袁震
113 lines
3.5 KiB
YAML
113 lines
3.5 KiB
YAML
name: Publish Rules To External Repo
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
publish:
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Validate required secrets
|
|
id: preflight
|
|
shell: bash
|
|
run: |
|
|
missing=0
|
|
for key in GITEA_BASE_URL GITEA_TOKEN TARGET_OWNER TARGET_REPO; do
|
|
if [ -z "${!key}" ]; then
|
|
echo "Missing required secret: $key" >&2
|
|
missing=1
|
|
fi
|
|
done
|
|
if [ "$missing" -ne 0 ]; then
|
|
echo "skip=true" >> "$GITHUB_OUTPUT"
|
|
exit 0
|
|
fi
|
|
echo "skip=false" >> "$GITHUB_OUTPUT"
|
|
env:
|
|
GITEA_BASE_URL: ${{ secrets.GITEA_BASE_URL }}
|
|
GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
|
|
TARGET_OWNER: ${{ secrets.TARGET_OWNER }}
|
|
TARGET_REPO: ${{ secrets.TARGET_REPO }}
|
|
|
|
- name: Checkout generator repo
|
|
if: steps.preflight.outputs.skip != 'true'
|
|
uses: actions/checkout@v4
|
|
with:
|
|
github-server-url: https://git.halonice.com
|
|
|
|
- name: Setup Python
|
|
if: steps.preflight.outputs.skip != 'true'
|
|
uses: actions/setup-python@v5
|
|
with:
|
|
python-version: "3.11"
|
|
|
|
- name: Sync upstream Surge source
|
|
if: steps.preflight.outputs.skip != 'true'
|
|
shell: bash
|
|
run: |
|
|
UPSTREAM_REF="${UPSTREAM_REF:-master}"
|
|
bash scripts/sync_surge_full.sh
|
|
env:
|
|
UPSTREAM_REF: ${{ vars.UPSTREAM_REF }}
|
|
|
|
- name: Generate rules
|
|
if: steps.preflight.outputs.skip != 'true'
|
|
env:
|
|
GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
|
|
run: |
|
|
if [ -f config.toml ]; then
|
|
python3 main.py --config config.toml
|
|
else
|
|
python3 main.py --config config.json
|
|
fi
|
|
|
|
- name: Publish dist to target repo branch
|
|
if: steps.preflight.outputs.skip != 'true'
|
|
shell: bash
|
|
run: |
|
|
set -euo pipefail
|
|
|
|
target_branch="${TARGET_BRANCH:-main}"
|
|
base="${GITEA_BASE_URL%/}"
|
|
if [[ "$base" == https://* ]]; then
|
|
auth_url="https://${GITEA_TOKEN}@${base#https://}"
|
|
elif [[ "$base" == http://* ]]; then
|
|
auth_url="http://${GITEA_TOKEN}@${base#http://}"
|
|
else
|
|
echo "GITEA_BASE_URL must start with http:// or https://" >&2
|
|
exit 1
|
|
fi
|
|
remote_url="${auth_url}/${TARGET_OWNER}/${TARGET_REPO}.git"
|
|
|
|
rm -rf /tmp/rules-publish
|
|
git clone --depth=1 --branch "$target_branch" "$remote_url" /tmp/rules-publish || {
|
|
git clone --depth=1 "$remote_url" /tmp/rules-publish
|
|
cd /tmp/rules-publish
|
|
git checkout -b "$target_branch"
|
|
cd -
|
|
}
|
|
|
|
rsync -a --delete dist/ /tmp/rules-publish/
|
|
|
|
cd /tmp/rules-publish
|
|
if [ -n "$(git status --porcelain)" ]; then
|
|
git config user.name "gitea-actions[bot]"
|
|
git config user.email "gitea-actions@localhost"
|
|
git add .
|
|
git commit -m "chore: publish generated rules"
|
|
git push origin "$target_branch"
|
|
echo "Published to ${TARGET_OWNER}/${TARGET_REPO}@${target_branch}"
|
|
else
|
|
echo "No publish changes"
|
|
fi
|
|
env:
|
|
GITEA_BASE_URL: ${{ secrets.GITEA_BASE_URL }}
|
|
GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
|
|
TARGET_OWNER: ${{ secrets.TARGET_OWNER }}
|
|
TARGET_REPO: ${{ secrets.TARGET_REPO }}
|
|
TARGET_BRANCH: ${{ vars.TARGET_BRANCH }}
|