Mirrors/trezor-suite
2
0
Fork 0
mirror of https://github.com/trezor/trezor-suite.git synced 2026-03-03 05:55:03 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
replace-deprecated-node-api
trezor-suite/.github/workflows/update-tor.yml
Jan Komarek 5018552270 ci: use the branch from which the tor update flow was executed as a base branch 
- this is useful when triggering the workflow manually from a different branch than develop
2025-11-19 11:23:21 +01:00

116 lines
4.4 KiB
YAML
Raw Permalink Blame History

name: "[Bot] update TOR binary"
on:
schedule:
- cron: "0 0 1 * *"
workflow_dispatch:
jobs:
update-tor:
if: github.repository == 'trezor/trezor-suite'
runs-on: macos-latest
env:
UPDATE_FILE: packages/suite-data/files/bin/tor/update.sh
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: Set up Node.js
uses: actions/setup-node@v4
with:
node-version: 20
- name: Get current TOR versions
id: versions
run: |
content=$(cat $UPDATE_FILE)
newer_version () {
local version=$(echo "$content" | grep "^$1=" | cut -d= -f2)
local major=$(echo "$version" | cut -d_ -f1-2)_
local patch=$(echo "$version" | cut -d_ -f3)
local next=$((patch+1))
echo "${major}${next}"
}
crx_next=$(newer_version CRX_VER)
arm_next=$(newer_version CRX_LINUX_ARM_VER)
echo "crx_next=$crx_next" >> $GITHUB_OUTPUT
echo "arm_next=$arm_next" >> $GITHUB_OUTPUT
- name: Check if new CRX binary exists
id: check_crx
run: |
url="https://tor.bravesoftware.com/release/cldoidikboihgcjfkhdeidbpclkineef/extension_${{ steps.versions.outputs.crx_next }}.crx"
echo "Checking $url"
if curl --fail --silent --head "$url" | grep "content-type: application/x-chrome-extension" > /dev/null; then
echo "new_crx=true" >> $GITHUB_OUTPUT
echo "crx_url=$url" >> $GITHUB_OUTPUT
else
echo "new_crx=false" >> $GITHUB_OUTPUT
fi
- name: Check if new Linux ARM binary exists
id: check_arm
run: |
url="https://tor.bravesoftware.com/release/monolafkoghdlanndjfeebmdfkbklejg/extension_${{ steps.versions.outputs.arm_next }}.crx"
echo "Checking $url"
if curl --fail --silent --head "$url" | grep "content-type: application/x-chrome-extension" > /dev/null; then
echo "new_arm=true" >> $GITHUB_OUTPUT
echo "arm_url=$url" >> $GITHUB_OUTPUT
else
echo "new_arm=false" >> $GITHUB_OUTPUT
fi
- name: Update update.sh
if: steps.check_crx.outputs.new_crx == 'true' || steps.check_arm.outputs.new_arm == 'true'
run: |
if [ "${{ steps.check_crx.outputs.new_crx }}" = "true" ]; then
sed -i '' "s/^CRX_VER=.*/CRX_VER=${{ steps.versions.outputs.crx_next }}/" "$UPDATE_FILE"
fi
if [ "${{ steps.check_arm.outputs.new_arm }}" = "true" ]; then
sed -i '' "s/^CRX_LINUX_ARM_VER=.*/CRX_LINUX_ARM_VER=${{ steps.versions.outputs.arm_next }}/" "$UPDATE_FILE"
fi
- name: Run update.sh
if: steps.check_crx.outputs.new_crx == 'true' || steps.check_arm.outputs.new_arm == 'true'
run: |
bash "$UPDATE_FILE"
- name: Build PR body
id: pr_body
if: steps.check_crx.outputs.new_crx == 'true' || steps.check_arm.outputs.new_arm == 'true'
run: |
body="New TOR binaries available:\n"
if [ "${{ steps.check_crx.outputs.new_crx }}" = "true" ]; then
body+="\n- CRX: ${{ steps.versions.outputs.crx_next }} (${{ steps.check_crx.outputs.crx_url }})"
fi
if [ "${{ steps.check_arm.outputs.new_arm }}" = "true" ]; then
body+="\n- Linux ARM: ${{ steps.versions.outputs.arm_next }} (${{ steps.check_arm.outputs.arm_url }})"
fi
echo "body<<EOF" >> $GITHUB_OUTPUT
echo -e "$body" >> $GITHUB_OUTPUT
echo "EOF" >> $GITHUB_OUTPUT
- name: Generate GitHub App token
if: steps.check_crx.outputs.new_crx == 'true' || steps.check_arm.outputs.new_arm == 'true'
id: trezor-bot-token
uses: actions/create-github-app-token@v1
with:
app-id: ${{ secrets.TREZOR_BOT_APP_ID }}
private-key: ${{ secrets.TREZOR_BOT_PRIVATE_KEY }}
- name: Create Pull Request
if: steps.check_crx.outputs.new_crx == 'true' || steps.check_arm.outputs.new_arm == 'true'
uses: peter-evans/create-pull-request@v7
with:
token: ${{ steps.trezor-bot-token.outputs.token }}
commit-message: "chore(suite-data): update TOR binaries"
branch: chore/update-tor-binaries
title: "Update TOR binaries"
body: ${{ steps.pr_body.outputs.body }}
base: ${{ github.ref_name }}
delete-branch: true
labels: tor, ci
Reference in New Issue View Git Blame Copy Permalink