git-echo/linux_patch_api
Private
Public Access
1
0
Fork 0
Code Releases 32 Wiki Activity
Files
44359c23ff7efedc23ccf436c71a4b708081eaf9
linux_patch_api/.gitea/workflows/ci.yml
Echo 44359c23ff fix: add GITEA_TOKEN auth to archive download 
Gitea returns 404 for private repo archives without authentication.
Added Authorization header with token to curl command for all
checkout steps.
2026-04-26 21:05:01 +00:00

303 lines
11 KiB
YAML
Raw Blame History

name: CI/CD Pipeline
"on":
push:
branches: [ master, develop ]
tags: [ 'v*' ]
pull_request:
branches: [ master ]
env:
CARGO_TERM_COLOR: always
RUST_BACKTRACE: 1
jobs:
fmt:
name: Code Format
runs-on: ubuntu-24.04
steps:
- name: Checkout repository
env:
GITEA_TOKEN: ${{ secrets.giteatoken }}
run: |
set -e
REPO_URL="https://gitea-lxc.moon-dragon.us/echo/linux_patch_api/archive/${GITHUB_SHA}.tar.gz"
echo "Downloading archive from $REPO_URL ..."
if [ -n "$GITEA_TOKEN" ]; then
curl -sfL -H "Authorization: token $GITEA_TOKEN" "$REPO_URL" -o repo.tar.gz
else
curl -sfL "$REPO_URL" -o repo.tar.gz
fi
tar -xzf repo.tar.gz --strip-components=1
rm -f repo.tar.gz
- name: Install Rust
run: |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain stable --profile minimal
. "$HOME/.cargo/env"
rustup component add rustfmt
echo "$HOME/.cargo/bin" >> "$GITHUB_PATH"
- name: Check formatting
run: cargo fmt --all -- --check
clippy:
name: Clippy Lints
runs-on: ubuntu-24.04
steps:
- name: Checkout repository
env:
GITEA_TOKEN: ${{ secrets.giteatoken }}
run: |
set -e
REPO_URL="https://gitea-lxc.moon-dragon.us/echo/linux_patch_api/archive/${GITHUB_SHA}.tar.gz"
echo "Downloading archive from $REPO_URL ..."
if [ -n "$GITEA_TOKEN" ]; then
curl -sfL -H "Authorization: token $GITEA_TOKEN" "$REPO_URL" -o repo.tar.gz
else
curl -sfL "$REPO_URL" -o repo.tar.gz
fi
tar -xzf repo.tar.gz --strip-components=1
rm -f repo.tar.gz
- name: Install Rust
run: |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain stable --profile minimal
. "$HOME/.cargo/env"
rustup component add clippy
echo "$HOME/.cargo/bin" >> "$GITHUB_PATH"
- name: Install system dependencies
run: |
sudo apt-get update
sudo apt-get install -y libsystemd-dev pkg-config
- name: Run clippy
run: cargo clippy --all-targets --all-features -- -D warnings
test:
name: Unit Tests
runs-on: ubuntu-24.04
steps:
- name: Checkout repository
env:
GITEA_TOKEN: ${{ secrets.giteatoken }}
run: |
set -e
REPO_URL="https://gitea-lxc.moon-dragon.us/echo/linux_patch_api/archive/${GITHUB_SHA}.tar.gz"
echo "Downloading archive from $REPO_URL ..."
if [ -n "$GITEA_TOKEN" ]; then
curl -sfL -H "Authorization: token $GITEA_TOKEN" "$REPO_URL" -o repo.tar.gz
else
curl -sfL "$REPO_URL" -o repo.tar.gz
fi
tar -xzf repo.tar.gz --strip-components=1
rm -f repo.tar.gz
- name: Install Rust
run: |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain stable --profile minimal
. "$HOME/.cargo/env"
echo "$HOME/.cargo/bin" >> "$GITHUB_PATH"
- name: Install system dependencies
run: |
sudo apt-get update
sudo apt-get install -y libsystemd-dev pkg-config
- name: Run tests
run: cargo test --all-features
audit:
name: Security Audit
runs-on: ubuntu-24.04
steps:
- name: Checkout repository
env:
GITEA_TOKEN: ${{ secrets.giteatoken }}
run: |
set -e
REPO_URL="https://gitea-lxc.moon-dragon.us/echo/linux_patch_api/archive/${GITHUB_SHA}.tar.gz"
echo "Downloading archive from $REPO_URL ..."
