Repository: replay-software/bump Branch: master Commit: 4f47082f4731 Files: 11 Total size: 13.9 KB Directory structure: gitextract_sq269kt3/ ├── .bump/ │ ├── .state/ │ │ └── latestRelease │ ├── .terraform.lock.hcl │ ├── bin/ │ │ ├── bump │ │ └── nuke │ └── main.tf ├── .github/ │ └── workflows/ │ └── main.yml ├── .gitignore ├── License ├── config.yml ├── readme.md └── release/ └── latest.md ================================================ FILE CONTENTS ================================================ ================================================ FILE: .bump/.state/latestRelease ================================================ ================================================ FILE: .bump/.terraform.lock.hcl ================================================ # This file is maintained automatically by "terraform init". # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/aws" { version = "3.30.0" constraints = "3.30.0" hashes = [ "h1:z9kdXY2A/+dIZrPy9hNlg/B5I/AuETQsp0jz9EgprIQ=", "zh:01f562a6a31fe46a8ca74804f360e3452b26f71abc549ce1f0ab5a8af2484cdf", "zh:25bacc5ed725051f0ab1f7d575e45c901e5b8e1d50da4156a31dda92b2b7e481", "zh:349b79979d9169db614d8ebd1bc2e0caeb7a38dc816e261b8b2b4b5204615519", "zh:5e41446acc54c6fc15e82c3fa14b72174b30eba81e0711ede297e5620c55a628", "zh:68ad98f6d612bdc35a65d48950abc8e75c69decb49db28258ce8eeb5458586b7", "zh:704603d65e8bac17d203b57c2db142c3134a91076e1b4a31c40f75eb3257dde8", "zh:a362c700032b2db047d16007d52f28b3f216d32671b6b355d23bdaa082c66a4b", "zh:bd197797b41268de3c93cad02b7c655dc0c4d8661abb37544ca049e6b1eccae6", "zh:deb12ef0e3396a71d485977ddc14b695775f7937097ebf2b2f53ed348a4365e7", "zh:ec8a7d0f02738f290107d39bf401d68ddce82a95cd9d998003f7e04b3a196411", "zh:ffcc43b6c5e7f26c55e2a8c539d7370fca8042722400a3e06bdce4240bd7088a", ] } ================================================ FILE: .bump/bin/nuke ================================================ #!/bin/bash # This script nukes the history of any use of Bump # Use wisely! rm -rf ./.bump/terraform.tfstate rm -rf ./.bump/terraform.tfstate.backup rm -rf ./release/changelog.xml rm -rf ./.bump/.state/latestRelease rm -rf ./release/AppExample.zip touch ./.bump/.state/latestRelease cat < ./release/latest.md --- version: "1.0" --- Hello World EOF cat < config.yml app_name: AppExample app_filename: AppExample.zip # Should match exactly the .zip file found in ./release/ s3_bucket_name: app-example-distribution # Must be unique # More variables need to be added to your environment. See the readme EOF ================================================ FILE: .bump/main.tf ================================================ terraform { required_providers { aws = { source = "hashicorp/aws" version = "3.30.0" } } } # Don't put credentials here, instead export them as # AWS_ACCESS_KEY and AWS_SECRET_KEY provider "aws" { region = "us-east-1" } locals { changelog_filename = "changelog.xml" changelog_api_filename = "changelog.json" s3_bucket_name = yamldecode(file("../config.yml"))["s3_bucket_name"] app_filename = yamldecode(file("../config.yml"))["app_filename"] app_version = yamldecode(file(".state/latestRelease"))["version"] } # Start creating resources # To deprovision resources in the future, remove everything below this commment and run `terraform apply` resource "aws_s3_bucket" "bucket" { bucket = local.s3_bucket_name acl = "private" cors_rule { allowed_headers = ["*"] allowed_methods = ["GET"] allowed_origins = ["*"] expose_headers = ["ETag"] max_age_seconds = 3000 } } resource "aws_s3_bucket_object" "changelog" { bucket = local.s3_bucket_name key = local.changelog_filename source = "../release/${local.changelog_filename}" etag = filemd5("../release/${local.changelog_filename}") acl = "public-read" content_type = "application/xml" depends_on = [ aws_s3_bucket.bucket, ] } resource "aws_s3_bucket_object" "changelog_api" { bucket = local.s3_bucket_name key = local.changelog_api_filename source = "../release/${local.changelog_api_filename}" etag = filemd5("../release/${local.changelog_api_filename}") acl = "public-read" content_type = "application/json" depends_on = [ aws_s3_bucket.bucket, ] } resource "aws_s3_bucket_object" "versioned_zip" { bucket = local.s3_bucket_name key = "${replace(local.app_version, ".", "-")}/${local.app_filename}" source = "../release/${local.app_filename}" etag = filemd5("../release/${local.app_filename}") acl = "public-read" content_type = "application/octet-stream" depends_on = [ aws_s3_bucket.bucket, ] } resource "aws_s3_bucket_object" "latest_zip" { bucket = local.s3_bucket_name key = "latest/${local.app_filename}" source = "../release/${local.app_filename}" etag = filemd5("../release/${local.app_filename}") acl = "public-read" content_type = "application/octet-stream" depends_on = [ aws_s3_bucket.bucket, ] } output "changelog_public_url" { description = "The URL for the changelog.xml file" value = "https://${aws_s3_bucket.bucket.bucket_domain_name}/${local.changelog_filename}" } ================================================ FILE: .github/workflows/main.yml ================================================ name: Create Release on: push: paths: - 'release/latest.md' workflow_dispatch: jobs: build: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - name: Create changelog env: SPARKLE_PRIVATE_KEY: ${{ secrets.SPARKLE_PRIVATE_KEY }} run: ./.bump/bin/bump - name: Commit changes uses: EndBug/add-and-commit@v7 with: message: 'Create release changelog' add: '*.xml' - uses: hashicorp/setup-terraform@v1 if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/main' - name: Setup Terraform run: terraform init working-directory: ./.bump/ if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/main' - name: Apply Terraform plan run: terraform apply -auto-approve working-directory: ./.bump/ if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/main' env: AWS_ACCESS_KEY: ${{ secrets.AWS_ACCESS_KEY }} AWS_SECRET_KEY: ${{ secrets.AWS_SECRET_KEY }} - name: Remove versioned zip from Terraform state run: terraform state rm aws_s3_bucket_object.versioned_zip working-directory: ./.bump/ if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/main' - name: Commit Terraform state uses: EndBug/add-and-commit@v7 if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/main' with: message: 'Create Terraform state' add: '*.tfstate' ================================================ FILE: .gitignore ================================================ .bump/.terraform ================================================ FILE: License ================================================ MIT License Copyright (c) 2021 Alasdair Monk Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ================================================ FILE: config.yml ================================================ app_name: AppExample app_filename: AppExample.zip # Should match exactly the .zip file found in ./release/ s3_bucket_name: app-example-distribution # Must be unique # More variables need to be added to your environment. See the readme ================================================ FILE: readme.md ================================================ ![](.bump/assets/artwork.png) Bump is an automated pipeline for releasing apps with [Sparkle](https://sparkle-project.org) **Features:** * 🚀 Get an end-to-end Sparkle release pipeline running in 60 seconds * ✍️ Create & maintain a Sparkle changelog from a single markdown file * 🔐 Automatic Sparkle certificate and signature handling * 📦 Automatic release versioning in your changelog and on S3 * 🔑 Bring your own AWS account * 🚐 Can be [self-hosted](#running-locally--self-hosted) Ready to try it? [Get started](#getting-started). Please note; * **Bump has not been tested with the Sparkle 2 Beta**. In theory it should be perfectly compatible but it has only been tested with Sparkle 1.x * You'll need an **AWS access key and secret key** to use Bump as it automatically manages an S3 bucket for your Sparkle changelog file and app archives * Bump has only been tested with macOS Sparkle releases, not Sparkle-compatible distributions available for other platforms * Bump doesn't support Delta updates with Sparkle (yet!) --- ## Contents - [Contents](#contents) - [Getting started](#getting-started) - [1. Create a new repo using this template](#1-create-a-new-repo-using-this-template) - [2. Update variables](#2-update-variables) - [3. Create secrets](#3-create-secrets) - [4. Creating a release](#4-creating-a--release) - [Appendix](#appendix) - [S3 Information](#s3-information) - [App archive support](#app-archive-support) - [Release frontmatter](#release-frontmatter) - [Running locally / self-hosted](#running-locally--self-hosted) - [API Support](#api-support) - [Updating from a previous version of Bump](#updating-from-a-previous-version-of-bump) ## Getting started ### 1. Create a new repo using this template [Create a new repo using this template](https://github.com/replay-software/bump/generate). This