From 71a776b9283dea5aff42b52997389e5a1a4b5455 Mon Sep 17 00:00:00 2001 From: Marco Ippolito Date: Wed, 26 Apr 2023 10:20:23 +0200 Subject: [PATCH] tools: automate v8 patch update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit PR-URL: https://github.com/nodejs/node/pull/47594 Refs: https://github.com/nodejs/security-wg/issues/828 Reviewed-By: Paolo Insogna Reviewed-By: Michaƫl Zasso --- .github/workflows/update-v8.yml | 51 +++++++++++++++++++++++++++ tools/dep_updaters/update-v8-patch.sh | 30 ++++++++++++++++ 2 files changed, 81 insertions(+) create mode 100644 .github/workflows/update-v8.yml create mode 100755 tools/dep_updaters/update-v8-patch.sh diff --git a/.github/workflows/update-v8.yml b/.github/workflows/update-v8.yml new file mode 100644 index 00000000000..4a75947876f --- /dev/null +++ b/.github/workflows/update-v8.yml @@ -0,0 +1,51 @@ +name: V8 patch update +on: + schedule: + # Run once a week at 00:05 AM UTC on Sunday. + - cron: 5 0 * * 0 + workflow_dispatch: + +env: + NODE_VERSION: lts/* + +permissions: + contents: read + +jobs: + v8-update: + if: github.repository == 'nodejs/node' + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + with: + persist-credentials: false + - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1 + with: + path: | + ~/.update-v8 + ~/.npm + # Install dependencies + - name: Install Node.js + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 + with: + node-version: ${{ env.NODE_VERSION }} + - name: Install node-core-utils + run: npm install -g node-core-utils@latest + - name: Check and download new V8 version + run: | + ./tools/dep_updaters/update-v8-patch.sh > temp-output + cat temp-output + tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true + rm temp-output + - uses: gr2m/create-or-update-pull-request-action@77596e3166f328b24613f7082ab30bf2d93079d5 + # Creates a PR or update the Action's existing PR, or + # no-op if the base branch is already up-to-date. + env: + GITHUB_TOKEN: ${{ secrets.GH_USER_TOKEN }} + with: + author: Node.js GitHub Bot + body: This is an automated patch update of V8 to ${{ env.NEW_VERSION }}. + branch: actions/update-v8-patch # Custom branch *just* for this Action. + labels: v8 engine + title: 'deps: patch V8 to ${{ env.NEW_VERSION }}' + update-pull-request-title-and-body: true diff --git a/tools/dep_updaters/update-v8-patch.sh b/tools/dep_updaters/update-v8-patch.sh new file mode 100755 index 00000000000..a1e168d2028 --- /dev/null +++ b/tools/dep_updaters/update-v8-patch.sh @@ -0,0 +1,30 @@ +#!/bin/sh +set -e +# Shell script to update v8 patch update + +BASE_DIR=$(cd "$(dirname "$0")/../.." && pwd) + +cd "$BASE_DIR" + +IS_UP_TO_DATE=$(git node v8 minor | grep "V8 is up-to-date") + +if [ -n "$IS_UP_TO_DATE" ]; then + echo "Skipped because V8 is on the latest version." + exit 0 +fi + +DEPS_DIR="$BASE_DIR/deps" + +CURRENT_MAJOR_VERSION=$(grep "#define V8_MAJOR_VERSION" "$DEPS_DIR/v8/include/v8-version.h" | cut -d ' ' -f3) +CURRENT_MINOR_VERSION=$(grep "#define V8_MINOR_VERSION" "$DEPS_DIR/v8/include/v8-version.h" | cut -d ' ' -f3) +CURRENT_BUILD_VERSION=$(grep "#define V8_BUILD_NUMBER" "$DEPS_DIR/v8/include/v8-version.h" | cut -d ' ' -f3) +CURRENT_PATCH_VERSION=$(grep "#define V8_PATCH_LEVEL" "$DEPS_DIR/v8/include/v8-version.h" | cut -d ' ' -f3) + +NEW_VERSION="$CURRENT_MAJOR_VERSION.$CURRENT_MINOR_VERSION.$CURRENT_BUILD_VERSION.$CURRENT_PATCH_VERSION" + +echo "All done!" +echo "" + +# The last line of the script should always print the new version, +# as we need to add it to $GITHUB_ENV variable. +echo "NEW_VERSION=$NEW_VERSION"