From 67d6c701baa804849abc53a78422a6da01358487 Mon Sep 17 00:00:00 2001 From: realaravinth Date: Mon, 15 Aug 2022 17:51:36 +0530 Subject: [PATCH] feat: publish libcache to dl.mcaptcha.org --- .github/workflows/linux.yml | 14 +++++ .gitignore | 1 + scripts/publish.sh | 114 ++++++++++++++++++++++++++++++++++++ 3 files changed, 129 insertions(+) create mode 100755 scripts/publish.sh diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 6d55d3b..2d9f942 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -33,6 +33,13 @@ jobs: /var/lib/docker key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} + + - name: configure GPG key + if: (github.ref == 'refs/heads/master' || github.event_name == 'push') && github.repository == 'mCaptcha/cache' + run: echo -n "$RELEASE_BOT_GPG_SIGNING_KEY" | gpg --batch --import --pinentry-mode loopback + env: + RELEASE_BOT_GPG_SIGNING_KEY: ${{ secrets.RELEASE_BOT_GPG_SIGNING_KEY }} + - name: Install ${{ matrix.version }} uses: actions-rs/toolchain@v1 with: @@ -68,3 +75,10 @@ jobs: - name: build and publish docker images if: (github.ref == 'refs/heads/master' || github.event_name == 'push') && github.repository == 'mCaptcha/cache' run: make docker + + - name: publish bins + if: (github.ref == 'refs/heads/master' || github.event_name == 'push') && github.repository == 'mCaptcha/cache' + run: ./scripts/publish.sh publish master latest $DUMBSERVE_PASSWORD + env: + DUMBSERVE_PASSWORD: ${{ secrets.DUMBSERVE_PASSWORD }} + GPG_PASSWORD: ${{ secrets.GPG_PASSWORD }} diff --git a/.gitignore b/.gitignore index ead4112..da80a3f 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,4 @@ tmp/ tarpaulin-report.html *.profraw +.env diff --git a/scripts/publish.sh b/scripts/publish.sh new file mode 100755 index 0000000..4331f75 --- /dev/null +++ b/scripts/publish.sh @@ -0,0 +1,114 @@ +#!/bin/bash +# Copyright (C) 2022 Aravinth Manivannan +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as +# published by the Free Software Foundation, either version 3 of the +# License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . + +# publish.sh: grab bin from docker container, pack, sign and upload +# $2: binary version +# $3: Docker img tag +# $4: dumbserve password + +set -xEeuo pipefail + +DUMBSERVE_USERNAME=mcaptcha +DUMBSERVE_PASSWORD=$4 +DUMBSERVE_HOST="https://$DUMBSERVE_USERNAME:$DUMBSERVE_PASSWORD@dl.mcaptcha.org" + +NAME=cache +KEY=0CBABF3084E84E867A76709750BE39D10ECE01FB + +TMP_DIR=$(mktemp -d) +FILENAME="$NAME-$2-linux-amd64" +TARBALL=$FILENAME.tar.gz +TARGET_DIR="$TMP_DIR/$FILENAME/" +mkdir -p $TARGET_DIR +DOCKER_IMG="mcaptcha/$NAME:$3" + + +get_bin(){ + echo "[*] Grabbing binary" + container_id=$(docker create $DOCKER_IMG) + docker cp $container_id:/usr/lib/redis/modules/libcache.so $TARGET_DIR/ + docker rm -v $container_id +} + +copy() { + echo "[*] Copying dist assets" + cp README.md $TARGET_DIR + cp LICENSE.md $TARGET_DIR + get_bin +} + + + +pack() { + echo "[*] Creating dist tarball" + pushd $TMP_DIR + tar -cvzf $TARBALL $FILENAME + popd +} + +checksum() { + echo "[*] Generating dist tarball checksum" + pushd $TMP_DIR + sha256sum $TARBALL > $TARBALL.sha256 + popd +} + +sign() { + echo "[*] Signing dist tarball checksum" + pushd $TMP_DIR + export GPG_TTY=$(tty) + gpg --verbose \ + --pinentry-mode loopback \ + --batch --yes \ + --passphrase $GPG_PASSWORD \ + --local-user $KEY \ + --output $TARBALL.asc \ + --sign --detach \ + --armor $TARBALL + popd +} + +delete_dir() { + curl --location --request DELETE "$DUMBSERVE_HOST/api/v1/files/delete" \ + --header 'Content-Type: application/json' \ + --data-raw "{ + \"path\": \"$1\" + }" +} + +upload_dist() { + upload_dir="$NAME/$1/" + delete_dir $upload_dir + + pushd $TMP_DIR + for file in $TARBALL $TARBALL.asc $TARBALL.sha256 + do + curl -v \ + -F upload=@$file \ + "$DUMBSERVE_HOST/api/v1/files/upload?path=$upload_dir" + done + popd +} + +publish() { + copy + pack + checksum + sign + upload_dist $2 +} + +$1 $@