ci: 修复覆盖重发时 Release 唯一约束冲突

DELETE + POST 同名 release 会触发 Gitea 的 UQE_release_n 约束。改为：已有 release → PATCH 更新 name/body，再逐个删除旧 assets 后重传；无 release → 正常 POST 新建。 Made-with: Cursor
2026-03-21 11:33:45 +08:00
parent 90cd1eca15
commit c815fb4cc8
1 changed files with 36 additions and 21 deletions
--- a/.gitea/workflows/secrets.yml
+++ b/.gitea/workflows/secrets.yml
@@ -140,36 +140,51 @@ jobs:
          [ -z "$changes" ] && changes="- 首次发布"
          body=$(printf '## 变更日志\n\n%s' "$changes")

-          payload=$(jq -n \
+          meta=$(jq -n \
+            --arg name "secrets-mcp ${version}" \
+            --arg body "$body" \
+            '{name: $name, body: $body, draft: false}')
+
+          # 若已存在同名 Release，PATCH 更新（避免 DELETE+POST 触发唯一约束冲突）
+          existing_code=$(curl -sS -o /tmp/existing-release.json -w '%{http_code}' \
+            -H "Authorization: token $RELEASE_TOKEN" \
+            "${release_api}/tags/${tag}")
+
+          if [ "$existing_code" = "200" ]; then
+            release_id=$(jq -r '.id // empty' /tmp/existing-release.json)
+            http_code=$(curl -sS -o /tmp/release.json -w '%{http_code}' \
+              -H "Authorization: token $RELEASE_TOKEN" \
+              -H "Content-Type: application/json" \
+              -X PATCH "${release_api}/${release_id}" -d "$meta")
+            echo "已更新旧 Release: ${release_id} (HTTP ${http_code})"
+
+            # 删除旧 assets，上传前清空
+            jq -r '.[].id' <<< "$(curl -sS \
+              -H "Authorization: token $RELEASE_TOKEN" \
+              "${release_api}/${release_id}/assets")" | while read -r aid; do
+              curl -sS -o /dev/null \
+                -H "Authorization: token $RELEASE_TOKEN" \
+                -X DELETE "${release_api}/${release_id}/assets/${aid}"
+            done
+          else
+            # 首次创建
+            create_payload=$(jq -n \
              --arg tag "$tag" \
              --arg name "secrets-mcp ${version}" \
              --arg body "$body" \
              '{tag_name: $tag, name: $name, body: $body, draft: false}')
-
-          # 若已存在同名 Release 则先删除（覆盖重发）
-          existing_code=$(curl -sS -o /tmp/existing-release.json -w '%{http_code}' \
-            -H "Authorization: token $RELEASE_TOKEN" \
-            "${release_api}/tags/${tag}")
-          if [ "$existing_code" = "200" ]; then
-            old_id=$(jq -r '.id // empty' /tmp/existing-release.json)
-            if [ -n "$old_id" ]; then
-              curl -sS -o /dev/null -H "Authorization: token $RELEASE_TOKEN" \
-                -X DELETE "${release_api}/${old_id}"
-              echo "已删除旧 Release: ${old_id}"
-            fi
-          fi
-
            http_code=$(curl -sS -o /tmp/release.json -w '%{http_code}' \
              -H "Authorization: token $RELEASE_TOKEN" \
              -H "Content-Type: application/json" \
-            -X POST "$release_api" -d "$payload")
-
+              -X POST "$release_api" -d "$create_payload")
            if [ "$http_code" != "201" ] && [ "$http_code" != "200" ]; then
              echo "创建 Release 失败 (HTTP ${http_code})"
              cat /tmp/release.json || true
              exit 1
            fi
            release_id=$(jq -r '.id' /tmp/release.json)
+            echo "已创建 Release: ${release_id}"
+          fi

          bin="target/${MUSL_TARGET}/release/${MCP_BINARY}"
          archive="${MCP_BINARY}-${tag}-x86_64-linux-musl.tar.gz"