Compare commits
No commits in common. "main" and "v0.1.0-alpha.2" have entirely different histories.
main
...
v0.1.0-alp
|
|
@ -6,7 +6,6 @@ import (
|
|||
"encoding/json"
|
||||
"fmt"
|
||||
"html"
|
||||
"log"
|
||||
"net/http"
|
||||
"strings"
|
||||
"time"
|
||||
|
|
@ -82,8 +81,7 @@ func (s *Server) handleAdminUsers(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
rows, err := s.db.Query("SELECT id, username, email, confirmed, blocked, created_at FROM server_users ORDER BY created_at DESC")
|
||||
if err != nil {
|
||||
log.Printf("admin users: query failed: %v", err)
|
||||
http.Error(w, t(s.locale(), "server.internalError"), http.StatusInternalServerError)
|
||||
http.Error(w, err.Error(), 500)
|
||||
return
|
||||
}
|
||||
defer rows.Close()
|
||||
|
|
@ -129,8 +127,7 @@ func (s *Server) handleAdminDevices(w http.ResponseWriter, r *http.Request) {
|
|||
rows, err := s.db.Query(`SELECT d.id, d.name, d.client_version, COALESCE(d.last_seen,''), COALESCE(d.revoked_at,''), d.created_at
|
||||
FROM server_devices d ORDER BY d.created_at DESC`)
|
||||
if err != nil {
|
||||
log.Printf("admin devices: query failed: %v", err)
|
||||
http.Error(w, t(s.locale(), "server.internalError"), http.StatusInternalServerError)
|
||||
http.Error(w, err.Error(), 500)
|
||||
return
|
||||
}
|
||||
defer rows.Close()
|
||||
|
|
@ -217,12 +214,11 @@ func (s *Server) handleAdminSMTPTest(w http.ResponseWriter, r *http.Request) {
|
|||
to = from
|
||||
}
|
||||
if host == "" || port == "" || from == "" {
|
||||
jsonOK(w, map[string]interface{}{"ok": false, "error": t(s.locale(), "admin.smtpRequired")})
|
||||
jsonOK(w, map[string]interface{}{"ok": false, "error": "host, port and from required"})
|
||||
return
|
||||
}
|
||||
if err := s.smtpTest(host, port, user, pass, security, from, to); err != nil {
|
||||
log.Printf("admin SMTP test failed: %v", err)
|
||||
jsonOK(w, map[string]interface{}{"ok": false, "error": t(s.locale(), "admin.smtpTestFailed")})
|
||||
jsonOK(w, map[string]interface{}{"ok": false, "error": err.Error()})
|
||||
return
|
||||
}
|
||||
jsonOK(w, map[string]interface{}{"ok": true})
|
||||
|
|
@ -239,7 +235,7 @@ func (s *Server) handleAdminAPIDevices(w http.ResponseWriter, r *http.Request) {
|
|||
LEFT JOIN server_users u ON u.id = d.user_id
|
||||
ORDER BY d.created_at DESC`)
|
||||
if err != nil {
|
||||
jsonInternalError(w, err)
|
||||
jsonErr(w, 500, err.Error())
|
||||
return
|
||||
}
|
||||
defer rows.Close()
|
||||
|
|
@ -269,7 +265,7 @@ func (s *Server) handleAdminAPIKeys(w http.ResponseWriter, r *http.Request) {
|
|||
case "GET":
|
||||
rows, err := s.db.Query("SELECT id, name, api_key FROM server_devices ORDER BY created_at")
|
||||
if err != nil {
|
||||
jsonInternalError(w, err)
|
||||
jsonErr(w, 500, err.Error())
|
||||
return
|
||||
}
|
||||
defer rows.Close()
|
||||
|
|
@ -317,7 +313,7 @@ func (s *Server) handleAdminAPIKeysDelete(w http.ResponseWriter, r *http.Request
|
|||
id := strings.TrimPrefix(r.URL.Path, "/admin/api/keys/")
|
||||
_, err := s.db.Exec("DELETE FROM server_devices WHERE id=?", id)
|
||||
if err != nil {
|
||||
jsonInternalError(w, err)
|
||||
jsonErr(w, 500, err.Error())
|
||||
return
|
||||
}
|
||||
s.db.Exec("DELETE FROM server_user_devices WHERE device_id=?", id)
|
||||
|
|
@ -377,7 +373,7 @@ func (s *Server) handleAdminAPIUsers(w http.ResponseWriter, r *http.Request) {
|
|||
args = append(args, perPage, offset)
|
||||
rows, err := s.db.Query(sql, args...)
