Update main.yml #21
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Push Website to IPFS | |
on: | |
push: | |
branches: [ master, dev ] | |
jobs: | |
build: | |
name: Repo Build | |
runs-on: ubuntu-20.04 | |
permissions: | |
contents: read | |
packages: write | |
id-token: write | |
pull-requests: write | |
container: | |
image: ghcr.io/kiracore/docker/base-image:v0.12.2 | |
steps: | |
- name: Init Part 1 | |
run: | | |
mkdir -p /github/home/.cache/pip | |
git config --global --add safe.directory /github/home/.cache/pip | |
git config --global --add safe.directory $PWD | |
echo "INDEX_MODE=redirect" >> $GITHUB_ENV | |
echo "DNS=kira.network" >> $GITHUB_ENV | |
echo "USERNAME=KiraCore" >> $GITHUB_ENV | |
echo "SOURCE_BRANCH=$(echo ${GITHUB_REF#refs/heads/})" >> $GITHUB_ENV | |
echo "RELEASE=${GITHUB_WORKSPACE}/bin" >> $GITHUB_ENV | |
- name: Checkout ${{env.DNS}} | |
uses: actions/checkout@v3 | |
with: | |
repository: "${{env.USERNAME}}/${{env.DNS}}" | |
ref: ${{ env.SOURCE_BRANCH }} | |
- name: Init Part 2 | |
run: | | |
VERSION="$(cat ./version)" && echo "VERSION=$VERSION" >> $GITHUB_ENV | |
git ls-remote https://github.com/${{env.USERNAME}}/${{env.DNS}} | egrep -q "refs/tags/${VERSION}$" && echo "RELEASE_EXISTS=true" >> $GITHUB_ENV || echo "RELEASE_EXISTS=false" >> $GITHUB_ENV | |
- name: Publish HTML to IPFS | |
shell: bash | |
run: | | |
set -x | |
IPFS_UPLOAD_NAME="www-${{env.DNS}}-${{env.SOURCE_BRANCH}}-${{env.VERSION}}" | |
set -e | |
ipfs-api delete $IPFS_UPLOAD_NAME --key=${{secrets.PINATA_API_JWT}} --verbose=true || echo "WARNING: Failed to delete file with name '$IPFS_UPLOAD_NAME' request failed or it might not exist" | |
set +e | |
ipfs-api pin ./ $IPFS_UPLOAD_NAME --key=${{secrets.PINATA_API_JWT}} --verbose=true | tee -a ./ipfs-pin.log || echo "ERROR: Failed to pin web app" | |
IPFS_HASH=$(cat ./ipfs-pin.log | tail -n 1 | bash-utils jsonParse ".hash" || echo "") | |
[ -z "$IPFS_HASH" ] && echo "ERROR: IPFS Upload Failed" && exit 1 | |
echo "IPFS_HASH=$IPFS_HASH" >> $GITHUB_ENV | |
IPFS_HASH_SHORT=${IPFS_HASH::10}...${IPFS_HASH: -3} | |
echo "IPFS_HASH_SHORT=$IPFS_HASH_SHORT" >> $GITHUB_ENV | |
rm -fv "./ipfs-pin.log" | |
- name: Save changes to release folder | |
run: | | |
ZIP_FILENAME="${{env.DNS}}.zip" | |
rm -fv "./$ZIP_FILENAME" | |
zip -r "./$ZIP_FILENAME" ./* | |
mkdir -p ${{env.RELEASE}} | |
echo "${{env.IPFS_HASH}}" > "${{env.RELEASE}}/ipfs-cid.txt" | |
cp -fv ./RELEASE.md "${{env.RELEASE}}/RELEASE.md" | |
cp -fv ./LICENSE.md "${{env.RELEASE}}/LICENSE.md" | |
cp -fv ./${INDEX_MODE}.html "${{env.RELEASE}}/index.html" | |
echo "${{env.DNS}}" > "${{env.RELEASE}}/CNAME" | |
echo "www.${{env.DNS}}" >> "${{env.RELEASE}}/CNAME" | |
TARGET_VAR="IPFS_CID" | |
REPLACE_VAR="${{env.IPFS_HASH}}" | |
ESCAPED_VAR=$(echo "$REPLACE_VAR" | sed 's/\//\\\//g; s/&/\\&/g; s/\?/\\?/g') | |
sed -i "s/$TARGET_VAR/$ESCAPED_VAR/g" "${{env.RELEASE}}/index.html" | |
TARGET_VAR="DNS_ADDRESS" | |
REPLACE_VAR="${{env.DNS}}" | |
ESCAPED_VAR=$(echo "$REPLACE_VAR" | sed 's/\//\\\//g; s/&/\\&/g; s/\?/\\?/g') | |
sed -i "s/$TARGET_VAR/$ESCAPED_VAR/g" "${{env.RELEASE}}/index.html" | |
TARGET_VAR="GITHUB_REPO" | |
REPLACE_VAR="https://github.com/${{env.USERNAME}}/${{env.DNS}}/releases/tag/${{env.VERSION}}" | |
ESCAPED_VAR=$(echo "$REPLACE_VAR" | sed 's/\//\\\//g; s/&/\\&/g; s/\?/\\?/g') | |
sed -i "s/$TARGET_VAR/$ESCAPED_VAR/g" "${{env.RELEASE}}/index.html" | |
- name: Publish release folder | |
uses: s0/git-publish-subdir-action@develop | |
env: | |
REPO: self | |
BRANCH: "${{ env.SOURCE_BRANCH }}-release" | |
FOLDER: "${{ env.RELEASE }}" | |
GITHUB_TOKEN: ${{ secrets.REPO_ACCESS }} | |
