108 lines
3.3 KiB
Python
Executable File
108 lines
3.3 KiB
Python
Executable File
#!/usr/bin/env python3
|
|
import os
|
|
import subprocess
|
|
from pathlib import Path
|
|
|
|
# Security: No third-party dependencies here!
|
|
|
|
root = Path(__file__).absolute().parent.parent
|
|
|
|
if __name__ == "__main__":
|
|
ref = os.environ["GITHUB_REF"]
|
|
branch: str | None = None
|
|
tag: str | None = None
|
|
if ref.startswith("refs/heads/"):
|
|
branch = ref.replace("refs/heads/", "")
|
|
elif ref.startswith("refs/tags/"):
|
|
if not ref.startswith("refs/tags/v"):
|
|
raise AssertionError(f"Unexpected tag: {ref}")
|
|
tag = ref.replace("refs/tags/v", "")
|
|
else:
|
|
raise AssertionError
|
|
|
|
# Upload binaries (be it release or snapshot)
|
|
if tag:
|
|
upload_dir = tag
|
|
else:
|
|
upload_dir = f"branches/{branch}"
|
|
# Ideally we could have R2 pull from S3 automatically, but that's not possible yet. So we upload to both.
|
|
print(f"Uploading binaries to snapshots.mitmproxy.org/{upload_dir}...")
|
|
subprocess.check_call(
|
|
[
|
|
"aws",
|
|
"s3",
|
|
"sync",
|
|
"--delete",
|
|
*("--acl", "public-read"),
|
|
*("--exclude", "*.msix"),
|
|
root / "release/dist",
|
|
f"s3://snapshots.mitmproxy.org/{upload_dir}",
|
|
]
|
|
)
|
|
if tag:
|
|
# We can't scope R2 tokens, so they are only exposed in the deploy env.
|
|
print(f"Uploading binaries to downloads.mitmproxy.org/{upload_dir}...")
|
|
subprocess.check_call(
|
|
[
|
|
"aws",
|
|
"s3",
|
|
"sync",
|
|
"--delete",
|
|
*("--acl", "public-read"),
|
|
*("--exclude", "*.msix"),
|
|
*(
|
|
"--endpoint-url",
|
|
f"https://{os.environ['R2_ACCOUNT_ID']}.r2.cloudflarestorage.com",
|
|
),
|
|
root / "release/dist",
|
|
f"s3://downloads/{upload_dir}",
|
|
],
|
|
env={
|
|
**os.environ,
|
|
"AWS_REGION": "auto",
|
|
"AWS_ACCESS_KEY_ID": os.environ["R2_ACCESS_KEY_ID"],
|
|
"AWS_SECRET_ACCESS_KEY": os.environ["R2_SECRET_ACCESS_KEY"],
|
|
},
|
|
)
|
|
|
|
# Upload releases to PyPI
|
|
if tag:
|
|
print(f"Uploading wheel to PyPI...")
|
|
(whl,) = root.glob("release/dist/mitmproxy-*-py3-none-any.whl")
|
|
subprocess.check_call(["twine", "upload", whl])
|
|
|
|
# Upload docs
|
|
def upload_docs(path: str, src: Path = root / "docs/public"):
|
|
subprocess.check_call(["aws", "configure", "set", "preview.cloudfront", "true"])
|
|
subprocess.check_call(
|
|
[
|
|
"aws",
|
|
"s3",
|
|
"sync",
|
|
"--delete",
|
|
"--acl",
|
|
"public-read",
|
|
src,
|
|
f"s3://docs.mitmproxy.org{path}",
|
|
]
|
|
)
|
|
subprocess.check_call(
|
|
[
|
|
"aws",
|
|
"cloudfront",
|
|
"create-invalidation",
|
|
"--distribution-id",
|
|
"E1TH3USJHFQZ5Q",
|
|
"--paths",
|
|
f"{path}/*",
|
|
]
|
|
)
|
|
|
|
if branch == "main":
|
|
print(f"Uploading dev docs...")
|
|
upload_docs("/dev")
|
|
if tag:
|
|
print(f"Uploading release docs...")
|
|
upload_docs("/stable")
|
|
upload_docs(f"/archive/v{tag.split('.')[0]}", src=root / "docs/archive")
|