|
||||
if err != nil {
|
||||
jsonInternalError(w, err)
|
||||
jsonErr(w, 500, err.Error())
|
||||
return
|
||||
}
|
||||
defer rows.Close()
|
||||
|
|
@ -437,7 +433,7 @@ func (s *Server) handleAdminAPIUserActions(w http.ResponseWriter, r *http.Reques
|
|||
hash, _ := bcrypt.GenerateFromPassword([]byte(newPass), bcrypt.DefaultCost)
|
||||
_, err := s.db.Exec("UPDATE server_users SET password_hash=? WHERE id=?", string(hash), id)
|
||||
if err != nil {
|
||||
jsonInternalError(w, err)
|
||||
jsonErr(w, 500, err.Error())
|
||||
return
|
||||
}
|
||||
jsonOK(w, map[string]interface{}{"status": "ok", "new_password": newPass})
|
||||
|
|
@ -460,7 +456,7 @@ func (s *Server) handleAdminAPIUserActions(w http.ResponseWriter, r *http.Reques
|
|||
}
|
||||
_, err := s.db.Exec("UPDATE server_users SET username=?, email=? WHERE id=?", editReq.Username, strings.ToLower(editReq.Email), id)
|
||||
if err != nil {
|
||||
jsonInternalError(w, err)
|
||||
jsonErr(w, 500, err.Error())
|
||||
return
|
||||
}
|
||||
jsonOK(w, map[string]interface{}{"status": "ok"})
|
||||
|
|
@ -538,9 +534,8 @@ func (s *Server) handleAdminCreateUser(w http.ResponseWriter, r *http.Request) {
|
|||
w.WriteHeader(409)
|
||||
w.Write([]byte(errorPageHTML(locale, t(locale, "common.error"), "Username or email already taken", "/admin/create-user")))
|
||||
} else {
|
||||
log.Printf("admin create user: failed: %v", err)
|
||||
w.WriteHeader(500)
|
||||
w.Write([]byte(errorPageHTML(locale, t(locale, "common.error"), t(locale, "admin.createUserFailed"), "/admin/create-user")))
|
||||
w.Write([]byte(errorPageHTML(locale, t(locale, "common.error"), err.Error(), "/admin/create-user")))
|
||||
}
|
||||
return
|
||||
}
|
||||
|
|
@ -592,7 +587,7 @@ func (s *Server) handleAdminAPICreateUser(w http.ResponseWriter, r *http.Request
|
|||
if strings.Contains(err.Error(), "UNIQUE") {
|
||||
jsonErr(w, 409, "username or email already taken")
|
||||
} else {
|
||||
jsonInternalError(w, err)
|
||||
jsonErr(w, 500, err.Error())
|
||||
}
|
||||
return
|
||||
}
|
||||
|
|
|
|||
|
|
@ -110,7 +110,7 @@ func (s *Server) handleClientPair(w http.ResponseWriter, r *http.Request) {
|
|||
deviceID, req.DeviceName, hex.EncodeToString(apiKey), tokenHash, prefix, suffix,
|
||||
userID, req.VaultID, req.ClientVersion, ip, now, now)
|
||||
if err != nil {
|
||||
jsonInternalError(w, err)
|
||||
jsonErr(w, 500, err.Error())
|
||||
return
|
||||
}
|
||||
s.db.Exec("INSERT OR IGNORE INTO server_user_devices (user_id, device_id) VALUES (?, ?)", userID, deviceID)
|
||||
|
|
@ -335,7 +335,7 @@ func (s *Server) handleDeviceRegister(w http.ResponseWriter, r *http.Request) {
