-
-
Notifications
You must be signed in to change notification settings - Fork 3k
139 lines (125 loc) · 5.24 KB
/
sync-release-assets.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
name: Sync GitHub Release Assets
on:
workflow_dispatch:
schedule:
- cron: '0 0 * * *'
concurrency:
group: release-assets-dist-sync
cancel-in-progress: true
permissions:
contents: write # to upload release asset
jobs:
dist-ipfs-tech:
if: github.repository == 'ipfs/kubo' || github.event_name == 'workflow_dispatch'
runs-on: "ubuntu-latest"
timeout-minutes: 5
steps:
- uses: ipfs/download-ipfs-distribution-action@v1
- uses: ipfs/start-ipfs-daemon-action@v1
with:
args: --init --init-profile=flatfs,server --enable-gc=false
- uses: actions/setup-node@v3
with:
node-version: 14
- name: Sync the latest 5 github releases
uses: actions/github-script@v6
with:
script: |
const fs = require('fs').promises
const max_synced = 5
// fetch github releases
resp = await github.rest.repos.listReleases({
owner: context.repo.owner,
repo: context.repo.repo,
page: 1,
per_page: max_synced
})
const release_assets = [];
num_synced = 0;
for (const release of resp.data) {
console.log("checking release tagged", release.tag_name)
if (num_synced > max_synced) {
console.log("done: synced", max_synced, "latest releases")
break;
}
num_synced += 1
const github_assets = new Set()
for (const asset of release.assets) {
github_assets.add(asset.name)
}
// fetch asset info from dist.ipfs.tech
p = '/ipns/dist.ipfs.tech/kubo/' + release.tag_name
let stdout = ''
const options = {}
options.listeners = {
stdout: (data) => {
stdout += data.toString();
}
}
await exec.exec('ipfs', ['ls', p], options)
const dist_assets = new Set()
const missing_files = []
for (const raw_line of stdout.split("\n")) {
line = raw_line.trim();
if (line.length != 0) {
file = line.split(/(\s+)/).filter( function(e) { return e.trim().length > 0; } )[2]
dist_assets.add(file)
if (!github_assets.has(file)) {
missing_files.push(file)
}
}
}
// if dist.ipfs.tech has files not found in github, copy them over
for (const file of missing_files) {
file_sha = file + ".sha512"
file_cid = file + ".cid"
// skip files that don't have .cid and .sha512 checksum files
if (!dist_assets.has(file_sha) || !dist_assets.has(file_cid)) {
if (!file.endsWith('.cid') && !file.endsWith('.sha512')) { // silent skip of .sha512.sha512 :)
console.log(`skipping "${file}" as dist.ipfs.tech does not provide .cid and .sha512 checksum files for it`)
}
continue
}
console.log("fetching", file, "from dist.ipfs.tech")
await exec.exec('ipfs', ['get', p + '/' + file])
await exec.exec('ipfs', ['get', p + '/' + file_sha])
await exec.exec('ipfs', ['get', p + '/' + file_cid])
console.log("verifying contents of", file)
// compute sha512 output for file
let sha_stdout = ''
const sha_options = {}
sha_options.listeners = {
stdout: (data) => {
sha_stdout += data.toString();
}
}
await exec.exec('sha512sum', [file], sha_options)
// read expected sha512 output
const sha_data = await fs.readFile(file_sha, "utf8")
const digest = (s) => s.split(' ').shift()
if (digest(sha_data) != digest(sha_stdout)) {
console.log(`${file}.sha512: ${sha_data}`)
console.log(`sha512sum ${file}: ${sha_stdout}`)
throw "checksum verification failed for " + file
}
console.log("uploading", file, "to github release", release.tag_name)
const uploadReleaseAsset = async (file) => github.rest.repos.uploadReleaseAsset({
owner: context.repo.owner,
repo: context.repo.repo,
release_id: release.id,
headers: {
"content-type": "application/octet-stream",
"content-length": `${(await fs.stat(file)).size}`
},
name: file,
data: await fs.readFile(file)
})
await uploadReleaseAsset(file)
await uploadReleaseAsset(file_sha)
await uploadReleaseAsset(file_cid)
}
// summary of assets on both sides
release_assets.push({ tag: release.tag_name, github_assets, dist_assets })
}
console.log(release_assets)
return release_assets