-
Notifications
You must be signed in to change notification settings - Fork 0
224 lines (212 loc) · 10.5 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
name: Push Notion to IPFS
on:
push:
branches: [ master, dev ]
jobs:
build:
name: Repo Build
runs-on: ubuntu-20.04
permissions:
contents: write
packages: write
id-token: write
pull-requests: write
container:
image: ghcr.io/kiracore/docker/base-image:v0.13.7
steps:
- name: Init Part 1
run: |
mkdir -p /github/home/.cache/pip
git config --global --add safe.directory /github/home/.cache/pip
git config --global --add safe.directory $PWD
echo "INDEX_MODE=redirect" >> $GITHUB_ENV
echo "SUBDOMAIN=testnet" >> $GITHUB_ENV
echo "DNS=kira.network" >> $GITHUB_ENV
echo "USERNAME=KiraCore" >> $GITHUB_ENV
echo "SOURCE_BRANCH=$(echo ${GITHUB_REF#refs/heads/})" >> $GITHUB_ENV
echo "DISTRO=${GITHUB_WORKSPACE}/loconotion/dist/notion" >> $GITHUB_ENV
echo "RELEASE=${GITHUB_WORKSPACE}/release" >> $GITHUB_ENV
# https://github.com/actions/checkout, v3.5.0
- name: Checkout loconotion
uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3
with:
repository: leoncvlt/loconotion
ref: eb86257da02c5f540a5336b4bc11b69a038c2633
path: loconotion
# https://github.com/actions/checkout, v3.5.0
- name: Checkout repo
uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3
with:
repository: "${{env.USERNAME}}/${{env.SUBDOMAIN}}.${{env.DNS}}"
ref: ${{ env.SOURCE_BRANCH }}
path: _site
- name: Init Part 2
run: |
VERSION="$(cat ./_site/version)" && echo "VERSION=$VERSION" >> $GITHUB_ENV
git ls-remote https://github.com/${{env.USERNAME}}/${{env.SUBDOMAIN}}.${{env.DNS}} | egrep -q "refs/tags/${VERSION}$" && echo "RELEASE_EXISTS=true" >> $GITHUB_ENV || echo "RELEASE_EXISTS=false" >> $GITHUB_ENV
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: 3.10.0
- name: Install Loconotion & Build
run: |
set -x
cd ./loconotion
pip install -r ./requirements.txt
rm -rfv ./dist "${{env.DISTRO}}" "${{env.RELEASE}}"
mkdir -p ./dist "${{env.DISTRO}}" "${{env.RELEASE}}"
cp -fv ../_site/config.toml ./site.toml
python loconotion "./site.toml" --chromedriver="/usr/bin/chromedriver" --clean --clean-css --clean-js --timeout="3600"
echo "${{env.SOURCE_BRANCH}}" > "${{env.RELEASE}}/source.txt"
echo "${{env.SUBDOMAIN}}.${{env.DNS}}" > "${{env.RELEASE}}/CNAME"
cp -fv ../_site/RELEASE.md "${{env.RELEASE}}/RELEASE.md"
cp -fv ../_site/LICENSE.md "${{env.RELEASE}}/LICENSE.md"
cp -fv ../_site/${INDEX_MODE}.html "${{env.RELEASE}}/index.html"
ls -a1 ../_site
bu echoInfo "INFO: Distro catalog files: "
ls -a1 "${{env.DISTRO}}"
bu echoInfo "INFO: Release catalog files: "
ls -a1 "${{env.RELEASE}}"
- name: Publish HTML to IPFS
shell: bash
run: |
set -x
bu timerStart "pin-timeout"
IPFS_HASH=""
IPFS_UPLOAD_NAME="www-${{env.SUBDOMAIN}}.${{env.DNS}}-${{env.SOURCE_BRANCH}}-${{env.VERSION}}"
CHECK_ELAPSED=0
while [[ $CHECK_ELAPSED -lt 300 ]] ; do
bu echoInfo "INFO: Attempting fils pin to IPFS, timeout in ${CHECK_ELAPSED}/900s..."
rm -fv ./ipfs-pin.log && touch ./ipfs-pin.log
ipfs-api pin "${{env.DISTRO}}" $IPFS_UPLOAD_NAME --key=${{secrets.PINATA_API_JWT}} --verbose=true --overwrite=true | tee -a ./ipfs-pin.log || bu echoWarn "WARNING: Failed to pin web app"
bu echoInfo "INFO: Attempting to read the CID..."
