Update IP Ranges #483
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Update IP Ranges | |
| on: | |
| workflow_dispatch: | |
| schedule: | |
| - cron: '0 4 * * 1-5' | |
| jobs: | |
| update-ranges: | |
| runs-on: ubuntu-latest | |
| name: Update ranges | |
| steps: | |
| - name: Find ref to pull | |
| uses: actions/github-script@v7 | |
| id: ref-to-pull | |
| with: | |
| script: | | |
| const base_ref = await github.rest.git.listMatchingRefs({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| ref: 'heads/update-ranges' | |
| }); | |
| console.log(base_ref); | |
| return base_ref.data.length > 0 ? 'update-ranges' : 'master'; | |
| result-encoding: string | |
| - name: Find last commit | |
| uses: actions/github-script@v7 | |
| id: last-commit-result | |
| with: | |
| script: | | |
| const commits = await github.rest.repos.listCommits({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| sha: "heads/${{steps.ref-to-pull.outputs.result}}", | |
| path: "ip-ranges.json", | |
| per_page: 5 | |
| }); | |
| console.log(commits.data); | |
| const lastcommit = commits.data[0].commit.author.date; | |
| console.log('Last commit on:' + lastcommit) | |
| return lastcommit; | |
| result-encoding: string | |
| - name: Check out repo | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{steps.ref-to-pull.outputs.result}} | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ vars.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: eu-west-1 | |
| role-duration-seconds: 1200 | |
| role-session-name: MySessionName | |
| - name: Cache IP Ranges | |
| id: cache-ipranges | |
| uses: actions/cache@v4 | |
| with: | |
| path: ./ipranges-sync/ | |
| key: ${{ runner.os }}-ipranges | |
| - run: aws s3 sync s3://iprangesproject-iprangess3bucket-1xpm6odtii6lr ./ipranges-sync/ | |
| - name: Install SSH key | |
| uses: shimataro/ssh-key-action@v2 | |
| with: | |
| key: ${{ secrets.ACTIONS_PRIVATE_KEY }} | |
| name: id_rsa | |
| known_hosts: unnecessary | |
| - name: Install SSH signing key | |
| uses: shimataro/ssh-key-action@v2 | |
| with: | |
| key: ${{ secrets.ACTIONS_SIGNING_KEY }} | |
| name: id_signing | |
| known_hosts: unnecessary | |
| - name: Configure git | |
| run: | | |
| git config --global user.name "dmgress[update_ranges]" | |
| git config --global user.email "dmgress@users.noreply.github.com" | |
| git config --global gpg.format ssh | |
| git config --global user.signingkey ~/.ssh/id_signing | |
| git config --global commit.gpgsign true | |
| - name: Process latest updates to IP ranges | |
| run: | | |
| bash -e -x ./history.sh '"${{steps.last-commit-result.outputs.result}}"' | |
| - name: Push updates to update-ranges branch | |
| run: | | |
| git push origin HEAD:update-ranges |