|
|||
deviceID, req.Name, apiKey, userID, req.VaultID, now, now,
|
||||
)
|
||||
if err != nil {
|
||||
jsonInternalError(w, err)
|
||||
jsonErr(w, 500, err.Error())
|
||||
return
|
||||
}
|
||||
s.db.Exec("INSERT OR IGNORE INTO server_user_devices (user_id, device_id) VALUES (?, ?)", userID, deviceID)
|
||||
|
|
@ -369,7 +369,7 @@ func (s *Server) handleSyncPush(w http.ResponseWriter, r *http.Request) {
|
|||
} `json:"ops"`
|
||||
}
|
||||
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
|
||||
jsonErr(w, 400, "invalid JSON")
|
||||
jsonErr(w, 400, "invalid JSON: "+err.Error())
|
||||
return
|
||||
}
|
||||
if req.IdempotencyKey != "" {
|
||||
|
|
@ -479,7 +479,7 @@ func (s *Server) handleSyncPull(w http.ResponseWriter, r *http.Request) {
|
|||
WHERE user_id=? AND vault_id=? AND server_sequence > ? AND server_sequence IS NOT NULL
|
||||
ORDER BY server_sequence`, scope.UserID, scope.VaultID, req.SinceSequence)
|
||||
if err != nil {
|
||||
jsonInternalError(w, err)
|
||||
jsonErr(w, 500, err.Error())
|
||||
return
|
||||
}
|
||||
defer rows.Close()
|
||||
|
|
@ -515,7 +515,7 @@ func (s *Server) handleBlobs(w http.ResponseWriter, r *http.Request) {
|
|||
switch r.Method {
|
||||
case "POST":
|
||||
if err := r.ParseMultipartForm(200 << 20); err != nil {
|
||||
jsonErr(w, 400, "invalid multipart request")
|
||||
jsonErr(w, 400, "multipart error: "+err.Error())
|
||||
return
|
||||
}
|
||||
file, header, err := r.FormFile("file")
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ func (s *Server) handleRegister(w http.ResponseWriter, r *http.Request) {
|
|||
jsonErr(w, 409, "username or email already taken")
|
||||
return
|
||||
}
|
||||
jsonInternalError(w, err)
|
||||
jsonErr(w, 500, err.Error())
|
||||
return
|
||||
}
|
||||
tok := make([]byte, 24)
|
||||
|
|
|
|||
|
|
@ -78,9 +78,8 @@ func (s *Server) handleUserWebRegister(w http.ResponseWriter, r *http.Request) {
|
|||
w.WriteHeader(409)
|
||||
w.Write([]byte(errorPageHTML(locale, t(locale, "common.error"), "Username or email already taken", "/register")))
|
||||
} else {
|
||||
log.Printf("register web: create user failed: %v", err)
|
||||
w.WriteHeader(500)
|
||||
w.Write([]byte(errorPageHTML(locale, t(locale, "common.error"), t(locale, "server.registrationFailed"), "/register")))
|
||||
w.Write([]byte(errorPageHTML(locale, t(locale, "common.error"), err.Error(), "/register")))
|
||||
}
|
||||
return
|
||||
}
|
||||
|
|
@ -353,7 +352,7 @@ func (s *Server) handleUserDevices(w http.ResponseWriter, r *http.Request) {
|
|||
WHERE ud.user_id = ?
