YunoHost-Apps/cyberchef_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/cyberchef_ynh.git synced 2024-09-03 18:16:31 +02:00
Code Issues Activity Actions

add autoupdate workflow

Browse source
This commit is contained in:
oleole39 2023-03-21 00:24:45 +01:00
parent 2d790ed16a
commit f724e05d53
2 changed files with 83 additions and 48 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

79
.github/workflows/updater.sh vendored
View file

@ -17,8 +17,8 @@ exit 1
#================================================= #=================================================
# Fetching information # Fetching information
current_version=$(cat manifest.json | jq -j '.version|split("~")[0]') current_version=$(cat manifest.toml | tomlq -j '.version|split("~")[0]')
repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]') repo=$(cat manifest.toml | tomlq -j '.upstream.code|split("https://github.com/")[1]')
# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions) # Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions)
version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1) version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1)
assets=($(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '[ .[] | select(.tag_name=="'$version'").assets[].browser_download_url ] | join(" ") | @sh' | tr -d "'")) assets=($(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '[ .[] | select(.tag_name=="'$version'").assets[].browser_download_url ] | join(" ") | @sh' | tr -d "'"))
@ -48,38 +48,24 @@ elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.
exit 0 exit 0
fi fi
# Each release can hold multiple assets (e.g. binaries for different architectures, source code, etc.) # As of current build process, each release should contain a unique asset (zip)
echo "${#assets[@]} available asset(s)" case ${#assets[@]} in
0)
echo "::warning ::no asset found, exiting"
exit 0
;;
1)
echo "1 available asset, let's proceed"
;;
*)
echo "::warning ::multiple assets, that breaks the expected pattern, exiting"
exit 0
#================================================= #=================================================
# UPDATE SOURCE FILES # UPDATE SOURCE FILES
#================================================= #=================================================
# Here we use the $assets variable to get the resources published in the upstream release. asset_url=${assets[0]}
# Here is an example for Grav, it has to be adapted in accordance with how the upstream releases look like.
# Let's loop over the array of assets URLs
for asset_url in ${assets[@]}; do
echo "Handling asset at $asset_url"
# Assign the asset to a source file in conf/ directory
# Here we base the source file name upon a unique keyword in the assets url (admin vs. update)
# Leave $src empty to ignore the asset
case $asset_url in
*"admin"*)
src="app"
;;
*"update"*)
src="app-upgrade"
;;
*)
src=""
;;
esac
# If $src is not empty, let's process the asset
if [ ! -z "$src" ]; then
# Create the temporary directory # Create the temporary directory
tempdir="$(mktemp -d)" tempdir="$(mktemp -d)"
@ -89,27 +75,21 @@ filename=${asset_url##*/}
curl --silent -4 -L $asset_url -o "$tempdir/$filename" curl --silent -4 -L $asset_url -o "$tempdir/$filename"
checksum=$(sha256sum "$tempdir/$filename" | head -c 64) checksum=$(sha256sum "$tempdir/$filename" | head -c 64)
# Update manifest' source information in manifest
old_src_main_url=$(cat manifest.toml | tomlq -j '.resources.sources.main.url')
old_src_main_sha256=$(cat manifest.toml | tomlq -j '.resources.sources.main.sha256')
sed -i "s^$old_src_main_url^$asset_url^" # use alternate sed delimiter to avoid url escaping
sed -i "s/$old_src_main_sha256/$checksum/"
## Alternative less flexible
#sed -i "s/^\(\s*url\s\=\s\"\).*/\1$asset_url\"/"
#sed -i "s/^\(\s*sha256\s\=\s\"\).*/\1$checksum\"/"
## Alternative loosing manifest original's format (especially indentation) as yq currently does not apply automatic styling for toml, cf. https://github.com/kislyuk/yq/issues/164
#cat manifest.toml | tomlq -t --arg url "$asset_url" --arg sha256 "$checksum" '.resources.sources.main.url |= $url | .resources.sources.main.sha256 |= $sha256' > $tempdir/manifest.toml
#mv $tempdir/manifest.toml manifest.toml
# Delete temporary directory # Delete temporary directory
rm -rf $tempdir rm -rf $tempdir
# Get extension
if [[ $filename == *.tar.gz ]]; then
extension=tar.gz
else
extension=${filename##*.}
fi
# Rewrite source file
cat <<EOT > conf/$src.src
SOURCE_URL=$asset_url
SOURCE_SUM=$checksum
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=$extension
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=
EOT
echo "... conf/$src.src updated"
else else
echo "... asset ignored" echo "... asset ignored"
fi fi
@ -123,12 +103,15 @@ done
# Any action on the app's source code can be done. # Any action on the app's source code can be done.
# The GitHub Action workflow takes care of committing all changes after this script ends. # The GitHub Action workflow takes care of committing all changes after this script ends.
# Update nginx.conf index page
sed -i "s/^\s*index\sCyberChef.*/\ index CyberChef_v$version.html;/" conf/nginx.conf
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION
#================================================= #=================================================
# Replace new version in manifest # Replace new version in manifest
echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json sed -i "s/^version\s*=.*/version = \"$version~ynh1\"/" manifest.toml
# No need to update the README, yunohost-bot takes care of it # No need to update the README, yunohost-bot takes care of it

52
.github/workflows/updater.yml vendored Normal file
View file

@ -0,0 +1,52 @@
# This workflow allows GitHub Actions to automagically update your app whenever a new upstream release is detected.
# You need to enable Actions in your repository settings, and fetch this Action from the YunoHost-Apps organization.
# This file should be enough by itself, but feel free to tune it to your needs.
# It calls updater.sh, which is where you should put the app-specific update steps.
name: Check for new upstream releases
on:
# Allow to manually trigger the workflow
workflow_dispatch:
# Run it every day at 6:00 UTC
schedule:
- cron: '0 6 * * *'
jobs:
updater:
runs-on: ubuntu-latest
steps:
- name: Fetch the source code
uses: actions/checkout@v2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run the updater script
id: run_updater
run: |
# Setting up Git user
git config --global user.name 'yunohost-bot'
git config --global user.email 'yunohost-bot@users.noreply.github.com'
# Download yq/tomlq
pip install yq
# Run the updater script
/bin/bash .github/workflows/updater.sh
- name: Commit changes
id: commit
if: ${{ env.PROCEED == 'true' }}
run: |
git commit -am "Upgrade to v$VERSION"
- name: Create Pull Request
id: cpr
if: ${{ env.PROCEED == 'true' }}
uses: peter-evans/create-pull-request@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
commit-message: Update to version ${{ env.VERSION }}
committer: 'yunohost-bot <yunohost-bot@users.noreply.github.com>'
author: 'yunohost-bot <yunohost-bot@users.noreply.github.com>'
signoff: false
base: testing
branch: ci-auto-update-v${{ env.VERSION }}
delete-branch: true
title: 'Upgrade to version ${{ env.VERSION }}'
body: |
Upgrade to v${{ env.VERSION }}
[See upstream release page](https://github.com/${{ env.REPO }}/releases/tag/v${{ env.VERSION }})
draft: false