mirror of
https://github.com/YunoHost-Apps/cyberchef_ynh.git
synced 2024-09-03 18:16:31 +02:00
add autoupdate workflow
This commit is contained in:
oleole39
parent
2d790ed16a
commit
f724e05d53
2 changed files with 83 additions and 48 deletions
79
.github/workflows/updater.sh
vendored
79
.github/workflows/updater.sh
vendored
|
|
@ -17,8 +17,8 @@ exit 1
|
|||
#=================================================
|
||||
|
||||
# Fetching information
|
||||
current_version=$(cat manifest.json | jq -j '.version|split("~")[0]')
|
||||
repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]')
|
||||
current_version=$(cat manifest.toml | tomlq -j '.version|split("~")[0]')
|
||||
repo=$(cat manifest.toml | tomlq -j '.upstream.code|split("https://github.com/")[1]')
|
||||
# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions)
|
||||
version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1)
|
||||
assets=($(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '[ .[] | select(.tag_name=="'$version'").assets[].browser_download_url ] | join(" ") | @sh' | tr -d "'"))
|
||||
|
|
@ -48,38 +48,24 @@ elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.
|
|||
exit 0
|
||||
fi
|
||||
|
||||
# Each release can hold multiple assets (e.g. binaries for different architectures, source code, etc.)
|
||||
echo "${#assets[@]} available asset(s)"
|
||||
# As of current build process, each release should contain a unique asset (zip)
|
||||
case ${#assets[@]} in
|
||||
0)
|
||||
echo "::warning ::no asset found, exiting"
|
||||
exit 0
|
||||
;;
|
||||
1)
|
||||
echo "1 available asset, let's proceed"
|
||||
;;
|
||||
*)
|
||||
echo "::warning ::multiple assets, that breaks the expected pattern, exiting"
|
||||
exit 0
|
||||
|
||||
#=================================================
|
||||
# UPDATE SOURCE FILES
|
||||
#=================================================
|
||||
|
||||
# Here we use the $assets variable to get the resources published in the upstream release.
|
||||
# Here is an example for Grav, it has to be adapted in accordance with how the upstream releases look like.
|
||||
|
||||
# Let's loop over the array of assets URLs
|
||||
for asset_url in ${assets[@]}; do
|
||||
|
||||
echo "Handling asset at $asset_url"
|
||||
|
||||
# Assign the asset to a source file in conf/ directory
|
||||
# Here we base the source file name upon a unique keyword in the assets url (admin vs. update)
|
||||
# Leave $src empty to ignore the asset
|
||||
case $asset_url in
|
||||
*"admin"*)
|
||||
src="app"
|
||||
;;
|
||||
*"update"*)
|
||||
src="app-upgrade"
|
||||
;;
|
||||
*)
|
||||
src=""
|
||||
;;
|
||||
esac
|
||||
|
||||
# If $src is not empty, let's process the asset
|
||||
if [ ! -z "$src" ]; then
|
||||
asset_url=${assets[0]}
|
||||
|
||||
# Create the temporary directory
|
||||
tempdir="$(mktemp -d)"
|
||||
|
|
@ -89,27 +75,21 @@ filename=${asset_url##*/}
|
|||
curl --silent -4 -L $asset_url -o "$tempdir/$filename"
|
||||
checksum=$(sha256sum "$tempdir/$filename" | head -c 64)
|
||||
|
||||
# Update manifest' source information in manifest
|
||||
old_src_main_url=$(cat manifest.toml | tomlq -j '.resources.sources.main.url')
|
||||
old_src_main_sha256=$(cat manifest.toml | tomlq -j '.resources.sources.main.sha256')
|
||||
sed -i "s^$old_src_main_url^$asset_url^" # use alternate sed delimiter to avoid url escaping
|
||||
sed -i "s/$old_src_main_sha256/$checksum/"
|
||||
## Alternative less flexible
|
||||
#sed -i "s/^\(\s*url\s\=\s\"\).*/\1$asset_url\"/"
|
||||
#sed -i "s/^\(\s*sha256\s\=\s\"\).*/\1$checksum\"/"
|
||||
## Alternative loosing manifest original's format (especially indentation) as yq currently does not apply automatic styling for toml, cf. https://github.com/kislyuk/yq/issues/164
|
||||
#cat manifest.toml | tomlq -t --arg url "$asset_url" --arg sha256 "$checksum" '.resources.sources.main.url |= $url | .resources.sources.main.sha256 |= $sha256' > $tempdir/manifest.toml
|
||||
#mv $tempdir/manifest.toml manifest.toml
|
||||
|
||||
# Delete temporary directory
|
||||
rm -rf $tempdir
|
||||
|
||||
# Get extension
|
||||
if [[ $filename == *.tar.gz ]]; then
|
||||
extension=tar.gz
|
||||
else
|
||||
extension=${filename##*.}
|
||||
fi
|
||||
|
||||
# Rewrite source file
|
||||
cat <<EOT > conf/$src.src
|
||||
SOURCE_URL=$asset_url
|
||||
SOURCE_SUM=$checksum
|
||||
SOURCE_SUM_PRG=sha256sum
|
||||
SOURCE_FORMAT=$extension
|
||||
SOURCE_IN_SUBDIR=true
|
||||
SOURCE_FILENAME=
|
||||
EOT
|
||||
echo "... conf/$src.src updated"
|
||||
|
||||
else
|
||||
echo "... asset ignored"
