diff --git a/.github/actions/nym-hash-releases/.gitignore b/.github/actions/nym-hash-releases/.gitignore new file mode 100644 index 0000000000..5fe9fdaa30 --- /dev/null +++ b/.github/actions/nym-hash-releases/.gitignore @@ -0,0 +1,2 @@ +.tmp +hashes.json diff --git a/.github/actions/nym-hash-releases/action.yml b/.github/actions/nym-hash-releases/action.yml new file mode 100644 index 0000000000..fbd57ea39d --- /dev/null +++ b/.github/actions/nym-hash-releases/action.yml @@ -0,0 +1,25 @@ +name: 'Nym Hash Release' +author: 'Nym Technologies SA' +description: 'Generate hashes and signatures for assets in Nym releases' +inputs: + hash-type: + description: 'Type of hash to generate (md5, sha1, sha256, sha512)' + required: false + default: 'sha256' + file-name: + description: 'File name to save as if desired' + required: false + default: 'hashes.json' + release-tag-or-name-or-id: + description: 'The tag/release to process. Uses the release id when trigger from a release.' + required: false + default: '' +outputs: + hashes: + description: 'A string containing JSON with the release asset hashes and signatures' +runs: + using: 'node16' + main: 'index.js' +branding: + icon: 'hash' + color: 'green' diff --git a/.github/actions/nym-hash-releases/create-hashes.mjs b/.github/actions/nym-hash-releases/create-hashes.mjs new file mode 100644 index 0000000000..38f7e650e5 --- /dev/null +++ b/.github/actions/nym-hash-releases/create-hashes.mjs @@ -0,0 +1,259 @@ +import hasha from "hasha"; +import fetch from "node-fetch"; +import { Octokit } from "@octokit/rest"; +import fs from "fs"; +import path from "path"; + +async function run(assets, algorithm, filename, cache) { + try { + fs.mkdirSync('.tmp'); + } catch(e) { + // ignore + } + + const hashes = {}; + let numAwaiting = 0; + for (const asset of assets) { + if (filename === "" || asset.name !== filename) { // don't hash the hash file (if the file has the same name) + numAwaiting++; + + let buffer = null; + let sig = null; + if(cache) { + // cache in `${WORKING_DIR}/.tmp/` + const cacheFilename = path.resolve(`.tmp/${asset.name}`); + if(!fs.existsSync(cacheFilename)) { + console.log(`Downloading ${asset.browser_download_url}... to ${cacheFilename}`); + buffer = Buffer.from(await fetch(asset.browser_download_url).then(res => res.arrayBuffer())); + fs.writeFileSync(cacheFilename, buffer); + } else { + console.log(`Loading from ${cacheFilename}`); + buffer = Buffer.from(fs.readFileSync(cacheFilename)); + + // console.log('Reading signature from content'); + // if(asset.name.endsWith('.sig')) { + // sig = fs.readFileSync(cacheFilename).toString(); + // } + } + } else { + // fetch always + buffer = Buffer.from(await fetch(asset.browser_download_url).then(res => res.arrayBuffer())); + } + if(!hashes[asset.name]) { + hashes[asset.name] = {}; + } + + if(asset.name.endsWith('.sig')) { + sig = buffer.toString(); + } + + hashes[asset.name][algorithm] = hasha(new Uint8Array(buffer), {algorithm: algorithm}); + + let platform; + let kind; + if(asset.name.endsWith('.sig')) { + kind = 'signature'; + } + if(asset.name.endsWith('.app.tar.gz')) { + platform = 'MacOS'; + kind = 'auto-updater'; + } + if(asset.name.endsWith('.app.tar.gz.sig')) { + platform = 'MacOS'; + kind = 'auto-updater-signature'; + } + if(asset.name.endsWith('.dmg')) { + platform = 'MacOS'; + kind = 'installer'; + } + if(asset.name.endsWith('.msi.zip')) { + platform = 'Windows'; + kind = 'auto-updater'; + } + if(asset.name.endsWith('.msi.zip.sig')) { + platform = 'Windows'; + kind = 'auto-updater-signature'; + } + if(asset.name.endsWith('.msi')) { + platform = 'Windows'; + kind = 'installer'; + } + if(asset.name.endsWith('.AppImage.tar.gz')) { + platform = 'Linux'; + kind = 'auto-updater'; + } + if(asset.name.endsWith('.AppImage.tar.gz.sig')) { + platform = 'Linux'; + kind = 'auto-updater-signature'; + } + if(asset.name.endsWith('.AppImage')) { + platform = 'Linux'; + kind = 'installer'; + } + + hashes[asset.name].downloadUrl = asset.browser_download_url; + + if(platform) { + hashes[asset.name].platform = platform; + } + if(kind) { + hashes[asset.name].kind = kind; + } + + // process Tauri signature files + if(asset.name.endsWith('.sig')) { + const otherFilename = asset.name.replace('.sig', ''); + if(!hashes[otherFilename]) { + hashes[otherFilename] = {}; + } + hashes[otherFilename].signature = sig; + } + } + } + return hashes; +} + +export async function createHashes({ assets, algorithm, filename, cache }) { + const output = await run(assets, algorithm, filename, cache); + if(filename?.length) { + fs.writeFileSync(filename, JSON.stringify(output, null, 2)); + } + return output; +} + +export async function createHashesFromReleaseTagOrNameOrId({ releaseTagOrNameOrId, algorithm = 'sha256', filename = 'hashes.json', cache = false, upload = true }) { + console.log("🚀🚀🚀 Getting releases"); + + let auth; + let authStrategy; + if(process.env.GITHUB_TOKEN) { + console.log('Using GITHUB_TOKEN for auth'); + // authStrategy = createActionAuth(); + // auth = await authStrategy(); + } + + const octokit = new Octokit({ + auth: process.env.GITHUB_TOKEN, + request: { fetch } + }); + const owner = "nymtech"; + const repo = "nym"; + + let releases; + if(cache) { + const cacheFilename = path.resolve(`.tmp/releases.json`); + if(!fs.existsSync(cacheFilename)) { + releases = await octokit.paginate( + octokit.rest.repos.listReleases, + { + owner, + repo, + per_page: 100, + }, + (response) => response.data + ); + fs.writeFileSync(cacheFilename, JSON.stringify(releases, null, 2)); + } else { + console.log('Loading releases from cache...'); + releases = JSON.parse(fs.readFileSync(cacheFilename)); + } + } else { + releases = await octokit.paginate( + octokit.rest.repos.listReleases, + { + owner, + repo, + per_page: 100, + }, + (response) => response.data + ) + } + + // process all releases by default + let releasesToProcess = releases; + + // process a single release + if(releaseTagOrNameOrId) { + releasesToProcess = releases.filter(r => { + if (r.tag_name === releaseTagOrNameOrId) { + return true; + } + if (`${r.id}` === `${releaseTagOrNameOrId}`) { + return true; + } + if (r.name === releaseTagOrNameOrId) { + return true; + } + + return false; + }); + } + + releasesToProcess.forEach(release => { + const {tag_name, name} = release; + const tagComponents = tag_name.split('-v'); + const componentName = tagComponents[0]; + const componentVersion = 'v' + tagComponents[1]; + + if(!tagComponents[1] || !name) { + return; + } + + release.componentName = componentName; + release.componentVersion = componentVersion; + }) + + releasesToProcess = releasesToProcess.filter(release => + !!release.name && !!release.componentVersion + ); + + console.log('Releases to process:'); + console.table(releasesToProcess.map(r => { + const { id, name, tag_name, componentName, componentVersion, assets } = r; + return { id, name, tag_name, componentName, componentVersion, assetCount: assets.length }; + })); + + for(const release of releasesToProcess) { + const {id, name, tag_name, html_url, componentName, componentVersion} = release; + + const hashes = await createHashes({ assets: release.assets, algorithm, filename, cache }); + + const output = { + id, name, tag_name, html_url, + componentName, + componentVersion, + assets: hashes, + }; + + if(upload) { + console.log(`🚚 Uploading ${filename} to release name="${release.name}" id=${release.id} (${release.upload_url})...