feat: update ai-mailer

2025-11-12 14:30:35 +01:00
parent 04c08bf419
commit 6f8626ca8a
2 changed files with 132 additions and 2 deletions
--- a/scripts/update-ai-mailer-hash
+++ b/scripts/update-ai-mailer-hash
@@ -0,0 +1,130 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+# Colors for output
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+NC='\033[0m' # No Color
+
+# Script directory
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+REPO_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
+
+# Check if commit hash is provided
+if [ $# -ne 1 ]; then
+    echo -e "${RED}Error: Commit hash required${NC}"
+    echo "Usage: $0 <commit-hash>"
+    echo "Example: $0 6de059dca7cc9c053b56f26ff14edb77083fad73"
+    exit 1
+fi
+
+COMMIT_HASH="$1"
+
+# Validate commit hash format (basic check for 40-char hex or 7+ char short hash)
+if ! [[ "$COMMIT_HASH" =~ ^[0-9a-f]{7,40}$ ]]; then
+    echo -e "${RED}Error: Invalid commit hash format${NC}"
+    echo "Commit hash must be 7-40 hexadecimal characters"
+    exit 1
+fi
+
+echo -e "${GREEN}==> Updating ai-mailer to commit: ${COMMIT_HASH}${NC}"
+
+# File to update
+PKG_FILE="$REPO_ROOT/utils/pkgs/ai-mailer.nix"
+
+if [ ! -f "$PKG_FILE" ]; then
+    echo -e "${RED}Error: Package file not found: $PKG_FILE${NC}"
+    exit 1
+fi
+
+# Step 1: Update rev in package file
+echo -e "${YELLOW}Step 1: Updating rev in package file...${NC}"
+sed -i "s/rev = \"[0-9a-f]\{7,40\}\";/rev = \"$COMMIT_HASH\";/" "$PKG_FILE"
+echo "  ✓ Updated rev in $PKG_FILE"
+
+# Step 2: Set sha256 to lib.fakeHash to trigger hash discovery
+echo -e "${YELLOW}Step 2: Setting sha256 to lib.fakeHash...${NC}"
+sed -i 's/sha256 = "sha256-[^"]*";/sha256 = lib.fakeHash;/' "$PKG_FILE"
+echo "  ✓ Updated sha256 in $PKG_FILE"
+
+# Step 3: Build package to discover the correct source hash
+echo -e "${YELLOW}Step 3: Building package to discover source hash...${NC}"
+BUILD_OUTPUT=$(NIXPKGS_ALLOW_UNFREE=1 nix-build --impure -E "with import <nixpkgs> { config.allowUnfree = true; }; callPackage $PKG_FILE { }" 2>&1 || true)
+
+# Extract source hash from error message
+SOURCE_HASH=$(echo "$BUILD_OUTPUT" | grep -oP '\s+got:\s+\Ksha256-[A-Za-z0-9+/=]+' | head -1)
+
+if [ -z "$SOURCE_HASH" ]; then
+    echo -e "${RED}Error: Failed to extract source hash from build output${NC}"
+    echo "Build output:"
+    echo "$BUILD_OUTPUT"
+    exit 1
+fi
+
+echo "  ✓ Discovered sha256: $SOURCE_HASH"
+
+# Step 4: Update package file with the correct source hash
+echo -e "${YELLOW}Step 4: Updating sha256 in package file...${NC}"
+sed -i "s|sha256 = lib\.fakeHash;|sha256 = \"$SOURCE_HASH\";|" "$PKG_FILE"
+echo "  ✓ Updated sha256 in $PKG_FILE"
+
+# Step 5: Set vendorHash to lib.fakeHash to trigger hash discovery
+echo -e "${YELLOW}Step 5: Setting vendorHash to lib.fakeHash...${NC}"
+sed -i 's/vendorHash = "sha256-[^"]*";/vendorHash = lib.fakeHash;/' "$PKG_FILE"
+echo "  ✓ Updated vendorHash in $PKG_FILE"
+
+# Step 6: Build package to discover the correct vendor hash
+echo -e "${YELLOW}Step 6: Building package to discover vendor hash...${NC}"
+BUILD_OUTPUT=$(NIXPKGS_ALLOW_UNFREE=1 nix-build --impure -E "with import <nixpkgs> { config.allowUnfree = true; }; callPackage $PKG_FILE { }" 2>&1 || true)
+
+# Extract vendor hash from error message
+VENDOR_HASH=$(echo "$BUILD_OUTPUT" | grep -oP '\s+got:\s+\Ksha256-[A-Za-z0-9+/=]+' | head -1)
+
+if [ -z "$VENDOR_HASH" ]; then
+    echo -e "${RED}Error: Failed to extract vendor hash from build output${NC}"
+    echo "Build output:"
+    echo "$BUILD_OUTPUT"
+    exit 1
+fi
+
+echo "  ✓ Discovered vendorHash: $VENDOR_HASH"
+
+# Step 7: Update package file with the correct vendor hash
+echo -e "${YELLOW}Step 7: Updating vendorHash in package file...${NC}"
+sed -i "s|vendorHash = lib\.fakeHash;|vendorHash = \"$VENDOR_HASH\";|" "$PKG_FILE"
+echo "  ✓ Updated vendorHash in $PKG_FILE"
+
+# Step 8: Verify the build succeeds
+echo -e "${YELLOW}Step 8: Verifying build with correct hashes...${NC}"
+if NIXPKGS_ALLOW_UNFREE=1 nix-build --impure -E "with import <nixpkgs> { config.allowUnfree = true; }; callPackage $PKG_FILE { }" > /dev/null 2>&1; then
+    echo "  ✓ Build verification successful"
+else
+    echo -e "${RED}Error: Build verification failed${NC}"
+    exit 1
+fi
+
+# Step 9: Test configuration for fw host (which uses ai-mailer)
+echo -e "${YELLOW}Step 9: Testing fw configuration...${NC}"
+cd "$REPO_ROOT"
+if ./scripts/test-configuration fw > /dev/null 2>&1; then
+    echo "  ✓ Configuration test passed"
+else
+    echo -e "${RED}Warning: Configuration test failed${NC}"
+    echo "This may be due to missing secrets or other issues unrelated to the hash update."
+fi
+
+# Success summary
+echo -e "${GREEN}"
+echo "======================================"
+echo "✓ ai-mailer updated successfully!"
+echo "======================================"
+echo "Commit:      $COMMIT_HASH"
+echo "SourceHash:  $SOURCE_HASH"
+echo "VendorHash:  $VENDOR_HASH"
+echo -e "${NC}"
+echo "Next steps:"
+echo "  1. Review changes: git diff $PKG_FILE"
+echo "  2. Test locally if needed"
+echo "  3. Commit changes: git add $PKG_FILE && git commit -m 'update: ai-mailer to $COMMIT_HASH'"
+echo "  4. Push to trigger automatic deployment"