-
-
Notifications
You must be signed in to change notification settings - Fork 536
162 lines (147 loc) · 6.93 KB
/
mirror_release_sourceforge.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
name: Mirror To SourceForge
on:
release:
types:
- published
- edited
- deleted
- released # See: https://github.community/t5/GitHub-API-Development-and/Webhook-ReleaseEvent-prerelease-gt-release-notification/m-p/22612
concurrency: sourceforge_deploy
jobs:
mirror-to-sourceforge:
environment: sourceforge_deploy
# For this job to work, the following secrets must be set:
# SF_SSH_KEY
# SF_FRS_USERNAME
# SF_RELEASES_API_KEY
env:
SF_PROJECT_NAME: 'warzone2100'
SF_BASE_PATH: 'releases'
RELEASE_CONTEXT: ${{ toJson(github.event.release) }}
name: 'Mirror to SourceForge'
permissions:
contents: read
runs-on: ubuntu-latest
steps:
- name: Process Release Event
id: settings
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
working-directory: '${{ github.workspace }}'
run: |
RELEASE_TAG="${GITHUB_REF##*/}"
echo "GITHUB_REPOSITORY is: ${GITHUB_REPOSITORY}"
echo "GITHUB_REF is: ${GITHUB_REF}"
echo "Release tag is: ${RELEASE_TAG}"
echo "Release Event Action: ${{ github.event.action }}"
echo "RELEASE_CONTEXT is:\n${RELEASE_CONTEXT}";
if [[ $RELEASE_TAG == *..* ]]; then
# Reject any release tags with two ".." in a row
echo "::error ::Invalid RELEASE_TAG value - aborting."
exit 1
fi
if [ -z "${RELEASE_TAG}" ]; then
echo "::error ::RELEASE_TAG variable is empty. Aborting."
exit 1
fi
# Get information for this tagged release
tagged_release_id="${{ github.event.release.id }}"
echo "tagged_release_id=${tagged_release_id}"
echo "tagged_release_id=${tagged_release_id}" >> $GITHUB_OUTPUT
SF_FILE_PATH=""
if [ ! -z "${SF_BASE_PATH}" ]; then
SF_FILE_PATH="${SF_BASE_PATH}/"
fi
SF_FILE_PATH="${SF_FILE_PATH}${RELEASE_TAG}"
echo "SF_FILE_PATH=${SF_FILE_PATH}"
echo "SF_FILE_PATH=${SF_FILE_PATH}" >> $GITHUB_OUTPUT
# Prepare release_assets directory
mkdir -p "release_assets/${SF_FILE_PATH}"
- name: Download All Release Assets
if: (github.event.action != 'deleted')
id: download
env:
GH_TOKEN: ${{ github.token }}
SF_FILE_PATH: ${{ steps.settings.outputs.SF_FILE_PATH }}
RELEASE_TAG: ${{ github.event.release.tag_name }}
working-directory: '${{ github.workspace }}/release_assets/${{ steps.settings.outputs.SF_FILE_PATH }}'
run: |
# Download all release assets
gh release --repo "${GITHUB_REPOSITORY}" download "${RELEASE_TAG}"
# Output list of downloaded files
ls -al
echo "Done."
