Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. Weโ€™ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[PM-13697] Add f-droid config.yml #85

Merged
merged 6 commits into from
Oct 17, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
264 changes: 132 additions & 132 deletions .github/workflows/fdroid.yml
Original file line number Diff line number Diff line change
@@ -1,132 +1,132 @@
---
name: Generate F-Droid repo
on:
workflow_dispatch:
inputs:
dry-run:
description: "Skips pushing changes when enabled. Optional. Defaults to false."
type: boolean
default: false
required: false
schedule:
- cron: "45 2 * * *"
jobs:
apps:
name: "Generate repo from apps listing"
runs-on: ubuntu-22.04
env:
COMMIT_MSG_FILE: "${{ github.workspace }}/commit_message.tmp"
steps:
- name: Checkout repo
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- name: Create basic directory structure
run: mkdir -p fdroid/repo
- name: Restore correct mtime
run: |
sudo apt install git-restore-mtime
git restore-mtime
- name: Login to Azure - CI Subscription
uses: Azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1
with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
- name: Retrieve secrets
id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@main
with:
keyvault: "bitwarden-ci"
secrets: "github-gpg-private-key,
github-gpg-private-key-passphrase,
github-pat-bitwarden-devops-bot-repo-scope"
- name: Import GPG key
uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6.1.0
with:
gpg_private_key: ${{ steps.retrieve-secrets.outputs.github-gpg-private-key }}
passphrase: ${{ steps.retrieve-secrets.outputs.github-gpg-private-key-passphrase }}
git_user_signingkey: true
git_commit_gpgsign: true
- name: Set up Git
run: |
git config --local user.email "[email protected]"
git config --local user.name "bitwarden-devops-bot"
- name: Download secrets
env:
ACCOUNT_NAME: bitwardenci
CONTAINER_NAME: mobile
run: |
az storage blob download --account-name $ACCOUNT_NAME --container-name $CONTAINER_NAME \
--name store_fdroid-keystore.jks --file fdroid/keystore.p12 --output none
az storage blob download --account-name $ACCOUNT_NAME --container-name $CONTAINER_NAME \
--name fdroid-config.yml --file fdroid/config.yml --output none
- name: Validate secrets
run: |
if [ -f "fdroid/config.yml" ]; then
echo "config found. setting permission to 0600"
chmod 0600 fdroid/config.yml
else
echo "config not found!"
exit 1
fi
if [ -f "fdroid/keystore.p12" ]; then
echo "keystore found"
else
echo "keystore not found!"
exit 1
fi
- name: Install F-Droid server software
run: |
sudo add-apt-repository ppa:fdroid/fdroidserver
sudo apt-get update
sudo apt-get install fdroidserver
- name: Set up Go
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: '^1.17.0'
- name: Run metascoop
id: run-metascoop
env:
GH_ACCESS_TOKEN: ${{ steps.retrieve-secrets.outputs.github-pat-bitwarden-devops-bot-repo-scope }}
run: |
bash run_metascoop.sh ${{ env.COMMIT_MSG_FILE }}
if [ $? -eq 0 ]; then
echo "Changes detected"
echo "has_changes=true" >> $GITHUB_OUTPUT
elif [ $? -eq 2 ]; then
echo "No changes detected"
echo "has_changes=false" >> $GITHUB_OUTPUT
else
echo "Unexpected exit code: $?"
echo "has_changes=false" >> $GITHUB_OUTPUT
fi
continue-on-error: true
- name: Update repo
env:
GH_TOKEN: ${{ steps.retrieve-secrets.outputs.github-pat-bitwarden-devops-bot-repo-scope }}
run: |
if [ "${{ inputs.dry-run }}" = "true" ]; then
echo "Dry run. Changes are not being saved."
elif [ "${{ steps.run-metascoop.outputs.has_changes }}" != "true" ]; then
echo "No changes to save."
else
bash update_repo.sh ${{ env.COMMIT_MSG_FILE }}
fi
---
name: Generate F-Droid repo


on:
workflow_dispatch:
inputs:
dry-run:
description: "Skips pushing changes when enabled. Optional. Defaults to false."
type: boolean
default: false
required: false

schedule:
- cron: "45 2 * * *"


jobs:
apps:
name: "Generate repo from apps listing"
runs-on: ubuntu-22.04
env:
COMMIT_MSG_FILE: "${{ github.workspace }}/commit_message.tmp"

steps:
- name: Checkout repo
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1

