You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hugegraph.apache.org by ji...@apache.org on 2023/01/08 13:35:11 UTC
[incubator-hugegraph] 01/01: chore: support validate apache release automatically
This is an automated email from the ASF dual-hosted git repository.
jin pushed a commit to branch validate-release
in repository https://gitbox.apache.org/repos/asf/incubator-hugegraph.git
commit 4d79f3677615807d6eff32ac7ff3abe2a47dfe39
Author: imbajin <ji...@apache.org>
AuthorDate: Sun Jan 8 17:20:17 2023 +0800
chore: support validate apache release automatically
---
.github/workflows/validate-release.yml | 37 ++++++++++++
hugegraph-dist/scripts/validate-release.sh | 93 ++++++++++++++++++++++++++++++
2 files changed, 130 insertions(+)
diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml
new file mode 100644
index 000000000..896db776f
--- /dev/null
+++ b/.github/workflows/validate-release.yml
@@ -0,0 +1,37 @@
+name: validate apache release
+
+on:
+ workflow_dispatch:
+ inputs:
+ current_version:
+ required: true
+ default: '1.0.0'
+ deploy_maven:
+ required: true
+ default: 'false'
+
+jobs:
+ build:
+ runs-on: ubuntu-latest
+ env:
+ SCRIPT_PATH: hugegraph-dist/scripts/
+ steps:
+ - name: Checkout source
+ uses: actions/checkout@v3
+ - name: Install JDK ${{ matrix.JAVA_VERSION }}
+ uses: actions/setup-java@v3
+ with:
+ java-version: ${{ matrix.JAVA_VERSION }}
+ distribution: 'adopt'
+ # TODO: do we need svn & gpg environment?
+ - name: Test Building Source & Running
+ run: |
+ bash $SCRIPT_PATH/validate-release.sh ${{ github.event.inputs.current_version }}
+ - name: Test Running Binary
+ run: |
+ echo "TODO: separate script to test binary"
+
+ strategy:
+ fail-fast: true
+ matrix:
+ JAVA_VERSION: [ '8', '11' ]
diff --git a/hugegraph-dist/scripts/validate-release.sh b/hugegraph-dist/scripts/validate-release.sh
new file mode 100755
index 000000000..000adb39c
--- /dev/null
+++ b/hugegraph-dist/scripts/validate-release.sh
@@ -0,0 +1,93 @@
+#!/usr/bin/env bash
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# This script is used to validate the release package, including:
+# 1. Check the release package name & content
+# 3. Check the release package sha512
+# 4. Check the release package gpg signature
+
+URL_PREFIX="https://dist.apache.org/repos/dist/dev/incubator/hugegraph/"
+# release version (input by committer)
+RELEASE_VERSION=$1
+# git release branch (check it carefully)
+#GIT_BRANCH="release-${RELEASE_VERSION}"
+
+RELEASE_VERSION=${RELEASE_VERSION:?"Please input the release version behind script"}
+
+# step1: download svn files
+rm -rf dist/"$RELEASE_VERSION" && svn co ${URL_PREFIX}/"$RELEASE_VERSION" dist/"$RELEASE_VERSION"
+cd dist/"$RELEASE_VERSION" || exit
+
+# step2: check environment & import public keys
+shasum --version 1>/dev/null || exit
+gpg --version 1>/dev/null || exit
+
+wget https://downloads.apache.org/incubator/hugegraph/KEYS
+gpg --import KEYS || exit
+# TODO: how to trust all public keys once?
+
+# step3: check sha512 & gpg signature
+for i in *.tar.gz; do
+ echo "$i"
+ shasum -a 512 --check "$i".sha512 || exit
+done
+
+for i in *.tar.gz; do
+ echo "$i"
+ eval gpg "${GPG_OPT}" --verify "$i".asc "$i" || exit
+done
+
+# step4: validate source packages
+for i in *src.tar.gz; do
+ echo "$i"
+ #### step4.0: check the directory include "incubating"
+ if [[ ! "$i" =~ "incubating" ]]; then
+ echo "The package name should include incubating" && exit 1
+ fi
+ tar xzf "$i" || exit
+ cd "$(basename "$i" .tar.gz)" || exit
+
+ #### step4.1: check the directory include "NOTICE" and "LICENSE" file
+ if [[ ! -f "LICENSE" ]]; then
+ echo "The package should include LICENSE file" && exit 1
+ fi
+ if [[ ! -f "NOTICE" ]]; then
+ echo "The package should include NOTICE file" && exit 1
+ fi
+
+ #### step4.2: compile the packages
+ mvn clean package -DskipTests || exit
+ cd .. || exit
+done
+
+#### step4.3: run the compiled packages in server
+cd ./*hugegraph-incubating*src/*hugegraph*"${RELEASE_VERSION}" || exit
+bin/start-hugegraph.sh || exit
+sleep 5
+bin/stop-hugegraph.sh
+cd .. || exit
+
+#### step4.4: run the compiled packages in toolchain (include loader/tool/hubble)
+cd ./*hugegraph-toolchain*src/*hugegraph*"${RELEASE_VERSION}" || exit
+# loader
+
+# step5: validate the binary packages
+#### step5.0: check the directory include "incubating"
+#### step5.1: check the directory include "NOTICE" and "LICENSE" file
+#### step5.4: run the binary packages
+
+echo "Finished validate, please check all steps manually again!"