Created
November 1, 2019 17:19
-
-
Save Aricg/5f47317d0be0cf158187e0a6cb77bbe7 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash -l | |
# SPDX-License-Identifier: EPL-1.0 | |
############################################################################## | |
# Copyright (c) 2018 The Linux Foundation and others. | |
# | |
# All rights reserved. This program and the accompanying materials | |
# are made available under the terms of the Eclipse Public License v1.0 | |
# which accompanies this distribution, and is available at | |
# http://www.eclipse.org/legal/epl-v10.html | |
############################################################################## | |
set -euo pipefail | |
TMP_WORKSPACE="${OPTARG:-/tmp/}" | |
parent="${OPTARG:-All-Projects}" | |
ENABLE_REPLICATION=false | |
sanity_checks () { | |
echo gerrit url="$project" | |
echo new repo name="$repository" | |
echo parent="$parent" | |
if [[ $(ssh -p 29418 "$user"@"$project" gerrit version) ]]; | |
then | |
echo "connected to Gerrit" | |
else | |
echo "cannot connect to Gerrit" | |
exit 1 | |
fi | |
# shellcheck disable=SC2029 | |
if ! $ENABLE_REPLICATION; then | |
ssh -p 29418 "$user"@"$project" gerrit set-project "$repository" &> /dev/null && \ | |
echo "$repository Already exists, cannot create exiting" && exit 1 | |
fi | |
#Exit if ldap group does not exist | |
#lftools must be configured and lfservices_releng member must be added to group. | |
echo "Checking that ldapgroup=$ldapgroup exists" | |
check_ldap="$(lftools lfidapi search-members "$ldapgroup")" | |
if [[ -z "$check_ldap" ]]; then | |
echo "ldap group is empty or does not exist." | |
exit 1 | |
fi | |
repodashed="$(echo "$repository" | sed -e 's/\//-/g')" | |
gerrit_name="$(echo "$project" | awk -F"." '{print $2}')" | |
if $ENABLE_REPLICATION; then | |
if git ls-remote git@github.com:"$gerrit_name"/"$repodashed".git HEAD &> /dev/null; then | |
echo "PASS $gerrit_name $repository exists in Github" | |
else | |
echo "FAIL $gerrit_name $repository does not exist in Github" | |
exit 1 | |
fi | |
fi | |
} | |
movetoworkspace () { | |
if ! [[ -d "$TMP_WORKSPACE" ]]; then | |
echo "$TMP_WORKSPACE" | |
mkdir -p "$TMP_WORKSPACE" | |
else | |
echo "$TMP_WORKSPACE already exists" | |
fi | |
cd "$TMP_WORKSPACE" | |
} | |
create_repo () { | |
echo "Creating repository $repository" | |
# shellcheck disable=SC2029 | |
if [[ $parent == "All-Projects" ]]; then | |
ssh -p 29418 "$user"@"$project" "gerrit create-project $repository --empty-commit --parent $parent --owner ldap/$ldapgroup" | |
else | |
ssh -p 29418 "$user"@"$project" "gerrit create-project $repository --empty-commit --parent $parent" | |
fi | |
} | |
clone_repo() { | |
movetoworkspace | |
if ! [[ -d "$repository" ]]; | |
then | |
git clone ssh://"$user"@"$project":29418/"$repository" "$repository" &> /dev/null | |
cd "$repository" | |
fi | |
} | |
create_groups_file () { | |
cd "$TMP_WORKSPACE"/"$repository" | |
git fetch origin refs/meta/config &> /dev/null && git checkout FETCH_HEAD &> /dev/null | |
#get uuid for for GitHub users into groups file | |
ssh -p 29418 "$user"@"$project" gerrit ls-groups --verbose \ | |
| grep "GitHub\ Replication"\ | |
| awk '{print $3"\t"$1,$2}' > groups.tmp | |
if [[ $parent == "All-Projects" ]]; then | |
printf "global:Registered-Users\tRegistered Users\n\ | |
ldap:cn=%s,ou=Groups,dc=freestandards,dc=org\tldap/%s\n" "$ldapgroup" "$ldapgroup"\ | |
>> groups.tmp | |
else | |
printf "global:Registered-Users\tRegistered Users\n" >> groups.tmp | |