|
||||
ORDER BY d.created_at DESC`, userID)
|
||||
if err != nil {
|
||||
jsonInternalError(w, err)
|
||||
jsonErr(w, 500, err.Error())
|
||||
return
|
||||
}
|
||||
defer rows.Close()
|
||||
|
|
|
|||
|
|
@ -4,7 +4,6 @@ import (
|
|||
"crypto/sha256"
|
||||
"encoding/hex"
|
||||
"encoding/json"
|
||||
"log"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
|
|
@ -19,11 +18,6 @@ func jsonErr(w http.ResponseWriter, code int, msg string) {
|
|||
json.NewEncoder(w).Encode(map[string]string{"error": msg})
|
||||
}
|
||||
|
||||
func jsonInternalError(w http.ResponseWriter, err error) {
|
||||
log.Printf("request failed: %v", err)
|
||||
jsonErr(w, http.StatusInternalServerError, "internal error")
|
||||
}
|
||||
|
||||
func sha256Hex(s string) string {
|
||||
h := sha256.Sum256([]byte(s))
|
||||
return hex.EncodeToString(h[:])
|
||||
|
|
|
|||
|
|
@ -59,8 +59,6 @@ var _translations = map[string]map[string]string{
|
|||
"server.newPasswordResult": "Новый пароль для %s:\n",
|
||||
"server.logout": "Выйти",
|
||||
"server.error": "Ошибка",
|
||||
"server.internalError": "Что-то пошло не так. Повторите попытку.",
|
||||
"server.registrationFailed": "Не удалось зарегистрировать аккаунт. Повторите попытку.",
|
||||
"userDashboard.devices": "Устройства",
|
||||
"userDashboard.device": "Устройство",
|
||||
"userDashboard.status": "Статус",
|
||||
|
|
@ -109,8 +107,6 @@ var _translations = map[string]map[string]string{
|
|||
"admin.smtpTitle": "Настройки SMTP",
|
||||
"admin.smtpTesting": "Проверка...",
|
||||
"admin.smtpPassed": "✓ Тест пройден",
|
||||
"admin.smtpRequired": "Укажите SMTP-сервер, порт и отправителя.",
|
||||
"admin.smtpTestFailed": "Не удалось проверить настройки SMTP. Повторите попытку.",
|
||||
"admin.revokeConfirm": "Вы уверены?",
|
||||
"common.loading": "Загрузка...",
|
||||
"common.ok": "OK",
|
||||
|
|
@ -143,7 +139,6 @@ var _translations = map[string]map[string]string{
|
|||
"admin.blockUserMessage": "Заблокировать пользователя?",
|
||||
"admin.createUser": "Создать пользователя",
|
||||
"admin.createUserBtn": "Создать",
|
||||
"admin.createUserFailed": "Не удалось создать пользователя. Повторите попытку.",
|
||||
},
|
||||
"en": {
|
||||
"server.registerTitle": "Registration",
|
||||
|
|
@ -189,8 +184,6 @@ var _translations = map[string]map[string]string{
|
|||
"server.newPasswordResult": "New password for %s:\n",
|
||||
"server.logout": "Logout",
|
||||
"server.error": "Error",
|
||||
"server.internalError": "Something went wrong. Please try again.",
|
||||
"server.registrationFailed": "Could not register the account. Please try again.",
|
||||
"userDashboard.devices": "Devices",
|
||||
"userDashboard.device": "Device",
|
||||
"userDashboard.status": "Status",
|
||||
|
|
@ -239,8 +232,6 @@ var _translations = map[string]map[string]string{
|
|||
"admin.smtpTitle": "SMTP Settings",
|
||||
"admin.smtpTesting": "Testing...",
|
||||
"admin.smtpPassed": "✓ Test passed",
|
||||
"admin.smtpRequired": "Enter the SMTP server, port, and sender.",
|
||||
"admin.smtpTestFailed": "Could not test the SMTP settings. Please try again.",
|
||||
"admin.revokeConfirm": "Are you sure?",
|
||||
"common.loading": "Loading...",
|
||||
"common.ok": "OK",
|
||||
|
|
@ -273,6 +264,5 @@ var _translations = map[string]map[string]string{
|
|||
"admin.blockUserMessage": "Block user?",
|
||||
"admin.createUser": "Create User",
|
||||
"admin.createUserBtn": "Create",
|
||||
"admin.createUserFailed": "Could not create the user. Please try again.",
|
||||
},
|
||||
}
|
||||
|
|
|
|||
|
|
@ -64,41 +64,6 @@ func TestConfigSetAdmin(t *testing.T) {
|
|||
}
|
||||
}
|
||||
|
||||
func TestAdminDashboardSMTPSecuritySelectUsesApplicationStyles(t *testing.T) {
|
||||
html := adminDashboardHTML("en", 0, 0, "", "", "", "", "starttls", "")
|
||||
|
||||
for _, expected := range []string{
|
||||
