From 5fde3ab145e5bb7074b5ea1c97c3be2f152a03e5 Mon Sep 17 00:00:00 2001 From: Viktor Barzin Date: Sat, 21 Feb 2026 19:14:41 +0000 Subject: [PATCH] [ci skip] Add GitHub & Drone CI API access documentation --- .claude/CLAUDE.md | 68 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 68 insertions(+) diff --git a/.claude/CLAUDE.md b/.claude/CLAUDE.md index 9e684b47..bd5a2297 100755 --- a/.claude/CLAUDE.md +++ b/.claude/CLAUDE.md @@ -22,6 +22,8 @@ terraform apply -target=module.kubernetes_cluster.module. -var="kube_config_path=$(pwd)/config" -auto-approve ``` - **kubectl**: Use `kubectl --kubeconfig $(pwd)/config` for cluster access +- **GitHub API**: Use `curl` with token from tfvars (see GitHub & Drone CI section below). `gh` CLI is blocked by sandbox restrictions. +- **Drone CI API**: Use `curl` with token from tfvars (see GitHub & Drone CI section below). --- @@ -342,6 +344,72 @@ jellyfin, jellyseerr, tdarr, affine, health, family, openclaw - **ALWAYS add `[ci skip]` to commit messages** when you've already run `terraform apply` to avoid triggering CI redundantly - **After committing, run `git push origin master`** to sync changes +## GitHub & Drone CI + +### GitHub API Access +- **Username**: `ViktorBarzin` +- **Token location**: `terraform.tfvars` as `github_pat` (git-crypt encrypted) +- **Read token**: `grep github_pat terraform.tfvars | cut -d'"' -f2` +- **Scopes**: Full access — `repo`, `admin:public_key`, `admin:repo_hook`, `delete_repo`, `admin:org`, `workflow`, `write:packages`, and more +- **`gh` CLI**: Blocked by sandbox restrictions — use `curl` with the GitHub API instead + +#### Common API Patterns +```bash +# Read token from tfvars +GITHUB_TOKEN=$(grep github_pat terraform.tfvars | cut -d'"' -f2) + +# List repos +curl -s -H "Authorization: token $GITHUB_TOKEN" "https://api.github.com/users/ViktorBarzin/repos?per_page=100" + +# Create repo +curl -s -X POST -H "Authorization: token $GITHUB_TOKEN" "https://api.github.com/user/repos" \ + -d '{"name":"repo-name","private":true}' + +# Add deploy key +curl -s -X POST -H "Authorization: token $GITHUB_TOKEN" "https://api.github.com/repos/ViktorBarzin//keys" \ + -d '{"title":"key-name","key":"ssh-ed25519 ...","read_only":false}' + +# Create webhook (e.g., for Drone CI) +curl -s -X POST -H "Authorization: token $GITHUB_TOKEN" "https://api.github.com/repos/ViktorBarzin//hooks" \ + -d '{"config":{"url":"https://drone.viktorbarzin.me/hook","content_type":"json","secret":"..."},"events":["push","pull_request"]}' + +# Get repo info +curl -s -H "Authorization: token $GITHUB_TOKEN" "https://api.github.com/repos/ViktorBarzin/" +``` + +### Drone CI API Access +- **Server**: `https://drone.viktorbarzin.me` +- **Token location**: `terraform.tfvars` as `drone_api_token` (git-crypt encrypted) +- **Read token**: `grep drone_api_token terraform.tfvars | cut -d'"' -f2` +- **Username**: `ViktorBarzin` + +#### Common API Patterns +```bash +# Read token from tfvars +DRONE_TOKEN=$(grep drone_api_token terraform.tfvars | cut -d'"' -f2) + +# List repos +curl -s -H "Authorization: Bearer $DRONE_TOKEN" "https://drone.viktorbarzin.me/api/repos" + +# Activate repo in Drone +curl -s -X POST -H "Authorization: Bearer $DRONE_TOKEN" "https://drone.viktorbarzin.me/api/repos/ViktorBarzin/" + +# Trigger build +curl -s -X POST -H "Authorization: Bearer $DRONE_TOKEN" "https://drone.viktorbarzin.me/api/repos/ViktorBarzin//builds" + +# Get build info +curl -s -H "Authorization: Bearer $DRONE_TOKEN" "https://drone.viktorbarzin.me/api/repos/ViktorBarzin//builds/" + +# Add secret to repo +curl -s -X POST -H "Authorization: Bearer $DRONE_TOKEN" "https://drone.viktorbarzin.me/api/repos/ViktorBarzin//secrets" \ + -d '{"name":"secret_name","data":"secret_value"}' +``` + +### Capabilities +With these tokens, Claude can: +- **GitHub**: Create/delete repos, push code, manage SSH/deploy keys, manage webhooks, manage org settings, manage packages +- **Drone CI**: Activate repos, trigger/monitor builds, manage secrets, configure pipelines + ## Infrastructure - Proxmox hypervisor for VMs (192.168.1.127) - Kubernetes cluster with GPU node (5 nodes: k8s-master + k8s-node1-4, running v1.34.2)