element-desktop/scripts/fetch-package.js

#!/usr/bin/env node

const process = require('process');
const path = require('path');
const fs = require('fs');
const fsPromises = require('fs').promises;
const childProcess = require('child_process');
const tar = require('tar');
const asar = require('asar');
const needle = require('needle');

const riotDesktopPackageJson = require('../package.json');
const { setPackageVersion } = require('./set-version.js');

const PUB_KEY_URL = "https://packages.riot.im/element-release-key.asc";
const PACKAGE_URL_PREFIX = "https://github.com/vector-im/element-web/releases/download/";
const ASAR_PATH = 'webapp.asar';

async function getLatestDevelopUrl(bkToken) {
    const buildsResult = await needle('get',
        "https://api.buildkite.com/v2/organizations/matrix-dot-org/pipelines/element-web/builds",
        {
            branch: 'develop',
            state: 'passed',
            per_page: 1,
        },
        {
            headers: {
                authorization: "Bearer " + bkToken,
            },
        },
    );
    const latestBuild = buildsResult.body[0];
    console.log("Latest build is " + latestBuild.number);
    let artifactUrl;
    for (const job of latestBuild.jobs) {
        // Strip any colon-form emoji from the build name
        if (job.name && job.name.replace(/:\w*:\s*/, '') === 'Package') {
            artifactUrl = job.artifacts_url;
            break;
        }
    }
    if (artifactUrl === undefined) {
        throw new Error("Couldn't find artifact URL - has the name of the package job changed?");
    }

    const artifactsResult = await needle('get', artifactUrl, {},
        {
            headers: {
                authorization: "Bearer " + bkToken,
            },
        },
    );
    let dlUrl;
    let dlFilename;
    for (const artifact of artifactsResult.body) {
        if (artifact.filename && /^element-.*\.tar.gz$/.test(artifact.filename)) {
            dlUrl = artifact.download_url;
            dlFilename = artifact.filename;
            break;
        }
    }
    if (dlUrl === undefined) {
        throw new Error("Couldn't find artifact download URL - has the artifact filename changed?");
    }
    console.log("Fetching artifact URL...");
    const dlResult = await needle('get', dlUrl, {},
        {
            headers: {
                authorization: "Bearer " + bkToken,
            },
            // This URL will give us a Location header, but will also give us
            // a JSON object with the direct URL. We'll take the URL and pass it
            // back, then we can easily support specifying a URL directly.
            follow_max: 0,
        },
    );
    return [dlFilename, dlResult.body.url];
}

async function downloadToFile(url, filename) {
    console.log("Downloading " + url + "...");

    try {
        await needle('get', url, null,
            {
                follow_max: 5,
                output: filename,
            },
        );
    } catch (e) {
        try {
            await fsPromises.unlink(filename);
        } catch (_) {}
        throw e;
    }
}

async function verifyFile(filename) {
    return new Promise((resolve, reject) => {
        childProcess.execFile('gpg', ['--verify', filename + '.asc', filename], (error) => {
            if (error) {
                reject(error);
            } else {
                resolve();
            }
        });
    });
}

async function main() {
    let verify = true;
    let importkey = false;
    let pkgDir = 'packages';
    let deployDir = 'deploys';
    let cfgDir;
    let targetVersion;
    let filename;
    let url;
    let setVersion = false;

    while (process.argv.length > 2) {
        switch (process.argv[2]) {
            case '--noverify':
                verify = false;
                break;
            case '--importkey':
                importkey = true;
                break;
            case '--packages':
                process.argv.shift();
                pkgDir = process.argv[2];
                break;
            case '--deploys':
                process.argv.shift();
                deployDir = process.argv[2];
                break;
            case '--cfgdir':
            case '-d':
                process.argv.shift();
                cfgDir = process.argv[2];
                break;
            default:
                targetVersion = process.argv[2];
        }
        process.argv.shift();
    }

