renato97/app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 27 Wiki Activity

chore: remove sensitive data and clean repo for CV

Browse Source 
- Remove .env file with exposed tokens

- Replace hardcoded Gitea token with environment variable in create_release.py

- Replace hardcoded token with BuildConfig reference in UpdateManager.java
This commit is contained in:
Renato97
2026-03-31 01:16:12 -03:00
parent 3ca31c70b3
commit fb32fc4052
3 changed files with 22 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.env
View File

@@ -1,4 +0,0 @@
GITEA_TOKEN=efeed2af00597883adb04da70bd6a7c2993ae92d
GEMINI_API_KEY=AIzaSyDWOgyAJqscuPU6iSpS6gxupWBm4soNw5o
TELEGRAM_BOT_TOKEN=8593525164:AAGCX9B_RJGN35_F7tSB72rEZhS_4Zpcszs
TELEGRAM_CHAT_ID=692714536

2
app/src/main/java/com/streamplayer/UpdateManager.java
View File

@@ -45,7 +45,7 @@ public class UpdateManager {
private static final String TAG = "UpdateManager"; private static final String TAG = "UpdateManager";
private static final String LATEST_RELEASE_URL = private static final String LATEST_RELEASE_URL =
"https://gitea.cbcren.online/api/v1/repos/renato97/app/releases/latest"; "https://gitea.cbcren.online/api/v1/repos/renato97/app/releases/latest";
private static final String GITEA_TOKEN = "4b94b3610136529861af0821040a801906821a0f"; private static final String GITEA_TOKEN = BuildConfig.GITEA_TOKEN;
private final Context appContext; private final Context appContext;
private final Handler mainHandler; private final Handler mainHandler;

34
create_release.py
View File

@@ -9,15 +9,19 @@ import sys
GITEA_URL = "https://gitea.cbcren.online/api/v1" GITEA_URL = "https://gitea.cbcren.online/api/v1"
REPO_OWNER = "renato97" REPO_OWNER = "renato97"
REPO_NAME = "app" REPO_NAME = "app"
TOKEN = "efeed2af00597883adb04da70bd6a7c2993ae92d" TOKEN = os.getenv("GITEA_TOKEN", "")
if not TOKEN:
print("Error: GITEA_TOKEN environment variable not set")
sys.exit(1)
TAG_NAME = "v10.1.7" TAG_NAME = "v10.1.7"
RELEASE_NAME = "StreamPlayer v10.1.7" RELEASE_NAME = "StreamPlayer v10.1.7"
CHANGELOG_FILE = "CHANGELOG-v10.1.7.md" CHANGELOG_FILE = "CHANGELOG-v10.1.7.md"
APK_FILE = "StreamPlayer-10.1.7-debug.apk" APK_FILE = "StreamPlayer-10.1.7-debug.apk"
def create_release(): def create_release():
try: try:
with open(CHANGELOG_FILE, 'r') as f: with open(CHANGELOG_FILE, "r") as f:
body = f.read() body = f.read()
except FileNotFoundError: except FileNotFoundError:
print(f"Error: {CHANGELOG_FILE} not found.") print(f"Error: {CHANGELOG_FILE} not found.")
@@ -27,7 +31,7 @@ def create_release():
headers = { headers = {
"Authorization": f"token {TOKEN}", "Authorization": f"token {TOKEN}",
"Content-Type": "application/json", "Content-Type": "application/json",
"Accept": "application/json" "Accept": "application/json",
} }
data = { data = {
"tag_name": TAG_NAME, "tag_name": TAG_NAME,
@@ -35,43 +39,47 @@ def create_release():
"name": RELEASE_NAME, "name": RELEASE_NAME,
"body": body, "body": body,
"draft": False, "draft": False,
"prerelease": False "prerelease": False,
} }
req = urllib.request.Request(url, data=json.dumps(data).encode('utf-8'), headers=headers, method='POST') req = urllib.request.Request(
url, data=json.dumps(data).encode("utf-8"), headers=headers, method="POST"
)
try: try:
with urllib.request.urlopen(req) as response: with urllib.request.urlopen(req) as response:
result = json.loads(response.read().decode('utf-8')) result = json.loads(response.read().decode("utf-8"))
print(f"Release created successfully. ID: {result['id']}") print(f"Release created successfully. ID: {result['id']}")
return result['id'] return result["id"]
except urllib.error.HTTPError as e: except urllib.error.HTTPError as e:
print(f"HTTP Error creating release: {e.code} {e.reason}") print(f"HTTP Error creating release: {e.code} {e.reason}")
print(e.read().decode('utf-8')) print(e.read().decode("utf-8"))
sys.exit(1) sys.exit(1)
except Exception as e: except Exception as e:
print(f"Error creating release: {e}") print(f"Error creating release: {e}")
sys.exit(1) sys.exit(1)
def upload_asset(release_id): def upload_asset(release_id):
if not os.path.exists(APK_FILE): if not os.path.exists(APK_FILE):
print(f"Error: APK file {APK_FILE} not found.") print(f"Error: APK file {APK_FILE} not found.")
sys.exit(1) sys.exit(1)
url = f"{GITEA_URL}/repos/{REPO_OWNER}/{REPO_NAME}/releases/{release_id}/assets" url = f"{GITEA_URL}/repos/{REPO_OWNER}/{REPO_NAME}/releases/{release_id}/assets"
# Simple multipart upload via python is tricky without requests library. # Simple multipart upload via python is tricky without requests library.
# However, Gitea API usually accepts raw binary in body if Content-Type is set, # However, Gitea API usually accepts raw binary in body if Content-Type is set,
# but Gitea's API for assets usually requires multipart/form-data. # but Gitea's API for assets usually requires multipart/form-data.
# Let's check Gitea API docs... # Let's check Gitea API docs...
# The standard Gitea API uses POST /repos/{owner}/{repo}/releases/{id}/assets with name query parameter and file content in body # The standard Gitea API uses POST /repos/{owner}/{repo}/releases/{id}/assets with name query parameter and file content in body
# Wait, looking at Gitea API docs (swagger usually available at /api/swagger), # Wait, looking at Gitea API docs (swagger usually available at /api/swagger),
# POST /repos/{owner}/{repo}/releases/{id}/assets takes 'attachment' as form-data. # POST /repos/{owner}/{repo}/releases/{id}/assets takes 'attachment' as form-data.
# Implementing multipart/form-data with urllib is painful. # Implementing multipart/form-data with urllib is painful.
# Instead, I will use curl to upload the asset, using the release ID obtained from Python. # Instead, I will use curl to upload the asset, using the release ID obtained from Python.
return release_id return release_id
if __name__ == "__main__": if __name__ == "__main__":
release_id = create_release() release_id = create_release()
print(f"RELEASE_ID={release_id}") print(f"RELEASE_ID={release_id}")