fix(ci): replace gh CLI with curl for Gitea API compatibility

Issue #75 sweep — remaining `gh` CLI calls that fail on Gitea: 1. ci.yml (canvas-deploy-reminder): gh api POST commit comments → replaced with curl to Gitea's POST /repos/{owner}/{repo}/comments/{commit_sha} using -F form upload (matches gh --field behaviour) 2. check-merge-group-trigger.yml: gh api required_status_checks → replaced with curl to Gitea's GET /repos/{owner}/{repo}/branches/{branch} jq-ing .status_check_contexts (Gitea's field name, not GitHub's nested .protection.required_status_checks.contexts) pr-guards.yml: gh pr merge/comment already gated behind is_gitea != 'true' (GitHub-only path), no change needed. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-09 23:13:25 +00:00 · 2026-05-09 23:13:25 +00:00 · c02146a6bc
commit c02146a6bc
parent ebc56a2ce6
2 changed files with 20 additions and 6 deletions
--- a/.github/workflows/check-merge-group-trigger.yml
+++ b/.github/workflows/check-merge-group-trigger.yml
@ -41,6 +41,7 @@ jobs:
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          REPO: ${{ github.repository }}
+          API_BASE: ${{ github.server_url }}/api/v1
        shell: bash
        run: |
          set -euo pipefail
@ -51,8 +52,15 @@ jobs:
          # Pull the list of required status check contexts. If the branch
          # has no protection or no required checks, exit clean — nothing
          # to lint.
-          REQUIRED=$(gh api "repos/${REPO}/branches/${BRANCH}/protection/required_status_checks" \
-            --jq '.contexts[]' 2>/dev/null || true)
+          #
+          # GitHub (gh):  gh api repos/${REPO}/branches/${BRANCH}/protection/required_status_checks --jq '.contexts[]'
+          # Gitea:       curl .../repos/{owner}/{repo}/branches/{branch} | jq '.status_check_contexts[]'
+          # Gitea's branch API returns status_check_contexts as a flat array
+          # at the top level (not nested under protection.required_status_checks).
+          REQUIRED=$(curl -sS \
+            -H "Authorization: token ${GH_TOKEN}" \
+            "${API_BASE}/repos/${REPO}/branches/${BRANCH}" \
+            | jq -r '.status_check_contexts[] // empty' 2>/dev/null || true)
          if [ -z "$REQUIRED" ]; then
            echo "No required status checks on ${BRANCH} — nothing to verify."
            exit 0
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -313,6 +313,7 @@ jobs:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          COMMIT_SHA: ${{ github.sha }}
          RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
+          API_BASE: ${{ github.server_url }}/api/v1
        run: |
          # Write body to a temp file — avoids backtick escaping in shell.
          cat > /tmp/deploy-reminder.md << 'BODY'
@ -337,10 +338,15 @@ jobs:
          printf '\n> Posted automatically by CI · commit `%s` · [build log](%s)\n' \
            "$COMMIT_SHA" "$RUN_URL" >> /tmp/deploy-reminder.md

-          gh api \
-            --method POST \
-            "repos/${{ github.repository }}/commits/${{ github.sha }}/comments" \
-            --field "body=@/tmp/deploy-reminder.md"
+          # GitHub:  gh api --method POST repos/{repo}/commits/{sha}/comments --field body=@{file}
+          # Gitea:   curl POST /repos/{owner}/{repo}/comments/{commit_sha} -F body=@{file}
+          # Using -F (form data) matches GitHub's --field behaviour; jq available
+          # in GitHub Actions runners and Gitea Actions ubuntu-latest images.
+          curl -sS -X POST \
+            -H "Authorization: token ${GH_TOKEN}" \
+            -F "body=< /tmp/deploy-reminder.md" \
+            "${API_BASE}/repos/${{ github.repository }}/comments/${COMMIT_SHA}" \
+            || echo "::warning::Failed to post commit comment — this is non-fatal (the reminder is cosmetic)."

  # Python Lint & Test — required check, always runs. See platform-build
  # for the rationale.