14285: Add token middleware. Require management token for metrics.
[arvados.git] / build / run-library.sh
1 #!/bin/bash -xe
2 # Copyright (C) The Arvados Authors. All rights reserved.
3 #
4 # SPDX-License-Identifier: AGPL-3.0
5
6 # A library of functions shared by the various scripts in this directory.
7
8 # This is the timestamp about when we merged changed to include licenses
9 # with Arvados packages.  We use it as a heuristic to add revisions for
10 # older packages.
11 LICENSE_PACKAGE_TS=20151208015500
12
13 if [[ -z "$ARVADOS_BUILDING_VERSION" ]]; then
14     RAILS_PACKAGE_ITERATION=8
15 else
16     RAILS_PACKAGE_ITERATION="$ARVADOS_BUILDING_ITERATION"
17 fi
18
19 debug_echo () {
20     echo "$@" >"$STDOUT_IF_DEBUG"
21 }
22
23 find_python_program() {
24     prog="$1"
25     shift
26     for prog in "$@"; do
27         if "$prog" --version >/dev/null 2>&1; then
28             echo "$prog"
29             return 0
30         fi
31     done
32     cat >&2 <<EOF
33 $helpmessage
34
35 Error: $prog (from Python setuptools module) not found
36
37 EOF
38     exit 1
39 }
40
41 format_last_commit_here() {
42     local format="$1"; shift
43     TZ=UTC git log -n1 --first-parent "--format=format:$format" .
44 }
45
46 version_from_git() {
47     # Output the version being built, or if we're building a
48     # dev/prerelease, output a version number based on the git log for
49     # the current working directory.
50     if [[ -n "$ARVADOS_BUILDING_VERSION" ]]; then
51         echo "$ARVADOS_BUILDING_VERSION"
52         return
53     fi
54
55     local git_ts git_hash prefix
56     if [[ -n "$1" ]] ; then
57         prefix="$1"
58     else
59         prefix="0.1"
60     fi
61
62     declare $(format_last_commit_here "git_ts=%ct git_hash=%h")
63     ARVADOS_BUILDING_VERSION="$(git describe --abbrev=0).$(date -ud "@$git_ts" +%Y%m%d%H%M%S)"
64     echo "$ARVADOS_BUILDING_VERSION"
65 }
66
67 nohash_version_from_git() {
68     if [[ -n "$ARVADOS_BUILDING_VERSION" ]]; then
69         echo "$ARVADOS_BUILDING_VERSION"
70         return
71     fi
72     version_from_git $1 | cut -d. -f1-4
73 }
74
75 timestamp_from_git() {
76     format_last_commit_here "%ct"
77 }
78
79 handle_python_package () {
80   # This function assumes the current working directory is the python package directory
81   if [ -n "$(find dist -name "*-$(nohash_version_from_git).tar.gz" -print -quit)" ]; then
82     # This package doesn't need rebuilding.
83     return
84   fi
85   # Make sure only to use sdist - that's the only format pip can deal with (sigh)
86   python setup.py $DASHQ_UNLESS_DEBUG sdist
87 }
88
89 handle_ruby_gem() {
90     local gem_name="$1"; shift
91     local gem_version="$(nohash_version_from_git)"
92     local gem_src_dir="$(pwd)"
93
94     if [[ -n "$ONLY_BUILD" ]] && [[ "$gem_name" != "$ONLY_BUILD" ]] ; then
95         return 0
96     fi
97
98     if ! [[ -e "${gem_name}-${gem_version}.gem" ]]; then
99         find -maxdepth 1 -name "${gem_name}-*.gem" -delete
100
101         # -q appears to be broken in gem version 2.2.2
102         $GEM build "$gem_name.gemspec" $DASHQ_UNLESS_DEBUG >"$STDOUT_IF_DEBUG" 2>"$STDERR_IF_DEBUG"
103     fi
104 }
105
106 # Usage: package_go_binary services/foo arvados-foo "Compute foo to arbitrary precision"
107 package_go_binary() {
108     local src_path="$1"; shift
109     local prog="$1"; shift
110     local description="$1"; shift
111     local license_file="${1:-agpl-3.0.txt}"; shift
112
113     if [[ -n "$ONLY_BUILD" ]] && [[ "$prog" != "$ONLY_BUILD" ]] ; then
114         return 0
115     fi
116
117     debug_echo "package_go_binary $src_path as $prog"
118
119     local basename="${src_path##*/}"
120
121     mkdir -p "$GOPATH/src/git.curoverse.com"
122     ln -sfn "$WORKSPACE" "$GOPATH/src/git.curoverse.com/arvados.git"
123     (cd "$GOPATH/src/git.curoverse.com/arvados.git" && "$GOPATH/bin/govendor" sync -v)
124
125     cd "$GOPATH/src/git.curoverse.com/arvados.git/$src_path"
126     local version="$(version_from_git)"
127     local timestamp="$(timestamp_from_git)"
128
129     # Update the version number and build a new package if the vendor
130     # bundle has changed, or the command imports anything from the
131     # Arvados SDK and the SDK has changed.
