Commit 233d7da2 authored by Cecylia Bocovich's avatar Cecylia Bocovich
Browse files

Safer token accesss and file cleanup

Have the script read directly from an environment variable instead of
passing the token in as a command line argument. This will hide it from
other processes.

Also removed downloaded files to prevent a messy directory.
parent 6aa7e2b2
...@@ -2,12 +2,16 @@ ...@@ -2,12 +2,16 @@
#pip3 install PyGithub #pip3 install PyGithub
# Before running, place the authentication token for a user with push access to the repository
# in an environment variable 'GITHUB_AUTH'
from github import Github from github import Github
import sys import sys
import json import json
import urllib import urllib
import subprocess import subprocess
import os
REPO_NAME = "TheTorProject/gettorbrowser" REPO_NAME = "TheTorProject/gettorbrowser"
...@@ -33,6 +37,7 @@ def upload_files(release): ...@@ -33,6 +37,7 @@ def upload_files(release):
try: try:
subprocess.check_call(["/usr/bin/wget", "--quiet", url]) subprocess.check_call(["/usr/bin/wget", "--quiet", url])
release.upload_asset(filename) release.upload_asset(filename)
os.remove(filename)
except: except:
print("Error: failed to download "+url+". Will retry later.") print("Error: failed to download "+url+". Will retry later.")
failed_uploads.append(url) failed_uploads.append(url)
...@@ -42,6 +47,7 @@ def upload_files(release): ...@@ -42,6 +47,7 @@ def upload_files(release):
try: try:
subprocess.check_call(["/usr/bin/wget", "--quiet", url]) subprocess.check_call(["/usr/bin/wget", "--quiet", url])
release.upload_asset(filename) release.upload_asset(filename)
os.remove(filename)
except: except:
print("Error: failed to download "+url+". Please upload this file manually.") print("Error: failed to download "+url+". Please upload this file manually.")
failure = True failure = True
...@@ -64,11 +70,10 @@ def main(token): ...@@ -64,11 +70,10 @@ def main(token):
if __name__ == "__main__": if __name__ == "__main__":
if len(sys.argv) != 2: if 'GITHUB_AUTH' not in os.environ:
print("Usage: {} AUTH_TOKEN".format(sys.argv[0]), file=sys.stderr) print("Usage: {}".format(sys.argv[0]), file=sys.stderr)
print("\nAUTH_TOKEN should be an authentication token for a user" print("\nThe authentication token for github should be placed in the environment"
"with access to the gettor repository.", file=sys.stderr) "variable 'GITHUB_AUTH'", file=sys.stderr)
sys.exit(1) sys.exit(1)
token = sys.argv[1] token = os.environ['GITHUB_AUTH']
sys.exit(main(token)) sys.exit(main(token))
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment