mirror/IronFox
1
0
Fork 0
mirror of https://github.com/ironfox-oss/IronFox.git synced 2026-06-11 09:44:46 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
cded70d7e0e5b9f7efda70c4da2016258c8a3f72
IronFox/scripts/ci-prep.sh
celenity cded70d7e0 feat: Use separate ci-prep.sh for setting up the Android keystore, Google Safe Browsing API key, and S3 storage in CI 
This eliminates redundancies and improves portability/control

Signed-off-by: celenity <celenity@celenity.dev>
2026-04-24 00:55:49 -04:00

340 lines
12 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# This file is expected to be executed in GitLab CI
# DO NOT executed this manually!
set -euo pipefail
# Ensure this is never ran with xtrace...
set +x
# Set-up our environment
if [[ -z "${IRONFOX_CI+x}" ]]; then
export IRONFOX_CI=1
fi
if [[ -z "${IRONFOX_SET_ENVS+x}" ]]; then
bash -x "$(realpath $(dirname "$0"))/env.sh"
fi
source "$(realpath $(dirname "$0"))/env.sh"
# Include utilities
source "${IRONFOX_UTILS}"
# Set-up target parameters
if [[ -z "${1+x}" ]]; then
echo_red_text "Usage: $0 android-keystore|s3|sb" >&1
exit 1
fi
readonly ci_prep_target=$(echo "${1}" | "${IRONFOX_AWK}" '{print tolower($0)}')
IRONFOX_CI_PREP_ANDROID_KEYSTORE=0
IRONFOX_CI_PREP_S3=0
IRONFOX_CI_PREP_SB_GAPI_KEY=0
if [ "${ci_prep_target}" == 'android-ks' ]; then
# Set-up the Android keystore
IRONFOX_CI_PREP_ANDROID_KEYSTORE=1
elif [ "${ci_prep_target}" == 's3' ]; then
# Set-up S3 storage
IRONFOX_CI_PREP_S3=1
elif [ "${ci_prep_target}" == 'sb' ]; then
# Set-up the Google Safe Browsing API key
IRONFOX_CI_PREP_SB_GAPI_KEY=1
else
echo_red_text "ERROR: Invalid target: ${ci_prep_target}\n You must enter one of the following:"
echo 'Android keystore: android-keystore'
echo 'Google Safe Browsing API key: sb'
echo 'S3 storage: s3'
exit 1
fi
readonly IRONFOX_CI_PREP_ANDROID_KEYSTORE
readonly IRONFOX_CI_PREP_S3
readonly IRONFOX_CI_PREP_SB_GAPI_KEY
# Android keystore
function prep_android_keystore() {
echo_red_text 'Preparing Android keystore...'
# First, ensure that environment variables specified externally (from CI) are properly set...
## Android keystore key pass
if [[ -z "${IRONFOX_ANDROID_KEYSTORE_KEY_PASS+x}" ]]; then
echo_red_text 'ERROR: The IRONFOX_ANDROID_KEYSTORE_KEY_PASS environment variable is missing! Aborting...'
exit 1
fi
readonly IRONFOX_ANDROID_KEYSTORE_KEY_PASS
## Android keystore pass
if [[ -z "${IRONFOX_ANDROID_KEYSTORE_PASS+x}" ]]; then
echo_red_text 'ERROR: The IRONFOX_ANDROID_KEYSTORE_PASS environment variable is missing! Aborting...'
exit 1
fi
readonly IRONFOX_ANDROID_KEYSTORE_PASS
## Android keystore URL
if [[ -z "${IRONFOX_ANDROID_KEYSTORE_URL+x}" ]]; then
echo_red_text 'ERROR: The IRONFOX_ANDROID_KEYSTORE_URL environment variable is missing! Aborting...'
exit 1
fi
readonly IRONFOX_ANDROID_KEYSTORE_URL
## GitLab CI job token
### (We need this to download the Android Keystore)
if [[ -z "${CI_JOB_TOKEN+x}" ]]; then
echo_red_text 'ERROR: The CI_JOB_TOKEN environment variable is missing! Aborting...'
exit 1
fi
readonly CI_JOB_TOKEN
# Now, ensure that our keystore file variables (defined at `env_common.sh`, set at `env_ci.sh`) are properly set...
if [[ -z "${IRONFOX_ANDROID_KEYSTORE}" ]]; then
echo_red_text 'ERROR: The IRONFOX_ANDROID_KEYSTORE environment variable is missing! Aborting...'
