build script update
Some checks failed
ci/woodpecker/push/fx_oracle Pipeline is pending
ci/woodpecker/push/ledger Pipeline is pending
ci/woodpecker/push/nats Pipeline is pending
ci/woodpecker/push/notification Pipeline is pending
ci/woodpecker/push/payments_orchestrator Pipeline is pending
ci/woodpecker/push/billing_fees Pipeline was successful
ci/woodpecker/push/bff Pipeline was successful
ci/woodpecker/push/db Pipeline was successful
ci/woodpecker/push/chain_gateway Pipeline was successful
ci/woodpecker/push/fx_ingestor Pipeline failed
ci/woodpecker/push/bump_version unknown status
ci/woodpecker/push/frontend Pipeline failed
Some checks failed
ci/woodpecker/push/fx_oracle Pipeline is pending
ci/woodpecker/push/ledger Pipeline is pending
ci/woodpecker/push/nats Pipeline is pending
ci/woodpecker/push/notification Pipeline is pending
ci/woodpecker/push/payments_orchestrator Pipeline is pending
ci/woodpecker/push/billing_fees Pipeline was successful
ci/woodpecker/push/bff Pipeline was successful
ci/woodpecker/push/db Pipeline was successful
ci/woodpecker/push/chain_gateway Pipeline was successful
ci/woodpecker/push/fx_ingestor Pipeline failed
ci/woodpecker/push/bump_version unknown status
ci/woodpecker/push/frontend Pipeline failed
This commit is contained in:
Stephan D
@@ -1,264 +1,34 @@
|
||||
#!/bin/sh
|
||||
set -eu
|
||||
# /bin/bash
|
||||
|
||||
log() {
|
||||
printf '[bump-version] %s\n' "$*"
|
||||
}
|
||||
echo "===================================="
|
||||
echo "Incrementing build version..."
|
||||
echo "===================================="
|
||||
VERSION_FILE=./version
|
||||
|
||||
error() {
|
||||
printf '[bump-version] %s\n' "$*" >&2
|
||||
}
|
||||
NEW_VERSION=$(cat $VERSION_FILE | awk -F. -v OFS=. 'NF==1{print ++$NF}; NF>1{$NF=sprintf("%0*d", length($NF), ($NF+1)); print}')
|
||||
echo $NEW_VERSION > $VERSION_FILE
|
||||
|
||||
die() {
|
||||
error "${1:-fatal error}"
|
||||
exit "${2:-1}"
|
||||
}
|
||||
echo "New version is "$NEW_VERSION
|
||||
|
||||
var_value() {
|
||||
# shellcheck disable=SC2039
|
||||
eval "printf '%s' \"\${$1:-}\""
|
||||
}
|
||||
|
||||
normalize_host() {
|
||||
value="$1"
|
||||
if [ -z "${value}" ]; then
|
||||
printf '%s' ""
|
||||
return
|
||||
fi
|
||||
printf '%s' "${value}" | sed -E '
|
||||
s#^[[:alpha:]][[:alnum:]+.-]*://##;
|
||||
s#^[^@]*@##;
|
||||
s#[:/].*$##;
|
||||
'
|
||||
}
|
||||
|
||||
extract_proto() {
|
||||
url="$1"
|
||||
if printf '%s' "${url}" | grep -Eq '^[[:alpha:]][[:alnum:]+.-]*://'; then
|
||||
printf '%s' "${url}" | sed -E 's#^([[:alpha:]][[:alnum:]+.-]*://).*#\1#' | tr -d ':/'
|
||||
return
|
||||
fi
|
||||
if printf '%s' "${url}" | grep -Eq '^[^@]+@[^:]+:'; then
|
||||
printf 'ssh'
|
||||
return
|
||||
fi
|
||||
printf 'https'
|
||||
}
|
||||
|
||||
discover_env_credentials() {
|
||||
DEFAULT_GIT_USER="${GIT_AUTH_DEFAULT_USER:-woodpecker}"
|
||||
while IFS=: read -r user_var pass_var; do
|
||||
[ -n "${pass_var}" ] || continue
|
||||
pass="$(var_value "${pass_var}")"
|
||||
[ -n "${pass}" ] || continue
|
||||
if [ "${user_var}" = "-" ] || [ -z "${user_var}" ]; then
|
||||
user=""
|
||||
else
|
||||
user="$(var_value "${user_var}")"
|
||||
fi
|
||||
if [ -z "${user}" ]; then
|
||||
user="${DEFAULT_GIT_USER}"
|
||||
fi
|
||||
GIT_AUTH_USER="${user}"
|
||||
GIT_AUTH_PASS="${pass}"
|
||||
GIT_AUTH_SOURCE="env:${user_var:--}/${pass_var}"
|
||||
return 0
|
||||
done <<'EOF'
|
||||
CI_GIT_USERNAME:CI_GIT_PASSWORD
|
||||
CI_GIT_USERNAME:CI_GIT_TOKEN
|
||||
CI_GIT_USERNAME:CI_GIT_PASS
|
||||
CI_GIT_USER:CI_GIT_PASSWORD
|
||||
CI_GIT_USER:CI_GIT_TOKEN
|
||||
CI_NETRC_USERNAME:CI_NETRC_PASSWORD
|
||||
CI_NETRC_LOGIN:CI_NETRC_PASSWORD
|
||||
WOODPECKER_GIT_USERNAME:WOODPECKER_GIT_PASSWORD
|
||||
WOODPECKER_GIT_USERNAME:WOODPECKER_GIT_TOKEN
|
||||
WOODPECKER_NETRC_USERNAME:WOODPECKER_NETRC_PASSWORD
|
||||
WOODPECKER_NETRC_LOGIN:WOODPECKER_NETRC_PASSWORD
|
||||
DRONE_GIT_USERNAME:DRONE_GIT_PASSWORD
|
||||
DRONE_GIT_USERNAME:DRONE_GIT_TOKEN
|
||||
DRONE_NETRC_USERNAME:DRONE_NETRC_PASSWORD
|
||||
DRONE_NETRC_LOGIN:DRONE_NETRC_PASSWORD
|
||||
GIT_USERNAME:GIT_PASSWORD
|
||||
GIT_USER:GIT_PASS
|
||||
GIT_AUTH_USERNAME:GIT_AUTH_PASSWORD
|
||||
-:GIT_PASSWORD
|
||||
-:GIT_PASS
|
||||
EOF
|
||||
|
||||
for token_var in CI_GIT_TOKEN WOODPECKER_GIT_TOKEN DRONE_GIT_TOKEN GIT_TOKEN GITEA_TOKEN; do
|
||||
token="$(var_value "${token_var}")"
|
||||
if [ -n "${token}" ]; then
|
||||
user="$(var_value CI_GIT_USERNAME)"
|
||||
[ -n "${user}" ] || user="$(var_value WOODPECKER_GIT_USERNAME)"
|
||||
[ -n "${user}" ] || user="$(var_value DRONE_GIT_USERNAME)"
|
||||
[ -n "${user}" ] || user="${DEFAULT_GIT_USER}"
|
||||
GIT_AUTH_USER="${user}"
|
||||
GIT_AUTH_PASS="${token}"
|
||||
GIT_AUTH_SOURCE="env:${token_var}"
|
||||
return 0
|
||||
fi
|
||||
done
|
||||
return 1
|
||||
}
|
||||
|
||||
discover_vault_credentials() {
|
||||
VAULT_MOUNT="${GIT_CREDENTIALS_VAULT_MOUNT:-kv}"
|
||||
VAULT_PATH="${GIT_CREDENTIALS_VAULT_PATH:-${CI_GIT_VAULT_PATH:-}}"
|
||||
[ -n "${VAULT_PATH}" ] || return 1
|
||||
VLT_BIN="${GIT_VAULT_HELPER:-./ci/vlt}"
|
||||
if [ ! -x "${VLT_BIN}" ]; then
|
||||
return 1
|
||||
fi
|
||||
