From 61b46eb8767b7d7cd15ed1d4a42a669ad07024aa Mon Sep 17 00:00:00 2001 From: S Date: Sun, 1 Mar 2026 12:15:16 -0500 Subject: [PATCH] fix: handle per-repo failures in phase9 instead of aborting Previously, a failure on any repo (clone, commit, push) would kill the entire script via set -e. Remaining repos were never processed and the FAILED counter was always 0. Now clone and commit/push failures increment FAILED and continue to the next repo, matching the pattern used in phase4_migrate_repos.sh. Co-Authored-By: Claude Opus 4.6 --- phase9_security.sh | 25 +++++++++++++++++-------- 1 file changed, 17 insertions(+), 8 deletions(-) diff --git a/phase9_security.sh b/phase9_security.sh index 79a9651..72ac48d 100755 --- a/phase9_security.sh +++ b/phase9_security.sh @@ -92,7 +92,11 @@ for repo in "${REPOS[@]}"; do REPO_URL="${GITEA_BASE_URL}/${GITEA_ORG_NAME}/${repo}.git" log_info "Cloning ${repo}..." - git_with_auth git clone -q "$REPO_URL" "$CLONE_DIR" + if ! git_with_auth git clone -q "$REPO_URL" "$CLONE_DIR"; then + log_error "Failed to clone ${repo}" + FAILED=$((FAILED + 1)) + continue + fi # ------------------------------------------------------------------------- # Step 2: Render security workflow template @@ -109,13 +113,18 @@ for repo in "${REPOS[@]}"; do # ------------------------------------------------------------------------- # Step 3: Commit and push # ------------------------------------------------------------------------- - cd "$CLONE_DIR" - git config user.name "Gitea Migration" - git config user.email "migration@gitea.local" - git add .gitea/workflows/security-scan.yml - git commit -q -m "Add security scanning workflow (Semgrep + Trivy + Gitleaks)" - git_with_auth git push -q origin HEAD - cd "$SCRIPT_DIR" + if ! ( + cd "$CLONE_DIR" + git config user.name "Gitea Migration" + git config user.email "migration@gitea.local" + git add .gitea/workflows/security-scan.yml + git commit -q -m "Add security scanning workflow (Semgrep + Trivy + Gitleaks)" + git_with_auth git push -q origin HEAD + ); then + log_error "Failed to commit/push security workflow to ${repo}" + FAILED=$((FAILED + 1)) + continue + fi log_success "Security workflow deployed to ${repo}"