`<select name="smtp_security" class="form-select">`,
|
||||
`.form-select{`,
|
||||
`appearance:none`,
|
||||
`background-image:linear-gradient`,
|
||||
`.form-select option{background:#13131f;color:#e4e4ef}`,
|
||||
`.form-select:focus{outline:none;border-color:#6366f1`,
|
||||
} {
|
||||
if !strings.Contains(html, expected) {
|
||||
t.Errorf("SMTP security select is missing application styling %q", expected)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func TestUserFacingServerErrorsDoNotExposeInternalDetails(t *testing.T) {
|
||||
for _, name := range []string{"handlers_auth.go", "handlers_api.go", "handlers_admin.go", "handlers_web_user.go"} {
|
||||
source, err := os.ReadFile(name)
|
||||
if err != nil {
|
||||
t.Fatalf("read %s: %v", name, err)
|
||||
}
|
||||
for _, forbidden := range []string{
|
||||
"jsonErr(w, 500, err.Error())",
|
||||
"http.Error(w, err.Error(), 500)",
|
||||
"errorPageHTML(locale, t(locale, \"common.error\"), err.Error()",
|
||||
} {
|
||||
if strings.Contains(string(source), forbidden) {
|
||||
t.Errorf("%s exposes an internal error with %q", name, forbidden)
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func TestSyncPushPullStoresSequencedOps(t *testing.T) {
|
||||
dir := t.TempDir()
|
||||
s, err := NewServer(filepath.Join(dir, "test.db"), filepath.Join(dir, "data"), &Config{Port: 47732})
|
||||
|
|
|
|||
|
|
@ -312,9 +312,6 @@ input:focus{outline:none;border-color:#6366f1}
|
|||
.form-row{display:flex;gap:8px;margin-bottom:8px;align-items:center}
|
||||
.form-row label{font-size:12px;color:#888;min-width:80px;flex-shrink:0}
|
||||
.form-row input{flex:1}
|
||||
.form-select{font-family:inherit;font-size:14px;padding:8px 32px 8px 12px;border:1px solid #2a2a3c;background-color:#13131f;color:#e4e4ef;border-radius:6px;flex:1;box-sizing:border-box;appearance:none;background-image:linear-gradient(45deg,transparent 50%%,#8b93aa 50%%),linear-gradient(135deg,#8b93aa 50%%,transparent 50%%);background-position:calc(100%% - 16px) 50%%,calc(100%% - 11px) 50%%;background-size:5px 5px,5px 5px;background-repeat:no-repeat}
|
||||
.form-select option{background:#13131f;color:#e4e4ef}
|
||||
.form-select:focus{outline:none;border-color:#6366f1;box-shadow:0 0 0 2px rgba(99,102,241,.24)}
|
||||
.toolbar{display:flex;gap:8px;margin:16px 0;flex-wrap:wrap}
|
||||
.modal-overlay{position:fixed;inset:0;background:rgba(0,0,0,0.6);display:flex;align-items:center;justify-content:center;z-index:100}
|
||||
.modal{background:#1a1a28;border:1px solid #2a2a3c;border-radius:12px;padding:24px;width:420px;max-width:90vw;position:relative;max-height:80vh;overflow-y:auto}
|
||||
|
|
@ -383,7 +380,7 @@ function testSMTP(){
|
|||
<form action="/admin/api/smtp" method="POST">
|
||||
<div class="form-row"><label>%[18]s</label><input name="smtp_host" value="%[32]s" placeholder="smtp.example.com"></div>
|
||||
<div class="form-row"><label>%[19]s</label><input name="smtp_port" value="%[33]s" placeholder="587"></div>
|
||||
<div class="form-row"><label>%[20]s</label><select name="smtp_security" class="form-select">
|
||||
<div class="form-row"><label>%[20]s</label><select name="smtp_security" style="font-family:inherit;font-size:14px;padding:8px 12px;border:1px solid #2a2a3c;background:#13131f;color:#e4e4ef;border-radius:6px;flex:1;box-sizing:border-box">
|
||||
<option value="starttls"%[34]s>STARTTLS</option>
|
||||
<option value="tls"%[35]s>TLS</option>
|
||||
<option value="none"%[36]s>%[21]s</option>
|
||||
|
|
|
|||
|
|
@ -1,7 +0,0 @@
|
|||
## Highlights
|
||||
|
||||
- First public alpha of the optional Verstak synchronization server.
|
||||
- Provides isolated user and vault synchronization, an admin interface, user management, SMTP configuration, and password-reset flows.
|
||||
- Includes a Linux archive, installation script, backup guidance, and security hardening for server-rendered data and API keys.
