Home Explore Help
Sign In
SaschaMester
/
dak
mirror of https://ftp-master.debian.org/git/dak.git
Watch 1
Star 0
Fork 0
Files Issues 0 Wiki
Branch: mhy/add_both_mirror
Branches Tags
dak
/
config
/
deploy
/
deploy.functions

deploy.functions 2.1 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566 
  1. # -*- mode:sh -*-
    2. 

  2. 

  3. function fetch_updates() {
    4. 

  4.     cd ${masterdir}/
    5. 

  5.     local beforefetch=$(git rev-parse HEAD)
    6. 

  6.     git fetch origin
    7. 

  7.     local afterfetch=$(git rev-parse origin/deploy)
    8. 

  8.     if [[ ${beforefetch} == ${afterfetch} ]]; then
    9. 

  9.         exit 0
    10. 

  10.     fi
    11. 

  11. }
    12. 

  12. 

  13. function find_commitids() {
    14. 

  14.     cd ${masterdir}
    15. 

  15.     OLDHEAD=$(git rev-parse HEAD)
    16. 

  16.     NEWHEAD=$(git rev-parse origin/deploy)
    17. 

  17. }
    18. 

  18. 

  19. function check_commit_signature() {
    20. 

  20.     cd ${masterdir}
    21. 

  21.     git config --local gpg.program "${scriptsdir}/gpgverify"
    22. 

  22.     if ! SIGNKEY=$(git verify-commit --raw ${NEWHEAD} 2>&1 | awk '/VALIDSIG/ {print $NF}'); then
    23. 

  23.         log_error "{NEWHEAD} is not signed correctly"
    24. 

  24.         exit 3
    25. 

  25.     fi
    26. 

  26.     if [[ -z ${DEPLOY_KEYS[${SIGNKEY}]} ]]; then
    27. 

  27.         log_error "{NEWHEAD} signed by ${SIGNKEY} which is not allowed to deploy code"
    28. 

  28.         exit 4
    29. 

  29.     fi
    30. 

  30. }
    31. 

  31. 

  32. function check_for_db_update() {
    33. 

  33.     # Check: Do we have a DB Upgrade?
    34. 

  34.     if [[ -n ${NEEDDB} ]]; then
    35. 

  35.         NEWDBVER=$(GIT_DIR=${masterdir}/.git git ls-tree origin/deploy dak/dakdb/|grep -v '__init__.py'|sort -V -k 4|tail -n 1)
    36. 

  36.         NEWDBVER=${NEWDBVER##*update}
    37. 

  37.         declare -r NEWDBVER=${NEWDBVER%%.py}
    38. 

  38.     fi
    39. 

  39. 

  40.     if [[ ${OLDDBVER} -ne ${NEWDBVER} ]] && [[ -z ${FORCETHISDAMNUPGRADEIKNOWWHATIDOIHOPE:-""} ]]; then
    41. 

  41.         # Differing versions and no FORCETHISDAMNUPGRADEIKNOWWHATIDOIHOPE variable, break
    42. 

  42.         log_error "Database update from ${OLDDBVER} to ${NEWDBVER} required, will not update dak code on ${HOSTNAME} unless told with FORCETHISDAMNUPGRADEIKNOWWHATIDOIHOPE=1 in the environment"
    43. 

  43.         exit 21
    44. 

  44.     fi
    45. 

  45. }
    46. 

  46. 

  47. function check_ancestor() {
    48. 

  48.     cd ${masterdir}
    49. 

  49.     if ! git merge-base --is-ancestor ${OLDHEAD} ${NEWHEAD}; then
    50. 

  50.         log_error "Running code HEAD ${OLDHEAD} is not an ancestor of newly-to-deploy HEAD ${NEWHEAD}, refusing to update"
    51. 

  51.         exit 2
    52. 

  52.     fi
    53. 

  53. }
    54. 

  54. 

  55. function update_masterdir() {
    56. 

  56.     cd ${masterdir}
    57. 

  57.     # We do not want local changes
    58. 

  58.     git stash save --include-untracked --all "Update for commitid ${NEWHEAD}"
    59. 

  59.     # And switch to the commit we just verified
    60. 

  60.     git checkout ${NEWHEAD}
    61. 

  61. }
    62. 

  62. 

  63. function cleanlogs() {
    64. 

  64.     find ${logdir} -mtime +60 -delete
    65. 

  65. }
    66. 

  66.