user_field="${GIT_CREDENTIALS_VAULT_USER_FIELD:-username}"
|
||||
pass_field="${GIT_CREDENTIALS_VAULT_PASSWORD_FIELD:-password}"
|
||||
if ! GIT_AUTH_USER="$("${VLT_BIN}" kv_get "${VAULT_MOUNT}" "${VAULT_PATH}" "${user_field}" 2>/dev/null)"; then
|
||||
return 1
|
||||
fi
|
||||
if ! GIT_AUTH_PASS="$("${VLT_BIN}" kv_get "${VAULT_MOUNT}" "${VAULT_PATH}" "${pass_field}" 2>/dev/null)"; then
|
||||
return 1
|
||||
fi
|
||||
GIT_AUTH_SOURCE="vault:${VAULT_MOUNT}/${VAULT_PATH}"
|
||||
return 0
|
||||
}
|
||||
|
||||
write_netrc() {
|
||||
host="$1"
|
||||
user="$2"
|
||||
pass="$3"
|
||||
file="${HOME:-/root}/.netrc"
|
||||
{
|
||||
printf 'machine %s\n' "${host}"
|
||||
printf 'login %s\n' "${user}"
|
||||
printf 'password %s\n' "${pass}"
|
||||
} > "${file}"
|
||||
chmod 600 "${file}"
|
||||
}
|
||||
|
||||
setup_https_credentials() {
|
||||
host="$1"
|
||||
netrc="${HOME:-/root}/.netrc"
|
||||
if [ -s "${netrc}" ] && awk -v host="${host}" '
|
||||
$1 == "machine" && $2 == host { found=1; exit }
|
||||
END { exit found ? 0 : 1 }
|
||||
' "${netrc}"; then
|
||||
log "reusing credentials already present in ${netrc}"
|
||||
return 0
|
||||
fi
|
||||
if discover_env_credentials; then
|
||||
masked="$(printf '%s' "${GIT_AUTH_USER}" | cut -c1-2)***"
|
||||
log "using ${GIT_AUTH_SOURCE} for ${host} (user ${masked})"
|
||||
write_netrc "${host}" "${GIT_AUTH_USER}" "${GIT_AUTH_PASS}"
|
||||
return 0
|
||||
fi
|
||||
if discover_vault_credentials; then
|
||||
masked="$(printf '%s' "${GIT_AUTH_USER}" | cut -c1-2)***"
|
||||
log "using ${GIT_AUTH_SOURCE} for ${host} (user ${masked})"
|
||||
write_netrc "${host}" "${GIT_AUTH_USER}" "${GIT_AUTH_PASS}"
|
||||
return 0
|
||||
fi
|
||||
return 1
|
||||
}
|
||||
|
||||
START_DIR="$(pwd)"
|
||||
log "invoked from ${START_DIR}"
|
||||
|
||||
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
|
||||
REPO_ROOT=""
|
||||
if command -v git >/dev/null 2>&1; then
|
||||
REPO_ROOT="$(git rev-parse --show-toplevel 2>/dev/null || true)"
|
||||
fi
|
||||
if [ -z "${REPO_ROOT}" ]; then
|
||||
REPO_ROOT="$(cd "${SCRIPT_DIR}/../../.." && pwd)"
|
||||
fi
|
||||
log "repo root resolved to ${REPO_ROOT}"
|
||||
cd "${REPO_ROOT}"
|
||||
|
||||
VERSION_FILE="./version"
|
||||
if [ ! -f "${VERSION_FILE}" ]; then
|
||||
if git cat-file -e "HEAD:version" 2>/dev/null; then
|
||||
error "version file missing in workspace, restoring from HEAD"
|
||||
git show "HEAD:version" > "${VERSION_FILE}"
|
||||
else
|
||||
die "version file not found: ${VERSION_FILE}"
|
||||
fi
|
||||
echo "===================================="
|
||||
echo "Bumping client version..."
