- echo "INFO: Setting artifact variables"
- if [[ -z ${VERSION:-} ]]; then
- VERSION=$(yq -r ".version" "$release_file")
- fi
- if [[ -z ${GIT_TAG:-} ]]; then
- if grep -q "git_tag" "$release_file" ; then
- GIT_TAG=$(yq -r ".git_tag" "$release_file")
- else
- GIT_TAG="$VERSION"
- fi
- fi
- if [[ -z ${REF:-} ]]; then
- REF=$(yq -r ".ref" "$release_file")
- fi
-
- printf "\t%-30s\n" RELEASE_ARTIFACT_INFO:
- printf "\t%-30s %s\n" GERRIT_REF_TO_TAG: "$REF"
- printf "\t%-30s %s\n" VERSION: "$VERSION"
- printf "\t%-30s %s\n" GIT_TAG: "$GIT_TAG"
+ echo "INFO: Setting artifact variables"
+ if [[ -z ${VERSION:-} ]]; then
+ VERSION=$(yq -r ".version" "$release_file")
+ fi
+ if [[ -z ${GIT_TAG:-} ]]; then
+ if grep -q "git_tag" "$release_file" ; then
+ GIT_TAG=$(yq -r ".git_tag" "$release_file")
+ else
+ GIT_TAG="$VERSION"
+ fi
+ fi
+ if [[ -z ${REF:-} ]]; then
+ REF=$(yq -r ".ref" "$release_file")
+ fi
+
+ printf "\t%-30s\n" RELEASE_ARTIFACT_INFO:
+ printf "\t%-30s %s\n" GERRIT_REF_TO_TAG: "$REF"
+ printf "\t%-30s %s\n" VERSION: "$VERSION"
+ printf "\t%-30s %s\n" GIT_TAG: "$GIT_TAG"
release_files=$(git diff-tree -m --no-commit-id -r "$GIT_COMMIT" "$GIT_COMMIT^1" \
--name-only -- "releases/" ".releases/")
if (( $(grep -c . <<<"$release_files") > 1 )); then
release_files=$(git diff-tree -m --no-commit-id -r "$GIT_COMMIT" "$GIT_COMMIT^1" \
--name-only -- "releases/" ".releases/")
if (( $(grep -c . <<<"$release_files") > 1 )); then
- echo "INFO: RELEASE FILES ARE AS FOLLOWS: $release_files"
- echo "ERROR: Adding multiple release files in the same commit"
- echo "ERROR: OR rename/amend/delete of existing files is not supported."
- exit 1
+ echo "INFO: RELEASE FILES ARE AS FOLLOWS: $release_files"
+ echo "ERROR: Adding multiple release files in the same commit"
+ echo "ERROR: OR rename/amend/delete of existing files is not supported."
