This is an automated email from the ASF dual-hosted git repository. jin pushed a commit to branch validate-release in repository https://gitbox.apache.org/repos/asf/incubator-hugegraph.git
commit 4d79f3677615807d6eff32ac7ff3abe2a47dfe39 Author: imbajin <[email protected]> AuthorDate: Sun Jan 8 17:20:17 2023 +0800 chore: support validate apache release automatically --- .github/workflows/validate-release.yml | 37 ++++++++++++ hugegraph-dist/scripts/validate-release.sh | 93 ++++++++++++++++++++++++++++++ 2 files changed, 130 insertions(+) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml new file mode 100644 index 000000000..896db776f --- /dev/null +++ b/.github/workflows/validate-release.yml @@ -0,0 +1,37 @@ +name: validate apache release + +on: + workflow_dispatch: + inputs: + current_version: + required: true + default: '1.0.0' + deploy_maven: + required: true + default: 'false' + +jobs: + build: + runs-on: ubuntu-latest + env: + SCRIPT_PATH: hugegraph-dist/scripts/ + steps: + - name: Checkout source + uses: actions/checkout@v3 + - name: Install JDK ${{ matrix.JAVA_VERSION }} + uses: actions/setup-java@v3 + with: + java-version: ${{ matrix.JAVA_VERSION }} + distribution: 'adopt' + # TODO: do we need svn & gpg environment? + - name: Test Building Source & Running + run: | + bash $SCRIPT_PATH/validate-release.sh ${{ github.event.inputs.current_version }} + - name: Test Running Binary + run: | + echo "TODO: separate script to test binary" + + strategy: + fail-fast: true + matrix: + JAVA_VERSION: [ '8', '11' ] diff --git a/hugegraph-dist/scripts/validate-release.sh b/hugegraph-dist/scripts/validate-release.sh new file mode 100755 index 000000000..000adb39c --- /dev/null +++ b/hugegraph-dist/scripts/validate-release.sh @@ -0,0 +1,93 @@ +#!/usr/bin/env bash +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# This script is used to validate the release package, including: +# 1. Check the release package name & content +# 3. Check the release package sha512 +# 4. Check the release package gpg signature + +URL_PREFIX="https://dist.apache.org/repos/dist/dev/incubator/hugegraph/"; +# release version (input by committer) +RELEASE_VERSION=$1 +# git release branch (check it carefully) +#GIT_BRANCH="release-${RELEASE_VERSION}" + +RELEASE_VERSION=${RELEASE_VERSION:?"Please input the release version behind script"} + +# step1: download svn files +rm -rf dist/"$RELEASE_VERSION" && svn co ${URL_PREFIX}/"$RELEASE_VERSION" dist/"$RELEASE_VERSION" +cd dist/"$RELEASE_VERSION" || exit + +# step2: check environment & import public keys +shasum --version 1>/dev/null || exit +gpg --version 1>/dev/null || exit + +wget https://downloads.apache.org/incubator/hugegraph/KEYS +gpg --import KEYS || exit +# TODO: how to trust all public keys once? + +# step3: check sha512 & gpg signature +for i in *.tar.gz; do + echo "$i" + shasum -a 512 --check "$i".sha512 || exit +done + +for i in *.tar.gz; do + echo "$i" + eval gpg "${GPG_OPT}" --verify "$i".asc "$i" || exit +done + +# step4: validate source packages +for i in *src.tar.gz; do + echo "$i" + #### step4.0: check the directory include "incubating" + if [[ ! "$i" =~ "incubating" ]]; then + echo "The package name should include incubating" && exit 1 + fi + tar xzf "$i" || exit + cd "$(basename "$i" .tar.gz)" || exit + + #### step4.1: check the directory include "NOTICE" and "LICENSE" file + if [[ ! -f "LICENSE" ]]; then + echo "The package should include LICENSE file" && exit 1 + fi + if [[ ! -f "NOTICE" ]]; then + echo "The package should include NOTICE file" && exit 1 + fi + + #### step4.2: compile the packages + mvn clean package -DskipTests || exit + cd .. || exit +done + +#### step4.3: run the compiled packages in server +cd ./*hugegraph-incubating*src/*hugegraph*"${RELEASE_VERSION}" || exit +bin/start-hugegraph.sh || exit +sleep 5 +bin/stop-hugegraph.sh +cd .. || exit + +#### step4.4: run the compiled packages in toolchain (include loader/tool/hubble) +cd ./*hugegraph-toolchain*src/*hugegraph*"${RELEASE_VERSION}" || exit +# loader + +# step5: validate the binary packages +#### step5.0: check the directory include "incubating" +#### step5.1: check the directory include "NOTICE" and "LICENSE" file +#### step5.4: run the binary packages + +echo "Finished validate, please check all steps manually again!"
