Set secrets.secret_key_base refs #13996
[arvados.git] / build / run-library.sh
1 #!/bin/bash -xe
2 # Copyright (C) The Arvados Authors. All rights reserved.
3 #
4 # SPDX-License-Identifier: AGPL-3.0
5
6 # A library of functions shared by the various scripts in this directory.
7
8 # This is the timestamp about when we merged changed to include licenses
9 # with Arvados packages.  We use it as a heuristic to add revisions for
10 # older packages.
11 LICENSE_PACKAGE_TS=20151208015500
12
13 if [[ -z "$ARVADOS_BUILDING_VERSION" ]]; then
14     RAILS_PACKAGE_ITERATION=8
15 else
16     RAILS_PACKAGE_ITERATION="$ARVADOS_BUILDING_ITERATION"
17 fi
18
19 debug_echo () {
20     echo "$@" >"$STDOUT_IF_DEBUG"
21 }
22
23 find_python_program() {
24     prog="$1"
25     shift
26     for prog in "$@"; do
27         if "$prog" --version >/dev/null 2>&1; then
28             echo "$prog"
29             return 0
30         fi
31     done
32     cat >&2 <<EOF
33 $helpmessage
34
35 Error: $prog (from Python setuptools module) not found
36
37 EOF
38     exit 1
39 }
40
41 format_last_commit_here() {
42     local format="$1"; shift
43     TZ=UTC git log -n1 --first-parent "--format=format:$format" .
44 }
45
46 version_from_git() {
47     # Output the version being built, or if we're building a
48     # dev/prerelease, output a version number based on the git log for
49     # the current working directory.
50     if [[ -n "$ARVADOS_BUILDING_VERSION" ]]; then
51         echo "$ARVADOS_BUILDING_VERSION"
52         return
53     fi
54
55     local git_ts git_hash prefix
56     if [[ -n "$1" ]] ; then
57         prefix="$1"
58     else
59         prefix="0.1"
60     fi
61
62     declare $(format_last_commit_here "git_ts=%ct git_hash=%h")
63     ARVADOS_BUILDING_VERSION="$(git tag -l |sort -V -r |head -n1).$(date -ud "@$git_ts" +%Y%m%d%H%M%S)"
64     echo "$ARVADOS_BUILDING_VERSION"
65 }
66
67 nohash_version_from_git() {
68     if [[ -n "$ARVADOS_BUILDING_VERSION" ]]; then
69         echo "$ARVADOS_BUILDING_VERSION"
70         return
71     fi
72     version_from_git $1 | cut -d. -f1-4
73 }
74
75 timestamp_from_git() {
76     format_last_commit_here "%ct"
77 }
78
79 handle_python_package () {
80   # This function assumes the current working directory is the python package directory
81   if [ -n "$(find dist -name "*-$(nohash_version_from_git).tar.gz" -print -quit)" ]; then
82     # This package doesn't need rebuilding.
83     return
84   fi
85   # Make sure only to use sdist - that's the only format pip can deal with (sigh)
86   python setup.py $DASHQ_UNLESS_DEBUG sdist
87 }
88
89 handle_ruby_gem() {
90     local gem_name="$1"; shift
91     local gem_version="$(nohash_version_from_git)"
92     local gem_src_dir="$(pwd)"
93
94     if [[ -n "$ONLY_BUILD" ]] && [[ "$gem_name" != "$ONLY_BUILD" ]] ; then
95         return 0
96     fi
97
98     if ! [[ -e "${gem_name}-${gem_version}.gem" ]]; then
99         find -maxdepth 1 -name "${gem_name}-*.gem" -delete
100
101         # -q appears to be broken in gem version 2.2.2
102         $GEM build "$gem_name.gemspec" $DASHQ_UNLESS_DEBUG >"$STDOUT_IF_DEBUG" 2>"$STDERR_IF_DEBUG"
103     fi
104 }
105
106 # Usage: package_go_binary services/foo arvados-foo "Compute foo to arbitrary precision"
107 package_go_binary() {
108     local src_path="$1"; shift
109     local prog="$1"; shift
110     local description="$1"; shift
111     local license_file="${1:-agpl-3.0.txt}"; shift
112
113     if [[ -n "$ONLY_BUILD" ]] && [[ "$prog" != "$ONLY_BUILD" ]] ; then
114         return 0
115     fi
116
117     debug_echo "package_go_binary $src_path as $prog"
118
119     local basename="${src_path##*/}"
120
121     mkdir -p "$GOPATH/src/git.curoverse.com"
122     ln -sfn "$WORKSPACE" "$GOPATH/src/git.curoverse.com/arvados.git"
123     (cd "$GOPATH/src/git.curoverse.com/arvados.git" && "$GOPATH/bin/govendor" sync -v)
124
125     cd "$GOPATH/src/git.curoverse.com/arvados.git/$src_path"
126     local version="$(version_from_git)"
127     local timestamp="$(timestamp_from_git)"
128
129     # Update the version number and build a new package if the vendor
130     # bundle has changed, or the command imports anything from the
131     # Arvados SDK and the SDK has changed.