- name: Create basic directory structure
run: mkdir -p fdroid/repo

- name: Restore correct mtime
run: |
sudo apt install git-restore-mtime

git restore-mtime

- name: Login to Azure - CI Subscription
uses: Azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1
with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}

- name: Retrieve secrets
id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@main
with:
keyvault: "bitwarden-ci"
secrets: "github-gpg-private-key,
github-gpg-private-key-passphrase,
github-pat-bitwarden-devops-bot-repo-scope"

- name: Import GPG key
uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6.1.0
with:
gpg_private_key: ${{ steps.retrieve-secrets.outputs.github-gpg-private-key }}
passphrase: ${{ steps.retrieve-secrets.outputs.github-gpg-private-key-passphrase }}
git_user_signingkey: true
git_commit_gpgsign: true

- name: Set up Git
run: |
git config --local user.email "[email protected]"
git config --local user.name "bitwarden-devops-bot"

- name: Download secrets
env:
ACCOUNT_NAME: bitwardenci
CONTAINER_NAME: mobile
run: |
az storage blob download --account-name $ACCOUNT_NAME --container-name $CONTAINER_NAME \
--name store_fdroid-keystore.jks --file fdroid/keystore.p12 --output none

- name: Validate secrets
run: |
if [ -f "fdroid/config.yml" ]; then
echo "config found. setting permission to 0600"
chmod 0600 fdroid/config.yml

echo "keypass: ${{ secrets.FDROID_STORE_KEYSTORE_PASSWORD }}" >> fdroid/config.yml
echo "keystorepass: ${{ secrets.FDROID_STORE_KEYSTORE_PASSWORD }}" >> fdroid/config.yml
else
echo "config not found!"
exit 1
fi

if [ -f "fdroid/keystore.p12" ]; then
echo "keystore found"
else
echo "keystore not found!"
exit 1
fi

- name: Install F-Droid server software
run: |
sudo add-apt-repository ppa:fdroid/fdroidserver
sudo apt-get update
sudo apt-get install fdroidserver

- name: Set up Go
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: '^1.17.0'

- name: Run metascoop
id: run-metascoop
env:
GH_ACCESS_TOKEN: ${{ steps.retrieve-secrets.outputs.github-pat-bitwarden-devops-bot-repo-scope }}
run: |
bash run_metascoop.sh ${{ env.COMMIT_MSG_FILE }}
if [ $? -eq 0 ]; then
echo "Changes detected"
echo "has_changes=true" >> $GITHUB_OUTPUT
elif [ $? -eq 2 ]; then
echo "No changes detected"
echo "has_changes=false" >> $GITHUB_OUTPUT
else
echo "Unexpected exit code: $?"
echo "has_changes=false" >> $GITHUB_OUTPUT
fi
continue-on-error: true

- name: Update repo
env:
GH_TOKEN: ${{ steps.retrieve-secrets.outputs.github-pat-bitwarden-devops-bot-repo-scope }}
run: |
if [ "${{ inputs.dry-run }}" = "true" ]; then
echo "Dry run. Changes are not being saved."
elif [ "${{ steps.run-metascoop.outputs.has_changes }}" != "true" ]; then
echo "No changes to save."
else
bash update_repo.sh ${{ env.COMMIT_MSG_FILE }}
fi
1 change: 0 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,6 @@ node_modules
npm-debug.log

# Secrets
config.yml
keystore.p12
keystore.jks

Expand Down
19 changes: 19 additions & 0 deletions fdroid/config.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
---
repo_url: https://mobileapp.bitwarden.com/fdroid/repo
mirrors:
- https://raw.githubusercontent.com/bitwarden/f-droid/main/fdroid
repo_name: Bitwarden F-Droid
repo_description: >-
This is a repository of Bitwarden apps to be used with F-Droid. Applications
in this repository are official binaries built by Bitwarden.

archive_url: https://mobileapp.bitwarden.com/fdroid/archive
archive_name: Bitwarden F-droid Archive
archive_description: >-
This is a repository of archived Bitwarden apps that are no longer
officially supported.

archive_older: 10

repo_keyalias: bitwarden-Virtual-Machine
keydname: CN=bitwarden-Virtual-Machine, OU=F-Droid