Gitea's push mirroring syncs git objects (branches, tags, commits)
but does not sync GitHub release objects or assets. Since ArtifactHub
needs to download the plugin tarball from the GitHub release URL,
the workflow must create releases on both Gitea and GitHub.
Changes:
- Added "Create GitHub release" step after Gitea release
- Uses GITHUB_TOKEN secret for GitHub API authentication
- Creates release and uploads tarball to GitHub
- Mirroring still handles git data sync
Generated with [Claude Code](https://claude.ai/code)
via [Happy](https://happy.engineering)
Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Happy <yesreply@happy.engineering>
Dev releases should not update the GitHub main branch to preserve
the latest stable version metadata for ArtifactHub discovery.
Changes:
- Add conditional check for version suffix before pushing to GitHub main
- Stable releases (v*): push to GitHub main branch
- Dev releases (v*-dev.*): skip GitHub main branch, only push tag
- This keeps GitHub main branch showing latest stable metadata
Switch from dual-repo (stable + dev) to single-repo pattern where both
stable and dev releases are published to the same GitHub repository.
Changes:
- Remove GITHUB_REPO routing logic (was causing releases to wrong repo)
- Hardcode all GitHub URLs to cpfarhood/headlamp-polaris-plugin
- Update dev branch metadata to point to main repo
- Keep prerelease flag in metadata for ArtifactHub differentiation
- Workflow pushes both stable and dev releases to same repo
- ArtifactHub will show dev releases under "Include prereleases" toggle
This follows the standard mono-repo release pattern (like Node.js, K8s)
where users see one package with stable/prerelease versions.
The metadata update step was hardcoded to push to the stable repo,
causing dev releases to pollute the stable repo's main branch.
Changes:
- Use ${GITHUB_REPO} in archive-url instead of hardcoded stable repo
- Use ${GITHUB_REPO} in git remote instead of hardcoded stable repo
- Determine GITEA_BRANCH dynamically (dev/namespace-drawer for dev, main for stable)
- Push the correct Gitea branch to GitHub main branch
- Use temp branch to avoid conflicts
Now dev releases only touch the dev repo, and stable releases only
touch the stable repo.
Fix getNamespaces() to skip cluster-scoped resources (Namespace: "")
that caused Router.createRouteURL to throw TypeError on the Namespaces
page. Add Playwright E2E smoke tests with Authentik OIDC auth for CI
and K8s token fallback for local dev. Add Gitea Actions E2E workflow,
vitest unit test infrastructure, and test-utils fixtures.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Fetch latest main before pushing metadata update to prevent
non-fast-forward rejections when main moves during the release run.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Aligns npm package name with the repo and ArtifactHub package name.
Updates all references: package.json, registerPluginSettings, Dockerfile,
release workflow tarball URLs, artifacthub-pkg.yml archive-url, and README.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Two GitHub API URLs still had the old repo name (polaris-headlamp-plugin
instead of headlamp-polaris-plugin), causing the GitHub release step to
target the wrong repository.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The default gitea/act_runner image has no Node.js, which actions/checkout@v4
requires. Use catthehacker/ubuntu:act-latest like the kubernetes repo.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add ESLint, Prettier, and TypeScript config files extending the shared
Headlamp plugin configs. Add npm scripts for lint/format. Auto-fix
existing source files. Add CI workflow for PRs and main pushes.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The CI builds a non-reproducible tarball after the tag is created, then
updates artifacthub-pkg.yml on main with the correct checksum. But
Artifact Hub reads from the tag ref, not main, so it sees the stale
checksum and Headlamp rejects the plugin with "Checksum mismatch".
Changes:
- Add guard step: if the GitHub release tarball checksum already matches
the metadata in the current commit, skip the entire build (prevents
infinite retrigger loop)
- After updating metadata on main, force-move the tag to that commit
so AH reads the correct checksum
- Push main + tag directly to GitHub to avoid mirror sync delay
- Replace akkuman/gitea-release-action with curl-based approach so all
steps use the same shell guard pattern
Release flow: tag push -> build -> publish releases -> update metadata
on main -> force-move tag -> (retriggered run hits guard -> exits)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The GitHub Actions fallback workflow raced with the Gitea CI — it ran
first and created the GitHub release with its own tarball (different
checksum), causing the Gitea CI's upload to fail and leaving a
checksum mismatch on Artifact Hub.
- Remove .github/workflows/release.yml entirely (Gitea CI handles both
Gitea and GitHub releases)
- Fix the Gitea CI's GitHub release step to delete existing assets
before uploading, so re-runs and race conditions are handled gracefully
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The Gitea Contents API returned HTTP error (curl exit 22) when the CI
tried to update artifacthub-pkg.yml. Switch to using git checkout/commit/push
which reuses the auth already configured by actions/checkout. Also added
fetch-depth: 0 so the main branch is available for checkout.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
## Summary
- Fix the v0.0.1 archive checksum in `artifacthub-pkg.yml` to match the actual GitHub release tarball (was causing "Checksum mismatch" on Headlamp plugin install)
- Gitea CI now computes the checksum after packaging and updates `artifacthub-pkg.yml` on `main` via the Gitea API, then uploads the **same tarball** to GitHub releases (requires `GH_PAT` secret) so both releases serve identical artifacts
- GitHub CI becomes a fallback — skips entirely if the Gitea CI already created the release, preventing a second build from producing a mismatched tarball
## Setup required
Add a `GH_PAT` secret to the Gitea repo containing a GitHub personal access token with `repo` scope. Without it, the GitHub release step gracefully skips and the GitHub Actions fallback handles it.
## Test plan
- [ ] Verify `GH_PAT` secret is set in Gitea repo settings
- [ ] Tag and push a new release (`v0.0.2`)
- [ ] Confirm Gitea CI updates `artifacthub-pkg.yml` checksum on `main`
- [ ] Confirm GitHub release is created by Gitea CI with matching tarball
- [ ] Confirm GitHub Actions fallback skips (release already exists)
- [ ] Verify Headlamp plugin installs without checksum mismatch
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-authored-by: Chris Farhood <chris@farhood.org>
Reviewed-on: farhoodliquor/polaris-headlamp-plugin#1
Co-authored-by: claude <no-reply.claude@farh.net>
Co-committed-by: claude <no-reply.claude@farh.net>
Multi-stage Dockerfile produces a lightweight image with the compiled
plugin at /plugins/. Gitea Actions workflow triggers on tag push (v*),
builds the plugin, pushes to the Gitea container registry, and creates
a release with the tarball attached.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Chris Farhood
claude