132     declare -a checkdirs=(vendor)
133     if grep -qr git.curoverse.com/arvados .; then
134         checkdirs+=(sdk/go lib)
135     fi
136     for dir in ${checkdirs[@]}; do
137         cd "$GOPATH/src/git.curoverse.com/arvados.git/$dir"
138         ts="$(timestamp_from_git)"
139         if [[ "$ts" -gt "$timestamp" ]]; then
140             version=$(version_from_git)
141             timestamp="$ts"
142         fi
143     done
144
145     cd $WORKSPACE/packages/$TARGET
146     test_package_presence $prog $version go
147
148     if [[ "$?" != "0" ]]; then
149       return 1
150     fi
151
152     go get -ldflags "-X main.version=${version}" "git.curoverse.com/arvados.git/$src_path"
153
154     local -a switches=()
155     systemd_unit="$WORKSPACE/${src_path}/${prog}.service"
156     if [[ -e "${systemd_unit}" ]]; then
157         switches+=(
158             --after-install "${WORKSPACE}/build/go-python-package-scripts/postinst"
159             --before-remove "${WORKSPACE}/build/go-python-package-scripts/prerm"
160             "${systemd_unit}=/lib/systemd/system/${prog}.service")
161     fi
162     switches+=("$WORKSPACE/${license_file}=/usr/share/doc/$prog/${license_file}")
163
164     fpm_build "$GOPATH/bin/${basename}=/usr/bin/${prog}" "${prog}" dir "${version}" "--url=https://arvados.org" "--license=GNU Affero General Public License, version 3.0" "--description=${description}" "${switches[@]}"
165 }
166
167 default_iteration() {
168     if [[ -n "$ARVADOS_BUILDING_VERSION" ]]; then
169         echo "$ARVADOS_BUILDING_ITERATION"
170         return
171     fi
172     local package_name="$1"; shift
173     local package_version="$1"; shift
174     local package_type="$1"; shift
175     local iteration=1
176     if [[ $package_version =~ ^0\.1\.([0-9]{14})(\.|$) ]] && \
177            [[ ${BASH_REMATCH[1]} -le $LICENSE_PACKAGE_TS ]]; then
178         iteration=2
179     fi
180     if [[ $package_type =~ ^python ]]; then
181       # Fix --iteration for #9242.
182       iteration=2
183     fi
184     echo $iteration
185 }
186
187 _build_rails_package_scripts() {
188     local pkgname="$1"; shift
189     local destdir="$1"; shift
190     local srcdir="$RUN_BUILD_PACKAGES_PATH/rails-package-scripts"
191     for scriptname in postinst prerm postrm; do
192         cat "$srcdir/$pkgname.sh" "$srcdir/step2.sh" "$srcdir/$scriptname.sh" \
193             >"$destdir/$scriptname" || return $?
194     done
195 }
196
197 test_rails_package_presence() {
198   local pkgname="$1"; shift
199   local srcdir="$1"; shift
200
201   if [[ -n "$ONLY_BUILD" ]] && [[ "$pkgname" != "$ONLY_BUILD" ]] ; then
202     return 1
203   fi
204
205   tmppwd=`pwd`
206
207   cd $srcdir
208
209   local version="$(version_from_git)"
210
211   cd $tmppwd
212
213   test_package_presence $pkgname $version rails "$RAILS_PACKAGE_ITERATION"
214 }
215
216 test_package_presence() {
217     local pkgname="$1"; shift
218     local version="$1"; shift
219     local pkgtype="$1"; shift
220     local iteration="$1"; shift
221     local arch="$1"; shift
222
223     if [[ -n "$ONLY_BUILD" ]] && [[ "$pkgname" != "$ONLY_BUILD" ]] ; then
224         return 1
225     fi
226
227     if [[ "$iteration" == "" ]]; then
228         iteration="$(default_iteration "$pkgname" "$version" "$pkgtype")"
229     fi
230
231     if [[ "$arch" == "" ]]; then
232       rpm_architecture="x86_64"
233       deb_architecture="amd64"
234
235       if [[ "$pkgtype" =~ ^(src)$ ]]; then
236         rpm_architecture="noarch"
237         deb_architecture="all"
238       fi
239
240       # These python packages have binary components
241       if [[ "$pkgname" =~ (ruamel|ciso|pycrypto|pyyaml) ]]; then
242         rpm_architecture="x86_64"
243         deb_architecture="amd64"
244       fi
245     else
246       rpm_architecture=$arch
247       deb_architecture=$arch
248     fi
249
250     if [[ "$FORMAT" == "deb" ]]; then
251         local complete_pkgname="${pkgname}_$version${iteration:+-$iteration}_$deb_architecture.deb"
252     else
253         # rpm packages get iteration 1 if we don't supply one
254         iteration=${iteration:-1}
255         local complete_pkgname="$pkgname-$version-${iteration}.$rpm_architecture.rpm"
256     fi
257
258     # See if we can skip building the package, only if it already exists in the
259     # processed/ directory. If so, move it back to the packages directory to make
260     # sure it gets picked up by the test and/or upload steps.