    if (targetVersion === undefined) {
        targetVersion = 'v' + riotDesktopPackageJson.version;
        filename = 'element-' + targetVersion + '.tar.gz';
        url = PACKAGE_URL_PREFIX + targetVersion + '/' + filename;
    } else if (targetVersion === 'develop') {
        const buildKiteApiKey = process.env.BUILDKITE_API_KEY;
        if (buildKiteApiKey === undefined) {
            console.log("Set BUILDKITE_API_KEY to fetch latest develop version");
            console.log(
                "Sorry - Buildkite's API requires authentication to access builds, " +
                "even if those builds are accessible on the web with no auth.",
            );
            process.exit(1);
        }
        [filename, url] = await getLatestDevelopUrl(buildKiteApiKey);
        verify = false; // develop builds aren't signed
    } else {
        filename = 'element-' + targetVersion + '.tar.gz';
        url = PACKAGE_URL_PREFIX + targetVersion + '/' + filename;
        setVersion = true;
    }

    const haveGpg = await new Promise((resolve) => {
        childProcess.execFile('gpg', ['--version'], (error) => {
            resolve(!error);
        });
    });

    if (importkey) {
        if (!haveGpg) {
            console.log("Can't import key without working GPG binary: install GPG and try again");
            return 1;
        }

        await new Promise((resolve) => {
            const gpgProc = childProcess.execFile('gpg', ['--import'], (error) => {
                if (error) {
                    console.log("Failed to import key", error);
                } else {
                    console.log("Key imported!");
                }
                resolve(!error);
            });
            needle.get(PUB_KEY_URL).pipe(gpgProc.stdin);
        });
        return 0;
    }

    if (cfgDir === undefined) {
        console.log("No config directory set");
        console.log("Specify a config directory with --cfgdir or -d");
        console.log("To build with no config (and no auto-update), pass the empty string (-d '')");
        return 1;
    }

    if (verify && !haveGpg) {
        console.log("No working GPG binary: install GPG or pass --noverify to skip verification");
        return 1;
    }

    let haveDeploy = false;
    const expectedDeployDir = path.join(deployDir, path.basename(filename).replace(/\.tar\.gz/, ''));
    try {
        await fs.opendir(expectedDeployDir);
        console.log(expectedDeployDir + "already exists");
        haveDeploy = true;
    } catch (e) {
    }

    if (!haveDeploy) {
        const outPath = path.join(pkgDir, filename);
        try {
            await fsPromises.stat(outPath);
            console.log("Already have " + filename + ": not redownloading");
        } catch (e) {
            try {
                await downloadToFile(url, outPath);
            } catch (e) {
                console.log("Failed to download " + url, e);
                return 1;
            }
        }

        if (verify) {
            try {
                await fsPromises.stat(outPath+'.asc');
                console.log("Already have " + filename + ".asc: not redownloading");
            } catch (e) {
                try {
                    await downloadToFile(url + '.asc', outPath + '.asc');
                } catch (e) {
                    console.log("Failed to download " + url, e);
                    return 1;
                }
            }

            try {
                await verifyFile(outPath);
                console.log(outPath + " downloaded and verified");
            } catch (e) {
                console.log("Signature verification failed!", e);
                return 1;
            }
        } else {
            console.log(outPath + " downloaded but NOT verified");
        }

        await tar.x({
            file: outPath,
            cwd: deployDir,
        });
    }

    try {
        await fsPromises.stat(ASAR_PATH);
        console.log(ASAR_PATH + " already present: removing");
        await fsPromises.unlink(ASAR_PATH);
    } catch (e) {
    }

    if (cfgDir.length) {
        const configJsonSource = path.join(cfgDir, 'config.json');
        const configJsonDest = path.join(expectedDeployDir, 'config.json');
        console.log(configJsonSource + ' -> ' + configJsonDest);
        await fsPromises.copyFile(configJsonSource, configJsonDest);
    } else {
        console.log("Skipping config file");
    }

    console.log("Pack " + expectedDeployDir + " -> " + ASAR_PATH);
    await asar.createPackage(expectedDeployDir, ASAR_PATH);

    if (setVersion) {
        const semVer = targetVersion.slice(1);
        console.log("Updating version to " + semVer);
        await setPackageVersion(semVer);
    }

    console.log("Done!");
}

main().then((ret) => process.exit(ret)).catch(e => process.exit(1));
Files I've added This still won't work, still a WIP 2019-12-06 19:20:31 +01:00			`#!/usr/bin/env node`

