Merge pull request #9 from KiraCore/dev #19
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Push Notion to IPFS | |
| on: | |
| push: | |
| branches: [ master, dev ] | |
| jobs: | |
| build: | |
| name: Repo Build | |
| runs-on: ubuntu-20.04 | |
| permissions: | |
| contents: write | |
| packages: write | |
| id-token: write | |
| pull-requests: write | |
| container: | |
| image: ghcr.io/kiracore/docker/base-image:v0.13.7 | |
| steps: | |
| - name: Init Part 1 | |
| run: | | |
| mkdir -p /github/home/.cache/pip | |
| git config --global --add safe.directory /github/home/.cache/pip | |
| git config --global --add safe.directory $PWD | |
| echo "INDEX_MODE=redirect" >> $GITHUB_ENV | |
| echo "SUBDOMAIN=testnet" >> $GITHUB_ENV | |
| echo "DNS=kira.network" >> $GITHUB_ENV | |
| echo "USERNAME=KiraCore" >> $GITHUB_ENV | |
| echo "SOURCE_BRANCH=$(echo ${GITHUB_REF#refs/heads/})" >> $GITHUB_ENV | |
| echo "DISTRO=${GITHUB_WORKSPACE}/loconotion/dist/notion" >> $GITHUB_ENV | |
| echo "RELEASE=${GITHUB_WORKSPACE}/release" >> $GITHUB_ENV | |
| # https://github.com/actions/checkout, v3.5.0 | |
| - name: Checkout loconotion | |
| uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 | |
| with: | |
| repository: leoncvlt/loconotion | |
| ref: eb86257da02c5f540a5336b4bc11b69a038c2633 | |
| path: loconotion | |
| # https://github.com/actions/checkout, v3.5.0 | |
| - name: Checkout repo | |
| uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 | |
| with: | |
| repository: "${{env.USERNAME}}/${{env.SUBDOMAIN}}.${{env.DNS}}" | |
| ref: ${{ env.SOURCE_BRANCH }} | |
| path: _site | |
| - name: Init Part 2 | |
| run: | | |
| VERSION="$(cat ./_site/version)" && echo "VERSION=$VERSION" >> $GITHUB_ENV | |
| git ls-remote https://github.com/${{env.USERNAME}}/${{env.SUBDOMAIN}}.${{env.DNS}} | egrep -q "refs/tags/${VERSION}$" && echo "RELEASE_EXISTS=true" >> $GITHUB_ENV || echo "RELEASE_EXISTS=false" >> $GITHUB_ENV | |
| - name: Set up Python | |
| uses: actions/setup-python@v2 | |
| with: | |
| python-version: 3.10.0 | |
| - name: Install Loconotion & Build | |
| run: | | |
| set -x | |
| cd ./loconotion | |
| pip install -r ./requirements.txt | |
| rm -rfv ./dist "${{env.DISTRO}}" "${{env.RELEASE}}" | |
| mkdir -p ./dist "${{env.DISTRO}}" "${{env.RELEASE}}" | |
| cp -fv ../_site/config.toml ./site.toml | |
| python loconotion "./site.toml" --chromedriver="/usr/bin/chromedriver" --clean --clean-css --clean-js --timeout="3600" | |
| echo "${{env.SOURCE_BRANCH}}" > "${{env.RELEASE}}/source.txt" | |
| echo "${{env.SUBDOMAIN}}.${{env.DNS}}" > "${{env.RELEASE}}/CNAME" | |
| cp -fv ../_site/RELEASE.md "${{env.RELEASE}}/RELEASE.md" | |
| cp -fv ../_site/LICENSE.md "${{env.RELEASE}}/LICENSE.md" | |
| cp -fv ../_site/${INDEX_MODE}.html "${{env.RELEASE}}/index.html" | |
| ls -a1 ../_site | |
| bu echoInfo "INFO: Distro catalog files: " | |
| ls -a1 "${{env.DISTRO}}" | |
| bu echoInfo "INFO: Release catalog files: " | |
| ls -a1 "${{env.RELEASE}}" | |
| - name: Publish HTML to IPFS | |
| shell: bash | |
| run: | | |
| set -x | |
| bu timerStart "pin-timeout" | |
| IPFS_HASH="" | |
| IPFS_UPLOAD_NAME="www-${{env.SUBDOMAIN}}.${{env.DNS}}-${{env.SOURCE_BRANCH}}-${{env.VERSION}}" | |
| CHECK_ELAPSED=0 | |
| while [[ $CHECK_ELAPSED -lt 300 ]] ; do | |
| bu echoInfo "INFO: Attempting fils pin to IPFS, timeout in ${CHECK_ELAPSED}/900s..." | |
