160 lines
4.1 KiB
Bash
160 lines
4.1 KiB
Bash
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
REPO_DIR="${REPO_DIR:-$(pwd)}"
|
|
TARGET_BRANCH="${TARGET_BRANCH:-thirdparty/skill}"
|
|
SNAPSHOT_DIR="${SNAPSHOT_DIR:-superpowers}"
|
|
SOURCE_FILE="${SOURCE_FILE:-${SNAPSHOT_DIR}/SOURCE.md}"
|
|
UPSTREAM_REPO="${UPSTREAM_REPO:-https://github.com/obra/superpowers.git}"
|
|
UPSTREAM_REF="${UPSTREAM_REF:-main}"
|
|
COMMIT_AUTHOR_NAME="${COMMIT_AUTHOR_NAME:-ci-bot}"
|
|
COMMIT_AUTHOR_EMAIL="${COMMIT_AUTHOR_EMAIL:-ci-bot@local}"
|
|
|
|
retry_cmd() {
|
|
local retries="$1"
|
|
shift
|
|
local delay="$1"
|
|
shift
|
|
|
|
local attempt=1
|
|
while true; do
|
|
if "$@"; then
|
|
return 0
|
|
fi
|
|
if [ "$attempt" -ge "$retries" ]; then
|
|
return 1
|
|
fi
|
|
echo "Retry ($attempt/$retries): $*" >&2
|
|
sleep "$delay"
|
|
attempt=$((attempt + 1))
|
|
done
|
|
}
|
|
|
|
github_owner_repo() {
|
|
case "$1" in
|
|
https://github.com/*)
|
|
echo "$1" | sed -E 's#^https://github.com/([^/]+/[^/.]+)(\.git)?$#\1#'
|
|
;;
|
|
http://github.com/*)
|
|
echo "$1" | sed -E 's#^http://github.com/([^/]+/[^/.]+)(\.git)?$#\1#'
|
|
;;
|
|
git@github.com:*)
|
|
echo "$1" | sed -E 's#^git@github.com:([^/]+/[^/.]+)(\.git)?$#\1#'
|
|
;;
|
|
*)
|
|
return 1
|
|
;;
|
|
esac
|
|
}
|
|
|
|
resolve_latest_sha() {
|
|
local repo="$1"
|
|
local ref="$2"
|
|
local tmp_json="$3"
|
|
local gh_repo="$4"
|
|
local sha=""
|
|
|
|
# Prefer GitHub API when possible to avoid git+gnutls handshake failures.
|
|
if [ -n "$gh_repo" ]; then
|
|
local api_url="https://api.github.com/repos/${gh_repo}/commits/${ref}"
|
|
if retry_cmd 3 2 curl -fsSL --retry 3 --retry-delay 2 "$api_url" -o "$tmp_json"; then
|
|
sha="$(sed -n 's/^[[:space:]]*"sha":[[:space:]]*"\([0-9a-f]\{40\}\)".*/\1/p' "$tmp_json" | head -n 1)"
|
|
if [ -n "$sha" ]; then
|
|
echo "$sha"
