tools: automate v8 patch update

PR-URL: https://github.com/nodejs/node/pull/47594 Refs: https://github.com/nodejs/security-wg/issues/828 Reviewed-By: Paolo Insogna <paolo@cowtech.it> Reviewed-By: Michaël Zasso <targos@protonmail.com>
2024-11-21 10:59:27 +00:00 · 2023-04-26 10:20:23 +02:00 · 2023-04-26 10:20:23 +02:00 · 71a776b928
commit 71a776b928
parent b54504c1d5
2 changed files with 81 additions and 0 deletions
--- a/.github/workflows/update-v8.yml
+++ b/.github/workflows/update-v8.yml
@ -0,0 +1,51 @@
+name: V8 patch update
+on:
+  schedule:
+    # Run once a week at 00:05 AM UTC on Sunday.
+    - cron: 5 0 * * 0
+  workflow_dispatch:
+
+env:
+  NODE_VERSION: lts/*
+
+permissions:
+  contents: read
+
+jobs:
+  v8-update:
+    if: github.repository == 'nodejs/node'
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c  # v3.3.0
+        with:
+          persist-credentials: false
+      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8  # v3.3.1
+        with:
+          path: |
+            ~/.update-v8
+            ~/.npm
+        # Install dependencies
+      - name: Install Node.js
+        uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c  # v3.6.0
+        with:
+          node-version: ${{ env.NODE_VERSION }}
+      - name: Install node-core-utils
+        run: npm install -g node-core-utils@latest
+      - name: Check and download new V8 version
+        run: |
+            ./tools/dep_updaters/update-v8-patch.sh > temp-output
+            cat temp-output
+            tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true
+            rm temp-output
+      - uses: gr2m/create-or-update-pull-request-action@77596e3166f328b24613f7082ab30bf2d93079d5
+        # Creates a PR or update the Action's existing PR, or
+        # no-op if the base branch is already up-to-date.
+        env:
+          GITHUB_TOKEN: ${{ secrets.GH_USER_TOKEN }}
+        with:
+          author: Node.js GitHub Bot <github-bot@iojs.org>
+          body: This is an automated patch update of V8 to ${{ env.NEW_VERSION }}.
+          branch: actions/update-v8-patch  # Custom branch *just* for this Action.
+          labels: v8 engine
+          title: 'deps: patch V8 to ${{ env.NEW_VERSION }}'
+          update-pull-request-title-and-body: true
--- a/tools/dep_updaters/update-v8-patch.sh
+++ b/tools/dep_updaters/update-v8-patch.sh
@ -0,0 +1,30 @@
+#!/bin/sh
+set -e
+# Shell script to update v8 patch update
+
+BASE_DIR=$(cd "$(dirname "$0")/../.." && pwd)
+
+cd "$BASE_DIR"
+
+IS_UP_TO_DATE=$(git node v8 minor | grep "V8 is up-to-date")
+
+if [ -n "$IS_UP_TO_DATE" ]; then
+  echo "Skipped because V8 is on the latest version."
+  exit 0
+fi
+
+DEPS_DIR="$BASE_DIR/deps"
+
+CURRENT_MAJOR_VERSION=$(grep "#define V8_MAJOR_VERSION" "$DEPS_DIR/v8/include/v8-version.h" | cut -d ' ' -f3)
+CURRENT_MINOR_VERSION=$(grep "#define V8_MINOR_VERSION" "$DEPS_DIR/v8/include/v8-version.h" | cut -d ' ' -f3)
+CURRENT_BUILD_VERSION=$(grep "#define V8_BUILD_NUMBER" "$DEPS_DIR/v8/include/v8-version.h" | cut -d ' ' -f3)
+CURRENT_PATCH_VERSION=$(grep "#define V8_PATCH_LEVEL" "$DEPS_DIR/v8/include/v8-version.h" | cut -d ' ' -f3)
+
+NEW_VERSION="$CURRENT_MAJOR_VERSION.$CURRENT_MINOR_VERSION.$CURRENT_BUILD_VERSION.$CURRENT_PATCH_VERSION"
+
+echo "All done!"
+echo ""
+
+# The last line of the script should always print the new version,
+# as we need to add it to $GITHUB_ENV variable.
+echo "NEW_VERSION=$NEW_VERSION"