Keep track of GCM dependency

niik · niik · commit 432f2ddeb640 · 2024-05-23T16:38:48.000+02:00
diff --git a/dependencies.json b/dependencies.json
@@ -58,5 +58,31 @@
         "checksum": "94435072f6b3a6f9064b277760c8340e432b5ede0db8205d369468b9be52c6b6"
       }
     ]
+  },
+  "git-credential-manager": {
+    "version": "2.5.0",
+    "files": [
+      {
+        "name": "gcm-linux_amd64.2.5.0.tar.gz",
+        "platform": "linux",
+        "arch": "amd64",
+        "url": "https://github.com/git-ecosystem/git-credential-manager/releases/download/v2.5.0/gcm-linux_amd64.2.5.0.tar.gz",
+        "checksum": "3adb86ab82111c94a22256980efd01a064ed9a06b882b138ab631ba6996d5752"
+      },
+      {
+        "name": "gcm-osx-arm64-2.5.0.tar.gz",
+        "platform": "darwin",
+        "arch": "arm64",
+        "url": "https://github.com/git-ecosystem/git-credential-manager/releases/download/v2.5.0/gcm-osx-arm64-2.5.0.tar.gz",
+        "checksum": "e3960aa72784ffb6e94294e1de14f0f5e96b6632854712ef4fa8837496032831"
+      },
+      {
+        "name": "gcm-osx-x64-2.5.0.tar.gz",
+        "platform": "darwin",
+        "arch": "amd64",
+        "url": "https://github.com/git-ecosystem/git-credential-manager/releases/download/v2.5.0/gcm-osx-x64-2.5.0.tar.gz",
+        "checksum": "4c7087492310a641318d0ab79de3554ea07de599431b5ac1bd0d43efbf4fa7f7"
+      }
+    ]
   }
 }
diff --git a/package.json b/package.json
@@ -5,6 +5,7 @@
     "check": "tsc",
     "update-git": "ts-node script/update-git.ts",
     "update-git-lfs": "ts-node script/update-git-lfs.ts && npm run prettier-fix",
+    "update-git-credential-manager": "ts-node script/update-git-credential-manager.ts && npm run prettier-fix",
     "generate-release-notes": "ts-node script/generate-release-notes.ts",
     "prettier": "prettier -l \"**/*.y{,a}ml\" \"**/*.{js,ts,json}\"",
     "prettier-fix": "prettier --write \"**/*.y{,a}ml\" \"**/*.{js,ts,json}\""
diff --git a/script/fetch-asset-checksum.ts b/script/fetch-asset-checksum.ts
@@ -0,0 +1,21 @@
+import { createHash } from 'crypto'
+
+export async function fetchAssetChecksum(uri: string) {
+  const hs = createHash('sha256')
+
+  const headers = {
+    'User-Agent': 'dugite-native',
+    accept: 'application/octet-stream',
+  }
+
+  await fetch(uri, { headers })
+    .then(x =>
+      x.ok
+        ? Promise.resolve(x)
+        : Promise.reject(new Error(`Server responded with ${x.status}`))
+    )
+    .then(x => x.arrayBuffer())
+    .then(x => hs.end(Buffer.from(x)))
+
+  return hs.digest('hex')
+}
diff --git a/script/lib/dependencies.ts b/script/lib/dependencies.ts
@@ -86,3 +86,33 @@ export function updateGitLfsDependencies(
 
   fs.writeFileSync(dependenciesPath, newDepedenciesText, 'utf8')
 }
+
+export function updateGitCredentialManagerDependencies(
+  version: string,
+  files: Array<{
+    platform: string
+    arch: string
+    name: string
+    checksum: string
+  }>
+) {
+  const dependenciesPath = path.resolve(
+    __dirname,
+    '..',
+    '..',
+    'dependencies.json'
+  )
+  const dependenciesText = fs.readFileSync(dependenciesPath, 'utf8')
+  const dependencies = JSON.parse(dependenciesText)
+
+  const gcm = {
+    version: version,
+    files: files,
+  }
+
+  const updatedDependencies = { ...dependencies, 'git-credential-manager': gcm }
+
+  const newDepedenciesText = JSON.stringify(updatedDependencies, null, 2)
+
+  fs.writeFileSync(dependenciesPath, newDepedenciesText, 'utf8')
+}
diff --git a/script/update-git-credential-manager.ts b/script/update-git-credential-manager.ts
@@ -0,0 +1,81 @@
+import { Octokit } from '@octokit/rest'
+import { updateGitCredentialManagerDependencies } from './lib/dependencies'
+import { fetchAssetChecksum } from './fetch-asset-checksum'
+
+process.on('unhandledRejection', reason => {
+  console.error(reason)
+})
+
+async function run(): Promise<boolean> {
+  const token = process.env.GITHUB_ACCESS_TOKEN
+  if (token == null) {
+    console.log(`🔴 No GITHUB_ACCESS_TOKEN environment variable set`)
+    return false
+  }
+
+  const octokit = new Octokit({ auth: `token ${token}` })
+
+  const user = await octokit.users.getAuthenticated({})
+  const me = user.data.login
+
+  console.log(`✅ Token found for ${me}`)
+
+  const owner = 'git-ecosystem'
+  const repo = 'git-credential-manager'
+
+  const release = await octokit.repos.getLatestRelease({ owner, repo })
+
+  const { tag_name, id } = release.data
+  const version = tag_name.replace(/^v/, '')
+
+  console.log(`✅ Newest git-credential-manager release '${version}'`)
+
+  const assets = await octokit.repos.listReleaseAssets({
+    owner,
+    repo,
+    release_id: id,
+  })
+
+  const fileTemplates = [
+    {
+      name: `gcm-linux_amd64.${version}.tar.gz`,
+      platform: 'linux',
+      arch: 'amd64',
+    },
+    {
+      name: `gcm-osx-arm64-${version}.tar.gz`,
+      platform: 'darwin',
+      arch: 'arm64',
+    },
+    {
+      name: `gcm-osx-x64-${version}.tar.gz`,
+      platform: 'darwin',
+      arch: 'amd64',
+    },
+  ]
+
+  const files = []
+
+  for (const ft of fileTemplates) {
+    const asset = assets.data.find(a => a.name === ft.name)
+
+    if (!asset) {
+      throw new Error(`Could not find asset for file: ${ft.name}`)
+    }
+
+    const url = asset.browser_download_url
+    console.log(`⏳ Fetching checksum for ${ft.name}`)
+    const checksum = await fetchAssetChecksum(url)
+    console.log(`🔑 ${checksum}`)
+    files.push({ ...ft, url, checksum })
+  }
+
+  updateGitCredentialManagerDependencies(version, files)
+
+  console.log(
+    `✅ Updated dependencies metadata to Git credential manager '${version}'`
+  )
+  return true
+}
+
+run().then(success => process.exit(success ? 0 : 1))
diff --git a/script/update-git.ts b/script/update-git.ts
@@ -6,6 +6,7 @@ import semver from 'semver'
 import { updateGitDependencies } from './lib/dependencies'
 import yargs from 'yargs'
 import fetch from 'node-fetch'
+import { fetchAssetChecksum } from './fetch-asset-checksum'
 
 process.on('unhandledRejection', reason => {
   console.log(reason)
@@ -72,27 +73,6 @@ async function getLatestStableRelease() {
   return latestTag.toString()
 }
 
-async function calculateAssetChecksum(uri: string) {
-  return new Promise<string>((resolve, reject) => {
-    const hs = crypto.createHash('sha256', { encoding: 'hex' })
-    hs.on('finish', () => resolve(hs.read()))
-
-    const headers: Record<string, string> = {
-      'User-Agent': 'dugite-native',
-      accept: 'application/octet-stream',
-    }
-
-    fetch(uri, { headers })
-      .then(x =>
-        x.ok
-          ? Promise.resolve(x)
-          : Promise.reject(new Error(`Server responded with ${x.status}`))
-      )
-      .then(x => x.buffer())
-      .then(x => hs.end(x))
-  })
-}
-
 async function getPackageDetails(
   assets: ReleaseAssets,
   body: string,
@@ -119,7 +99,7 @@ async function getPackageDetails(
   let checksum: string
   if (match == null || match.length !== 2) {
     console.log(`🔴 No checksum for ${archValue} in release notes body`)
-    checksum = await calculateAssetChecksum(minGitFile.browser_download_url)
+    checksum = await fetchAssetChecksum(minGitFile.browser_download_url)
     console.log(`✅ Calculated checksum for ${archValue} from downloaded asset`)
   } else {
     console.log(`✅ Got checksum for ${archValue} from release notes body`)