+ exit 1
if grep -q "container_pull_registry" "$release_file" ; then
CONTAINER_PULL_REGISTRY=$(yq -r ".container_pull_registry" "$release_file")
fi
if grep -q "container_pull_registry" "$release_file" ; then
CONTAINER_PULL_REGISTRY=$(yq -r ".container_pull_registry" "$release_file")
fi
- echo "INFO: Setting packagecloud variables"
- if [[ -z ${VERSION:-} ]]; then
- VERSION=$(yq -r ".version" "$release_file")
- fi
- if [[ -z ${GIT_TAG:-} ]]; then
- if grep -q "git_tag" $release_file ; then
- GIT_TAG=$(yq -r ".git_tag" "$release_file")
- else
- GIT_TAG="$VERSION"
- fi
- fi
- if [[ -z ${LOG_DIR:-} ]]; then
- LOG_DIR=$(yq -r ".log_dir" "$release_file")
- fi
- if [[ -z ${REF:-} ]]; then
- REF=$(yq -r ".ref" "$release_file")
- fi
- if [[ -z ${PACKAGE_NAME:-} ]]; then
- PACKAGE_NAME=$(yq -r ".package_name" "$release_file")
- fi
-
- printf "\t%-30s %s\n" PACKAGE_NAME: "$PACKAGE_NAME"
- printf "\t%-30s %s\n" LOG_DIR: "$LOG_DIR"
- printf "\t%-30s %s\n" LOGS_URL: "$logs_url"
- printf "\t%-30s %s\n" GIT_REF_TO_TAG: "$REF"
- printf "\t%-30s %s\n" VERSION: "$VERSION"
- printf "\t%-30s %s\n" GIT_TAG: "$GIT_TAG"
+ echo "INFO: Setting packagecloud variables"
+ if [[ -z ${VERSION:-} ]]; then
+ VERSION=$(yq -r ".version" "$release_file")
+ fi
+ if [[ -z ${GIT_TAG:-} ]]; then
+ if grep -q "git_tag" $release_file ; then
+ GIT_TAG=$(yq -r ".git_tag" "$release_file")
+ else
+ GIT_TAG="$VERSION"
+ fi
+ fi
+ if [[ -z ${LOG_DIR:-} ]]; then
+ LOG_DIR=$(yq -r ".log_dir" "$release_file")
+ fi
+ if [[ -z ${REF:-} ]]; then
+ REF=$(yq -r ".ref" "$release_file")
+ fi
+ if [[ -z ${PACKAGE_NAME:-} ]]; then
+ PACKAGE_NAME=$(yq -r ".package_name" "$release_file")
+ fi
+
+ printf "\t%-30s %s\n" PACKAGE_NAME: "$PACKAGE_NAME"
+ printf "\t%-30s %s\n" LOG_DIR: "$LOG_DIR"
+ printf "\t%-30s %s\n" LOGS_URL: "$logs_url"
+ printf "\t%-30s %s\n" GIT_REF_TO_TAG: "$REF"
+ printf "\t%-30s %s\n" VERSION: "$VERSION"
+ printf "\t%-30s %s\n" GIT_TAG: "$GIT_TAG"
OVERRIDE_SEMVER_REGEX="${OVERRIDE_SEMVER_REGEX:-None}"
if [[ $OVERRIDE_SEMVER_REGEX == "None" ]]; then
# Use the semver regex taken from https://github.com/fsaintjacques/semver-tool
OVERRIDE_SEMVER_REGEX="${OVERRIDE_SEMVER_REGEX:-None}"
if [[ $OVERRIDE_SEMVER_REGEX == "None" ]]; then
# Use the semver regex taken from https://github.com/fsaintjacques/semver-tool
- semver_regex="^[vV]?(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)(\-(0|[1-9][0-9]*|[0-9]*[A-Za-z-][0-9A-Za-z-]*)(\.(0|[1-9][0-9]*|[0-9]*[A-Za-z-][0-9A-Za-z-]*))*)?(\+[0-9A-Za-z-]+(\.[0-9A-Za-z-]+)*)?$"
+ pat1="(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)"
+ pat2="(0|[1-9][0-9]*|[0-9]*[A-Za-z-][0-9A-Za-z-]*)"
+ pat3="(\+[0-9A-Za-z-]+(\.[0-9A-Za-z-]+)*)"
+ semver_regex="^[vV]?${pat1}(\-${pat2}(\.${pat2})*)?${pat3}?$"
wget "${path}"/"${name}" -o artifacts/"${name}"
if [[ "$JOB_NAME" =~ "merge" ]] && [[ "$DRY_RUN" = false ]]; then
#lftools sign sigul artifacts