132     declare -a checkdirs=(vendor)
133     if grep -qr git.curoverse.com/arvados .; then
134         checkdirs+=(sdk/go lib)
135     fi
136     for dir in ${checkdirs[@]}; do
137         cd "$GOPATH/src/git.curoverse.com/arvados.git/$dir"
138         ts="$(timestamp_from_git)"
139         if [[ "$ts" -gt "$timestamp" ]]; then
140             version=$(version_from_git)
141             timestamp="$ts"
142         fi
143     done
144
145     cd $WORKSPACE/packages/$TARGET
146     test_package_presence $prog $version go
147
148     if [[ "$?" != "0" ]]; then
149       return 1
150     fi
151
152     go get -ldflags "-X main.version=${version}" "git.curoverse.com/arvados.git/$src_path"
153
154     local -a switches=()
155     systemd_unit="$WORKSPACE/${src_path}/${prog}.service"
156     if [[ -e "${systemd_unit}" ]]; then
157         switches+=(
158             --after-install "${WORKSPACE}/build/go-python-package-scripts/postinst"
159             --before-remove "${WORKSPACE}/build/go-python-package-scripts/prerm"
160             "${systemd_unit}=/lib/systemd/system/${prog}.service")
161     fi
162     switches+=("$WORKSPACE/${license_file}=/usr/share/doc/$prog/${license_file}")
163
164     fpm_build "$GOPATH/bin/${basename}=/usr/bin/${prog}" "${prog}" 'Curoverse, Inc.' dir "${version}" "--url=https://arvados.org" "--license=GNU Affero General Public License, version 3.0" "--description=${description}" "${switches[@]}"
165 }
166
167 default_iteration() {
168     if [[ -n "$ARVADOS_BUILDING_VERSION" ]]; then
169         echo "$ARVADOS_BUILDING_ITERATION"
170         return
171     fi
172     local package_name="$1"; shift
173     local package_version="$1"; shift
174     local package_type="$1"; shift
175     local iteration=1
176     if [[ $package_version =~ ^0\.1\.([0-9]{14})(\.|$) ]] && \
177            [[ ${BASH_REMATCH[1]} -le $LICENSE_PACKAGE_TS ]]; then
178         iteration=2
179     fi
180     if [[ $package_type =~ ^python ]]; then
181       # Fix --iteration for #9242.
182       iteration=2
183     fi
184     echo $iteration
185 }
186
187 _build_rails_package_scripts() {
188     local pkgname="$1"; shift
189     local destdir="$1"; shift
190     local srcdir="$RUN_BUILD_PACKAGES_PATH/rails-package-scripts"
191     for scriptname in postinst prerm postrm; do
192         cat "$srcdir/$pkgname.sh" "$srcdir/step2.sh" "$srcdir/$scriptname.sh" \
193             >"$destdir/$scriptname" || return $?
