Skip to content

Commit e3857e7

Browse files
PeterNjeimPeterNjeim
authored
Update publish_new_release.yaml
1 parent 39cd950 commit e3857e7

File tree

1 file changed

+14
-15
lines changed

1 file changed

+14
-15
lines changed

.github/workflows/publish_new_release.yaml

Lines changed: 14 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -29,26 +29,25 @@ jobs:
2929
- name: Update token
3030
if: env.updated == 'true'
3131
run: |
32-
jwt_header=$(echo -n '{"alg":"HS256","typ":"JWT"}' | base64 | sed s/\+/-/g | sed 's/\//_/g' | sed -E s/=+$//)
33-
payload=$(echo -n '{"role":"client","version":"'"${{ steps.get-latest-release.outputs.LATEST_VERSION }}"'"}' | base64 | sed s/\+/-/g |sed 's/\//_/g' | sed -E s/=+$//)
34-
secret="${{ secrets.PG_SECRET }}"
35-
hexsecret=$(echo -n "$secret" | xxd -p | paste -sd "")
36-
hmac_signature=$(echo -n "${jwt_header}.${payload}" | openssl dgst -sha256 -mac HMAC -macopt hexkey:$hexsecret -binary | base64 | sed s/\+/-/g | sed 's/\//_/g' | sed -E s/=+$//)
37-
jwt="${jwt_header}.${payload}.${hmac_signature}"
32+
#jwt_header=$(echo -n '{"alg":"HS256","typ":"JWT"}' | base64 | sed s/\+/-/g | sed 's/\//_/g' | sed -E s/=+$//)
33+
#payload=$(echo -n '{"role":"client","version":"'"${{ steps.get-latest-release.outputs.LATEST_VERSION }}"'"}' | base64 | sed s/\+/-/g |sed 's/\//_/g' | sed -E s/=+$//)
34+
#secret="${{ secrets.PG_SECRET }}"
35+
#hexsecret=$(echo -n "$secret" | xxd -p | paste -sd "")
36+
#hmac_signature=$(echo -n "${jwt_header}.${payload}" | openssl dgst -sha256 -mac HMAC -macopt hexkey:$hexsecret -binary | base64 | sed s/\+/-/g | sed 's/\//_/g' | sed -E s/=+$//)
37+
#jwt="${jwt_header}.${payload}.${hmac_signature}"
3838
39-
git -C $HOME clone --single-branch --no-tags --depth=1 https://${{ secrets.LIBRESCORE_USERNAME }}:${{ secrets.LIBRESCORE_TOKEN }}@github.com/LibreScore/${{ secrets.LIBRESCORE_REPO_A }}
40-
cd $HOME/${{ secrets.LIBRESCORE_REPO_A }}
41-
sed -ri 's/"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.+"/echo \\ \\ \\ \\ \\ \\ \\"'"$jwt"'\\"\\;/e' lib/utils/db_api.dart
39+
#git -C $HOME clone --single-branch --no-tags --depth=1 https://${{ secrets.LIBRESCORE_USERNAME }}:${{ secrets.LIBRESCORE_TOKEN }}@github.com/LibreScore/${{ secrets.LIBRESCORE_REPO_A }}
40+
#cd $HOME/${{ secrets.LIBRESCORE_REPO_A }}
41+
#sed -ri 's/"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.+"/echo \\ \\ \\ \\ \\ \\ \\"'"$jwt"'\\"\\;/e' lib/utils/db_api.dart
4242
43-
git config user.name github-actions
44-
git config user.email github-actions@github.com
45-
git add -A
46-
git commit -m "chore: update token"
47-
git push --atomic origin master
43+
#git config user.name github-actions
44+
#git config user.email github-actions@github.com
45+
#git add -A
46+
#git commit -m "chore: update token"
47+
#git push --atomic origin master
4848
4949
echo "${{ secrets.SSH_KEY }}" | base64 --decode > $HOME/id_rsa
5050
chmod 600 $HOME/id_rsa
51-
echo "prior to ssh"
5251
ssh -i $HOME/id_rsa -o StrictHostKeyChecking=accept-new ${{ secrets.SSH_USERNAME }}@${{ secrets.SSH_DOMAIN }} -p ${{ secrets.SSH_PORT }} 'sudo -u postgres psql librescore -c "create or replace function auth.check_token() returns void language plpgsql as \$\$ begin if current_setting('"'request.jwt.claims', true)::json->>'version' not in ('server', '${{ steps.get-latest-release.outputs.CURRENT_VERSION }}', '${{ steps.get-latest-release.outputs.LATEST_VERSION }}') then raise insufficient_privilege using hint = 'Outdated version'"'; end if; end \$\$;"'
5352
- name: Upload assets
5453
if: env.updated == 'true'

0 commit comments

Comments
 (0)