exit 1
fi
if [ "${IRONFOX_ANDROID_KEYSTORE}" == 'null' ]; then
echo_red_text 'ERROR: The IRONFOX_ANDROID_KEYSTORE environment variable has not been specified! Aborting...'
exit 1
fi
if [[ -z "${IRONFOX_ANDROID_KEYSTORE_KEY_PASS_FILE}" ]]; then
echo_red_text 'ERROR: The IRONFOX_ANDROID_KEYSTORE_KEY_PASS_FILE environment variable is missing! Aborting...'
exit 1
fi
if [ "${IRONFOX_ANDROID_KEYSTORE_KEY_PASS_FILE}" == 'null' ]; then
echo_red_text 'ERROR: The IRONFOX_ANDROID_KEYSTORE_KEY_PASS_FILE environment variable has not been specified! Aborting...'
exit 1
fi
if [[ -z "${IRONFOX_ANDROID_KEYSTORE_PASS_FILE}" ]]; then
echo_red_text 'ERROR: The IRONFOX_ANDROID_KEYSTORE_PASS_FILE environment variable is missing! Aborting...'
exit 1
fi
if [ "${IRONFOX_ANDROID_KEYSTORE_PASS_FILE}" == 'null' ]; then
echo_red_text 'ERROR: The IRONFOX_ANDROID_KEYSTORE_PASS_FILE environment variable has not been specified! Aborting...'
exit 1
fi
# Create our directories
mkdir -p $(dirname "${IRONFOX_ANDROID_KEYSTORE}")
mkdir -p $(dirname "${IRONFOX_ANDROID_KEYSTORE_KEY_PASS_FILE}")
mkdir -p $(dirname "${IRONFOX_ANDROID_KEYSTORE_PASS_FILE}")
# Download the Android keystore
curl ${IRONFOX_CURL_FLAGS} --fail --location --silent \
--request GET \
--header "JOB-TOKEN: ${CI_JOB_TOKEN}" \
"${IRONFOX_ANDROID_KEYSTORE_URL}" \
--output "${IRONFOX_ANDROID_KEYSTORE}"
chmod 600 "${IRONFOX_ANDROID_KEYSTORE}"
# Create the keystore key pass file
touch "${IRONFOX_ANDROID_KEYSTORE_KEY_PASS_FILE}"
chmod 600 "${IRONFOX_ANDROID_KEYSTORE_KEY_PASS_FILE}"
echo -n "${IRONFOX_ANDROID_KEYSTORE_KEY_PASS}" > "${IRONFOX_ANDROID_KEYSTORE_KEY_PASS_FILE}"
# Create the keystore pass file
touch "${IRONFOX_ANDROID_KEYSTORE_PASS_FILE}"
chmod 600 "${IRONFOX_ANDROID_KEYSTORE_PASS_FILE}"
echo -n "${IRONFOX_ANDROID_KEYSTORE_PASS}" > "${IRONFOX_ANDROID_KEYSTORE_PASS_FILE}"
# Ensure nothing went wrong...
if ! [[ -s "${IRONFOX_ANDROID_KEYSTORE}" ]]; then
echo_red_text "ERROR: Android keystore file ${IRONFOX_ANDROID_KEYSTORE} is empty!"
exit 1
fi
if ! [[ -s "${IRONFOX_ANDROID_KEYSTORE_KEY_PASS_FILE}" ]]; then
echo_red_text "ERROR: Android keystore key pass file ${IRONFOX_ANDROID_KEYSTORE_KEY_PASS_FILE} is empty!"
exit 1
fi
if ! [[ -s "${IRONFOX_ANDROID_KEYSTORE_PASS_FILE}" ]]; then
echo_red_text "ERROR: Android keystore pass file ${IRONFOX_ANDROID_KEYSTORE_PASS_FILE} is empty!"
exit 1
fi
echo_green_text 'SUCCESS: Prepared Android keystore'
}
# S3 storage
function prep_s3_storage() {
echo_red_text 'Preparing S3 storage...'
