fix: use SSH git clone for checkout to bypass Gitea API 404
Gitea archive API returns 404 for private repos. Switched to SSH-based git clone which uses runner SSH keys for authentication. - Replace curl+tar archive download with git clone over SSH - Add ssh-keyscan for host key verification - Alpine job installs openssh-client and git - All other runners have git/ssh pre-installed
This commit is contained in:
@ -17,19 +17,14 @@ jobs:
|
|||||||
runs-on: ubuntu-24.04
|
runs-on: ubuntu-24.04
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout repository
|
- name: Checkout repository
|
||||||
env:
|
|
||||||
GITEA_TOKEN: ${{ secrets.giteatoken }}
|
|
||||||
run: |
|
run: |
|
||||||
set -e
|
set -e
|
||||||
REPO_URL="https://gitea-lxc.moon-dragon.us/echo/linux_patch_api/archive/${GITHUB_SHA}.tar.gz"
|
mkdir -p ~/.ssh
|
||||||
echo "Downloading archive from $REPO_URL ..."
|
ssh-keyscan -H gitea-lxc.moon-dragon.us >> ~/.ssh/known_hosts 2>/dev/null || true
|
||||||
if [ -n "$GITEA_TOKEN" ]; then
|
git clone --depth 1 git@gitea-lxc.moon-dragon.us:echo/linux_patch_api.git .
|
||||||
curl -sfL -H "Authorization: token $GITEA_TOKEN" "$REPO_URL" -o repo.tar.gz
|
git config --global --add safe.directory "$(pwd)"
|
||||||
else
|
git fetch origin "$GITHUB_SHA" --depth=1
|
||||||
curl -sfL "$REPO_URL" -o repo.tar.gz
|
git checkout -f "$GITHUB_SHA"
|
||||||
fi
|
|
||||||
tar -xzf repo.tar.gz --strip-components=1
|
|
||||||
rm -f repo.tar.gz
|
|
||||||
- name: Install Rust
|
- name: Install Rust
|
||||||
run: |
|
run: |
|
||||||
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain stable --profile minimal
|
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain stable --profile minimal
|
||||||
@ -44,19 +39,14 @@ jobs:
|
|||||||
runs-on: ubuntu-24.04
|
runs-on: ubuntu-24.04
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout repository
|
- name: Checkout repository
|
||||||
env:
|
|
||||||
GITEA_TOKEN: ${{ secrets.giteatoken }}
|
|
||||||
run: |
|
run: |
|
||||||
set -e
|
set -e
|
||||||
REPO_URL="https://gitea-lxc.moon-dragon.us/echo/linux_patch_api/archive/${GITHUB_SHA}.tar.gz"
|
mkdir -p ~/.ssh
|
||||||
echo "Downloading archive from $REPO_URL ..."
|
ssh-keyscan -H gitea-lxc.moon-dragon.us >> ~/.ssh/known_hosts 2>/dev/null || true
|
||||||
if [ -n "$GITEA_TOKEN" ]; then
|
git clone --depth 1 git@gitea-lxc.moon-dragon.us:echo/linux_patch_api.git .
|
||||||
curl -sfL -H "Authorization: token $GITEA_TOKEN" "$REPO_URL" -o repo.tar.gz
|
git config --global --add safe.directory "$(pwd)"
|
||||||
else
|
git fetch origin "$GITHUB_SHA" --depth=1
|
||||||
curl -sfL "$REPO_URL" -o repo.tar.gz
|
git checkout -f "$GITHUB_SHA"
|
||||||
fi
|
|
||||||
tar -xzf repo.tar.gz --strip-components=1
|
|
||||||
rm -f repo.tar.gz
|
|
||||||
- name: Install Rust
|
- name: Install Rust
|
||||||
run: |
|
run: |
|
||||||
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain stable --profile minimal
|
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain stable --profile minimal
|
||||||
@ -75,19 +65,14 @@ jobs:
|
|||||||
runs-on: ubuntu-24.04
|
runs-on: ubuntu-24.04
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout repository
|
- name: Checkout repository
|
||||||
env:
|
|
||||||
GITEA_TOKEN: ${{ secrets.giteatoken }}
|
|
||||||
run: |
|
run: |
|
||||||
set -e
|
set -e
|
||||||
REPO_URL="https://gitea-lxc.moon-dragon.us/echo/linux_patch_api/archive/${GITHUB_SHA}.tar.gz"
|
mkdir -p ~/.ssh
|
||||||
echo "Downloading archive from $REPO_URL ..."
|
ssh-keyscan -H gitea-lxc.moon-dragon.us >> ~/.ssh/known_hosts 2>/dev/null || true
|
||||||
if [ -n "$GITEA_TOKEN" ]; then
|
git clone --depth 1 git@gitea-lxc.moon-dragon.us:echo/linux_patch_api.git .
