Build geoip files #275
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build geoip files | |
| on: | |
| workflow_dispatch: | |
| schedule: | |
| - cron: "0 0 * * 4" | |
| push: | |
| branches: | |
| - master | |
| paths-ignore: | |
| - ".gitignore" | |
| - "config-example.json" | |
| - "LICENSE" | |
| - "README.md" | |
| - ".github/dependabot.yml" | |
| jobs: | |
| build: | |
| name: Build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout codebase | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: ./go.mod | |
| - name: Set variables | |
| run: | | |
| echo "TAG_NAME=$(date +%Y%m%d%H%M)" >> $GITHUB_ENV | |
| echo "RELEASE_NAME=$(date +%Y%m%d%H%M)" >> $GITHUB_ENV | |
| shell: bash | |
| - name: Fetch lists from ripe.net | |
| run: | | |
| chmod +x asn.sh | |
| ./asn.sh | |
| - name: Append more CIDRs | |
| run: | | |
| curl -sSL https://www.gstatic.com/ipranges/goog.json | jq --raw-output '.prefixes[].ipv4Prefix,.prefixes[].ipv6Prefix | select(. != null)' >> data/google | |
| curl -sSL https://www.gstatic.com/ipranges/cloud.json | jq --raw-output '.prefixes[].ipv4Prefix,.prefixes[].ipv6Prefix | select(. != null)' >> data/google | |
| curl -sSL https://api.fastly.com/public-ip-list | jq --raw-output '.addresses[],.ipv6_addresses[]' >> data/fastly | |
| curl -sSL https://ip-ranges.amazonaws.com/ip-ranges.json | jq --raw-output '.prefixes[],.ipv6_prefixes[] | select(.service == "CLOUDFRONT") | .ip_prefix,.ipv6_prefix' | grep "/" >> data/cloudfront | |
| - name: Get GeoLite2 | |
| env: | |
| LICENSE_KEY: ${{ secrets.MAXMIND_GEOLITE2_LICENSE }} | |
| run: | | |
| curl -L "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country-CSV&license_key=${LICENSE_KEY}&suffix=zip" -o GeoLite2-Country-CSV.zip | |
| unzip GeoLite2-Country-CSV.zip | |
| rm -f GeoLite2-Country-CSV.zip | |
| mv GeoLite2* geolite2 | |
| - name: Build geoip files | |
| run: | | |
| go run ./ | |
| - name: Verify mmdb files | |
| run: | | |
| cd ./output/maxmind || exit 1 | |
| go install -v github.com/maxmind/mmdbverify@latest | |
| for name in $(ls *.mmdb); do | |
| $(go env GOPATH)/bin/mmdbverify -file ${name} | |
| done | |
| - name: Generate sha256 checksum for dat files | |
| run: | | |
| cd ./output/dat || exit 1 | |
| for name in $(ls *.dat); do | |
| sha256sum ${name} > ./${name}.sha256sum | |
| done | |
| - name: Generate sha256 checksum for mmdb files | |
| run: | | |
| cd ./output/maxmind || exit 1 | |
| for name in $(ls *.mmdb); do | |
| sha256sum ${name} > ./${name}.sha256sum | |
| done | |
| - name: Download GeoLite2 | |
| env: | |
| LICENSE_KEY: ${{ secrets.MAXMIND_GEOLITE2_LICENSE }} | |
| run: | | |
| curl -L "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-ASN&license_key=${LICENSE_KEY}&suffix=tar.gz" -o GeoLite2-ASN.tar.gz | |
| curl -L "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-ASN-CSV&license_key=${LICENSE_KEY}&suffix=zip" -o GeoLite2-ASN-CSV.zip | |
| curl -L "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country&license_key=${LICENSE_KEY}&suffix=tar.gz" -o GeoLite2-Country.tar.gz | |
| curl -L "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country-CSV&license_key=${LICENSE_KEY}&suffix=zip" -o GeoLite2-Country-CSV.zip | |
| - name: Move files to publish directory | |
| run: | | |
| mkdir -p publish | |
| mv ./output/dat/*.dat ./output/dat/*.sha256sum ./output/maxmind/*.mmdb ./output/maxmind/*.sha256sum *.gz *.zip ./publish/ | |
| cp -fpPR ./output/text ./publish | |
| - name: Git push assets to "release" branch | |
| run: | | |
| cd publish || exit 1 | |
| git init | |
| git config --local user.name "github-actions[bot]" | |
| git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com" | |
| git checkout -b release | |
| git add -A | |
| git commit -m "${{ env.RELEASE_NAME }}" | |
| git remote add geoip "https://${{ github.actor }}:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}" | |
| git push -f -u geoip release | |
| - name: Purge jsdelivr CDN | |
| run: | | |
| cd publish || exit 1 | |
| for file in $(ls); do | |
| curl -i "https://purge.jsdelivr.net/gh/${{ github.repository }}@release/${file}" | |
| done | |
| - name: Remove some files to avoid publishing to GitHub release | |
| run: rm -rf ./publish/*.{gz,zip} ./publish/text | |
| - name: Upload files to GitHub release | |
| uses: svenstaro/upload-release-action@v2 | |
| with: | |
| repo_token: ${{ secrets.GITHUB_TOKEN }} | |
| file_glob: true | |
| file: ./publish/* | |
| tag: ${{ env.TAG_NAME }} |