-
Notifications
You must be signed in to change notification settings - Fork 2
206 lines (182 loc) · 8.83 KB
/
org.update.yml
File metadata and controls
206 lines (182 loc) · 8.83 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
name: org.update
on:
workflow_dispatch:
inputs:
etc:
description: 'base64 encoded json string'
required: true
release:
description: 'create a release'
required: false
default: 'true'
readme:
description: 'create a readme'
required: false
default: 'true'
jobs:
update:
runs-on: ubuntu-latest
permissions:
actions: read
contents: write
steps:
- name: init / checkout
uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2
with:
ref: 'master'
fetch-depth: 0
- name: update / setup node
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020
with:
node-version: '20'
- run: npm i semver
- name: update / compare latest with current version
uses: actions/github-script@62c3794a3eb6788d9a2a72b219504732c0c9a298
with:
script: |
(async()=>{
const { Buffer } = require('node:buffer');
const { inspect } = require('node:util');
const { existsSync, readFileSync, writeFileSync } = require('node:fs');
const { resolve } = require('node:path');
const semver = require('semver');
const semverExceptions = (s) => {
switch('${{ github.event.repository.name }}'){
case 'docker-chrony': core.warning(`semver exception found for chrony version ${s}, setting version to major.minor`); return(s.split('.').slice(0, 2).join('.'));
}
return(s);
}
// defaults
const json = `${{ toJSON(github.event.inputs) }}`;
const job = {inputs:{}, json:{}};
// check if inputs is valid base64 encoded json
try{
if(json.length > 0){
const n = JSON.parse(json);
if(n?.etc){
try{
job.inputs = JSON.parse(Buffer.from(n.etc, 'base64').toString('ascii'));
if(!job.inputs?.version){
core.setFailed(`input does not contain valid semver version: ${inspect(job.inputs, {showHidden:false, depth:null, colors:true})}`);
}else if(!job.inputs?.tag){
core.setFailed(`input does not contain valid git tag: ${inspect(job.inputs, {showHidden:false, depth:null, colors:true})}`);
}else if(job.inputs.version == 'null' || null === job.inputs.version){
core.setFailed(`input version is null: ${inspect(job.inputs, {showHidden:false, depth:null, colors:true})}`);
}
}catch(e){
core.setFailed(`could not parse github.event.inputs.etc: ${n.etc} (${Buffer.from(n.etc, 'base64').toString('ascii')})`);
}
}
}
}catch(e){
core.setFailed(`could not parse github.event.inputs: ${json}`);
}
// check if .json exists
try{
const path = resolve('.json');
if(existsSync(path)){
try{
job.json = JSON.parse(readFileSync(path).toString());
}catch(e){
throw new Error('could not parse .json');
}
}else{
throw new Error('.json does not exist!');
}
}catch(e){
core.setFailed(e);
}
// semver
const latest = semverExceptions(semver.valid(semver.coerce(job.inputs.version)));
const current = semverExceptions(semver.valid(semver.coerce(job.json.semver.version)));
const tag = semver.valid(semver.coerce(job.inputs.tag));
const checks = {latestTagExists:false};
try{
const tag = await fetch(`https://hub.docker.com/v2/repositories/${job.json.image}/tags/${latest}`);
if(tag.status === 200){
checks.latestTagExists = true;
}
}catch(e){
core.warning(e);
}
// compare
if(latest && latest !== current && !checks.latestTagExists){
core.info(`new ${semver.diff(current, latest)} release found (${latest}), updating ...`)
job.json.semver.version = latest;
// check if app has additional parameters
