diff --git a/.github/workflows/update-latest-downloads.yml b/.github/workflows/update-latest-downloads.yml new file mode 100644 index 0000000..d1e389d --- /dev/null +++ b/.github/workflows/update-latest-downloads.yml @@ -0,0 +1,101 @@ +name: Update latest downloads on download.eclipse.org + +on: + workflow_dispatch: + inputs: + version: + description: 'Version to mark as latest (e.g., 1.7.2)' + required: true + type: string + dry-run: + description: 'Test mode - verify connections and show what would be updated without modifying' + required: false + type: boolean + default: false + +jobs: + update-latest: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v4.1.1 + + - name: Setup SSH key + run: | + mkdir -p ~/.ssh + echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_ed25519 + chmod 600 ~/.ssh/id_ed25519 + echo "${{ secrets.SSH_PASSPHRASE }}" | ssh-add ~/.ssh/id_ed25519 2>/dev/null || true + + - name: Update latest symlinks on download.eclipse.org + run: | + DRY_RUN="${{ inputs.dry-run }}" + ssh -o StrictHostKeyChecking=no \ + -o UserKnownHostsFile=/dev/null \ + genie.zenoh@projects-storage.eclipse.org \ + " + set -e + VERSION='${{ inputs.version }}' + BASE_PATH='/home/data/httpd/download.eclipse.org/zenoh' + UPDATED_COUNT=0 + + if [ \"\$DRY_RUN\" = \"true\" ]; then + echo '๐Ÿงช DRY-RUN MODE - Credentials verified, no changes will be made' + echo '' + fi + + echo '๐Ÿ” Scanning for zenoh packages with version \$VERSION...' + for i in \$BASE_PATH/z*/\$VERSION; do + if [ -d \"\$i\" ]; then + DEST=\$(realpath \$i/../latest) + + if [ \"\$DRY_RUN\" = \"true\" ]; then + echo \"๐Ÿ”— [DRY-RUN] Would create symlink: \$DEST โ†’ \$i\" + else + echo \"๐Ÿ”— Creating symlink: \$DEST โ†’ \$i\" + rm -rf \"\$DEST\" + ln -sfr \"\$i\" \"\$DEST\" + echo \"โœ… Symlink created: \$DEST\" + fi + + UPDATED_COUNT=\$((UPDATED_COUNT + 1)) + fi + done + + if [ \$UPDATED_COUNT -eq 0 ]; then + echo 'โš ๏ธ No packages found for version '\$VERSION + exit 1 + fi + + echo \"\" + if [ \"\$DRY_RUN\" = \"true\" ]; then + echo \"๐ŸŽ‰ DRY-RUN successful: would create \$UPDATED_COUNT symlink(s)\" + else + echo \"๐ŸŽ‰ Successfully created \$UPDATED_COUNT symlink(s) to latest\" + fi + " + + - name: Verify updates + run: | + ssh -o StrictHostKeyChecking=no \ + -o UserKnownHostsFile=/dev/null \ + genie.zenoh@projects-storage.eclipse.org \ + " + set -e + BASE_PATH='/home/data/httpd/download.eclipse.org/zenoh' + + echo '๐Ÿ” Verifying latest symlinks...' + for latest_link in \$BASE_PATH/z*/latest; do + if [ -L \"\$latest_link\" ]; then + TARGET=\$(readlink \"\$latest_link\") + echo \" โœ… \$latest_link โ†’ \$TARGET\" + fi + done + " + + - name: Report completion + if: always() + run: | + echo "Update Latest Downloads Workflow Completed" + echo "Version: ${{ inputs.version }}" + echo "Timestamp: $(date -u +'%Y-%m-%d %H:%M:%S UTC')" diff --git a/README.md b/README.md index 32f1a3d..93501a4 100644 --- a/README.md +++ b/README.md @@ -3,3 +3,51 @@ This repository contains a set of GitHub actions and (reusable) workflows used to implement cross-repository workflows and reuse workflows across the eclipse-zenoh organization. + +## Workflows + +### update-latest-downloads.yml + +**Purpose**: Update the "latest" symlink on download.eclipse.org to point to a specific release version. + +**Trigger**: Manual (`workflow_dispatch`) + +**Inputs**: +- `version` (required): The version to mark as latest (e.g., `1.7.2`) +- `dry-run` (optional): Test mode - verify credentials and show what would be updated without modifying (default: `false`) + +**Required Secrets**: +- `SSH_PRIVATE_KEY`: SSH private key (ED25519) for `genie.zenoh` authentication +- `SSH_PASSPHRASE`: Passphrase for the SSH key (if key is encrypted) + +**Setup**: +Request SCP credentials from Eclipse CBI by opening a [HelpDesk issue](https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/issues/new) with the following: +- Project: Zenoh +- Request: SSH credentials for `projects-storage.eclipse.org` +- Purpose: Automated downloads.eclipse.org management + +Once credentials are provided, add them as GitHub Secrets: +1. Navigate to Settings โ†’ Secrets and variables โ†’ Actions +2. Create the four secrets listed above +3. Alternatively, add via [Otterdog configuration](https://github.com/eclipse-cbi/.eclipsefdn) + +**Behavior**: +1. Connects to `projects-storage.eclipse.org` via SSH +2. For each package directory matching `/home/data/httpd/download.eclipse.org/zenoh/z*/{version}/`: + - **Dry-run mode**: Lists symlinks that would be created without making changes + - **Live mode**: Creates symlinks from `latest/` to the version directory (removes old symlinks first) +3. Symlinks are force-created with `ln -sfr` (space-efficient, points to actual version directory) +4. Reports the number of symlinks created/would be created +5. In dry-run: Verifies SSH connection and credentials work +6. In live: Verifies all `latest/` symlinks point to correct version directories + +**Usage**: +First-time setup: Use `dry-run: true` to verify credentials: +1. Navigate to Actions โ†’ Update latest downloads on download.eclipse.org +2. Click "Run workflow" +3. Enter the version (e.g., `1.7.2`) +4. Check `dry-run` checkbox +5. Click "Run workflow" +6. Workflow will connect and show what would be updated without making changes + +Production run: Once dry-run succeeds, run again with `dry-run: false` to actually update files.