From 562f1b84534dabf0a8d3f90f8d218b99aa283630 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Krupa?= Date: Mon, 12 Nov 2018 18:26:13 +0100 Subject: Fixes and cleanup in release pipeline (#4625) * remove firehol release pipeline code; move tagging to separate script; add option to modify files based on tags * fix #4572 --- .travis/decrypt-if-have-key | 33 ------------------- .travis/deploy-if-have-key | 55 ------------------------------- .travis/firehol_create_artifacts.sh | 31 ----------------- .travis/generate_changelog.sh | 4 +-- .travis/labeler.sh | 4 +-- .travis/releaser.sh | 43 ++++++------------------ .travis/tagger.sh | 64 ++++++++++++++++++++++++++++++++++++ .travis/travis_rsa.enc | Bin 1680 -> 0 bytes 8 files changed, 78 insertions(+), 156 deletions(-) delete mode 100755 .travis/decrypt-if-have-key delete mode 100755 .travis/deploy-if-have-key delete mode 100755 .travis/firehol_create_artifacts.sh create mode 100755 .travis/tagger.sh delete mode 100644 .travis/travis_rsa.enc (limited to '.travis') diff --git a/.travis/decrypt-if-have-key b/.travis/decrypt-if-have-key deleted file mode 100755 index 7fcab8970c..0000000000 --- a/.travis/decrypt-if-have-key +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash - -set -e - -# Decrypt our private files; changes to this file should be inspected -# closely to ensure they do not create information leaks - -eval key="\${encrypted_${1}_key}" -eval iv="\${encrypted_${1}_iv}" - -if [ ! "$key" ] -then - echo "No aes key present - skipping decryption" - exit 0 -fi - -for i in .travis/*.enc -do - u=$(echo $i | sed -e 's/.enc$//') - openssl aes-256-cbc -K "$key" -iv "$iv" -in $i -out $u -d -done - -if [ -f .travis/travis_rsa ] -then - echo "ssh key present - loading to agent" - # add key, then remove to prevent leaks - chmod 600 .travis/travis_rsa - ssh-add .travis/travis_rsa - rm -f .travis/travis_rsa - touch /tmp/ssh-key-loaded -else - echo "No ssh key present - skipping agent start" -fi diff --git a/.travis/deploy-if-have-key b/.travis/deploy-if-have-key deleted file mode 100755 index 8b3b40f7e4..0000000000 --- a/.travis/deploy-if-have-key +++ /dev/null @@ -1,55 +0,0 @@ -#!/bin/bash - -set -e - -# Deploy tar-files and checksums to the firehol website - -if [ ! -f /tmp/ssh-key-loaded ] -then - echo "No ssh key decrypted - skipping deployment to website" - exit 0 -fi - -case "$TRAVIS_BRANCH" in - master|stable-*) - : - ;; - *) - echo "Not on master or stable-* branch - skipping deployment to website" - exit 0 - ;; -esac - -if [ "$TRAVIS_PULL_REQUEST" = "true" ] -then - echo "Building pull request - skipping deployment to website" - exit 0 -fi - -if [ "$TRAVIS_TAG" != "" ] -then - echo "Building tag - skipping deployment to website" - exit 0 -fi - -if [ "$TRAVIS_OS_NAME" != "linux" ] -then - echo "Building non-linux version - skipping deployment to website" - exit 0 -fi - -if [ "$CC" != "gcc" ] -then - echo "Building non-gcc version - skipping deployment to website" - exit 0 -fi - -ssh-keyscan -H firehol.org >> ~/.ssh/known_hosts -ssh travis@firehol.org mkdir -p uploads/netdata/$TRAVIS_BRANCH/ -scp -p *.tar.gz travis@firehol.org:uploads/netdata/$TRAVIS_BRANCH/ -scp -p *.tar.gz.sha travis@firehol.org:uploads/netdata/$TRAVIS_BRANCH/ -scp -p *.tar.gz.asc travis@firehol.org:uploads/netdata/$TRAVIS_BRANCH/ -scp -p *.gz.run travis@firehol.org:uploads/netdata/$TRAVIS_BRANCH/ -scp -p *.gz.run.sha travis@firehol.org:uploads/netdata/$TRAVIS_BRANCH/ -scp -p *.gz.run.asc travis@firehol.org:uploads/netdata/$TRAVIS_BRANCH/ -ssh travis@firehol.org touch uploads/netdata/$TRAVIS_BRANCH/complete.txt diff --git a/.travis/firehol_create_artifacts.sh b/.travis/firehol_create_artifacts.sh deleted file mode 100755 index 3fcb910e7b..0000000000 --- a/.travis/firehol_create_artifacts.