Files
dosh/scripts/upload-gitea-release.sh
DuProcess 306a636e32
ci / test (push) Waiting to run
ci / fuzz-smoke (push) Waiting to run
ci / windows-client (push) Waiting to run
ci / package-release (linux-x86_64, ubuntu-latest) (push) Waiting to run
ci / package-release (macos-aarch64, macos-14) (push) Waiting to run
ci / package-release (macos-x86_64, macos-13) (push) Waiting to run
ci / package-release (windows-x86_64, windows-latest) (push) Waiting to run
ci / publish-gitea-release (push) Blocked by required conditions
ci / remote-bench (push) Waiting to run
Mark RC Gitea releases as prereleases
2026-07-12 22:09:19 -04:00

219 lines
5.9 KiB
Bash
Executable File

#!/usr/bin/env sh
set -eu
usage() {
cat <<'EOF'
Usage:
GITEA_TOKEN=... scripts/upload-gitea-release.sh TAG [artifact...]
Environment:
GITEA_URL Base URL, default https://git.palav.dev
GITEA_REPO owner/repo, default Palav/dosh
GITEA_TOKEN Token with release write permission
GITEA_TITLE Release title, default TAG
DOSH_RELEASE_ALLOW_PARTIAL=1
Allow uploading an incomplete platform set. Default: refuse.
EOF
}
if [ "${1:-}" = "-h" ] || [ "${1:-}" = "--help" ]; then
usage
exit 0
fi
tag="${1:-}"
if [ -z "$tag" ]; then
usage >&2
exit 2
fi
shift
base="${GITEA_URL:-https://git.palav.dev}"
repo="${GITEA_REPO:-Palav/dosh}"
token="${GITEA_TOKEN:-}"
title="${GITEA_TITLE:-$tag}"
expected_version="${tag#v}"
allow_partial="${DOSH_RELEASE_ALLOW_PARTIAL:-0}"
release_prerelease=false
case "$expected_version" in
*-*) release_prerelease=true ;;
esac
artifact_version() {
artifact="$1"
case "$artifact" in
*.tar.gz)
tar -xOf "$artifact" dosh/VERSION 2>/dev/null | tr -d '\r\n'
;;
*.zip)
unzip -p "$artifact" dosh/VERSION 2>/dev/null | tr -d '\r\n'
;;
*)
return 1
;;
esac
}
if [ -z "$token" ] && [ -f "$HOME/.config/dosh/gitea-token" ]; then
token="$(tr -d '\r\n' <"$HOME/.config/dosh/gitea-token")"
fi
if [ -z "$token" ]; then
echo "GITEA_TOKEN is required (or put it in ~/.config/dosh/gitea-token)" >&2
exit 2
fi
if [ "$#" -eq 0 ]; then
for artifact in \
target/dosh-release/dosh-linux-*.tar.gz \
target/dosh-release/dosh-macos-*.tar.gz \
target/dosh-release/dosh-windows-*.zip; do
[ -f "$artifact" ] || continue
case "$(basename "$artifact")" in
dosh-[0-9]*)
continue
;;
esac
actual="$(artifact_version "$artifact" || true)"
if [ "$actual" != "$expected_version" ]; then
echo "skipping $artifact: version ${actual:-unknown}, expected $expected_version" >&2
continue
fi
if [ -f "$artifact.sha256" ]; then
set -- "$@" "$artifact" "$artifact.sha256"
else
set -- "$@" "$artifact"
fi
done
fi
require_complete_release_artifacts() {
[ "$allow_partial" = "1" ] && return 0
missing=0
for required in \
dosh-linux-x86_64.tar.gz \
dosh-macos-aarch64.tar.gz \
dosh-macos-x86_64.tar.gz \
dosh-windows-x86_64.zip; do
found=0
checksum_found=0
for artifact in "$@"; do
name="$(basename "$artifact")"
if [ "$name" = "$required" ]; then
found=1
fi
if [ "$name" = "$required.sha256" ]; then
checksum_found=1
fi
done
if [ "$found" -ne 1 ]; then
echo "missing required release artifact: $required" >&2
