diff --git a/.github/workflows/updater.sh b/.github/workflows/updater.sh new file mode 100644 index 0000000..c938f96 --- /dev/null +++ b/.github/workflows/updater.sh @@ -0,0 +1,137 @@ +#!/bin/bash + +#================================================= +# PACKAGE UPDATING HELPER +#================================================= + +# This script is meant to be run by GitHub Actions +# The YunoHost-Apps organisation offers a template Action to run this script periodically +# Since each app is different, maintainers can adapt its contents so as to perform +# automatic actions when a new upstream release is detected. + +#================================================= +# FETCHING LATEST RELEASE AND ITS ASSETS +#================================================= + +# Fetching information +current_version=$(cat manifest.json | jq -j '.version|split("~")[0]') +repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]') +# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions) +version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1) +mc_version=$(curl --silent "https://api.github.com/repos/minio/mc/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1) + +# Later down the script, we assume the version has only digits and dots +# Sometimes the release name starts with a "v", so let's filter it out. +# You may need more tweaks here if the upstream repository has different naming conventions. +if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then + version=${version:1} +fi + +# Setting up the environment variables +echo "Current version: $current_version" +echo "Latest release from upstream: $version" +echo "VERSION=$version" >> $GITHUB_ENV +echo "REPO=$repo" >> $GITHUB_ENV +# For the time being, let's assume the script will fail +echo "PROCEED=false" >> $GITHUB_ENV + +# Proceed only if the retrieved version is greater than the current one +if [[ ! "$version" > "$current_version" ]] ; then + echo "::warning ::No new version available" + exit 0 +# Proceed only if a PR for this new version does not already exist +elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then + echo "::warning ::A branch already exists for this update" + exit 0 +fi + +#================================================= +# UPDATE SOURCE FILES +#================================================= + +# Here we use the $assets variable to get the resources published in the upstream release. +# Here is an example for Grav, it has to be adapted in accordance with how the upstream releases look like. + +# Let's loop over the array of assets URLs +for src in mc_amd64 mc_arm64 amd64 arm64; do + +case $src in + "amd64") + asset_url="https://dl.min.io/server/minio/release/linux-amd64/archive/minio.$version" + src_filename=minio + ;; + "arm64") + asset_url="https://dl.min.io/server/minio/release/linux-arm64/archive/minio.$version" + src_filename=minio + ;; + "mc_amd64") + asset_url="https://dl.min.io/client/mc/release/linux-amd64/archive/mc.$mc_version" + src_filename=mc + ;; + "mc_arm64") + asset_url="https://dl.min.io/client/mc/release/linux-arm64/archive/mc.$mc_version" + src_filename=mc + ;; +esac + +echo "Handling asset at $asset_url" + + +# If $src is not empty, let's process the asset +if [ ! -z "$src" ]; then + +# Create the temporary directory +tempdir="$(mktemp -d)" + +# Download sources and calculate checksum +filename=${asset_url##*/} +curl --silent -4 -L $asset_url -o "$tempdir/$filename" +checksum=$(sha256sum "$tempdir/$filename" | head -c 64) + +# Delete temporary directory +rm -rf $tempdir + +# Get extension +if [[ $filename == *.tar.gz ]]; then + extension=tar.gz +else + extension=${filename##*.} +fi + +# Rewrite source file +cat < conf/$src.src +SOURCE_URL=$asset_url +SOURCE_SUM=$checksum +SOURCE_SUM_PRG=sha256sum +SOURCE_IN_SUBDIR=false +SOURCE_FILENAME=$src_filename +SOURCE_EXTRACT=false +EOT +echo "... conf/$src.src updated" + +else +echo "... asset ignored" +fi + +done + +#================================================= +# SPECIFIC UPDATE STEPS +#================================================= + +# Any action on the app's source code can be done. +# The GitHub Action workflow takes care of committing all changes after this script ends. + +#================================================= +# GENERIC FINALIZATION +#================================================= + +# Replace new version in manifest +version=$(sed -E "s/RELEASE\.([0-9-]+)T.+/\1/g" <<< $version | sed -E "s/-/./g") +echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json + +# No need to update the README, yunohost-bot takes care of it + +# The Action will proceed only if the PROCEED environment variable is set to true +echo "PROCEED=true" >> $GITHUB_ENV +exit 0 diff --git a/.github/workflows/updater.yml b/.github/workflows/updater.yml new file mode 100644 index 0000000..5b11796 --- /dev/null +++ b/.github/workflows/updater.yml @@ -0,0 +1,50 @@ +# This workflow allows GitHub Actions to automagically update your app whenever a new upstream release is detected. +# You need to enable Actions in your repository settings, and fetch this Action from the YunoHost-Apps organization. +# This file should be enough by itself, but feel free to tune it to your needs. +# It calls updater.sh, which is where you should put the app-specific update steps. +name: Check for new upstream releases +on: + # Allow to manually trigger the workflow + workflow_dispatch: + # Run it at 6:00 UTC every 1st or 15th of the month + schedule: + - cron: '0 6 1,15 * *' +jobs: + updater: + runs-on: ubuntu-latest + steps: + - name: Fetch the source code + uses: actions/checkout@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + - name: Run the updater script + id: run_updater + run: | + # Setting up Git user + git config --global user.name 'yunohost-bot' + git config --global user.email 'yunohost-bot@users.noreply.github.com' + # Run the updater script + /bin/bash .github/workflows/updater.sh + - name: Commit changes + id: commit + if: ${{ env.PROCEED == 'true' }} + run: | + git commit -am "Upgrade to v$VERSION" + - name: Create Pull Request + id: cpr + if: ${{ env.PROCEED == 'true' }} + uses: peter-evans/create-pull-request@v3 + with: + token: ${{ secrets.GITHUB_TOKEN }} + commit-message: Update to version ${{ env.VERSION }} + committer: 'yunohost-bot ' + author: 'yunohost-bot ' + signoff: false + base: testing + branch: ci-auto-update-v${{ env.VERSION }} + delete-branch: true + title: 'Upgrade to version ${{ env.VERSION }}' + body: | + Upgrade to v${{ env.VERSION }} + draft: false + diff --git a/check_process b/check_process index 565f9f1..fa8fdb1 100644 --- a/check_process +++ b/check_process @@ -12,7 +12,7 @@ setup_private=1 setup_public=1 upgrade=1 - #upgrade=1 from_commit=CommitHash + upgrade=1 from_commit=1ef6a65e00dbb39dac8919cf6c5f4313fea8462e backup_restore=1 multi_instance=0 port_already_use=0 diff --git a/conf/amd64.src b/conf/amd64.src index cbe01d1..d126eba 100644 --- a/conf/amd64.src +++ b/conf/amd64.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://dl.min.io/server/minio/release/linux-amd64/archive/minio.RELEASE.2022-11-11T03-44-20Z -SOURCE_SUM=990f0ef0dcccff1210c6e97584279926f6a16e35a0d91d2802046052a9d356e2 +SOURCE_URL=https://dl.min.io/server/minio/release/linux-amd64/archive/minio.RELEASE.2023-01-25T00-19-54Z +SOURCE_SUM=e7d44bb2f808d9ada43c7b1a677b3ae8e336f5be442992cd35a1b89e545c76d5 SOURCE_SUM_PRG=sha256sum SOURCE_IN_SUBDIR=false SOURCE_FILENAME=minio diff --git a/conf/arm64.src b/conf/arm64.src index c48f40f..6e613a6 100644 --- a/conf/arm64.src +++ b/conf/arm64.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://dl.min.io/server/minio/release/linux-arm64/archive/minio.RELEASE.2022-11-11T03-44-20Z -SOURCE_SUM=625e4f543b2c33e44d3f4467a129af39be91cb51de94b42d55a01f8723a5d806 +SOURCE_URL=https://dl.min.io/server/minio/release/linux-arm64/archive/minio.RELEASE.2023-01-25T00-19-54Z +SOURCE_SUM=a927c48815c1f077dd8228734275a521c2299de1aa28bc8972585e3addd59c3f SOURCE_SUM_PRG=sha256sum SOURCE_IN_SUBDIR=false SOURCE_FILENAME=minio diff --git a/conf/mc_amd64.src b/conf/mc_amd64.src index 38bcf76..904ef69 100644 --- a/conf/mc_amd64.src +++ b/conf/mc_amd64.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://dl.min.io/client/mc/release/linux-amd64/archive/mc.RELEASE.2022-11-07T23-47-39Z -SOURCE_SUM=85ad97a2ceea6b54fc856293bffe964f56c362b747b5b9d07cccfaae5c746ffa +SOURCE_URL=https://dl.min.io/client/mc/release/linux-amd64/archive/mc.RELEASE.2022-12-24T15-21-38Z +SOURCE_SUM=8274f56d3ca69b2538fd818ff53a793c2fe1fc568489d97ee74d463123536aa6 SOURCE_SUM_PRG=sha256sum SOURCE_IN_SUBDIR=false SOURCE_FILENAME=mc diff --git a/conf/mc_arm64.src b/conf/mc_arm64.src index 4e12520..ac46f4e 100644 --- a/conf/mc_arm64.src +++ b/conf/mc_arm64.