From 13e84b8e9a95caf2f9f101b8d6979b8a70fe9861 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Yoann=20Rodi=C3=A8re?= Date: Thu, 20 Jan 2022 13:35:16 +0100 Subject: [PATCH 1/3] Add scripts to set up and clean up environment (GPG, ...) --- cleanup.sh | 10 ++++++++++ setup.sh | 21 +++++++++++++++++++++ 2 files changed, 31 insertions(+) create mode 100755 cleanup.sh create mode 100755 setup.sh diff --git a/cleanup.sh b/cleanup.sh new file mode 100755 index 0000000..a150d85 --- /dev/null +++ b/cleanup.sh @@ -0,0 +1,10 @@ +#!/usr/bin/env -S bash -e + +WORKSPACE="${WORKSPACE:-'.'}" + +if [ -d "$RELEASE_GPG_HOMEDIR" ]; then + echo "Cleaning up GPG homedir..." + rm -rf "$RELEASE_GPG_HOMEDIR" || true + echo "Clearing GPG agent..." + gpg-connect-agent reloadagent /bye || true +fi diff --git a/setup.sh b/setup.sh new file mode 100755 index 0000000..b034cc9 --- /dev/null +++ b/setup.sh @@ -0,0 +1,21 @@ +#!/usr/bin/env -S bash -e + +WORKSPACE="${WORKSPACE:-'.'}" + +if [ -z "$RELEASE_GPG_HOMEDIR" ]; then + echo "ERROR: environment variable RELEASE_GPG_HOMEDIR is not set" + exit 1 +fi +if [ -z "$RELEASE_GPG_PRIVATE_KEY_PATH" ]; then + echo "ERROR: environment variable RELEASE_GPG_PRIVATE_KEY_PATH is not set" + exit 1 +fi + +if [ -e "$RELEASE_GPG_HOMEDIR" ]; then + echo "ERROR: temporary gpg homedir '$RELEASE_GPG_HOMEDIR' must not exist" + exit 1 +fi + +mkdir -p -m 700 "$RELEASE_GPG_HOMEDIR" + +gpg --homedir="$RELEASE_GPG_HOMEDIR" --batch --import "$RELEASE_GPG_PRIVATE_KEY_PATH" From 4ae85b812ef210fed5732f6441eaa3327b4d16b4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Yoann=20Rodi=C3=A8re?= Date: Thu, 20 Jan 2022 16:39:28 +0100 Subject: [PATCH 2/3] Introduce single entry point for the whole release --- cleanup.sh | 10 ---- release.sh | 145 +++++++++++++++++++++++++++++++++++++++++++++++++++++ setup.sh | 21 -------- 3 files changed, 145 insertions(+), 31 deletions(-) delete mode 100755 cleanup.sh create mode 100755 release.sh delete mode 100755 setup.sh diff --git a/cleanup.sh b/cleanup.sh deleted file mode 100755 index a150d85..0000000 --- a/cleanup.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/usr/bin/env -S bash -e - -WORKSPACE="${WORKSPACE:-'.'}" - -if [ -d "$RELEASE_GPG_HOMEDIR" ]; then - echo "Cleaning up GPG homedir..." - rm -rf "$RELEASE_GPG_HOMEDIR" || true - echo "Clearing GPG agent..." - gpg-connect-agent reloadagent /bye || true -fi diff --git a/release.sh b/release.sh new file mode 100755 index 0000000..418d3a6 --- /dev/null +++ b/release.sh @@ -0,0 +1,145 @@ +#!/usr/bin/env -S bash -e + +function usage() { + echo "Usage:" + echo + echo " $0 [options] " + echo + echo " One of [search,validator,ogm]" + echo " The version to release (e.g. 6.0.0.Final)" + echo " The new version after the release (e.g. 6.0.1-SNAPSHOT)" + echo + echo " Options" + echo + echo " -h Show this help and exit." + echo " -b The branch to push to (e.g. main or 6.0)." + echo " Defaults to the name of the current branch." + echo " -d Dry run; do not push, deploy or publish anything." +} + +#-------------------------------------------- +# Option parsing + +function exec_or_dry_run() { + "${@}" +} +PUSH_CHANGES=true + +while getopts 'dhb:' opt; do + case "$opt" in + b) + BRANCH="$OPTARG" + ;; + h) + usage + exit 0 + ;; + d) + # Dry run + echo "DRY RUN: will not push/deploy/publish anything." + PUSH_CHANGES=false + function exec_or_dry_run() { + echo "DRY RUN; would have executed:" "${@}" + } + ;; + \?) + usage + exit 1 + ;; + esac +done + +shift $((OPTIND - 1)) + +WORKSPACE="${WORKSPACE:-'.'}" +SCRIPTS_DIR="$(readlink -f ${BASH_SOURCE[0]} | xargs dirname)" +PROJECT="$1" +if [ -z "$PROJECT" ]; then + echo "ERROR: Project not supplied" + usage + exit 1 +fi +shift +RELEASE_VERSION="$1" +if [ -z "$RELEASE_VERSION" ]; then + echo "ERROR: Release version not supplied" + usage + exit 1 +fi +shift +DEVELOPMENT_VERSION="$1" +if [ -z "$DEVELOPMENT_VERSION" ]; then + echo "ERROR: Development version not supplied" + usage + exit 1 +fi +shift + +#-------------------------------------------- +# Defaults / computed + +if [ -z "$BRANCH" ]; then + BRANCH="$(git rev-parse --abbrev-ref HEAD)" + echo "Inferred release branch: $BRANCH" +fi +if (( $# > 0 )); then + echo "ERROR: Extra arguments:" "${@}" + usage + exit 1 +fi + +RELEASE_VERSION_FAMILY=$(echo "$RELEASE_VERSION" | sed -E 's/^([0-9]+\.