261     # Get the list of packages from the repos
262
263     if [[ "$FORMAT" == "deb" ]]; then
264       declare -A dd
265       dd[debian8]=jessie
266       dd[debian9]=stretch
267       dd[debian10]=buster
268       dd[ubuntu1404]=trusty
269       dd[ubuntu1604]=xenial
270       dd[ubuntu1804]=bionic
271       D=${dd[$TARGET]}
272       if [ ${pkgname:0:3} = "lib" ]; then
273         repo_subdir=${pkgname:0:4}
274       else
275         repo_subdir=${pkgname:0:1}
276       fi
277
278       repo_pkg_list=$(curl -s -o - http://apt.arvados.org/pool/${D}/main/${repo_subdir}/)
279       echo ${repo_pkg_list} |grep -q ${complete_pkgname}
280       if [ $? -eq 0 ] ; then
281         echo "Package $complete_pkgname exists, not rebuilding!"
282         curl -s -o ./${complete_pkgname} http://apt.arvados.org/pool/${D}/main/${repo_subdir}/${complete_pkgname}
283         return 1
284       elif test -f "$WORKSPACE/packages/$TARGET/processed/${complete_pkgname}" ; then
285         echo "Package $complete_pkgname exists, not rebuilding!"
286         return 1
287       else
288         echo "Package $complete_pkgname not found, building"
289         return 0
290       fi
291     else
292       centos_repo="http://rpm.arvados.org/CentOS/7/dev/x86_64/"
293
294       repo_pkg_list=$(curl -s -o - ${centos_repo})
295       echo ${repo_pkg_list} |grep -q ${complete_pkgname}
296       if [ $? -eq 0 ]; then
297         echo "Package $complete_pkgname exists, not rebuilding!"
298         curl -s -o ./${complete_pkgname} ${centos_repo}${complete_pkgname}
299         return 1
300       elif test -f "$WORKSPACE/packages/$TARGET/processed/${complete_pkgname}" ; then
301         echo "Package $complete_pkgname exists, not rebuilding!"
302         return 1
303       else
304         echo "Package $complete_pkgname not found, building"
305         return 0
306       fi
307     fi
308 }
309
310 handle_rails_package() {
311     local pkgname="$1"; shift
312
313     if [[ -n "$ONLY_BUILD" ]] && [[ "$pkgname" != "$ONLY_BUILD" ]] ; then
314         return 0
315     fi
316     local srcdir="$1"; shift
317     cd "$srcdir"
318     local license_path="$1"; shift
319     local version="$(version_from_git)"
320     echo "$version" >package-build.version
321     local scripts_dir="$(mktemp --tmpdir -d "$pkgname-XXXXXXXX.scripts")" && \
322     (
323         set -e
324         _build_rails_package_scripts "$pkgname" "$scripts_dir"
325         cd "$srcdir"
326         mkdir -p tmp
327         git rev-parse HEAD >git-commit.version
328         bundle package --all
329     )
330     if [[ 0 != "$?" ]] || ! cd "$WORKSPACE/packages/$TARGET"; then
331         echo "ERROR: $pkgname package prep failed" >&2
332         rm -rf "$scripts_dir"
333         EXITCODE=1
334         return 1
335     fi
336     local railsdir="/var/www/${pkgname%-server}/current"
337     local -a pos_args=("$srcdir/=$railsdir" "$pkgname" dir "$version")
338     local license_arg="$license_path=$railsdir/$(basename "$license_path")"
339     local -a switches=(--after-install "$scripts_dir/postinst"
340                        --before-remove "$scripts_dir/prerm"
341                        --after-remove "$scripts_dir/postrm")
342     if [[ -z "$ARVADOS_BUILDING_VERSION" ]]; then
343         switches+=(--iteration $RAILS_PACKAGE_ITERATION)
344     fi
345     # For some reason fpm excludes need to not start with /.
346     local exclude_root="${railsdir#/}"
347     # .git and packages are for the SSO server, which is built from its
348     # repository root.
349     local -a exclude_list=(.git packages tmp log coverage Capfile\* \
350                            config/deploy\* config/application.yml)
351     # for arvados-workbench, we need to have the (dummy) config/database.yml in the package
352     if  [[ "$pkgname" != "arvados-workbench" ]]; then
353       exclude_list+=('config/database.yml')
354     fi
355     # for arvados-api-server, we need to dereference the
356     # config/config.default.yml file. There is no fpm way to do that, sadly
357     # (excluding the existing symlink and then adding the file from its source
358     # path doesn't work, sadly.
359     if [[ "$pkgname" == "arvados-api-server" ]]; then
360       mv /arvados/services/api/config/config.default.yml /arvados/services/api/config/config.default.yml.bu
361       cp -p /arvados/lib/config/config.default.yml /arvados/services/api/config/
362       exclude_list+=('config/config.default.yml.bu')
363     fi
364     for exclude in ${exclude_list[@]}; do
365         switches+=(-x "$exclude_root/$exclude")
366     done
367     fpm_build "${pos_args[@]}" "${switches[@]}" \
368               -x "$exclude_root/vendor/cache-*" \
369               -x "$exclude_root/vendor/bundle" "$@" "$license_arg"
370     rm -rf "$scripts_dir"
371     # Undo the deferencing we did above
372     if [[ "$pkgname" == "arvados-api-server" ]]; then
373       rm -f /arvados/services/api/config/config.default.yml
374       mv /arvados/services/api/config/config.default.yml.bu /arvados/services/api/config/config.default.yml
375     fi
376 }
377
378 # Build python packages with a virtualenv built-in
379 fpm_build_virtualenv () {
380   PKG=$1
381   shift
382   PKG_DIR=$1
383   shift
384   PACKAGE_TYPE=${1:-python}
385   shift
386
387   # Set up
388   STDOUT_IF_DEBUG=/dev/null
389   STDERR_IF_DEBUG=/dev/null
390   DASHQ_UNLESS_DEBUG=-q
391   if [[ "$DEBUG" != "0" ]]; then
392       STDOUT_IF_DEBUG=/dev/stdout
393       STDERR_IF_DEBUG=/dev/stderr
394       DASHQ_UNLESS_DEBUG=
395   fi
396   if [[ "$ARVADOS_BUILDING_ITERATION" == "" ]]; then
397     ARVADOS_BUILDING_ITERATION=1
398   fi
399
400   local python=""
401   case "$PACKAGE_TYPE" in
402     python3)
403         python=python3
404         if [[ "$FORMAT" != "rpm" ]]; then
405           pip=pip3
406         else
407           # In CentOS, we use a different mechanism to get the right version of pip
408           pip=pip
409         fi
410         PACKAGE_PREFIX=$PYTHON3_PKG_PREFIX
411         ;;
412     python)
413         # All Arvados Python2 packages depend on Python 2.7.
414         # Make sure we build with that for consistency.
415         python=python2.7
416         pip=pip
417         PACKAGE_PREFIX=$PYTHON2_PKG_PREFIX
418         ;;
419   esac
420
421   if [[ "$PKG" != "libpam-arvados" ]] &&
422      [[ "$PKG" != "arvados-node-manager" ]] &&
423      [[ "$PKG" != "arvados-docker-cleaner" ]]; then
424     PYTHON_PKG=$PACKAGE_PREFIX-$PKG
425   else
426     # Exception to our package naming convention
427     PYTHON_PKG=$PKG
428   fi
429
430   if [[ -n "$ONLY_BUILD" ]] && [[ "$PYTHON_PKG" != "$ONLY_BUILD" ]] && [[ "$PKG" != "$ONLY_BUILD" ]]; then
431     return 0
432   fi
433
434   cd $WORKSPACE/$PKG_DIR
435
436   rm -rf dist/*
437
438   # Get the latest setuptools
439   if ! $pip install $DASHQ_UNLESS_DEBUG $CACHE_FLAG -U setuptools; then
440     echo "Error, unable to upgrade setuptools with"
441     echo "  $pip install $DASHQ_UNLESS_DEBUG $CACHE_FLAG -U setuptools"
442     exit 1
443   fi
444   # filter a useless warning (when building the cwltest package) from the stderr output
445   if ! $python setup.py $DASHQ_UNLESS_DEBUG sdist 2> >(grep -v 'warning: no previously-included files matching'); then
446     echo "Error, unable to run $python setup.py sdist for $PKG"
447     exit 1
448   fi
449
450   PACKAGE_PATH=`(cd dist; ls *tar.gz)`
451
452   # Determine the package version from the generated sdist archive
453   PYTHON_VERSION=${ARVADOS_BUILDING_VERSION:-$(awk '($1 == "Version:"){print $2}' *.egg-info/PKG-INFO)}
454
455   # See if we actually need to build this package; does it exist already?
456   # We can't do this earlier than here, because we need PYTHON_VERSION...
457   # This isn't so bad; the sdist call above is pretty quick compared to
458   # the invocation of virtualenv and fpm, below.
459   if ! test_package_presence "$PYTHON_PKG" $PYTHON_VERSION $PACKAGE_TYPE $ARVADOS_BUILDING_ITERATION; then
460     return 0
461   fi
462
463   echo "Building $FORMAT package for $PKG from $PKG_DIR"
464
465   # Package the sdist in a virtualenv
466   echo "Creating virtualenv..."
467
468   cd dist
469
470   rm -rf build
471   rm -f $PYTHON_PKG*deb
472   echo "virtualenv version: `virtualenv --version`"
473   virtualenv_command="virtualenv --python `which $python` $DASHQ_UNLESS_DEBUG build/usr/share/$python/dist/$PYTHON_PKG"
474
475   if ! $virtualenv_command; then
476     echo "Error, unable to run"
477     echo "  $virtualenv_command"
478     exit 1
479   fi
480
481   if ! build/usr/share/$python/dist/$PYTHON_PKG/bin/$pip install $DASHQ_UNLESS_DEBUG $CACHE_FLAG -U pip; then
482     echo "Error, unable to upgrade pip with"
483     echo "  build/usr/share/$python/dist/$PYTHON_PKG/bin/$pip install $DASHQ_UNLESS_DEBUG $CACHE_FLAG -U pip"
484     exit 1
485   fi
486   echo "pip version:        `build/usr/share/$python/dist/$PYTHON_PKG/bin/$pip --version`"
487
488   if ! build/usr/share/$python/dist/$PYTHON_PKG/bin/$pip install $DASHQ_UNLESS_DEBUG $CACHE_FLAG -U setuptools; then
489     echo "Error, unable to upgrade setuptools with"
490     echo "  build/usr/share/$python/dist/$PYTHON_PKG/bin/$pip install $DASHQ_UNLESS_DEBUG $CACHE_FLAG -U setuptools"
491     exit 1
492   fi
493   echo "setuptools version: `build/usr/share/$python/dist/$PYTHON_PKG/bin/$python -c 'import setuptools; print(setuptools.__version__)'`"
494
495   if ! build/usr/share/$python/dist/$PYTHON_PKG/bin/$pip install $DASHQ_UNLESS_DEBUG $CACHE_FLAG -U wheel; then
496     echo "Error, unable to upgrade wheel with"
497     echo "  build/usr/share/$python/dist/$PYTHON_PKG/bin/$pip install $DASHQ_UNLESS_DEBUG $CACHE_FLAG -U wheel"
498     exit 1
499   fi
500   echo "wheel version:      `build/usr/share/$python/dist/$PYTHON_PKG/bin/wheel version`"
501
502   if [[ "$TARGET" != "centos7" ]] || [[ "$PYTHON_PKG" != "python-arvados-fuse" ]]; then
503     build/usr/share/$python/dist/$PYTHON_PKG/bin/$pip install $DASHQ_UNLESS_DEBUG $CACHE_FLAG $PACKAGE_PATH
504   else
505     # centos7 needs these special tweaks to install python-arvados-fuse
506     build/usr/share/$python/dist/$PYTHON_PKG/bin/$pip install $DASHQ_UNLESS_DEBUG $CACHE_FLAG docutils
507     PYCURL_SSL_LIBRARY=nss build/usr/share/$python/dist/$PYTHON_PKG/bin/$pip install $DASHQ_UNLESS_DEBUG $CACHE_FLAG $PACKAGE_PATH
508   fi
509
510   if [[ "$?" != "0" ]]; then
511     echo "Error, unable to run"
512     echo "  build/usr/share/$python/dist/$PYTHON_PKG/bin/$pip install $DASHQ_UNLESS_DEBUG $CACHE_FLAG $PACKAGE_PATH"
513     exit 1
514   fi
515
516   cd build/usr/share/$python/dist/$PYTHON_PKG/
517
518   # Replace the shebang lines in all python scripts, and handle the activate
519   # scripts too This is a functional replacement of the 237 line
520   # virtualenv_tools.py script that doesn't work in python3 without serious
521   # patching, minus the parts we don't need (modifying pyc files, etc).
522   for binfile in `ls bin/`; do
523     if ! file --mime bin/$binfile |grep -q binary; then
524       # Not a binary file
525       if [[ "$binfile" =~ ^activate(.csh|.fish|)$ ]]; then
526         # these 'activate' scripts need special treatment
527         sed -i "s/VIRTUAL_ENV=\".*\"/VIRTUAL_ENV=\"\/usr\/share\/$python\/dist\/$PYTHON_PKG\"/" bin/$binfile
528         sed -i "s/VIRTUAL_ENV \".*\"/VIRTUAL_ENV \"\/usr\/share\/$python\/dist\/$PYTHON_PKG\"/" bin/$binfile
529       else
530         if grep -q -E '^#!.*/bin/python\d?' bin/$binfile; then
531           # Replace shebang line
532           sed -i "1 s/^.*$/#!\/usr\/share\/$python\/dist\/$PYTHON_PKG\/bin\/python/" bin/$binfile
533         fi
534       fi
535     fi
536   done
537
538   cd - >$STDOUT_IF_DEBUG
539
540   find build -iname '*.pyc' -exec rm {} \;
541   find build -iname '*.pyo' -exec rm {} \;
542
543   # Finally, generate the package
544   echo "Creating package..."
545
546   declare -a COMMAND_ARR=("fpm" "-s" "dir" "-t" "$FORMAT")
547
548   if [[ "$MAINTAINER" != "" ]]; then
549     COMMAND_ARR+=('--maintainer' "$MAINTAINER")
550   fi
551
552   if [[ "$VENDOR" != "" ]]; then
553     COMMAND_ARR+=('--vendor' "$VENDOR")
554   fi
555
556   COMMAND_ARR+=('--url' 'https://arvados.org')
557
558   # Get description
559   DESCRIPTION=`grep '\sdescription' $WORKSPACE/$PKG_DIR/setup.py|cut -f2 -d=|sed -e "s/[',\\"]//g"`
560   COMMAND_ARR+=('--description' "$DESCRIPTION")
561
562   # Get license string
563   LICENSE_STRING=`grep license $WORKSPACE/$PKG_DIR/setup.py|cut -f2 -d=|sed -e "s/[',\\"]//g"`
564   COMMAND_ARR+=('--license' "$LICENSE_STRING")
565
566   # 12271 - As FPM-generated packages don't include scripts by default, the
567   # packages cleanup on upgrade depends on files being listed on the %files
568   # section in the generated SPEC files. To remove DIRECTORIES, they need to
569   # be listed in that sectiontoo, so we need to add this parameter to properly
570   # remove lingering dirs. But this only works for python2: if used on
571   # python33, it includes dirs like /opt/rh/python33 that belong to
572   # other packages.
573   if [[ "$FORMAT" == "rpm" ]] && [[ "$python" == "python2.7" ]]; then
574     COMMAND_ARR+=('--rpm-auto-add-directories')
575   fi
576
577   if [[ "$PKG" == "arvados-python-client" ]]; then
578     if [[ "$python" == "python2.7" ]]; then
579       COMMAND_ARR+=('--conflicts' "$PYTHON3_PKG_PREFIX-$PKG")
580     else
581       COMMAND_ARR+=('--conflicts' "$PYTHON2_PKG_PREFIX-$PKG")
582     fi
583   fi
584
585   if [[ "$DEBUG" != "0" ]]; then
586     COMMAND_ARR+=('--verbose' '--log' 'info')
587   fi
588
589   COMMAND_ARR+=('-v' "$PYTHON_VERSION")
590   COMMAND_ARR+=('--iteration' "$ARVADOS_BUILDING_ITERATION")
591   COMMAND_ARR+=('-n' "$PYTHON_PKG")
592   COMMAND_ARR+=('-C' "build")
593
594   if [[ -e "$WORKSPACE/$PKG_DIR/$PKG.service" ]]; then
595     COMMAND_ARR+=('--after-install' "${WORKSPACE}/build/go-python-package-scripts/postinst")
596     COMMAND_ARR+=('--before-remove' "${WORKSPACE}/build/go-python-package-scripts/prerm")
597   fi
598
599   if [[ "$python" == "python2.7" ]]; then
600     COMMAND_ARR+=('--depends' "$PYTHON2_PACKAGE")
601   else
602     COMMAND_ARR+=('--depends' "$PYTHON3_PACKAGE")
603   fi
604
605   # avoid warning
606   COMMAND_ARR+=('--deb-no-default-config-files')
607
608   # Append --depends X and other arguments specified by fpm-info.sh in
609   # the package source dir. These are added last so they can override
610   # the arguments added by this script.
611   declare -a fpm_args=()
612   declare -a fpm_depends=()
613
614   fpminfo="$WORKSPACE/$PKG_DIR/fpm-info.sh"
615   if [[ -e "$fpminfo" ]]; then
616     echo "Loading fpm overrides from $fpminfo"
617     if ! source "$fpminfo"; then
618       echo "Error, unable to source $WORKSPACE/$PKG_DIR/fpm-info.sh for $PKG"
619       exit 1
620     fi
621   fi
622
623   for i in "${fpm_depends[@]}"; do
624     COMMAND_ARR+=('--depends' "$i")
625   done
626
627   COMMAND_ARR+=("${fpm_args[@]}")
628
629   # Make sure to install all our package binaries in /usr/bin.
630   # We have to walk $WORKSPACE/$PKG_DIR/bin rather than
631   # $WORKSPACE/build/usr/share/$python/dist/$PYTHON_PKG/bin/ to get the list
632   # because the latter also includes all the python binaries for the virtualenv.
633   # We have to take the copies of our binaries from the latter directory, though,
634   # because those are the ones we rewrote the shebang line of, above.
