ci: add ci/cd files

.gitlab-ci.yml

@@ -0,0 +1,9 @@
+stages:
+- deploy
+
+deploy:
+  stage: deploy
+  script:
+    - sh deploy.sh
+  only:
+    - master

ApplePodcastsConfig.json

@@ -4,11 +4,11 @@
     "description": "One of the biggest podcast indexes owned by Apple",
     "author": "Futo",
     "authorUrl": "https://futo.org",
-    "sourceUrl": "https://plugintest.grayjay.app/ApplePodcasts/ApplePodcastsConfig.json",
+    "sourceUrl": "https://plugins.grayjay.app/ApplePodcasts/ApplePodcastsConfig.json",
     "repositoryUrl": "https://futo.org",
     "scriptUrl": "./ApplePodcastsScript.js",
     "version": 2,
-    "iconUrl": "./podcast.png",
+    "iconUrl": "./ApplePodcastsIcon.png",
     "id": "89ae4889-0420-4d16-ad6c-19c776b28f99",
     "scriptSignature": "",
     "scriptPublicKey": "",

ReadMe.md

@@ -0,0 +1,3 @@
+# Apple Podcasts plugin for Grayjay
+
+Click [here](grayjay://plugin/https://plugins.grayjay.app/ApplePodcasts/ApplePodcastsConfig.json) to install

deploy.sh

@@ -0,0 +1,25 @@
+#!/bin/sh
+DOCUMENT_ROOT=/var/www/sources
+
+# Take site offline
+echo "Taking site offline..."
+touch $DOCUMENT_ROOT/maintenance.file
+
+# Swap over the content
+echo "Deploying content..."
+mkdir -p $DOCUMENT_ROOT/ApplePodcasts
+cp ApplePodcastsIcon.png $DOCUMENT_ROOT/ApplePodcasts
+cp ApplePodcastsConfig.json $DOCUMENT_ROOT/ApplePodcasts
+cp ApplePodcastsScript.js $DOCUMENT_ROOT/ApplePodcasts
+sh sign.sh $DOCUMENT_ROOT/ApplePodcasts/ApplePodcastsScript.js $DOCUMENT_ROOT/ApplePodcasts/ApplePodcastsConfig.json
+
+# Notify Cloudflare to wipe the CDN cache
+echo "Purging Cloudflare cache for zone $CLOUDFLARE_ZONE_ID..."
+curl -X POST "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/purge_cache" \
+     -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
+     -H "Content-Type: application/json" \
+     --data '{"files":["https://plugins.grayjay.app/ApplePodcasts/ApplePodcastsIcon.png", "https://plugins.grayjay.app/ApplePodcasts/ApplePodcastsConfig.json", "https://plugins.grayjay.app/ApplePodcasts/ApplePodcastsScript.js"]}'
+
+# Take site back online
+echo "Bringing site back online..."
+rm $DOCUMENT_ROOT/maintenance.file

sign.sh

@@ -0,0 +1,54 @@
+#!/bin/sh
+
+# Parameters
+JS_FILE_PATH=$1
+CONFIG_FILE_PATH=$2
+
+# Decode and save the private key to a temporary file
+echo "$SIGNING_PRIVATE_KEY" | base64 -d > tmp_private_key.pem
+
+# Validate private key
+if ! openssl rsa -check -noout -in tmp_private_key.pem > /dev/null 2>&1; then
+  echo "Invalid private key."
+  rm tmp_private_key.pem
+  exit 1
+fi
+
+# Generate signature for the provided JS file
+SIGNATURE=$(cat $JS_FILE_PATH | openssl dgst -sha512 -sign tmp_private_key.pem | base64 -w 0)
+if [ $? -ne 0 ]; then
+  echo "Failed to generate signature."
+  rm tmp_private_key.pem
+  exit 1
+fi
+
+# Extract public key from the temporary private key file
+PUBLIC_KEY=$(openssl rsa -pubout -outform DER -in tmp_private_key.pem 2>/dev/null | openssl pkey -pubin -inform DER -outform PEM | tail -n +2 | head -n -1 | tr -d '\n')
+if [ $? -ne 0 ]; then
+  echo "Failed to extract public key."
+  rm tmp_private_key.pem
+  exit 1
+fi
+
+echo "SIGNATURE: $SIGNATURE"
+echo "PUBLIC_KEY: $PUBLIC_KEY"
+
+# Remove temporary key files
+rm tmp_private_key.pem
+
+# Update "scriptSignature" and "scriptPublicKey" fields in Config JSON
+jq --arg signature "$SIGNATURE" --arg publicKey "$PUBLIC_KEY" '. + {scriptSignature: $signature, scriptPublicKey: $publicKey}' "$CONFIG_FILE_PATH" > temp_config.json
+if [ $? -ne 0 ]; then
+  echo "Failed to update JSON file."
+  rm temp_config.json
+  exit 1
+fi
+
+mv temp_config.json "$CONFIG_FILE_PATH"
+if [ $? -ne 0 ]; then
+  echo "Failed to replace the original JSON file."
+  rm temp_config.json
+  exit 1
+fi
+
+echo "JSON file updated successfully."