Merge pull request 'ci: unify REGISTRY_TOKEN + RELEASE_TOKEN into CI_TOKEN' (#36) from dev into main

This commit was merged in pull request #36.
This commit is contained in:
2026-05-11 01:45:01 +00:00
2 changed files with 9 additions and 8 deletions
+6 -5
View File
@@ -87,14 +87,15 @@ jobs:
if: startsWith(github.ref, 'refs/tags/v') if: startsWith(github.ref, 'refs/tags/v')
shell: bash shell: bash
env: env:
RELEASE_TOKEN: ${{ secrets.RELEASE_TOKEN }} CI_TOKEN: ${{ secrets.CI_TOKEN }}
run: | run: |
TAG="${GITHUB_REF#refs/tags/}" TAG="${GITHUB_REF#refs/tags/}"
REPO="${GITHUB_REPOSITORY}" REPO="${GITHUB_REPOSITORY}"
# Look up the release ID for this tag (release must exist already; # Look up the release ID for this tag. The release object must
# release.yml creates it as part of the server-side release flow). # exist already — operator creates it (or release.yml will, in
# a future enhancement) before pushing the tag.
RELEASE_ID=$(curl -fsSL \ RELEASE_ID=$(curl -fsSL \
-H "Authorization: token ${RELEASE_TOKEN}" \ -H "Authorization: token ${CI_TOKEN}" \
"https://git.fabledsword.com/api/v1/repos/${REPO}/releases/tags/${TAG}" \ "https://git.fabledsword.com/api/v1/repos/${REPO}/releases/tags/${TAG}" \
| grep -oP '"id":\s*\K[0-9]+' | head -1) | grep -oP '"id":\s*\K[0-9]+' | head -1)
if [ -z "${RELEASE_ID}" ]; then if [ -z "${RELEASE_ID}" ]; then
@@ -102,6 +103,6 @@ jobs:
exit 1 exit 1
fi fi
curl -fsSL \ curl -fsSL \
-H "Authorization: token ${RELEASE_TOKEN}" \ -H "Authorization: token ${CI_TOKEN}" \
-F "attachment=@build/app/outputs/flutter-apk/app-release.apk" \ -F "attachment=@build/app/outputs/flutter-apk/app-release.apk" \
"https://git.fabledsword.com/api/v1/repos/${REPO}/releases/${RELEASE_ID}/assets?name=minstrel-${TAG}.apk" "https://git.fabledsword.com/api/v1/repos/${REPO}/releases/${RELEASE_ID}/assets?name=minstrel-${TAG}.apk"
+3 -3
View File
@@ -60,7 +60,7 @@ jobs:
if: steps.guard.outputs.ready == 'true' if: steps.guard.outputs.ready == 'true'
shell: bash shell: bash
run: | run: |
echo "${{ secrets.REGISTRY_TOKEN }}" \ echo "${{ secrets.CI_TOKEN }}" \
| docker login git.fabledsword.com -u "${{ github.actor }}" --password-stdin | docker login git.fabledsword.com -u "${{ github.actor }}" --password-stdin
# In-app update flow (#397): on tag pushes only, fetch the APK # In-app update flow (#397): on tag pushes only, fetch the APK
@@ -72,14 +72,14 @@ jobs:
if: steps.guard.outputs.ready == 'true' && startsWith(github.ref, 'refs/tags/v') if: steps.guard.outputs.ready == 'true' && startsWith(github.ref, 'refs/tags/v')
shell: bash shell: bash
env: env:
RELEASE_TOKEN: ${{ secrets.RELEASE_TOKEN }} CI_TOKEN: ${{ secrets.CI_TOKEN }}
run: | run: |
TAG="${GITHUB_REF#refs/tags/}" TAG="${GITHUB_REF#refs/tags/}"
REPO="${GITHUB_REPOSITORY}" REPO="${GITHUB_REPOSITORY}"
APK_URL="https://git.fabledsword.com/${REPO}/releases/download/${TAG}/minstrel-${TAG}.apk" APK_URL="https://git.fabledsword.com/${REPO}/releases/download/${TAG}/minstrel-${TAG}.apk"
echo "Polling ${APK_URL} (up to 15 min for flutter.yml to attach)..." echo "Polling ${APK_URL} (up to 15 min for flutter.yml to attach)..."
for i in $(seq 1 30); do for i in $(seq 1 30); do
if curl -fsSL -H "Authorization: token ${RELEASE_TOKEN}" \ if curl -fsSL -H "Authorization: token ${CI_TOKEN}" \
-o client/minstrel.apk "$APK_URL"; then -o client/minstrel.apk "$APK_URL"; then
echo "Got APK on attempt $i" echo "Got APK on attempt $i"
echo "${TAG}" > client/minstrel.apk.version echo "${TAG}" > client/minstrel.apk.version