1+ name : 📦🐧 Github Runner (Fetcher|Updater) 📦🐧
2+ # MAX_RUNTIME: 02 Minutes */10 * * * *
3+
4+ on :
5+ # push:
6+ workflow_dispatch :
7+ schedule :
8+ # - cron: "0 */8 * * *" # Every 8 HRs
9+ - cron : " 30 08 * * 3" # 08:30 PM UTC Wed (02:15 AM NPT Thu Midnight)
10+ jobs :
11+ fetch :
12+ runs-on : ubuntu-latest
13+ timeout-minutes : 20
14+ permissions :
15+ contents : write
16+ strategy :
17+ matrix :
18+ include :
19+ - image : " aarch64-Linux"
20+ arch : " aarch64"
21+ file : " /tmp/runner.tar.gz"
22+
23+ - image : " x86_64-Linux"
24+ arch : " aarch64"
25+ file : " /tmp/runner.tar.gz"
26+
27+ steps :
28+ - name : Setup Env [${{ matrix.image }}]
29+ run : |
30+ ##presets
31+ set +x ; set +e
32+ #-------------#
33+ ##CoreUtils
34+ export DEBIAN_FRONTEND="noninteractive"
35+ echo "DEBIAN_FRONTEND=${DEBIAN_FRONTEND}" >> "${GITHUB_ENV}"
36+ sudo apt update -y -qq
37+ #https://github.com/ilikenwf/apt-fast?tab=readme-ov-file#quick-install
38+ bash -c "$(curl -qfsSL 'https://raw.githubusercontent.com/ilikenwf/apt-fast/master/quick-install.sh')"
39+ if ! command -v apt-fast &> /dev/null; then
40+ echo -e "\n[-] docker NOT Found\n"
41+ echo "CONTINUE_GHRUN=FALSE" >> "${GITHUB_ENV}"
42+ exit 1
43+ fi
44+ sudo apt-fast install apt-transport-https apt-utils bc ca-certificates coreutils curl dos2unix fdupes git-lfs gnupg2 \
45+ jq moreutils p7zip-full rename rsync software-properties-common texinfo tmux torsocks util-linux wget zsync -y -qq 2>/dev/null
46+ sudo apt-fast update -y -qq 2>/dev/null
47+ ##tmp
48+ SYSTMP="$(dirname $(mktemp -u))" && export SYSTMP="${SYSTMP}"
49+ #GH ENV
50+ echo "SYSTMP=${SYSTMP}" >> "${GITHUB_ENV}"
51+ echo "GHA_MODE=MATRIX" >> "${GITHUB_ENV}"
52+ echo "GIT_TERMINAL_PROMPT=0" >> "${GITHUB_ENV}"
53+ echo "GIT_ASKPASS=/bin/echo" >> "${GITHUB_ENV}"
54+ echo "GH_PAGER=" >> "${GITHUB_ENV}"
55+ gh config set prompt disabled
56+ git config --global "credential.helper" store
57+ git config --global "user.email" "[email protected] " 58+ git config --global "user.name" "Azathothas"
59+ ##User-Agent
60+ USER_AGENT="$(curl -qfsSL 'https://pub.ajam.dev/repos/Azathothas/Wordlists/Misc/User-Agents/ua_chrome_macos_latest.txt')" && export USER_AGENT="${USER_AGENT}"
61+ echo "USER_AGENT=${USER_AGENT}" >> "${GITHUB_ENV}"
62+ ##Wget
63+ echo 'progress = dot:giga' | sudo tee -a "/etc/wgetrc"
64+ echo 'progress = dot:giga' | tee -a "${HOME}/.wgetrc"
65+ continue-on-error : true
66+
67+ - name : Create Metadata Tag [gh-${{ matrix.image }}]
68+ if : env.CONTINUE_GHRUN != 'FALSE'
69+ env :
70+ GH_TOKEN : " ${{ github.token }}"
71+ GITHUB_TOKEN : " ${{ github.token }}"
72+ run : |
73+ ##presets
74+ set +x ; set +e
75+ #-------------#
76+ METADATA_TAG="soar-nest"
77+ export METADATA_TAG="$(echo "gh-${{ matrix.image }}" | tr -d '[:space:]')"
78+ echo "METADATA_TAG=${METADATA_TAG}" >> "${GITHUB_ENV}"
79+ echo "GH_PAGER=" >> "${GITHUB_ENV}"
80+ gh config set prompt disabled
81+ gh release create "${METADATA_TAG}" --repo "${GITHUB_REPOSITORY}" --title "${METADATA_TAG}" --prerelease
82+ sleep 3 ; gh release view "${METADATA_TAG}" --repo "${GITHUB_REPOSITORY}"
83+ METADATA_TAG_URL="https://github.com/${GITHUB_REPOSITORY}/releases/tag/${METADATA_TAG}"
