MokoConsulting/MokoCassiopeia
1
1
Fork 0
Code Issues 2 Pull Requests Actions Packages Releases 1 Activity

Remove update.xml calls, fix FTP secrets, and sync workflows with MokoStandards #56

Merged
Copilot merged 3 commits from copilot/remove-update-xml-calls-fix-ftp-secrets into main 2026-01-18 01:28:13 +00:00
Conversation 9 Commits 3 Files Changed 14 +50 -58
2 changed files with 50 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 1881ced6bf - Show all commits

100
.github/workflows/release_pipeline.yml vendored
View File

@@ -475,14 +475,14 @@ jobs:
- name: Validate required secrets and variables - name: Validate required secrets and variables
env: env:
FTP_SERVER: ${{ secrets.FTP_SERVER }} RC_SERVER: ${{ secrets.RC_SERVER }}
FTP_USER: ${{ secrets.FTP_USER }} RC_USER: ${{ secrets.RC_USER }}
FTP_KEY: ${{ secrets.FTP_KEY }} RC_KEY: ${{ secrets.RC_KEY }}
FTP_PASSWORD: ${{ secrets.FTP_PASSWORD }} RC_PASSWORD: ${{ secrets.RC_PASSWORD }}
FTP_PATH: ${{ secrets.FTP_PATH }} RC_PATH: ${{ secrets.RC_PATH }}
FTP_PROTOCOL: ${{ secrets.FTP_PROTOCOL }} RC_PROTOCOL: ${{ secrets.RC_PROTOCOL }}
FTP_PORT: ${{ secrets.FTP_PORT }} RC_PORT: ${{ secrets.RC_PORT }}
FTP_PATH_SUFFIX: ${{ vars.FTP_PATH_SUFFIX }} RC_PATH_SUFFIX: ${{ vars.RC_PATH_SUFFIX }}
CHANNEL: ${{ needs.guard.outputs.channel }} CHANNEL: ${{ needs.guard.outputs.channel }}
DEPLOY_DRY_RUN: ${{ vars.DEPLOY_DRY_RUN }} DEPLOY_DRY_RUN: ${{ vars.DEPLOY_DRY_RUN }}
run: | run: |
@@ -490,22 +490,22 @@ jobs:
missing=() missing=()
[ -n "${FTP_SERVER:-}" ] || missing+=("FTP_SERVER") [ -n "${RC_SERVER:-}" ] || missing+=("RC_SERVER")
[ -n "${FTP_USER:-}" ] || missing+=("FTP_USER") [ -n "${RC_USER:-}" ] || missing+=("RC_USER")
[ -n "${FTP_PATH:-}" ] || missing+=("FTP_PATH") [ -n "${RC_PATH:-}" ] || missing+=("RC_PATH")
proto="${FTP_PROTOCOL:-sftp}" proto="${RC_PROTOCOL:-sftp}"
if [ -n "${FTP_PROTOCOL:-}" ] && [ "${proto}" != "sftp" ]; then if [ -n "${RC_PROTOCOL:-}" ] && [ "${proto}" != "sftp" ]; then
missing+=("FTP_PROTOCOL_INVALID") missing+=("RC_PROTOCOL_INVALID")
fi fi
key_present=false key_present=false
if [ -n "${FTP_KEY:-}" ]; then if [ -n "${RC_KEY:-}" ]; then
key_present=true key_present=true
fi fi
pw_present=false pw_present=false
if [ -n "${FTP_PASSWORD:-}" ]; then if [ -n "${RC_PASSWORD:-}" ]; then
pw_present=true pw_present=true
fi fi
@@ -515,7 +515,7 @@ jobs:
fi fi
if [ "${auth_mode}" = "password" ] && [ "${pw_present}" != "true" ]; then if [ "${auth_mode}" = "password" ] && [ "${pw_present}" != "true" ]; then
missing+=("FTP_PASSWORD_REQUIRED") missing+=("RC_PASSWORD_REQUIRED")
fi fi
{ {
@@ -527,7 +527,7 @@ jobs:
printf '%s"%s"' "${sep}" "${m}" printf '%s"%s"' "${sep}" "${m}"
sep=","; sep=",";
done done
