gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ecf0ccb9fb
secubox-openwrt/.gitea/workflows/secubox-feed.yml
CyberMind-FR b64f9a0a1d feat(appstore): Implement KISS Evolution - feeds, profiles, skills, feedback 
Add four major features to enhance SecuBox AppStore:

1. Feed Source Management:
   - Feed types: published, unpublished, development
   - Share tokens for private feed access
   - CLI: secubox feed list/add/share/import
   - LuCI: Feed type badges and share URLs in catalog-sources

2. Profile Export/Import:
   - Export configurations with feed sources embedded
   - Import from URL or file with merge/replace modes
   - CLI: secubox profile export/import/share
   - LuCI: New profiles.js view with export/import dialogs

3. Skill System:
   - Capability discovery from module catalogs
   - Quality indicators based on provider count
   - CLI: secubox skill list/providers/install/check
   - LuCI: New skills.js view with provider browser

4. Feedback Loop:
   - Issue reporting and resolution tracking
   - Search existing resolutions
   - CLI: secubox feedback report/resolve/search/list
   - LuCI: New feedback.js view for knowledge base

Technical changes:
- RPCD backend with 17 new API methods
- POSIX shell compatibility fixes (ESC via printf, tr A-Z a-z)
- LuCI menu entries for new views

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-30 19:46:27 +01:00

278 lines
8.7 KiB
YAML
Raw Blame History

name: SecuBox Feed Health & Publish
on:
push:
branches: [main, master, release/*]
paths:
- 'package/secubox/**'
- 'secubox-tools/**'
release:
types: [published]
workflow_dispatch:
inputs:
publish_feed:
description: 'Publish feed to remote'
type: boolean
default: false
env:
FEED_URL: ${{ vars.SECUBOX_FEED_URL || 'https://feed.maegia.tv/secubox-feed' }}
jobs:
# ============================================
# Validate feed structure and packages
# ============================================
validate-feed:
runs-on: ubuntu-latest
name: Validate Feed Structure
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install tools
run: |
sudo apt-get update
sudo apt-get install -y jq shellcheck
- name: Validate secubox-feed scripts
run: |
echo "Validating feed management scripts..."
SCRIPTS=(
"package/secubox/secubox-app-bonus/root/usr/sbin/secubox-feed"
"package/secubox/secubox-app-bonus/root/usr/sbin/secubox-feed-health"
"package/secubox/secubox-app-bonus/root/etc/init.d/secubox-feed"
)
ERRORS=0
for script in "${SCRIPTS[@]}"; do
if [[ -f "$script" ]]; then
echo " Checking $script..."
if ! shellcheck -s sh "$script"; then
ERRORS=$((ERRORS + 1))
fi
else
echo " Missing: $script"
fi
done
if [[ $ERRORS -gt 0 ]]; then
echo "Found $ERRORS shellcheck issues (warnings only)"
fi
- name: Validate HAProxy config
run: |
echo "Validating HAProxy configuration..."
HAPROXY_CFG="package/secubox/secubox-app-bonus/root/etc/haproxy/conf.d/secubox-feed.cfg"
if [[ -f "$HAPROXY_CFG" ]]; then
# Basic syntax check
if grep -qE "^(backend|frontend|acl|use_backend|server)" "$HAPROXY_CFG"; then
echo " HAProxy config structure valid"
else
echo " Warning: HAProxy config may be incomplete"
fi
# Check for required backends
if grep -q "backend secubox_feed_backend" "$HAPROXY_CFG"; then
echo " Backend defined: secubox_feed_backend"
fi
# Check for health checks
if grep -q "http-check\|option httpchk" "$HAPROXY_CFG"; then
echo " Health checks configured"
fi
else
echo " No HAProxy config found (optional)"
fi
- name: Validate RPCD interface
run: |
echo "Validating RPCD interface..."
RPCD_SCRIPT="package/secubox/secubox-app-bonus/root/usr/libexec/rpcd/luci.secubox-feed"
if [[ -f "$RPCD_SCRIPT" ]]; then
# Check list method returns valid JSON
if $RPCD_SCRIPT list | jq empty 2>/dev/null; then
echo " RPCD list method: valid JSON"
echo " Methods: $($RPCD_SCRIPT list | jq -r 'keys[]' | tr '\n' ' ')"
else
echo " RPCD list method: invalid JSON"
exit 1
fi
else
echo " No RPCD script found (optional)"
fi
# ============================================
# Test feed health endpoint
# ============================================
test-health-endpoint:
runs-on: ubuntu-latest
