From d8132fcc73ae0b7b06ae7f3fc7184558a7df02dc Mon Sep 17 00:00:00 2001 From: Paul Saunders Date: Wed, 12 Sep 2018 12:31:11 +0100 Subject: [PATCH 1/3] Saves additional metadata in files in the .git directory * Additional files are: * branch <- the name of the branch that the MR has come from * project_id <- the uri of the repo * commit_sha <- the sha of the commit This is useful information for tools like SonarQube, and in addition keeps the metadata of the MR check, in, and out consistent with reality. --- scripts/check | 10 +++++++--- scripts/in | 7 +++++++ scripts/out | 3 ++- 3 files changed, 16 insertions(+), 4 deletions(-) diff --git a/scripts/check b/scripts/check index 09484de..e68ce73 100755 --- a/scripts/check +++ b/scripts/check @@ -20,6 +20,7 @@ uri="$(jq -r '.source.uri // ""' < "${payload}")" private_token="$(jq -r '.source.private_token // ""' < "${payload}")" no_ssl="$(jq -r '.source.no_ssl // ""' < "${payload}")" version_sha="$(jq -r '.version.sha // ""' < "${payload}")" +branch="$(jq -r '.version.branch // ""' < "${payload}")" if [[ "${uri}" == *"git@"* ]]; then gitlab_host="$(echo "${uri}" | sed -rn 's/.*git@(.*):([0-9]*\/+)?(.*)\.git/\1/p')" @@ -43,19 +44,22 @@ if [ ! -z "${version_sha}" ]; then | jq '.committed_date|.[:19]|strptime("%Y-%m-%dT%H:%M:%S")|mktime')" fi -open_mrs="$(curl -s -H "private-token: ${private_token}" "${protocol}://${gitlab_host}/api/v4/projects/$(urlencode "${project_path}")/merge_requests?state=opened&order_by=updated_at")" +open_mrs="$(curl -s -H "private-token: ${private_token}" "${protocol}://${gitlab_host}/api/v4/projects/$(urlencode "${project_path}")/merge_requests?state=opened&order_by=updated_at&work_in_progress=false")" num_mrs="$(echo "${open_mrs}" | jq 'length')" new_versions='' for i in $(seq 0 $((num_mrs - 1))); do mr="$(echo "${open_mrs}" | jq -r '.['"$i"']')" + mr_target_branch="$(echo "${mr}" | jq -r '.target_branch')" + mr_wip="$(echo "${mr}" | jq -r '.work_in_progress')" mr_sha="$(echo "${mr}" | jq -r '.sha')" + mr_branch="$(echo "${mr}" | jq -r '.source_branch')" if [ "${mr_sha}" != "null" ]; then mr_updated_at="$(curl -s -H "private-token: ${private_token}" "${protocol}://${gitlab_host}/api/v4/projects/$(urlencode "${project_path}")/repository/commits/${mr_sha}" \ | jq '.committed_date|.[:19]|strptime("%Y-%m-%dT%H:%M:%S")|mktime')" if [ "${mr_updated_at}" -gt "${version_updated_at}" ] || [ -z "${version_sha}" ]; then - new_versions="${new_versions},{\"sha\":\"${mr_sha}\"}" + new_versions="${new_versions},{\"sha\":\"${mr_sha}\", \"branch\":\"${mr_branch}\"}" fi fi done @@ -64,7 +68,7 @@ new_versions="${new_versions#','}" # remove trailing comma new_versions="[${new_versions}]" # make JSON array if [ "${new_versions}" == '[]' ] && ! [ -z "${version_sha}" ]; then - new_versions="[{\"sha\":\"${version_sha}\"}]" + new_versions="[{\"sha\":\"${version_sha}\", \"branch\":\"${branch}\"}]" fi jq -n "${new_versions}" >&3 diff --git a/scripts/in b/scripts/in index 8fe0fd6..0ddcafd 100755 --- a/scripts/in +++ b/scripts/in @@ -28,7 +28,9 @@ username="$(jq -r '.source.username // ""' < "${payload}")" password="$(jq -r '.source.password // ""' < "${payload}")" private_key="$(jq -r '.source.private_key // ""' < "${payload}")" version="$(jq -r '.version // ""' < "${payload}")" + commit_sha="$(echo "${version}" | jq -r '.sha // ""')" +branch="$(echo "${version}" | jq -r '.branch // ""')" if [[ ! -z "${private_key}" ]]; then gitlab_host="$(echo "${uri}" | sed -rn 's/.