# First, ensure that environment variables specified externally (from CI) are properly set...
## S3 access key
if [[ -z "${IRONFOX_RELEASES_S3_ACCESS_KEY+x}" ]]; then
echo_red_text 'ERROR: The IRONFOX_RELEASES_S3_ACCESS_KEY environment variable is missing! Aborting...'
exit 1
fi
readonly IRONFOX_RELEASES_S3_ACCESS_KEY
## S3 bucket name
if [[ -z "${IRONFOX_RELEASES_S3_BUCKET_NAME+x}" ]]; then
echo_red_text 'ERROR: The IRONFOX_RELEASES_S3_BUCKET_NAME environment variable is missing! Aborting...'
exit 1
fi
readonly IRONFOX_RELEASES_S3_BUCKET_NAME
## S3 endpoint
if [[ -z "${IRONFOX_RELEASES_S3_ENDPOINT+x}" ]]; then
echo_red_text 'ERROR: The IRONFOX_RELEASES_S3_ENDPOINT environment variable is missing! Aborting...'
exit 1
fi
readonly IRONFOX_RELEASES_S3_ENDPOINT
## S3 secret key
if [[ -z "${IRONFOX_RELEASES_S3_SECRET_KEY+x}" ]]; then
echo_red_text 'ERROR: The IRONFOX_RELEASES_S3_SECRET_KEY environment variable is missing! Aborting...'
exit 1
fi
readonly IRONFOX_RELEASES_S3_SECRET_KEY
# Now, ensure that our Safe Browsing API key file variable (defined at `env_common.sh`, set at `env_ci.sh`) is properly set...
if [[ -z "${IRONFOX_RELEASES_S3_ACCESS_KEY_FILE}" ]]; then
echo_red_text 'ERROR: The IRONFOX_RELEASES_S3_ACCESS_KEY_FILE environment variable is missing! Aborting...'
exit 1
fi
if [ "${IRONFOX_RELEASES_S3_ACCESS_KEY_FILE}" == 'null' ]; then
echo_red_text 'ERROR: The IRONFOX_RELEASES_S3_ACCESS_KEY_FILE environment variable has not been specified! Aborting...'
exit 1
fi
if [[ -z "${IRONFOX_RELEASES_S3_BUCKET_NAME_FILE}" ]]; then
echo_red_text 'ERROR: The IRONFOX_RELEASES_S3_BUCKET_NAME_FILE environment variable is missing! Aborting...'
exit 1
fi
if [ "${IRONFOX_RELEASES_S3_BUCKET_NAME_FILE}" == 'null' ]; then
echo_red_text 'ERROR: The IRONFOX_RELEASES_S3_BUCKET_NAME_FILE environment variable has not been specified! Aborting...'
exit 1
fi
if [[ -z "${IRONFOX_RELEASES_S3_ENDPOINT_FILE}" ]]; then
echo_red_text 'ERROR: The IRONFOX_RELEASES_S3_ENDPOINT_FILE environment variable is missing! Aborting...'
exit 1
fi
if [ "${IRONFOX_RELEASES_S3_ENDPOINT_FILE}" == 'null' ]; then
echo_red_text 'ERROR: The IRONFOX_RELEASES_S3_ENDPOINT_FILE environment variable has not been specified! Aborting...'
exit 1
fi
if [[ -z "${IRONFOX_RELEASES_S3_SECRET_KEY_FILE}" ]]; then
echo_red_text 'ERROR: The IRONFOX_RELEASES_S3_SECRET_KEY_FILE environment variable is missing! Aborting...'
exit 1
fi
if [ "${IRONFOX_RELEASES_S3_SECRET_KEY_FILE}" == 'null' ]; then
echo_red_text 'ERROR: The IRONFOX_RELEASES_S3_SECRET_KEY_FILE environment variable has not been specified! Aborting...'
exit 1
fi
# Create our directories
mkdir -p $(dirname "${IRONFOX_RELEASES_S3_ACCESS_KEY_FILE}")
mkdir -p $(dirname "${IRONFOX_RELEASES_S3_BUCKET_NAME_FILE}")
mkdir -p $(dirname "${IRONFOX_RELEASES_S3_ENDPOINT_FILE}")
mkdir -p $(dirname "${IRONFOX_RELEASES_S3_SECRET_KEY_FILE}")
# Create the S3 access key file
touch "${IRONFOX_RELEASES_S3_ACCESS_KEY_FILE}"
chmod 600 "${IRONFOX_RELEASES_S3_ACCESS_KEY_FILE}"
echo -n "${IRONFOX_RELEASES_S3_ACCESS_KEY}" > "${IRONFOX_RELEASES_S3_ACCESS_KEY_FILE}"
# Create the S3 bucket name file
touch "${IRONFOX_RELEASES_S3_BUCKET_NAME_FILE}"
chmod 600 "${IRONFOX_RELEASES_S3_BUCKET_NAME_FILE}"
echo -n "${IRONFOX_RELEASES_S3_BUCKET_NAME}" > "${IRONFOX_RELEASES_S3_BUCKET_NAME_FILE}"
# Create the S3 endpoint file
touch "${IRONFOX_RELEASES_S3_ENDPOINT_FILE}"
chmod 600 "${IRONFOX_RELEASES_S3_ENDPOINT_FILE}"
echo -n "${IRONFOX_RELEASES_S3_ENDPOINT}" > "${IRONFOX_RELEASES_S3_ENDPOINT_FILE}"
# Create the S3 secret key file
touch "${IRONFOX_RELEASES_S3_SECRET_KEY_FILE}"
chmod 600 "${IRONFOX_RELEASES_S3_SECRET_KEY_FILE}"
echo -n "${IRONFOX_RELEASES_S3_SECRET_KEY}" > "${IRONFOX_RELEASES_S3_SECRET_KEY_FILE}"
