Skip to content

Update main.yml

Update main.yml #21

Workflow file for this run

name: Push Website to IPFS
on:
push:
branches: [ master, dev ]
jobs:
build:
name: Repo Build
runs-on: ubuntu-20.04
permissions:
contents: read
packages: write
id-token: write
pull-requests: write
container:
image: ghcr.io/kiracore/docker/base-image:v0.12.2
steps:
- name: Init Part 1
run: |
mkdir -p /github/home/.cache/pip
git config --global --add safe.directory /github/home/.cache/pip
git config --global --add safe.directory $PWD
echo "INDEX_MODE=redirect" >> $GITHUB_ENV
echo "DNS=kira.network" >> $GITHUB_ENV
echo "USERNAME=KiraCore" >> $GITHUB_ENV
echo "SOURCE_BRANCH=$(echo ${GITHUB_REF#refs/heads/})" >> $GITHUB_ENV
echo "RELEASE=${GITHUB_WORKSPACE}/bin" >> $GITHUB_ENV
- name: Checkout ${{env.DNS}}
uses: actions/checkout@v3
with:
repository: "${{env.USERNAME}}/${{env.DNS}}"
ref: ${{ env.SOURCE_BRANCH }}
- name: Init Part 2
run: |
VERSION="$(cat ./version)" && echo "VERSION=$VERSION" >> $GITHUB_ENV
git ls-remote https://github.com/${{env.USERNAME}}/${{env.DNS}} | egrep -q "refs/tags/${VERSION}$" && echo "RELEASE_EXISTS=true" >> $GITHUB_ENV || echo "RELEASE_EXISTS=false" >> $GITHUB_ENV
- name: Publish HTML to IPFS
shell: bash
run: |
set -x
IPFS_UPLOAD_NAME="www-${{env.DNS}}-${{env.SOURCE_BRANCH}}-${{env.VERSION}}"
set -e
ipfs-api delete $IPFS_UPLOAD_NAME --key=${{secrets.PINATA_API_JWT}} --verbose=true || echo "WARNING: Failed to delete file with name '$IPFS_UPLOAD_NAME' request failed or it might not exist"
set +e
ipfs-api pin ./ $IPFS_UPLOAD_NAME --key=${{secrets.PINATA_API_JWT}} --verbose=true | tee -a ./ipfs-pin.log || echo "ERROR: Failed to pin web app"
IPFS_HASH=$(cat ./ipfs-pin.log | tail -n 1 | bash-utils jsonParse ".hash" || echo "")
[ -z "$IPFS_HASH" ] && echo "ERROR: IPFS Upload Failed" && exit 1
echo "IPFS_HASH=$IPFS_HASH" >> $GITHUB_ENV
IPFS_HASH_SHORT=${IPFS_HASH::10}...${IPFS_HASH: -3}
echo "IPFS_HASH_SHORT=$IPFS_HASH_SHORT" >> $GITHUB_ENV
rm -fv "./ipfs-pin.log"
- name: Save changes to release folder
run: |
ZIP_FILENAME="${{env.DNS}}.zip"
rm -fv "./$ZIP_FILENAME"
zip -r "./$ZIP_FILENAME" ./*
mkdir -p ${{env.RELEASE}}
echo "${{env.IPFS_HASH}}" > "${{env.RELEASE}}/ipfs-cid.txt"
cp -fv ./RELEASE.md "${{env.RELEASE}}/RELEASE.md"
cp -fv ./LICENSE.md "${{env.RELEASE}}/LICENSE.md"
cp -fv ./${INDEX_MODE}.html "${{env.RELEASE}}/index.html"
echo "${{env.DNS}}" > "${{env.RELEASE}}/CNAME"
echo "www.${{env.DNS}}" >> "${{env.RELEASE}}/CNAME"
TARGET_VAR="IPFS_CID"
REPLACE_VAR="${{env.IPFS_HASH}}"
ESCAPED_VAR=$(echo "$REPLACE_VAR" | sed 's/\//\\\//g; s/&/\\&/g; s/\?/\\?/g')
sed -i "s/$TARGET_VAR/$ESCAPED_VAR/g" "${{env.RELEASE}}/index.html"
TARGET_VAR="DNS_ADDRESS"
REPLACE_VAR="${{env.DNS}}"
ESCAPED_VAR=$(echo "$REPLACE_VAR" | sed 's/\//\\\//g; s/&/\\&/g; s/\?/\\?/g')
sed -i "s/$TARGET_VAR/$ESCAPED_VAR/g" "${{env.RELEASE}}/index.html"
TARGET_VAR="GITHUB_REPO"
REPLACE_VAR="https://github.com/${{env.USERNAME}}/${{env.DNS}}/releases/tag/${{env.VERSION}}"
ESCAPED_VAR=$(echo "$REPLACE_VAR" | sed 's/\//\\\//g; s/&/\\&/g; s/\?/\\?/g')
sed -i "s/$TARGET_VAR/$ESCAPED_VAR/g" "${{env.RELEASE}}/index.html"
- name: Publish release folder
uses: s0/git-publish-subdir-action@develop
env:
REPO: self
BRANCH: "${{ env.SOURCE_BRANCH }}-release"
FOLDER: "${{ env.RELEASE }}"
