alexei.dolgolyov/claude-code-facts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: rename GITEA_TOKEN to DEPLOY_TOKEN

Browse Source 
GITEA_TOKEN is a reserved name in Gitea — the UI and API reject it
when creating secrets. Use DEPLOY_TOKEN instead.
This commit is contained in:
Admin
2026-03-25 14:37:26 +03:00
parent c435a5cf0a
commit 985200691d
1 changed files with 10 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files
gitea-python-ci-cd.md
+10 -10
View File
@@ -6,7 +6,7 @@ A reusable reference for building CI pipelines, release automation, and installe
- Gitea instance with Actions enabled - Gitea instance with Actions enabled
- Runner(s) tagged `ubuntu-latest` (e.g., TrueNAS-hosted Gitea runners) - Runner(s) tagged `ubuntu-latest` (e.g., TrueNAS-hosted Gitea runners)
- `GITEA_TOKEN` secret configured in the repository (Settings > Secrets) - `DEPLOY_TOKEN` secret configured in the repository (Settings > Secrets). **Do NOT use `DEPLOY_TOKEN`** — it is a reserved name in Gitea and will be rejected by the UI and API.
## Pipeline Architecture ## Pipeline Architecture
@@ -91,7 +91,7 @@ create-release:
- name: Create Gitea release - name: Create Gitea release
id: create id: create
env: env:
GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }} DEPLOY_TOKEN: ${{ secrets.DEPLOY_TOKEN }}
run: | run: |
TAG="${{ gitea.ref_name }}" TAG="${{ gitea.ref_name }}"
BASE_URL="${{ gitea.server_url }}/api/v1/repos/${{ gitea.repository }}" BASE_URL="${{ gitea.server_url }}/api/v1/repos/${{ gitea.repository }}"
@@ -117,7 +117,7 @@ create-release:
") ")
RELEASE=$(curl -s -X POST "\$BASE_URL/releases" \ RELEASE=$(curl -s -X POST "\$BASE_URL/releases" \
-H "Authorization: token \$GITEA_TOKEN" \ -H "Authorization: token \$DEPLOY_TOKEN" \
-H "Content-Type: application/json" \ -H "Content-Type: application/json" \
-d "{ -d "{
\"tag_name\": \"\$TAG\", \"tag_name\": \"\$TAG\",
@@ -132,7 +132,7 @@ create-release:
if [ -z "\$RELEASE_ID" ]; then if [ -z "\$RELEASE_ID" ]; then
echo "::warning::Release already exists for tag \$TAG — reusing existing release" echo "::warning::Release already exists for tag \$TAG — reusing existing release"
RELEASE=$(curl -s "\$BASE_URL/releases/tags/\$TAG" \ RELEASE=$(curl -s "\$BASE_URL/releases/tags/\$TAG" \
-H "Authorization: token \$GITEA_TOKEN") -H "Authorization: token \$DEPLOY_TOKEN")
RELEASE_ID=$(echo "\$RELEASE" | python3 -c "import sys,json; print(json.load(sys.stdin)['id'])") RELEASE_ID=$(echo "\$RELEASE" | python3 -c "import sys,json; print(json.load(sys.stdin)['id'])")
fi fi
echo "release_id=\$RELEASE_ID" >> "\$GITHUB_OUTPUT" echo "release_id=\$RELEASE_ID" >> "\$GITHUB_OUTPUT"
@@ -173,7 +173,7 @@ build-docker:
```yaml ```yaml
- name: Attach assets to release - name: Attach assets to release
env: env:
GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }} DEPLOY_TOKEN: ${{ secrets.DEPLOY_TOKEN }}
run: | run: |
RELEASE_ID="${{ needs.create-release.outputs.release_id }}" RELEASE_ID="${{ needs.create-release.outputs.release_id }}"
BASE_URL="${{ gitea.server_url }}/api/v1/repos/${{ gitea.repository }}" BASE_URL="${{ gitea.server_url }}/api/v1/repos/${{ gitea.repository }}"
@@ -184,18 +184,18 @@ build-docker:
# Delete existing asset with the same name (prevents duplicates on re-run) # Delete existing asset with the same name (prevents duplicates on re-run)
EXISTING_ID=$(curl -s "$BASE_URL/releases/$RELEASE_ID/assets" \ EXISTING_ID=$(curl -s "$BASE_URL/releases/$RELEASE_ID/assets" \
-H "Authorization: token $GITEA_TOKEN" \ -H "Authorization: token $DEPLOY_TOKEN" \
| python3 -c "import sys,json; assets=json.load(sys.stdin); print(next((str(a['id']) for a in assets if a['name']=='$NAME'),''))" 2>/dev/null) | python3 -c "import sys,json; assets=json.load(sys.stdin); print(next((str(a['id']) for a in assets if a['name']=='$NAME'),''))" 2>/dev/null)
if [ -n "$EXISTING_ID" ]; then if [ -n "$EXISTING_ID" ]; then
curl -s -X DELETE "$BASE_URL/releases/$RELEASE_ID/assets/$EXISTING_ID" \ curl -s -X DELETE "$BASE_URL/releases/$RELEASE_ID/assets/$EXISTING_ID" \
-H "Authorization: token $GITEA_TOKEN" -H "Authorization: token $DEPLOY_TOKEN"
echo "Replaced existing asset: $NAME" echo "Replaced existing asset: $NAME"
fi fi
curl -s -X POST \ curl -s -X POST \
"$BASE_URL/releases/$RELEASE_ID/assets?name=$NAME" \ "$BASE_URL/releases/$RELEASE_ID/assets?name=$NAME" \
-H "Authorization: token $GITEA_TOKEN" \ -H "Authorization: token $DEPLOY_TOKEN" \
-H "Content-Type: application/octet-stream" \ -H "Content-Type: application/octet-stream" \
--data-binary "@$FILE" --data-binary "@$FILE"
echo "Uploaded: $NAME" echo "Uploaded: $NAME"
@@ -532,7 +532,7 @@ CMD ["uvicorn", "your_package.main:app", "--host", "0.0.0.0", "--port", "8080"]
id: docker-login id: docker-login
continue-on-error: true # Graceful degradation if registry unavailable continue-on-error: true # Graceful degradation if registry unavailable
run: | run: |
echo "${{ secrets.GITEA_TOKEN }}" | docker login \ echo "${{ secrets.DEPLOY_TOKEN }}" | docker login \
"$SERVER_HOST" -u "${{ gitea.actor }}" --password-stdin "$SERVER_HOST" -u "${{ gitea.actor }}" --password-stdin
- name: Build and tag - name: Build and tag
@@ -822,7 +822,7 @@ cd "$APP_ROOT" && exec ./run.sh
- [ ] Create `.gitea/workflows/test.yml` — lint + test on push/PR - [ ] Create `.gitea/workflows/test.yml` — lint + test on push/PR
- [ ] Create `.gitea/workflows/release.yml` — build + release on `v*` tag - [ ] Create `.gitea/workflows/release.yml` — build + release on `v*` tag
- [ ] Add `GITEA_TOKEN` secret to repository - [ ] Add `DEPLOY_TOKEN` secret to repository
- [ ] Set up version detection in build scripts (tag → env → source) - [ ] Set up version detection in build scripts (tag → env → source)
- [ ] Set up `importlib.metadata` version in `__init__.py` (section 10.1) - [ ] Set up `importlib.metadata` version in `__init__.py` (section 10.1)
- [ ] Add `sed` version stamp step in build scripts (section 10.2) - [ ] Add `sed` version stamp step in build scripts (section 10.2)