|
||||
|
||||
**Commit history**: https://github.com/mirivlad/verstak-sync-server/commits/v0.1.0-alpha.2
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
## Highlights
|
||||
|
||||
- Client-facing errors no longer expose internal server details.
|
||||
- The SMTP security selector follows the rest of the server settings UI.
|
||||
- The release workflow uploads only artifacts belonging to the requested version and marks alpha versions as prereleases.
|
||||
|
|
@ -6,7 +6,6 @@ VERSION="${1:-}"
|
|||
REPOSITORY="mirivlad/verstak-sync-server"
|
||||
RELEASE_SCRIPT="${VERSTAK_RELEASE_SCRIPT:-$ROOT/scripts/release.sh}"
|
||||
RELEASE_DIR="${VERSTAK_RELEASE_DIR:-$ROOT/release}"
|
||||
RELEASE_NOTES_DIR="${VERSTAK_RELEASE_NOTES_DIR:-$ROOT/release-notes}"
|
||||
GIT_BIN="${GIT_BIN:-git}"
|
||||
GH_BIN="${GH_BIN:-gh}"
|
||||
|
||||
|
|
@ -40,15 +39,15 @@ fi
|
|||
|
||||
"$RELEASE_SCRIPT" "$VERSION"
|
||||
|
||||
ARCHIVE="$RELEASE_DIR/verstak-sync-server-linux-amd64-$VERSION.tar.gz"
|
||||
if [[ ! -f "$ARCHIVE" ]]; then
|
||||
echo "release archive not found: $ARCHIVE" >&2
|
||||
exit 1
|
||||
fi
|
||||
ASSETS=("$ARCHIVE")
|
||||
shopt -s nullglob
|
||||
ASSETS=("$RELEASE_DIR"/*.tar.gz "$RELEASE_DIR"/*.tgz)
|
||||
if [[ -f "$RELEASE_DIR/SHA256SUMS" ]]; then
|
||||
ASSETS+=("$RELEASE_DIR/SHA256SUMS")
|
||||
fi
|
||||
if [[ ${#ASSETS[@]} -eq 0 ]]; then
|
||||
echo "no release assets found in $RELEASE_DIR" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if "$GIT_BIN" rev-parse -q --verify "refs/tags/$VERSION" >/dev/null; then
|
||||
if [[ "$("$GIT_BIN" rev-parse "${VERSION}^{commit}")" != "$HEAD" ]]; then
|
||||
|
|
@ -63,26 +62,12 @@ fi
|
|||
if "$GH_BIN" release view "$VERSION" --repo "$REPOSITORY" >/dev/null 2>&1; then
|
||||
"$GH_BIN" release upload "$VERSION" "${ASSETS[@]}" --repo "$REPOSITORY" --clobber
|
||||
else
|
||||
NOTES_FILE="$RELEASE_NOTES_DIR/$VERSION.md"
|
||||
if [[ ! -s "$NOTES_FILE" ]]; then
|
||||
echo "human-readable release notes are required: $NOTES_FILE" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
RELEASE_OPTIONS=(--notes-file "$NOTES_FILE" --generate-notes --verify-tag)
|
||||
PREVIOUS_TAG="$("$GIT_BIN" describe --tags --abbrev=0 "${HEAD}^" 2>/dev/null || true)"
|
||||
if [[ -n "$PREVIOUS_TAG" ]]; then
|
||||
RELEASE_OPTIONS+=(--notes-start-tag "$PREVIOUS_TAG")
|
||||
fi
|
||||
if [[ "$VERSION" == *-* ]]; then
|
||||
RELEASE_OPTIONS+=(--prerelease)
|
||||
else
|
||||
RELEASE_OPTIONS+=(--latest)
|
||||
fi
|
||||
"$GH_BIN" release create "$VERSION" "${ASSETS[@]}" \
|
||||
--repo "$REPOSITORY" \
|
||||
--title "Verstak Sync Server $VERSION" \
|
||||
"${RELEASE_OPTIONS[@]}"
|
||||
--generate-notes \
|
||||
--latest \
|
||||
--verify-tag
|
||||
fi
|
||||
|
||||
