| #!/bin/bash |
| # |
| # TODO: this should share code with other scripts |
| |
| set -x |
| |
| cd /home/updatesd/svn/spamassassin |
| |
| . /etc/profile |
| PERL=/local/perl586/bin/perl |
| export PERL |
| |
| # download stage, where update tarballs are deposited for downloaders |
| # |
| stagedir=/var/www/buildbot.spamassassin.org/updatestage |
| |
| # directory where "0.2.3" and other version-specific files live. |
| # it's assumed that the *real* zone $INCLUDEs files from this dir. |
| # it must be writable by the user this script runs as. |
| # |
| # dev, testing: |
| # dnsdir=/var/named/updates.dev.spamassassin.org.d |
| # live: |
| # dnsdir=/var/named/updates.spamassassin.org.d |
| # |
| dnsdir=/var/named/updates.spamassassin.org.d |
| |
| # directory where "counter", "soa_line.tmpl", "soa_line" live. |
| # it's assumed that the *real* zone $INCLUDEs files from this dir. |
| # it must be writable by the user this script runs as. |
| # |
| soadir=/var/named/spamassassin.org.d |
| |
| versions="$1.0" |
| |
| # --------------------------------------------------------------------------- |
| |
| make_tarball_for_version () { |
| |
| # to be honest, right now this is unused. |
| version="$1" |
| |
| tmpdir=/home/updatesd/tmp/stage/$version |
| rm -rf $tmpdir; mkdir -p $tmpdir || exit $? |
| |
| # extract the new rules files. |
| # use "make install" logic, since we want rules as close as possible |
| # to what's installed |
| make clean |
| $PERL Makefile.PL PREFIX=$tmpdir < /dev/null || exit $? |
| make || exit $? |
| |
| # ensure the basic lint/rule-sanity test suite passes for this ruleset |
| # before we build an update from it. useful particularly to catch |
| # "tflags nopublish" leakage (bug 6297) |
| make test \ |
| TEST_FILES="t/basic_lint.t t/basic_lint_without_sandbox.t t/basic_meta.t" \ |
| || exit $? |
| |
| # remove the rules files for rules we won't be shipping |
| rm rules/70_sandbox.cf rules/70_inactive.cf |
| |
| # double check we still lint without those 2 files |
| ./spamassassin --lint || exit $? |
| |
| rulesdir=`pwd`/rules |
| cd $rulesdir |
| tar cvzf $tmpdir/update.tgz *.cf || exit $? |
| |
| # ensure non-empty |
| [ -s $tmpdir/update.tgz ] || exit 3 |
| |
| linttmp=$tmpdir/lintdir |
| rm -rf $linttmp |
| mkdir $linttmp |
| cd $linttmp |
| # check validity of tarball; also extract |
| gunzip -cd < $tmpdir/update.tgz | tar xf - || exit $? |
| |
| sitetmp=$tmpdir/sitetmp |
| rm -rf $sitetmp |
| mkdir $sitetmp |
| cp rules/*.pre $sitetmp |
| |
| # now, ensure the ruleset (entirely as distributed) lints, also. |
| # use "-p /dev/null" so any user_prefs data is ignored. |
| ./spamassassin -x --configpath=$linttmp --siteconfigpath=$sitetmp \ |
| -p /dev/null --lint || exit $? |
| |
| # sign and get sums |
| gpg --batch --homedir /home/updatesd/key -bas $tmpdir/update.tgz || exit $? |
| |
| shasum -a 1 $tmpdir/update.tgz > $tmpdir/update.tgz.sha1 || exit $? |
| shasum -a 256 $tmpdir/update.tgz > $tmpdir/update.tgz.sha256 || exit $? |
| shasum -a 512 $tmpdir/update.tgz > $tmpdir/update.tgz.sha512 || exit $? |
| |
| # get SVN revision number. |
| # note: use 'Last Changed Rev' instead of 'Revision'. Because we share |
| # an SVN repository with other projects, this means that the same |
| # rev of *our* codebase may appear under multiple rev#s, as other projects |
| # check their changes in. |
| |
| tagstamp=`date "+%Y%m%d%H%M%S"` |
| tagurl=https://svn.apache.org/repos/asf/spamassassin/tags/sa-update_${version}_${tagstamp} |
| |
| # this svn copy is critical, to ensure each version's tarball has a different |
| # rev#. if you remove it, we need to prefix the version# to the svnrev# in |
| # the filenames instead so each version doesn't clobber others. |
| svn update |
| svn copy -m "tagging latest update release for $VERS" . $tagurl < /dev/null |
| |
| ( |
| rm -rf tmpcheckout |
| svn co $tagurl tmpcheckout && svn info tmpcheckout |
| rm -rf tmpcheckout |
| ) < /dev/null > $tmpdir/svn 2>&1 || exit $? |
| |
| svnrev=`(grep 'Last Changed Rev: ' $tmpdir/svn || exit 1) | sed -e 's/^.*: //'` |
| |
| if [ "$svnrev" == "" ] ; then |
| echo "missing SVN revision" |
| cat $tmpdir/svn |
| exit 5 |
| fi |
| |
| if [ "$svnrev" -lt 1 ] ; then |
| echo "bad SVN revision: $svnrev" |
| cat $tmpdir/svn |
| exit 5 |
| fi |
| |
| mv $tmpdir/update.tgz $stagedir/$svnrev.tar.gz || exit $? |
| mv $tmpdir/update.tgz.sha1 $stagedir/$svnrev.tar.gz.sha1 || exit $? |
| mv $tmpdir/update.tgz.sha256 $stagedir/$svnrev.tar.gz.sha256 || exit $? |
| mv $tmpdir/update.tgz.sha512 $stagedir/$svnrev.tar.gz.sha512 || exit $? |
| mv $tmpdir/update.tgz.asc $stagedir/$svnrev.tar.gz.asc || exit $? |
| |
| chmod 644 $stagedir/$svnrev.* |
| |
| # next, create the new DNS record.... |
| |
| # turn "3.2.0" into "0.2.3" |
| rvers=`echo "$version" | perl -pe 's/^(\d+)\.(\d+)\.(\d+)$/$3.$2.$1/'` |
| |
| dnsfile="$dnsdir/$version" |
| if echo " |
| $rvers TXT \"$svnrev\" |
| " > $dnsfile.new |
| then |
| mv $dnsfile.new $dnsfile || exit $? |
| else |
| echo "failed to create $dnsfile.new" 1>&2 ; exit 1 |
| fi |
| |
| # increment the zone serial. |
| ./build/mkupdates/tick_zone_serial || exit $? |
| } |
| |
| # --------------------------------------------------------------------------- |
| |
| [ -d $stagedir ] || echo "no stagedir" 1>&2 |
| [ -d $stagedir ] || exit 6 |
| |
| for version in $versions ; do |
| make_tarball_for_version $version |
| done |
| |