if [ -n "$GITEA_TOKEN" ]; then
curl -sfL -H "Authorization: token $GITEA_TOKEN" "$REPO_URL" -o repo.tar.gz
else
curl -sfL "$REPO_URL" -o repo.tar.gz
fi
tar -xzf repo.tar.gz --strip-components=1
rm -f repo.tar.gz
- name: Install Rust
run: |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain stable --profile minimal
. "$HOME/.cargo/env"
echo "$HOME/.cargo/bin" >> "$GITHUB_PATH"
- name: Install system dependencies
run: |
sudo apt-get update
sudo apt-get install -y libsystemd-dev pkg-config
- name: Run cargo-audit
run: |
cargo install cargo-audit
cargo audit --ignore RUSTSEC-2025-0134
build-deb:
name: Build Debian Package
needs: [fmt, clippy, test]
runs-on: ubuntu-24.04
steps:
- name: Checkout repository
env:
GITEA_TOKEN: ${{ secrets.giteatoken }}
run: |
set -e
REPO_URL="https://gitea-lxc.moon-dragon.us/echo/linux_patch_api/archive/${GITHUB_SHA}.tar.gz"
echo "Downloading archive from $REPO_URL ..."
if [ -n "$GITEA_TOKEN" ]; then
curl -sfL -H "Authorization: token $GITEA_TOKEN" "$REPO_URL" -o repo.tar.gz
else
curl -sfL "$REPO_URL" -o repo.tar.gz
fi
tar -xzf repo.tar.gz --strip-components=1
rm -f repo.tar.gz
- name: Install Rust
run: |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain stable --profile minimal
. "$HOME/.cargo/env"
echo "$HOME/.cargo/bin" >> "$GITHUB_PATH"
- name: Install build dependencies
run: |
sudo apt-get update
sudo apt-get install -y build-essential debhelper pkg-config libsystemd-dev
- name: Build Debian package
run: sudo dpkg-buildpackage -us -uc -b
- name: Upload to Gitea Release
if: startsWith(github.ref, 'refs/tags/')
env:
GITEA_TOKEN: ${{ secrets.giteatoken }}
run: |
TAG_NAME=${GITHUB_REF#refs/tags/}
FILE=$(ls ../linux-patch-api_*.deb 2>/dev/null | head -1)
chmod +x scripts/upload-release.sh
./scripts/upload-release.sh "$TAG_NAME" "$FILE"
build-rpm:
name: Build RPM Package
needs: [fmt, clippy, test]
runs-on: fedora
steps:
- name: Checkout repository
env:
GITEA_TOKEN: ${{ secrets.giteatoken }}
run: |
set -e
REPO_URL="https://gitea-lxc.moon-dragon.us/echo/linux_patch_api/archive/${GITHUB_SHA}.tar.gz"
echo "Downloading archive from $REPO_URL ..."
