diff --git a/.github/workflows/updater.sh b/.github/workflows/updater.sh new file mode 100644 index 0000000..977d7b8 --- /dev/null +++ b/.github/workflows/updater.sh @@ -0,0 +1,139 @@ +#!/bin/bash + +#================================================= +# PACKAGE UPDATING HELPER +#================================================= + +# This script is meant to be run by GitHub Actions +# The YunoHost-Apps organisation offers a template Action to run this script periodically +# Since each app is different, maintainers can adapt its contents so as to perform +# automatic actions when a new upstream release is detected. + +# Remove this exit command when you are ready to run this Action +#exit 1 + +#================================================= +# FETCHING LATEST RELEASE AND ITS ASSETS +#================================================= + +# Fetching information +current_version=$(cat manifest.json | jq -j '.version|split("~")[0]') +repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]') +# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions) +version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1) +webversion=$(curl --silent "https://api.github.com/repos/dani-garcia/bw_web_builds/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1) +assets=($(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '[ .[] | select(.tag_name=="'$version'").tarball_url ] | join(" ") | @sh' | tr -d "'")) +assets+=($(curl --silent "https://api.github.com/repos/dani-garcia/bw_web_builds/releases" | jq -r '[ .[] | select(.tag_name=="'$webversion'").tarball_url ] | join(" ") | @sh' | tr -d "'")) + +# Later down the script, we assume the version has only digits and dots +# Sometimes the release name starts with a "v", so let's filter it out. +# You may need more tweaks here if the upstream repository has different naming conventions. +if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then + version=${version:1} +fi + +# Setting up the environment variables +echo "Current version: $current_version" +echo "Latest release from upstream: $version" +echo "VERSION=$version" >> $GITHUB_ENV +# For the time being, let's assume the script will fail +echo "PROCEED=false" >> $GITHUB_ENV + +# Proceed only if the retrieved version is greater than the current one +if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then + echo "::warning ::No new version available" + exit 0 +# Proceed only if a PR for this new version does not already exist +elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then + echo "::warning ::A branch already exists for this update" + exit 0 +fi + +# Each release can hold multiple assets (e.g. binaries for different architectures, source code, etc.) +echo "${#assets[@]} available asset(s)" + +#================================================= +# UPDATE SOURCE FILES +#================================================= + +# Here we use the $assets variable to get the resources published in the upstream release. +# Here is an example for Grav, it has to be adapted in accordance with how the upstream releases look like. + +# Let's loop over the array of assets URLs +for asset_url in ${assets[@]}; do + + echo "Handling asset at $asset_url" + + # Assign the asset to a source file in conf/ directory + # Here we base the source file name upon a unique keyword in the assets url (admin vs. update) + # Leave $src empty to ignore the asset + case $asset_url in + *"vaultwarden"*) + src="app" + ;; + *"bw_web_builds"*) + src="web" + ;; + *) + src="" + ;; + esac + + # If $src is not empty, let's process the asset + if [ ! -z "$src" ]; then + + # Create the temporary directory + tempdir="$(mktemp -d)" + + # Download sources and calculate checksum + filename=${asset_url##*/} + curl --silent -4 -L $asset_url -o "$tempdir/$filename" + checksum=$(sha512sum "$tempdir/$filename" | head -c 64) + + # Delete temporary directory + rm -rf $tempdir + + # Get extension + if [[ $filename == *.tar.gz ]]; then + extension=tar.gz + else + extension=${filename##*.} + fi + + # Rewrite source file + cat < conf/$src.src +SOURCE_URL=$asset_url +SOURCE_SUM=$checksum +SOURCE_SUM_PRG=sha512sum +SOURCE_FORMAT=tar.gz +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= +SOURCE_EXTRACT=true +EOT + echo "... conf/$src.src updated" + + else + echo "... asset ignored" + fi + +done + +#================================================= +# SPECIFIC UPDATE STEPS +#================================================= + +# Any action on the app's source code can be done. +# The GitHub Action workflow takes care of committing all changes after this script ends. + +#================================================= +# GENERIC FINALIZATION +#================================================= + +# Replace new version in manifest +echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json + +# No