|
|
return 0
|
|
fi
|
|
fi
|
|
fi
|
|
|
|
# Fallback to git transport.
|
|
sha="$(retry_cmd 3 2 git -c http.version=HTTP/1.1 ls-remote "$repo" "refs/heads/$ref" | awk 'NR==1 {print $1}')"
|
|
if [ -n "$sha" ]; then
|
|
echo "$sha"
|
|
return 0
|
|
fi
|
|
return 1
|
|
}
|
|
|
|
cd "$REPO_DIR"
|
|
|
|
git config user.name "$COMMIT_AUTHOR_NAME"
|
|
git config user.email "$COMMIT_AUTHOR_EMAIL"
|
|
|
|
git fetch origin "$TARGET_BRANCH"
|
|
git checkout -B "$TARGET_BRANCH" "origin/$TARGET_BRANCH"
|
|
|
|
tmp_dir="$(mktemp -d)"
|
|
cleanup() {
|
|
rm -rf "$tmp_dir"
|
|
}
|
|
trap cleanup EXIT
|
|
|
|
gh_repo=""
|
|
if gh_repo="$(github_owner_repo "$UPSTREAM_REPO" 2>/dev/null)"; then
|
|
:
|
|
fi
|
|
|
|
latest_sha="$(resolve_latest_sha "$UPSTREAM_REPO" "$UPSTREAM_REF" "$tmp_dir/latest.json" "$gh_repo" || true)"
|
|
if [ -z "$latest_sha" ]; then
|
|
echo "ERROR: failed to resolve upstream ref: $UPSTREAM_REPO $UPSTREAM_REF" >&2
|
|
exit 1
|
|
fi
|
|
|
|
current_sha=""
|
|
if [ -f "$SOURCE_FILE" ]; then
|
|
current_sha="$(sed -n 's/^- Ref:[[:space:]]*//p' "$SOURCE_FILE" | head -n 1)"
|
|
fi
|
|
|
|
if [ "$latest_sha" = "$current_sha" ]; then
|
|
echo "Third-party snapshot is up to date: $latest_sha"
|
|
exit 0
|
|
fi
|
|
|
|
rm -rf "$SNAPSHOT_DIR"
|
|
mkdir -p "$SNAPSHOT_DIR"
|
|
|
|
snapshot_loaded=0
|
|
|
|
if [ -n "$gh_repo" ]; then
|
|
tar_url="https://codeload.github.com/${gh_repo}/tar.gz/${latest_sha}"
|
|
if retry_cmd 3 2 curl -fsSL --retry 3 --retry-delay 2 "$tar_url" -o "$tmp_dir/upstream.tar.gz"; then
|
|
tar -xzf "$tmp_dir/upstream.tar.gz" -C "$SNAPSHOT_DIR" --strip-components=1
|
|
snapshot_loaded=1
|
|
fi
|
|
fi
|
|
|
|
if [ "$snapshot_loaded" -eq 0 ]; then
|
|
upstream_dir="$tmp_dir/upstream"
|
|
git init "$upstream_dir" >/dev/null
|
|
git -C "$upstream_dir" remote add origin "$UPSTREAM_REPO"
|
|
retry_cmd 3 2 git -C "$upstream_dir" fetch --depth 1 origin "$latest_sha"
|
|
git -C "$upstream_dir" checkout --detach FETCH_HEAD
|
|
git -C "$upstream_dir" archive --format=tar HEAD | tar -xf - -C "$SNAPSHOT_DIR"
|
|
fi
|
|
|
|
snapshot_date="$(date -u +%Y-%m-%d)"
|
|
cat > "$SOURCE_FILE" <<EOF
|
|
# Source
|
|
|
|
- Repo: ${UPSTREAM_REPO%".git"}
|
|
- Ref: $latest_sha
|
|
- Snapshot: $snapshot_date
|
|
- Notes: vendored into playbook branch $TARGET_BRANCH
|
|
EOF
|
|
|
|
git add "$SNAPSHOT_DIR"
|
|
|
|
if git diff --cached --quiet; then
|
|
echo "No changes detected after snapshot refresh."
|
|
exit 0
|
|
fi
|
|
|
|
git commit -m ":package: deps(superpowers): vendor snapshot"
|
|
|
|
TOKEN="${WORKFLOW:-}"
|
|
if [ -n "$TOKEN" ] && [ -n "${GITHUB_SERVER_URL:-}" ] && [ -n "${GITHUB_REPOSITORY:-}" ]; then
|
|
git remote set-url origin "https://oauth2:${TOKEN}@${GITHUB_SERVER_URL#https://}/${GITHUB_REPOSITORY}.git"
|
|
fi
|
|
|
|
git push origin "$TARGET_BRANCH"
|