missing=1
fi
if [ "$checksum_found" -ne 1 ]; then
echo "missing required release checksum: $required.sha256" >&2
missing=1
fi
done
if [ "$missing" -ne 0 ]; then
echo "refusing partial release upload; set DOSH_RELEASE_ALLOW_PARTIAL=1 to override" >&2
exit 1
fi
}
require_complete_release_artifacts "$@"
api="$base/api/v1/repos/$repo"
auth_header="Authorization: token $token"
release_json="$(curl -fsS -H "$auth_header" "$api/releases/tags/$tag" 2>/dev/null || true)"
release_id=""
if [ -n "$release_json" ] && command -v jq >/dev/null 2>&1; then
release_id="$(printf '%s\n' "$release_json" | jq -r '.id // empty')"
elif [ -n "$release_json" ]; then
release_id="$(printf '%s\n' "$release_json" | sed -n 's/^[[:space:]]*{"id":[[:space:]]*\([0-9][0-9]*\).*/\1/p' | sed -n '1p')"
fi
if [ -z "$release_id" ]; then
payload="$(printf '{"tag_name":"%s","target_commitish":"main","name":"%s","body":"Dosh release %s","draft":false,"prerelease":%s}\n' "$tag" "$title" "$tag" "$release_prerelease")"
release_json="$(curl -fsS -H "$auth_header" -H 'Content-Type: application/json' -X POST "$api/releases" -d "$payload")"
if command -v jq >/dev/null 2>&1; then
release_id="$(printf '%s\n' "$release_json" | jq -r '.id // empty')"
else
release_id="$(printf '%s\n' "$release_json" | sed -n 's/^[[:space:]]*{"id":[[:space:]]*\([0-9][0-9]*\).*/\1/p' | sed -n '1p')"
fi
fi
if [ -z "$release_id" ]; then
echo "could not determine Gitea release id for $tag" >&2
exit 1
fi
metadata_payload="$(printf '{"name":"%s","body":"Dosh release %s","draft":false,"prerelease":%s}\n' "$title" "$tag" "$release_prerelease")"
curl -fsS \
-H "$auth_header" \
-H 'Content-Type: application/json' \
-X PATCH \
"$api/releases/$release_id" \
-d "$metadata_payload" >/dev/null
delete_existing_asset() {
name="$1"
if ! command -v jq >/dev/null 2>&1; then
return 0
fi
printf '%s\n' "$release_json" \
| jq -r --arg name "$name" '.assets[]? | select(.name == $name) | .id' \
| while IFS= read -r asset_id; do
[ -n "$asset_id" ] || continue
echo "replacing $name"
curl -fsS \
-H "$auth_header" \
-X DELETE \
"$api/releases/$release_id/assets/$asset_id" >/dev/null
done
}
verify_release_artifact_version() {
artifact="$1"
name="$(basename "$artifact")"
case "$name" in
*.sha256)
return 0
;;
dosh-*.tar.gz|dosh-*.zip)
actual="$(artifact_version "$artifact" || true)"
if [ -z "$actual" ]; then
echo "release artifact missing dosh/VERSION: $artifact" >&2
exit 1
fi
if [ "$actual" != "$expected_version" ]; then
echo "release artifact version mismatch: $artifact has $actual, expected $expected_version" >&2
exit 1
fi
;;
esac
}
uploaded=0
for artifact in "$@"; do
if [ ! -f "$artifact" ]; then
continue
fi
name="$(basename "$artifact")"
verify_release_artifact_version "$artifact"
delete_existing_asset "$name"
echo "uploading $name"
curl -fsS \
-H "$auth_header" \
-X POST \
-F "attachment=@$artifact" \
"$api/releases/$release_id/assets?name=$name" >/dev/null
uploaded=$((uploaded + 1))
done
if [ "$uploaded" -eq 0 ]; then
echo "no release artifacts uploaded" >&2
exit 1
fi