194     done
195 }
196
197 test_rails_package_presence() {
198   local pkgname="$1"; shift
199   local srcdir="$1"; shift
200
201   if [[ -n "$ONLY_BUILD" ]] && [[ "$pkgname" != "$ONLY_BUILD" ]] ; then
202     return 1
203   fi
204
205   tmppwd=`pwd`
206
207   cd $srcdir
208
209   local version="$(version_from_git)"
210
211   cd $tmppwd
212
213   test_package_presence $pkgname $version rails "$RAILS_PACKAGE_ITERATION"
214 }
215
216 test_package_presence() {
217     local pkgname="$1"; shift
218     local version="$1"; shift
219     local pkgtype="$1"; shift
220     local iteration="$1"; shift
221     local arch="$1"; shift
222
223     if [[ -n "$ONLY_BUILD" ]] && [[ "$pkgname" != "$ONLY_BUILD" ]] ; then
224         return 1
225     fi
226
227     if [[ "$iteration" == "" ]]; then
228         iteration="$(default_iteration "$pkgname" "$version" "$pkgtype")"
229     fi
230
231     if [[ "$arch" == "" ]]; then
232       rpm_architecture="x86_64"
233       deb_architecture="amd64"
234
235       if [[ "$pkgtype" =~ ^(python|python3)$ ]]; then
236         rpm_architecture="noarch"
237         deb_architecture="all"
238       fi
239
240       if [[ "$pkgtype" =~ ^(src)$ ]]; then
241         rpm_architecture="noarch"
242         deb_architecture="all"
243       fi
244
245       # These python packages have binary components
246       if [[ "$pkgname" =~ (ruamel|ciso|pycrypto|pyyaml) ]]; then
247         rpm_architecture="x86_64"
248         deb_architecture="amd64"
249       fi
250     else
251       rpm_architecture=$arch
252       deb_architecture=$arch
253     fi
254
255     if [[ "$FORMAT" == "deb" ]]; then
256         local complete_pkgname="${pkgname}_$version${iteration:+-$iteration}_$deb_architecture.deb"
257     else
258         # rpm packages get iteration 1 if we don't supply one
259         iteration=${iteration:-1}
260         local complete_pkgname="$pkgname-$version-${iteration}.$rpm_architecture.rpm"
261     fi
262
263     # See if we can skip building the package, only if it already exists in the
264     # processed/ directory. If so, move it back to the packages directory to make
265     # sure it gets picked up by the test and/or upload steps.
266     # Get the list of packages from the repos
267
268     if [[ "$FORMAT" == "deb" ]]; then
269       debian_distros="jessie precise stretch trusty wheezy xenial bionic"
270
271       for D in ${debian_distros}; do
272         if [ ${pkgname:0:3} = "lib" ]; then
273           repo_subdir=${pkgname:0:4}
274         else
275           repo_subdir=${pkgname:0:1}
276         fi
277
278         repo_pkg_list=$(curl -s -o - http://apt.arvados.org/pool/${D}/main/${repo_subdir}/)
279         echo ${repo_pkg_list} |grep -q ${complete_pkgname}
280         if [ $? -eq 0 ] ; then
281           echo "Package $complete_pkgname exists, not rebuilding!"
282           curl -o ./${complete_pkgname} http://apt.arvados.org/pool/${D}/main/${repo_subdir}/${complete_pkgname}
283           return 1
284         elif test -f "$WORKSPACE/packages/$TARGET/processed/${complete_pkgname}" ; then
285           echo "Package $complete_pkgname exists, not rebuilding!"
286           return 1
287         else
288           echo "Package $complete_pkgname not found, building"
289           return 0
290         fi
291       done
292     else
293       centos_repo="http://rpm.arvados.org/CentOS/7/dev/x86_64/"
294
295       repo_pkg_list=$(curl -o - ${centos_repo})
296       echo ${repo_pkg_list} |grep -q ${complete_pkgname}
297       if [ $? -eq 0 ]; then
298         echo "Package $complete_pkgname exists, not rebuilding!"
299         curl -o ./${complete_pkgname} ${centos_repo}${complete_pkgname}
300         return 1
301       else
302         echo "Package $complete_pkgname not found, building"
303         return 0
304       fi
305     fi
306 }
307
308 handle_rails_package() {
309     local pkgname="$1"; shift
310
311     if [[ -n "$ONLY_BUILD" ]] && [[ "$pkgname" != "$ONLY_BUILD" ]] ; then
312         return 0
313     fi
314     local srcdir="$1"; shift
315     cd "$srcdir"
316     local license_path="$1"; shift
317     local version="$(version_from_git)"
318     echo "$version" >package-build.version
319     local scripts_dir="$(mktemp --tmpdir -d "$pkgname-XXXXXXXX.scripts")" && \
320     (
321         set -e
322         _build_rails_package_scripts "$pkgname" "$scripts_dir"
323         cd "$srcdir"
324         mkdir -p tmp
325         git rev-parse HEAD >git-commit.version
326         bundle package --all
327     )
328     if [[ 0 != "$?" ]] || ! cd "$WORKSPACE/packages/$TARGET"; then
329         echo "ERROR: $pkgname package prep failed" >&2
330         rm -rf "$scripts_dir"
331         EXITCODE=1
332         return 1
333     fi
334     local railsdir="/var/www/${pkgname%-server}/current"
335     local -a pos_args=("$srcdir/=$railsdir" "$pkgname" "Curoverse, Inc." dir "$version")
336     local license_arg="$license_path=$railsdir/$(basename "$license_path")"
337     local -a switches=(--after-install "$scripts_dir/postinst"
338                        --before-remove "$scripts_dir/prerm"
339                        --after-remove "$scripts_dir/postrm")
340     if [[ -z "$ARVADOS_BUILDING_VERSION" ]]; then
341         switches+=(--iteration $RAILS_PACKAGE_ITERATION)
342     fi
343     # For some reason fpm excludes need to not start with /.
344     local exclude_root="${railsdir#/}"
345     # .git and packages are for the SSO server, which is built from its
346     # repository root.
347     local -a exclude_list=(.git packages tmp log coverage Capfile\* \
348                            config/deploy\* config/application.yml)
349     # for arvados-workbench, we need to have the (dummy) config/database.yml in the package
350     if  [[ "$pkgname" != "arvados-workbench" ]]; then
351       exclude_list+=('config/database.yml')
352     fi
353     for exclude in ${exclude_list[@]}; do
354         switches+=(-x "$exclude_root/$exclude")
355     done
356     fpm_build "${pos_args[@]}" "${switches[@]}" \
357               -x "$exclude_root/vendor/cache-*" \
358               -x "$exclude_root/vendor/bundle" "$@" "$license_arg"
359     rm -rf "$scripts_dir"
360 }
361
362 # Build packages for everything
363 fpm_build () {
364   # The package source.  Depending on the source type, this can be a
365   # path, or the name of the package in an upstream repository (e.g.,
366   # pip).
367   PACKAGE=$1
368   shift
369   # The name of the package to build.
370   PACKAGE_NAME=$1
371   shift
372   # Optional: the vendor of the package.  Should be "Curoverse, Inc." for
373   # packages of our own software.  Passed to fpm --vendor.
374   VENDOR=$1
375   shift
376   # The type of source package.  Passed to fpm -s.  Default "python".
377   PACKAGE_TYPE=${1:-python}
378   shift
379   # Optional: the package version number.  Passed to fpm -v.
380   VERSION=$1
381   shift
382
383   if [[ -n "$ONLY_BUILD" ]] && [[ "$PACKAGE_NAME" != "$ONLY_BUILD" ]] && [[ "$PACKAGE" != "$ONLY_BUILD" ]] ; then
384       return 0
385   fi
386
387   local default_iteration_value="$(default_iteration "$PACKAGE" "$VERSION" "$PACKAGE_TYPE")"
388   local python=""
389
390   case "$PACKAGE_TYPE" in
391       python)
392           # All Arvados Python2 packages depend on Python 2.7.
393           # Make sure we build with that for consistency.
394           python=python2.7
395           set -- "$@" --python-bin python2.7 \
396               "${PYTHON_FPM_INSTALLER[@]}" \
397               --python-package-name-prefix "$PYTHON2_PKG_PREFIX" \
398               --prefix "$PYTHON2_PREFIX" \
399               --python-install-lib "$PYTHON2_INSTALL_LIB" \
400               --python-install-data . \
401               --exclude "${PYTHON2_INSTALL_LIB#/}/tests" \
402               --depends "$PYTHON2_PACKAGE"
403           ;;
404       python3)
405           # fpm does not actually support a python3 package type.  Instead
406           # we recognize it as a convenience shortcut to add several
407           # necessary arguments to fpm's command line later, after we're
408           # done handling positional arguments.