if [ -n "$GITEA_TOKEN" ]; then
curl -sfL -H "Authorization: token $GITEA_TOKEN" "$REPO_URL" -o repo.tar.gz
else
curl -sfL "$REPO_URL" -o repo.tar.gz
fi
tar -xzf repo.tar.gz --strip-components=1
rm -f repo.tar.gz
- name: Install Rust
run: |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain stable --profile minimal
. "$HOME/.cargo/env"
echo "$HOME/.cargo/bin" >> "$GITHUB_PATH"
- name: Install build dependencies
run: sudo dnf install -y rpm-build gcc systemd-devel pkg-config
- name: Build release binary
run: cargo build --release
- name: Build RPM package
run: |
chmod +x build-rpm.sh
./build-rpm.sh
- name: Upload to Gitea Release
if: startsWith(github.ref, 'refs/tags/')
env:
GITEA_TOKEN: ${{ secrets.giteatoken }}
run: |
TAG_NAME=${GITHUB_REF#refs/tags/}
FILE=$(ls ~/rpmbuild/RPMS/x86_64/*.rpm 2>/dev/null | head -1)
chmod +x scripts/upload-release.sh
./scripts/upload-release.sh "$TAG_NAME" "$FILE"
build-apk:
name: Build Alpine Package
needs: [fmt, clippy, test]
runs-on: alpine
steps:
- name: Checkout repository
env:
GITEA_TOKEN: ${{ secrets.giteatoken }}
run: |
set -e
REPO_URL="https://gitea-lxc.moon-dragon.us/echo/linux_patch_api/archive/${GITHUB_SHA}.tar.gz"
echo "Downloading archive from $REPO_URL ..."
if [ -n "$GITEA_TOKEN" ]; then
curl -sfL -H "Authorization: token $GITEA_TOKEN" "$REPO_URL" -o repo.tar.gz
else
curl -sfL "$REPO_URL" -o repo.tar.gz
fi
tar -xzf repo.tar.gz --strip-components=1
rm -f repo.tar.gz
- name: Install Rust
run: |
apk add --no-cache curl bash
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain stable --profile minimal
. "$HOME/.cargo/env"
rustup target add x86_64-unknown-linux-musl
echo "$HOME/.cargo/bin" >> "$GITHUB_PATH"
- name: Install build dependencies
run: |
apk add --no-cache alpine-sdk rust cargo openssl-dev elogind-dev musl-dev git abuild gcc
- name: Build release binary
run: cargo build --release --target x86_64-unknown-linux-musl
- name: Build Alpine package
run: |
chmod +x build-alpine.sh
SKIP_CARGO_BUILD=1 ./build-alpine.sh
- name: Upload to Gitea Release
if: startsWith(github.ref, 'refs/tags/')
env:
GITEA_TOKEN: ${{ secrets.giteatoken }}
run: |
TAG_NAME=${GITHUB_REF#refs/tags/}
FILE=$(ls releases/*.apk 2>/dev/null | head -1)
chmod +x scripts/upload-release.sh
./scripts/upload-release.sh "$TAG_NAME" "$FILE"
build-arch:
name: Build Arch Package
needs: [fmt, clippy, test]
runs-on: arch
steps:
- name: Checkout repository
env:
GITEA_TOKEN: ${{ secrets.giteatoken }}
run: |
set -e
REPO_URL="https://gitea-lxc.moon-dragon.us/echo/linux_patch_api/archive/${GITHUB_SHA}.tar.gz"
echo "Downloading archive from $REPO_URL ..."
if [ -n "$GITEA_TOKEN" ]; then
curl -sfL -H "Authorization: token $GITEA_TOKEN" "$REPO_URL" -o repo.tar.gz
else
curl -sfL "$REPO_URL" -o repo.tar.gz
fi
tar -xzf repo.tar.gz --strip-components=1
rm -f repo.tar.gz
- name: Install Rust
run: |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain stable --profile minimal
. "$HOME/.cargo/env"
echo "$HOME/.cargo/bin" >> "$GITHUB_PATH"
- name: Install build dependencies
run: sudo pacman -Syu --noconfirm rust cargo systemd git base-devel
- name: Build release binary
run: cargo build --release
- name: Build Arch package
run: |
chmod +x build-arch.sh
SKIP_CARGO_BUILD=1 ./build-arch.sh
- name: Upload to Gitea Release
if: startsWith(github.ref, 'refs/tags/')
env:
GITEA_TOKEN: ${{ secrets.giteatoken }}
run: |
TAG_NAME=${GITHUB_REF#refs/tags/}
FILE=$(ls releases/*.pkg.tar.zst 2>/dev/null | head -1)
chmod +x scripts/upload-release.sh
./scripts/upload-release.sh "$TAG_NAME" "$FILE"
View Git Blame Copy Permalink