diff --git a/.github/workflows/updater.py b/.github/workflows/updater.py new file mode 100755 index 0000000..cb84e47 --- /dev/null +++ b/.github/workflows/updater.py @@ -0,0 +1,126 @@ +#!/usr/bin/env python3 +""" +This script is meant to be run by GitHub Actions. +It comes with a Github Action updater.yml to run this script periodically. + +Since each app is different, maintainers can adapt its contents to perform +automatic actions when a new upstream release is detected. + +You need to enable the action by removing `if ${{ false }}` in updater.yml! +""" + +import hashlib +import json +import logging +import os +import re +from subprocess import run, PIPE +import textwrap +from typing import List, Tuple, Any +import requests +from packaging import version + +logging.getLogger().setLevel(logging.INFO) + +# ========================================================================== # +# Functions customizable by app maintainer + +def get_latest_version(repo: str) -> Tuple[version.Version, Any]: + """May be customized by maintainers for other forges than Github""" + api_url = repo.replace("github.com", "api.github.com/repos") + # May use {api_url}/tags and release["name"] for tag-based upstream + releases = requests.get(f"{api_url}/releases").json() + release_info = next(release for release in releases if not release["prerelease"]) + return version.Version(release_info["tag_name"]), release_info + +def get_asset_urls_of_release(repo: str, release: Any) -> List[str]: + """May be customized by maintainers for custom urls""" + return [ + *[asset["browser_download_url"] for asset in release["assets"]], + f"{repo}/archive/refs/tags/{release['tag_name']}.tar.gz" + ] + +def handle_asset(asset_url: str): + """This should be customized by the maintainer according to upstream""" + logging.info("Handling asset at %s", asset_url) + if re.match(r".*/cinny-v[0-9\.]+.(tar.gz)$", asset_url): + write_src_file("app.src", asset_url, "tar.gz") + else: + logging.info("Asset ignored") + +# ========================================================================== # +# Core generic code of the script + +def sha256sum_of_url(url: str) -> str: + """Compute checksum without saving the file""" + checksum = hashlib.sha256() + for chunk in requests.get(url, stream=True).iter_content(): + checksum.update(chunk) + return checksum.hexdigest() + +def write_src_file(name: str, asset_url: str, extension: str, + extract: bool = True, subdir: bool = True) -> None: + """Rewrite conf/app.src""" + logging.info("Writing %s...", name) + + with open(f"conf/{name}", "w", encoding="utf-8") as conf_file: + conf_file.write(textwrap.dedent(f"""\ + SOURCE_URL={asset_url} + SOURCE_SUM={sha256sum_of_url(asset_url)} + SOURCE_SUM_PRG=sha256sum + SOURCE_FORMAT={extension} + SOURCE_IN_SUBDIR={str(subdir).lower()} + SOURCE_EXTRACT={str(extract).lower()} + """)) + +def write_github_env(proceed: bool, new_version: str, branch: str): + """Those values will be used later in the workflow""" + if "GITHUB_ENV" not in os.environ: + logging.warning("GITHUB_ENV is not in the envvars, assuming not in CI") + return + with open(os.environ["GITHUB_ENV"], "w", encoding="utf-8") as github_env: + github_env.write(textwrap.dedent(f"""\ + VERSION={new_version} + BRANCH={branch} + PROCEED={str(proceed).lower()} + """)) + +def main(): + with open("manifest.json", "r", encoding="utf-8") as manifest_file: + manifest = json.load(manifest_file) + repo = manifest["upstream"]["code"] + + current_version = version.Version(manifest["version"].split("~")[0]) + latest_version, release_info = get_latest_version(repo) + logging.info("Current version: %s", current_version) + logging.info("Latest upstream version: %s", latest_version) + + # Proceed only if the retrieved version is greater than the current one + if latest_version <= current_version: + logging.warning("No new version available") + write_github_env(False, "", "") + return + + # Proceed only if a PR for this new version does not already exist + branch = f"ci-auto-update-v${latest_version}" + command = ["git", "ls-remote", "--exit-code", "-h", repo, branch] + if run(command, stderr=PIPE, stdout=PIPE, check=False).returncode == 0: + logging.warning("A branch already exists for this update") + write_github_env(False, "", "") + return + + assets = get_asset_urls_of_release(repo, release_info) + logging.info("%d available asset(s)", len(assets)) + for asset in assets: + handle_asset(asset) + + manifest["version"] = f"{latest_version}~ynh1" + with open("manifest.json", "w", encoding="utf-8") as manifest_file: + json.dump(manifest, manifest_file, indent=4, ensure_ascii=False) + manifest_file.write("\n") + + write_github_env(True, latest_version, branch) + + +if __name__ == "__main__": + main() diff --git a/.github/workflows/updater.sh b/.github/workflows/updater.sh deleted file mode 100755 index adf6262..0000000 --- a/.github/workflows/updater.sh +++ /dev/null @@ -1,130 +0,0 @@ -#!/bin/bash - -#================================================= -# PACKAGE UPDATING HELPER -#================================================= - -# This script is meant to be run by GitHub Actions -# The YunoHost-Apps organisation offers a template Action to run this script periodically -# Since each app is different, maintainers can adapt its contents so as to perform -# automatic actions when a new upstream release is detected. - -# Remove this exit command when you are ready to run this Action -#exit 1 - -#================================================= -# FETCHING LATEST RELEASE AND ITS ASSETS -#================================================= - -# Fetching information -current_version=$(cat manifest.json | jq -j '.version|split("~")[0]') -repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]') -# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions) -version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1) -assets=($(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '[ .