Add in-game updater (#1050)

Co-authored-by: IRONM00N <64110067+IRONM00N@users.noreply.github.com>

6 files changed, 108 insertions, 7 deletions

diff --git a/buildSrc/generate-public-key.sh b/buildSrc/generate-public-key.sh
index 3f778c53..d02fde94 100755
--- a/buildSrc/generate-public-key.sh
+++ b/buildSrc/generate-public-key.sh
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/usr/bin/env bash
 #
 # Copyright (C) 2022 NotEnoughUpdates contributors
 #
@@ -19,7 +19,7 @@
 #
 
 
-output="$(dirname $(dirname $(readlink -f "$0")))/src/main/resources/moulberry.key"
+output="$(dirname $(dirname $(readlink -f "$0")))/src/main/resources/trusted_team_members/$(basename "$2").key"
 
 echo processing rsa input key from $1, and outputting to $output
 
diff --git a/buildSrc/moulsign.sh b/buildSrc/moulsign.sh
index dacb8ec3..b5980353 100755
--- a/buildSrc/moulsign.sh
+++ b/buildSrc/moulsign.sh
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/usr/bin/env bash
 #
 # Copyright (C) 2022 NotEnoughUpdates contributors
 #
diff --git a/buildSrc/moulsign.sh.asc b/buildSrc/moulsign.sh.asc
new file mode 100644
index 00000000..0c9538b8
--- /dev/null
+++ b/buildSrc/moulsign.sh.asc
@@ -0,0 +1,3 @@
+QJ'D�½	=e��C�Gs�7�kz=q�C[
+n�+����#7t���u���.�X)�ΕU�JQZ�u�j��i��G��zgR��(�.F�{AO�̢��c�v�LMP�SK�CqV��ٻN^8�ɴ!#��7��9�cl*���=jF ҥ)`y�#�(r4�
+��SD�ǚ�1�1k�c�0s�a��h[�UzW��:@o�0arkỶ9�Pmd�а��r�%��m�g���>5T�|��@)�C1�4�٬|x	���[
\ No newline at end of file
diff --git a/buildSrc/signhash.sh b/buildSrc/signhash.sh
new file mode 100755
index 00000000..48172852
--- /dev/null
+++ b/buildSrc/signhash.sh
@@ -0,0 +1,34 @@
+#!/usr/bin/env bash
+#
+# Copyright (C) 2024 NotEnoughUpdates contributors
+#
+# This file is part of NotEnoughUpdates.
+#
+# NotEnoughUpdates is free software: you can redistribute it
+# and/or modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation, either
+# version 3 of the License, or (at your option) any later version.
+#
+# NotEnoughUpdates is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with NotEnoughUpdates. If not, see <https://www.gnu.org/licenses/>.
+#
+
+if [[ $# -ne 3 ]]; then
+  echo "Usage: <keypath> <key name> <hash>"
+  exit 1
+fi
+
+echo use key $1, label $2, signing hash $3
+work=$(mktemp)
+echo $work
+echo "$3" | tr '[:lower:]' '[:upper:]' |tr -d '\n ' > "$work"
+openssl dgst -sign "$1" "$work" > "_$2.asc"
+echo signature saved to "_$2.asc"
+
+
+
diff --git a/buildSrc/src/main/kotlin/neubs/customSign.kt b/buildSrc/src/main/kotlin/neubs/customSign.kt
new file mode 100644
index 00000000..8140d71b
--- /dev/null
+++ b/buildSrc/src/main/kotlin/neubs/customSign.kt
@@ -0,0 +1,55 @@
+/*
+ * Copyright (C) 2024 NotEnoughUpdates contributors
+ *
+ * This file is part of NotEnoughUpdates.
+ *
+ * NotEnoughUpdates is free software: you can redistribute it
+ * and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation, either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * NotEnoughUpdates is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with NotEnoughUpdates. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+package neubs
+
+import org.gradle.api.DefaultTask
+import org.gradle.api.tasks.TaskAction
+import java.security.KeyFactory
+import java.security.Signature
+import java.security.spec.PKCS8EncodedKeySpec
+
+abstract class CustomSignTask : DefaultTask() {
+
+    @TaskAction
+    fun run() {
+        println("Hash to sign: ")
+        val hash = readLine()!!.trim().toUpperCase()
+        require(hash.matches("[A-F0-9]{64}".toRegex())) { "Please provide a valid sha256 hash" }
+        val secrets = project.file("secrets").listFiles()?.toList()
+            ?.filter { !it.name.startsWith(".") } ?: emptyList()
+
+        if (secrets.isEmpty()) error("Could not find any secret files.")
+        secrets.forEach { require(it.name.endsWith(".der")) { "Invalid secret file ${it.name}" } }
+        project.file("build/signatures").mkdirs()
+        for (secret in secrets) {
+            val keySpec = PKCS8EncodedKeySpec(secret.readBytes())
+            val signature = Signature.getInstance("SHA256withRSA")
+            signature.initSign(KeyFactory.getInstance("RSA").generatePrivate(keySpec))
+            signature.update(hash.encodeToByteArray())
+            val file = project.file("build/signatures/_${secret.nameWithoutExtension}.asc")
+            file.writeBytes(signature.sign())
+            println("Generated signature at ${file.absolutePath}")
+        }
+    }
+
+    init {
+        outputs.upToDateWhen { false }
+    }
+}
diff --git a/buildSrc/src/main/kotlin/neubs/versioning.kt b/buildSrc/src/main/kotlin/neubs/versioning.kt
index 9294e164..24e6cc05 100644
--- a/buildSrc/src/main/kotlin/neubs/versioning.kt
+++ b/buildSrc/src/main/kotlin/neubs/versioning.kt
@@ -22,15 +22,24 @@ package neubs
 import org.gradle.api.Project
 import java.io.ByteArrayOutputStream
 
-fun Project.setVersionFromEnvironment(baseVersion: String) {
+fun Project.setVersionFromEnvironment(): String {
+    val baseVersion = run {
+        val baos = ByteArrayOutputStream()
+        exec {
+            commandLine("git", "describe", "--tags", "--abbrev=0")
+            standardOutput = baos
+            isIgnoreExitValue = true
+        }
+        (baos.toByteArray()).decodeToString().trim()
+    }
     val buildExtra = mutableListOf<String>()
     val buildVersion = properties["BUILD_VERSION"] as? String
     if (buildVersion != null) buildExtra.add(buildVersion)
-    if (System.getenv("CI") == "true") buildExtra.add("ci")
+    if (System.getenv("CI") == "true" && System.getenv("NEU_RELEASE") != "true") buildExtra.add("ci")
 
     val stdout = ByteArrayOutputStream()
     val execResult = exec {
-        commandLine("git", "describe", "--always", "--first-parent", "--abbrev=7")
+        commandLine("git", "rev-parse", "--short", "HEAD")
         standardOutput = stdout
         isIgnoreExitValue = true
     }
@@ -49,6 +58,6 @@ fun Project.setVersionFromEnvironment(baseVersion: String) {
     }
 
     version = baseVersion + (if (buildExtra.isEmpty()) "" else buildExtra.joinToString(prefix = "+", separator = "."))
-
+    return baseVersion
 }