fi | |
echo "groups file:" | |
echo "" | |
cat groups.tmp | |
touch groups | |
if diff groups groups.tmp; then | |
echo groups file already configured not pushing | |
rm groups.tmp | |
else | |
mv groups.tmp groups | |
git add groups | |
git commit -sv -m "Creating groups file" &> /dev/null | |
if git push origin HEAD:refs/meta/config &> /dev/null; then | |
echo "git push for groups file succeeded" | |
else | |
echo "git push for groups file failed" | |
exit 1 | |
fi | |
fi | |
} | |
add_gitreview () { | |
cd "$TMP_WORKSPACE"/"$repository" | |
if ! git reset --hard origin/master &> /dev/null; then | |
echo "git reset failed" | |
exit 1 | |
fi | |
has_gitreview="$(git ls-files .gitreview)" | |
if [[ -z $has_gitreview ]]; then | |
printf "[gerrit]\n\ | |
host=%s\n\ | |
port=29418\n\ | |
project=%s.git\n\ | |
defaultbranch=master\n" "$project" "$repository" > .gitreview | |
git add .gitreview | |
git commit -sv -m "Forcing .gitreview into repo" | |
if git push ssh://"$user"@"$project":29418/"$repository" HEAD:refs/heads/master &> /dev/null; then | |
echo "git push of .gitreview succeeded" | |
else | |
echo "git push of .gitreview failed" | |
echo "Admins do not have push on refs/heads" | |
exit 1 | |
fi | |
else | |
echo "Repo Already has a .gitreview" | |
fi | |
} | |
enable_github_replication () { | |
cd "$TMP_WORKSPACE"/"$repository" | |
git fetch origin refs/meta/config &> /dev/null && git checkout FETCH_HEAD &> /dev/null | |
git config --replace -f project.config 'access.refs/*.read' "group GitHub Replication" | |
echo "project.config:" | |
echo "" | |
cat project.config | |
git add project.config | |
git commit -sv -m "Pushing $repository project.config" | |
if git push origin HEAD:refs/meta/config &> /dev/null; then | |
echo "git push for $repository refs meta config succeeded" | |
else | |
echo "git push for $repository refs meta config failed" | |
exit 1 | |
fi | |
echo "Starting replication" | |
echo "If this hangs, you need to give the replication group in" | |
echo "github write access to the repository" | |
ssh -p 29418 "$user"@"$project" "replication start --wait $repository" | |
} | |
usage() { | |
cat << EOF | |
"$0": Creates a repository and sets up the permissions. | |
usage: $0 [OPTIONS] | |
-h Show this message | |
-s server fqdn eg: gerrit.localhost | |
-o owner eg: ldap group | |
-r repository name | |
-u ssh user name | |
-p parent Default: All-Projects | |
-w workspace to do clones etc. (must not be in a git repo) | |
Default is /tmp/ | |
-e enable replication to github (must = True) | |
example: $(basename "$0") -s gerrit.localhost -o project-gerrit-group-committers -r reponame -u lfid | |
EOF | |
exit 1 | |
} | |
# shellcheck disable=SC2199 | |
[[ -z "$@" ]] && usage | |
while getopts "s:o:r:u:p:w:eh" OPTION | |
do | |
case $OPTION in | |
s ) project="$OPTARG" ;; | |
o ) ldapgroup="$OPTARG" ;; | |
r ) repository="$OPTARG" ;; | |
u ) user="$OPTARG" ;; | |
p ) parent="$OPTARG" ;; | |
w ) TMP_WORKSPACE="$OPTARG" ;; | |
e ) ENABLE_REPLICATION=true ;; | |
h ) usage; exit;; | |
\? ) echo "Unknown option: -$OPTARG" >&2; exit 1;; | |
esac | |
done | |
if $ENABLE_REPLICATION; then | |
sanity_checks | |
clone_repo | |
enable_github_replication | |
else | |
sanity_checks | |
create_repo | |
clone_repo | |
create_groups_file | |
add_gitreview | |
fi | |
echo "Repo Created and Configured" | |
echo gerrit="$project" | |
echo ldapgroup="$ldapgroup" | |
echo repository="$repository" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment