Xray-core/.github/workflows/scheduled-assets-update.yml at main · NodePassProject/Xray-core · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
name: Scheduled assets update

# NOTE: This Github Actions is required by other actions, for preparing other packaging assets in a
#       routine manner, for example: GeoIP/GeoSite.
#       Currently updating:
#       - Geodat (GeoIP/Geosite)
#       - Wintun (wintun.dll)

on:
  workflow_dispatch:
  schedule:
    # Update GeoData on every day (22:30 UTC)
    - cron: "30 22 * * *"
  push:
    # Prevent triggering update request storm
    paths:
      - ".github/workflows/scheduled-assets-update.yml"
  pull_request:
    # Prevent triggering update request storm
    paths:
      - ".github/workflows/scheduled-assets-update.yml"

jobs:
  geodat:
    if: github.event.schedule == '30 22 * * *' || github.event_name == 'push' || github.event_name == 'pull_request' || github.event_name == 'workflow_dispatch'
    runs-on: ubuntu-latest
    steps:
      - name: Restore Geodat Cache
        uses: actions/cache/restore@v5
        with:
          path: resources
          key: xray-geodat-

      - name: Update Geodat
        id: update
        uses: nick-fields/retry@v4
        with:
          timeout_minutes: 60
          retry_wait_seconds: 60
          max_attempts: 60
          command: |
            [ -d 'resources' ] || mkdir resources
            LIST=('Loyalsoldier v2ray-rules-dat geoip geoip' 'Loyalsoldier v2ray-rules-dat geosite geosite')
            for i in "${LIST[@]}"
            do
              INFO=($(echo $i | awk 'BEGIN{FS=" ";OFS=" "} {print $1,$2,$3,$4}'))
              FILE_NAME="${INFO[3]}.dat"
              echo -e "Verifying HASH key..."
              HASH="$(curl -sL -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" "https://raw.githubusercontent.com/${INFO[0]}/${INFO[1]}/release/${INFO[2]}.dat.sha256sum" | awk -F ' ' '{print $1}')"
              if [ -s "./resources/${FILE_NAME}" ] && [ "$(sha256sum "./resources/${FILE_NAME}" | awk -F ' ' '{print $1}')" == "${HASH}" ]; then
                  continue
              else
                  echo -e "Downloading https://raw.githubusercontent.com/${INFO[0]}/${INFO[1]}/release/${INFO[2]}.dat..."
                  curl -L -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" "https://raw.githubusercontent.com/${INFO[0]}/${INFO[1]}/release/${INFO[2]}.dat" -o ./resources/${FILE_NAME}
                  echo -e "Verifying HASH key..."
                  [ "$(sha256sum "./resources/${FILE_NAME}" | awk -F ' ' '{print $1}')" == "${HASH}" ] || { echo -e "The HASH key of ${FILE_NAME} does not match cloud one."; exit 1; }
                  echo "unhit=true" >> $GITHUB_OUTPUT
              fi
            done

      - name: Save Geodat Cache
        uses: actions/cache/save@v5
        if: ${{ steps.update.outputs.unhit }}
        with:
          path: resources
          key: xray-geodat-${{ github.sha }}-${{ github.run_number }}

  wintun:
    if: github.event.schedule == '30 22 * * *' || github.event_name == 'push' || github.event_name == 'pull_request' || github.event_name == 'workflow_dispatch'
    runs-on: ubuntu-latest
    steps:
      - name: Restore Wintun Cache
        uses: actions/cache/restore@v5
        with:
          path: resources
          key: xray-wintun-

      - name: Force downloading if run manually or on file update
        if: github.event_name == 'workflow_dispatch' || github.event_name == 'push'
        run: |
          echo "FORCE_UPDATE=true" >> $GITHUB_ENV

      - name: Update Wintun
        id: update
        uses: nick-fields/retry@v4
        with:
          timeout_minutes: 60
          retry_wait_seconds: 60
          max_attempts: 60
          command: |
            [ -d 'resources' ] || mkdir resources
            LIST=('amd64' 'x86' 'arm64')
            for ARCHITECTURE in "${LIST[@]}"
            do
              FILE_PATH="resources/wintun/bin/${ARCHITECTURE}/wintun.dll"
              echo -e "Checking if wintun.dll for ${ARCHITECTURE} exists..."
              if [ -s "./resources/wintun/bin/${ARCHITECTURE}/wintun.dll" ]; then
                  echo -e "wintun.dll for ${ARCHITECTURE} exists"
                  continue
              else
                  echo -e "wintun.dll for ${ARCHITECTURE} is missing"
                  missing=true
              fi
            done
            if [ -s "./resources/wintun/LICENSE.txt" ]; then
              echo -e "LICENSE for Wintun exists"
            else
              echo -e "LICENSE for Wintun is missing"
              missing=true
            fi
            if [[ -v FORCE_UPDATE ]]; then
              missing=true
            fi
            if [[ "$missing" == true ]]; then
              FILENAME=wintun.zip
              DOWNLOAD_FILE=wintun-0.14.1.zip
              echo -e "Downloading https://www.wintun.net/builds/${DOWNLOAD_FILE}..."
              curl -L "https://www.wintun.net/builds/${DOWNLOAD_FILE}" -o "${FILENAME}"
              echo -e "Unpacking wintun..."
              unzip -u ${FILENAME} -d resources/
              echo "unhit=true" >> $GITHUB_OUTPUT
            fi

      - name: Save Wintun Cache
        uses: actions/cache/save@v5
        if: ${{ steps.update.outputs.unhit }}
        with:
          path: resources
          key: xray-wintun-${{ github.sha }}-${{ github.run_number }}