gitcaddy/GitCaddy Server
Limited
2
0
Fork 0
Code Issues Releases 14
Files
main
gitcaddy-server/scripts/sync-vault.sh
logikonline 324c2f5f37
Some checks failed
Build and Release / Create Release (push) Successful in 0s
Details
Build and Release / Unit Tests (push) Successful in 3m24s
Details
Build and Release / Integration Tests (PostgreSQL) (push) Successful in 4m49s
Details
Build and Release / Lint (push) Successful in 6m2s
Details
Build and Release / Build Binaries (amd64, windows, windows-latest) (push) Failing after 9h0m47s
Details
Build and Release / Build Binaries (amd64, linux, linux-latest) (push) Successful in 3m3s
Details
Build and Release / Build Binaries (amd64, darwin, macos) (push) Successful in 4m29s
Details
Build and Release / Build Binaries (arm64, darwin, macos) (push) Successful in 5m3s
Details
Build and Release / Build Binary (linux/arm64) (push) Failing after 34s
Details
refactor(ci): use http.extraheader for git authentication 
Replace URL-embedded token authentication with http.extraheader configuration for git operations. This approach is more secure as tokens don't appear in URLs or logs.

Change from:
  git clone https://token:SECRET@host/repo.git

To:
  git -c "http.extraheader=Authorization: token SECRET" clone https://host/repo.git

Also switch to direct.git.marketally.com for vault repository access.
2026-01-28 00:20:35 -05:00

103 lines
3.1 KiB
Bash
Raw Permalink Blame History

#!/bin/bash
# sync-vault.sh - Syncs templates and locales from gitcaddy-vault to gitcaddy-server
# Usage: ./scripts/sync-vault.sh [vault-repo-path]
#
# If vault-repo-path is not provided, it will clone from git.marketally.com
set -e
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
SERVER_DIR="$(dirname "$SCRIPT_DIR")"
VAULT_PATH="${1:-}"
# If no vault path provided, clone to temp directory
if [ -z "$VAULT_PATH" ]; then
VAULT_PATH=$(mktemp -d)
CLEANUP_VAULT=true
echo "Cloning gitcaddy-vault to $VAULT_PATH..."
if [ -n "${VAULT_TOKEN:-}" ]; then
git -c "http.extraheader=Authorization: token ${VAULT_TOKEN}" clone --depth 1 https://direct.git.marketally.com/gitcaddy/gitcaddy-vault.git "$VAULT_PATH"
else
git clone --depth 1 https://git.marketally.com/gitcaddy/gitcaddy-vault.git "$VAULT_PATH"
fi
else
CLEANUP_VAULT=false
echo "Using vault from $VAULT_PATH"
fi
# Verify vault directory exists
if [ ! -d "$VAULT_PATH/templates" ]; then
echo "Error: $VAULT_PATH/templates not found"
exit 1
fi
echo "Syncing templates..."
# Sync vault templates
mkdir -p "$SERVER_DIR/templates/repo/vault"
cp -r "$VAULT_PATH/templates/repo/vault/"* "$SERVER_DIR/templates/repo/vault/"
echo " - Copied templates/repo/vault/"
echo "Syncing locales..."
# Export variables so Python heredoc can access them
export SERVER_DIR VAULT_PATH
# Merge locale files using Python
python3 << 'PYTHON_SCRIPT'
import json
import os
import sys
server_dir = os.environ.get('SERVER_DIR', '.')
vault_path = os.environ.get('VAULT_PATH', '.')
server_locale_dir = os.path.join(server_dir, 'options', 'locale')
vault_locale_dir = os.path.join(vault_path, 'locale')
if not os.path.isdir(vault_locale_dir):
print(f"Warning: {vault_locale_dir} not found, skipping locale sync")
sys.exit(0)
# Get all vault locale files
for filename in os.listdir(vault_locale_dir):
if not filename.startswith('locale_') or not filename.endswith('.json'):
continue
vault_file = os.path.join(vault_locale_dir, filename)
server_file = os.path.join(server_locale_dir, filename)
if not os.path.exists(server_file):
print(f" - Skipping {filename} (not in server)")
continue
# Load both files
with open(vault_file, 'r', encoding='utf-8') as f:
vault_data = json.load(f)
with open(server_file, 'r', encoding='utf-8') as f:
server_data = json.load(f)
# Merge vault keys into server (vault takes precedence for vault.* keys)
updated = False
for key, value in vault_data.items():
if key.startswith('vault.'):
if key not in server_data or server_data[key] != value:
server_data[key] = value
updated = True
if updated:
with open(server_file, 'w', encoding='utf-8') as f:
json.dump(server_data, f, ensure_ascii=False, indent=2)
print(f" - Updated {filename}")
else:
print(f" - {filename} (no changes)")
print("Locale sync complete")
PYTHON_SCRIPT
# Cleanup temp directory if we cloned
if [ "$CLEANUP_VAULT" = true ]; then
echo "Cleaning up temp directory..."
rm -rf "$VAULT_PATH"
fi
echo "Vault sync complete!"
Reference in New Issue View Git Blame Copy Permalink