diff --git a/.gitea/workflows/secrets.yml b/.gitea/workflows/secrets.yml index 725f93f..bd96ec0 100644 --- a/.gitea/workflows/secrets.yml +++ b/.gitea/workflows/secrets.yml @@ -122,14 +122,15 @@ jobs: git push origin "$tag" # ── Release(可选,需配置 RELEASE_TOKEN)─────────────────────────── - - name: 创建并发布 Release + - name: Upsert Release if: env.RELEASE_TOKEN != '' env: RELEASE_TOKEN: ${{ secrets.RELEASE_TOKEN }} run: | tag="${{ steps.ver.outputs.tag }}" version="${{ steps.ver.outputs.version }}" - release_api="${{ github.server_url }}/api/v1/repos/${{ github.repository }}/releases" + api="${{ github.server_url }}/api/v1/repos/${{ github.repository }}/releases" + auth="Authorization: token $RELEASE_TOKEN" previous_tag=$(git tag --list 'secrets-mcp-*' --sort=-v:refname | awk -v t="$tag" '$0 != t { print; exit }') if [ -n "$previous_tag" ]; then @@ -140,60 +141,29 @@ jobs: [ -z "$changes" ] && changes="- 首次发布" body=$(printf '## 变更日志\n\n%s' "$changes") - meta=$(jq -n \ - --arg name "secrets-mcp ${version}" \ - --arg body "$body" \ - '{name: $name, body: $body, draft: false}') - - # 若已存在同名 Release,PATCH 更新(避免 DELETE+POST 触发唯一约束冲突) - existing_code=$(curl -sS -o /tmp/existing-release.json -w '%{http_code}' \ - -H "Authorization: token $RELEASE_TOKEN" \ - "${release_api}/tags/${tag}") - - if [ "$existing_code" = "200" ]; then - release_id=$(jq -r '.id // empty' /tmp/existing-release.json) - http_code=$(curl -sS -o /tmp/release.json -w '%{http_code}' \ - -H "Authorization: token $RELEASE_TOKEN" \ - -H "Content-Type: application/json" \ - -X PATCH "${release_api}/${release_id}" -d "$meta") - echo "已更新旧 Release: ${release_id} (HTTP ${http_code})" - - # 删除旧 assets,上传前清空 - jq -r '.[].id' <<< "$(curl -sS \ - -H "Authorization: token $RELEASE_TOKEN" \ - "${release_api}/${release_id}/assets")" | while read -r aid; do - curl -sS -o /dev/null \ - -H "Authorization: token $RELEASE_TOKEN" \ - -X DELETE "${release_api}/${release_id}/assets/${aid}" - done + # Upsert: 存在 → PATCH + 清旧 assets;不存在 → POST + release_id=$(curl -sS -H "$auth" "${api}/tags/${tag}" 2>/dev/null | jq -r '.id // empty') + if [ -n "$release_id" ]; then + curl -sS -o /dev/null -H "$auth" -H "Content-Type: application/json" \ + -X PATCH "${api}/${release_id}" \ + -d "$(jq -n --arg n "secrets-mcp ${version}" --arg b "$body" '{name:$n,body:$b,draft:false}')" + curl -sS -H "$auth" "${api}/${release_id}/assets" | \ + jq -r '.[].id' | xargs -I{} curl -sS -o /dev/null -H "$auth" -X DELETE "${api}/${release_id}/assets/{}" + echo "已更新 Release ${release_id}" else - # 首次创建 - create_payload=$(jq -n \ - --arg tag "$tag" \ - --arg name "secrets-mcp ${version}" \ - --arg body "$body" \ - '{tag_name: $tag, name: $name, body: $body, draft: false}') - http_code=$(curl -sS -o /tmp/release.json -w '%{http_code}' \ - -H "Authorization: token $RELEASE_TOKEN" \ - -H "Content-Type: application/json" \ - -X POST "$release_api" -d "$create_payload") - if [ "$http_code" != "201" ] && [ "$http_code" != "200" ]; then - echo "创建 Release 失败 (HTTP ${http_code})" - cat /tmp/release.json || true - exit 1 - fi - release_id=$(jq -r '.id' /tmp/release.json) - echo "已创建 Release: ${release_id}" + release_id=$(curl -fsS -H "$auth" -H "Content-Type: application/json" \ + -X POST "$api" \ + -d "$(jq -n --arg t "$tag" --arg n "secrets-mcp ${version}" --arg b "$body" \ + '{tag_name:$t,name:$n,body:$b,draft:false}')" | jq -r '.id') + echo "已创建 Release ${release_id}" fi bin="target/${MUSL_TARGET}/release/${MCP_BINARY}" archive="${MCP_BINARY}-${tag}-x86_64-linux-musl.tar.gz" tar -czf "$archive" -C "$(dirname "$bin")" "$(basename "$bin")" sha256sum "$archive" > "${archive}.sha256" - - asset_url="${{ github.server_url }}/api/v1/repos/${{ github.repository }}/releases/${release_id}/assets" - curl -fsS -H "Authorization: token $RELEASE_TOKEN" -F "attachment=@${archive}" "$asset_url" - curl -fsS -H "Authorization: token $RELEASE_TOKEN" -F "attachment=@${archive}.sha256" "$asset_url" + curl -fsS -H "$auth" -F "attachment=@${archive}" "${api}/${release_id}/assets" + curl -fsS -H "$auth" -F "attachment=@${archive}.sha256" "${api}/${release_id}/assets" echo "Release ${tag} 已发布" # ── 飞书汇总通知 ─────────────────────────────────────────────────────