| rm -fv ./ipfs-pin.log && touch ./ipfs-pin.log | |
| ipfs-api pin "${{env.DISTRO}}" $IPFS_UPLOAD_NAME --key=${{secrets.PINATA_API_JWT}} --verbose=true --overwrite=true | tee -a ./ipfs-pin.log || bu echoWarn "WARNING: Failed to pin web app" | |
| bu echoInfo "INFO: Attempting to read the CID..." | |
| rm -fv ./ipfs-pinned.log && touch ./ipfs-pinned.log | |
| ipfs-api pinned $IPFS_UPLOAD_NAME --key=${{secrets.PINATA_API_JWT}} --verbose=true | tee -a ./ipfs-pinned.log || bu echoWarn "WARNING: Failed to find pinned files" | |
| IPFS_HASH=$(cat ./ipfs-pinned.log | tail -n 1 | bu jsonParse "rows.[0].ipfs_pin_hash" || echo "") | |
| cat ./ipfs-pinned.log || bu echoErr "ERROR: Failed to print pin check error logs" | |
| [ ! -z "$IPFS_HASH" ] && break | |
| sleep 10 | |
| CHECK_ELAPSED=$(bu timerSpan "pin-timeout") | |
| done | |
| [ -z "$IPFS_HASH" ] && bu echoErr "ERROR: IPFS Upload Failed" && exit 1 | |
| echo "IPFS_HASH=$IPFS_HASH" >> $GITHUB_ENV | |
| IPFS_HASH_SHORT=${IPFS_HASH::10}...${IPFS_HASH: -3} | |
| echo "IPFS_HASH_SHORT=$IPFS_HASH_SHORT" >> $GITHUB_ENV | |
| - name: Save changes to release folder | |
| run: | | |
| ZIP_FILENAME="${{env.SUBDOMAIN}}.${{env.DNS}}.zip" | |
| cd "${{env.DISTRO}}" | |
| rm -fv "./$ZIP_FILENAME" | |
| zip -r "./$ZIP_FILENAME" ./* | |
| echo "${{env.IPFS_HASH}}" > "${{env.RELEASE}}/ipfs-cid.txt" | |
| TARGET_VAR="IPFS_CID" | |
| REPLACE_VAR="${{env.IPFS_HASH}}" | |
| ESCAPED_VAR=$(echo "$REPLACE_VAR" | sed 's/\//\\\//g; s/&/\\&/g; s/\?/\\?/g') | |
| sed -i "s/$TARGET_VAR/$ESCAPED_VAR/g" "${{env.RELEASE}}/index.html" | |
| TARGET_VAR="DNS_ADDRESS" | |
| REPLACE_VAR="${{env.SUBDOMAIN}}.${{env.DNS}}" | |
| ESCAPED_VAR=$(echo "$REPLACE_VAR" | sed 's/\//\\\//g; s/&/\\&/g; s/\?/\\?/g') | |
| sed -i "s/$TARGET_VAR/$ESCAPED_VAR/g" "${{env.RELEASE}}/index.html" | |
| TARGET_VAR="GITHUB_REPO" | |
| REPLACE_VAR="https://github.com/${{env.USERNAME}}/${{env.SUBDOMAIN}}.${{env.DNS}}/releases/tag/${{env.VERSION}}" | |
| ESCAPED_VAR=$(echo "$REPLACE_VAR" | sed 's/\//\\\//g; s/&/\\&/g; s/\?/\\?/g') | |
| sed -i "s/$TARGET_VAR/$ESCAPED_VAR/g" "${{env.RELEASE}}/index.html" | |
| - name: Publish release folder | |
| uses: s0/git-publish-subdir-action@develop | |
| env: | |
| REPO: self | |
| BRANCH: "${{ env.SOURCE_BRANCH }}-release" | |
| FOLDER: "${{ env.RELEASE }}" | |
| GITHUB_TOKEN: ${{ secrets.REPO_ACCESS }} | |
| - name: Signing release files | |
| shell: bash | |
| env: | |
| KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} | |
| COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} | |
| run: | | |
| cd "${{env.RELEASE}}" | |
| ZIP_FILENAME="${{env.SUBDOMAIN}}.${{env.DNS}}.zip" | |
| cp -fv "${{env.DISTRO}}/$ZIP_FILENAME" "${{env.RELEASE}}/html-web-site.zip" | |
| echo -e "\n\r\n\rPublished web site:" >> ./RELEASE.md | |
| echo -e " * Private Gateway: [ipfs.kira.network/ipfs/${{env.IPFS_HASH_SHORT}}](https://ipfs.kira.network/ipfs/${{env.IPFS_HASH}}/index.html)" >> ./RELEASE.md | |
| echo -e " * Public Gateway: [ipfs.io/ipfs/${{env.IPFS_HASH_SHORT}}](https://ipfs.io/ipfs/${{env.IPFS_HASH}}/index.html)" >> ./RELEASE.md | |
| echo -e "\n\r\n\r\`\`\`" >> ./RELEASE.md | |
| echo -e " Release Versions: ${{env.VERSION}}" >> ./RELEASE.md | |
| echo -e " Release Date Time: $(date --rfc-2822)" >> ./RELEASE.md | |
| echo -e " Release CID Hash: ${{env.IPFS_HASH}}\n\r" >> ./RELEASE.md | |