			`const process = require('process');`
			`const path = require('path');`
			`const fs = require('fs');`
			`const fsPromises = require('fs').promises;`
Lint scripts dir 2020-02-17 15:49:26 +01:00			`const childProcess = require('child_process');`
Files I've added This still won't work, still a WIP 2019-12-06 19:20:31 +01:00			`const tar = require('tar');`
Pack the webapp into an asar 2019-12-10 16:54:17 +01:00			`const asar = require('asar');`
Support fetching the latest develop build Frustratingly, this requires a buildkite API token, even though the builds & artifacts are available without auth on the buildkite website. 2020-02-21 19:17:31 +01:00			`const needle = require('needle');`
Files I've added This still won't work, still a WIP 2019-12-06 19:20:31 +01:00
			`const riotDesktopPackageJson = require('../package.json');`
Update linting plugin (#294) 2022-01-10 13:57:33 +01:00			`const { setPackageVersion } = require('./set-version.js');`
Files I've added This still won't work, still a WIP 2019-12-06 19:20:31 +01:00
Update branding of packaging artifacts This updates the names of various packaging and build artifacts to match current branding. Part of https://github.com/vector-im/element-web/issues/14896 2020-11-24 13:48:37 +01:00			`const PUB_KEY_URL = "https://packages.riot.im/element-release-key.asc";`
Replace Riot with Element in docs and comments This only covers the simple cases of references to issues and repos. More complex areas, such as deployment scripts, will be handled separately. Part of https://github.com/vector-im/element-web/issues/14864 2020-08-03 17:05:04 +02:00			`const PACKAGE_URL_PREFIX = "https://github.com/vector-im/element-web/releases/download/";`
Pack the webapp into an asar 2019-12-10 16:54:17 +01:00			`const ASAR_PATH = 'webapp.asar';`
Files I've added This still won't work, still a WIP 2019-12-06 19:20:31 +01:00
Support fetching the latest develop build Frustratingly, this requires a buildkite API token, even though the builds & artifacts are available without auth on the buildkite website. 2020-02-21 19:17:31 +01:00			`async function getLatestDevelopUrl(bkToken) {`
			`const buildsResult = await needle('get',`
Update to Element pipeline name 2020-09-09 12:08:41 +02:00			`"https://api.buildkite.com/v2/organizations/matrix-dot-org/pipelines/element-web/builds",`
Support fetching the latest develop build Frustratingly, this requires a buildkite API token, even though the builds & artifacts are available without auth on the buildkite website. 2020-02-21 19:17:31 +01:00			`{`
			`branch: 'develop',`
			`state: 'passed',`
			`per_page: 1,`
			`},`
			`{`
			`headers: {`
			`authorization: "Bearer " + bkToken,`
			`},`
			`},`
			`);`
			`const latestBuild = buildsResult.body[0];`
			`console.log("Latest build is " + latestBuild.number);`
			`let artifactUrl;`
			`for (const job of latestBuild.jobs) {`
			`// Strip any colon-form emoji from the build name`
			`if (job.name && job.name.replace(/:\w:\s/, '') === 'Package') {`
			`artifactUrl = job.artifacts_url;`
			`break;`
			`}`
			`}`
			`if (artifactUrl === undefined) {`
			`throw new Error("Couldn't find artifact URL - has the name of the package job changed?");`
			`}`

			`const artifactsResult = await needle('get', artifactUrl, {},`
			`{`
			`headers: {`
			`authorization: "Bearer " + bkToken,`
			`},`
			`},`
			`);`
			`let dlUrl;`
			`let dlFilename;`
			`for (const artifact of artifactsResult.body) {`
Update branding of packaging artifacts This updates the names of various packaging and build artifacts to match current branding. Part of https://github.com/vector-im/element-web/issues/14896 2020-11-24 13:48:37 +01:00			`if (artifact.filename && /^element-.*\.tar.gz$/.test(artifact.filename)) {`
Support fetching the latest develop build Frustratingly, this requires a buildkite API token, even though the builds & artifacts are available without auth on the buildkite website. 2020-02-21 19:17:31 +01:00			`dlUrl = artifact.download_url;`
			`dlFilename = artifact.filename;`
			`break;`
			`}`
			`}`
			`if (dlUrl === undefined) {`
			`throw new Error("Couldn't find artifact download URL - has the artifact filename changed?");`
			`}`
			`console.log("Fetching artifact URL...");`
			`const dlResult = await needle('get', dlUrl, {},`
			`{`
			`headers: {`
			`authorization: "Bearer " + bkToken,`
			`},`
			`// This URL will give us a Location header, but will also give us`
			`// a JSON object with the direct URL. We'll take the URL and pass it`
			`// back, then we can easily support specifying a URL directly.`
			`follow_max: 0,`
			`},`
			`);`
			`return [dlFilename, dlResult.body.url];`
			`}`

