Skip to content

Fix xplat sync #29833

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Jun 10, 2024
Merged

Fix xplat sync #29833

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
e96a4c1
Fix xplat sync
rickhanlonii Jun 10, 2024
71f2690
tweak
rickhanlonii Jun 10, 2024
8fd5915
better logging
rickhanlonii Jun 10, 2024
2cbae4b
ok cool
rickhanlonii Jun 10, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
110 changes: 13 additions & 97 deletions .github/workflows/commit_artifacts.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -327,108 +327,18 @@ jobs:
grep -rl "$CURRENT_VERSION" ./compiled-rn || echo "No files found with $CURRENT_VERSION"
grep -rl "$CURRENT_VERSION" ./compiled-rn | xargs -r sed -i -e "s/$CURRENT_VERSION/$LAST_VERSION/g"
grep -rl "$CURRENT_VERSION" ./compiled-rn || echo "Version reverted"
- name: Check changes before signing
run: |
echo "Full git status"
git add .
git status
echo "===================="
if git status --porcelain | grep -qv '/REVISION'; then
echo "Changes detected"
echo "===== Changes ====="
git --no-pager diff -U0 --cached | grep '^[+-]' | head -n 50
echo "==================="
else
echo "No Changes detected"
fi
- name: Revert signatures
uses: actions/github-script@v6
with:
script: |
// TODO: Move this to a script file.
// We currently can't call scripts from the repo because
// at this point in the workflow, we're on the compiled
// artifact branch (so the scripts don't exist).
// We can fix this with a composite action in the main repo.
// This script is duplicated below.
const fs = require('fs');
const crypto = require('crypto');
const {execSync} = require('child_process');

// TODO: when we move this to a script, we can use this from npm.
// Copy of signedsource since we can't install deps on this branch
const GENERATED = '@' + 'generated';
const NEWTOKEN = '<<SignedSource::*O*zOeWoEQle#+L!plEphiEmie@IsG>>';
const PATTERN = new RegExp(`${GENERATED} (?:SignedSource<<([a-f0-9]{32})>>)`);

const TokenNotFoundError = new Error(
`SignedSource.signFile(...): Cannot sign file without token: ${NEWTOKEN}`
);

function hash(data, encoding) {
const md5sum = crypto.createHash('md5');
md5sum.update(data, encoding);
return md5sum.digest('hex');
}

const SignedSource = {
getSigningToken() {
return `${GENERATED} ${NEWTOKEN}`;
},
isSigned(data) {
return PATTERN.exec(data) != null;
},
signFile(data) {
if (!data.includes(NEWTOKEN)) {
if (SignedSource.isSigned(data)) {
// Signing a file that was previously signed.
data = data.replace(PATTERN, SignedSource.getSigningToken());
} else {
throw TokenNotFoundError;
}
}
return data.replace(NEWTOKEN, `SignedSource<<${hash(data, 'utf8')}>>`);
},
};

const directory = './compiled-rn';
console.log('Signing files in directory:', directory);
try {
const result = execSync(`git status --porcelain ${directory}`, {encoding: 'utf8'});

// Parse the git status output to get file paths
const files = result.split('\n').filter(file => file.endsWith('.js'));

if (files.length === 0) {
throw new Error(
'git status returned no files to sign. this job should not have run.'
);
} else {
files.forEach(line => {
const file = line.slice(3).trim();
if (file) {
console.log(' Signing file:', file);
const originalContents = fs.readFileSync(file, 'utf8');
const signedContents = SignedSource.signFile(originalContents);
fs.writeFileSync(file, signedContents, 'utf8');
}
});
}
} catch (e) {
process.exitCode = 1;
console.error('Error signing files:', e);
}
- name: Check for changes
id: check_should_commit
run: |
echo "Full git status"
git add .
git status --porcelain
git --no-pager diff -U0 --cached | grep '^[+-]' | head -n 100
echo "===================="
if git status --porcelain | grep -qv '/REVISION'; then
# Ignore REVISION or lines removing @generated headers.
if git diff --cached' :(exclude)*REVISION' | grep -vE "^(@@|diff|index|\-\-\-|\+\+\+|\- \* @generated SignedSource)" | grep "^[+-]" > /dev/null; then
echo "Changes detected"
echo "===== Changes ====="
git --no-pager diff -U0 --cached | grep '^[+-]' | head -n 50
git --no-pager diff --cached ':(exclude)*REVISION' | grep -vE "^(@@|diff|index|\-\-\-|\+\+\+|\- \* @generated SignedSource)" | grep "^[+-]" | head -n 50
echo "==================="
echo "should_commit=true" >> "$GITHUB_OUTPUT"
else
Expand All @@ -445,7 +355,7 @@ jobs:
grep -rl "$LAST_VERSION" ./compiled-rn || echo "No files found with $LAST_VERSION"
grep -rl "$LAST_VERSION" ./compiled-rn | xargs -r sed -i -e "s/$LAST_VERSION/$CURRENT_VERSION/g"
grep -rl "$LAST_VERSION" ./compiled-rn || echo "Version re-applied"
- name: Add files
- name: Add files for signing
if: steps.check_should_commit.outputs.should_commit == 'true'
run: |
echo ":"
Expand Down Expand Up @@ -519,7 +429,12 @@ jobs:
if (file) {
console.log(' Signing file:', file);
const originalContents = fs.readFileSync(file, 'utf8');
const signedContents = SignedSource.signFile(originalContents);
const signedContents = SignedSource.signFile(
originalContents
// Need to add the header in, since it's not inserted at build time.
.replace(' */\n', ` * ${SignedSource.getSigningToken()}\n */\n`)
);

fs.writeFileSync(file, signedContents, 'utf8');
}
});
Expand All @@ -531,7 +446,8 @@ jobs:
- name: Will commit these changes
if: steps.check_should_commit.outputs.should_commit == 'true'
run: |
git status -u
git add .
git status
- name: Commit changes to branch
if: steps.check_should_commit.outputs.should_commit == 'true'
uses: stefanzweifel/git-auto-commit-action@v4
Expand Down
Loading