rm -fv ./ipfs-pinned.log && touch ./ipfs-pinned.log
ipfs-api pinned $IPFS_UPLOAD_NAME --key=${{secrets.PINATA_API_JWT}} --verbose=true | tee -a ./ipfs-pinned.log || bu echoWarn "WARNING: Failed to find pinned files"
IPFS_HASH=$(cat ./ipfs-pinned.log | tail -n 1 | bu jsonParse "rows.[0].ipfs_pin_hash" || echo "")
cat ./ipfs-pinned.log || bu echoErr "ERROR: Failed to print pin check error logs"
[ ! -z "$IPFS_HASH" ] && break
sleep 10
CHECK_ELAPSED=$(bu timerSpan "pin-timeout")
done
[ -z "$IPFS_HASH" ] && bu echoErr "ERROR: IPFS Upload Failed" && exit 1
echo "IPFS_HASH=$IPFS_HASH" >> $GITHUB_ENV
IPFS_HASH_SHORT=${IPFS_HASH::10}...${IPFS_HASH: -3}
echo "IPFS_HASH_SHORT=$IPFS_HASH_SHORT" >> $GITHUB_ENV
- name: Save changes to release folder
run: |
ZIP_FILENAME="${{env.SUBDOMAIN}}.${{env.DNS}}.zip"
cd "${{env.DISTRO}}"
rm -fv "./$ZIP_FILENAME"
zip -r "./$ZIP_FILENAME" ./*
echo "${{env.IPFS_HASH}}" > "${{env.RELEASE}}/ipfs-cid.txt"
TARGET_VAR="IPFS_CID"
REPLACE_VAR="${{env.IPFS_HASH}}"
ESCAPED_VAR=$(echo "$REPLACE_VAR" | sed 's/\//\\\//g; s/&/\\&/g; s/\?/\\?/g')
sed -i "s/$TARGET_VAR/$ESCAPED_VAR/g" "${{env.RELEASE}}/index.html"
TARGET_VAR="DNS_ADDRESS"
REPLACE_VAR="${{env.SUBDOMAIN}}.${{env.DNS}}"
ESCAPED_VAR=$(echo "$REPLACE_VAR" | sed 's/\//\\\//g; s/&/\\&/g; s/\?/\\?/g')
sed -i "s/$TARGET_VAR/$ESCAPED_VAR/g" "${{env.RELEASE}}/index.html"
TARGET_VAR="GITHUB_REPO"
REPLACE_VAR="https://github.com/${{env.USERNAME}}/${{env.SUBDOMAIN}}.${{env.DNS}}/releases/tag/${{env.VERSION}}"
ESCAPED_VAR=$(echo "$REPLACE_VAR" | sed 's/\//\\\//g; s/&/\\&/g; s/\?/\\?/g')
sed -i "s/$TARGET_VAR/$ESCAPED_VAR/g" "${{env.RELEASE}}/index.html"
- name: Publish release folder
uses: s0/git-publish-subdir-action@develop
env:
REPO: self
BRANCH: "${{ env.SOURCE_BRANCH }}-release"
FOLDER: "${{ env.RELEASE }}"
GITHUB_TOKEN: ${{ secrets.REPO_ACCESS }}
- name: Signing release files
shell: bash
env:
KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
run: |
cd "${{env.RELEASE}}"
ZIP_FILENAME="${{env.SUBDOMAIN}}.${{env.DNS}}.zip"
cp -fv "${{env.DISTRO}}/$ZIP_FILENAME" "${{env.RELEASE}}/html-web-site.zip"
echo -e "\n\r\n\rPublished web site:" >> ./RELEASE.md
echo -e " * Private Gateway: [ipfs.kira.network/ipfs/${{env.IPFS_HASH_SHORT}}](https://ipfs.kira.network/ipfs/${{env.IPFS_HASH}}/index.html)" >> ./RELEASE.md
echo -e " * Public Gateway: [ipfs.io/ipfs/${{env.IPFS_HASH_SHORT}}](https://ipfs.io/ipfs/${{env.IPFS_HASH}}/index.html)" >> ./RELEASE.md
echo -e "\n\r\n\r\`\`\`" >> ./RELEASE.md
echo -e " Release Versions: ${{env.VERSION}}" >> ./RELEASE.md
echo -e " Release Date Time: $(date --rfc-2822)" >> ./RELEASE.md
echo -e " Release CID Hash: ${{env.IPFS_HASH}}\n\r" >> ./RELEASE.md
echo " html-web-site.zip: sha256:$(sha256sum ./html-web-site.zip | awk '{ print $1 }')" >> ./RELEASE.md
