From dfbc8e8dd597d1743bc4ad58d9bd8528e5f1a3e8 Mon Sep 17 00:00:00 2001 From: Jonathan Miller <230051081+jmiller-moko@users.noreply.github.com> Date: Tue, 7 Apr 2026 17:08:20 -0500 Subject: [PATCH] ci: Joomla release builds ZIP + SHA-256 checksum Co-Authored-By: Claude Opus 4.6 (1M context) --- .github/workflows/auto-release.yml | 60 ++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) diff --git a/.github/workflows/auto-release.yml b/.github/workflows/auto-release.yml index e545ce6..780f1a6 100644 --- a/.github/workflows/auto-release.yml +++ b/.github/workflows/auto-release.yml @@ -23,6 +23,7 @@ # ║ 5. Write update.txt / update.xml ║ # ║ 6. Create git tag vXX.YY.ZZ ║ # ║ 7a. Patch: update existing GitHub Release for this minor ║ +# ║ 8. Joomla only: build ZIP, upload asset, write SHA-256 to XML ║ # ║ ║ # ║ Every version change: archives main → version/XX.YY branch ║ # ║ Patch 00 = development (no release). First release = patch 01. ║ @@ -426,6 +427,65 @@ jobs: fi fi + # ── STEP 8: Joomla package + SHA-256 checksum ────────────────────── + - name: "Step 8: Build Joomla package and update checksum" + if: >- + steps.version.outputs.skip != 'true' && + steps.check.outputs.tag_exists != 'true' + run: | + PLATFORM=$(php /tmp/mokostandards/api/cli/platform_detect.php --path . 2>/dev/null || true) + [ "$PLATFORM" != "waas-component" ] && exit 0 + + VERSION="${{ steps.version.outputs.version }}" + TAG="${{ steps.version.outputs.tag }}" + REPO="${{ github.repository }}" + + # Find extension element name from manifest + MANIFEST=$(find . -maxdepth 2 -name "*.xml" -exec grep -l '/dev/null | head -1 || true) + [ -z "$MANIFEST" ] && exit 0 + + EXT_ELEMENT=$(grep -oP '\K[^<]+' "$MANIFEST" 2>/dev/null | head -1 || basename "$MANIFEST" .xml) + PACKAGE_NAME="${EXT_ELEMENT}-${VERSION}.zip" + + # ── Build ZIP from src/ ─────────────────────────────────────── + SOURCE_DIR="src" + [ ! -d "$SOURCE_DIR" ] && SOURCE_DIR="htdocs" + [ ! -d "$SOURCE_DIR" ] && { echo "⚠️ No src/ or htdocs/ — skipping package"; exit 0; } + + cd "$SOURCE_DIR" + zip -r "/tmp/${PACKAGE_NAME}" . -x '*.git*' '*.DS_Store' 'Thumbs.db' '*.log' + cd .. + + # ── Calculate SHA-256 ───────────────────────────────────────── + SHA256=$(sha256sum "/tmp/${PACKAGE_NAME}" | cut -d' ' -f1) + echo "SHA-256: ${SHA256}" + + # ── Upload as release asset ─────────────────────────────────── + gh release upload "$TAG" "/tmp/${PACKAGE_NAME}" --clobber 2>/dev/null || \ + echo "⚠️ Could not upload to $TAG — trying without clobber" && \ + gh release upload "$TAG" "/tmp/${PACKAGE_NAME}" 2>/dev/null || true + + # ── Update update.xml with SHA-256 ──────────────────────────── + if [ -f "update.xml" ]; then + # Insert after if not already present + if grep -q '' update.xml; then + sed -i "s|.*|sha256:${SHA256}|" update.xml + else + sed -i "s||\n sha256:${SHA256}|" update.xml + fi + + # Commit checksum update + git add update.xml + git commit -m "chore(release): add SHA-256 checksum for ${VERSION} [skip ci]" \ + --author="github-actions[bot] " || true + git push || true + + echo "🔐 SHA-256: \`${SHA256}\`" >> $GITHUB_STEP_SUMMARY + echo "📦 Package: ${PACKAGE_NAME} uploaded to release ${TAG}" >> $GITHUB_STEP_SUMMARY + fi + env: + GH_TOKEN: ${{ secrets.GH_TOKEN || github.token }} + # ── Summary ──────────────────────────────────────────────────────── - name: Pipeline Summary if: always()