printf '],"channel":"%s","deploy_dry_run":"%s","credential_presence":{"FTP_KEY":"%s","FTP_PASSWORD":"%s"}}\n' \ printf '],"channel":"%s","deploy_dry_run":"%s","credential_presence":{"RC_KEY":"%s","RC_PASSWORD":"%s"}}\n' \
"${CHANNEL}" "${DEPLOY_DRY_RUN:-false}" \ "${CHANNEL}" "${DEPLOY_DRY_RUN:-false}" \
"$( [ "${key_present}" = "true" ] && echo present || echo missing )" \ "$( [ "${key_present}" = "true" ] && echo present || echo missing )" \
"$( [ "${pw_present}" = "true" ] && echo present || echo missing )" "$( [ "${pw_present}" = "true" ] && echo present || echo missing )"
@@ -712,14 +712,14 @@ jobs:
- name: Upload ZIP to SFTP (key-preferred, password-fallback, overwrite, verified) - name: Upload ZIP to SFTP (key-preferred, password-fallback, overwrite, verified)
id: sftp id: sftp
env: env:
FTP_SERVER: ${{ secrets.FTP_SERVER }} RC_SERVER: ${{ secrets.RC_SERVER }}
FTP_USER: ${{ secrets.FTP_USER }} RC_USER: ${{ secrets.RC_USER }}
FTP_KEY: ${{ secrets.FTP_KEY }} RC_KEY: ${{ secrets.RC_KEY }}
FTP_PASSWORD: ${{ secrets.FTP_PASSWORD }} RC_PASSWORD: ${{ secrets.RC_PASSWORD }}
FTP_PATH: ${{ secrets.FTP_PATH }} RC_PATH: ${{ secrets.RC_PATH }}
FTP_PROTOCOL: ${{ secrets.FTP_PROTOCOL }} RC_PROTOCOL: ${{ secrets.RC_PROTOCOL }}
FTP_PORT: ${{ secrets.FTP_PORT }} RC_PORT: ${{ secrets.RC_PORT }}
FTP_PATH_SUFFIX: ${{ vars.FTP_PATH_SUFFIX }} RC_PATH_SUFFIX: ${{ vars.RC_PATH_SUFFIX }}
CHANNEL: ${{ needs.guard.outputs.channel }} CHANNEL: ${{ needs.guard.outputs.channel }}
DEPLOY_DRY_RUN: ${{ vars.DEPLOY_DRY_RUN }} DEPLOY_DRY_RUN: ${{ vars.DEPLOY_DRY_RUN }}
run: | run: |
@@ -728,37 +728,37 @@ jobs:
ZIP="${{ steps.build.outputs.zip_name }}" ZIP="${{ steps.build.outputs.zip_name }}"
DIST_DIR="${{ steps.build.outputs.dist_dir }}" DIST_DIR="${{ steps.build.outputs.dist_dir }}"
: "${FTP_SERVER:?Missing secret FTP_SERVER}" : "${RC_SERVER:?Missing secret RC_SERVER}"
: "${FTP_USER:?Missing secret FTP_USER}" : "${RC_USER:?Missing secret RC_USER}"
: "${FTP_PATH:?Missing secret FTP_PATH}" : "${RC_PATH:?Missing secret RC_PATH}"
PROTOCOL="${FTP_PROTOCOL:-sftp}" PROTOCOL="${RC_PROTOCOL:-sftp}"
if [ "${PROTOCOL}" != "sftp" ]; then if [ "${PROTOCOL}" != "sftp" ]; then
echo "ERROR: Only SFTP permitted" >> "${GITHUB_STEP_SUMMARY}" echo "ERROR: Only SFTP permitted" >> "${GITHUB_STEP_SUMMARY}"
exit 1 exit 1
fi fi
PORT="${FTP_PORT:-}" PORT="${RC_PORT:-}"
if [ -n "${PORT}" ]; then if [ -n "${PORT}" ]; then
HOSTPORT="${FTP_SERVER}:${PORT}" HOSTPORT="${RC_SERVER}:${PORT}"
else else
HOSTPORT="${FTP_SERVER}" HOSTPORT="${RC_SERVER}"
fi fi
SUFFIX="${FTP_PATH_SUFFIX:-}" SUFFIX="${RC_PATH_SUFFIX:-}"
if [ -n "${SUFFIX}" ]; then if [ -n "${SUFFIX}" ]; then
REMOTE_PATH="${FTP_PATH%/}/${SUFFIX%/}/${CHANNEL}" REMOTE_PATH="${RC_PATH%/}/${SUFFIX%/}/${CHANNEL}"