wget "${path}"/"${name}" -o artifacts/"${name}"
if [[ "$JOB_NAME" =~ "merge" ]] && [[ "$DRY_RUN" = false ]]; then
#lftools sign sigul artifacts
- curl -v -u <NEXUSUSER>:<NEXUSPASS> --upload-file "${NEXUS_URL}"/content/repositories/releases/org/"${ORG}"/"${VERSION}"/"${name}" \;
+ # shellcheck disable=SC2261
+ curl -v -u <NEXUSUSER>:<NEXUSPASS> --upload-file \
+ "${NEXUS_URL}"/content/repositories/releases/org/"${ORG}"/"${VERSION}"/"${name}" \;
echo "docker tag $container_image_id $CONTAINER_PUSH_REGISTRY/$lfn_umbrella/$name:$VERSION"
echo "docker push $CONTAINER_PUSH_REGISTRY/$lfn_umbrella/$name:$VERSION"
if [[ "$JOB_NAME" =~ "merge" ]]; then
echo "docker tag $container_image_id $CONTAINER_PUSH_REGISTRY/$lfn_umbrella/$name:$VERSION"
echo "docker push $CONTAINER_PUSH_REGISTRY/$lfn_umbrella/$name:$VERSION"
if [[ "$JOB_NAME" =~ "merge" ]]; then
docker tag "$container_image_id" "$CONTAINER_PUSH_REGISTRY"/"$lfn_umbrella"/"$name":"$VERSION"
docker push "$CONTAINER_PUSH_REGISTRY"/"$lfn_umbrella"/"$name":"$VERSION"
docker tag "$container_image_id" "$CONTAINER_PUSH_REGISTRY"/"$lfn_umbrella"/"$name":"$VERSION"
docker push "$CONTAINER_PUSH_REGISTRY"/"$lfn_umbrella"/"$name":"$VERSION"
+ image_sha=$(docker images --no-trunc --quiet \
+ "$CONTAINER_PUSH_REGISTRY"/"$lfn_umbrella"/"$name":"$VERSION")
+ image_digest="$CONTAINER_PUSH_REGISTRY/$lfn_umbrella/$name@$image_sha"
+ cosign sign -y --key "$COSIGN_PRIVATE_KEY" "$image_digest"
- git checkout "$(awk '{print $NF}' "$PATCH_DIR/taglist.log")"
+
+ # compare if the commit sha1 from taglist is the same origin/${GERRIT_BRANCH}
+ # ensure that the tag lands on the target branch
+ # forward from the tagging point, then a spur commit is created
+ # for the tag
+ taghash="$(awk '{print $NF}' "$PATCH_DIR/taglist.log")"
+ # shellcheck disable=SC2046
+ if [ "${taghash}" = $(git rev-parse "origin/${GERRIT_BRANCH}") ]; then
+ git checkout "origin/${GERRIT_BRANCH}"
+ # sentinal file
+ touch .testhash
+ else
+ git checkout "${taghash}"
+ fi
+
#Run the loop twice, to catch errors on either nexus repo
if [[ "$JOB_NAME" =~ "merge" ]] && [[ "$DRY_RUN" = false ]]; then
for staging_url in $(zcat "$PATCH_DIR"/staging-repo.txt.gz | awk -e '{print $2}'); do
#Run the loop twice, to catch errors on either nexus repo
if [[ "$JOB_NAME" =~ "merge" ]] && [[ "$DRY_RUN" = false ]]; then
for staging_url in $(zcat "$PATCH_DIR"/staging-repo.txt.gz | awk -e '{print $2}'); do
- NEXUS_URL=$(echo "$staging_url" | sed -e 's|^[^/]*//||' -e 's|/.*$||')
- STAGING_REPO=${staging_url#*repositories/}
- echo "INFO: Promoting $STAGING_REPO on $NEXUS_URL."
- lftools nexus release --server https://"$NEXUS_URL" "$STAGING_REPO"
+ NEXUS_URL=$(echo "$staging_url" | sed -e 's|^[^/]*//||' -e 's|/.*$||')
+ STAGING_REPO=${staging_url#*repositories/}
+ echo "INFO: Promoting $STAGING_REPO on $NEXUS_URL."
+ lftools nexus release --server https://"$NEXUS_URL" "$STAGING_REPO"