refining/secrets
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 61 Wiki Activity

ci: fix release 401 handling and notify based on actual results
Some checks failed
Secrets CLI - Build & Release / 版本 & Release (push) Successful in 2s
Details
Secrets CLI - Build & Release / 探测 Runner (push) Successful in 1s
Details
Secrets CLI - Build & Release / 质量检查 (fmt / clippy / test) (push) Successful in 22s
Details
Secrets CLI - Build & Release / Build (aarch64-apple-darwin) (push) Successful in 18s
Details
Secrets CLI - Build & Release / Build (x86_64-unknown-linux-musl) (push) Successful in 27s
Details
Secrets CLI - Build & Release / 通知 (push) Has been cancelled
Details
Secrets CLI - Build & Release / Build (x86_64-pc-windows-msvc) (push) Has been cancelled
Details

Browse Source 
- Replace curl -fsS with HTTP status code checking to avoid hard failures on 401/404
- Release creation failure no longer blocks the entire workflow, just skips asset upload
- Notification now depends on all jobs and reports actual success/failure per platform

Made-with: Cursor
This commit is contained in:
voson
2026-03-18 15:04:07 +08:00
parent 010001a4f4
commit 2ad1abe846
1 changed files with 52 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

80
.gitea/workflows/secrets.yml
View File

@@ -79,13 +79,18 @@ jobs:
tag="${{ steps.ver.outputs.tag }}" tag="${{ steps.ver.outputs.tag }}"
version="${{ steps.ver.outputs.version }}" version="${{ steps.ver.outputs.version }}"
release_api="${{ github.server_url }}/api/v1/repos/${{ github.repository }}/releases" release_api="${{ github.server_url }}/api/v1/repos/${{ github.repository }}/releases"
existing_release=$(curl -fsS -H "Authorization: token $RELEASE_TOKEN" \
"${release_api}/tags/${tag}" || true)
release_id=$(printf '%s' "$existing_release" | jq -r '.id // empty')
if [ -n "$release_id" ]; then http_code=$(curl -sS -o /tmp/release.json -w '%{http_code}' \
echo "release_id=${release_id}" >> "$GITHUB_OUTPUT" -H "Authorization: token $RELEASE_TOKEN" \
exit 0 "${release_api}/tags/${tag}")
if [ "$http_code" = "200" ]; then
release_id=$(jq -r '.id // empty' /tmp/release.json)
if [ -n "$release_id" ]; then
echo "已找到现有 Release: ${release_id}"
echo "release_id=${release_id}" >> "$GITHUB_OUTPUT"
exit 0
fi
fi fi
previous_tag="${{ steps.ver.outputs.previous_tag }}" previous_tag="${{ steps.ver.outputs.previous_tag }}"
@@ -94,34 +99,34 @@ jobs:
else else
changes=$(git log --pretty=format:'- %s (%h)') changes=$(git log --pretty=format:'- %s (%h)')
fi fi
if [ -z "$changes" ]; then [ -z "$changes" ] && changes="- 首次发布"
changes="- 首次发布"
fi
cat > release-body.md <<EOF body=$(printf '## 变更日志\n\n%s' "$changes")
## 变更日志
${changes}
EOF
payload=$(jq -n \ payload=$(jq -n \
--arg tag "$tag" \ --arg tag "$tag" \
--arg name "${{ env.BINARY_NAME }} ${version}" \ --arg name "${{ env.BINARY_NAME }} ${version}" \
--rawfile body release-body.md \ --arg body "$body" \
'{tag_name: $tag, name: $name, body: $body}') '{tag_name: $tag, name: $name, body: $body}')
response=$(curl -fsS -H "Authorization: token $RELEASE_TOKEN" \ http_code=$(curl -sS -o /tmp/create-release.json -w '%{http_code}' \
-H "Authorization: token $RELEASE_TOKEN" \
-H "Content-Type: application/json" \ -H "Content-Type: application/json" \
-X POST "$release_api" \ -X POST "$release_api" \
-d "$payload") -d "$payload")
release_id=$(printf '%s' "$response" | jq -r '.id // empty')
if [ -z "$release_id" ]; then if [ "$http_code" = "201" ] || [ "$http_code" = "200" ]; then
echo "创建 Release 失败" release_id=$(jq -r '.id // empty' /tmp/create-release.json)
exit 1
fi fi
echo "release_id=${release_id}" >> "$GITHUB_OUTPUT" if [ -n "$release_id" ]; then
echo "已创建 Release: ${release_id}"
echo "release_id=${release_id}" >> "$GITHUB_OUTPUT"
else
echo "⚠ 创建 Release 失败 (HTTP ${http_code}),跳过产物上传"
cat /tmp/create-release.json 2>/dev/null || true
echo "release_id=" >> "$GITHUB_OUTPUT"
fi
probe-runners: probe-runners:
name: 探测 Runner name: 探测 Runner
@@ -375,7 +380,7 @@ jobs:
notify: notify:
name: 通知 name: 通知
needs: [version, probe-runners] needs: [version, probe-runners, check, build-linux, build-macos, build-windows]
if: always() && github.event_name == 'push' if: always() && github.event_name == 'push'
runs-on: debian runs-on: debian
timeout-minutes: 1 timeout-minutes: 1
@@ -395,21 +400,40 @@ jobs:
commit=$(git log -1 --pretty=format:"%s" 2>/dev/null || echo "N/A") commit=$(git log -1 --pretty=format:"%s" 2>/dev/null || echo "N/A")
url="${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_number }}" url="${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_number }}"
msg="${{ env.BINARY_NAME }} 通知" version_r="${{ needs.version.result }}"
check_r="${{ needs.check.result }}"
linux_r="${{ needs.build-linux.result }}"
macos_r="${{ needs.build-macos.result }}"
windows_r="${{ needs.build-windows.result }}"
if [ "$version_r" = "success" ] && [ "$check_r" = "success" ]; then
status="构建成功 ✅"
else
status="构建失败 ❌"
fi
icon() {
case "$1" in
success) echo "✅" ;;
skipped) echo "⏭" ;;
*) echo "❌" ;;
esac
}
msg="${{ env.BINARY_NAME }} ${status}"
if [ "$tag_exists" = "false" ]; then if [ "$tag_exists" = "false" ]; then
msg="${msg} msg="${msg}
🆕 已创建版本标签并开始构建发布" 🆕 新版本 ${tag}"
else else
msg="${msg} msg="${msg}
🔄 检测到已有版本标签,已开始重复构建" 🔄 重复构建 ${tag}"
fi fi
msg="${msg} msg="${msg}
Runner 可用性linux=${{ needs.probe-runners.outputs.has_linux }}, macOS=${{ needs.probe-runners.outputs.has_macos }}, windows=${{ needs.probe-runners.outputs.has_windows }} 构建结果linux$(icon "$linux_r") macOS$(icon "$macos_r") windows$(icon "$windows_r")
提交:${commit} 提交:${commit}
版本:${tag}
作者:${{ github.actor }} 作者:${{ github.actor }}
详情:${url}" 详情:${url}"
payload=$(jq -n --arg text "$msg" '{msg_type: "text", content: {text: $text}}') payload=$(jq -n --arg text "$msg" '{msg_type: "text", content: {text: $text}}')
curl -fsS -H "Content-Type: application/json" -X POST -d "$payload" "$WEBHOOK_URL" curl -sS -H "Content-Type: application/json" -X POST -d "$payload" "$WEBHOOK_URL"