- name: Signing release files | |
shell: bash | |
env: | |
KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} | |
COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} | |
run: | | |
ZIP_FILENAME="${{env.DNS}}.zip" | |
cp -fv ./$ZIP_FILENAME "${{env.RELEASE}}/html-web-site.zip" | |
echo -e "\n\r\n\rPublished web site:" >> ./bin/RELEASE.md | |
echo -e " * Private Gateway: [ipfs.kira.network/ipfs/${{env.IPFS_HASH_SHORT}}](https://ipfs.kira.network/ipfs/${{env.IPFS_HASH}}/index.html)" >> ./bin/RELEASE.md | |
echo -e " * Public Gateway: [ipfs.io/ipfs/${{env.IPFS_HASH_SHORT}}](https://ipfs.io/ipfs/${{env.IPFS_HASH}}/index.html)" >> ./bin/RELEASE.md | |
echo -e "\n\r\n\r\`\`\`" >> ./bin/RELEASE.md | |
echo -e " Release Versions: ${{env.VERSION}}" >> ./bin/RELEASE.md | |
echo -e " Release Date Time: $(date --rfc-2822)" >> ./bin/RELEASE.md | |
echo -e " Release CID Hash: ${{env.IPFS_HASH}}\n\r" >> ./bin/RELEASE.md | |
echo " html-web-site.zip: sha256:$(sha256sum ./html-web-site.zip | awk '{ print $1 }')" >> ./bin/RELEASE.md | |
echo " ipfs-cid.txt: sha256:$(sha256sum ./ipfs-cid.txt | awk '{ print $1 }')" >> ./bin/RELEASE.md | |
echo " index.html: sha256:$(sha256sum ./index.html | awk '{ print $1 }')" >> ./bin/RELEASE.md | |
echo -e "\`\`\`" >> ./bin/RELEASE.md | |
cd ./bin | |
echo "$KEY" > ../../cosign.key | |
for FILE in *; do FILE_NAME=$(basename $FILE); cosign sign-blob --key=../../cosign.key --output-signature=./${FILE_NAME}.sig ./$FILE_NAME; done | |
rm -fv ../../cosign.key | |
ls -a1 "${{env.RELEASE}}" | |
- name: Delete old release | |
if: env.SOURCE_BRANCH == 'master' | |
uses: dev-drprasad/[email protected] | |
with: | |
tag_name: "${{env.VERSION}}" | |
delete_release: true | |
env: | |
GITHUB_TOKEN: ${{secrets.REPO_ACCESS}} | |
- name: Publish release | |
if: env.SOURCE_BRANCH == 'master' | |
uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 | |
with: | |
token: ${{secrets.REPO_ACCESS}} | |
body_path: "${{env.RELEASE}}/RELEASE.md" | |
tag_name: "${{env.VERSION}}" | |
name: "${{env.VERSION}}" | |
prerelease: false | |
draft: false | |
fail_on_unmatched_files: true | |
files: | | |
${{env.RELEASE}}/html-web-site.zip | |
${{env.RELEASE}}/html-web-site.zip.sig | |
${{env.RELEASE}}/ipfs-cid.txt | |
${{env.RELEASE}}/ipfs-cid.txt.sig | |
${{env.RELEASE}}/index.html | |
${{env.RELEASE}}/index.html.sig | |
- name: Cleanup | |
run: | | |
cd ${GITHUB_WORKSPACE} | |
rm -rfv ./* | |
- name: Download current version of the site | |
if: env.SOURCE_BRANCH == 'dev' | |
uses: actions/checkout@v3 | |
with: | |
ref: dev | |
- name: Close All PRs | |
if: env.SOURCE_BRANCH == 'dev' | |
uses: crondaemon/close-pr@v1 | |
with: | |
comment: "This PR is obsolete, dev branch is ahead of your branch." | |
env: | |
GITHUB_TOKEN: ${{secrets.REPO_ACCESS}} | |
- name: Create PR from dev to master branch | |
uses: cea2aj/pull-request@84eb0c3478f13651e5649367941b867ca02d7926 | |
if: env.SOURCE_BRANCH == 'dev' | |
with: | |
github_token: ${{secrets.REPO_ACCESS}} | |
source_branch: ${{env.SOURCE_BRANCH}} | |
destination_branch: master | |
pr_title: "${{env.SOURCE_BRANCH}} -> master" | |
pr_label: "kira-automation" | |
pr_allow_empty: true | |
pr_body: | | |
Web app was deployed to IPFS: ```${{env.IPFS_HASH}}``` | |
* Private Gateway: [ipfs.${{env.DNS}}/ipfs/${{env.IPFS_HASH}}](https://ipfs.${{env.DNS}}/ipfs/${{env.IPFS_HASH}}/index.html) | |
* Public Gateway: [ipfs.io/ipfs/${{env.IPFS_HASH}}](https://ipfs.io/ipfs/${{env.IPFS_HASH}}/index.html) | |
- name: Cleanup all even if some tasks fail | |
shell: bash | |
continue-on-error: true | |
run: | | |
cd ${GITHUB_WORKSPACE} && rm -rfv ./* | |
echo "(current dir): $PWD" && ls -l ./ |