release_event #2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| on: | |
| repository_dispatch: | |
| types: [release_event] | |
| jobs: | |
| validate-webhook-signature: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: '16' | |
| - name: Install dependencies | |
| run: npm install @octokit/webhooks | |
| - name: Validate Webhook Signature | |
| id: validate_signature | |
| env: | |
| WEBHOOK_SECRET: ${{ secrets.SCORPIO_WEBHOOOK_RELEASE_KEY }} # Your secret key for webhook | |
| run: | | |
| echo "const { Webhooks } = require('@octokit/webhooks');" > verify-webhook.js | |
| echo "const webhooks = new Webhooks({ secret: process.env.WEBHOOK_SECRET });" >> verify-webhook.js | |
| echo "const signature = process.env.GITHUB_SIGNATURE;" >> verify-webhook.js | |
| echo "const body = process.env.GITHUB_EVENT_PAYLOAD;" >> verify-webhook.js | |
| echo "webhooks.verify(body, signature).then(isValid => {" >> verify-webhook.js | |
| echo " if (!isValid) { console.error('Webhook validation failed'); process.exit(1); }" >> verify-webhook.js | |
| echo " else { console.log('Webhook validation successful'); }" >> verify-webhook.js | |
| echo "}).catch(err => { console.error('Error in webhook validation', err); process.exit(1); });" >> verify-webhook.js | |
| # Export necessary environment variables for the Node.js script | |
| echo "GITHUB_SIGNATURE=${{ github.event.client_payload.headers['x-hub-signature-256'] }}" >> $GITHUB_ENV | |
| echo "GITHUB_EVENT_PAYLOAD=$(cat $GITHUB_EVENT_PATH)" >> $GITHUB_ENV | |
| # Run the validation script | |
| node verify-webhook.js | |
| update-scorpio-version-with-pr: | |
| runs-on: ubuntu-latest | |
| needs: validate-webhook-signature # Ensure this job only runs if validation passes | |
| steps: | |
| - name: Check out repository | |
| uses: actions/checkout@v3 | |
| - name: Extract release version from webhook | |
| id: extract_release_version | |
| run: | | |
| RELEASE_VERSION=$(echo ${{ github.event.client_payload.release.tag_name }}) | |
| echo "Release version: $RELEASE_VERSION" | |
| echo "RELEASE_VERSION=$RELEASE_VERSION" >> $GITHUB_ENV | |
| - name: Replace number in file with release version | |
| run: | | |
| FILE_PATH="images/base-ide/package.json" | |
| OLD_VERSION=$(grep -oP '(?<=https://open-vsx.org/api/tum-aet/artemis-scorpio/)[0-9]+\.[0-9]+\.[0-9]+' $FILE_PATH) | |
| sed -i "s|https://open-vsx.org/api/tum-aet/artemis-scorpio/${OLD_VERSION}/file/tum-aet.artemis-scorpio-${OLD_VERSION}.vsix|https://open-vsx.org/api/tum-aet/artemis-scorpio/${{ env.RELEASE_VERSION }}/file/tum-aet.artemis-scorpio-${{ env.RELEASE_VERSION }}.vsix|g" $FILE_PATH | |
| cat $FILE_PATH | |
| - name: Create a new branch | |
| run: | | |
| BRANCH_NAME="update-scorpio-release-version-${{ env.RELEASE_VERSION }}" | |
| git checkout -b $BRANCH_NAME | |
| - name: Commit changes | |
| run: | | |
| git config --local user.name "github-actions" | |
| git config --local user.email "[email protected]" | |
| git add images/base-ide/package.json | |
| git commit -m "Update file with release version ${{ env.RELEASE_VERSION }}" | |
| - name: Push changes to new branch | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| BRANCH_NAME="update-scorpio-release-version-${{ env.RELEASE_VERSION }}" | |
| git push origin $BRANCH_NAME | |
| - name: Create Pull Request | |
| uses: peter-evans/create-pull-request@v5 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| branch: update-scorpio-release-version-${{ env.RELEASE_VERSION }} | |
| title: "Update scorpio with release version ${{ env.RELEASE_VERSION }}" | |
| body: "This PR updates the verion of the scorpio plugin to the new release version ${{ env.RELEASE_VERSION }}." | |
| base: master # Change this if your target branch is different |