Files I've added This still won't work, still a WIP 2019-12-06 19:20:31 +01:00			`async function downloadToFile(url, filename) {`
			`console.log("Downloading " + url + "...");`

Support fetching the latest develop build Frustratingly, this requires a buildkite API token, even though the builds & artifacts are available without auth on the buildkite website. 2020-02-21 19:17:31 +01:00			`try {`
Use needle consistently and remove unused variable 2020-02-21 19:25:33 +01:00			`await needle('get', url, null,`
Support fetching the latest develop build Frustratingly, this requires a buildkite API token, even though the builds & artifacts are available without auth on the buildkite website. 2020-02-21 19:17:31 +01:00			`{`
			`follow_max: 5,`
			`output: filename,`
			`},`
			`);`
			`} catch (e) {`
			`try {`
			`await fsPromises.unlink(filename);`
			`} catch (_) {}`
Files I've added This still won't work, still a WIP 2019-12-06 19:20:31 +01:00			`throw e;`
Support fetching the latest develop build Frustratingly, this requires a buildkite API token, even though the builds & artifacts are available without auth on the buildkite website. 2020-02-21 19:17:31 +01:00			`}`
Files I've added This still won't work, still a WIP 2019-12-06 19:20:31 +01:00			`}`

			`async function verifyFile(filename) {`
			`return new Promise((resolve, reject) => {`
Lint scripts dir 2020-02-17 15:49:26 +01:00			`childProcess.execFile('gpg', ['--verify', filename + '.asc', filename], (error) => {`
Files I've added This still won't work, still a WIP 2019-12-06 19:20:31 +01:00			`if (error) {`
			`reject(error);`
			`} else {`
			`resolve();`
			`}`
			`});`
			`});`
			`}`

			`async function main() {`
			`let verify = true;`
			`let importkey = false;`
			`let pkgDir = 'packages';`
			`let deployDir = 'deploys';`
Support config directories 2019-12-13 12:13:44 +01:00			`let cfgDir;`
Files I've added This still won't work, still a WIP 2019-12-06 19:20:31 +01:00			`let targetVersion;`
Support fetching the latest develop build Frustratingly, this requires a buildkite API token, even though the builds & artifacts are available without auth on the buildkite website. 2020-02-21 19:17:31 +01:00			`let filename;`
			`let url;`
Revert e0631770b5a2fefb0e238147ebeaee825c8a07ef & 9ec2407957555214d6c734857f046eeae31b6060 Which were accidentally comitted to master and also completely wrong as it sets the version to the literal 'develop' which is silly. 2020-02-27 18:30:00 +01:00			`let setVersion = false;`
Files I've added This still won't work, still a WIP 2019-12-06 19:20:31 +01:00
			`while (process.argv.length > 2) {`
			`switch (process.argv[2]) {`
			`case '--noverify':`
			`verify = false;`
			`break;`
			`case '--importkey':`
			`importkey = true;`
			`break;`
			`case '--packages':`
			`process.argv.shift();`
			`pkgDir = process.argv[2];`
			`break;`
			`case '--deploys':`
			`process.argv.shift();`
			`deployDir = process.argv[2];`
			`break;`
Support config directories 2019-12-13 12:13:44 +01:00			`case '--cfgdir':`
			`case '-d':`
			`process.argv.shift();`
			`cfgDir = process.argv[2];`
			`break;`
Files I've added This still won't work, still a WIP 2019-12-06 19:20:31 +01:00			`default:`
			`targetVersion = process.argv[2];`
			`}`
			`process.argv.shift();`
			`}`