# Ensure nothing went wrong...
if ! [[ -s "${IRONFOX_RELEASES_S3_ACCESS_KEY_FILE}" ]]; then
echo_red_text "ERROR: S3 access key file ${IRONFOX_RELEASES_S3_ACCESS_KEY_FILE} is empty!"
exit 1
fi
if ! [[ -s "${IRONFOX_RELEASES_S3_BUCKET_NAME_FILE}" ]]; then
echo_red_text "ERROR: S3 bucket name file ${IRONFOX_RELEASES_S3_BUCKET_NAME_FILE} is empty!"
exit 1
fi
if ! [[ -s "${IRONFOX_RELEASES_S3_ENDPOINT_FILE}" ]]; then
echo_red_text "ERROR: S3 endpoint file ${IRONFOX_RELEASES_S3_ENDPOINT_FILE} is empty!"
exit 1
fi
if ! [[ -s "${IRONFOX_RELEASES_S3_SECRET_KEY_FILE}" ]]; then
echo_red_text "ERROR: S3 secret key file ${IRONFOX_RELEASES_S3_SECRET_KEY_FILE} is empty!"
exit 1
fi
echo_green_text 'SUCCESS: Prepared S3 storage'
}
# Google Safe Browsing API key
function prep_sb_gapi_key() {
echo_red_text 'Preparing Google Safe Browsing API key...'
# First, ensure that environment variables specified externally (from CI) are properly set...
if [[ -z "${IRONFOX_SB_GAPI_KEY+x}" ]]; then
echo_red_text 'ERROR: The IRONFOX_SB_GAPI_KEY environment variable is missing! Aborting...'
exit 1
fi
readonly IRONFOX_SB_GAPI_KEY
# Now, ensure that our Safe Browsing API key file variable (defined at `env_common.sh`, set at `env_ci.sh`) is properly set...
if [[ -z "${IRONFOX_SB_GAPI_KEY_FILE}" ]]; then
echo_red_text 'ERROR: The IRONFOX_SB_GAPI_KEY_FILE environment variable is missing! Aborting...'
exit 1
fi
if [ "${IRONFOX_SB_GAPI_KEY_FILE}" == 'null' ]; then
echo_red_text 'ERROR: The IRONFOX_SB_GAPI_KEY_FILE environment variable has not been specified! Aborting...'
exit 1
fi
# Create our directory
mkdir -p $(dirname "${IRONFOX_SB_GAPI_KEY_FILE}")
# Create the Safe Browsing API key file
touch "${IRONFOX_SB_GAPI_KEY_FILE}"
chmod 600 "${IRONFOX_SB_GAPI_KEY_FILE}"
echo -n "${IRONFOX_SB_GAPI_KEY}" > "${IRONFOX_SB_GAPI_KEY_FILE}"
# Ensure nothing went wrong...
if ! [[ -s "${IRONFOX_SB_GAPI_KEY_FILE}" ]]; then
echo_red_text "ERROR: Google Safe Browsing API key file ${IRONFOX_SB_GAPI_KEY_FILE} is empty!"
exit 1
fi
echo_green_text 'SUCCESS: Prepared Google Safe Browsing API key'
}
# Prepare our secrets...
if [ "${IRONFOX_CI_PREP_ANDROID_KEYSTORE}" == 1 ]; then
prep_android_keystore
elif [ "${IRONFOX_CI_PREP_S3}" == 1 ]; then
prep_s3
elif [ "${IRONFOX_CI_PREP_SB_GAPI_KEY}" == 1 ]; then
prep_sb_gapi_key
fi
Reference in New Issue View Git Blame Copy Permalink