privacy-in-design/gitea-migration
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: address multiple bugs from code review

Browse Source 
- teardown_all.sh: replace `yes |` pipeline with `< <(yes)` process
  substitution to avoid SIGPIPE (exit 141) false failures under pipefail
- phase6_teardown.sh: extract push mirror `.id` instead of `.remote_name`
  to match the DELETE /push_mirrors/{id} API contract
- phase5_migrate_pipelines.sh: expand sed regex from `[a-z_]*` to
  `[a-z_.]*` to handle nested GitHub contexts like
  `github.event.pull_request.number`
- lib/common.sh: render_template now requires explicit variable list to
  prevent envsubst from eating Nginx variables ($host, $proxy_add_...)
- backup scripts: remove MacBook relay, use direct Unraid↔Fedora SCP;
  fix dump path to write to /data/ (mounted volume) instead of /tmp/
  (container-only); add unzip -t integrity verification
- preflight.sh: add --skip-port-checks flag for resuming with
  --start-from (ports already bound by earlier phases)
- run_all.sh: update run_step to pass extra args; use --skip-port-checks
  when --start-from > 1
- post-checks (phase4/7/9): wrap API calls in helper functions with
  >/dev/null redirection instead of passing -o /dev/null as API data
- phase8: replace GitHub archiving with [MIRROR] description marking
  and disable wiki/projects/Pages (archived repos reject push mirrors)
- restore_to_primary.sh: add require_vars for Fedora SSH variables

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
S
2026-02-28 20:18:35 -05:00
parent 07d27f7a9c
commit dc08375ad0
18 changed files with 199 additions and 133 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
phase9_post_check.sh
View File

@@ -38,8 +38,10 @@ for repo in "${REPOS[@]}"; do
log_info "--- Checking repo: ${repo} ---"
# Check 1: security-scan.yml exists
run_check "security-scan.yml exists in ${repo}" \
gitea_api GET "/repos/${GITEA_ORG_NAME}/${repo}/contents/.gitea/workflows/security-scan.yml" -o /dev/null
check_workflow_exists() {
gitea_api GET "/repos/${GITEA_ORG_NAME}/$1/contents/.gitea/workflows/security-scan.yml" >/dev/null
}
run_check "security-scan.yml exists in ${repo}" check_workflow_exists "$repo"
# Check 2: Branch protection includes security checks (if required)
if [[ "$SECURITY_FAIL_ON_ERROR" == "true" ]]; then