From 25a6251a08987c44adca0de9fc1dca75ca509a60 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Tue, 28 Mar 2023 01:03:32 +0200 Subject: [PATCH 1/2] New source autoupdate mechanism --- .github/workflows/updater.sh | 137 ----------------------------------- manifest.toml | 6 ++ 2 files changed, 6 insertions(+), 137 deletions(-) delete mode 100755 .github/workflows/updater.sh diff --git a/.github/workflows/updater.sh b/.github/workflows/updater.sh deleted file mode 100755 index 72eb5cb..0000000 --- a/.github/workflows/updater.sh +++ /dev/null @@ -1,137 +0,0 @@ -#!/bin/bash - -#================================================= -# PACKAGE UPDATING HELPER -#================================================= - -# This script is meant to be run by GitHub Actions -# The YunoHost-Apps organisation offers a template Action to run this script periodically -# Since each app is different, maintainers can adapt its contents so as to perform -# automatic actions when a new upstream release is detected. - -# Remove this exit command when you are ready to run this Action -exit 1 - -#================================================= -# FETCHING LATEST RELEASE AND ITS ASSETS -#================================================= - -# Fetching information -current_version=$(cat manifest.json | jq -j '.version|split("~")[0]') -repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]') -# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions) -version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1) -assets=($(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '[ .[] | select(.tag_name=="'$version'").assets[].browser_download_url ] | join(" ") | @sh' | tr -d "'")) - -# Later down the script, we assume the version has only digits and dots -# Sometimes the release name starts with a "v", so let's filter it out. -# You may need more tweaks here if the upstream repository has different naming conventions. -if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then - version=${version:1} -fi - -# Setting up the environment variables -echo "Current version: $current_version" -echo "Latest release from upstream: $version" -echo "VERSION=$version" >> $GITHUB_ENV -echo "REPO=$repo" >> $GITHUB_ENV -# For the time being, let's assume the script will fail -echo "PROCEED=false" >> $GITHUB_ENV - -# Proceed only if the retrieved version is greater than the current one -if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then - echo "::warning ::No new version available" - exit 0 -# Proceed only if a PR for this new version does not already exist -elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then - echo "::warning ::A branch already exists for this update" - exit 0 -fi - -# Each release can hold multiple assets (e.g. binaries for different architectures, source code, etc.) -echo "${#assets[@]} available asset(s)" - -#================================================= -# UPDATE SOURCE FILES -#================================================= - -# Here we use the $assets variable to get the resources published in the upstream release. -# Here is an example for Grav, it has to be adapted in accordance with how the upstream releases look like. - -# Let's loop over the array of assets URLs -for asset_url in ${assets[@]}; do - -echo "Handling asset at $asset_url" - -# Assign the asset to a source file in conf/ directory -# Here we base the source file name upon a unique keyword in the assets url (admin vs. update) -# Leave $src empty to ignore the asset -case $asset_url in - *"admin"*) - src="app" - ;; - *"update"*) - src="app-upgrade" - ;; - *) - src="" - ;; -esac - -# If $src is not empty, let's process the asset -if [ ! -z "$src" ]; then - -# Create the temporary directory -tempdir="$(mktemp -d)" - -# Download sources and calculate checksum -filename=${asset_url##*/} -curl --silent -4 -L $asset_url -o "$tempdir/$filename" -checksum=$(sha256sum "$tempdir/$filename" | head -c 64) - -# Delete temporary directory -rm -rf $tempdir - -# Get extension -if [[ $filename == *.tar.gz ]]; then - extension=tar.gz -else - extension=${filename##*.} -fi - -# Rewrite source file -cat < conf/$src.src -SOURCE_URL=$asset_url -SOURCE_SUM=$checksum -SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT=$extension -SOURCE_IN_SUBDIR=true -SOURCE_FILENAME= -EOT -echo "... conf/$src.src updated" - -else -echo "... asset ignored" -fi - -done - -#================================================= -# SPECIFIC UPDATE STEPS -#================================================= - -# Any action on the app's source code can be done. -# The GitHub Action workflow takes care of committing all changes after this script ends. - -#================================================= -# GENERIC FINALIZATION -#================================================= - -# Replace new version in manifest -echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json - -# No need to update the README, yunohost-bot takes care of it - -# The Action will proceed only if the PROCEED environment variable is set to true -echo "PROCEED=true" >> $GITHUB_ENV -exit 0 diff --git a/manifest.toml b/manifest.toml index b139caf..4996328 100644 --- a/manifest.toml +++ b/manifest.toml @@ -83,6 +83,12 @@ ram.runtime = "50M" url = "https://github.com/foo/bar/archive/refs/tags/v1.2.3.tar.gz" sha256 = "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef" + # These infos are used by https://github.com/YunoHost/apps/blob/master/tools/autoupdate_app_sources/autoupdate_app_sources.py + # to auto-update the previous asset urls and sha256sum + manifest version + # assuming the upstream's code repo is on github and relies on tags or releases + # See the 'sources' resource documentation for more details + autoupdate.strategy = "latest_github_tag" + [resources.system_user] # This will provision/deprovision a unix system user From 30e5c2795224e455c31e8379ac37400dfda565b9 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Tue, 28 Mar 2023 01:06:12 +0200 Subject: [PATCH 2/2] Actuall ... let's comment the autoupdate.strategy line so people explicitly enable it when they think it's relevant --- manifest.toml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/manifest.toml b/manifest.toml index 4996328..a68f3b8 100644 --- a/manifest.toml +++ b/manifest.toml @@ -87,7 +87,8 @@ ram.runtime = "50M" # to auto-update the previous asset urls and sha256sum + manifest version # assuming the upstream's code repo is on github and relies on tags or releases # See the 'sources' resource documentation for more details - autoupdate.strategy = "latest_github_tag" + + # autoupdate.strategy = "latest_github_tag" [resources.system_user] # This will provision/deprovision a unix system user