need to update the README, yunohost-bot takes care of it + +# The Action will proceed only if the PROCEED environment variable is set to true +echo "PROCEED=true" >> $GITHUB_ENV +exit 0 diff --git a/.github/workflows/updater.yml b/.github/workflows/updater.yml new file mode 100644 index 0000000..5f1dcc1 --- /dev/null +++ b/.github/workflows/updater.yml @@ -0,0 +1,50 @@ +# This workflow allows GitHub Actions to automagically update your app whenever a new upstream release is detected. +# You need to enable Actions in your repository settings, and fetch this Action from the YunoHost-Apps organization. +# This file should be enough by itself, but feel free to tune it to your needs. +# It calls updater.sh, which is where you should put the app-specific update steps. +name: Check for new upstream releases +on: + # Allow to manually trigger the workflow + workflow_dispatch: + # Run it every day at 6:00 UTC + schedule: + - cron: '0 6 * * *' +jobs: + updater: + runs-on: ubuntu-latest + steps: + - name: Fetch the source code + uses: actions/checkout@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + - name: Run the updater script + id: run_updater + run: | + # Setting up Git user + git config --global user.name 'yunohost-bot' + git config --global user.email 'yunohost-bot@users.noreply.github.com' + # Run the updater script + /bin/bash .github/workflows/updater.sh + - name: Commit changes + id: commit + if: ${{ env.PROCEED == 'true' }} + run: | + git commit -am "Upgrade to v$VERSION" + - name: Create Pull Request + id: cpr + if: ${{ env.PROCEED == 'true' }} + uses: peter-evans/create-pull-request@v3 + with: + token: ${{ secrets.GITHUB_TOKEN }} + commit-message: Update to version ${{ env.VERSION }} + committer: 'yunohost-bot ' + author: 'yunohost-bot ' + signoff: false + base: testing + branch: ci-auto-update-v${{ env.VERSION }} + delete-branch: true + title: 'Upgrade to version ${{ env.VERSION }}' + body: | + Upgrade to v${{ env.VERSION }} + draft: false + diff --git a/README.md b/README.md index b8f7be6..83800d1 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal. -**Shipped version:** 1.23.0~ynh3 +**Shipped version:** 1.24.0~ynh1 **Demo:** https://vault.bitwarden.com/#/register diff --git a/README_fr.md b/README_fr.md index cbed329..e8ddaa3 100644 --- a/README_fr.md +++ b/README_fr.md @@ -13,7 +13,7 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal. -**Version incluse :** 1.23.0~ynh3 +**Version incluse :** 1.24.0~ynh1 **Démo :** https://vault.bitwarden.com/#/register diff --git a/check_process b/check_process index 1f0266c..9c6e306 100644 --- a/check_process +++ b/check_process @@ -25,6 +25,8 @@ upgrade=1 from_commit=703d5a9cb86d127c7723bb380d7c392a8eb9e703 # 1.23.0~ynh1 upgrade=1 from_commit=2808a3a8e985bb5431f6d8f2353b07201355afe4 + # 1.23.0~ynh3 + upgrade=1 from_commit=7492e0d21c795696f4ff44912edc199437d4bb71 backup_restore=1 multi_instance=1 port_already_use=0 @@ -43,3 +45,5 @@ Notification=all name=1.22.2~ynh1 ; commit=2808a3a8e985bb5431f6d8f2353b07201355afe4 name=1.23.0~ynh1 + ; commit=7492e0d21c795696f4ff44912edc199437d4bb71 + name=1.23.0~ynh3 diff --git a/conf/app.src b/conf/app.src index 9b7dbd3..54791f9 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://github.com/dani-garcia/vaultwarden/archive/1.23.0.tar.gz -SOURCE_SUM=2ddfe1c1cb36ab008de98c9674ee127140268f8b44dbd82a2193a25caa461a0133261c970eb8d8276eb9d0db9f24e3fd0fe6deeee7cc55e2d980b8c7188011fb +SOURCE_URL=https://github.com/dani-garcia/vaultwarden/archive/1.24.0.tar.gz +SOURCE_SUM=c28d9616c5519be5043822145a0cac8d4c550bd443bb2e6715580b316e8586a3892331a669bce1545c4263e143e6193617ac27e9b730a63225c0951d91bef97e SOURCE_SUM_PRG=sha512sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true diff --git a/conf/web.src b/conf/web.src index 33c13c2..6244d5c 100644 --- a/conf/web.src +++ b/conf/web.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://github.com/dani-garcia/bw_web_builds/releases/download/v2.24.1/bw_web_v2.24.1.tar.gz -SOURCE_SUM=f883f3746d245ad15816db477af35fba626ada420103b4b7ef54f062033b80384c71aed873a7db6800f906a3dd9afd4d8a9a0677142675e7eeac0285a3a8426e +SOURCE_URL=https://github.com/dani-garcia/bw_web_builds/releases/download/v2.25.1b/bw_web_v2.25.1b.tar.gz +SOURCE_SUM=1c86e81d0f1bb5e7fae7c3dfe860d3f92f87df6534c21b47e531b471644252cec0b54b07a818471828926266aa6dea50aa058de7c22f00766f9d86a36d76fd14 SOURCE_SUM_PRG=sha512sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true diff --git a/manifest.json b/manifest.json index b234f58..d6a355a 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Manage passwords and other sensitive informations", "fr": "Gérez les mots de passe et autres informations sensibles" }, - "version": "1.23.0~ynh3", + "version": "1.24.0~ynh1", "url": "https://github.com/dani-garcia/vaultwarden", "upstream": { "license": "GPL-3.0-or-later",