| echo " html-web-site.zip: sha256:$(sha256sum ./html-web-site.zip | awk '{ print $1 }')" >> ./RELEASE.md | |
| echo " ipfs-cid.txt: sha256:$(sha256sum ./ipfs-cid.txt | awk '{ print $1 }')" >> ./RELEASE.md | |
| echo " index.html: sha256:$(sha256sum ./index.html | awk '{ print $1 }')" >> ./RELEASE.md | |
| echo -e "\`\`\`" >> ./RELEASE.md | |
| echo "$KEY" > ../cosign.key | |
| for FILE in *; do FILE_NAME=$(basename $FILE); cosign sign-blob --key=../cosign.key --output-signature=./${FILE_NAME}.sig ./$FILE_NAME --yes; done | |
| shred -vzn 3 ../cosign.key || echo "WARNING: Failed to shred key file" | |
| rm -fv ../cosign.key | |
| ls -a1 "${{env.RELEASE}}" | |
| # https://github.com/dev-drprasad/delete-tag-and-release, v1 | |
| - name: Delete old release | |
| if: env.SOURCE_BRANCH == 'master' | |
| uses: dev-drprasad/delete-tag-and-release@7550ea180f81ca0a875ee3c135b1f72ef66ff4b1 | |
| with: | |
| tag_name: "${{env.VERSION}}" | |
| delete_release: true | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.REPO_ACCESS }} | |
| # https://github.com/softprops/action-gh-release, v0.1.15 | |
| - name: Publish release | |
| if: env.SOURCE_BRANCH == 'master' | |
| uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 | |
| with: | |
| token: ${{secrets.REPO_ACCESS}} | |
| body_path: "${{env.RELEASE}}/RELEASE.md" | |
| tag_name: "${{env.VERSION}}" | |
| name: "${{env.VERSION}}" | |
| prerelease: false | |
| draft: false | |
| fail_on_unmatched_files: true | |
| files: | | |
| ${{env.RELEASE}}/html-web-site.zip | |
| ${{env.RELEASE}}/html-web-site.zip.sig | |
| ${{env.RELEASE}}/ipfs-cid.txt | |
| ${{env.RELEASE}}/ipfs-cid.txt.sig | |
| ${{env.RELEASE}}/index.html | |
| ${{env.RELEASE}}/index.html.sig | |
| - name: Cleanup | |
| run: | | |
| shred -vzn 3 ../cosign.key || echo "WARNING: Failed to shred key file" | |
| rm -fv ../cosign.key | |
| cd ${GITHUB_WORKSPACE} | |
| rm -rfv ./* | |
| - name: Download current version of the site | |
| if: env.SOURCE_BRANCH == 'dev' | |
| uses: actions/checkout@v3 | |
| with: | |
| ref: dev | |
| # https://github.com/crondaemon/close-pr, v1 | |
| - name: Close All PRs | |
| if: env.SOURCE_BRANCH == 'dev' | |
| uses: crondaemon/close-pr@881bf1f79f8f753f256bc0d4ece4d7b183b250fb | |
| with: | |
| comment: "This PR is obsolete, ${{env.SOURCE_BRANCH}} branch is ahead of your branch." | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.REPO_ACCESS }} | |
| - name: Create PR from dev to master branch | |
| uses: cea2aj/pull-request@84eb0c3478f13651e5649367941b867ca02d7926 | |
| if: env.SOURCE_BRANCH == 'dev' | |
| with: | |
| github_token: ${{ secrets.REPO_ACCESS }} | |
| source_branch: ${{ env.SOURCE_BRANCH }} | |
| destination_branch: master | |
| pr_title: "${{ env.SOURCE_BRANCH }} -> master" | |
| pr_label: "kira-automation" | |
| pr_allow_empty: true | |
| pr_body: | | |
| Web app was deployed to IPFS: ```${{env.IPFS_HASH}}``` | |
| * Private Gateway: [ipfs.${{env.DNS}}/ipfs/${{env.IPFS_HASH}}](https://ipfs.${{env.DNS}}/ipfs/${{env.IPFS_HASH}}/index.html) | |
| * Public Gateway: [ipfs.io/ipfs/${{env.IPFS_HASH}}](https://ipfs.io/ipfs/${{env.IPFS_HASH}}/index.html) | |
| - name: Cleanup all even if some tasks fail | |
| shell: bash | |
| continue-on-error: true | |
| run: | | |
| cd ${GITHUB_WORKSPACE} && rm -rfv ./* | |
| echo "(current dir): $PWD" && ls -l ./ |