-
Notifications
You must be signed in to change notification settings - Fork 678
128 lines (113 loc) · 4.85 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
name: Build geoip files
on:
workflow_dispatch:
schedule:
- cron: "0 0 * * 4"
push:
branches:
- master
paths-ignore:
- ".gitignore"
- "config-example.json"
- "LICENSE"
- "README.md"
- ".github/dependabot.yml"
jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- name: Checkout codebase
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version-file: ./go.mod
- name: Set variables
run: |
echo "TAG_NAME=$(date +%Y%m%d%H%M)" >> $GITHUB_ENV
echo "RELEASE_NAME=$(date +%Y%m%d%H%M)" >> $GITHUB_ENV
shell: bash
- name: Fetch lists from ripe.net
run: |
chmod +x asn.sh
./asn.sh
- name: Append more CIDRs
run: |
curl -sSL https://www.gstatic.com/ipranges/goog.json | jq --raw-output '.prefixes[].ipv4Prefix,.prefixes[].ipv6Prefix | select(. != null)' >> data/google
curl -sSL https://www.gstatic.com/ipranges/cloud.json | jq --raw-output '.prefixes[].ipv4Prefix,.prefixes[].ipv6Prefix | select(. != null)' >> data/google
curl -sSL https://api.fastly.com/public-ip-list | jq --raw-output '.addresses[],.ipv6_addresses[]' >> data/fastly
curl -sSL https://ip-ranges.amazonaws.com/ip-ranges.json | jq --raw-output '.prefixes[],.ipv6_prefixes[] | select(.service == "CLOUDFRONT") | .ip_prefix,.ipv6_prefix' | grep "/" >> data/cloudfront
- name: Get GeoLite2
env:
LICENSE_KEY: ${{ secrets.MAXMIND_GEOLITE2_LICENSE }}
run: |
curl -L "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country-CSV&license_key=${LICENSE_KEY}&suffix=zip" -o GeoLite2-Country-CSV.zip
unzip GeoLite2-Country-CSV.zip
rm -f GeoLite2-Country-CSV.zip
mv GeoLite2* geolite2
- name: Build geoip files
run: |
go build ./
./geoip convert -c ./config.json
- name: Verify mmdb files
run: |
cd ./output/maxmind || exit 1
go install -v github.com/maxmind/mmdbverify@latest
for name in $(ls *.mmdb); do
$(go env GOPATH)/bin/mmdbverify -file ${name}
done
- name: Generate sha256 checksum for dat files
run: |
cd ./output/dat || exit 1
for name in $(ls *.dat); do
sha256sum ${name} > ./${name}.sha256sum
done
- name: Generate sha256 checksum for mmdb files
run: |
cd ./output/maxmind || exit 1
for name in $(ls *.mmdb); do
sha256sum ${name} > ./${name}.sha256sum
done
- name: Download GeoLite2
env:
LICENSE_KEY: ${{ secrets.MAXMIND_GEOLITE2_LICENSE }}
run: |
curl -L "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-ASN&license_key=${LICENSE_KEY}&suffix=tar.gz" -o GeoLite2-ASN.tar.gz
curl -L "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-ASN-CSV&license_key=${LICENSE_KEY}&suffix=zip" -o GeoLite2-ASN-CSV.zip
curl -L "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country&license_key=${LICENSE_KEY}&suffix=tar.gz" -o GeoLite2-Country.tar.gz
curl -L "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country-CSV&license_key=${LICENSE_KEY}&suffix=zip" -o GeoLite2-Country-CSV.zip
- name: Move files to publish directory
run: |
mkdir -p publish
mv ./output/dat/*.dat ./output/dat/*.sha256sum ./output/maxmind/*.mmdb ./output/maxmind/*.sha256sum *.gz *.zip ./publish/
cp -fpPR ./output/text ./publish
cp -fpPR ./output/srs ./publish
- name: Git push assets to "release" branch
run: |
cd publish || exit 1
git init
git config --local user.name "github-actions[bot]"
git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"
git checkout -b release
git add -A
git commit -m "${{ env.RELEASE_NAME }}"
git remote add geoip "https://${{ github.actor }}:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}"
git push -f -u geoip release
- name: Purge jsdelivr CDN
run: |
cd publish || exit 1
for file in $(ls); do
curl -i "https://purge.jsdelivr.net/gh/${{ github.repository }}@release/${file}"
done
- name: Remove some files to avoid publishing to GitHub release
run: rm -rf ./publish/*.{gz,zip} ./publish/text ./publish/srs
- name: Upload files to GitHub release
uses: svenstaro/upload-release-action@v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file_glob: true
file: ./publish/*
tag: ${{ env.TAG_NAME }}