409           PACKAGE_TYPE=python
410           python=python3
411           set -- "$@" --python-bin python3 \
412               "${PYTHON3_FPM_INSTALLER[@]}" \
413               --python-package-name-prefix "$PYTHON3_PKG_PREFIX" \
414               --prefix "$PYTHON3_PREFIX" \
415               --python-install-lib "$PYTHON3_INSTALL_LIB" \
416               --python-install-data . \
417               --exclude "${PYTHON3_INSTALL_LIB#/}/tests" \
418               --depends "$PYTHON3_PACKAGE"
419           ;;
420   esac
421
422   declare -a COMMAND_ARR=("fpm" "--maintainer=Ward Vandewege <ward@curoverse.com>" "-s" "$PACKAGE_TYPE" "-t" "$FORMAT")
423   if [ python = "$PACKAGE_TYPE" ] && [ deb = "$FORMAT" ]; then
424       # Dependencies are built from setup.py.  Since setup.py will never
425       # refer to Debian package iterations, it doesn't make sense to
426       # enforce those in the .deb dependencies.
427       COMMAND_ARR+=(--deb-ignore-iteration-in-dependencies)
428   fi
429
430   # 12271 - As FPM-generated packages don't include scripts by default, the
431   # packages cleanup on upgrade depends on files being listed on the %files
432   # section in the generated SPEC files. To remove DIRECTORIES, they need to
433   # be listed in that sectiontoo, so we need to add this parameter to properly
434   # remove lingering dirs. But this only works for python2: if used on
435   # python33, it includes dirs like /opt/rh/python33 that belong to
436   # other packages.
437   if [[ "$FORMAT" = rpm ]] && [[ "$python" = python2.7 ]]; then
438     COMMAND_ARR+=('--rpm-auto-add-directories')
439   fi
440
441   if [[ "${DEBUG:-0}" != "0" ]]; then
442     COMMAND_ARR+=('--verbose' '--log' 'info')
443   fi
444
445   if [[ -n "$PACKAGE_NAME" ]]; then
446     COMMAND_ARR+=('-n' "$PACKAGE_NAME")
447   fi
448
449   if [[ "$VENDOR" != "" ]]; then
450     COMMAND_ARR+=('--vendor' "$VENDOR")
451   fi
452
453   if [[ "$VERSION" != "" ]]; then
454     COMMAND_ARR+=('-v' "$VERSION")
455   fi
456   if [[ -n "$default_iteration_value" ]]; then
457       # We can always add an --iteration here.  If another one is specified in $@,
458       # that will take precedence, as desired.
459       COMMAND_ARR+=(--iteration "$default_iteration_value")
460   fi
461
462   if [[ python = "$PACKAGE_TYPE" ]] && [[ -e "${PACKAGE}/${PACKAGE_NAME}.service" ]]
463   then
464       COMMAND_ARR+=(
465           --after-install "${WORKSPACE}/build/go-python-package-scripts/postinst"
466           --before-remove "${WORKSPACE}/build/go-python-package-scripts/prerm"
467       )
468   fi
469
470   # Append --depends X and other arguments specified by fpm-info.sh in
471   # the package source dir. These are added last so they can override
472   # the arguments added by this script.
473   declare -a fpm_args=()
474   declare -a build_depends=()
475   declare -a fpm_depends=()
476   declare -a fpm_exclude=()
477   declare -a fpm_dirs=(
478       # source dir part of 'dir' package ("/source=/dest" => "/source"):
479       "${PACKAGE%%=/*}"
480       # backports ("llfuse>=1.0" => "backports/python-llfuse")
481       "${WORKSPACE}/backports/${PACKAGE_TYPE}-${PACKAGE%%[<=>]*}")
482   if [[ -n "$PACKAGE_NAME" ]]; then
483       fpm_dirs+=("${WORKSPACE}/backports/${PACKAGE_NAME}")
484   fi
485   for pkgdir in "${fpm_dirs[@]}"; do
486       fpminfo="$pkgdir/fpm-info.sh"
487       if [[ -e "$fpminfo" ]]; then
488           debug_echo "Loading fpm overrides from $fpminfo"
489           source "$fpminfo"
490           break
491       fi
492   done
493   for pkg in "${build_depends[@]}"; do
494       if [[ $TARGET =~ debian|ubuntu ]]; then
495           pkg_deb=$(ls "$WORKSPACE/packages/$TARGET/$pkg_"*.deb | sort -rg | awk 'NR==1')
496           if [[ -e $pkg_deb ]]; then
497               echo "Installing build_dep $pkg from $pkg_deb"
498               dpkg -i "$pkg_deb"
499           else
500               echo "Attemping to install build_dep $pkg using apt-get"
501               apt-get install -y "$pkg"
502           fi
503           apt-get -y -f install
504       else
505           pkg_rpm=$(ls "$WORKSPACE/packages/$TARGET/$pkg"-[0-9]*.rpm | sort -rg | awk 'NR==1')
506           if [[ -e $pkg_rpm ]]; then
507               echo "Installing build_dep $pkg from $pkg_rpm"
508               rpm -i "$pkg_rpm"
509           else
510               echo "Attemping to install build_dep $pkg"
511               rpm -i "$pkg"
512           fi
513       fi
514   done
515   for i in "${fpm_depends[@]}"; do
516     COMMAND_ARR+=('--depends' "$i")
517   done
518   for i in "${fpm_exclude[@]}"; do
519     COMMAND_ARR+=('--exclude' "$i")
520   done
521
522   # Append remaining function arguments directly to fpm's command line.
