From 6a4c772e4908a72eb8b48e203a3e04da6efdfb88 Mon Sep 17 00:00:00 2001 From: Cyb3r-Jak3 Date: Wed, 24 Apr 2024 00:27:23 -0400 Subject: [PATCH] Try script for upload built and signed artifacts --- .github/upload.py | 27 +++++++++++++++++++++ .github/workflows/build-pypy.yml | 40 ++++++++++++++++++++++++++------ 2 files changed, 60 insertions(+), 7 deletions(-) create mode 100644 .github/upload.py diff --git a/.github/upload.py b/.github/upload.py new file mode 100644 index 0000000..7708a71 --- /dev/null +++ b/.github/upload.py @@ -0,0 +1,27 @@ +"""Upload the artifacts to Cloudflare R2 Storage""" + +import os +import boto3 + +BUCKET_NAME = os.getenv("BUCKET_NAME", "pypy-files") +PYPY_VERSION = os.environ["PYPY_VERSION"] + +s3 = boto3.resource( + 's3', + endpoint_url='https://8be772befd147a8df540aae0fa15c047.r2.cloudflarestorage.com', +) + + +def upload_file(file_name: str) -> None: + """Uploads a file to R2""" + try: + s3.upload_file(file_name, BUCKET_NAME, f"pypy/{PYPY_VERSION}/{file_name}") + except Exception as e: + print(f"Failed to upload {file_name} to {file_name}: {e}") + raise e + print(f"Uploaded {file_name}") + + +if __name__ == "__main__": + for file in os.listdir("./output"): + upload_file(file) diff --git a/.github/workflows/build-pypy.yml b/.github/workflows/build-pypy.yml index 02384f3..c6e5c81 100644 --- a/.github/workflows/build-pypy.yml +++ b/.github/workflows/build-pypy.yml @@ -17,6 +17,7 @@ permissions: env: ALPINE_VERSION: 3.19 BUILDER_IMAGE_TAG: ghcr.io/cyb3r-jak3/alpine-pypy-builder-workflow + PYPY_VERSION: 7.3.16 concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -63,7 +64,6 @@ jobs: fail-fast: true matrix: PYPY_BASE: ["2.7", "3.9", "3.10"] - PYPY_VERSION: ["7.3.16"] RUNNER: ["self-hosted", "ubuntu-latest"] steps: @@ -89,7 +89,7 @@ jobs: run: | import os import requests - base_url = "https://pypy.cyberjake.xyz/pypy/${{ matrix.PYPY_BASE }}/pypy${{ matrix.PYPY_BASE }}-v${{ matrix.PYPY_VERSION }}-linux-${{ env.PYPY_ARCH }}-alpine.tar.bz2" + base_url = "https://pypy.cyberjake.xyz/pypy/${{ matrix.PYPY_BASE }}/pypy${{ matrix.PYPY_BASE }}-v${{ env.PYPY_VERSION }}-linux-${{ env.PYPY_ARCH }}-alpine.tar.bz2" file_resp = requests.head(base_url) signature_resp = requests.head(f"{base_url}.sig") if file_resp.status_code == 404 or signature_resp.status_code == 404: @@ -115,9 +115,9 @@ jobs: - name: Run Build if: steps.file-check.outputs.STATUS == 404 run: | - PYPY_SHA256SUM=$(curl -s https://api.cyberjake.xyz/pypy/checksums/pypy${{ matrix.PYPY_BASE }}-v${{ matrix.PYPY_VERSION }}-src.tar.bz2 | jq --raw-output .results[0].checksum) + PYPY_SHA256SUM=$(curl -s https://api.cyberjake.xyz/pypy/checksums/pypy${{ matrix.PYPY_BASE }}-v${{ env.PYPY_VERSION }}-src.tar.bz2 | jq --raw-output .results[0].checksum) echo "${PYPY_SHA256SUM}" - docker run --platform linux/${{ env.ARCH }} -v $(pwd)/tmp:/tmp -e PYPY_BASE=${{ matrix.PYPY_BASE }} -e PYPY_VERSION=${{ matrix.PYPY_VERSION }} -e PYPY_SHA256SUM="${PYPY_SHA256SUM}" ${{ env.BUILDER_IMAGE_TAG }}:${{ env.ALPINE_VERSION }}-${{ github.sha }} + docker run --platform linux/${{ env.ARCH }} -v $(pwd)/tmp:/tmp -e PYPY_BASE=${{ matrix.PYPY_BASE }} -e PYPY_VERSION=${{ env.PYPY_VERSION }} -e PYPY_SHA256SUM="${PYPY_SHA256SUM}" ${{ env.BUILDER_IMAGE_TAG }}:${{ env.ALPINE_VERSION }}-${{ github.sha }} - name: Import GPG key uses: crazy-max/ghaction-import-gpg@v6 @@ -132,15 +132,14 @@ jobs: run: | wget --quiet -O sign.py https://raw.githubusercontent.com/Cyb3r-Jak3/docker-alpine-pypy/${{ github.sha }}/.github/sign.py mkdir output - mv ./tmp/usession-release-pypy${{ matrix.PYPY_BASE }}-v${{ matrix.PYPY_VERSION }}-*/build/**.tar.bz2 ./output/pypy${{ matrix.PYPY_BASE }}-v${{ matrix.PYPY_VERSION }}-linux-${{ env.PYPY_ARCH }}-alpine.tar.bz2 + mv ./tmp/usession-release-pypy${{ matrix.PYPY_BASE }}-v${{ env.PYPY_VERSION }}-*/build/**.tar.bz2 ./output/pypy${{ matrix.PYPY_BASE }}-v${{ env.PYPY_VERSION }}-linux-${{ env.PYPY_ARCH }}-alpine.tar.bz2 find ./output/ -type f -exec python3 sign.py {} \; - name: Upload PyPy to Artifacts if: steps.file-check.outputs.STATUS == 404 - # Leave with v3 so we can use the same name for the artifact uses: actions/upload-artifact@v4 with: - name: pypy-${{ env.ARCH }}-${{ matrix.PYPY_BASE }}-${{ matrix.PYPY_VERSION }} + name: pypy-${{ env.ARCH }}-${{ matrix.PYPY_BASE }}-${{ env.PYPY_VERSION }} path: ./output - name: Clean files @@ -148,3 +147,30 @@ jobs: run: | rm -rf output/ rm -rf tmp/ + + Upload: + runs-on: ubuntu-latest + name: Upload PyPy builds + needs: Build + + steps: + - name: Download upload script + run: | + wget --quiet -O sign.py https://raw.githubusercontent.com/Cyb3r-Jak3/docker-alpine-pypy/${{ github.sha }}/.github/upload.py + pip install boto3==1.34.90 + + - name: Download PyPy builds + uses: actions/download-artifact@v4 + with: + pattern: 'pypy-*' + merge-multiple: true + path: ./output + + - name: Upload PyPy builds + run: | + python .github/upload.py + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + \ No newline at end of file