echo " ipfs-cid.txt: sha256:$(sha256sum ./ipfs-cid.txt | awk '{ print $1 }')" >> ./RELEASE.md
echo " index.html: sha256:$(sha256sum ./index.html | awk '{ print $1 }')" >> ./RELEASE.md
echo -e "\`\`\`" >> ./RELEASE.md
echo "$KEY" > ../cosign.key
for FILE in *; do FILE_NAME=$(basename $FILE); cosign sign-blob --key=../cosign.key --output-signature=./${FILE_NAME}.sig ./$FILE_NAME --yes; done
shred -vzn 3 ../cosign.key || echo "WARNING: Failed to shred key file"
rm -fv ../cosign.key
ls -a1 "${{env.RELEASE}}"
# https://github.com/dev-drprasad/delete-tag-and-release, v1
- name: Delete old release
if: env.SOURCE_BRANCH == 'master'
uses: dev-drprasad/delete-tag-and-release@7550ea180f81ca0a875ee3c135b1f72ef66ff4b1
with:
tag_name: "${{env.VERSION}}"
delete_release: true
env:
GITHUB_TOKEN: ${{ secrets.REPO_ACCESS }}
# https://github.com/softprops/action-gh-release, v0.1.15
- name: Publish release
if: env.SOURCE_BRANCH == 'master'
uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844
with:
token: ${{secrets.REPO_ACCESS}}
body_path: "${{env.RELEASE}}/RELEASE.md"
tag_name: "${{env.VERSION}}"
name: "${{env.VERSION}}"
prerelease: false
draft: false
fail_on_unmatched_files: true
files: |
${{env.RELEASE}}/html-web-site.zip
${{env.RELEASE}}/html-web-site.zip.sig
${{env.RELEASE}}/ipfs-cid.txt
${{env.RELEASE}}/ipfs-cid.txt.sig
${{env.RELEASE}}/index.html
${{env.RELEASE}}/index.html.sig
- name: Cleanup
run: |
shred -vzn 3 ../cosign.key || echo "WARNING: Failed to shred key file"
rm -fv ../cosign.key
cd ${GITHUB_WORKSPACE}
rm -rfv ./*
- name: Download current version of the site
if: env.SOURCE_BRANCH == 'dev'
uses: actions/checkout@v3
with:
ref: dev
# https://github.com/crondaemon/close-pr, v1
- name: Close All PRs
if: env.SOURCE_BRANCH == 'dev'
uses: crondaemon/close-pr@881bf1f79f8f753f256bc0d4ece4d7b183b250fb
with:
comment: "This PR is obsolete, ${{env.SOURCE_BRANCH}} branch is ahead of your branch."
env:
GITHUB_TOKEN: ${{ secrets.REPO_ACCESS }}
- name: Create PR from dev to master branch
uses: cea2aj/pull-request@84eb0c3478f13651e5649367941b867ca02d7926
if: env.SOURCE_BRANCH == 'dev'
with:
github_token: ${{ secrets.REPO_ACCESS }}
source_branch: ${{ env.SOURCE_BRANCH }}
destination_branch: master
pr_title: "${{ env.SOURCE_BRANCH }} -> master"
pr_label: "kira-automation"
pr_allow_empty: true
pr_body: |
Web app was deployed to IPFS: ```${{env.IPFS_HASH}}```
* Private Gateway: [ipfs.${{env.DNS}}/ipfs/${{env.IPFS_HASH}}](https://ipfs.${{env.DNS}}/ipfs/${{env.IPFS_HASH}}/index.html)
* Public Gateway: [ipfs.io/ipfs/${{env.IPFS_HASH}}](https://ipfs.io/ipfs/${{env.IPFS_HASH}}/index.html)
- name: Cleanup all even if some tasks fail
shell: bash
continue-on-error: true
run: |
cd ${GITHUB_WORKSPACE} && rm -rfv ./*
echo "(current dir): $PWD" && ls -l ./