*git@(.*):([0-9]*\/+)?(.*)\.git/\1/p')" @@ -53,6 +55,11 @@ git clone "${uri}" "${destination}" cd "${destination}" +echo "${branch}" >.git/branch +echo "${commit_sha}" >.git/commit_sha +echo "${uri}" >.git/project_id + +git checkout ${branch} git reset --hard "${commit_sha}" jq -n "{ diff --git a/scripts/out b/scripts/out index 227ec5f..828b70d 100755 --- a/scripts/out +++ b/scripts/out @@ -64,6 +64,7 @@ cd "${destination}" cd "${path_to_repo}" commit_sha="$(git rev-parse HEAD)" +branch="$(cat .git/branch)" curl \ --request POST \ @@ -72,7 +73,7 @@ curl \ --data "{\"state\":\"${new_status}\",\"name\":\"${build_label}\",\"target_url\":\"${target_url}\"}" \ "${protocol}://${gitlab_host}/api/v4/projects/$(urlencode "${project_path}")/statuses/${commit_sha}" -version="{\"sha\":\"${commit_sha}\"}" +version="{\"sha\":\"${commit_sha}\", \"branch\":\"${branch}\"}" jq -n "{ version: ${version}, From c643ed155f221b0c6370313086705a4c38761855 Mon Sep 17 00:00:00 2001 From: Paul Saunders Date: Sat, 30 May 2020 17:25:47 +0100 Subject: [PATCH 2/3] DEVOPS-596: Fixes invalid certificate problem with expired certs. Signed-off-by: Paul Saunders --- Dockerfile | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Dockerfile b/Dockerfile index fd53295..8fefd9c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,3 +2,7 @@ FROM concourse/buildroot:git COPY scripts/ /opt/resource/ RUN chmod +x /opt/resource/* + +# DEVOPS-596 - removes AddTrust certificates from /etc/ssl/certs as they have expired and +# directly impact our gitlab server. +RUN rm -f /etc/ssl/certs/AddTrust_* From 85609a42a1a9344cfc72447c070fa7b3ab2d5533 Mon Sep 17 00:00:00 2001 From: Paul Saunders Date: Wed, 1 Jul 2020 10:36:15 +0100 Subject: [PATCH 3/3] DEVOPS-756: Fixes url to exclude WIP. Ignores anything not targeting master and that can't be merged. Signed-off-by: Paul Saunders --- scripts/check | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/check b/scripts/check index e68ce73..94a06ff 100755 --- a/scripts/check +++ b/scripts/check @@ -44,7 +44,7 @@ if [ ! -z "${version_sha}" ]; then | jq '.committed_date|.[:19]|strptime("%Y-%m-%dT%H:%M:%S")|mktime')" fi -open_mrs="$(curl -s -H "private-token: ${private_token}" "${protocol}://${gitlab_host}/api/v4/projects/$(urlencode "${project_path}")/merge_requests?state=opened&order_by=updated_at&work_in_progress=false")" +open_mrs="$(curl -s -H "private-token: ${private_token}" "${protocol}://${gitlab_host}/api/v4/projects/$(urlencode "${project_path}")/merge_requests?state=opened&order_by=updated_at&wip=no" | jq '[ .[] | select (.target_branch == "master") | select(.merge_status=="can_be_merged")]')" num_mrs="$(echo "${open_mrs}" | jq 'length')" new_versions=''