else else
REMOTE_PATH="${FTP_PATH%/}/${CHANNEL}" REMOTE_PATH="${RC_PATH%/}/${CHANNEL}"
fi fi
AUTH_MODE="password" AUTH_MODE="password"
if [ -n "${FTP_KEY:-}" ]; then if [ -n "${RC_KEY:-}" ]; then
AUTH_MODE="key" AUTH_MODE="key"
fi fi
if [ "${AUTH_MODE}" = "password" ] && [ -z "${FTP_PASSWORD:-}" ]; then if [ "${AUTH_MODE}" = "password" ] && [ -z "${RC_PASSWORD:-}" ]; then
echo "ERROR: FTP_PASSWORD required when FTP_KEY is not provided" >> "${GITHUB_STEP_SUMMARY}" echo "ERROR: RC_PASSWORD required when RC_KEY is not provided" >> "${GITHUB_STEP_SUMMARY}"
exit 1 exit 1
fi fi
@@ -773,7 +773,7 @@ jobs:
printf '{' printf '{'
printf '"protocol":"sftp",' printf '"protocol":"sftp",'
printf '"auth_mode":"%s",' "${AUTH_MODE}" printf '"auth_mode":"%s",' "${AUTH_MODE}"
printf '"host":"%s",' "${FTP_SERVER}" printf '"host":"%s",' "${RC_SERVER}"
printf '"port":"%s",' "${PORT:-default}" printf '"port":"%s",' "${PORT:-default}"
printf '"remote_path":"%s",' "${REMOTE_PATH}" printf '"remote_path":"%s",' "${REMOTE_PATH}"
printf '"overwrite":true,' printf '"overwrite":true,'
@@ -789,14 +789,14 @@ jobs:
chmod 700 ~/.ssh chmod 700 ~/.ssh
if [ "${AUTH_MODE}" = "key" ]; then if [ "${AUTH_MODE}" = "key" ]; then
if printf '%s' "${FTP_KEY}" | head -n 1 | grep -q '^PuTTY-User-Key-File-'; then if printf '%s' "${RC_KEY}" | head -n 1 | grep -q '^PuTTY-User-Key-File-'; then
printf '%s' "${FTP_KEY}" > ~/.ssh/key.ppk printf '%s' "${RC_KEY}" > ~/.ssh/key.ppk
chmod 600 ~/.ssh/key.ppk chmod 600 ~/.ssh/key.ppk
if grep -Eq '^Encryption: *none[[:space:]]*$' ~/.ssh/key.ppk; then if grep -Eq '^Encryption: *none[[:space:]]*$' ~/.ssh/key.ppk; then
PPK_PASSPHRASE="" PPK_PASSPHRASE=""
else else
PPK_PASSPHRASE="${FTP_PASSWORD:-}" PPK_PASSPHRASE="${RC_PASSWORD:-}"
fi fi
if [ -n "${PPK_PASSPHRASE}" ]; then if [ -n "${PPK_PASSPHRASE}" ]; then
@@ -808,26 +808,26 @@ jobs:
rm -f ~/.ssh/key.ppk rm -f ~/.ssh/key.ppk
chmod 600 ~/.ssh/id_rsa chmod 600 ~/.ssh/id_rsa
else else
printf '%s' "${FTP_KEY}" > ~/.ssh/id_rsa printf '%s' "${RC_KEY}" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa chmod 600 ~/.ssh/id_rsa
fi fi
fi fi
ssh-keyscan -H "${FTP_SERVER}" >> ~/.ssh/known_hosts ssh-keyscan -H "${RC_SERVER}" >> ~/.ssh/known_hosts
if [ "${AUTH_MODE}" = "key" ]; then if [ "${AUTH_MODE}" = "key" ]; then
CONNECT="set sftp:connect-program 'ssh -a -x -i ~/.ssh/id_rsa -o PubkeyAuthentication=yes -o PasswordAuthentication=no'" CONNECT="set sftp:connect-program 'ssh -a -x -i ~/.ssh/id_rsa -o PubkeyAuthentication=yes -o PasswordAuthentication=no'"
OPEN="open -u '${FTP_USER}', sftp://${HOSTPORT}" OPEN="open -u '${RC_USER}', sftp://${HOSTPORT}"
else else
CONNECT="set sftp:connect-program 'ssh -a -x -o PubkeyAuthentication=no -o PasswordAuthentication=yes'" CONNECT="set sftp:connect-program 'ssh -a -x -o PubkeyAuthentication=no -o PasswordAuthentication=yes'"
OPEN="open -u '${FTP_USER}','${FTP_PASSWORD}', sftp://${HOSTPORT}" OPEN="open -u '${RC_USER}','${RC_PASSWORD}', sftp://${HOSTPORT}"
fi fi
if [ "${DRY_RUN}" = "true" ]; then if [ "${DRY_RUN}" = "true" ]; then
echo "Dry run enabled. Upload skipped." >> "${GITHUB_STEP_SUMMARY}" echo "Dry run enabled. Upload skipped." >> "${GITHUB_STEP_SUMMARY}"
echo "auth_mode=${AUTH_MODE}" >> "${GITHUB_OUTPUT}" echo "auth_mode=${AUTH_MODE}" >> "${GITHUB_OUTPUT}"
echo "remote_path=${REMOTE_PATH}" >> "${GITHUB_OUTPUT}" echo "remote_path=${REMOTE_PATH}" >> "${GITHUB_OUTPUT}"
echo "host=${FTP_SERVER}" >> "${GITHUB_OUTPUT}" echo "host=${RC_SERVER}" >> "${GITHUB_OUTPUT}"
echo "port=${PORT:-default}" >> "${GITHUB_OUTPUT}" echo "port=${PORT:-default}" >> "${GITHUB_OUTPUT}"
exit 0 exit 0
fi fi
@@ -864,13 +864,13 @@ jobs:
{ {
echo "### SFTP upload report" echo "### SFTP upload report"
echo "\`\`\`json" echo "\`\`\`json"
echo "{\"status\":\"ok\",\"protocol\":\"sftp\",\"auth_mode\":\"${AUTH_MODE}\",\"host\":\"${FTP_SERVER}\",\"port\":\"${PORT:-default}\",\"remote_path\":\"${REMOTE_PATH}\",\"zip\":\"${ZIP}\",\"zip_bytes_local\":${ZIP_BYTES_LOCAL},\"overwrite\":true}" echo "{\"status\":\"ok\",\"protocol\":\"sftp\",\"auth_mode\":\"${AUTH_MODE}\",\"host\":\"${RC_SERVER}\",\"port\":\"${PORT:-default}\",\"remote_path\":\"${REMOTE_PATH}\",\"zip\":\"${ZIP}\",\"zip_bytes_local\":${ZIP_BYTES_LOCAL},\"overwrite\":true}"
echo "\`\`\`" echo "\`\`\`"
} >> "${GITHUB_STEP_SUMMARY}" } >> "${GITHUB_STEP_SUMMARY}"
echo "auth_mode=${AUTH_MODE}" >> "${GITHUB_OUTPUT}" echo "auth_mode=${AUTH_MODE}" >> "${GITHUB_OUTPUT}"
echo "remote_path=${REMOTE_PATH}" >> "${GITHUB_OUTPUT}" echo "remote_path=${REMOTE_PATH}" >> "${GITHUB_OUTPUT}"
echo "host=${FTP_SERVER}" >> "${GITHUB_OUTPUT}" echo "host=${RC_SERVER}" >> "${GITHUB_OUTPUT}"
echo "port=${PORT:-default}" >> "${GITHUB_OUTPUT}" echo "port=${PORT:-default}" >> "${GITHUB_OUTPUT}"
- name: Create Git tag - name: Create Git tag

8
scripts/release/update_dates.sh
View File

@@ -66,12 +66,4 @@ else
echo "⚠ Warning: src/templates/templateDetails.xml not found" echo "⚠ Warning: src/templates/templateDetails.xml not found"
fi fi
# Update updates.xml - replace the <creationDate> tag
if [ -f "updates.xml" ]; then
sed -i "s|<creationDate>[0-9]\{4\}-[0-9]\{2\}-[0-9]\{2\}</creationDate>|<creationDate>${TODAY}</creationDate>|" updates.xml
echo "✓ Updated updates.xml creationDate to ${TODAY}"
else
echo "⚠ Warning: updates.xml not found"
fi
echo "Date normalization complete." echo "Date normalization complete."