`); + + const exists = (await octokit.repos.listReleaseAssets({ owner, repo, release_id: release.id })).data.find(a => a.name === filename) + if (exists) { + console.log(`Deleting existing asset ${filename}...`); + await octokit.repos.deleteReleaseAsset({ owner, repo, asset_id: exists.id }) + console.log('Deleted existing asset'); + } + + try { + const data = JSON.stringify(output, null, 2); + await octokit.rest.repos.uploadReleaseAsset({ + owner, + repo, + release_id: release.id, + headers: { + 'X-GitHub-Api-Version': '2022-11-28' + }, + name: filename, + data, + }); + console.log('✅ Upload to release is complete.'); + } catch(e) { + console.log('❌ failed to upload:', e.message, e.status, e.response.data); + console.log(e); + process.exit(-1); + } + } + } +} + diff --git a/.github/actions/nym-hash-releases/index.js b/.github/actions/nym-hash-releases/index.js new file mode 100644 index 0000000000..eecccba557 --- /dev/null +++ b/.github/actions/nym-hash-releases/index.js @@ -0,0 +1,15 @@ +import core from "@actions/core"; +import github from "@actions/github"; +import { createHashesFromReleaseTagOrNameOrId } from './create-hashes.mjs'; + +const algorithm = core.getInput('hash-type'); +const filename = core.getInput("file-name"); + +// use the release id from the payload if it is set +const releaseTagOrNameOrId = core.getInput("release-tag-or-name-or-id") || github.context.payload.release?.id; + +try { + await createHashesFromReleaseTagOrNameOrId({ releaseTagOrNameOrId, algorithm, filename }) +} catch (error) { + core.setFailed(error.message); +} diff --git a/.github/actions/nym-hash-releases/package-lock.json b/.github/actions/nym-hash-releases/package-lock.json new file mode 100644 index 0000000000..ce1cc096fa --- /dev/null +++ b/.github/actions/nym-hash-releases/package-lock.json @@ -0,0 +1,536 @@ +{ + "name": "ghaction-generate-release-hashes", + "version": "1.0.0", + "lockfileVersion": 3, + "requires": true, + "packages": { + "": { + "name": "ghaction-generate-release-hashes", + "version": "1.0.0", + "license": "MIT", + "dependencies": { + "@actions/core": "^1.10.0", + "@actions/github": "^5.1.1", + "@octokit/auth-action": "^4.0.0", + "@octokit/rest": "^20.0.1", + "hasha": "^5.2.0", + "node-fetch": "^3.2.10" + } + }, + "node_modules/@actions/core": { + "version": "1.10.0", + "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.10.0.tgz", + "integrity": "sha512-2aZDDa3zrrZbP5ZYg159sNoLRb61nQ7awl5pSvIq5Qpj81vwDzdMRKzkWJGJuwVvWpvZKx7vspJALyvaaIQyug==", + "dependencies": { + "@actions/http-client": "^2.0.1", + "uuid": "^8.3.2" + } + }, + "node_modules/@actions/github": { + "version": "5.1.1", + "resolved": "https://registry.npmjs.org/@actions/github/-/github-5.1.1.tgz", + "integrity": "sha512-Nk59rMDoJaV+mHCOJPXuvB1zIbomlKS0dmSIqPGxd0enAXBnOfn4VWF+CGtRCwXZG9Epa54tZA7VIRlJDS8A6g==", + "dependencies": { + "@actions/http-client": "^2.0.1", + "@octokit/core": "^3.6.0", + "@octokit/plugin-paginate-rest": "^2.17.0", + "@octokit/plugin-rest-endpoint-methods": "^5.13.0" + } + }, + "node_modules/@actions/http-client": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.1.1.tgz", + "integrity": "sha512-qhrkRMB40bbbLo7gF+0vu+X+UawOvQQqNAA/5Unx774RS8poaOhThDOG6BGmxvAnxhQnDp2BG/ZUm65xZILTpw==", + "dependencies": { + "tunnel": "^0.0.6" + } + }, + "node_modules/@octokit/auth-action": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/@octokit/auth-action/-/auth-action-4.0.0.tgz", + "integrity": "sha512-sMm9lWZdiX6e89YFaLrgE9EFs94k58BwIkvjOtozNWUqyTmsrnWFr/M5LolaRzZ7Kmb5FbhF9hi7FEeE274SoQ==", + "dependencies": { + "@octokit/auth-token": "^4.0.0", + "@octokit/types": "^11.0.0" + }, + "engines": { + "node": ">= 18" + } + }, + "node_modules/@octokit/auth-action/node_modules/@octokit/auth-token": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/@octokit/auth-token/-/auth-token-4.0.0.tgz", + "integrity": "sha512-tY/msAuJo6ARbK6SPIxZrPBms3xPbfwBrulZe0Wtr/DIY9lje2HeV1uoebShn6mx7SjCHif6EjMvoREj+gZ+SA==", + "engines": { + "node": ">= 18" + } + }, + "node_modules/@octokit/auth-action/node_modules/@octokit/openapi-types": { + "version": "18.0.0", + "resolved": "https://registry.npmjs.org/@octokit/openapi-types/-/openapi-types-18.0.0.tgz", + "integrity": "sha512-V8GImKs3TeQRxRtXFpG2wl19V7444NIOTDF24AWuIbmNaNYOQMWRbjcGDXV5B+0n887fgDcuMNOmlul+k+oJtw==" + }, + "node_modules/@octokit/auth-action/node_modules/@octokit/types": { + "version": "11.1.0", + "resolved": "https://registry.npmjs.org/@octokit/types/-/types-11.1.0.tgz", + "integrity": "sha512-Fz0+7GyLm/bHt8fwEqgvRBWwIV1S6wRRyq+V6exRKLVWaKGsuy6H9QFYeBVDV7rK6fO3XwHgQOPxv+cLj2zpXQ==", + "dependencies": { + "@octokit/openapi-types": "^18.0.0" + } + }, + "node_modules/@octokit/auth-token": { + "version": "2.5.0", + "resolved": "https://registry.npmjs.org/@octokit/auth-token/-/auth-token-2.5.0.tgz", + "integrity": "sha512-r5FVUJCOLl19AxiuZD2VRZ/ORjp/4IN98Of6YJoJOkY75CIBuYfmiNHGrDwXr+aLGG55igl9QrxX3hbiXlLb+g==", + "dependencies": { + "@octokit/types": "^6.0.3" + } + }, + "node_modules/@octokit/core": { + "version": "3.6.0", + "resolved": "https://registry.npmjs.org/@octokit/core/-/core-3.6.0.tgz", + "integrity": "sha512-7RKRKuA4xTjMhY+eG3jthb3hlZCsOwg3rztWh75Xc+ShDWOfDDATWbeZpAHBNRpm4Tv9WgBMOy1zEJYXG6NJ7Q==", + "dependencies": { + "@octokit/auth-token": "^2.4.4", + "@octokit/graphql": "^4.5.8", + "@octokit/request": "^5.6.3", + "@octokit/request-error": "^2.0.5", + "@octokit/types": "^6.0.3", + "before-after-hook": "^2.2.0", + "universal-user-agent": "^6.0.0" + } + }, + "node_modules/@octokit/endpoint": { + "version": "6.0.12", + "resolved": "https://registry.npmjs.org/@octokit/endpoint/-/endpoint-6.0.12.tgz", + "integrity": "sha512-lF3puPwkQWGfkMClXb4k/eUT/nZKQfxinRWJrdZaJO85Dqwo/G0yOC434Jr2ojwafWJMYqFGFa5ms4jJUgujdA==", + "dependencies": { + "@octokit/types": "^6.0.3", + "is-plain-object": "^5.0.0", + "universal-user-agent": "^6.0.0" + } + }, + "node_modules/@octokit/graphql": { + "version": "4.8.0", + "resolved": "https://registry.npmjs.org/@octokit/graphql/-/graphql-4.8.0.tgz", + "integrity": "sha512-0gv+qLSBLKF0z8TKaSKTsS39scVKF9dbMxJpj3U0vC7wjNWFuIpL/z76Qe2fiuCbDRcJSavkXsVtMS6/dtQQsg==", + "dependencies": { + "@octokit/request": "^5.6.0", + "@octokit/types": "^6.0.3", + "universal-user-agent": "^6.0.0" + } + }, + "node_modules/@octokit/openapi-types": { + "version": "12.11.0", + "resolved": "https://registry.npmjs.org/@octokit/openapi-types/-/openapi-types-12.11.0.tgz", + "integrity": "sha512-VsXyi8peyRq9PqIz/tpqiL2w3w80OgVMwBHltTml3LmVvXiphgeqmY9mvBw9Wu7e0QWk/fqD37ux8yP5uVekyQ==" + }, + "node_modules/@octokit/plugin-paginate-rest": { + "version": "2.21.3", + "resolved": "https://registry.npmjs.org/@octokit/plugin-paginate-rest/-/plugin-paginate-rest-2.21.3.tgz", + "integrity": "sha512-aCZTEf0y2h3OLbrgKkrfFdjRL6eSOo8komneVQJnYecAxIej7Bafor2xhuDJOIFau4pk0i/P28/XgtbyPF0ZHw==", + "dependencies": { + "@octokit/types": "^6.40.0" + }, + "peerDependencies": { + "@octokit/core": ">=2" + } + }, + "node_modules/@octokit/plugin-rest-endpoint-methods": { + "version": "5.16.2", + "resolved": "https://registry.npmjs.org/@octokit/plugin-rest-endpoint-methods/-/plugin-rest-endpoint-methods-5.16.2.tgz", + "integrity": "sha512-8QFz29Fg5jDuTPXVtey05BLm7OB+M8fnvE64RNegzX7U+5NUXcOcnpTIK0YfSHBg8gYd0oxIq3IZTe9SfPZiRw==", + "dependencies": { + "@octokit/types": "^6.39.0", + "deprecation": "^2.3.1" + }, + "peerDependencies": { + "@octokit/core": ">=3" + } + }, + "node_modules/@octokit/request": { + "version": "5.6.3", + "resolved": "https://registry.npmjs.org/@octokit/request/-/request-5.6.3.tgz", + "integrity": "sha512-bFJl0I1KVc9jYTe9tdGGpAMPy32dLBXXo1dS/YwSCTL/2nd9XeHsY616RE3HPXDVk+a+dBuzyz5YdlXwcDTr2A==", + "dependencies": { + "@octokit/endpoint": "^6.0.1", + "@octokit/request-error": "^2.1.0", + "@octokit/types": "^6.16.1", + "is-plain-object": "^5.0.0", + "node-fetch": "^2.6.7", + "universal-user-agent": "^6.0.0" + } + }, + "node_modules/@octokit/request-error": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/@octokit/request-error/-/request-error-2.1.0.tgz", + "integrity": "sha512-1VIvgXxs9WHSjicsRwq8PlR2LR2x6DwsJAaFgzdi0JfJoGSO8mYI/cHJQ+9FbN21aa+DrgNLnwObmyeSC8Rmpg==", + "dependencies": { + "@octokit/types": "^6.0.3", + "deprecation": "^2.0.0", + "once": "^1.4.0" + } + }, + "node_modules/@octokit/request/node_modules/node-fetch": { + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.7.0.tgz", + "integrity": "sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==", + "dependencies": { + "whatwg-url": "^5.0.0" + }, + "engines": { + "node": "4.x || >=6.0.0" + }, + "peerDependencies": { + "encoding": "^0.1.0" + }, + "peerDependenciesMeta": { + "encoding": { + "optional": true + } + } + }, + "node_modules/@octokit/rest": { + "version": "20.0.1", + "resolved": "https://registry.npmjs.org/@octokit/rest/-/rest-20.0.1.tgz", + "integrity": "sha512-wROV21RwHQIMNb2Dgd4+pY+dVy1Dwmp85pBrgr6YRRDYRBu9Gb+D73f4Bl2EukZSj5hInq2Tui9o7gAQpc2k2Q==", + "dependencies": { + "@octokit/core": "^5.0.0", + "@octokit/plugin-paginate-rest": "^8.0.0", + "@octokit/plugin-request-log": "^4.0.0", + "@octokit/plugin-rest-endpoint-methods": "^9.0.0" + }, + "engines": { + "node": ">= 18" + } + }, + "node_modules/@octokit/rest/node_modules/@octokit/auth-token": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/@octokit/auth-token/-/auth-token-4.0.0.tgz", + "integrity": "sha512-tY/msAuJo6ARbK6SPIxZrPBms3xPbfwBrulZe0Wtr/DIY9lje2HeV1uoebShn6mx7SjCHif6EjMvoREj+gZ+SA==", + "engines": { + "node": ">= 18" + } + }, + "node_modules/@octokit/rest/node_modules/@octokit/core": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/@octokit/core/-/core-5.0.0.tgz", + "integrity": "sha512-YbAtMWIrbZ9FCXbLwT9wWB8TyLjq9mxpKdgB3dUNxQcIVTf9hJ70gRPwAcqGZdY6WdJPZ0I7jLaaNDCiloGN2A==", + "dependencies": { + "@octokit/auth-token": "^4.0.0", + "@octokit/graphql": "^7.0.0", + "@octokit/request": "^8.0.2", + "@octokit/request-error": "^5.0.0", + "@octokit/types": "^11.0.0", + "before-after-hook": "^2.2.0", + "universal-user-agent": "^6.0.0" + }, + "engines": { + "node": ">= 18" + } + }, + "node_modules/@octokit/rest/node_modules/@octokit/endpoint": { + "version": "9.0.0", + "resolved": "https://registry.npmjs.org/@octokit/endpoint/-/endpoint-9.0.0.tgz", + "integrity": "sha512-szrQhiqJ88gghWY2Htt8MqUDO6++E/EIXqJ2ZEp5ma3uGS46o7LZAzSLt49myB7rT+Hfw5Y6gO3LmOxGzHijAQ==", + "dependencies": { + "@octokit/types": "^11.0.0", + "is-plain-object": "^5.0.0", + "universal-user-agent": "^6.0.0" + }, + "engines": { + "node": ">= 18" + } + }, + "node_modules/@octokit/rest/node_modules/@octokit/graphql": { + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/@octokit/graphql/-/graphql-7.0.1.tgz", + "integrity": "sha512-T5S3oZ1JOE58gom6MIcrgwZXzTaxRnxBso58xhozxHpOqSTgDS6YNeEUvZ/kRvXgPrRz/KHnZhtb7jUMRi9E6w==", + "dependencies": { + "@octokit/request": "^8.0.1", + "@octokit/types": "^11.0.0", + "universal-user-agent": "^6.0.0" + }, + "engines": { + "node": ">= 18" + } + }, + "node_modules/@octokit/rest/node_modules/@octokit/openapi-types": { + "version": "18.0.0", + "resolved": "https://registry.npmjs.org/@octokit/openapi-types/-/openapi-types-18.0.0.tgz", + "integrity": "sha512-V8GImKs3TeQRxRtXFpG2wl19V7444NIOTDF24AWuIbmNaNYOQMWRbjcGDXV5B+0n887fgDcuMNOmlul+k+oJtw==" + }, + "node_modules/@octokit/rest/node_modules/@octokit/plugin-paginate-rest": { + "version": "8.0.0", + "resolved": "https://registry.npmjs.org/@octokit/plugin-paginate-rest/-/plugin-paginate-rest-8.0.0.tgz", + "integrity": "sha512-2xZ+baZWUg+qudVXnnvXz7qfrTmDeYPCzangBVq/1gXxii/OiS//4shJp9dnCCvj1x+JAm9ji1Egwm1BA47lPQ==", + "dependencies": { + "@octokit/types": "^11.0.0" + }, + "engines": { + "node": ">= 18" + }, + "peerDependencies": { + "@octokit/core": ">=5" + } + }, + "node_modules/@octokit/rest/node_modules/@octokit/plugin-request-log": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/@octokit/plugin-request-log/-/plugin-request-log-4.0.0.tgz", + "integrity": "sha512-2uJI1COtYCq8Z4yNSnM231TgH50bRkheQ9+aH8TnZanB6QilOnx8RMD2qsnamSOXtDj0ilxvevf5fGsBhBBzKA==", + "engines": { + "node": ">= 18" + }, + "peerDependencies": { + "@octokit/core": ">=5" + } + }, + "node_modules/@octokit/rest/node_modules/@octokit/plugin-rest-endpoint-methods": { + "version": "9.0.0", + "resolved": "https://registry.npmjs.org/@octokit/plugin-rest-endpoint-methods/-/plugin-rest-endpoint-methods-9.0.0.tgz", + "integrity": "sha512-KquMF/VB1IkKNiVnzJKspY5mFgGyLd7HzdJfVEGTJFzqu9BRFNWt+nwTCMuUiWc72gLQhRWYubTwOkQj+w/1PA==", + "dependencies": { + "@octokit/types": "^11.0.0" + }, + "engines": { + "node": ">= 18" + }, + "peerDependencies": { + "@octokit/core": ">=5" + } + }, + "node_modules/@octokit/rest/node_modules/@octokit/request": { + "version": "8.1.1", + "resolved": "https://registry.npmjs.org/@octokit/request/-/request-8.1.1.tgz", + "integrity": "sha512-8N+tdUz4aCqQmXl8FpHYfKG9GelDFd7XGVzyN8rc6WxVlYcfpHECnuRkgquzz+WzvHTK62co5di8gSXnzASZPQ==", + "dependencies": { + "@octokit/endpoint": "^9.0.0", + "@octokit/request-error": "^5.0.0", + "@octokit/types": "^11.1.0", + "is-plain-object": "^5.0.0", + "universal-user-agent": "^6.0.0" + }, + "engines": { + "node": ">= 