84+ echo METADATA_TAG_URL="${METADATA_TAG_URL}" >> "${GITHUB_ENV}"
85+ METADATA_TAG_STATUS="$(curl -X "HEAD" -qfsSL "${METADATA_TAG_URL}" -I | sed -n 's/^[[:space:]]*HTTP\/[0-9.]*[[:space:]]\+\([0-9]\+\).*/\1/p' | tail -n1 | tr -d '[:space:]')"
86+ if echo "${METADATA_TAG_STATUS}" | grep -qi '200$'; then
87+ export METADATA_DIR="/tmp/PKG_METADATA"
88+ echo "METADATA_DIR=${METADATA_DIR}" >> "${GITHUB_ENV}"
89+ mkdir -pv "${METADATA_DIR}"
90+ echo "CONTINUE_GHRUN=TRUE" >> "${GITHUB_ENV}"
91+ else
92+ echo -e "\n[✗] FATAL: Failed to Create ${METADATA_TAG} <== [Release Tag]\n"
93+ echo "CONTINUE_GHRUN=FALSE" >> "${GITHUB_ENV}"
94+ exit 1
95+ fi
96+ continue-on-error : true
97+
98+ - name : Download [gh-${{ matrix.image }}]
99+ if : env.CONTINUE_GHRUN != 'FALSE'
100+ env :
101+ GH_TOKEN : " ${{ github.token }}"
102+ GITHUB_TOKEN : " ${{ github.token }}"
103+ run : |
104+ ##presets
105+ set +x ; set +e
106+ #-------------#
107+ OUT_FILE="${{ matrix.file }}"
108+ SRC_REPO="actions/runner"
109+ pushd "$(mktemp -d)" &>/dev/null && TMPDIR="$(realpath .)"
110+ #Fetch Release Metadata
111+ for i in {1..5}; do
112+ gh api "repos/${SRC_REPO}/releases" --paginate | jq . > "${TMPDIR}/RELEASES.json"
113+ unset REL_COUNT ; REL_COUNT="$(jq -r '.. | objects | select(has("browser_download_url")) | .browser_download_url' "${TMPDIR}/RELEASES.json" | grep -iv 'null' | sort -u | wc -l | tr -d '[:space:]')"
114+ if [[ "${REL_COUNT}" -le 10 ]]; then
115+ echo "Retrying... ${i}/5"
116+ sleep 2
117+ elif [[ "${REL_COUNT}" -gt 10 ]]; then
118+ unset REL_COUNT
119+ break
120+ fi
121+ done
122+ #Sanity Check URLs
123+ REL_COUNT="$(jq -r '.. | objects | select(has("browser_download_url")) | .browser_download_url' "${TMPDIR}/RELEASES.json" | grep -iv 'null' | sort -u | wc -l | tr -d '[:space:]')"
124+ if [[ "${REL_COUNT}" -le 10 ]]; then
125+ echo -e "\n[-] FATAL: Failed to Fetch Release MetaData\n"
126+ echo "[-] Count: ${REL_COUNT}"
127+ echo "CONTINUE_GHRUN=FALSE" >> "${GITHUB_ENV}"
128+ exit 1
129+ else
130+ #Get Download URL
131+ if echo "${{ matrix.image }}" | grep -qiE 'aarch64'; then
132+ REL_DL_URL="$(cat "${TMPDIR}/RELEASES.json" | jq -r '.[] | select(.prerelease | not) | .assets[].browser_download_url | select((. | test("\\.(sha|sha256|sha512|sig)$") | not) and (. | test("apple|darwin|macos|osx|win|x64"; "i") | not))' |\
133+ grep -Ei "arm64" | grep -Ei "linux" | sort --version-sort | tail -n 1 | tr -d '[:space:]')"
134+ elif echo "${{ matrix.image }}" | grep -qiE 'x86_64'; then
135+ REL_DL_URL="$(cat "${TMPDIR}/RELEASES.json" | jq -r '.[] | select(.prerelease | not) | .assets[].browser_download_url | select((. | test("\\.(sha|sha256|sha512|sig)$") | not) and (. | test("apple|arm64|darwin|macos|osx|win"; "i") | not))' |\
136+ grep -Ei "x64" | grep -Ei "linux" | sort --version-sort | tail -n 1 | tr -d '[:space:]')"
137+ fi
138+ fi
139+ #Download
140+ if ! echo "${REL_DL_URL}" | grep -qiE '^https?://'; then
141+ echo -e "[-] FATAL: Failed to fetch Download URL"
142+ echo "CONTINUE_GHRUN=FALSE" >> "${GITHUB_ENV}"
143+ exit 1
144+ else
145+ curl -w "(DL) <== %{url}\n" -qfSL "${REL_DL_URL}" -o "${OUT_FILE}" | tee "${TMPDIR}/REL_NOTE.txt"
