pkgs/by-name/fl/fluxcd/update.sh

   1 #!/usr/bin/env nix-shell
   2 #!nix-shell -i bash -p curl gnugrep gnused jq
   3
   4 set -x -eu -o pipefail
   5
   6 NIXPKGS_PATH="$(git rev-parse --show-toplevel)"
   7 FLUXCD_PATH="$( cd -- "$(dirname "$0")" >/dev/null 2>&1 ; pwd -P )"
   8
   9 OLD_VERSION="$(nix-instantiate --eval -E "with import $NIXPKGS_PATH {}; fluxcd.version or (builtins.parseDrvName fluxcd.name).version" | tr -d '"')"
  10 LATEST_TAG=$(curl ${GITHUB_TOKEN:+" -u \":$GITHUB_TOKEN\""} --silent https://api.github.com/repos/fluxcd/flux2/releases/latest | jq -r '.tag_name')
  11 LATEST_VERSION=$(echo ${LATEST_TAG} | sed 's/^v//')
  12
  13 if [ ! "$OLD_VERSION" = "$LATEST_VERSION" ]; then
  14     SHA256=$(nix-prefetch-url --quiet --unpack https://github.com/fluxcd/flux2/archive/refs/tags/${LATEST_TAG}.tar.gz)
  15     SHA256=$(nix hash to-sri --type sha256 $SHA256)
  16     SPEC_SHA256=$(nix-prefetch-url --quiet --unpack https://github.com/fluxcd/flux2/releases/download/${LATEST_TAG}/manifests.tar.gz)
  17     SPEC_SHA256=$(nix hash to-sri --type sha256 $SPEC_SHA256)
  18
  19     setKV () {
  20         sed -i "s|$1 = \".*\"|$1 = \"${2:-}\"|" "${FLUXCD_PATH}/default.nix"
  21     }
  22
  23     setKV version ${LATEST_VERSION}
  24     setKV sha256 ${SHA256}
  25     setKV manifestsSha256 ${SPEC_SHA256}
  26     setKV vendorHash "sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=" # The same as lib.fakeHash
  27
  28     set +e
  29     VENDOR_HASH=$(nix-build --no-out-link -A fluxcd $NIXPKGS_PATH 2>&1 >/dev/null | grep "got:" | cut -d':' -f2 | sed 's| ||g')
  30     VENDOR_HASH=$(nix hash to-sri --type sha256 $VENDOR_HASH)
  31     set -e
  32
  33     if [ -n "${VENDOR_HASH:-}" ]; then
  34         setKV vendorHash ${VENDOR_HASH}
  35     else
  36         echo "Update failed. VENDOR_HASH is empty."
  37         exit 1
  38     fi
  39
  40     # `git` flag here is to be used by local maintainers to speed up the bump process
  41     if [ $# -eq 1 ] && [ "$1" = "git" ]; then
  42         git switch -c "package-fluxcd-${LATEST_VERSION}"
  43         git add "$FLUXCD_PATH"/default.nix
  44         git commit -m "fluxcd: ${OLD_VERSION} -> ${LATEST_VERSION}
  45
  46 Release: https://github.com/fluxcd/flux2/releases/tag/v${LATEST_VERSION}"
  47     fi
  48 else
  49     echo "fluxcd is already up-to-date at $OLD_VERSION"
  50 fi