ci: harden test tag guards

Use direct shell checks on github.ref_name inside workflow steps so test tags skip registry login, image push, and deploy webhook regardless of Gitea expression behavior.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

.gitea/workflows/package.yml

@@ -75,8 +75,14 @@ jobs:
           } >> "$GITHUB_ENV"
 
       - name: Login to Gitea Container Registry
-        if: ${{ !endsWith(github.ref_name, '-test') }}
         run: |
+          case "${{ github.ref_name }}" in
+            *-test)
+              echo "Test tag detected; skipping registry login."
+              exit 0
+              ;;
+          esac
+
           echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login "$REGISTRY_HOST" \
             --username "${{ secrets.REGISTRY_USERNAME }}" \
             --password-stdin
@@ -97,16 +103,24 @@ jobs:
             --build-arg NEXT_PUBLIC_MAPBOX_TOKEN="${{ secrets.NEXT_PUBLIC_MAPBOX_TOKEN }}" \
             --build-arg NEXT_PUBLIC_TIANDITU_TOKEN="${{ secrets.NEXT_PUBLIC_TIANDITU_TOKEN }}" \
             .
-          if [ "${{ endsWith(github.ref_name, '-test') }}" = "true" ]; then
+          case "${{ github.ref_name }}" in
+            *-test)
               echo "Test tag detected; build completed without pushing images."
               exit 0
-          fi
+              ;;
+          esac
           docker push "${IMAGE_NAME}:${IMAGE_TAG}"
           docker push "${IMAGE_NAME}:latest"
 
       - name: Notify Deploy Server
-        if: ${{ success() && !endsWith(github.ref_name, '-test') }}
         run: |
+          case "${{ github.ref_name }}" in
+            *-test)
+              echo "Test tag detected; skipping deploy webhook."
+              exit 0
+              ;;
+          esac
+
           curl -fsSL -X POST "${{ vars.DEPLOY_WEBHOOK_URL }}" \
             -H "Content-Type: application/json" \
             -H "Authorization: Bearer ${{ secrets.DEPLOY_WEBHOOK_TOKEN }}" \

.gitignore

@@ -34,3 +34,4 @@ yarn-error.log*
 # typescript
 *.tsbuildinfo
 next-env.d.ts
+memery.md

memery.md

@@ -13,5 +13,7 @@
 - **Applied fix for image naming:** lowercased `REPOSITORY_PATH` during image metadata normalization so image tags remain valid even when the Gitea owner or repository name contains uppercase letters.
 - **Latest remote failure on act_runner:** a `*-test` run still reached `Notify Deploy Server` and failed with `curl: (3) URL using bad/illegal format or missing URL`. That showed the shell-level `IS_TEST_TAG` guard was not reliable enough for cross-step skip control on this runner.
 - **Applied fix for test-tag skipping:** moved registry login and deploy webhook skipping to workflow-level `if:` conditions based on `endsWith(github.ref_name, '-test')`, and made the image-push branch check the tag name directly instead of relying on `IS_TEST_TAG` from a previous step.
+- **Follow-up from server validation:** the runner still executed `Notify Deploy Server` for `v2026.04.24-test5`, so Gitea step-level `if:` with `endsWith(...)` was not sufficient in this environment.
+- **Applied hardening:** replaced those step-level conditions with direct shell `case "${{ github.ref_name }}" in *-test)` guards inside the login, push, and deploy steps. This avoids relying on Gitea expression behavior for test-tag skipping.
 - **Current local result:** `npm run lint`, `npm run test -- --runInBand`, `npm run build`, `docker build ...`, and `npm run build` inside `gitea/runner-images:ubuntu-22.04` all completed successfully after the workflow adjustment.
 - **Non-blocking note:** local Jest run reported a haste-map naming collision between `package.json` and `.next/standalone/package.json`; tests still passed, and this does not affect the current image-build workflow.