[] | select(.tag_name=="'$version'").assets[].browser_download_url ] | join(" ") | @sh' | tr -d "'")) - -# Later down the script, we assume the version has only digits and dots -# Sometimes the release name starts with a "v", so let's filter it out. -# You may need more tweaks here if the upstream repository has different naming conventions. -if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then - version=${version:1} -fi - -# Setting up the environment variables -echo "Current version: $current_version" -echo "Latest release from upstream: $version" -echo "VERSION=$version" >> $GITHUB_ENV -# For the time being, let's assume the script will fail -echo "PROCEED=false" >> $GITHUB_ENV - -# Proceed only if the retrieved version is greater than the current one -if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then - echo "::warning ::No new version available" - exit 0 -# Proceed only if a PR for this new version does not already exist -elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then - echo "::warning ::A branch already exists for this update" - exit 0 -fi - -# Each release can hold multiple assets (e.g. binaries for different architectures, source code, etc.) -echo "${#assets[@]} available asset(s)" - -#================================================= -# UPDATE SOURCE FILES -#================================================= - -# Here we use the $assets variable to get the resources published in the upstream release. -# Here is an example for Grav, it has to be adapted in accordance with how the upstream releases look like. - -# Let's loop over the array of assets URLs -for asset_url in ${assets[@]}; do - -echo "Handling asset at $asset_url" - -# Assign the asset to a source file in conf/ directory -# Here we base the source file name upon a unique keyword in the assets url (admin vs. update) -# Leave $src empty to ignore the asset -case $asset_url in - *"cinny-v"*".tar.gz") - src="app" - ;; -esac - -# If $src is not empty, let's process the asset -if [ ! -z "$src" ]; then - -# Create the temporary directory -tempdir="$(mktemp -d)" - -# Download sources and calculate checksum -filename=${asset_url##*/} -curl --silent -4 -L $asset_url -o "$tempdir/$filename" -checksum=$(sha256sum "$tempdir/$filename" | head -c 64) - -# Delete temporary directory -rm -rf $tempdir - -# Get extension -if [[ $filename == *.tar.gz ]]; then - extension=tar.gz -else - extension=${filename##*.} -fi - -# Rewrite source file -cat < conf/$src.src -SOURCE_URL=$asset_url -SOURCE_SUM=$checksum -SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT=tar.gz -SOURCE_IN_SUBDIR=true -SOURCE_EXTRACT=true -EOT -echo "... conf/$src.src updated" - -else -echo "... asset ignored" -fi - -done - -#================================================= -# SPECIFIC UPDATE STEPS -#================================================= - -# Any action on the app's source code can be done. -# The GitHub Action workflow takes care of committing all changes after this script ends. - -#================================================= -# GENERIC FINALIZATION -#================================================= - -# Replace new version in manifest -echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json - -# No need to update the README, yunohost-bot takes care of it - -# The Action will proceed only if the PROCEED environment variable is set to true -echo "PROCEED=true" >> $GITHUB_ENV -exit 0 diff --git a/.github/workflows/updater.yml b/.github/workflows/updater.yml index fb72ba0..e71f2cf 100644 --- a/.github/workflows/updater.yml +++ b/.github/workflows/updater.yml @@ -8,42 +8,33 @@ on: workflow_dispatch: # Run it every day at 6:00 UTC schedule: - - cron: '0 6 * * *' + - cron: '0 6 * * *' + jobs: updater: + # Maintainer should customize the updater script then comment this line. + # if: ${{ false }} + runs-on: ubuntu-latest steps: - name: Fetch the source code uses: actions/checkout@v2 with: token: ${{ secrets.GITHUB_TOKEN }} + - name: Run the updater script - id: run_updater - run: | - # Setting up Git user - git config --global user.name 'yunohost-bot' - git config --global user.email 'yunohost-bot@users.noreply.github.com' - # Run the updater script - /bin/bash .github/workflows/updater.sh - - name: Commit changes - id: commit - if: ${{ env.PROCEED == 'true' }} - run: | - git commit -am "Upgrade to v$VERSION" + run: .github/workflows/updater.py + - name: Create Pull Request - id: cpr if: ${{ env.PROCEED == 'true' }} uses: peter-evans/create-pull-request@v3 with: token: ${{ secrets.GITHUB_TOKEN }} - commit-message: Update to version ${{ env.VERSION }} + title: Upgrade ${{ env.APP_NAME }} to version ${{ env.VERSION }} + body: Upgrade ${{ env.APP_NAME }} to version ${{ env.VERSION }} + commit-message: Upgrade ${{ env.APP_NAME }} to version ${{ env.VERSION }} committer: 'yunohost-bot ' author: 'yunohost-bot ' - signoff: false base: testing - branch: ci-auto-update-v${{ env.VERSION }} + branch: ${{ env.BRANCH }} delete-branch: true - title: 'Upgrade to version ${{ env.VERSION }}' - body: | - Upgrade to v${{ env.VERSION }} - draft: false diff --git a/conf/app.src b/conf/app.src index 047a5a3..0dec765 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://github.com/ajbura/cinny/releases/download/v2.0.0/cinny-v2.0.0.tar.gz -SOURCE_SUM=b4cdd8034196f19db882df2df5d3b2af5d060883687400746f8fe00fb8df80e3 +SOURCE_URL=https://github.com/ajbura/cinny/releases/download/v2.0.3/cinny-v2.0.3.tar.gz +SOURCE_SUM=adbb847382317d8c2885bcd6a6717ee13e65f19a711ba61f37fddceb1b124f8e SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true diff --git a/manifest.json b/manifest.json index 427336e..4c281d4 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Matrix client focusing primarily on simple, elegant and secure interface", "fr": "Client matrix orienté simplicité, élégance et sécurité" }, - "version": "2.0.0~ynh1", + "version": "2.0.3~ynh1", "url": "https://cinny.in", "upstream": { "license": "MIT",