will copy the entire directory structure into your own GitHub account. ### 2. Update variables Edit `config.yml` and replace the default values; ```yaml app_name: AppExample app_filename: AppExample.zip s3_bucket_name: app-example-distribution ``` ### 3. Create secrets In the Settings of your repo, create the following secrets; | Secret name | Required? | Description | |-----------------------|-----------|--------------------------------------------------------------------------------------------------------------------------------| | `AWS_ACCESS_KEY` | ☑️ | An AWS access key that has permissions to create an S3 bucket | | `AWS_SECRET_KEY` | ☑️ | An AWS secret key | | `SPARKLE_PRIVATE_KEY` | | A Sparkle private key. You can find this in your macOS keychain. You can omit this but it is encouraged to sign your releases. | ### 4. Creating a release 1. Place your notarised, zipped app in the `./release/` folder. The name of the zip should match the `app_filename` you have set in `config.yml`. Ensure you **delete any other `.zip`** that exists in this directory. 2. Edit `./release/latest.md` to reflect this new release. You will want to change the version number and probably add a description. [View the list](#release-frontmatter) of Sparkle attributes you can set in this file 3. Create a pull request into the `main` or `master` branch (Bump supports both) of your repository. **Upon opening a pull request**, Bump will create and commit a new `changelog.xml` into your branch *not release anything publicly*. **Upon merging to `main`/`master`**, Bump will push your new `changelog.xml` and app release to your S3 bucket, making it publicly available to your customers. Find the link to your publicly hosted `changelog.xml` from Actions → Latest run → Build and expand the "Apply Terraform plan" panel to see the output. It will be in the format `https://{{bucketName}}.s3.amazonaws.com/changelog.xml` --- ## Appendix ### S3 Information By default, Bump will use aws region `us-east-1`. You can override this by changing the Terraform plan at `.bump/main.tf`. ### App archive support Bump supports serving the following app archive types; * `.zip` * `.dmg` * `.tar.gz` ### Release frontmatter The following keys can be used in the `./release/lastest.md` frontmatter; | Key Name | Required? | Type | Example | Description | |------------------------|-----------|--------|----------------------|------------------------------------------------------------------------------------------------------------------------------------------------| | `version` | ☑️ | string | `"1.2.0"` or `"100"` | The version of your app | | `marketingVersion` | | string | `"1.0"` | Can be used in addition to `version`. **Note:** setting this property means you should use `version` value for the build number (e.g. `"100"`). [Read the Sparkle documentation](https://sparkle-project.org/documentation/publishing/#publishing-an-update) on `shortVersionString` for more info | | `minimumSystemVersion` | | string | `"10.5"` | The lowest version of macOS that this release supports | ### Running locally / self-hosted Bump has been crafted to work with GitHub Actions but can also be run locally. Some things to note; * Expose the [required secrets](#3-create-secrets) as environment variables * [Bump Core](https://github.com/replay-software/bump-core), the binary distributed as part of Bump which is responsible for generating `changelog.xml`, is contained in a seperate repo * Run the [Bump Core CLI](https://github.com/replay-software/bump-core) from the root of the project (e.g. `./.bump/bin/bump`). * You can use [Act](https://github.com/nektos/act) to emulate GitHub Actions on any platform ### API Support Bump generates a JSON version of the changelog so that you can easily consume the changelog in a web app. To use it, find your changelog URL and replace the extension with `.json` e.g. `https://your-bucket-url.s3.amazonaws.com/changelog.xml` → `https://your-bucket-url.s3.amazonaws.com/changelog.json` **Note:** the default setting for CORS access is to allow all origins. To change this edit the `cors` stanza in the Terraform script at `./bump/main.tf` ### Updating from a previous version of Bump Updating Bump is easy. Simply copy the `.bump` folder from this repository to your own. ================================================ FILE: release/latest.md ================================================ --- version: "1.0" --- Hello World