b90aec2024
F-03: validate TLS by default. New _mosaic_tls_opt helper in _lib/credentials.sh returns -k only for private-network IP literals (trusted LAN) or an explicit MOSAIC_INSECURE_TLS opt-in; generic mosaic_http/_post/_patch helpers now use `curl -sS $_tls` instead of `curl -sk`. Woodpecker scripts (_lib.sh, pipeline-status/list/trigger.sh) talk only to the two public/valid CI hosts, so `-sk` is changed to `-sS` (straight -k removal, no helper). F-02: credentials.sh resolves MOSAIC_CREDENTIALS_FILE via a fallback chain — env first, then ~/.config/mosaic/credentials.json, then the legacy ~/src/jarvis-brain/credentials.json retained as final fallback so the running fleet keeps working. F-06: pr-ci-wait.sh distinguishes a genuine no-CI condition (empty state AND no statuses) as a new `no-status` state and fast-exits 0 after 3 consecutive empty polls with a clear "no CI configured" message. Repos that DO have pipelines are unaffected — any pipeline signal resets the streak and pending still waits. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01Kt2D8TsnDwhtzEAPijsNmR
66 lines
1.9 KiB
Bash
Executable File
66 lines
1.9 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
#
|
|
# pipeline-trigger.sh — Trigger a Woodpecker CI pipeline
|
|
#
|
|
# Usage: pipeline-trigger.sh [-r owner/repo] [-b branch] [-a instance]
|
|
#
|
|
# Options:
|
|
# -r repo Repository in owner/repo format (default: current repo)
|
|
# -b branch Branch to build (default: main)
|
|
# -a instance Woodpecker instance name (e.g. usc, mosaic)
|
|
# -h Show this help
|
|
#
|
|
# Requires: woodpecker credentials in credentials.json
|
|
set -euo pipefail
|
|
|
|
MOSAIC_HOME="${MOSAIC_HOME:-$HOME/.config/mosaic}"
|
|
source "$MOSAIC_HOME/tools/_lib/credentials.sh"
|
|
source "$(dirname "${BASH_SOURCE[0]}")/_lib.sh"
|
|
|
|
REPO=""
|
|
BRANCH="main"
|
|
WP_INSTANCE=""
|
|
|
|
while getopts "r:b:a:h" opt; do
|
|
case $opt in
|
|
r) REPO="$OPTARG" ;;
|
|
b) BRANCH="$OPTARG" ;;
|
|
a) WP_INSTANCE="$OPTARG" ;;
|
|
h) head -14 "$0" | grep "^#" | sed 's/^# \?//'; exit 0 ;;
|
|
*) echo "Usage: $0 [-r owner/repo] [-b branch] [-a instance]" >&2; exit 1 ;;
|
|
esac
|
|
done
|
|
|
|
if [[ -n "$WP_INSTANCE" ]]; then
|
|
load_credentials "woodpecker-${WP_INSTANCE}"
|
|
else
|
|
load_credentials woodpecker
|
|
fi
|
|
|
|
if [[ -z "$REPO" ]]; then
|
|
REPO=$(wp_detect_repo) || exit 1
|
|
fi
|
|
|
|
# Resolve owner/repo to numeric ID (Woodpecker v3 API)
|
|
REPO_ID=$(wp_resolve_repo_id "$REPO") || exit 1
|
|
|
|
echo "Triggering pipeline for $REPO on branch $BRANCH..."
|
|
|
|
response=$(curl -sS -w "\n%{http_code}" -X POST \
|
|
-H "Authorization: Bearer $WOODPECKER_TOKEN" \
|
|
-H "Content-Type: application/json" \
|
|
-d "$(jq -n --arg b "$BRANCH" '{branch: $b}')" \
|
|
"${WOODPECKER_URL}/api/repos/${REPO_ID}/pipelines")
|
|
|
|
http_code=$(echo "$response" | tail -n1)
|
|
body=$(echo "$response" | sed '$d')
|
|
|
|
if [[ "$http_code" != "200" && "$http_code" != "201" ]]; then
|
|
echo "Error: Failed to trigger pipeline (HTTP $http_code)" >&2
|
|
echo "$body" | jq -r '.' 2>/dev/null >&2 || echo "$body" >&2
|
|
exit 1
|
|
fi
|
|
|
|
number=$(echo "$body" | jq -r '.number')
|
|
echo "Pipeline #$number triggered successfully"
|