			`if (targetVersion === undefined) {`
			`targetVersion = 'v' + riotDesktopPackageJson.version;`
Update branding of packaging artifacts This updates the names of various packaging and build artifacts to match current branding. Part of https://github.com/vector-im/element-web/issues/14896 2020-11-24 13:48:37 +01:00			`filename = 'element-' + targetVersion + '.tar.gz';`
Set version in fetch script Which plays better with doing develop builds. 2020-02-26 12:56:59 +01:00			`url = PACKAGE_URL_PREFIX + targetVersion + '/' + filename;`
Support fetching the latest develop build Frustratingly, this requires a buildkite API token, even though the builds & artifacts are available without auth on the buildkite website. 2020-02-21 19:17:31 +01:00			`} else if (targetVersion === 'develop') {`
			`const buildKiteApiKey = process.env.BUILDKITE_API_KEY;`
			`if (buildKiteApiKey === undefined) {`
			`console.log("Set BUILDKITE_API_KEY to fetch latest develop version");`
			`console.log(`
			`"Sorry - Buildkite's API requires authentication to access builds, " +`
			`"even if those builds are accessible on the web with no auth.",`
			`);`
			`process.exit(1);`
			`}`
			`[filename, url] = await getLatestDevelopUrl(buildKiteApiKey);`
			`verify = false; // develop builds aren't signed`
			`} else {`
Update branding of packaging artifacts This updates the names of various packaging and build artifacts to match current branding. Part of https://github.com/vector-im/element-web/issues/14896 2020-11-24 13:48:37 +01:00			`filename = 'element-' + targetVersion + '.tar.gz';`
Support fetching the latest develop build Frustratingly, this requires a buildkite API token, even though the builds & artifacts are available without auth on the buildkite website. 2020-02-21 19:17:31 +01:00			`url = PACKAGE_URL_PREFIX + targetVersion + '/' + filename;`
Revert e0631770b5a2fefb0e238147ebeaee825c8a07ef & 9ec2407957555214d6c734857f046eeae31b6060 Which were accidentally comitted to master and also completely wrong as it sets the version to the literal 'develop' which is silly. 2020-02-27 18:30:00 +01:00			`setVersion = true;`
Files I've added This still won't work, still a WIP 2019-12-06 19:20:31 +01:00			`}`

			`const haveGpg = await new Promise((resolve) => {`
Lint scripts dir 2020-02-17 15:49:26 +01:00			`childProcess.execFile('gpg', ['--version'], (error) => {`
Files I've added This still won't work, still a WIP 2019-12-06 19:20:31 +01:00			`resolve(!error);`
			`});`
			`});`

			`if (importkey) {`
			`if (!haveGpg) {`
			`console.log("Can't import key without working GPG binary: install GPG and try again");`
			`return 1;`
			`}`

			`await new Promise((resolve) => {`
Lint scripts dir 2020-02-17 15:49:26 +01:00			`const gpgProc = childProcess.execFile('gpg', ['--import'], (error) => {`
Files I've added This still won't work, still a WIP 2019-12-06 19:20:31 +01:00			`if (error) {`
			`console.log("Failed to import key", error);`
			`} else {`
			`console.log("Key imported!");`
			`}`
			`resolve(!error);`
			`});`
Use needle consistently and remove unused variable 2020-02-21 19:25:33 +01:00			`needle.get(PUB_KEY_URL).pipe(gpgProc.stdin);`
Files I've added This still won't work, still a WIP 2019-12-06 19:20:31 +01:00			`});`
Exit after importing key 2019-12-10 15:50:57 +01:00			`return 0;`
Files I've added This still won't work, still a WIP 2019-12-06 19:20:31 +01:00			`}`
Support config directories 2019-12-13 12:13:44 +01:00
			`if (cfgDir === undefined) {`
			`console.log("No config directory set");`
			`console.log("Specify a config directory with --cfgdir or -d");`
			`console.log("To build with no config (and no auto-update), pass the empty string (-d '')");`
			`return 1;`
			`}`
Lint scripts dir 2020-02-17 15:49:26 +01:00
Files I've added This still won't work, still a WIP 2019-12-06 19:20:31 +01:00			`if (verify && !haveGpg) {`
			`console.log("No working GPG binary: install GPG or pass --noverify to skip verification");`
			`return 1;`
			`}`