18" + } + }, + "node_modules/@octokit/rest/node_modules/@octokit/request-error": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/@octokit/request-error/-/request-error-5.0.0.tgz", + "integrity": "sha512-1ue0DH0Lif5iEqT52+Rf/hf0RmGO9NWFjrzmrkArpG9trFfDM/efx00BJHdLGuro4BR/gECxCU2Twf5OKrRFsQ==", + "dependencies": { + "@octokit/types": "^11.0.0", + "deprecation": "^2.0.0", + "once": "^1.4.0" + }, + "engines": { + "node": ">= 18" + } + }, + "node_modules/@octokit/rest/node_modules/@octokit/types": { + "version": "11.1.0", + "resolved": "https://registry.npmjs.org/@octokit/types/-/types-11.1.0.tgz", + "integrity": "sha512-Fz0+7GyLm/bHt8fwEqgvRBWwIV1S6wRRyq+V6exRKLVWaKGsuy6H9QFYeBVDV7rK6fO3XwHgQOPxv+cLj2zpXQ==", + "dependencies": { + "@octokit/openapi-types": "^18.0.0" + } + }, + "node_modules/@octokit/types": { + "version": "6.41.0", + "resolved": "https://registry.npmjs.org/@octokit/types/-/types-6.41.0.tgz", + "integrity": "sha512-eJ2jbzjdijiL3B4PrSQaSjuF2sPEQPVCPzBvTHJD9Nz+9dw2SGH4K4xeQJ77YfTq5bRQ+bD8wT11JbeDPmxmGg==", + "dependencies": { + "@octokit/openapi-types": "^12.11.0" + } + }, + "node_modules/before-after-hook": { + "version": "2.2.3", + "resolved": "https://registry.npmjs.org/before-after-hook/-/before-after-hook-2.2.3.tgz", + "integrity": "sha512-NzUnlZexiaH/46WDhANlyR2bXRopNg4F/zuSA3OpZnllCUgRaOF2znDioDWrmbNVsuZk6l9pMquQB38cfBZwkQ==" + }, + "node_modules/data-uri-to-buffer": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/data-uri-to-buffer/-/data-uri-to-buffer-4.0.1.tgz", + "integrity": "sha512-0R9ikRb668HB7QDxT1vkpuUBtqc53YyAwMwGeUFKRojY/NWKvdZ+9UYtRfGmhqNbRkTSVpMbmyhXipFFv2cb/A==", + "engines": { + "node": ">= 12" + } + }, + "node_modules/deprecation": { + "version": "2.3.1", + "resolved": "https://registry.npmjs.org/deprecation/-/deprecation-2.3.1.tgz", + "integrity": "sha512-xmHIy4F3scKVwMsQ4WnVaS8bHOx0DmVwRywosKhaILI0ywMDWPtBSku2HNxRvF7jtwDRsoEwYQSfbxj8b7RlJQ==" + }, + "node_modules/fetch-blob": { + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/fetch-blob/-/fetch-blob-3.2.0.tgz", + "integrity": "sha512-7yAQpD2UMJzLi1Dqv7qFYnPbaPx7ZfFK6PiIxQ4PfkGPyNyl2Ugx+a/umUonmKqjhM4DnfbMvdX6otXq83soQQ==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/jimmywarting" + }, + { + "type": "paypal", + "url": "https://paypal.me/jimmywarting" + } + ], + "dependencies": { + "node-domexception": "^1.0.0", + "web-streams-polyfill": "^3.0.3" + }, + "engines": { + "node": "^12.20 || >= 14.13" + } + }, + "node_modules/formdata-polyfill": { + "version": "4.0.10", + "resolved": "https://registry.npmjs.org/formdata-polyfill/-/formdata-polyfill-4.0.10.tgz", + "integrity": "sha512-buewHzMvYL29jdeQTVILecSaZKnt/RJWjoZCF5OW60Z67/GmSLBkOFM7qh1PI3zFNtJbaZL5eQu1vLfazOwj4g==", + "dependencies": { + "fetch-blob": "^3.1.2" + }, + "engines": { + "node": ">=12.20.0" + } + }, + "node_modules/hasha": { + "version": "5.2.2", + "resolved": "https://registry.npmjs.org/hasha/-/hasha-5.2.2.tgz", + "integrity": "sha512-Hrp5vIK/xr5SkeN2onO32H0MgNZ0f17HRNH39WfL0SYUNOTZ5Lz1TJ8Pajo/87dYGEFlLMm7mIc/k/s6Bvz9HQ==", + "dependencies": { + "is-stream": "^2.0.0", + "type-fest": "^0.8.0" + }, + "engines": { + "node": ">=8" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/is-plain-object": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/is-plain-object/-/is-plain-object-5.0.0.tgz", + "integrity": "sha512-VRSzKkbMm5jMDoKLbltAkFQ5Qr7VDiTFGXxYFXXowVj387GeGNOCsOH6Msy00SGZ3Fp84b1Naa1psqgcCIEP5Q==", + "engines": { + "node": ">=0.10.0" + } + }, + "node_modules/is-stream": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", + "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", + "engines": { + "node": ">=8" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/node-domexception": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/node-domexception/-/node-domexception-1.0.0.tgz", + "integrity": "sha512-/jKZoMpw0F8GRwl4/eLROPA3cfcXtLApP0QzLmUT/HuPCZWyB7IY9ZrMeKw2O/nFIqPQB3PVM9aYm0F312AXDQ==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/jimmywarting" + }, + { + "type": "github", + "url": "https://paypal.me/jimmywarting" + } + ], + "engines": { + "node": ">=10.5.0" + } + }, + "node_modules/node-fetch": { + "version": "3.3.2", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-3.3.2.tgz", + "integrity": "sha512-dRB78srN/l6gqWulah9SrxeYnxeddIG30+GOqK/9OlLVyLg3HPnr6SqOWTWOXKRwC2eGYCkZ59NNuSgvSrpgOA==", + "dependencies": { + "data-uri-to-buffer": "^4.0.0", + "fetch-blob": "^3.1.4", + "formdata-polyfill": "^4.0.10" + }, + "engines": { + "node": "^12.20.0 || ^14.13.1 || >=16.0.0" + }, + "funding": { + "type": "opencollective", + "url": "https://opencollective.com/node-fetch" + } + }, + "node_modules/once": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", + "dependencies": { + "wrappy": "1" + } + }, + "node_modules/tr46": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", + "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==" + }, + "node_modules/tunnel": { + "version": "0.0.6", + "resolved": "https://registry.npmjs.org/tunnel/-/tunnel-0.0.6.tgz", + "integrity": "sha512-1h/Lnq9yajKY2PEbBadPXj3VxsDDu844OnaAo52UVmIzIvwwtBPIuNvkjuzBlTWpfJyUbG3ez0KSBibQkj4ojg==", + "engines": { + "node": ">=0.6.11 <=0.7.0 || >=0.7.3" + } + }, + "node_modules/type-fest": { + "version": "0.8.1", + "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.8.1.tgz", + "integrity": "sha512-4dbzIzqvjtgiM5rw1k5rEHtBANKmdudhGyBEajN01fEyhaAIhsoKNy6y7+IN93IfpFtwY9iqi7kD+xwKhQsNJA==", + "engines": { + "node": ">=8" + } + }, + "node_modules/universal-user-agent": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/universal-user-agent/-/universal-user-agent-6.0.0.tgz", + "integrity": "sha512-isyNax3wXoKaulPDZWHQqbmIx1k2tb9fb3GGDBRxCscfYV2Ch7WxPArBsFEG8s/safwXTT7H4QGhaIkTp9447w==" + }, + "node_modules/uuid": { + "version": "8.3.2", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "bin": { + "uuid": "dist/bin/uuid" + } + }, + "node_modules/web-streams-polyfill": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/web-streams-polyfill/-/web-streams-polyfill-3.2.1.tgz", + "integrity": "sha512-e0MO3wdXWKrLbL0DgGnUV7WHVuw9OUvL4hjgnPkIeEvESk74gAITi5G606JtZPp39cd8HA9VQzCIvA49LpPN5Q==", + "engines": { + "node": ">= 8" + } + }, + "node_modules/webidl-conversions": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", + "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==" + }, + "node_modules/whatwg-url": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", + "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", + "dependencies": { + "tr46": "~0.0.3", + "webidl-conversions": "^3.0.0" + } + }, + "node_modules/wrappy": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", + "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==" + } + } +} diff --git a/.github/actions/nym-hash-releases/package.json b/.github/actions/nym-hash-releases/package.json new file mode 100644 index 0000000000..6dcd6903a1 --- /dev/null +++ b/.github/actions/nym-hash-releases/package.json @@ -0,0 +1,18 @@ +{ + "name": "nym-hash-release", + "version": "1.0.0", + "description": "Generate hashes and signatures for assets in Nym releases", + "main": "index.js", + "type": "module", + "scripts": { + "local": "node run-local.mjs" + }, + "dependencies": { + "@actions/core": "^1.10.0", + "@actions/github": "^5.1.1", + "@octokit/auth-action": "^4.0.0", + "@octokit/rest": "^20.0.1", + "hasha": "^5.2.0", + "node-fetch": "^3.2.10" + } +} diff --git a/.github/actions/nym-hash-releases/run-local.mjs b/.github/actions/nym-hash-releases/run-local.mjs new file mode 100644 index 0000000000..f2fc6addb8 --- /dev/null +++ b/.github/actions/nym-hash-releases/run-local.mjs @@ -0,0 +1,6 @@ +import {createHashesFromReleaseTagOrNameOrId} from './create-hashes.mjs'; + +await createHashesFromReleaseTagOrNameOrId({releaseTagOrNameOrId: 119065724, cache: true, upload: false}); +await createHashesFromReleaseTagOrNameOrId({releaseTagOrNameOrId: '119065724', cache: true, upload: false}); +await createHashesFromReleaseTagOrNameOrId({releaseTagOrNameOrId: 'nym-connect-v1.1.19-snickers', cache: true, upload: false}); +await createHashesFromReleaseTagOrNameOrId({releaseTagOrNameOrId: 'Nym Connect v1.1.19-snickers', cache: true, upload: false}); diff --git a/.github/workflows/nym-connect-publish-macos.yml b/.github/workflows/nym-connect-publish-macos.yml index a5a0a65a8c..e5060b7aad 100644 --- a/.github/workflows/nym-connect-publish-macos.yml +++ b/.github/workflows/nym-connect-publish-macos.yml @@ -112,31 +112,11 @@ jobs: files: | nym-connect/desktop/target/release/bundle/dmg/*.dmg nym-connect/desktop/target/release/bundle/macos/*.app.tar.gz* - - id: release-info - name: Prepare release info - run: | - ref=${{ github.ref_name }} - semver="${ref##nym-connect-}" && semver="${semver##v}" - echo "version=${semver}" >> "$GITHUB_OUTPUT" - echo "filename=nym-connect_${semver}_x64.dmg " >> "$GITHUB_OUTPUT" - echo "file_hash=${{ hashFiles('nym-connect/desktop/target/release/bundle/dmg/nym-connect_*_x64.dmg') }}" >> "$GITHUB_OUTPUT" push-release-data: if: ${{ (startsWith(github.ref, 'refs/tags/nym-connect-') && github.event_name == 'release') || github.event_name == 'workflow_dispatch' }} - uses: ./.github/workflows/push-release-data.yml + uses: ./.github/workflows/release-calculate-hash.yml needs: publish-tauri with: release_tag: ${{ github.ref_name }} - release_id: ${{ needs.publish-tauri.outputs.release_id }} - release_date: ${{ needs.publish-tauri.outputs.release_date }} - download_base_url: https://github.com/nymtech/nym/releases/download/${{ github.ref_name }} - changelog_url: https://github.com/nymtech/nym/blob/${{ github.ref_name }}/nym-connect/desktop/CHANGELOG.md - archive_url: https://github.com/nymtech/nym/releases/download/${{ github.ref_name }}/nym-connect.app.tar.gz - sig_url: https://github.com/nymtech/nym/releases/download/${{ github.ref_name }}/nym-connect.app.tar.gz.sig - version: ${{ needs.publish-tauri.outputs.version }} - filename: ${{ needs.publish-tauri.outputs.filename }} - file_hash: ${{ needs.publish-tauri.outputs.file_hash }} - name: NymConnect - category: connect - platform: MacOS secrets: inherit diff --git a/.github/workflows/nym-connect-publish-ubuntu.yml b/.github/workflows/nym-connect-publish-ubuntu.yml index 2e27f3044c..436f397e8d 100644 --- a/.github/workflows/nym-connect-publish-ubuntu.yml +++ b/.github/workflows/nym-connect-publish-ubuntu.yml @@ -79,31 +79,11 @@ jobs: files: | nym-connect/desktop/target/release/bundle/appimage/*.AppImage nym-connect/desktop/target/release/bundle/appimage/*.AppImage.tar.gz* - - id: release-info - name: Prepare release info - run: | - ref=${{ github.ref_name }} - semver="${ref##nym-connect-}" && semver="${semver##v}" - echo "version=${semver}" >> "$GITHUB_OUTPUT" - echo "filename=nym-connect_${semver}_amd64.AppImage" >> "$GITHUB_OUTPUT" - echo "file_hash=${{ hashFiles('nym-connect/desktop/target/release/bundle/appimage/nym-connect_*_amd64.AppImage') }}" >> "$GITHUB_OUTPUT" push-release-data: if: ${{ (startsWith(github.ref, 'refs/tags/nym-connect-') && github.event_name == 'release') || github.event_name == 'workflow_dispatch' }} - uses: ./.github/workflows/push-release-data.yml + uses: ./.github/workflows/release-calculate-hash.yml needs: publish-tauri with: release_tag: ${{ github.ref_name }} - release_id: ${{ needs.publish-tauri.outputs.release_id }} - release_date: ${{ needs.publish-tauri.outputs.release_date }} - download_base_url: https://github.com/nymtech/nym/releases/download/${{ github.ref_name }} - changelog_url: https://github.com/nymtech/nym/blob/${{ github.ref_name }}/nym-connect/desktop/CHANGELOG.md - archive_url: https://github.com/nymtech/nym/releases/download/${{ github.ref_name }}/nym-connect_${{ needs.publish-tauri.outputs.version }}_amd64.AppImage.tar.gz - sig_url: https://github.com/nymtech/nym/releases/download/${{ github.ref_name }}/nym-connect_${{ needs.publish-tauri.outputs.version }}_amd64.AppImage.tar.gz.sig - version: ${{ needs.publish-tauri.outputs.version }} - filename: ${{ needs.publish-tauri.outputs.filename }} - file_hash: ${{ needs.publish-tauri.outputs.file_hash }} - name: NymConnect - category: connect - platform: Ubuntu secrets: inherit diff --git a/.github/workflows/nym-connect-publish-windows10.yml b/.github/workflows/nym-connect-publish-windows10.yml index f90ce1697d..43b336d034 100644 --- a/.github/workflows/nym-connect-publish-windows10.yml +++ b/.github/workflows/nym-connect-publish-windows10.yml @@ -98,32 +98,11 @@ jobs: files: | nym-connect/desktop/target/release/bundle/msi/*.msi nym-connect/desktop/target/release/bundle/msi/*.msi.zip* - - id: release-info - name: Prepare release info - shell: bash - run: | - ref=${{ github.ref_name }} - semver="${ref##nym-connect-}" && semver="${semver##v}" - echo "version=${semver}" >> "$GITHUB_OUTPUT" - echo "filename=nym-connect_${semver}_x64_en-US.msi" >> "$GITHUB_OUTPUT" - echo "file_hash=${{ hashFiles('nym-connect/desktop/target/release/bundle/msi/nym-connect_*_x64_en-US.msi') }}" >> "$GITHUB_OUTPUT" push-release-data: if: ${{ (startsWith(github.ref, 'refs/tags/nym-connect-') && github.event_name == 'release') || github.event_name == 'workflow_dispatch' }} - uses: ./.github/workflows/push-release-data.yml + uses: ./.github/workflows/release-calculate-hash.yml needs: publish-tauri with: release_tag: ${{ github.ref_name }} - release_id: ${{ needs.publish-tauri.outputs.release_id }} - release_date: ${{ needs.publish-tauri.outputs.release_date }} - download_base_url: https://github.com/nymtech/nym/releases/download/${{ github.ref_name }} - changelog_url: https://github.com/nymtech/nym/blob/${{ github.ref_name }}/nym-connect/desktop/CHANGELOG.md - archive_url: https://github.com/nymtech/nym/releases/download/${{ github.ref_name }}/nym-connect_${{ needs.publish-tauri.outputs.version }}_x64_en-US.msi.zip - sig_url: https://github.com/nymtech/nym/releases/download/${{ github.ref_name }}/nym-connect_${{ needs.publish-tauri.outputs.version }}_x64_en-US.msi.zip.sig - version: ${{ needs.publish-tauri.outputs.version }} - filename: ${{ needs.publish-tauri.outputs.filename }} - file_hash: ${{ needs.publish-tauri.outputs.file_hash }} - name: NymConnect - category: connect - platform: Windows secrets: inherit diff --git a/.github/workflows/nym-release-publish.yml b/.github/workflows/nym-release-publish.yml index 9252d7122d..7c9592ae17 100644 --- a/.github/workflows/nym-release-publish.yml +++ b/.github/workflows/nym-release-publish.yml @@ -96,149 +96,10 @@ jobs: target/release/nym-network-statistics target/release/nym-cli - - id: release-info - name: Prepare release info - run: | - semver="${${{ github.ref_name }}##nym-binaries-}" && semver="${semver##v}" - echo "version=$semver" >> "$GITHUB_OUTPUT" - - - id: binary-hashes - name: Generate binary hashes - run: | - echo "client_hash=${{ hashFiles('target/release/nym-client') }}" >> "$GITHUB_OUTPUT" - echo "mixnode_hash=${{ hashFiles('target/release/nym-mixnode') }}" >> "$GITHUB_OUTPUT" - echo "gateway_hash=${{ hashFiles('target/release/nym-gateway') }}" >> "$GITHUB_OUTPUT" - echo "socks5_hash=${{ hashFiles('target/release/nym-socks5-client') }}" >> "$GITHUB_OUTPUT" - echo "netreq_hash=${{ hashFiles('target/release/nym-network-requester') }}" >> "$GITHUB_OUTPUT" - echo "cli_hash=${{ hashFiles('target/release/nym-cli') }}" >> "$GITHUB_OUTPUT" - echo "netstat_hash=${{ hashFiles('target/release/nym-network-statistics') }}" >> "$GITHUB_OUTPUT" - - - id: binary-versions - name: Get binary versions - run: | - v=$(rg '^version = "(.*)"' -or '$1' clients/native/Cargo.toml) && echo "client_version=$v" >> "$GITHUB_OUTPUT" - v=$(rg '^version = "(.*)"' -or '$1' mixnode/Cargo.toml) && echo "mixnode_version=$v" >> "$GITHUB_OUTPUT" - v=$(rg '^version = "(.*)"' -or '$1' gateway/Cargo.toml) && echo "gateway_version=$v" >> "$GITHUB_OUTPUT" - v=$(rg '^version = "(.*)"' -or '$1' clients/socks5/Cargo.toml) && echo "socks5_version=$v" >> "$GITHUB_OUTPUT" - v=$(rg '^version = "(.*)"' -or '$1' service-providers/network-requester/Cargo.toml) && echo "netreq_version=$v" >> "$GITHUB_OUTPUT" - v=$(rg '^version = "(.*)"' -or '$1' tools/nym-cli/Cargo.toml) && echo "cli_version=$v" >> "$GITHUB_OUTPUT" - v=$(rg '^version = "(.*)"' -or '$1' service-providers/network-statistics/Cargo.toml) && echo "netstat_version=$v" >> "$GITHUB_OUTPUT" - push-release-data-client: if: ${{ (startsWith(github.ref, 'refs/tags/nym-binaries-') && github.event_name == 'release') || github.event_name == 'workflow_dispatch' }} - uses: ./.github/workflows/push-release-data.yml + uses: ./.github/workflows/release-calculate-hash.yml needs: publish-nym with: release_tag: ${{ github.ref_name }} - release_id: ${{ needs.publish-nym.outputs.release_id }} - release_date: ${{ needs.publish-nym.outputs.release_date }} - download_base_url: https://github.com/nymtech/nym/releases/download/${{ github.ref_name }} - changelog_url: https://github.com/nymtech/nym/blob/${{ github.ref_name }}/CHANGELOG.md - version: ${{ needs.publish-nym.outputs.client_version }} - filename: nym-client - file_hash: ${{ needs.publish-nym.outputs.client_hash }} - name: Client - category: binaries - secrets: inherit - - push-release-data-mixnode: - if: ${{ (startsWith(github.ref, 'refs/tags/nym-binaries-') && github.event_name == 'release') || github.event_name == 'workflow_dispatch' }} - uses: ./.github/workflows/push-release-data.yml - needs: publish-nym - with: - release_tag: ${{ github.ref_name }} - release_id: ${{ needs.publish-nym.outputs.release_id }} - release_date: ${{ needs.publish-nym.outputs.release_date }} - download_base_url: https://github.com/nymtech/nym/releases/download/${{ github.ref_name }} - changelog_url: https://github.com/nymtech/nym/blob/${{ github.ref_name }}/CHANGELOG.md - version: ${{ needs.publish-nym.outputs.mixnode_version }} - filename: nym-mixnode - file_hash: ${{ needs.publish-nym.outputs.mixnode_hash }} - name: Mixnode - category: binaries - secrets: inherit - - push-release-data-gateway: - if: ${{ (startsWith(github.ref, 'refs/tags/nym-binaries-') && github.event_name == 'release') || github.event_name == 'workflow_dispatch' }} - uses: ./.github/workflows/push-release-data.yml - needs: publish-nym - with: - release_tag: ${{ github.ref_name }} - release_id: ${{ needs.publish-nym.outputs.release_id }} - release_date: ${{ needs.publish-nym.outputs.release_date }} - download_base_url: https://github.com/nymtech/nym/releases/download/${{ github.ref_name }} - changelog_url: https://github.com/nymtech/nym/blob/${{ github.ref_name }}/CHANGELOG.md - version: ${{ needs.publish-nym.outputs.gateway_version }} - filename: nym-gateway - file_hash: ${{ needs.publish-nym.outputs.gateway_hash }} - name: Gateway - category: binaries - secrets: inherit - - push-release-data-socks5: - if: ${{ (startsWith(github.ref, 'refs/tags/nym-binaries-') && github.event_name == 'release') || github.event_name == 'workflow_dispatch' }} - uses: ./.github/workflows/push-release-data.yml - needs: publish-nym - with: - release_tag: ${{ github.ref_name }} - release_id: ${{ needs.publish-nym.outputs.release_id }} - release_date: ${{ needs.publish-nym.outputs.release_date }} - download_base_url: https://github.com/nymtech/nym/releases/download/${{ github.ref_name }} - changelog_url: https://github.com/nymtech/nym/blob/${{ github.ref_name }}/CHANGELOG.md - version: ${{ needs.publish-nym.outputs.socks5_version }} - filename: nym-socks5-client - file_hash: ${{ needs.publish-nym.outputs.socks5_hash }} - name: Socks5 Client - category: binaries - secrets: inherit - - push-release-data-network-requester: - if: ${{ (startsWith(github.ref, 'refs/tags/nym-binaries-') && github.event_name == 'release') || github.event_name == 'workflow_dispatch' }} - uses: ./.github/workflows/push-release-data.yml - needs: publish-nym - with: - release_tag: ${{ github.ref_name }} - release_id: ${{ needs.publish-nym.outputs.release_id }} - release_date: ${{ needs.publish-nym.outputs.release_date }} - download_base_url: https://github.com/nymtech/nym/releases/download/${{ github.ref_name }} - changelog_url: https://github.com/nymtech/nym/blob/${{ github.ref_name }}/CHANGELOG.md - version: ${{ needs.publish-nym.outputs.netreq_version }} - filename: nym-network-requester - file_hash: ${{ needs.publish-nym.outputs.netreq_hash }} - name: Network Requester - category: binaries - secrets: inherit - - push-release-data-cli: - if: ${{ (startsWith(github.ref, 'refs/tags/nym-binaries-') && github.event_name == 'release') || github.event_name == 'workflow_dispatch' }} - uses: ./.github/workflows/push-release-data.yml - needs: publish-nym - with: - release_tag: ${{ github.ref_name }} - release_id: ${{ needs.publish-nym.outputs.release_id }} - release_date: ${{ needs.publish-nym.outputs.release_date }} - download_base_url: https://github.com/nymtech/nym/releases/download/${{ github.ref_name }} - changelog_url: https://github.com/nymtech/nym/blob/${{ github.ref_name }}/CHANGELOG.md - version: ${{ needs.publish-nym.outputs.cli_version }} - filename: nym-cli - file_hash: ${{ needs.publish-nym.outputs.cli_hash }} - name: Cli - category: binaries - secrets: inherit - - push-release-data-network-stat: - if: ${{ (startsWith(github.ref, 'refs/tags/nym-binaries-') && github.event_name == 'release') || github.event_name == 'workflow_dispatch' }} - uses: ./.github/workflows/push-release-data.yml - needs: publish-nym - with: - release_tag: ${{ github.ref_name }} - release_id: ${{ needs.publish-nym.outputs.release_id }} - release_date: ${{ needs.publish-nym.outputs.release_date }} - download_base_url: https://github.com/nymtech/nym/releases/download/${{ github.ref_name }} - changelog_url: https://github.com/nymtech/nym/blob/${{ github.ref_name }}/CHANGELOG.md - version: ${{ needs.publish-nym.outputs.netstat_version }} - filename: nym-network-statistics - file_hash: ${{ needs.publish-nym.outputs.netstat_hash }} - name: Network Statistics - category: binaries secrets: inherit diff --git a/.github/workflows/nym-wallet-publish-macos.yml b/.github/workflows/nym-wallet-publish-macos.yml index f8f342d291..497f367047 100644 --- a/.github/workflows/nym-wallet-publish-macos.yml +++ b/.github/workflows/nym-wallet-publish-macos.yml @@ -100,31 +100,10 @@ jobs: nym-wallet/target/release/bundle/dmg/*.dmg nym-wallet/target/release/bundle/macos/*.app.tar.gz* - - id: release-info - name: Prepare release info - run: | - ref=${{ github.ref_name }} - semver="${ref##nym-wallet-}" && semver="${semver##v}" - echo "version=${semver}" >> "$GITHUB_OUTPUT" - echo "filename=nym-wallet_${semver}_x64.dmg" >> "$GITHUB_OUTPUT" - echo "file_hash=${{ hashFiles('nym-wallet/target/release/bundle/dmg/nym-wallet_*_x64.dmg') }}" >> "$GITHUB_OUTPUT" - push-release-data: if: ${{ (startsWith(github.ref, 'refs/tags/nym-wallet-') && github.event_name == 'release') || github.event_name == 'workflow_dispatch' }} - uses: ./.github/workflows/push-release-data.yml + uses: ./.github/workflows/release-calculate-hash.yml needs: publish-tauri with: release_tag: ${{ github.ref_name }} - release_id: ${{ needs.publish-tauri.outputs.release_id }} - release_date: ${{ needs.publish-tauri.outputs.release_date }} - download_base_url: https://github.com/nymtech/nym/releases/download/${{ github.ref_name }} - changelog_url: https://github.com/nymtech/nym/blob/${{ github.ref_name }}/nym-wallet/CHANGELOG.md - archive_url: https://github.com/nymtech/nym/releases/download/${{ github.ref_name }}/nym-wallet.app.tar.gz - sig_url: https://github.com/nymtech/nym/releases/download/${{ github.ref_name }}/nym-wallet.app.tar.gz.sig - version: ${{ needs.publish-tauri.outputs.version }} - filename: ${{ needs.publish-tauri.outputs.filename }} - file_hash: ${{ needs.publish-tauri.outputs.file_hash }} - name: Wallet - category: wallet - platform: MacOS secrets: inherit diff --git a/.github/workflows/nym-wallet-publish-ubuntu.yml b/.github/workflows/nym-wallet-publish-ubuntu.yml index c21824eacf..cdf714e4e3 100644 --- a/.github/workflows/nym-wallet-publish-ubuntu.yml +++ b/.github/workflows/nym-wallet-publish-ubuntu.yml @@ -77,31 +77,10 @@ jobs: nym-wallet/target/release/bundle/appimage/*.AppImage nym-wallet/target/release/bundle/appimage/*.AppImage.tar.gz* - - id: release-info - name: Prepare release info - run: | - ref=${{ github.ref_name }} - semver="${ref##nym-wallet-}" && semver="${semver##v}" - echo "version=${semver}" >> "$GITHUB_OUTPUT" - echo "filename=nym-wallet_${semver}_amd64.AppImage" >> "$GITHUB_OUTPUT" - echo "file_hash=${{ hashFiles('nym-wallet/target/release/bundle/appimage/nym-wallet_*_amd64.AppImage') }}" >> "$GITHUB_OUTPUT" - push-release-data: if: ${{ (startsWith(github.ref, 'refs/tags/nym-wallet-') && github.event_name == 'release') || github.event_name == 'workflow_dispatch' }} - uses: ./.github/workflows/push-release-data.yml + uses: ./.github/workflows/release-calculate-hash.yml needs: publish-tauri with: release_tag: ${{ github.ref_name }} - release_id: ${{ needs.publish-tauri.outputs.release_id }} - release_date: ${{ needs.publish-tauri.outputs.release_date }} - download_base_url: https://github.com/nymtech/nym/releases/download/${{ github.ref_name }} - changelog_url: https://github.com/nymtech/nym/blob/${{ github.ref_name }}/nym-wallet/CHANGELOG.md - archive_url: https://github.com/nymtech/nym/releases/download/${{ github.ref_name }}/nym-wallet_${{ needs.publish-tauri.outputs.version }}_amd64.AppImage.tar.gz - sig_url: https://github.com/nymtech/nym/releases/download/${{ github.ref_name }}/nym-wallet_${{ needs.publish-tauri.outputs.version }}_amd64.AppImage.tar.gz.sig - version: ${{ needs.publish-tauri.outputs.version }} - filename: ${{ needs.publish-tauri.outputs.filename }} - file_hash: ${{ needs.publish-tauri.outputs.file_hash }} - name: Wallet - category: wallet - platform: Ubuntu secrets: inherit diff --git a/.github/workflows/nym-wallet-publish-windows10.yml b/.github/workflows/nym-wallet-publish-windows10.yml index b2f710100c..69548ad315 100644 --- a/.github/workflows/nym-wallet-publish-windows10.yml +++ b/.github/workflows/nym-wallet-publish-windows10.yml @@ -97,31 +97,10 @@ jobs: nym-wallet/target/release/bundle/msi/*.msi nym-wallet/target/release/bundle/msi/*.msi.zip* - - id: release-info - name: Prepare release info - run: | - ref=${{ github.ref_name }} - semver="${ref##nym-wallet-}" && semver="${semver##v}" - echo "version=${semver}" >> "$GITHUB_OUTPUT" - echo "filename=nym-wallet_${semver}_x64_en-US.msi" >> "$GITHUB_OUTPUT" - echo "file_hash=${{ hashFiles('nym-wallet/target/release/bundle/msi/nym-wallet_*_x64_en-US.msi') }}" >> "$GITHUB_OUTPUT" - push-release-data: if: ${{ (startsWith(github.ref, 'refs/tags/nym-wallet-') && github.event_name == 'release') || github.event_name == 'workflow_dispatch' }} - uses: ./.github/workflows/push-release-data.yml + uses: ./.github/workflows/release-calculate-hash.yml needs: publish-tauri with: release_tag: ${{ github.ref_name }} - release_id: ${{ needs.publish-tauri.outputs.release_id }} - release_date: ${{ needs.publish-tauri.outputs.release_date }} - download_base_url: https://github.com/nymtech/nym/releases/download/${{ github.ref_name }} - changelog_url: https://github.com/nymtech/nym/blob/${{ github.ref_name }}/nym-wallet/CHANGELOG.md - archive_url: https://github.com/nymtech/nym/releases/download/${{ github.ref_name }}/nym-wallet_${{ needs.publish-tauri.outputs.version }}_x64_en-US.msi.zip - sig_url: https://github.com/nymtech/nym/releases/download/${{ github.ref_name }}/nym-wallet_${{ needs.publish-tauri.outputs.version }}_x64_en-US.msi.zip.sig - version: ${{ needs.publish-tauri.outputs.version }} - filename: ${{ needs.publish-tauri.outputs.filename }} - file_hash: ${{ needs.publish-tauri.outputs.file_hash }} - name: Wallet - category: wallet - platform: Windows secrets: inherit diff --git a/.github/workflows/push-release-data.yml b/.github/workflows/push-release-data.yml deleted file mode 100644 index db115af817..0000000000 --- a/.github/workflows/push-release-data.yml +++ /dev/null @@ -1,212 +0,0 @@ -name: Push release data - -env: - strapi_download_url: 'https://strapi.feat-nym-update-nym-web.websites.dev.nymte.ch/api/downloaders' - strapi_updater_url: 'https://strapi.feat-nym-update-nym-web.websites.dev.nymte.ch/api/updaters' - -on: - workflow_call: - inputs: - release_tag: - required: true - description: Release tag - type: string - release_id: - required: true - description: Release ID - type: string - release_date: - required: true - description: Release date - type: string - download_base_url: - required: true - description: Download base URL - type: string - changelog_url: - required: true - description: Changelog URL - type: string - archive_url: - required: false - description: Binary archive URL - type: string - sig_url: - required: false - description: Archive signature URL - type: string - version: - required: true - description: Release version (semver) - type: string - filename: - required: true - description: Binary file name - type: string - file_hash: - required: true - description: Binary hash (sha256) - type: string - name: - required: true - description: Name - type: string - category: - required: true - description: Category - type: string - platform: - required: false - description: Platform - type: string - workflow_dispatch: - inputs: - # ⚠ since inputs are limited to 10 max for workflow_dispatch - # some properties were omitted - version: - required: true - description: Release version (semver) - type: string - default: '1.0.0' - release_id: - required: true - description: Release ID - type: string - default: '1234' - release_date: - required: true - description: Release date - type: string - default: '2023-06-26T10:09:16Z' - download_base_url: - required: true - description: Download base URL - type: string - default: 'https://github.com/nymtech/nym/releases/download/nym-wallet-v1.0.0' - changelog_url: - required: true - description: Changelog URL - type: string - default: 'https://github.com/nymtech/nym/blob/nym-wallet-v1.0.0/nym-wallet/CHANGELOG.md' - filename: - required: true - description: Binary file name - type: string - default: 'nym-wallet_1.0.0_amd64.AppImage' - file_hash: - required: true - description: Binary hash (sha256) - type: string - default: 'xxx' - name: - required: true - description: Name - type: string - default: 'Wallet' - category: - required: true - description: Category - default: 'wallet' - type: choice - options: - - wallet - - connect - - binaries - platform: - required: false - description: Platform - default: 'Ubuntu' - type: choice - options: - - Ubuntu - - Windows - - MacOS - -jobs: - push-download-data: - name: Push download data to Strapi - runs-on: custom-runner-linux - - steps: - - name: Release info - run: | - echo "version: ${{ inputs.version }}" - echo "tag: ${{ inputs.release_tag }}" - - - id: get_sig - name: Get sig - if: ${{ inputs.sig_url != null }} - run: | - output=$(curl -LsSf ${{ inputs.sig_url }}) - echo "sig=$output" >> "$GITHUB_OUTPUT" - - id: strapi-request - name: Strapi request - uses: fjogeleit/http-request-action@v1 - with: - url: ${{ env.strapi_download_url }} - method: 'POST' - bearerToken: ${{ secrets.STRAPI_API_TOKEN_RELEASES }} - customHeaders: '{"Content-Type": "application/json"}' - data: | - { - "data": { - "releaseId": "${{ inputs.release_id }}", - "releaseDate": "${{ inputs.release_date }}", - "downloadBaseUrl": "${{ inputs.download_base_url }}", - "changelogUrl": "${{ inputs.changelog_url }}", - "version": "${{ inputs.version }}", - "filename": "${{ inputs.filename }}", - "name": "${{ inputs.name }}", - "category": "${{ inputs.category }}", - "platform": "${{ inputs.platform }}", - "sha256": "${{ inputs.file_hash }}", - "sig": "${{ steps.get_sig.outputs.sig }}" - } - } - - name: Strapi Response - run: | - echo ${{ steps.strapi-request.outputs.response }} - - push-update-data: - name: Push update data to Strapi - runs-on: custom-runner-linux - # only push update data for tauri apps (desktop wallet and NC) - if: ${{ inputs.category == 'wallet' || inputs.category == 'connect' }} - - steps: - - name: Release info - run: | - echo "version: ${{ inputs.version }}" - echo "tag: ${{ inputs.release_tag }}" - - id: get_sig - name: Get sig - if: ${{ inputs.sig_url != null }} - run: | - output=$(curl -LsSf ${{ inputs.sig_url }}) - echo "sig=$output" >> "$GITHUB_OUTPUT" - - id: strapi-request - name: Strapi request - uses: fjogeleit/http-request-action@v1 - with: - url: ${{ env.strapi_updater_url }} - method: 'POST' - bearerToken: ${{ secrets.STRAPI_API_TOKEN_RELEASES }} - customHeaders: '{"Content-Type": "application/json"}' - data: | - { - "data": { - "releaseId": "${{ inputs.release_id }}", - "releaseDate": "${{ inputs.release_date }}", - "downloadUrl": "${{ inputs.archive_url }}", - "changelog": "See ${{ inputs.changelog_url }} for the changelog", - "version": "${{ inputs.version }}", - "filename": "${{ inputs.filename }}", - "category": "${{ inputs.category }}", - "platform": "${{ inputs.platform }}", - "sha256": "${{ inputs.file_hash }}", - "sig": "${{ steps.get_sig.outputs.sig }}" - } - } - - name: Strapi Response - run: | - echo ${{ steps.strapi-request.outputs.response }} diff --git a/.github/workflows/release-calculate-hash.yml b/.github/workflows/release-calculate-hash.yml index 91b3f3e4f8..4695b0867f 100644 --- a/.github/workflows/release-calculate-hash.yml +++ b/.github/workflows/release-calculate-hash.yml @@ -1,18 +1,39 @@ name: Releases - calculate file hashes on: + workflow_call: + inputs: + release_tag: + description: 'Release tag' + required: true + type: string workflow_dispatch: + release_tag: + tag: + description: 'Release tag' + required: true + type: string jobs: build: - name: Calculate hash - runs-on: custom-runner-linux + name: Calculate hash for assets in release + runs-on: ubuntu-latest steps: - - uses: MCJack123/ghaction-generate-release-hashes@v3 + - name: Check out repository code + uses: actions/checkout@v3 + - uses: actions/setup-node@v3 with: - hash-type: sha256 - file-name: hashes.txt + node-version: 18 + - name: Install packages + run: cd ./.github/actions/nym-hash-releases && npm i + + - uses: ./.github/actions/nym-hash-releases + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + release-tag-or-name-or-id: ${{ inputs.release_tag }} + - uses: actions/upload-artifact@v2 with: name: Asset Hashes - path: hashes.txt + path: hashes.json