echo "GitHub release:"
|
||||
|
|
|
|||
|
|
@ -6,7 +6,6 @@ PUBLISHER="$ROOT/scripts/publish-github-release.sh"
|
|||
VERSION="v0.0.0-test"
|
||||
REPOSITORY="mirivlad/verstak-sync-server"
|
||||
ASSET_NAME="verstak-sync-server-linux-amd64-${VERSION}.tar.gz"
|
||||
STALE_ASSET="verstak-sync-server-linux-amd64-v0.0.0-stale.tar.gz"
|
||||
WORK="$(mktemp -d)"
|
||||
trap 'rm -rf "$WORK"' EXIT
|
||||
|
||||
|
|
@ -15,10 +14,9 @@ if [[ ! -x "$PUBLISHER" ]]; then
|
|||
exit 1
|
||||
fi
|
||||
|
||||
mkdir -p "$WORK/bin" "$WORK/release" "$WORK/release-notes" "$WORK/state"
|
||||
mkdir -p "$WORK/bin" "$WORK/release" "$WORK/state"
|
||||
LOG="$WORK/log"
|
||||
export LOG
|
||||
printf '## Highlights\n\nHuman-readable release notes.\n' > "$WORK/release-notes/$VERSION.md"
|
||||
|
||||
cat > "$WORK/release.sh" <<'SCRIPT'
|
||||
#!/usr/bin/env bash
|
||||
|
|
@ -29,8 +27,6 @@ printf 'checksum\n' > "$VERSTAK_RELEASE_DIR/SHA256SUMS"
|
|||
SCRIPT
|
||||
chmod +x "$WORK/release.sh"
|
||||
|
||||
printf 'stale archive\n' > "$WORK/release/$STALE_ASSET"
|
||||
|
||||
cat > "$WORK/bin/git" <<'SCRIPT'
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
|
@ -49,7 +45,6 @@ case "${1:-}" in
|
|||
fi
|
||||
echo test-commit
|
||||
;;
|
||||
describe) echo v0.0.0-previous ;;
|
||||
tag) touch "$TEST_STATE/tag"; printf 'tag:%s\n' "${3:-}" >> "$LOG" ;;
|
||||
push) printf 'push:%s:%s\n' "${2:-}" "${3:-}" >> "$LOG" ;;
|
||||
*) echo "unexpected git invocation: $*" >&2; exit 1 ;;
|
||||
|
|
@ -75,7 +70,6 @@ chmod +x "$WORK/bin/gh"
|
|||
run_publisher() {
|
||||
VERSTAK_RELEASE_SCRIPT="$WORK/release.sh" \
|
||||
VERSTAK_RELEASE_DIR="$WORK/release" \
|
||||
VERSTAK_RELEASE_NOTES_DIR="$WORK/release-notes" \
|
||||
GIT_BIN="$WORK/bin/git" \
|
||||
GH_BIN="$WORK/bin/gh" \
|
||||
EXPECTED_ROOT="$ROOT" \
|
||||
|
|
@ -90,18 +84,6 @@ grep -Fqx "push:origin:refs/tags/$VERSION" "$LOG"
|
|||
grep -F "release create $VERSION" "$LOG" >/dev/null
|
||||
grep -F "$ASSET_NAME" "$LOG" >/dev/null
|
||||
grep -F "SHA256SUMS" "$LOG" >/dev/null
|
||||
grep -F -- "--notes-file $WORK/release-notes/$VERSION.md" "$LOG" >/dev/null
|
||||
grep -F -- "--generate-notes" "$LOG" >/dev/null
|
||||
grep -F -- "--notes-start-tag v0.0.0-previous" "$LOG" >/dev/null
|
||||
grep -F -- "--prerelease" "$LOG" >/dev/null
|
||||
if grep -F -- "--latest" "$LOG" >/dev/null; then
|
||||
echo "alpha release was incorrectly marked latest" >&2
|
||||
exit 1
|
||||
fi
|
||||
if grep -F "$STALE_ASSET" "$LOG" >/dev/null; then
|
||||
echo "publisher uploaded an archive from a different release version" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
run_publisher
|
||||
grep -F "release upload $VERSION" "$LOG" >/dev/null
|
||||
|
|
|
|||
Loading…
Reference in New Issue