635   if [[ -e "$WORKSPACE/$PKG_DIR/bin" ]]; then
636     for binary in `ls $WORKSPACE/$PKG_DIR/bin`; do
637       COMMAND_ARR+=("usr/share/$python/dist/$PYTHON_PKG/bin/$binary=/usr/bin/")
638     done
639   fi
640
641   # the libpam module should place this file in the historically correct place
642   # so as not to break backwards compatibility
643   if [[ -e "$WORKSPACE/$PKG_DIR/dist/build/usr/share/python2.7/dist/libpam-arvados/lib/security/libpam_arvados.py" ]]; then
644     COMMAND_ARR+=("usr/share/$python/dist/$PYTHON_PKG/data/lib/security/libpam_arvados.py=/usr/data/lib/security/")
645   fi
646
647   # the python-arvados-cwl-runner package comes with cwltool, expose that version
648   if [[ -e "$WORKSPACE/$PKG_DIR/dist/build/usr/share/python2.7/dist/python-arvados-cwl-runner/bin/cwltool" ]]; then
649     COMMAND_ARR+=("usr/share/python2.7/dist/python-arvados-cwl-runner/bin/cwltool=/usr/bin/")
650   fi
651
652   COMMAND_ARR+=(".")
653
654   FPM_RESULTS=$("${COMMAND_ARR[@]}")
655   FPM_EXIT_CODE=$?
656
657   # if something went wrong and debug is off, print out the fpm command that errored
658   if ! fpm_verify $FPM_EXIT_CODE $FPM_RESULTS && [[ "$STDOUT_IF_DEBUG" == "/dev/null" ]]; then
659     echo "fpm returned an error executing the command:"
660     echo
661     echo -e "\n${COMMAND_ARR[@]}\n"
662   else
663     echo `ls *$FORMAT`
664     mv $WORKSPACE/$PKG_DIR/dist/*$FORMAT $WORKSPACE/packages/$TARGET/
665   fi
666   echo
667 }
668
669 # Build packages for everything
670 fpm_build () {
671   # The package source.  Depending on the source type, this can be a
672   # path, or the name of the package in an upstream repository (e.g.,
673   # pip).
674   PACKAGE=$1
675   shift
676   # The name of the package to build.
677   PACKAGE_NAME=$1
678   shift
679   # The type of source package.  Passed to fpm -s.  Default "dir".
680   PACKAGE_TYPE=${1:-dir}
681   shift
682   # Optional: the package version number.  Passed to fpm -v.
683   VERSION=$1
684   shift
685
686   if [[ -n "$ONLY_BUILD" ]] && [[ "$PACKAGE_NAME" != "$ONLY_BUILD" ]] && [[ "$PACKAGE" != "$ONLY_BUILD" ]] ; then
687       return 0
688   fi
689
690   local default_iteration_value="$(default_iteration "$PACKAGE" "$VERSION" "$PACKAGE_TYPE")"
691
692   declare -a COMMAND_ARR=("fpm" "-s" "$PACKAGE_TYPE" "-t" "$FORMAT")
693   if [ python = "$PACKAGE_TYPE" ] && [ deb = "$FORMAT" ]; then
694       # Dependencies are built from setup.py.  Since setup.py will never
695       # refer to Debian package iterations, it doesn't make sense to
696       # enforce those in the .deb dependencies.
697       COMMAND_ARR+=(--deb-ignore-iteration-in-dependencies)
698   fi
699
700   # 12271 - As FPM-generated packages don't include scripts by default, the
701   # packages cleanup on upgrade depends on files being listed on the %files
702   # section in the generated SPEC files. To remove DIRECTORIES, they need to
703   # be listed in that section too, so we need to add this parameter to properly
704   # remove lingering dirs. But this only works for python2: if used on
705   # python33, it includes dirs like /opt/rh/python33 that belong to
706   # other packages.
707   if [[ "$FORMAT" = rpm ]] && [[ "$python" = python2.7 ]]; then
708     COMMAND_ARR+=('--rpm-auto-add-directories')
709   fi
710
711   if [[ "$DEBUG" != "0" ]]; then
712     COMMAND_ARR+=('--verbose' '--log' 'info')
713   fi
714
715   if [[ -n "$PACKAGE_NAME" ]]; then
716     COMMAND_ARR+=('-n' "$PACKAGE_NAME")
717   fi
718
719   if [[ "$MAINTAINER" != "" ]]; then
720     COMMAND_ARR+=('--maintainer' "$MAINTAINER")
721   fi
722
723   if [[ "$VENDOR" != "" ]]; then
724     COMMAND_ARR+=('--vendor' "$VENDOR")
725   fi
726
727   if [[ "$VERSION" != "" ]]; then
728     COMMAND_ARR+=('-v' "$VERSION")
729   fi
730   if [[ -n "$default_iteration_value" ]]; then
731       # We can always add an --iteration here.  If another one is specified in $@,
732       # that will take precedence, as desired.
733       COMMAND_ARR+=(--iteration "$default_iteration_value")
734   fi
735
736   # Append --depends X and other arguments specified by fpm-info.sh in
737   # the package source dir. These are added last so they can override
738   # the arguments added by this script.
739   declare -a fpm_args=()
740   declare -a build_depends=()
741   declare -a fpm_depends=()
742   declare -a fpm_exclude=()
743   declare -a fpm_dirs=(
744       # source dir part of 'dir' package ("/source=/dest" => "/source"):
745       "${PACKAGE%%=/*}")
746   for pkgdir in "${fpm_dirs[@]}"; do
747       fpminfo="$pkgdir/fpm-info.sh"
748       if [[ -e "$fpminfo" ]]; then
749           debug_echo "Loading fpm overrides from $fpminfo"
750           source "$fpminfo"
751           break
752       fi
753   done
754   for pkg in "${build_depends[@]}"; do
755       if [[ $TARGET =~ debian|ubuntu ]]; then
756           pkg_deb=$(ls "$WORKSPACE/packages/$TARGET/$pkg_"*.deb | sort -rg | awk 'NR==1')
757           if [[ -e $pkg_deb ]]; then
758               echo "Installing build_dep $pkg from $pkg_deb"
759               dpkg -i "$pkg_deb"
760           else
761               echo "Attemping to install build_dep $pkg using apt-get"
762               apt-get install -y "$pkg"
763           fi
764           apt-get -y -f install
765       else
766           pkg_rpm=$(ls "$WORKSPACE/packages/$TARGET/$pkg"-[0-9]*.rpm | sort -rg | awk 'NR==1')
767           if [[ -e $pkg_rpm ]]; then
768               echo "Installing build_dep $pkg from $pkg_rpm"
769               rpm -i "$pkg_rpm"
770           else
771               echo "Attemping to install build_dep $pkg"
772               rpm -i "$pkg"
773           fi
774       fi
775   done
776   for i in "${fpm_depends[@]}"; do
777     COMMAND_ARR+=('--depends' "$i")
778   done
779   for i in "${fpm_exclude[@]}"; do
780     COMMAND_ARR+=('--exclude' "$i")
781   done
782
783   # Append remaining function arguments directly to fpm's command line.
784   for i; do
785     COMMAND_ARR+=("$i")
786   done
787
788   COMMAND_ARR+=("${fpm_args[@]}")
789
790   COMMAND_ARR+=("$PACKAGE")
791
792   debug_echo -e "\n${COMMAND_ARR[@]}\n"
793
794   FPM_RESULTS=$("${COMMAND_ARR[@]}")
795   FPM_EXIT_CODE=$?
796
797   fpm_verify $FPM_EXIT_CODE $FPM_RESULTS
798
799   # if something went wrong and debug is off, print out the fpm command that errored
800   if [[ 0 -ne $? ]] && [[ "$STDOUT_IF_DEBUG" == "/dev/null" ]]; then
801     echo -e "\n${COMMAND_ARR[@]}\n"
802   fi
803 }
804
805 # verify build results
806 fpm_verify () {
807   FPM_EXIT_CODE=$1
808   shift
809   FPM_RESULTS=$@
810
811   FPM_PACKAGE_NAME=''
812   if [[ $FPM_RESULTS =~ ([A-Za-z0-9_\.-]*\.)(deb|rpm) ]]; then
813     FPM_PACKAGE_NAME=${BASH_REMATCH[1]}${BASH_REMATCH[2]}
814   fi
815
816   if [[ "$FPM_PACKAGE_NAME" == "" ]]; then
817     EXITCODE=1
818     echo
819     echo "Error: $PACKAGE: Unable to figure out package name from fpm results:"
820     echo
821     echo $FPM_RESULTS
822     echo
823     return 1
824   elif [[ "$FPM_RESULTS" =~ "File already exists" ]]; then
825     echo "Package $FPM_PACKAGE_NAME exists, not rebuilding"
826     return 0
827   elif [[ 0 -ne "$FPM_EXIT_CODE" ]]; then
828     EXITCODE=1
829     echo "Error building package for $1:\n $FPM_RESULTS"
830     return 1
831   fi
832 }
833
834 install_package() {
835   PACKAGES=$@
836   if [[ "$FORMAT" == "deb" ]]; then
837     $SUDO apt-get install $PACKAGES --yes
838   elif [[ "$FORMAT" == "rpm" ]]; then
839     $SUDO yum -q -y install $PACKAGES
840   fi
841 }
842
843 title() {
844     printf '%s %s\n' "=======" "$1"
845 }
846
847 checkexit() {
848     if [[ "$1" != "0" ]]; then
849         title "$2 -- FAILED"
850         failures+=("$2 (`timer`)")
851     else
852         successes+=("$2 (`timer`)")
853     fi
854 }
855
856 timer_reset() {
857     t0=$SECONDS
858 }
859
860 timer() {
861     echo -n "$(($SECONDS - $t0))s"
862 }
863
864 report_outcomes() {
865     for x in "${successes[@]}"
866     do
867         echo "Pass: $x"
868     done
869
870     if [[ ${#failures[@]} == 0 ]]
871     then
872         if [[ ${#successes[@]} != 0 ]]; then
873            echo "All test suites passed."
874         fi
875     else
876         echo "Failures (${#failures[@]}):"
877         for x in "${failures[@]}"
878         do
879             echo "Fail: $x"
880         done
881     fi
882 }