diff --git a/.github/workflows/update-geolite-database.yml b/.github/workflows/update-geolite-database.yml new file mode 100644 index 000000000000..8b94adac2dfb --- /dev/null +++ b/.github/workflows/update-geolite-database.yml @@ -0,0 +1,97 @@ +name: Update GeoLite Database + +on: + workflow_dispatch: + inputs: + branch: + description: 'Target branch against which to create PR' + required: false + default: 'master' + +env: + MAXMIND_URL: 'https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country&license_key=${{ secrets.MAXMIND_LICENSE_KEY }}&suffix=tar.gz' + MAXMIND_SHA256_URL: 'https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country&license_key=${{ secrets.MAXMIND_LICENSE_KEY }}&suffix=tar.gz.sha256' + TAR_FILE_NAME: 'GeoLite2-Country.tar.gz' + TAR_SHA256_FILE_NAME: 'GeoLite2-Country.tar.gz.sha256' + TAR_UNZIPPED_ROOT_PATTERN: 'GeoLite2-Country_*' + DB_FILE: 'GeoLite2-Country.mmdb' + DB_DESTINATION_PATH: 'common/static/data/geoip' + +jobs: + download-and-replace: + runs-on: ubuntu-latest + steps: + - name: Checkout Repository + uses: actions/checkout@v4 + + - name: Download GeoLite tar file + run: | + wget -O '${{ env.TAR_FILE_NAME }}' '${{ env.MAXMIND_URL }}'\ + + - name: Download GeoLite sha256 file + run: | + wget -O '${{ env.TAR_SHA256_FILE_NAME }}' '${{ env.MAXMIND_SHA256_URL }}'\ + + - name: Check SHA256 hash + run: | + sha256sum '${{ env.TAR_FILE_NAME }}' | grep $(cat '${{ env.TAR_SHA256_FILE_NAME }}' | cut -d' ' -f1) + + - name: Extract tar file + run: | + tar xvf '${{ env.TAR_FILE_NAME }}' + + - name: Copy DB file to destination path + run: | + find . -type d -name '${{ env.TAR_UNZIPPED_ROOT_PATTERN }}' -exec cp {}/'${{ env.DB_FILE }}' '${{ env.DB_DESTINATION_PATH }}'/ \; + + - name: Delete un-required content + run: | + rm '${{ env.TAR_FILE_NAME }}' + rm '${{ env.TAR_SHA256_FILE_NAME }}' + find . -type d -name '${{ env.TAR_UNZIPPED_ROOT_PATTERN }}' -exec rm -r {} \; || true + + - name: PR preflight + run: | + if git diff --exit-code; then + echo 'Summary: No updates/changes detected. Terminating the run and no pull request is going to be created.' | tee -a '$GITHUB_STEP_SUMMARY' + exit 1 + else + echo 'Updates/changes detected, going to create PR.' + fi + + - name: Setup git + run: | + git config --global user.email '${{ github.actor }}@users.noreply.github.com' + git config --global user.name '${{ github.actor }}' + + - name: Create a branch, commit the code and make a PR + id: create-pr + run: | + BRANCH="${{ github.actor }}/geoip2-bot-update-country-database-$(echo "${{ github.sha }}" | cut -c 1-7)" + git checkout -b $BRANCH + git add . + git status + git commit -m "chore: geoip2: update maxmind geolite country database" + git push --set-upstream origin $BRANCH + PR_URL=$(gh pr create \ + --title "Update GeoLite Database" \ + --body "PR generated by workflow `${{ github.workflow }}` on behalf of @${{ github.actor }}." \ + --head $BRANCH \ + --base 'master' \ + --assignee 'arbi-bom' \ + --reviewer 'arbi-bom' \ + | grep -o 'https://github.com/.*/pull/[0-9]*') + echo "PR Created: ${PR_URL}" + echo "pull-request-url=$PR_URL" >> $GITHUB_OUTPUT + env: + GH_TOKEN: ${{ github.token }} + + - name: Job summary + run: | + PR_URL=${{ steps.create-pr.outputs.pull-request-url }} + if [[ -z '$PR_URL' ]]; then + echo 'Error: PR creation unsuccessful; refer to the log for further details.' | tee -a "${GITHUB_STEP_SUMMARY}" + exit 1 + else + echo "PR: ${PR_URL}" | tee -a "${GITHUB_STEP_SUMMARY}" + fi