From 4599be66bcc9eb8270ae1566ad28374d4c6ddd08 Mon Sep 17 00:00:00 2001 From: Jessica Wagantall Date: Thu, 27 Jun 2019 18:17:24 -0700 Subject: [PATCH] Fix release-job.sh version var Allow only semantic release versions like "v${SEMVER}" or "${SEMVER}". Fail the script if the version is not valid. Do not append any additional characters to the release version during tagging and pushing steps. In this case, if the user wants to use the prefixed "v", they can define it in the releases/*.yaml as: version: 'v1.0.0' Issue: RELENG-2131 Change-Id: I71f32600d3e17ec117776be6764c2e45ee934bdd Signed-off-by: Jessica Wagantall --- .../notes/fix_release_version_job-19f00b3c9b67c8c6.yaml | 7 +++++++ shell/release-job.sh | 16 +++++++++++++--- 2 files changed, 20 insertions(+), 3 deletions(-) create mode 100644 releasenotes/notes/fix_release_version_job-19f00b3c9b67c8c6.yaml diff --git a/releasenotes/notes/fix_release_version_job-19f00b3c9b67c8c6.yaml b/releasenotes/notes/fix_release_version_job-19f00b3c9b67c8c6.yaml new file mode 100644 index 00000000..47529aee --- /dev/null +++ b/releasenotes/notes/fix_release_version_job-19f00b3c9b67c8c6.yaml @@ -0,0 +1,7 @@ +--- +fixes: + - | + Allow only semantic release versions like "v${SEMVER}" or "${SEMVER}". + Fail the script if the version is not valid. + Do not append any additional characters to the release version during + tag and push steps. diff --git a/shell/release-job.sh b/shell/release-job.sh index 88b285c4..96ccffbf 100644 --- a/shell/release-job.sh +++ b/shell/release-job.sh @@ -85,11 +85,21 @@ for release_file in $release_files; do cat "$PATCH_DIR"/taglist.log popd + # Verify allowed versions + # Allowed versions are "v#.#.#" or "#.#.#" aka SemVer + allowed_version_regex="^((v?)([0-9]+)\.([0-9]+)\.([0-9]+))$" + if [[ ! $VERSION =~ $allowed_version_regex ]]; then + echo "The version $VERSION is not a semantic valid version" + echo "Allowed versions are "v#.#.#" or "#.#.#" aka SemVer" + echo "See https://semver.org/ for more details on SemVer" + exit 1 + fi + git checkout "$(awk '{print $NF}' "$PATCH_DIR/taglist.log")" git fetch "$PATCH_DIR/$PROJECT.bundle" git merge --ff-only FETCH_HEAD - git tag -am "$PROJECT $VERSION" "v$VERSION" - sigul --batch -c "$SIGUL_CONFIG" sign-git-tag "$SIGUL_KEY" v"$VERSION" < "$SIGUL_PASSWORD" + git tag -am "$PROJECT $VERSION" "$VERSION" + sigul --batch -c "$SIGUL_CONFIG" sign-git-tag "$SIGUL_KEY" "$VERSION" < "$SIGUL_PASSWORD" echo "Showing latest signature for $PROJECT:" git log --show-signature -n1 @@ -97,7 +107,7 @@ for release_file in $release_files; do ########## Merge Part ############## if [[ "$JOB_NAME" =~ "merge" ]]; then echo "Running merge" - git push origin "v$VERSION" + git push origin "$VERSION" lftools nexus release --server "$NEXUS_URL" "$STAGING_REPO" if [ "${MAVEN_CENTRAL_URL}" == 'None' ]; then echo "No Maven central url specified, not pushing to maven central" -- 2.16.6