GITHUB_TOKEN: ${{ secrets.REPO_ACCESS }}
- name: Signing release files
shell: bash
env:
KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
run: |
ZIP_FILENAME="${{env.DNS}}.zip"
cp -fv ./$ZIP_FILENAME "${{env.RELEASE}}/html-web-site.zip"
echo -e "\n\r\n\rPublished web site:" >> ./bin/RELEASE.md
echo -e " * Private Gateway: [ipfs.kira.network/ipfs/${{env.IPFS_HASH_SHORT}}](https://ipfs.kira.network/ipfs/${{env.IPFS_HASH}}/index.html)" >> ./bin/RELEASE.md
echo -e " * Public Gateway: [ipfs.io/ipfs/${{env.IPFS_HASH_SHORT}}](https://ipfs.io/ipfs/${{env.IPFS_HASH}}/index.html)" >> ./bin/RELEASE.md
echo -e "\n\r\n\r\`\`\`" >> ./bin/RELEASE.md
echo -e " Release Versions: ${{env.VERSION}}" >> ./bin/RELEASE.md
echo -e " Release Date Time: $(date --rfc-2822)" >> ./bin/RELEASE.md
echo -e " Release CID Hash: ${{env.IPFS_HASH}}\n\r" >> ./bin/RELEASE.md
echo " html-web-site.zip: sha256:$(sha256sum ./html-web-site.zip | awk '{ print $1 }')" >> ./bin/RELEASE.md
echo " ipfs-cid.txt: sha256:$(sha256sum ./ipfs-cid.txt | awk '{ print $1 }')" >> ./bin/RELEASE.md
echo " index.html: sha256:$(sha256sum ./index.html | awk '{ print $1 }')" >> ./bin/RELEASE.md
echo -e "\`\`\`" >> ./bin/RELEASE.md
cd ./bin
echo "$KEY" > ../../cosign.key
for FILE in *; do FILE_NAME=$(basename $FILE); cosign sign-blob --key=../../cosign.key --output-signature=./${FILE_NAME}.sig ./$FILE_NAME; done
rm -fv ../../cosign.key
ls -a1 "${{env.RELEASE}}"
- name: Delete old release
if: env.SOURCE_BRANCH == 'master'
uses: dev-drprasad/[email protected]
with:
tag_name: "${{env.VERSION}}"
delete_release: true
env:
GITHUB_TOKEN: ${{secrets.REPO_ACCESS}}
- name: Publish release
if: env.SOURCE_BRANCH == 'master'
uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844
with:
token: ${{secrets.REPO_ACCESS}}
body_path: "${{env.RELEASE}}/RELEASE.md"
tag_name: "${{env.VERSION}}"
name: "${{env.VERSION}}"
prerelease: false
draft: false
fail_on_unmatched_files: true
files: |
${{env.RELEASE}}/html-web-site.zip
${{env.RELEASE}}/html-web-site.zip.sig
${{env.RELEASE}}/ipfs-cid.txt
${{env.RELEASE}}/ipfs-cid.txt.sig
${{env.RELEASE}}/index.html
${{env.RELEASE}}/index.html.sig
- name: Cleanup
run: |
cd ${GITHUB_WORKSPACE}
rm -rfv ./*
- name: Download current version of the site
if: env.SOURCE_BRANCH == 'dev'
uses: actions/checkout@v3
with:
ref: dev
- name: Close All PRs
if: env.SOURCE_BRANCH == 'dev'
uses: crondaemon/close-pr@v1
with:
comment: "This PR is obsolete, dev branch is ahead of your branch."
env:
GITHUB_TOKEN: ${{secrets.REPO_ACCESS}}
- name: Create PR from dev to master branch
uses: cea2aj/pull-request@84eb0c3478f13651e5649367941b867ca02d7926
if: env.SOURCE_BRANCH == 'dev'
with:
github_token: ${{secrets.REPO_ACCESS}}
source_branch: ${{env.SOURCE_BRANCH}}
destination_branch: master
pr_title: "${{env.SOURCE_BRANCH}} -> master"
pr_label: "kira-automation"
pr_allow_empty: true
pr_body: |
Web app was deployed to IPFS: ```${{env.IPFS_HASH}}```
* Private Gateway: [ipfs.${{env.DNS}}/ipfs/${{env.IPFS_HASH}}](https://ipfs.${{env.DNS}}/ipfs/${{env.IPFS_HASH}}/index.html)
* Public Gateway: [ipfs.io/ipfs/${{env.IPFS_HASH}}](https://ipfs.io/ipfs/${{env.IPFS_HASH}}/index.html)
- name: Cleanup all even if some tasks fail
shell: bash
continue-on-error: true
run: |
cd ${GITHUB_WORKSPACE} && rm -rfv ./*
echo "(current dir): $PWD" && ls -l ./