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://dl.min.io/client/mc/release/linux-arm64/archive/mc.RELEASE.2022-11-07T23-47-39Z -SOURCE_SUM=2e53b27e0efbfceda6a1b5e85862ea4355fae101246e152cc6f3c0a45a371ab2 +SOURCE_URL=https://dl.min.io/client/mc/release/linux-arm64/archive/mc.RELEASE.2022-12-24T15-21-38Z +SOURCE_SUM=5a29fb81e9a7d75b0afca9fbccfca6eba6c54e7dcefbe8b0ac662bc7a70e089a SOURCE_SUM_PRG=sha256sum SOURCE_IN_SUBDIR=false SOURCE_FILENAME=mc diff --git a/conf/nginx.conf b/conf/nginx.conf index 6dac43f..d699684 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,9 +1,10 @@ rewrite ^$ /; -location ~ ^(/api|/images|/Loader.svg|/apple-icon-180x180.png|/favicon-96x96.png|/favicon-16x16.png|/favicon-32x32.png|/login|/styles|/static|/manifest.json|/$) { +location ~ ^(/ws|/api|/images|/Loader.svg|/apple-icon-180x180.png|/favicon-96x96.png|/favicon-16x16.png|/favicon-32x32.png|/login|/styles|/static|/manifest.json|/$) { proxy_pass http://127.0.0.1:__CONSOLE_PORT__; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; proxy_cache_bypass $http_upgrade; proxy_ignore_client_abort on; client_max_body_size 200M; diff --git a/manifest.json b/manifest.json index 5d45869..a287fb5 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "High Performance, Kubernetes Native Object Storage", "fr": "Serveur de stockage d'objets hautes performances" }, - "version": "2022.11.11~ynh1", + "version": "2023.01.11~ynh1", "url": "https://min.io/", "upstream": { "license": "AGPL-3.0-only", @@ -47,4 +47,4 @@ } ] } -} \ No newline at end of file +} diff --git a/scripts/install b/scripts/install index 65739c5..0f618ce 100755 --- a/scripts/install +++ b/scripts/install @@ -187,7 +187,7 @@ ynh_systemd_action --service_name=nginx --action=reload ynh_script_progression --message="Configuring MinIO client..." --weight=1 pushd $mc_path - ynh_exec_warn_less sudo -u $app ./mc alias set minio "http://127.0.0.1:$port" "$admin" "$password" --api S3v4 + ynh_exec_warn_less sudo -u $app ./mc --no-color alias set minio "http://127.0.0.1:$port" "$admin" "$password" --api S3v4 popd #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index a620f00..d3027c7 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -58,11 +58,6 @@ ynh_script_progression --message="Stopping a systemd service..." --weight=2 ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" -#================================================= -# ENSURE DOWNWARD COMPATIBILITY -#================================================= -ynh_script_progression --message="Ensuring downward compatibility..." - #================================================= # CREATE DEDICATED USER #================================================= @@ -153,9 +148,44 @@ ynh_systemd_action --service_name=nginx --action=reload ynh_script_progression --message="Configuring MinIO client..." --weight=1 pushd $mc_path - ynh_exec_warn_less sudo -u $app ./mc alias set minio "https://$domain" "$admin" "$password" --api S3v4 + ynh_exec_warn_less sudo -u $app ./mc --no-color alias set minio "https://$domain" "$admin" "$password" --api S3v4 popd +#================================================= +# ENSURE DOWNWARD COMPATIBILITY +#================================================= +ynh_script_progression --message="Ensuring downward compatibility..." + +if ynh_compare_current_package_version --comparison lt --version 2022.12.12~ynh1 +then + ynh_script_progression --message="Migration from Filesystem to Single-Node Single-Drive mode" + pushd $datadir + for d in * ; do + if [ "$d" == "*" ] + then + ynh_script_progression --message="No buckets to migrate" + else + ynh_script_progression --message="Migrating bucket $d" + mv "$d" "DATA_$d" + pushd $mc_path + ynh_exec_warn_less sudo -u $app ./mc mb minio/"$d" + ynh_exec_warn_less sudo -u $app ./mc mirror --preserve "$datadir/DATA_$d" minio/"$d" + # This is a hack, but it will make outline_ynh users' lifes much easier ! + if [ "$d" == "outlinestorage" ] + then + ynh_exec_warn_less sudo -u $app ./mc policy set public minio/outlinestorage + else + ynh_script_progression --message="Bucket is migrated and objects are now mirrored. However, make sure to set properly access policy of bucket $d. That part of the migration can't be automated, sorry ! You can log into the minio console to perform your changes." + fi + popd + ynh_secure_remove --file="DATA_$d" + fi + done + popd +else + ynh_script_progression --message="No migration required" +fi + #================================================= # END OF SCRIPT #=================================================