523   for i; do
524     COMMAND_ARR+=("$i")
525   done
526
527   COMMAND_ARR+=("${fpm_args[@]}")
528
529   COMMAND_ARR+=("$PACKAGE")
530
531   debug_echo -e "\n${COMMAND_ARR[@]}\n"
532
533   FPM_RESULTS=$("${COMMAND_ARR[@]}")
534   FPM_EXIT_CODE=$?
535
536   fpm_verify $FPM_EXIT_CODE $FPM_RESULTS
537
538   # if something went wrong and debug is off, print out the fpm command that errored
539   if [[ 0 -ne $? ]] && [[ "$STDOUT_IF_DEBUG" == "/dev/null" ]]; then
540     echo -e "\n${COMMAND_ARR[@]}\n"
541   fi
542 }
543
544 # verify build results
545 fpm_verify () {
546   FPM_EXIT_CODE=$1
547   shift
548   FPM_RESULTS=$@
549
550   FPM_PACKAGE_NAME=''
551   if [[ $FPM_RESULTS =~ ([A-Za-z0-9_\.-]*\.)(deb|rpm) ]]; then
552     FPM_PACKAGE_NAME=${BASH_REMATCH[1]}${BASH_REMATCH[2]}
553   fi
554
555   if [[ "$FPM_PACKAGE_NAME" == "" ]]; then
556     EXITCODE=1
557     echo
558     echo "Error: $PACKAGE: Unable to figure out package name from fpm results:"
559     echo
560     echo $FPM_RESULTS
561     echo
562     return 1
563   elif [[ "$FPM_RESULTS" =~ "File already exists" ]]; then
564     echo "Package $FPM_PACKAGE_NAME exists, not rebuilding"
565     return 0
566   elif [[ 0 -ne "$FPM_EXIT_CODE" ]]; then
567     EXITCODE=1
568     echo "Error building package for $1:\n $FPM_RESULTS"
569     return 1
570   fi
571 }
572
573 install_package() {
574   PACKAGES=$@
575   if [[ "$FORMAT" == "deb" ]]; then
576     $SUDO apt-get install $PACKAGES --yes
577   elif [[ "$FORMAT" == "rpm" ]]; then
578     $SUDO yum -q -y install $PACKAGES
579   fi
580 }
581
582 title () {
583     txt="********** $1 **********"
584     printf "\n%*s%s\n\n" $((($COLUMNS-${#txt})/2)) "" "$txt"
585 }
586
587 checkexit() {
588     if [[ "$1" != "0" ]]; then
589         title "!!!!!! $2 FAILED !!!!!!"
590         failures+=("$2 (`timer`)")
591     else
592         successes+=("$2 (`timer`)")
593     fi
594 }
595
596 timer_reset() {
597     t0=$SECONDS
598 }
599
600 timer() {
601     echo -n "$(($SECONDS - $t0))s"
602 }
603
604 report_outcomes() {
605     for x in "${successes[@]}"
606     do
607         echo "Pass: $x"
608     done
609
610     if [[ ${#failures[@]} == 0 ]]
611     then
612         echo "All test suites passed."
613     else
614         echo "Failures (${#failures[@]}):"
615         for x in "${failures[@]}"
616         do
617             echo "Fail: $x"
618         done
619     fi
620 }