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -# shellcheck disable=SC2230 - -# WARNING: This script is deprecated and placed here until @paulfantom figures out how to fully replace it - -if [ ! -f .gitignore ] -then - echo "Run as ./travis/$(basename "$0") from top level directory of git repository" - exit 1 -fi - -eval "$(ssh-agent -s)" -./.travis/decrypt-if-have-key decb6f6387c4 -export KEYSERVER=ipv4.pool.sks-keyservers.net -./packaging/gpg-recv-key phil@firehol.org "0762 9FF7 89EA 6156 012F 9F50 C406 9602 1359 9237" -./packaging/gpg-recv-key costa@tsaousis.gr "4DFF 624A E564 3B51 2872 1F40 29CA 3358 89B9 A863" -# Run the commit hooks in case the developer didn't -git diff 4b825dc642cb6eb9a060e54bf8d69288fbee4904 | ./packaging/check-files - -fakeroot ./packaging/git-build -# Make sure stdout is in blocking mode. If we don't, then conda create will barf during downloads. -# See https://github.com/travis-ci/travis-ci/issues/4704#issuecomment-348435959 for details. -python -c 'import os,sys,fcntl; flags = fcntl.fcntl(sys.stdout, fcntl.F_GETFL); fcntl.fcntl(sys.stdout, fcntl.F_SETFL, flags&~os.O_NONBLOCK);' -echo "--- Create tarball ---" -make dist -echo "--- Create self-extractor ---" -./makeself/build-x86_64-static.sh -echo "--- Create checksums ---" -for i in *.tar.gz; do sha512sum -b "$i" > "$i.sha"; done #FIXME remove? -for i in *.gz.run; do sha512sum -b "$i" > "$i.sha"; done #FIXME remove? -sha256sum -b ./*.tar.gz ./*.gz.run > "sha256sums.txt" -./.travis/deploy-if-have-key diff --git a/.travis/generate_changelog.sh b/.travis/generate_changelog.sh index 786bd011f3..d9b91113a8 100755 --- a/.travis/generate_changelog.sh +++ b/.travis/generate_changelog.sh @@ -10,8 +10,8 @@ fi ORGANIZATION=$(echo "$TRAVIS_REPO_SLUG" | awk -F '/' '{print $1}') PROJECT=$(echo "$TRAVIS_REPO_SLUG" | awk -F '/' '{print $2}') -GIT_MAIL="pawel+bot@netdata.cloud" -GIT_USER="netdatabot" +GIT_MAIL=${GIT_MAIL:-"pawel+bot@netdata.cloud"} +GIT_USER=${GIT_USER:-"netdatabot"} echo "--- Initialize git configuration ---" git config user.email "${GIT_MAIL}" diff --git a/.travis/labeler.sh b/.travis/labeler.sh index 79ea85f145..47bf250a04 100755 --- a/.travis/labeler.sh +++ b/.travis/labeler.sh @@ -24,8 +24,8 @@ for STATE in "open" "closed"; do URL="https://api.github.com/repos/netdata/netdata/issues/$ISSUE" BODY="$(curl "${URL}" | jq .body 2>/dev/null)" case "${BODY}" in - *"##### Question summary"* ) curl -H "Authorization: token $GITHUB_TOKEN" -d '{"labels":["question"]}' -X PATCH "${URL}" ;; - *"##### Bug report summary"* ) curl -H "Authorization: token $GITHUB_TOKEN" -d '{"labels":["bug"]}' -X PATCH "${URL}" ;; + *"# Question summary"* ) curl -H "Authorization: token $GITHUB_TOKEN" -d '{"labels":["question"]}' -X PATCH "${URL}" ;; + *"# Bug report summary"* ) curl -H "Authorization: token $GITHUB_TOKEN" -d '{"labels":["bug"]}' -X PATCH "${URL}" ;; * ) curl -H "Authorization: token $GITHUB_TOKEN" -d '{"labels":["needs triage"]}' -X PATCH "${URL}" ;; esac done diff --git a/.travis/releaser.sh b/.travis/releaser.sh index 82bc692ce0..e12d5da5bf 100755 --- a/.travis/releaser.sh +++ b/.travis/releaser.sh @@ -25,42 +25,19 @@ set -e -if [ ! -f .gitignore ] -then - echo "Run as ./travis/$(basename "$0") from top level directory of git repository" - exit 1 +if [ ! -f .gitignore ]; then + echo "Run as ./travis/$(basename "$0") from top level directory of git repository" + exit 1 fi -echo "---- FIGURING OUT TAGS ----" -# Check if current commit is tagged or not -GIT_TAG=$(git tag --points-at) -if [ -z "${GIT_TAG}" ]; then - git semver - # Figure out next tag based on commit message - GIT_TAG=HEAD - echo "Last commit message: $TRAVIS_COMMIT_MESSAGE" - case "${TRAVIS_COMMIT_MESSAGE}" in - *"[netdata patch release]"* ) GIT_TAG="v$(git semver --next-patch)" ;; - *"[netdata minor release]"* ) GIT_TAG="v$(git semver --next-minor)" ;; - *"[netdata major release]"* ) GIT_TAG="v$(git semver --next-major)" ;; - *) echo "Keyword not detected. Doing nothing" ;; - esac - - # Tag it! - if [ "$GIT_TAG" != "HEAD" ]; then - echo "Assigning a new tag: $GIT_TAG" - git tag "$GIT_TAG" -a -m "Automatic tag generation for travis build no. $TRAVIS_BUILD_NUMBER" - # git is able to push due to configuration already being initialized in `generate_changelog.sh` script - git push "https://${GITHUB_TOKEN}:@$(git config --get remote.origin.url | sed -e 's/^https:\/\///')" --tags - fi -fi +export GIT_MAIL="pawel+bot@netdata.cloud" +export GIT_USER="netdatabot" +echo "--- Initialize git configuration ---" +git config user.email "${GIT_MAIL}" +git config user.name "${GIT_USER}" -if [ "${GIT_TAG}" == "HEAD" ]; then - echo "Not creating a release since neither of two conditions was met:" - echo " - keyword in commit message" - echo " - commit is tagged" - exit 0 -fi +echo "---- FIGURING OUT TAGS ----" +./.travis/tagger.sh || exit 0 echo "---- GENERATING CHANGELOG -----" ./.travis/generate_changelog.sh diff --git a/.travis/tagger.sh b/.travis/tagger.sh new file mode 100755 index 0000000000..3b71277420 --- /dev/null +++ b/.travis/tagger.sh @@ -0,0 +1,64 @@ +#!/bin/bash +# SPDX-License-Identifier: MIT +# Copyright (C) 2018 Pawel Krupa (@paulfantom) - All Rights Reserved +# Permission to copy and modify is granted under the MIT license +# +# Original script is available at https://github.com/paulfantom/travis-helper/blob/master/releasing/releaser.sh +# +# Tags are generated by searching for a keyword in last commit message. Keywords are: +# - [patch] or [fix] to bump patch number +# - [minor], [feature] or [feat] to bump minor number +# - [major] or [breaking change] to bump major number +# All keywords MUST be surrounded with square braces. +# +# Requirements: +# - GITHUB_TOKEN variable set with GitHub token. Access level: repo.public_repo +# - git-semver python package (pip install git-semver) + +set -e + +if [ ! -f .gitignore ]; then + echo "Run as ./travis/$(basename "$0") from top level directory of git repository" + exit 1 +fi + +# Embed new version in files which need it. +# This wouldn't be needed if we could use `git tag` everywhere. +function embed_version { + VERSION="$1" + MAJOR=$(echo "$GIT_TAG" | cut -d . -f 1 | cut -d v -f 2) + MINOR=$(echo "$GIT_TAG" | cut -d . -f 2) + PATCH=$(echo "$GIT_TAG" | cut -d . -f 3) + sed -i "s/\\[VERSION_MAJOR\\], \\[.*\\]/\\[VERSION_MAJOR\\], \\[$MAJOR\\]/" configure.ac + sed -i "s/\\[VERSION_MINOR\\], \\[.*\\]/\\[VERSION_MINOR\\], \\[$MINOR\\]/" configure.ac + sed -i "s/\\[VERSION_PATCH\\], \\[.*\\]/\\[VERSION_PATCH\\], \\[$PATCH\\]/" configure.ac + git add configure.ac +} + +# Check if current commit is tagged or not +GIT_TAG=$(git tag --points-at) +if [ -z "${GIT_TAG}" ]; then + git semver + # Figure out next tag based on commit message + echo "Last commit message: $TRAVIS_COMMIT_MESSAGE" + case "${TRAVIS_COMMIT_MESSAGE}" in + *"[netdata patch release]"*) GIT_TAG="v$(git semver --next-patch)" ;; + *"[netdata minor release]"*) GIT_TAG="v$(git semver --next-minor)" ;; + *"[netdata major release]"*) GIT_TAG="v$(git semver --next-major)" ;; + *) echo "Keyword not detected. Exiting..."; exit 1;; + esac + + # Tag it! + if [ "$GIT_TAG" != "HEAD" ]; then + echo "Assigning a new tag: $GIT_TAG" + embed_version "$GIT_TAG" + git commit -m "[ci skip] release $GIT_TAG" + git tag "$GIT_TAG" -a -m "Automatic tag generation for travis build no. $TRAVIS_BUILD_NUMBER" + git push "https://${GITHUB_TOKEN}:@$(git config --get remote.origin.url | sed -e 's/^https:\/\///')" + git push "https://${GITHUB_TOKEN}:@$(git config --get remote.origin.url | sed -e 's/^https:\/\///')" --tags + fi +else + embed_version "$GIT_TAG" + git commit -m "[ci skip] release $GIT_TAG" + git push "https://${GITHUB_TOKEN}:@$(git config --get remote.origin.url | sed -e 's/^https:\/\///')" +fi diff --git a/.travis/travis_rsa.enc b/.travis/travis_rsa.enc deleted file mode 100644 index 148a425bc4..0000000000 Binary files a/.travis/travis_rsa.enc and /dev/null differ -- cgit v1.2.3