Add self-update feature to sync-ssh-keys script and update documentation (#10)

locus313 · web-flow · commit 36a56ef88726 · 2025-07-20T17:44:05.000-07:00
* Add self-update feature to sync-ssh-keys script and update documentation

* Bump script version to 0.0.9
diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md
@@ -14,6 +14,7 @@ This document provides comprehensive guidance for AI coding agents and contribut
   - Logging and error handling.
   - Configuration loading from `users.conf`.
   - A helper function `fetch_key_file` to handle key retrieval logic with retries for failed operations.
+  - A `--self-update` option to fetch and replace the script with the latest version from the GitHub repository.
 
 ### Configuration
 - **`users.conf`**: Defines users and their key sources. Example structure:
@@ -38,6 +39,10 @@ This document provides comprehensive guidance for AI coding agents and contribut
    ```bash
    ./sync-ssh-keys.sh
    ```
+3. To update the script to the latest version, run:
+   ```bash
+   ./sync-ssh-keys.sh --self-update
+   ```
 
 ### Configuration
 - Edit `users.conf` to define users and their key sources.
@@ -102,3 +107,8 @@ This document provides comprehensive guidance for AI coding agents and contribut
 - The `fetch_key_file` function includes a retry mechanism for failed fetch operations.
 - By default, it retries up to 3 times with a 2-second delay between attempts.
 - Logs detailed error messages for each failed attempt and skips the user if all retries fail.
+
+### Self-Update Feature
+- The `--self-update` option fetches the latest version of the script from the GitHub repository.
+- Replaces the current script with the downloaded version.
+- Ensures the script is always up-to-date with the latest features and fixes.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -47,4 +47,6 @@ jobs:
         with:
           tag_name: v${{ steps.get_version.outputs.version }}
           generate_release_notes: true
-          files: ssh-key-sync.zip
+          files: |
+            ssh-key-sync.zip
+            sync-ssh-keys.sh
diff --git a/README.md b/README.md
@@ -13,6 +13,7 @@ This Bash script pulls `authorized_keys` files from remote URLs and updates SSH
 - Safe: Only updates keys if they’ve changed
 - Logs activity per user
 - Retries failed fetch operations up to 3 times with a delay
+- **Self-update**: Automatically updates the script to the latest version from the GitHub repository
 
 ## ⚙️ Configuration
 
@@ -55,6 +56,10 @@ declare -A USER_KEYS=(
    ```cron
    */15 * * * * /usr/local/bin/sync-ssh-keys.sh >> /var/log/ssh-key-sync.log 2>&1
    ```
+5. To update the script to the latest version, run:
+   ```bash
+   ./sync-ssh-keys.sh --self-update
+   ```
 
 ## Implementation Notes
 
@@ -63,6 +68,7 @@ declare -A USER_KEYS=(
 - Includes a retry mechanism for failed fetch operations (3 attempts with a 2-second delay).
 - Only updates a user's `authorized_keys` if the remote file has changed.
 - Logs all actions with timestamps.
+- The `--self-update` option fetches the latest version of the script from the GitHub repository and replaces the current version.
 
 ## Examples
 
diff --git a/sync-ssh-keys.sh b/sync-ssh-keys.sh
@@ -2,7 +2,7 @@
 set -euo pipefail
 
 # shellcheck disable=SC2034  # planned to be used in a future release
-SCRIPT_VERSION="0.0.8"
+SCRIPT_VERSION="0.0.9"
 
 # === Load user configuration ===
 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
@@ -56,6 +56,43 @@ fetch_key_file() {
   return 1
 }
 
+self_update() {
+  local REPO="locus313/ssh-key-sync"
+  local LATEST_URL
+  local TMP_DIR
+
+  log_message "Checking for the latest version of the script..."
+
+  LATEST_URL=$(curl -fsSL "https://api.github.com/repos/$REPO/releases/latest" | \
+    grep "browser_download_url" | grep "sync-ssh-keys.sh" | cut -d '"' -f 4)
+
+  if [ -z "$LATEST_URL" ]; then
+    log_message "Error: Could not determine the latest version URL."
+    exit 1
+  fi
+
+  TMP_DIR=$(mktemp -d)
+  curl -fsSL "$LATEST_URL" -o "$TMP_DIR/sync-ssh-keys.sh"
+
+  if [ ! -s "$TMP_DIR/sync-ssh-keys.sh" ]; then
+    log_message "Error: Downloaded script is empty. Aborting update."
+    rm -rf "$TMP_DIR"
+    exit 1
+  fi
+
+  chmod +x "$TMP_DIR/sync-ssh-keys.sh"
+  mv "$TMP_DIR/sync-ssh-keys.sh" "$SCRIPT_DIR/sync-ssh-keys.sh"
+  rm -rf "$TMP_DIR"
+
+  log_message "Script successfully updated to the latest version."
+  exit 0
+}
+
+# --- Option parsing ---
+if [[ "${1:-}" == "--self-update" ]]; then
+  self_update
+fi
+
 TMP_FILES=()
 trap 'rm -f "${TMP_FILES[@]}"' EXIT
 for USER in "${!USER_KEYS[@]}"; do