|
||||||
curl -sfL -H "Authorization: token $GITEA_TOKEN" "$REPO_URL" -o repo.tar.gz
|
git config --global --add safe.directory "$(pwd)"
|
||||||
else
|
git fetch origin "$GITHUB_SHA" --depth=1
|
||||||
curl -sfL "$REPO_URL" -o repo.tar.gz
|
git checkout -f "$GITHUB_SHA"
|
||||||
fi
|
|
||||||
tar -xzf repo.tar.gz --strip-components=1
|
|
||||||
rm -f repo.tar.gz
|
|
||||||
- name: Install Rust
|
- name: Install Rust
|
||||||
run: |
|
run: |
|
||||||
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain stable --profile minimal
|
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain stable --profile minimal
|
||||||
@ -105,19 +90,14 @@ jobs:
|
|||||||
runs-on: ubuntu-24.04
|
runs-on: ubuntu-24.04
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout repository
|
- name: Checkout repository
|
||||||
env:
|
|
||||||
GITEA_TOKEN: ${{ secrets.giteatoken }}
|
|
||||||
run: |
|
run: |
|
||||||
set -e
|
set -e
|
||||||
REPO_URL="https://gitea-lxc.moon-dragon.us/echo/linux_patch_api/archive/${GITHUB_SHA}.tar.gz"
|
mkdir -p ~/.ssh
|
||||||
echo "Downloading archive from $REPO_URL ..."
|
ssh-keyscan -H gitea-lxc.moon-dragon.us >> ~/.ssh/known_hosts 2>/dev/null || true
|
||||||
if [ -n "$GITEA_TOKEN" ]; then
|
git clone --depth 1 git@gitea-lxc.moon-dragon.us:echo/linux_patch_api.git .
|
||||||
curl -sfL -H "Authorization: token $GITEA_TOKEN" "$REPO_URL" -o repo.tar.gz
|
git config --global --add safe.directory "$(pwd)"
|
||||||
else
|
git fetch origin "$GITHUB_SHA" --depth=1
|
||||||
curl -sfL "$REPO_URL" -o repo.tar.gz
|
git checkout -f "$GITHUB_SHA"
|
||||||
fi
|
|
||||||
tar -xzf repo.tar.gz --strip-components=1
|
|
||||||
rm -f repo.tar.gz
|
|
||||||
- name: Install Rust
|
- name: Install Rust
|
||||||
run: |
|
run: |
|
||||||
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain stable --profile minimal
|
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain stable --profile minimal
|
||||||
@ -138,19 +118,14 @@ jobs:
|
|||||||
runs-on: ubuntu-24.04
|
runs-on: ubuntu-24.04
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout repository
|
- name: Checkout repository
|
||||||
env:
|
|
||||||
GITEA_TOKEN: ${{ secrets.giteatoken }}
|
|
||||||
run: |
|
run: |
|
||||||
set -e
|
set -e
|
||||||
REPO_URL="https://gitea-lxc.moon-dragon.us/echo/linux_patch_api/archive/${GITHUB_SHA}.tar.gz"
|
mkdir -p ~/.ssh
|
||||||
echo "Downloading archive from $REPO_URL ..."
|
ssh-keyscan -H gitea-lxc.moon-dragon.us >> ~/.ssh/known_hosts 2>/dev/null || true
|
||||||
if [ -n "$GITEA_TOKEN" ]; then
|
git clone --depth 1 git@gitea-lxc.moon-dragon.us:echo/linux_patch_api.git .
|
||||||
curl -sfL -H "Authorization: token $GITEA_TOKEN" "$REPO_URL" -o repo.tar.gz
|
git config --global --add safe.directory "$(pwd)"
|
||||||
else
|
git fetch origin "$GITHUB_SHA" --depth=1
|
||||||
curl -sfL "$REPO_URL" -o repo.tar.gz
|
git checkout -f "$GITHUB_SHA"
|
||||||
fi
|
|
||||||
tar -xzf repo.tar.gz --strip-components=1
|
|
||||||
rm -f repo.tar.gz
|
|
||||||
- name: Install Rust
|
- name: Install Rust
|
||||||
run: |
|
run: |
|
||||||
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain stable --profile minimal
|
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain stable --profile minimal
|
||||||
@ -178,19 +153,14 @@ jobs:
|
|||||||
runs-on: fedora
|
runs-on: fedora
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout repository
|
- name: Checkout repository
|
||||||
env:
|
|
||||||
GITEA_TOKEN: ${{ secrets.giteatoken }}
|
|
||||||
run: |
|
run: |
|
||||||
set -e
|
set -e
|
||||||
REPO_URL="https://gitea-lxc.moon-dragon.us/echo/linux_patch_api/archive/${GITHUB_SHA}.tar.gz"
|
mkdir -p ~/.ssh
|
||||||
echo "Downloading archive from $REPO_URL ..."
|
ssh-keyscan -H gitea-lxc.moon-dragon.us >> ~/.ssh/known_hosts 2>/dev/null || true
|
||||||
if [ -n "$GITEA_TOKEN" ]; then
|
git clone --depth 1 git@gitea-lxc.moon-dragon.us:echo/linux_patch_api.git .
