mktemp)"
|
||||||
|
|
||||||
curl -fsS \
|
curl "${curl_tls_args[@]}" -fsS \
|
||||||
-H "Authorization: token ${FORGEJO_TOKEN}" \
|
-H "Authorization: token ${FORGEJO_TOKEN}" \
|
||||||
"${release_api}/assets" \
|
"${release_api}/assets" \
|
||||||
> "$assets_file"
|
> "$assets_file"
|
||||||
|
|
@ -513,7 +523,7 @@ jobs:
|
||||||
asset_id="$("${JQ_BIN}" -r --arg n "${asset_name}" '(.[] | select(.name == $n) | .id) // empty' "$assets_file")"
|
asset_id="$("${JQ_BIN}" -r --arg n "${asset_name}" '(.[] | select(.name == $n) | .id) // empty' "$assets_file")"
|
||||||
|
|
||||||
if [ -n "$asset_id" ] && [ "$asset_id" != "null" ]; then
|
if [ -n "$asset_id" ] && [ "$asset_id" != "null" ]; then
|
||||||
curl -fsS \
|
curl "${curl_tls_args[@]}" -fsS \
|
||||||
-X DELETE \
|
-X DELETE \
|
||||||
-H "Authorization: token ${FORGEJO_TOKEN}" \
|
-H "Authorization: token ${FORGEJO_TOKEN}" \
|
||||||
"${release_api}/assets/${asset_id}" \
|
"${release_api}/assets/${asset_id}" \
|
||||||
|
|
@ -522,7 +532,7 @@ jobs:
|
||||||
|
|
||||||
encoded_name="$("${JQ_BIN}" -nr --arg s "${asset_name}" '$s | @uri')"
|
encoded_name="$("${JQ_BIN}" -nr --arg s "${asset_name}" '$s | @uri')"
|
||||||
|
|
||||||
curl -fsS \
|
curl "${curl_tls_args[@]}" -fsS \
|
||||||
-X POST \
|
-X POST \
|
||||||
-H "Authorization: token ${FORGEJO_TOKEN}" \
|
-H "Authorization: token ${FORGEJO_TOKEN}" \
|
||||||
-H 'Content-Type: application/octet-stream' \
|
-H 'Content-Type: application/octet-stream' \
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue