#!/usr/bin/env bash
# Copyright (c) 2013 The Chromium Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
set -e
http_port=8080
ssh_port=29418
while test $# -ne 0; do
case "$1" in
-v)
version="$2"
shift
;;
-d)
rundir="$2"
shift
;;
--http-port)
http_port="$2"
shift
;;
--ssh-port)
ssh_port="$2"
shift
;;
*)
rundir="$1"
;;
esac
shift
done
if [ -z "$rundir" ]; then
rundir=$(mktemp -d)
fi
this_dir=$(dirname $0)
gerrit_exe="$this_dir/gerrit.war"
account_id=101
full_name='Test Account'
maximum_page_size='25'
password='test-password'
preferred_email="test-username@test.org"
registered_on=$(date '+%Y-%m-%d %H:%M:%S.000%:::z')
username='test-username'
# The python code below for picking the "latest" gerrit release is cribbed and
# ported from the javascript at:
#
# http://gerrit-releases.storage.googleapis.com/index.html
url='https://www.googleapis.com/storage/v1/b/gerrit-releases/o?projection=noAcl'
curl --retry 30 --ssl-reqd -s $url | python <(cat <<EOF
# Receives Gerrit version via command line and reads json-encoded
# text from stdin in the format:
#
# {
# "items": [
# {
# "name": "gerrit-<version>.war",
# "md5Hash": "<base64 encoded md5sum>",
# },
# {
# "name": "gerrit-<version>.war",
# "md5Hash": "<base64 encoded md5sum>",
# },
# ...
# }
#
# ...and prints the name and md5sum of the corresponding *.war file.
import json
import re
import sys
requested_version = sys.argv[1] if len(sys.argv) > 1 else None
# Disable using -rc versions. This is a temporary hack to avoid
# picking up version 2.9-rc0, which requires java 7. These lines
# should be un-commented after this bug is fixed:
# https://code.google.com/p/chromium/issues/detail?id=346369
#gerrit_re = re.compile('gerrit(?:-full)?-([0-9.]+)(-rc[0-9]+)?[.]war')
gerrit_re = re.compile('gerrit(?:-full)?-([0-9.]+)[.]war')
j = json.load(sys.stdin)
items = [(x, gerrit_re.match(x['name'])) for x in j['items']]
#items = [(x, m.group(1), m.group(2)) for x, m in items if m]
items = [(x, m.group(1), '') for x, m in items if m]
def _cmp(a, b):
an = a[1].split('.')
bn = b[1].split('.')
while len(an) < len(bn):
an.append('0')
while len(bn) < len(an):
bn.append('0')
an.append(a[2][3:] if a[2] else '1000')
bn.append(b[2][3:] if b[2] else '1000')
for i in range(len(an)):
if an[i] != bn[i]:
return -1 if int(an[i]) > int(bn[i]) else 1
return 0
if requested_version:
for info, version in items:
if version == requested_version:
print '"%s" "%s"' % (info['name'], info['md5Hash'])
sys.exit(0)
print >> sys.stderr, 'No such Gerrit version: %s' % requested_version
sys.exit(1)
items.sort(cmp=_cmp)
for x in items:
print '"%s" "%s"' % (x[0]['name'], x[0]['md5Hash'])
sys.exit(0)
EOF
) "$version" | xargs | while read name md5; do
# Download the requested gerrit version if necessary, and verify the md5sum.
target="$this_dir/$name"
net_sum=$(echo -n $md5 | base64 -d | od -tx1 | head -1 | cut -d ' ' -f 2- |
sed 's/ //g')
if [ -f "$target" ]; then
file_sum=$(md5sum "$target" | awk '{print $1}' | xargs)
if [ "$file_sum" = "$net_sum" ]; then
ln -sf "$name" "$gerrit_exe"
break
else
rm -rf "$target"
fi
fi
curl --retry 30 --ssl-reqd -s -o "$target" \
"https://gerrit-releases.storage.googleapis.com/$name"
file_sum=$(md5sum "$target" | awk '{print $1}' | xargs)
if [ "$file_sum" != "$net_sum" ]; then
echo "ERROR: md5sum mismatch when downloading $name" 1>&2
rm -rf "$target"
exit 1
else
ln -sf "$name" "$gerrit_exe"
fi
done
if [ ! -e "$gerrit_exe" ]; then
echo "ERROR: No $gerrit_exe file or link present, and unable " 1>&2
echo " to download the latest version." 1>&2
exit 1
fi
# By default, gerrit only accepts https connections, which is a good thing. But
# for testing, it's convenient to enable plain http. Also, turn off all email
# notifications.
mkdir -p "${rundir}/etc"
cat <<EOF > "${rundir}/etc/gerrit.config"
[auth]
type = DEVELOPMENT_BECOME_ANY_ACCOUNT
gitBasicAuth = true
[gerrit]
canonicalWebUrl = http://$(hostname):${http_port}/
[httpd]
listenUrl = http://*:${http_port}/
[sshd]
listenAddress = *:${ssh_port}
[sendemail]
enable = false
[container]
javaOptions = -Duser.home=${rundir}/tmp
EOF
# Initialize the gerrit instance.
java -jar "$gerrit_exe" init --no-auto-start --batch --install-plugin=download-commands -d "${rundir}"
# Create SSH key pair for the first user.
mkdir -p "${rundir}/tmp"
ssh-keygen -t rsa -q -f "${rundir}/tmp/id_rsa" -N ""
ssh_public_key="$(cat ${rundir}/tmp/id_rsa.pub)"
# Set up the first user, with admin priveleges.
cat <<EOF | java -jar "$gerrit_exe" gsql -d "${rundir}" > /dev/null
INSERT INTO ACCOUNTS (FULL_NAME, MAXIMUM_PAGE_SIZE, PREFERRED_EMAIL, REGISTERED_ON, ACCOUNT_ID) VALUES ('${full_name}', ${maximum_page_size}, '${preferred_email}', '${registered_on}', ${account_id});
INSERT INTO ACCOUNT_EXTERNAL_IDS (ACCOUNT_ID, EXTERNAL_ID) VALUES (${account_id}, 'gerrit:${username}');
INSERT INTO ACCOUNT_EXTERNAL_IDS (ACCOUNT_ID, EXTERNAL_ID) VALUES (${account_id}, 'username:${username}');
INSERT INTO ACCOUNT_EXTERNAL_IDS (ACCOUNT_ID, EMAIL_ADDRESS, PASSWORD) VALUES (${account_id}, '${preferred_email}', '${password}');
INSERT INTO ACCOUNT_GROUP_MEMBERS (ACCOUNT_ID, GROUP_ID) VALUES (${account_id}, 1);
INSERT INTO ACCOUNT_SSH_KEYS (ACCOUNT_ID, SSH_PUBLIC_KEY, VALID, SEQ) VALUES (${account_id}, '${ssh_public_key}', 'Y', 0);
EOF
# Create a netrc file to authenticate as the first user.
cat <<EOF > "${rundir}/tmp/.netrc"
machine localhost login ${username} password ${password}
EOF
# Create a .git-credentials file, to enable password-less push.
cat <<EOF > "${rundir}/tmp/.git-credentials"
http://${username}:${password}@localhost:${http_port}
EOF
cat <<EOF
To start gerrit server:
${rundir}/bin/gerrit.sh start
To use the REST API:
curl --netrc-file ${rundir}/tmp/.netrc http://localhost:${http_port}/<endpoint>
To use SSH API:
ssh ${username}@localhost -p ${ssh_port} -i ${rundir}/tmp/id_rsa gerrit
To enable 'git push' without a password prompt:
git config credential.helper 'store --file=${rundir}/tmp/.git-credentials'
To stop the server:
${rundir}/bin/gerrit.sh stop
EOF