[0-9]+).*/\1/') + +if [ "$RELEASE_VERSION" = "$RELEASE_VERSION_FAMILY" ]; then + echo "ERROR: Could not extract family from release version $RELEASE_VERSION" + usage + exit 1 +else + echo "Inferred release version family: $RELEASE_VERSION_FAMILY" +fi + +#-------------------------------------------- +# Environment variables + +if [ -z "$RELEASE_GPG_HOMEDIR" ]; then + echo "ERROR: environment variable RELEASE_GPG_HOMEDIR is not set" + exit 1 +fi +if [ -z "$RELEASE_GPG_PRIVATE_KEY_PATH" ]; then + echo "ERROR: environment variable RELEASE_GPG_PRIVATE_KEY_PATH is not set" + exit 1 +fi + +#-------------------------------------------- +# Cleanup on exit + +function cleanup() { + if [ -d "$RELEASE_GPG_HOMEDIR" ]; then + echo "Cleaning up GPG homedir..." + rm -rf "$RELEASE_GPG_HOMEDIR" || true + echo "Clearing GPG agent..." + gpg-connect-agent reloadagent /bye || true + fi +} + +trap "cleanup" EXIT + +#-------------------------------------------- +# Actual script + +if [ -e "$RELEASE_GPG_HOMEDIR" ]; then + echo "ERROR: temporary gpg homedir '$RELEASE_GPG_HOMEDIR' must not exist" + exit 1 +fi +mkdir -p -m 700 "$RELEASE_GPG_HOMEDIR" +gpg --homedir="$RELEASE_GPG_HOMEDIR" --batch --import "$RELEASE_GPG_PRIVATE_KEY_PATH" + +bash -xe "$SCRIPTS_DIR/prepare-release.sh" "$PROJECT" "$RELEASE_VERSION" + +bash -xe "$SCRIPTS_DIR/deploy.sh" "$PROJECT" + +exec_or_dry_run bash -xe "$SCRIPTS_DIR/upload-distribution.sh" "$PROJECT" "$RELEASE_VERSION" +exec_or_dry_run bash -xe "$SCRIPTS_DIR/upload-documentation.sh" "$PROJECT" "$RELEASE_VERSION" "$RELEASE_VERSION_FAMILY" + +bash -xe "$SCRIPTS_DIR/update-version.sh" "$PROJECT" "$DEVELOPMENT_VERSION" +bash -xe "$SCRIPTS_DIR/push-upstream.sh" "$PROJECT" "$RELEASE_VERSION" "$BRANCH_NAME" "$PUSH_CHANGES" diff --git a/setup.sh b/setup.sh deleted file mode 100755 index b034cc9..0000000 --- a/setup.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/usr/bin/env -S bash -e - -WORKSPACE="${WORKSPACE:-'.'}" - -if [ -z "$RELEASE_GPG_HOMEDIR" ]; then - echo "ERROR: environment variable RELEASE_GPG_HOMEDIR is not set" - exit 1 -fi -if [ -z "$RELEASE_GPG_PRIVATE_KEY_PATH" ]; then - echo "ERROR: environment variable RELEASE_GPG_PRIVATE_KEY_PATH is not set" - exit 1 -fi - -if [ -e "$RELEASE_GPG_HOMEDIR" ]; then - echo "ERROR: temporary gpg homedir '$RELEASE_GPG_HOMEDIR' must not exist" - exit 1 -fi - -mkdir -p -m 700 "$RELEASE_GPG_HOMEDIR" - -gpg --homedir="$RELEASE_GPG_HOMEDIR" --batch --import "$RELEASE_GPG_PRIVATE_KEY_PATH" From 450c67ffd70b90f0c239c9d7d9228a6907cfcb3f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Yoann=20Rodi=C3=A8re?= Date: Thu, 20 Jan 2022 17:22:44 +0100 Subject: [PATCH 3/3] Delete imported gpg keys explicitly, just in case --- release.sh | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/release.sh b/release.sh index 418d3a6..705dcc7 100755 --- a/release.sh +++ b/release.sh @@ -114,6 +114,10 @@ fi # Cleanup on exit function cleanup() { + if [ -n "$IMPORTED_KEY" ]; then + echo "Deleting imported GPG private key..." + gpg --homedir="$RELEASE_GPG_HOMEDIR" --batch --yes --delete-secret-keys "$IMPORTED_KEY" || true + fi if [ -d "$RELEASE_GPG_HOMEDIR" ]; then echo "Cleaning up GPG homedir..." rm -rf "$RELEASE_GPG_HOMEDIR" || true @@ -132,7 +136,11 @@ if [ -e "$RELEASE_GPG_HOMEDIR" ]; then exit 1 fi mkdir -p -m 700 "$RELEASE_GPG_HOMEDIR" -gpg --homedir="$RELEASE_GPG_HOMEDIR" --batch --import "$RELEASE_GPG_PRIVATE_KEY_PATH" +IMPORTED_KEY="$(gpg --homedir="$RELEASE_GPG_HOMEDIR" --batch --import "$RELEASE_GPG_PRIVATE_KEY_PATH" 2>&1 | tee /dev/stderr | grep 'key.*imported' | sed -E 's/.*key ([^:]+):.*/\1/')" +if [ -z "$IMPORTED_KEY" ]; then + echo "Failed to import GPG key" + exit 1 +fi bash -xe "$SCRIPTS_DIR/prepare-release.sh" "$PROJECT" "$RELEASE_VERSION"