146+ fi
147+ #Check
148+ if [[ -s "${OUT_FILE}" ]] && [[ $(stat -c%s "${OUT_FILE}") -gt 10000 ]]; then
149+ echo -e "[+] Downloaded Artifact"
150+ realpath "${OUT_FILE}" && du -sh "${OUT_FILE}"
151+ echo "CONTINUE_GHRUN=TRUE" >> "${GITHUB_ENV}"
152+ export HAS_RELEASE="TRUE"
153+ echo "HAS_RELEASE=${HAS_RELEASE}" >> "${GITHUB_ENV}"
154+ #Rel Notes
155+ echo -e "" > "/tmp/RELEASE_NOTE.md"
156+ echo '---' >> "/tmp/RELEASE_NOTE.md"
157+ echo '```console' >> "/tmp/RELEASE_NOTE.md"
158+ echo -e "\n" >> "/tmp/RELEASE_NOTE.md"
159+ cat "${TMPDIR}/REL_NOTE.txt" >> "/tmp/RELEASE_NOTE.md"
160+ echo -e "\n[+] --> HOST" >> "/tmp/RELEASE_NOTE.md"
161+ echo "${{ matrix.image }}" >> "/tmp/RELEASE_NOTE.md"
162+ echo -e "\n[+] --> FILE" >> "/tmp/RELEASE_NOTE.md"
163+ file "${OUT_FILE}" | sed 's|/tmp/||' >> "/tmp/RELEASE_NOTE.md"
164+ echo -e "\n[+] --> SIZE" >> "/tmp/RELEASE_NOTE.md"
165+ du -sh "${OUT_FILE}" | awk '{unit=substr($1,length($1)); sub(/[BKMGT]$/,"",$1); print $1 " " unit "B"}' >> "/tmp/RELEASE_NOTE.md"
166+ echo -e "\n[+] --> BLAKE3SUM" >> "/tmp/RELEASE_NOTE.md"
167+ b3sum "${OUT_FILE}" | grep -oE '^[a-f0-9]{64}' | tr -d '[:space:]' >> "/tmp/RELEASE_NOTE.md"
168+ echo -e "\n\n[+] --> SHA256SUM" >> "/tmp/RELEASE_NOTE.md"
169+ sha256sum "${OUT_FILE}" | grep -oE '^[a-f0-9]{64}' | tr -d '[:space:]' >> "/tmp/RELEASE_NOTE.md"
170+ echo -e "\n" >> "/tmp/RELEASE_NOTE.md"
171+ echo -e '```\n' >> "/tmp/RELEASE_NOTE.md"
172+ #Time
173+ UTC_TIME="$(TZ='UTC' date +'%Y_%m_%d')"
174+ echo "UTC_TIME=${UTC_TIME}" >> "${GITHUB_ENV}"
175+ else
176+ echo -e "[-] FATAL: Downloaded Artifact seems broken"
177+ echo "CONTINUE_GHRUN=FALSE" >> "${GITHUB_ENV}"
178+ export HAS_RELEASE="FALSE"
179+ echo "HAS_RELEASE=${HAS_RELEASE}" >> "${GITHUB_ENV}"
180+ exit 1
181+ fi
182+ continue-on-error : true
183+
184+ - name : Fail (If Build Failed)
185+ if : env.HAS_RELEASE == 'FALSE'
186+ run : |
187+ #presets
188+ set +x ; set +e
189+ #-------------#
190+ exit 1
191+ continue-on-error : false
192+
193+ # Artifacts
194+ - name : Upload (Build) Artifacts
195+ uses : actions/upload-artifact@v4
196+ with :
197+ name : " gh-${{ matrix.image }}"
198+ path : |
199+ ${{ matrix.file }}
200+ compression-level : 0 # no compression, [Default: 6 (GNU Gzip)]
201+ retention-days : 90 # max
202+ overwrite : true
203+ continue-on-error : true
204+
205+ # continuous
206+ - name : Releaser (Continuous)
207+ if : env.HAS_RELEASE == 'TRUE'
208+ 209+ with :
210+ name : " ${{ env.METADATA_TAG }}"
211+ tag_name : " ${{ env.METADATA_TAG }}"
212+ prerelease : true
213+ draft : false
214+ generate_release_notes : false
215+ body_path : " /tmp/RELEASE_NOTE.md"
216+ files : |
217+ ${{ matrix.file }}
218+ continue-on-error : true
219+
220+ # Snapshot
221+ - name : Releaser (Snapshot)
222+ if : env.HAS_RELEASE == 'TRUE'
223+ 224+ with :
225+ name : " ${{ env.METADATA_TAG }}"
226+ tag_name : " ${{ env.UTC_TIME }}-${{ env.METADATA_TAG }}"
227+ prerelease : false
228+ draft : false
229+ generate_release_notes : false
230+ make_latest : false
231+ body_path : " /tmp/RELEASE_NOTE.md"
232+ files : |
233+ ${{ matrix.file }}
234+ continue-on-error : true
0 commit comments