const build = {};
if(job.inputs?.build && typeof(job.inputs.build) === 'string'){
build.args = {
version_build:job.inputs.build,
};
}else if(job.inputs?.build?.args){
build.args = job.inputs.build.args;
}
// update .json
try{
writeFileSync(resolve('.json'), JSON.stringify(job.json, null, 2));
// export variables
core.exportVariable('WORKFLOW_UPDATE', true);
core.exportVariable('WORKFLOW_UPDATE_BASE64JSON', Buffer.from(JSON.stringify({build:build})).toString('base64'));
if(job.inputs?.unraid){
core.exportVariable('WORKFLOW_UPDATE_UNRAID', 'true');
core.exportVariable('WORKFLOW_UPDATE_UNRAID_BASE64JSON', Buffer.from(JSON.stringify({semversuffix:"unraid", uid:99, gid:100, build:build})).toString('base64'));
}
if(job.inputs?.nobody){
core.exportVariable('WORKFLOW_UPDATE_NOBODY', 'true');
core.exportVariable('WORKFLOW_UPDATE_NOBODY_BASE64JSON', Buffer.from(JSON.stringify({semversuffix:"nobody", uid:65534, gid:65534, build:build})).toString('base64'));
}
core.exportVariable('LATEST_TAG', semver.inc(tag, semver.diff(current, latest)));
core.exportVariable('LATEST_VERSION', latest);
if(job.inputs?.build) core.exportVariable('LATEST_BUILD', job.inputs.build);
}catch(e){
core.setFailed(e);
}
}else{
core.info('no update required')
}
core.info(inspect(job, {showHidden:false, depth:null, colors:true}));
})();
- name: update / checkout
id: checkout
if: env.WORKFLOW_UPDATE == 'true'
run: |
git config user.name "github-actions[bot]"
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
git add .json
git commit -m "chore: auto upgrade to v${{ env.LATEST_VERSION }}"
git push origin HEAD:master
- name: update / tag
if: env.WORKFLOW_UPDATE == 'true' && steps.checkout.outcome == 'success'
run: |
SHA256=$(git rev-list --branches --max-count=1)
git tag -a v${{ env.LATEST_TAG }} -m "v${{ env.LATEST_TAG }}" ${SHA256}
git push --follow-tags
- name: update / build container image
id: build
if: env.WORKFLOW_UPDATE == 'true' && steps.checkout.outcome == 'success'
uses: the-actions-org/workflow-dispatch@3133c5d135c7dbe4be4f9793872b6ef331b53bc7
with:
workflow: docker.yml
wait-for-completion: false
token: "${{ secrets.REPOSITORY_TOKEN }}"
inputs: '{ "release":"${{ github.event.inputs.release }}", "readme":"${{ github.event.inputs.readme }}", "run-name":"update v${{ env.LATEST_VERSION }}", "etc":"${{ env.WORKFLOW_UPDATE_BASE64JSON }}" }'
ref: "v${{ env.LATEST_TAG }}"
- name: update / build container image for unraid
if: env.WORKFLOW_UPDATE_UNRAID == 'true' && steps.checkout.outcome == 'success' && steps.build.outcome == 'success'
uses: the-actions-org/workflow-dispatch@3133c5d135c7dbe4be4f9793872b6ef331b53bc7
with:
workflow: docker.yml
wait-for-completion: false
token: "${{ secrets.REPOSITORY_TOKEN }}"
inputs: '{ "release":"false", "readme":"false", "run-name":"update unraid v${{ env.LATEST_VERSION }}", "etc":"${{ env.WORKFLOW_UPDATE_UNRAID_BASE64JSON }}" }'
ref: "v${{ env.LATEST_TAG }}"
- name: update / build container image for nobody
if: env.WORKFLOW_UPDATE_NOBODY == 'true' && steps.checkout.outcome == 'success' && steps.build.outcome == 'success'
uses: the-actions-org/workflow-dispatch@3133c5d135c7dbe4be4f9793872b6ef331b53bc7
with:
workflow: docker.yml
wait-for-completion: false
token: "${{ secrets.REPOSITORY_TOKEN }}"
inputs: '{ "release":"false", "readme":"false", "run-name":"update nobody v${{ env.LATEST_VERSION }}", "etc":"${{ env.WORKFLOW_UPDATE_NOBODY_BASE64JSON }}" }'
ref: "v${{ env.LATEST_TAG }}"