From 159f8be493a225726c47194e41214adf0181d409 Mon Sep 17 00:00:00 2001
From: Space-Banane <paulwaehner923@gmail.com>
Date: Fri, 22 May 2026 19:43:22 +0200
Subject: [PATCH] ci: link published container package to repository

---
 .gitea/workflows/ci.yml | 66 +++++++++++++++++++++++++++++++++++++++++
 .gitignore              |  2 ++
 2 files changed, 68 insertions(+)

diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml
index 0aac3db..c9e330f 100644
--- a/.gitea/workflows/ci.yml
+++ b/.gitea/workflows/ci.yml
@@ -103,6 +103,19 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - uses: docker/setup-buildx-action@v3
+      - name: Derive package metadata
+        id: meta
+        shell: bash
+        run: |
+          set -euo pipefail
+          owner="${IMAGE_NAME%%/*}"
+          repo="${IMAGE_NAME##*/}"
+          if [ -z "${owner}" ] || [ -z "${repo}" ]; then
+            echo "::error::Failed to derive owner/repo from IMAGE_NAME=${IMAGE_NAME}"
+            exit 1
+          fi
+          echo "owner=${owner}" >> "${GITHUB_OUTPUT}"
+          echo "repo=${repo}" >> "${GITHUB_OUTPUT}"
       - name: Login to Gitea container registry
         uses: docker/login-action@v3
         with:
@@ -140,3 +153,56 @@ jobs:
           if [ "${CI_REF_NAME}" = "main" ]; then
             echo "- ${IMAGE}:latest" >> "${GITHUB_STEP_SUMMARY}"
           fi
+      - name: Link package to repository
+        shell: bash
+        env:
+          REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
+          REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
+          PACKAGE_OWNER: ${{ steps.meta.outputs.owner }}
+          PACKAGE_NAME: ${{ steps.meta.outputs.repo }}
+          REPO_NAME: ${{ steps.meta.outputs.repo }}
+        run: |
+          set -euo pipefail
+          token="${REGISTRY_PASSWORD:-${REGISTRY_TOKEN:-}}"
+          if [ -z "$token" ]; then
+            echo "::error::Registry token/password is empty. Set REGISTRY_PASSWORD or REGISTRY_TOKEN."
+            exit 1
+          fi
+          python3 - <<'PY'
+          import json
+          import os
+          import sys
+          import urllib.error
+          import urllib.parse
+          import urllib.request
+
+          owner = os.environ["PACKAGE_OWNER"]
+          package = os.environ["PACKAGE_NAME"]
+          repo = os.environ["REPO_NAME"]
+          token = os.environ["REGISTRY_PASSWORD"] or os.environ["REGISTRY_TOKEN"]
+          base = "https://gitea.reversed.dev/api/v1"
+          headers = {
+              "Authorization": f"token {token}",
+              "Accept": "application/json",
+          }
+
+          latest_url = f"{base}/packages/{urllib.parse.quote(owner)}/container/{urllib.parse.quote(package)}/-/latest"
+          req = urllib.request.Request(latest_url, headers=headers)
+          with urllib.request.urlopen(req) as resp:
+              current = json.load(resp)
+
+          linked_repo = (current.get("repository") or {}).get("name")
+          if linked_repo == repo:
+              print(f"package already linked to {owner}/{repo}")
+              sys.exit(0)
+
+          link_url = f"{base}/packages/{urllib.parse.quote(owner)}/container/{urllib.parse.quote(package)}/-/link/{urllib.parse.quote(repo)}"
+          link_req = urllib.request.Request(link_url, data=b"", method="POST", headers=headers)
+          try:
+              with urllib.request.urlopen(link_req) as resp:
+                  print(f"linked package to {owner}/{repo}, status={resp.status}")
+          except urllib.error.HTTPError as exc:
+              body = exc.read().decode(errors="replace")
+              print(f"link failed: status={exc.code} body={body}")
+              raise
+          PY
diff --git a/.gitignore b/.gitignore
index 28effbb..de2db1f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -8,3 +8,5 @@ worktrees/
 .coverage
 htmlcov/
 creds.txt
+.tmp_mig.db
+.tmp_pytest
\ No newline at end of file