Lint scripts dir 2020-02-17 15:49:26 +01:00			`let haveDeploy = false;`
Support fetching the latest develop build Frustratingly, this requires a buildkite API token, even though the builds & artifacts are available without auth on the buildkite website. 2020-02-21 19:17:31 +01:00			`const expectedDeployDir = path.join(deployDir, path.basename(filename).replace(/\.tar\.gz/, ''));`
Files I've added This still won't work, still a WIP 2019-12-06 19:20:31 +01:00			`try {`
Lint scripts dir 2020-02-17 15:49:26 +01:00			`await fs.opendir(expectedDeployDir);`
Files I've added This still won't work, still a WIP 2019-12-06 19:20:31 +01:00			`console.log(expectedDeployDir + "already exists");`
			`haveDeploy = true;`
			`} catch (e) {`
			`}`

			`if (!haveDeploy) {`
			`const outPath = path.join(pkgDir, filename);`
			`try {`
			`await fsPromises.stat(outPath);`
			`console.log("Already have " + filename + ": not redownloading");`
			`} catch (e) {`
			`try {`
			`await downloadToFile(url, outPath);`
			`} catch (e) {`
			`console.log("Failed to download " + url, e);`
			`return 1;`
			`}`
			`}`

			`if (verify) {`
			`try {`
			`await fsPromises.stat(outPath+'.asc');`
			`console.log("Already have " + filename + ".asc: not redownloading");`
			`} catch (e) {`
			`try {`
			`await downloadToFile(url + '.asc', outPath + '.asc');`
			`} catch (e) {`
			`console.log("Failed to download " + url, e);`
			`return 1;`
			`}`
			`}`

			`try {`
			`await verifyFile(outPath);`
			`console.log(outPath + " downloaded and verified");`
			`} catch (e) {`
			`console.log("Signature verification failed!", e);`
			`return 1;`
			`}`
			`} else {`
			`console.log(outPath + " downloaded but NOT verified");`
			`}`

			`await tar.x({`
			`file: outPath,`
			`cwd: deployDir,`
			`});`
			`}`

Pack the webapp into an asar 2019-12-10 16:54:17 +01:00			`try {`
			`await fsPromises.stat(ASAR_PATH);`
			`console.log(ASAR_PATH + " already present: removing");`
			`await fsPromises.unlink(ASAR_PATH);`
			`} catch (e) {`
			`}`

Support config directories 2019-12-13 12:13:44 +01:00			`if (cfgDir.length) {`
			`const configJsonSource = path.join(cfgDir, 'config.json');`
			`const configJsonDest = path.join(expectedDeployDir, 'config.json');`
			`console.log(configJsonSource + ' -> ' + configJsonDest);`
			`await fsPromises.copyFile(configJsonSource, configJsonDest);`
			`} else {`
			`console.log("Skipping config file");`
			`}`

Pack the webapp into an asar 2019-12-10 16:54:17 +01:00			`console.log("Pack " + expectedDeployDir + " -> " + ASAR_PATH);`
			`await asar.createPackage(expectedDeployDir, ASAR_PATH);`
Set version in fetch script Which plays better with doing develop builds. 2020-02-26 12:56:59 +01:00
Revert e0631770b5a2fefb0e238147ebeaee825c8a07ef & 9ec2407957555214d6c734857f046eeae31b6060 Which were accidentally comitted to master and also completely wrong as it sets the version to the literal 'develop' which is silly. 2020-02-27 18:30:00 +01:00			`if (setVersion) {`
Set version in fetch script Which plays better with doing develop builds. 2020-02-26 12:56:59 +01:00			`const semVer = targetVersion.slice(1);`
Revert e0631770b5a2fefb0e238147ebeaee825c8a07ef & 9ec2407957555214d6c734857f046eeae31b6060 Which were accidentally comitted to master and also completely wrong as it sets the version to the literal 'develop' which is silly. 2020-02-27 18:30:00 +01:00			`console.log("Updating version to " + semVer);`
Set version in fetch script Which plays better with doing develop builds. 2020-02-26 12:56:59 +01:00			`await setPackageVersion(semVer);`
			`}`

Pack the webapp into an asar 2019-12-10 16:54:17 +01:00			`console.log("Done!");`
Files I've added This still won't work, still a WIP 2019-12-06 19:20:31 +01:00			`}`

Catch exceptions from main method in fetch script 2020-07-23 12:14:26 +02:00			`main().then((ret) => process.exit(ret)).catch(e => process.exit(1));`