curben
/
cloudflared-mirror
mirror of https://github.com/cloudflare/cloudflared.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

AUTH-3109 upload the checksum to workers kv on github releases

This commit is contained in:
Dalton 2020-09-18 15:57:39 -05:00 committed by Areg Harutyunyan
parent fa061ab54e
commit da0792a321
1 changed files with 58 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
github_release.py
View File

@ -7,6 +7,8 @@ import argparse
import logging import logging
import os import os
import shutil import shutil
import hashlib
import requests
from github import Github, GithubException, UnknownObjectException from github import Github, GithubException, UnknownObjectException
@ -15,6 +17,37 @@ logging.basicConfig(format=FORMAT)
CLOUDFLARED_REPO = os.environ.get("GITHUB_REPO", "cloudflare/cloudflared") CLOUDFLARED_REPO = os.environ.get("GITHUB_REPO", "cloudflare/cloudflared")
GITHUB_CONFLICT_CODE = "already_exists" GITHUB_CONFLICT_CODE = "already_exists"
BASE_KV_URL = 'https://api.cloudflare.com/client/v4/accounts/'
UPDATER_PREFIX = 'update'
def get_sha256(filename):
""" get the sha256 of a file """
sha256_hash = hashlib.sha256()
with open(filename,"rb") as f:
for byte_block in iter(lambda: f.read(4096),b""):
sha256_hash.update(byte_block)
return sha256_hash.hexdigest()
def send_hash(pkg_hash, name, version, account, namespace, api_token):
""" send the checksum of a file to workers kv """
key = '{0}_{1}_{2}'.format(UPDATER_PREFIX, version, name)
headers = {
"Content-Type": "application/json",
"Authorization": "Bearer " + api_token,
}
response = requests.put(
BASE_KV_URL + account + "/storage/kv/namespaces/" + namespace + "/values/" + key,
headers=headers,
data=pkg_hash
)
if response.status_code != 200:
jsonResponse = response.json()
errors = jsonResponse["errors"]
if len(errors) > 0:
raise Exception("failed to upload checksum: {0}", errors[0])
def assert_tag_exists(repo, version): def assert_tag_exists(repo, version):
""" Raise exception if repo does not contain a tag matching version """ """ Raise exception if repo does not contain a tag matching version """
@ -78,6 +111,15 @@ def parse_args():
parser.add_argument( parser.add_argument(
"--name", default=os.environ.get("ASSET_NAME"), help="Asset Name" "--name", default=os.environ.get("ASSET_NAME"), help="Asset Name"
) )
parser.add_argument(
"--namespace-id", default=os.environ.get("KV_NAMESPACE"), help="workersKV namespace id"
)
parser.add_argument(
"--kv-account-id", default=os.environ.get("KV_ACCOUNT"), help="workersKV account id"
)
parser.add_argument(
"--kv-api-token", default=os.environ.get("KV_API_TOKEN"), help="workersKV API Token"
)
parser.add_argument( parser.add_argument(
"--dry-run", action="store_true", help="Do not create release or upload asset" "--dry-run", action="store_true", help="Do not create release or upload asset"
) )
@ -99,6 +141,18 @@ def parse_args():
if not args.api_key: if not args.api_key:
logging.error("Missing API key") logging.error("Missing API key")
is_valid = False is_valid = False
if not args.namespace_id:
logging.error("Missing KV namespace id")
is_valid = False
if not args.kv_account_id:
logging.error("Missing KV account id")
is_valid = False
if not args.kv_api_token:
logging.error("Missing KV API token")
is_valid = False
if is_valid: if is_valid:
return args return args
@ -121,6 +175,10 @@ def main():
release.upload_asset(args.path, name=args.name) release.upload_asset(args.path, name=args.name)
# send the sha256 (the checksum) to workers kv
pkg_hash = get_sha256(args.path)
send_hash(pkg_hash, args.name, args.release_version, args.kv_account_id, args.namespace_id, args.kv_api_token)
# create the artifacts directory if it doesn't exist # create the artifacts directory if it doesn't exist
artifact_path = os.path.join(os.getcwd(), 'artifacts') artifact_path = os.path.join(os.getcwd(), 'artifacts')
if not os.path.isdir(artifact_path): if not os.path.isdir(artifact_path):