martin/ProxmoxVE
1
0
Fork 0
mirror of https://github.com/community-scripts/ProxmoxVE synced 2025-02-11 18:29:17 +00:00
Code Issues Actions 8 Packages Projects Releases Wiki Activity

Update update_json_date.yml

Browse Source
This commit is contained in:
CanbiZ 2025-02-11 10:00:30 +01:00 committed by GitHub
parent 1bca424acf
commit 6de6216bc6
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 19 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
.github/workflows/update_json_date.yml vendored
View File

@ -13,31 +13,25 @@ jobs:
uses: actions/checkout@v4 uses: actions/checkout@v4
- name: Install Dependencies - name: Install Dependencies
run: | run: sudo apt update && sudo apt install -y jq
sudo apt update && sudo apt install -y jq
- name: Authenticate GitHub App - name: Authenticate GitHub App
id: auth id: auth
run: | run: |
echo "Generating JWT for GitHub App authentication..." echo "Authenticating GitHub App..."
# Header und Payload Base64 encodieren
HEADER_B64=$(echo -n '{"alg":"RS256","typ":"JWT"}' | openssl base64 -A | tr -d '=' | tr '/+' '_-') HEADER_B64=$(echo -n '{"alg":"RS256","typ":"JWT"}' | openssl base64 -A | tr -d '=' | tr '/+' '_-')
NOW=$(date +%s) NOW=$(date +%s)
EXP=$((NOW + 600)) # 10 Minuten gültig EXP=$((NOW + 600))
PAYLOAD_B64=$(echo -n "{\"iat\":$NOW,\"exp\":$EXP,\"iss\":${{ secrets.JSON_APP_ID }}}" | openssl base64 -A | tr -d '=' | tr '/+' '_-') PAYLOAD_B64=$(echo -n "{\"iat\":$NOW,\"exp\":$EXP,\"iss\":${{ secrets.JSON_APP_ID }}}" | openssl base64 -A | tr -d '=' | tr '/+' '_-')
# Signatur mit dem privaten Schlüssel erstellen
SIGNATURE=$(echo -n "$HEADER_B64.$PAYLOAD_B64" | openssl dgst -sha256 -sign <(echo "${{ secrets.JSON_APP_KEY }}") | openssl base64 -A | tr -d '=' | tr '/+' '_-') SIGNATURE=$(echo -n "$HEADER_B64.$PAYLOAD_B64" | openssl dgst -sha256 -sign <(echo "${{ secrets.JSON_APP_KEY }}") | openssl base64 -A | tr -d '=' | tr '/+' '_-')
# Komplette JWT-Token-Zeichenkette erstellen
JWT="$HEADER_B64.$PAYLOAD_B64.$SIGNATURE" JWT="$HEADER_B64.$PAYLOAD_B64.$SIGNATURE"
# App-Installation abrufen
INSTALLATION_ID=$(curl -s -X GET -H "Authorization: Bearer $JWT" -H "Accept: application/vnd.github+json" \ INSTALLATION_ID=$(curl -s -X GET -H "Authorization: Bearer $JWT" -H "Accept: application/vnd.github+json" \
https://api.github.com/app/installations | jq -r '.[0].id') https://api.github.com/app/installations | jq -r '.[0].id')
# Access Token generieren
ACCESS_TOKEN=$(curl -s -X POST -H "Authorization: Bearer $JWT" -H "Accept: application/vnd.github+json" \ ACCESS_TOKEN=$(curl -s -X POST -H "Authorization: Bearer $JWT" -H "Accept: application/vnd.github+json" \
https://api.github.com/app/installations/$INSTALLATION_ID/access_tokens | jq -r '.token') https://api.github.com/app/installations/$INSTALLATION_ID/access_tokens | jq -r '.token')
@ -46,10 +40,9 @@ jobs:
- name: Get Open PRs - name: Get Open PRs
run: | run: |
echo "Fetching open PRs..." echo "Fetching open PRs..."
PRS=$(gh pr list --state open --json number,headRepositoryOwner,headRefName \ PRS=$(gh pr list --state open --json number,headRepositoryOwner,headRefName --jq '.' || echo "")
--jq '.[] | {number: .number, repo: .headRepositoryOwner, branch: .headRefName}' || echo "")
if [[ -z "$PRS" ]]; then if [[ -z "$PRS" || "$PRS" == "[]" ]]; then
echo "No open PRs found." echo "No open PRs found."
exit 0 exit 0
fi fi
@ -63,23 +56,29 @@ jobs:
TODAY=$(date -u +"%Y-%m-%d") TODAY=$(date -u +"%Y-%m-%d")
while read -r PR_ENTRY; do while read -r PR_ENTRY; do
PR_NUMBER=$(echo "$PR_ENTRY" | jq -r '.number') if [[ -z "$PR_ENTRY" ]]; then
PR_REPO=$(echo "$PR_ENTRY" | jq -r '.repo') echo "Skipping empty PR entry."
PR_BRANCH=$(echo "$PR_ENTRY" | jq -r '.branch') continue
fi
PR_NUMBER=$(echo "$PR_ENTRY" | jq -r '.number // empty')
PR_REPO=$(echo "$PR_ENTRY" | jq -r '.headRepositoryOwner // empty')
PR_BRANCH=$(echo "$PR_ENTRY" | jq -r '.headRefName // empty')
if [[ -z "$PR_NUMBER" || -z "$PR_REPO" || -z "$PR_BRANCH" ]]; then
echo "Skipping invalid PR entry: $PR_ENTRY"
continue
fi
echo "Processing PR #$PR_NUMBER from $PR_REPO:$PR_BRANCH" echo "Processing PR #$PR_NUMBER from $PR_REPO:$PR_BRANCH"
# Fork klonen mit App-Token
git clone --depth=1 https://x-access-token:${{ env.GH_ACCESS_TOKEN }}@github.com/$PR_REPO/ProxmoxVE.git git clone --depth=1 https://x-access-token:${{ env.GH_ACCESS_TOKEN }}@github.com/$PR_REPO/ProxmoxVE.git
cd ProxmoxVE || exit 1 cd ProxmoxVE || exit 1
# PR-Branch auschecken
git fetch origin "$PR_BRANCH" git fetch origin "$PR_BRANCH"
git checkout "$PR_BRANCH" git checkout "$PR_BRANCH"
# Get newly added JSON files NEW_JSON_FILES=$(gh api repos/${{ github.repository }}/pulls/$PR_NUMBER/files --jq '.[].filename' | grep '^json/.*\.json$' || true)
NEW_JSON_FILES=$(gh api repos/${{ github.repository }}/pulls/$PR_NUMBER/files \
--jq '.[] | select(.status == "added") | .filename' | grep '^json/.*\.json$' || true)
if [[ -z "$NEW_JSON_FILES" ]]; then if [[ -z "$NEW_JSON_FILES" ]]; then
echo "No new JSON files in PR #$PR_NUMBER" echo "No new JSON files in PR #$PR_NUMBER"