- name: Get Latest Release Info
id: latestrelease
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
echo "Get Latest Release info for repo: ${GITHUB_REPOSITORY}"
latest_release_id="$(curl -H "Accept: application/vnd.github.v3.raw" -H "Authorization: token ${GITHUB_TOKEN}" -s "https://api.github.com/repos/${GITHUB_REPOSITORY}/releases/latest" | jq '.id')"
echo "latest_release_id=${latest_release_id}"
echo "latest_release_id=${latest_release_id}" >> $GITHUB_OUTPUT
- name: Set up SourceForge known_hosts
run: |
mkdir -p ~/.ssh/
# May need updating on occasion. See: https://sourceforge.net/p/forge/documentation/SSH%20Key%20Fingerprints/
# Output of: `ssh-keyscan frs.sourceforge.net >> ~/.ssh/known_hosts`
cat >> ~/.ssh/known_hosts << 'EOF'
frs.sourceforge.net ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQD35Ujalhh+JJkPvMckDlhu4dS7WH6NsOJ15iGCJLC
frs.sourceforge.net ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA2uifHZbNexw6cXbyg1JnzDitL5VhYs0E65Hk/tLAPmcmm5GuiGeUoI/B0eUSNFsbqzwgwrttjnzKMKiGLN5CWVmlN1IXGGAfLYsQwK6wAu7kYFzkqP4jcwc5Jr9UPRpJdYIK733tSEmzab4qc5Oq8izKQKIaxXNe7FgmL15HjSpatFt9w/ot/CHS78FUAr3j3RwekHCm/jhPeqhlMAgC+jUgNJbFt3DlhDaRMa0NYamVzmX8D47rtmBbEDU3ld6AezWBPUR5Lh7ODOwlfVI58NAf/aYNlmvl2TZiauBCTa7OPYSyXJnIPbQXg6YQlDknNCr0K769EjeIlAfY87Z4tw==
frs.sourceforge.net ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCwsY6sZT4MTTkHfpRzYjxG7mnXrGL74RCT2cO/NFvRrZVNB5XNwKNn7G5fHbYLdJ6UzpURDRae1eMg92JG0+yo=
EOF
- name: Set up SSH Agent
env:
SF_KEY: ${{ secrets.SF_SSH_KEY }}
run: |
eval "$(ssh-agent -s)"
set +x
# Add the private key to SSH agent
mkdir -p ~/.ssh/
echo ${SF_KEY} | base64 --decode > ~/.ssh/id_ed25519
chmod 600 ~/.ssh/id_ed25519
ssh-add ~/.ssh/id_ed25519
# Create a public key file
ssh-keygen -y -f ~/.ssh/id_ed25519 > ~/.ssh/id_ed25519.pub
- name: Mirror Release Assets to SourceForge
id: upload
env:
SF_FRS_USERNAME: ${{ secrets.SF_FRS_USERNAME }}
SF_FILE_PATH: ${{ steps.settings.outputs.SF_FILE_PATH }}
working-directory: '${{ github.workspace }}/release_assets'
run: |
if [ -z "${SF_FILE_PATH}" ]; then
echo "::error ::SF_FILE_PATH variable is empty. Aborting this step."
exit 1
fi
# Upload all release assets
rsync -e ssh -rvh --relative "${SF_FILE_PATH}/" "${SF_FRS_USERNAME}@frs.sourceforge.net:/home/frs/project/${SF_PROJECT_NAME}/" --delete
echo "Done."
- name: Set Default SourceForge Downloads
if: ((github.event.action == 'published') || (github.event.action == 'edited') || (github.event.action == 'released')) && (steps.settings.outputs.tagged_release_id == steps.latestrelease.outputs.latest_release_id)
env:
SF_RELEASES_API_KEY: ${{ secrets.SF_RELEASES_API_KEY }}
SF_FILE_PATH: ${{ steps.settings.outputs.SF_FILE_PATH }}
working-directory: '${{ github.workspace }}/release_assets'
run: |
echo "The provided tagged release is, in fact, the latest release. Updating default downloads:"
if [ -z "${SF_RELEASES_API_KEY}" ]; then
echo "::error ::SF_RELEASES_API_KEY secret was not set. Aborting this step."
exit 1
fi
# User-defined function
set_sf_default_if_present(){
local filename="$1"
local sf_default_string="$2"
if [ -f "${SF_FILE_PATH}/$filename" ]; then
echo "Setting: \"${SF_FILE_PATH}/${filename}\" as: ${sf_default_string}"
curl -H "Accept: application/json" -X PUT -d "${sf_default_string}" -d "api_key=${SF_RELEASES_API_KEY}" -s "https://sourceforge.net/projects/${SF_PROJECT_NAME}/files/${SF_FILE_PATH}/${filename}"
else
echo "::warning ::Did not find file: ${filename}"
fi
}
# Set default platform downloads for SourceForge
set_sf_default_if_present "warzone2100_win_x64_installer.exe" "default=windows"
set_sf_default_if_present "warzone2100_macOS_universal.zip" "default=mac"
set_sf_default_if_present "warzone2100_src.tar.xz" "default=linux&default=bsd&default=solaris&default=others"
echo "Done."