Merge pull request #6211 from sellout/updatecheck-token-path
Improve token handling in the updatecheck script
This commit is contained in:
commit
e417ba89a6
|
@ -28,10 +28,10 @@ Check that dependencies are up-to-date or have been postponed:
|
||||||
$ ./qa/zcash/updatecheck.py
|
$ ./qa/zcash/updatecheck.py
|
||||||
```
|
```
|
||||||
|
|
||||||
If you are missing the `.updatecheck-token` file required to run this script,
|
You can optionally create a file `~/.local/share/zcash/updatecheck/token` (or
|
||||||
please ask Taylor or another Zcash developer for a copy, or create an
|
`$XDG_DATA_HOME/zcash/updatecheck/token` if the `XDG_DATA_HOME` environment
|
||||||
unprivileged personal access token for a github account and save it to the
|
variable is set) to avoid running into GitHub rate limiting. Create an
|
||||||
file in the format `username:hex-token`.
|
unprivileged personal access token on GitHub and copy the value into the file.
|
||||||
|
|
||||||
If there are updates that have not been postponed, review their changelogs
|
If there are updates that have not been postponed, review their changelogs
|
||||||
for urgent security fixes, and if there aren't any, postpone the update by
|
for urgent security fixes, and if there aren't any, postpone the update by
|
||||||
|
@ -59,9 +59,8 @@ The release script has the following dependencies:
|
||||||
|
|
||||||
- `help2man`
|
- `help2man`
|
||||||
- `debchange` (part of the devscripts Debian package)
|
- `debchange` (part of the devscripts Debian package)
|
||||||
|
- the python modules `progressbar2` (optional - displays a progress bar),
|
||||||
You can optionally install the `progressbar2` Python module with pip to have a
|
`requests` and `xdg`
|
||||||
progress bar displayed during the build process.
|
|
||||||
|
|
||||||
## Versioning
|
## Versioning
|
||||||
|
|
||||||
|
|
|
@ -3,8 +3,7 @@
|
||||||
# This script checks for updates to zcashd's dependencies.
|
# This script checks for updates to zcashd's dependencies.
|
||||||
#
|
#
|
||||||
# The SOURCE_ROOT constant specifies the location of the zcashd codebase to
|
# The SOURCE_ROOT constant specifies the location of the zcashd codebase to
|
||||||
# check, and the GITHUB_API_* constants specify a personal access token for the
|
# check.
|
||||||
# GitHub API, which need not have any special privileges.
|
|
||||||
#
|
#
|
||||||
# All dependencies must be specified inside the get_dependency_list() function
|
# All dependencies must be specified inside the get_dependency_list() function
|
||||||
# below. A dependency is specified by:
|
# below. A dependency is specified by:
|
||||||
|
@ -36,6 +35,7 @@ import requests
|
||||||
import os
|
import os
|
||||||
import re
|
import re
|
||||||
import sys
|
import sys
|
||||||
|
import xdg
|
||||||
import datetime
|
import datetime
|
||||||
|
|
||||||
SOURCE_ROOT = os.path.join(os.path.dirname(os.path.realpath(__file__)), "..", "..")
|
SOURCE_ROOT = os.path.join(os.path.dirname(os.path.realpath(__file__)), "..", "..")
|
||||||
|
@ -112,24 +112,22 @@ def get_dependency_list():
|
||||||
|
|
||||||
return dependencies
|
return dependencies
|
||||||
|
|
||||||
class GitHubToken:
|
def parse_token():
|
||||||
def __init__(self):
|
token_path = os.path.realpath(os.path.join(SOURCE_ROOT, ".updatecheck-token"))
|
||||||
token_path = os.path.join(SOURCE_ROOT, ".updatecheck-token")
|
if not os.path.exists(token_path):
|
||||||
try:
|
token_path = os.path.join(xdg.xdg_data_home(), "zcash/updatecheck/token")
|
||||||
with open(token_path, encoding='utf8') as f:
|
try:
|
||||||
token = f.read().strip()
|
with open(token_path, encoding='utf8') as f:
|
||||||
self._user = token.split(":")[0]
|
token = f.read().strip()
|
||||||
self._password = token.split(":")[1]
|
return token.split(":")[-1]
|
||||||
except:
|
except:
|
||||||
print("Please make sure a GitHub API token is in .updatecheck-token in the root of this repository.")
|
print("You are missing a GitHub API token. This script will probably still work, but")
|
||||||
print("The format is username:hex-token.")
|
print("you are more likely to hit an API rate limit. Create a file named")
|
||||||
sys.exit(1)
|
print(token_path)
|
||||||
|
print("containing the token to silence this warning.")
|
||||||
|
return ()
|
||||||
|
|
||||||
def user(self):
|
token = parse_token()
|
||||||
return self.user
|
|
||||||
|
|
||||||
def password(self):
|
|
||||||
return self.password
|
|
||||||
|
|
||||||
class Version(list):
|
class Version(list):
|
||||||
def __init__(self, version_tuple):
|
def __init__(self, version_tuple):
|
||||||
|
@ -180,7 +178,6 @@ class GithubTagReleaseLister:
|
||||||
self.repo = repo
|
self.repo = repo
|
||||||
self.regex = regex
|
self.regex = regex
|
||||||
self.testcases = testcases
|
self.testcases = testcases
|
||||||
self.token = GitHubToken()
|
|
||||||
|
|
||||||
for tag, expected in testcases.items():
|
for tag, expected in testcases.items():
|
||||||
match = re.match(self.regex, tag)
|
match = re.match(self.regex, tag)
|
||||||
|
@ -206,7 +203,10 @@ class GithubTagReleaseLister:
|
||||||
|
|
||||||
def all_tag_names(self):
|
def all_tag_names(self):
|
||||||
url = "https://api.github.com/repos/" + safe(self.org) + "/" + safe(self.repo) + "/git/refs/tags"
|
url = "https://api.github.com/repos/" + safe(self.org) + "/" + safe(self.repo) + "/git/refs/tags"
|
||||||
r = requests.get(url, auth=requests.auth.HTTPBasicAuth(self.token.user(), self.token.password()))
|
auth = {}
|
||||||
|
if token:
|
||||||
|
auth = { 'Authorization': 'Bearer ' + token }
|
||||||
|
r = requests.get(url, headers=auth)
|
||||||
if r.status_code != 200:
|
if r.status_code != 200:
|
||||||
print("API request failed (error %d)" % (r.status_code,), file=sys.stderr)
|
print("API request failed (error %d)" % (r.status_code,), file=sys.stderr)
|
||||||
print(r.text, file=sys.stderr)
|
print(r.text, file=sys.stderr)
|
||||||
|
|
Loading…
Reference in New Issue