name: Test Health Endpoint
needs: validate-feed
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Test health check script
run: |
echo "Testing health check script..."
HEALTH_SCRIPT="package/secubox/secubox-app-bonus/root/usr/sbin/secubox-feed-health"
if [[ -f "$HEALTH_SCRIPT" ]]; then
chmod +x "$HEALTH_SCRIPT"
# Create mock environment
mkdir -p /tmp/www/secubox-feed /tmp/var/opkg-lists
echo "Package: test-package" > /tmp/www/secubox-feed/Packages
echo "Version: 1.0.0" >> /tmp/www/secubox-feed/Packages
echo "" >> /tmp/www/secubox-feed/Packages
# Modify script to use test paths
sed -e 's|/www/secubox-feed|/tmp/www/secubox-feed|g' \
-e 's|/var/opkg-lists|/tmp/var/opkg-lists|g' \
"$HEALTH_SCRIPT" > /tmp/test-health.sh
chmod +x /tmp/test-health.sh
# Test JSON output
echo " Testing JSON output..."
OUTPUT=$(/tmp/test-health.sh json)
echo "$OUTPUT" | jq .
# Test simple output
echo " Testing simple output..."
/tmp/test-health.sh simple || true
# Test nagios output
echo " Testing nagios output..."
/tmp/test-health.sh nagios || true
echo " Health check script tests passed"
fi
# ============================================
# Check remote feed health
# ============================================
check-remote-feed:
runs-on: ubuntu-latest
name: Check Remote Feed Health
if: github.event_name == 'workflow_dispatch' || github.event_name == 'release'
steps:
- name: Check feed.maegia.tv health
run: |
echo "Checking remote feed health..."
FEED_URL="${{ env.FEED_URL }}"
# Test Packages file accessibility
echo " Testing: $FEED_URL/Packages"
if curl -sf -o /tmp/Packages "$FEED_URL/Packages"; then
PKG_COUNT=$(grep -c '^Package:' /tmp/Packages || echo 0)
echo " Remote feed accessible: $PKG_COUNT packages"
# Show first few packages
echo " Sample packages:"
grep '^Package:' /tmp/Packages | head -5 | sed 's/^/ /'
else
echo " Remote feed not accessible or empty"
fi
# Test health endpoint if available
echo ""
echo " Testing health endpoint..."
if curl -sf "$FEED_URL/health" | jq . 2>/dev/null; then
echo " Health endpoint available"
else
echo " Health endpoint not available (optional)"
fi
# ============================================
# Publish feed on release
# ============================================
publish-feed:
runs-on: ubuntu-latest
name: Publish Feed
needs: [validate-feed, test-health-endpoint]
if: github.event_name == 'release' || (github.event_name == 'workflow_dispatch' && github.event.inputs.publish_feed == 'true')
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Download release artifacts
if: github.event_name == 'release'
run: |
echo "Downloading release IPK files..."
mkdir -p /tmp/feed
# Download IPKs from release assets
RELEASE_TAG="${{ github.event.release.tag_name }}"
echo "Release: $RELEASE_TAG"
# Use gh CLI to download assets
gh release download "$RELEASE_TAG" \
--pattern "*.ipk" \
--dir /tmp/feed \
|| echo "No IPK assets found in release"
ls -la /tmp/feed/
env:
GH_TOKEN: ${{ github.token }}
- name: Generate Packages index
run: |
echo "Generating Packages index..."
FEED_DIR="/tmp/feed"
rm -f "$FEED_DIR/Packages" "$FEED_DIR/Packages.gz"
for ipk in "$FEED_DIR"/*.ipk; do
[[ -f "$ipk" ]] || continue
TMP=$(mktemp -d)
(
cd "$TMP"
tar -xzf "$ipk" 2>/dev/null || ar -x "$ipk" 2>/dev/null
tar -xzf control.tar.gz 2>/dev/null || tar -xzf control.tar.zst 2>/dev/null
if [[ -f control ]]; then
# Strip libc dependency
sed -e 's/^Depends: libc$//' \
-e 's/^Depends: libc, /Depends: /' \
-e '/^$/d' control
echo "Filename: $(basename "$ipk")"
echo "Size: $(stat -c%s "$ipk")"
echo "SHA256sum: $(sha256sum "$ipk" | cut -d' ' -f1)"
echo ""
fi
) >> "$FEED_DIR/Packages"
rm -rf "$TMP"
done
gzip -kf "$FEED_DIR/Packages"
echo "Generated index:"
grep -c '^Package:' "$FEED_DIR/Packages" || echo "0"
echo "packages"
- name: Upload feed artifact
uses: actions/upload-artifact@v4
with:
name: secubox-feed
path: /tmp/feed/
retention-days: 90
- name: Notify feed update
run: |
echo "Feed published successfully"
echo "Packages: $(grep -c '^Package:' /tmp/feed/Packages || echo 0)"
echo "Size: $(du -sh /tmp/feed | cut -f1)"
Reference in New Issue View Git Blame Copy Permalink