|
||||||
curl -sfL -H "Authorization: token $GITEA_TOKEN" "$REPO_URL" -o repo.tar.gz
|
git config --global --add safe.directory "$(pwd)"
|
||||||
else
|
git fetch origin "$GITHUB_SHA" --depth=1
|
||||||
curl -sfL "$REPO_URL" -o repo.tar.gz
|
git checkout -f "$GITHUB_SHA"
|
||||||
fi
|
|
||||||
tar -xzf repo.tar.gz --strip-components=1
|
|
||||||
rm -f repo.tar.gz
|
|
||||||
- name: Install Rust
|
- name: Install Rust
|
||||||
run: |
|
run: |
|
||||||
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain stable --profile minimal
|
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain stable --profile minimal
|
||||||
@ -220,29 +190,24 @@ jobs:
|
|||||||
runs-on: alpine
|
runs-on: alpine
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout repository
|
- name: Checkout repository
|
||||||
env:
|
|
||||||
GITEA_TOKEN: ${{ secrets.giteatoken }}
|
|
||||||
run: |
|
run: |
|
||||||
set -e
|
set -e
|
||||||
REPO_URL="https://gitea-lxc.moon-dragon.us/echo/linux_patch_api/archive/${GITHUB_SHA}.tar.gz"
|
mkdir -p ~/.ssh
|
||||||
echo "Downloading archive from $REPO_URL ..."
|
ssh-keyscan -H gitea-lxc.moon-dragon.us >> ~/.ssh/known_hosts 2>/dev/null || true
|
||||||
if [ -n "$GITEA_TOKEN" ]; then
|
git clone --depth 1 git@gitea-lxc.moon-dragon.us:echo/linux_patch_api.git .
|
||||||
curl -sfL -H "Authorization: token $GITEA_TOKEN" "$REPO_URL" -o repo.tar.gz
|
git config --global --add safe.directory "$(pwd)"
|
||||||
else
|
git fetch origin "$GITHUB_SHA" --depth=1
|
||||||
curl -sfL "$REPO_URL" -o repo.tar.gz
|
git checkout -f "$GITHUB_SHA"
|
||||||
fi
|
|
||||||
tar -xzf repo.tar.gz --strip-components=1
|
|
||||||
rm -f repo.tar.gz
|
|
||||||
- name: Install Rust
|
- name: Install Rust
|
||||||
run: |
|
run: |
|
||||||
apk add --no-cache curl bash
|
apk add --no-cache curl bash git openssh-client
|
||||||
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain stable --profile minimal
|
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain stable --profile minimal
|
||||||
. "$HOME/.cargo/env"
|
. "$HOME/.cargo/env"
|
||||||
rustup target add x86_64-unknown-linux-musl
|
rustup target add x86_64-unknown-linux-musl
|
||||||
echo "$HOME/.cargo/bin" >> "$GITHUB_PATH"
|
echo "$HOME/.cargo/bin" >> "$GITHUB_PATH"
|
||||||
- name: Install build dependencies
|
- name: Install build dependencies
|
||||||
run: |
|
run: |
|
||||||
apk add --no-cache alpine-sdk rust cargo openssl-dev elogind-dev musl-dev git abuild gcc
|
apk add --no-cache alpine-sdk rust cargo openssl-dev elogind-dev musl-dev abuild gcc
|
||||||
- name: Build release binary
|
- name: Build release binary
|
||||||
run: cargo build --release --target x86_64-unknown-linux-musl
|
run: cargo build --release --target x86_64-unknown-linux-musl
|
||||||
- name: Build Alpine package
|
- name: Build Alpine package
|
||||||
@ -265,19 +230,14 @@ jobs:
|
|||||||
runs-on: arch
|
runs-on: arch
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout repository
|
- name: Checkout repository
|
||||||
env:
|
|
||||||
GITEA_TOKEN: ${{ secrets.giteatoken }}
|
|
||||||
run: |
|
run: |
|
||||||
set -e
|
set -e
|
||||||
REPO_URL="https://gitea-lxc.moon-dragon.us/echo/linux_patch_api/archive/${GITHUB_SHA}.tar.gz"
|
mkdir -p ~/.ssh
|
||||||
echo "Downloading archive from $REPO_URL ..."
|
ssh-keyscan -H gitea-lxc.moon-dragon.us >> ~/.ssh/known_hosts 2>/dev/null || true
|
||||||
if [ -n "$GITEA_TOKEN" ]; then
|
git clone --depth 1 git@gitea-lxc.moon-dragon.us:echo/linux_patch_api.git .
|
||||||
curl -sfL -H "Authorization: token $GITEA_TOKEN" "$REPO_URL" -o repo.tar.gz
|
git config --global --add safe.directory "$(pwd)"
|
||||||
else
|
git fetch origin "$GITHUB_SHA" --depth=1
|
||||||
curl -sfL "$REPO_URL" -o repo.tar.gz
|
git checkout -f "$GITHUB_SHA"
|
||||||
fi
|
|
||||||
tar -xzf repo.tar.gz --strip-components=1
|
|
||||||
rm -f repo.tar.gz
|
|
||||||
- name: Install Rust
|
- name: Install Rust
|
||||||
run: |
|
run: |
|
||||||
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain stable --profile minimal
|
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain stable --profile minimal
|
||||||
|
|||||||
Reference in New Issue
Block a user