|
||||
fi
|
||||
|
|
@ -123,12 +103,15 @@ done
|
|||
# Any action on the app's source code can be done.
|
||||
# The GitHub Action workflow takes care of committing all changes after this script ends.
|
||||
|
||||
# Update nginx.conf index page
|
||||
sed -i "s/^\s*index\sCyberChef.*/\ index CyberChef_v$version.html;/" conf/nginx.conf
|
||||
|
||||
#=================================================
|
||||
# GENERIC FINALIZATION
|
||||
#=================================================
|
||||
|
||||
# Replace new version in manifest
|
||||
echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json
|
||||
sed -i "s/^version\s*=.*/version = \"$version~ynh1\"/" manifest.toml
|
||||
|
||||
# No need to update the README, yunohost-bot takes care of it
|
||||
|
||||
|
|
|
|||
52
.github/workflows/updater.yml
vendored
Normal file
52
.github/workflows/updater.yml
vendored
Normal file
|
|
@ -0,0 +1,52 @@
|
|||
# This workflow allows GitHub Actions to automagically update your app whenever a new upstream release is detected.
|
||||
# You need to enable Actions in your repository settings, and fetch this Action from the YunoHost-Apps organization.
|
||||
# This file should be enough by itself, but feel free to tune it to your needs.
|
||||
# It calls updater.sh, which is where you should put the app-specific update steps.
|
||||
name: Check for new upstream releases
|
||||
on:
|
||||
# Allow to manually trigger the workflow
|
||||
workflow_dispatch:
|
||||
# Run it every day at 6:00 UTC
|
||||
schedule:
|
||||
- cron: '0 6 * * *'
|
||||
jobs:
|
||||
updater:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Fetch the source code
|
||||
uses: actions/checkout@v2
|
||||
with:
|
||||
token: ${{ secrets.GITHUB_TOKEN }}
|
||||
- name: Run the updater script
|
||||
id: run_updater
|
||||
run: |
|
||||
# Setting up Git user
|
||||
git config --global user.name 'yunohost-bot'
|
||||
git config --global user.email 'yunohost-bot@users.noreply.github.com'
|
||||
# Download yq/tomlq
|
||||
pip install yq
|
||||
# Run the updater script
|
||||
/bin/bash .github/workflows/updater.sh
|
||||
- name: Commit changes
|
||||
id: commit
|
||||
if: ${{ env.PROCEED == 'true' }}
|
||||
run: |
|
||||
git commit -am "Upgrade to v$VERSION"
|
||||
- name: Create Pull Request
|
||||
id: cpr
|
||||
if: ${{ env.PROCEED == 'true' }}
|
||||
uses: peter-evans/create-pull-request@v3
|
||||
with:
|
||||
token: ${{ secrets.GITHUB_TOKEN }}
|
||||
commit-message: Update to version ${{ env.VERSION }}
|
||||
committer: 'yunohost-bot <yunohost-bot@users.noreply.github.com>'
|
||||
author: 'yunohost-bot <yunohost-bot@users.noreply.github.com>'
|
||||
signoff: false
|
||||
base: testing
|
||||
branch: ci-auto-update-v${{ env.VERSION }}
|
||||
delete-branch: true
|
||||
title: 'Upgrade to version ${{ env.VERSION }}'
|
||||
body: |
|
||||
Upgrade to v${{ env.VERSION }}
|
||||
[See upstream release page](https://github.com/${{ env.REPO }}/releases/tag/v${{ env.VERSION }})
|
||||
draft: false
|
||||
Loading…
Add table
Reference in a new issue