Update CLIProxyAPI #129
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Update CLIProxyAPI | |
| on: | |
| schedule: | |
| - cron: '0 */12 * * *' | |
| workflow_dispatch: | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| concurrency: | |
| group: update-cliproxyapi | |
| cancel-in-progress: true | |
| jobs: | |
| update: | |
| name: Check & bump CLIProxyAPI | |
| runs-on: ubuntu-latest | |
| env: | |
| GH_TOKEN: ${{ secrets.AUTO_UPDATE_TOKEN }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| token: ${{ secrets.AUTO_UPDATE_TOKEN }} | |
| - name: Get latest upstream release | |
| id: upstream | |
| run: | | |
| set -euo pipefail | |
| RELEASE_JSON=$(curl -sf https://api.github.com/repos/router-for-me/CLIProxyAPI/releases/latest) | |
| TAG=$(echo "$RELEASE_JSON" | jq -r '.tag_name') | |
| VERSION="${TAG#v}" | |
| if [ -z "$VERSION" ] || [ "$VERSION" = "null" ]; then | |
| echo "::error::Failed to fetch latest CLIProxyAPI release" | |
| exit 1 | |
| fi | |
| echo "version=$VERSION" >> "$GITHUB_OUTPUT" | |
| echo "tag=$TAG" >> "$GITHUB_OUTPUT" | |
| echo "Latest upstream: $VERSION" | |
| - name: Check if already up to date | |
| id: check | |
| run: | | |
| set -euo pipefail | |
| UPSTREAM="${{ steps.upstream.outputs.version }}" | |
| # Check if a PR already exists for this version | |
| EXISTING=$(gh pr list --state open --json headRefName --jq ".[].headRefName" | grep "bump-cliproxyapi-${UPSTREAM}" || true) | |
| if [ -n "$EXISTING" ]; then | |
| echo "PR already exists for v${UPSTREAM}, skipping." | |
| echo "skip=true" >> "$GITHUB_OUTPUT" | |
| exit 0 | |
| fi | |
| # Check if this version is already bundled (look at recent commit messages) | |
| if git log --oneline -20 | grep -qF "CLIProxyAPI to ${UPSTREAM}"; then | |
| echo "v${UPSTREAM} already bundled, skipping." | |
| echo "skip=true" >> "$GITHUB_OUTPUT" | |
| exit 0 | |
| fi | |
| echo "skip=false" >> "$GITHUB_OUTPUT" | |
| - name: Close superseded bump PRs | |
| if: steps.check.outputs.skip == 'false' | |
| run: | | |
| set -e | |
| OLD_PRS=$(gh pr list --state open --json number,headRefName \ | |
| --jq '.[] | select(.headRefName | startswith("bump-cliproxyapi-")) | .number' || true) | |
| for PR in $OLD_PRS; do | |
| echo "Closing superseded PR #$PR" | |
| gh pr close "$PR" --comment "Superseded by newer version bump." --delete-branch || true | |
| done | |
| - name: Download CLIProxyAPI | |
| if: steps.check.outputs.skip == 'false' | |
| env: | |
| # Pass upstream-derived values through env (not direct ${{ }} expansion) | |
| # so a crafted release tag can't inject shell into the run script. | |
| VERSION: ${{ steps.upstream.outputs.version }} | |
| TAG: ${{ steps.upstream.outputs.tag }} | |
| run: | | |
| set -euo pipefail | |
| FILENAME="CLIProxyAPI_${VERSION}_darwin_aarch64.tar.gz" | |
| URL="https://github.com/router-for-me/CLIProxyAPI/releases/download/${TAG}/${FILENAME}" | |
| TEMP_DIR=$(mktemp -d) | |
| trap 'rm -rf "$TEMP_DIR"' EXIT | |
| echo "Downloading: $URL" | |
| curl -L -f --retry 3 --retry-delay 5 -o "$TEMP_DIR/archive.tar.gz" "$URL" | |
| tar -tzf "$TEMP_DIR/archive.tar.gz" > /dev/null | |
| tar -xzf "$TEMP_DIR/archive.tar.gz" -C "$TEMP_DIR" | |
| BINARY=$(find "$TEMP_DIR" -maxdepth 1 -type f -name "cli-proxy-api" | head -n 1) | |
| if [ -z "$BINARY" ]; then | |
| BINARY=$(find "$TEMP_DIR" -maxdepth 1 -type f ! -name "*.tar.gz" ! -name "*.md" ! -name "*.txt" ! -name "*.yaml" ! -name "*.yml" ! -name "*.json" ! -name "LICENSE*" ! -name "README*" | head -n 1) | |
| fi | |
| if [ -z "$BINARY" ]; then | |
| echo "::error::Could not find binary in tarball" | |
| ls -la "$TEMP_DIR" | |
| exit 1 | |
| fi | |
| mkdir -p src/Sources/Resources | |
| # Drop the legacy "-plus" binary if it's still present from the old upstream. | |
| rm -f src/Sources/Resources/cli-proxy-api-plus | |
| cp "$BINARY" src/Sources/Resources/cli-proxy-api | |
| chmod +x src/Sources/Resources/cli-proxy-api | |
| FILE_SIZE=$(stat -c%s src/Sources/Resources/cli-proxy-api 2>/dev/null || stat -f%z src/Sources/Resources/cli-proxy-api) | |
| if [ "$FILE_SIZE" -lt 1048576 ]; then | |
| echo "::error::Binary too small (${FILE_SIZE} bytes)" | |
| exit 1 | |
| fi | |
| echo "Binary installed (${FILE_SIZE} bytes)" | |
| - name: Create pull request | |
| if: steps.check.outputs.skip == 'false' | |
| uses: peter-evans/create-pull-request@v6 | |
| with: | |
| token: ${{ secrets.AUTO_UPDATE_TOKEN }} | |
| commit-message: 'chore(deps): bump CLIProxyAPI to ${{ steps.upstream.outputs.version }}' | |
| title: 'chore(deps): bump CLIProxyAPI to ${{ steps.upstream.outputs.version }}' | |
| body: | | |
| Updates bundled CLIProxyAPI to [${{ steps.upstream.outputs.version }}](https://github.com/router-for-me/CLIProxyAPI/releases/tag/${{ steps.upstream.outputs.tag }}). | |
| Merging this PR to `main` will automatically trigger a new release build. | |
| _Auto-generated by the Update CLIProxyAPI workflow._ | |
| branch: bump-cliproxyapi-${{ steps.upstream.outputs.version }} | |
| delete-branch: true |