|
||||
echo "===================================="
|
||||
FILE="./frontend/mweb/pubspec.yaml"
|
||||
if sed --version >/dev/null 2>&1; then
|
||||
# GNU sed
|
||||
sed -i "s/^version: .*/version: ${NEW_VERSION}+1/" "$FILE"
|
||||
else
|
||||
# BSD/macOS sed
|
||||
sed -i '' -e "s/^version: .*/version: ${NEW_VERSION}+1/" "$FILE"
|
||||
fi
|
||||
|
||||
CURRENT_VERSION="$(cat "${VERSION_FILE}")"
|
||||
NEXT_VERSION="$(printf '%s' "${CURRENT_VERSION}" | awk -F. -v OFS=. '
|
||||
function pad(value, width, result, i) {
|
||||
result=value ""
|
||||
if (length(result) >= width) {
|
||||
return result
|
||||
}
|
||||
i = width - length(result)
|
||||
while (i-- > 0) {
|
||||
result = "0" result
|
||||
}
|
||||
return result
|
||||
}
|
||||
NF==1 { print ++$NF; next }
|
||||
{
|
||||
last = $NF + 1
|
||||
$NF = pad(last, length($NF))
|
||||
print
|
||||
}')"
|
||||
set -euo pipefail
|
||||
|
||||
printf '%s\n' "${NEXT_VERSION}" > "${VERSION_FILE}"
|
||||
log "${CURRENT_VERSION} -> ${NEXT_VERSION}"
|
||||
# update version file(s) here
|
||||
# e.g.: ./ci/scripts/common/update_version_file.sh
|
||||
|
||||
git add "${VERSION_FILE}"
|
||||
if git diff --cached --quiet; then
|
||||
log "no changes staged, skipping commit"
|
||||
exit 0
|
||||
if ! git diff --quiet; then
|
||||
git add .
|
||||
git commit -m "chore: bump build version [skip ci]"
|
||||
git push origin HEAD:main
|
||||
fi
|
||||
|
||||
AUTHOR_NAME="${GIT_AUTHOR_NAME:-woodpecker}"
|
||||
AUTHOR_EMAIL="${GIT_AUTHOR_EMAIL:-ci@sendico.io}"
|
||||
git config user.name "${AUTHOR_NAME}"
|
||||
git config user.email "${AUTHOR_EMAIL}"
|
||||
|
||||
git commit -m "chore(ci): bump version to ${NEXT_VERSION}"
|
||||
|
||||
BRANCH="${WOODPECKER_BRANCH:-}"
|
||||
if [ -z "${BRANCH}" ] || [ "${BRANCH}" = "HEAD" ]; then
|
||||
BRANCH="$(git rev-parse --abbrev-ref HEAD)"
|
||||
fi
|
||||
|
||||
REMOTE_URL="${CI_REPO_REMOTE:-${WOODPECKER_GIT_REMOTE:-${DRONE_REMOTE_URL:-}}}"
|
||||
if [ -z "${REMOTE_URL}" ]; then
|
||||
REMOTE_URL="$(git config --get remote.origin.url 2>/dev/null || true)"
|
||||
fi
|
||||
[ -n "${REMOTE_URL}" ] || die "unable to determine git remote url"
|
||||
|
||||
REMOTE_PROTO="$(extract_proto "${REMOTE_URL}")"
|
||||
REMOTE_HOST="$(normalize_host "${REMOTE_URL}")"
|
||||
[ -n "${REMOTE_HOST}" ] || die "unable to determine remote host from ${REMOTE_URL}"
|
||||
|
||||
log "using remote ${REMOTE_URL}"
|
||||
git remote set-url origin "${REMOTE_URL}"
|
||||
|
||||
case "${REMOTE_PROTO}" in
|
||||
ssh)
|
||||
if [ -n "${GIT_SSH_KEY_B64:-}" ]; then
|
||||
SSH_KEY_FILE="${HOME:-/root}/.ssh/id_ci"
|
||||
mkdir -p "$(dirname "${SSH_KEY_FILE}")"
|
||||
printf '%s' "${GIT_SSH_KEY_B64}" | base64 -d > "${SSH_KEY_FILE}"
|
||||
chmod 600 "${SSH_KEY_FILE}"
|
||||
export GIT_SSH_COMMAND="ssh -i ${SSH_KEY_FILE} -o StrictHostKeyChecking=no"
|
||||
log "configured SSH key for git push"
|
||||
else
|
||||
log "no SSH key provided, relying on existing agent configuration"
|
||||
fi
|
||||
;;
|
||||
http|https)
|
||||
if ! setup_https_credentials "${REMOTE_HOST}"; then
|
||||
die "no git credentials detected (set CI_GIT_USERNAME/CI_GIT_PASSWORD, WOODPECKER_GIT_USERNAME/WOODPECKER_GIT_PASSWORD, or configure GIT_CREDENTIALS_VAULT_PATH)"
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
log "unknown git protocol ${REMOTE_PROTO}, attempting push without extra credentials"
|
||||
;;
|
||||
esac
|
||||
|
||||
git push origin "HEAD:${BRANCH}"
|
||||
|
||||
Reference in New Issue
Block a user