diff --git a/.github/deploy_fdroid.py b/.github/deploy_fdroid.py new file mode 100644 index 00000000..63f64b2e --- /dev/null +++ b/.github/deploy_fdroid.py @@ -0,0 +1,81 @@ +import requests +import re +import os +import sys +import subprocess + +from bs4 import BeautifulSoup + +HOST = "https://github.com" +REPO = "AChep/keyguard-app" +RELEASE_URL = f"{HOST}/{REPO}/releases/latest" + +MAX_ARTIFACTS_COUNT = 5 + + +def get_latest_release_tag(): + response = requests.get(RELEASE_URL) + return re.match(r".*tag/([\w\.]+).*", response.url).group(1) + + +def fdroid_update(): + subprocess.run(["fdroid", "update"], check=True) + + +tag = get_latest_release_tag() +tag_filename = tag.replace(".", "-") +apk_filename = f"repo/Keyguard-{tag_filename}.apk" + +# If the file already exists, then there is no +# need to download the file. We assume that the +# files are immutable. +if os.path.exists(apk_filename): + fdroid_update() + sys.exit(0) + +# +# Delete old builds +# + +existing_apks = [] +with os.scandir("repo/") as d: + for entry in d: + if entry.name.endswith(".apk") and entry.is_file(): + existing_apks.append(entry.path) +existing_apks.sort() +existing_apks_to_delete = existing_apks[:1 - MAX_ARTIFACTS_COUNT] +for apk in existing_apks_to_delete: + os.remove(apk) + +# +# Download the latest .apk from GitHub +# + +assets_url = f"{HOST}/{REPO}/releases/expanded_assets/{tag}" +assets_response = requests.get(assets_url) +assets_soup = BeautifulSoup( + assets_response.content, + features="html.parser" +) + +assets_urls = [el['href'] for el in assets_soup.select('a[href]')] +assets_apk_url = next( + filter( + lambda url: url.endswith('/androidApp-none-release.apk'), + assets_urls + ), + None +) +if not assets_apk_url: + raise Exception("Failed to find a url to the latest .apk file!") +assets_apk_url = f"{HOST}{assets_apk_url}" + +apk_response = requests.get(assets_apk_url) +with open(apk_filename, mode="wb") as file: + file.write(apk_response.content) + +# +# Update repository +# + +fdroid_update() diff --git a/.github/deploy_fdroid.requirements.txt b/.github/deploy_fdroid.requirements.txt new file mode 100644 index 00000000..a96984b6 --- /dev/null +++ b/.github/deploy_fdroid.requirements.txt @@ -0,0 +1,4 @@ +androguard == 3.3.5 +fdroidserver +beautifulsoup4 +requests diff --git a/.github/workflows/new_release_deploy_fdroid.yml b/.github/workflows/new_release_deploy_fdroid.yml new file mode 100644 index 00000000..55c8245b --- /dev/null +++ b/.github/workflows/new_release_deploy_fdroid.yml @@ -0,0 +1,55 @@ +name: "⬆️ GitHub release -> F-Droid deployment" + +on: + workflow_dispatch: + release: + types: [published] + +jobs: + new-update: + name: Deploy F-Droid + runs-on: ubuntu-latest + steps: + - name: "Checkout main repo" + - uses: actions/checkout@v4 + - name: "Checkout F-Droid repo" + uses: actions/checkout@v4 + with: + repository: AChep/keyguard-repo-fdroid + fetch-depth: 0 + lfs: true + path: deploy_fdroid + token: ${{ secrets.DEPLOY_FDROID_GITHUB_TOKEN }} + - uses: actions/setup-python@v5 + with: + python-version: '3.10' + cache: 'pip' + - name: "Download dependencies" + run: | + pip install -r .github/deploy_fdroid.requirements.txt + - name: "Prepare env" + working-directory: ./deploy_fdroid + run: | + mv ../.github/deploy_fdroid.py deploy_fdroid.py + echo ${{ secrets.DEPLOY_FDROID_KEYSTORE_B64 }} | base64 -d | zcat >> keystore.p12 + echo ${{ secrets.DEPLOY_FDROID_CONFIG_B64 }} | base64 -d | zcat >> config.yml + - name: "Update repo" + working-directory: ./deploy_fdroid + run: | + python deploy_fdroid.py + - name: "Check if any changes" + working-directory: ./deploy_fdroid + id: check-changes + run: | + has_changes=$(if [ -n "$(git status --porcelain)" ]; then echo "true"; else echo "false"; fi) + echo "$has_changes" + echo "HAS_CHANGES=$has_changes" >> "$GITHUB_OUTPUT" + - name: "Commit and push changes" + working-directory: ./deploy_fdroid + if: ${{ startsWith(steps.check-changes.outputs.HAS_CHANGES, 'true') }} + run: | + git config user.email github-actions@github.com + git config user.name "${{ github.actor }}" + git add . + git commit -m "Mirror latest Keyguard artifact from GitHub Releases" + git push origin master