#!/usr/bin/env bash # Copyright (c) 2013 The Chromium Authors. All rights reserved. # Use of this source code is governed by a BSD-style license that can be # found in the LICENSE file. set -e http_port=8080 ssh_port=29418 while test $# -ne 0; do case "$1" in -v) version="$2" shift ;; -d) rundir="$2" shift ;; --http-port) http_port="$2" shift ;; --ssh-port) ssh_port="$2" shift ;; *) rundir="$1" ;; esac shift done if [ -z "$rundir" ]; then rundir=$(mktemp -d) fi this_dir=$(dirname $0) gerrit_exe="$this_dir/gerrit.war" account_id=101 full_name='Test Account' maximum_page_size='25' password='test-password' preferred_email="test-username@test.org" registered_on=$(date '+%Y-%m-%d %H:%M:%S.000%:::z') username='test-username' # The python code below for picking the "latest" gerrit release is cribbed and # ported from the javascript at: # # http://gerrit-releases.storage.googleapis.com/index.html url='https://www.googleapis.com/storage/v1/b/gerrit-releases/o?projection=noAcl' curl --retry 30 --ssl-reqd -s $url | python <(cat <.war", # "md5Hash": "", # }, # { # "name": "gerrit-.war", # "md5Hash": "", # }, # ... # } # # ...and prints the name and md5sum of the corresponding *.war file. import json import re import sys requested_version = sys.argv[1] if len(sys.argv) > 1 else None # Disable using -rc versions. This is a temporary hack to avoid # picking up version 2.9-rc0, which requires java 7. These lines # should be un-commented after this bug is fixed: # https://code.google.com/p/chromium/issues/detail?id=346369 #gerrit_re = re.compile('gerrit(?:-full)?-([0-9.]+)(-rc[0-9]+)?[.]war') gerrit_re = re.compile('gerrit(?:-full)?-([0-9.]+)[.]war') j = json.load(sys.stdin) items = [(x, gerrit_re.match(x['name'])) for x in j['items']] #items = [(x, m.group(1), m.group(2)) for x, m in items if m] items = [(x, m.group(1), '') for x, m in items if m] def _cmp(a, b): an = a[1].split('.') bn = b[1].split('.') while len(an) < len(bn): an.append('0') while len(bn) < len(an): bn.append('0') an.append(a[2][3:] if a[2] else '1000') bn.append(b[2][3:] if b[2] else '1000') for i in range(len(an)): if an[i] != bn[i]: return -1 if int(an[i]) > int(bn[i]) else 1 return 0 if requested_version: for info, version in items: if version == requested_version: print '"%s" "%s"' % (info['name'], info['md5Hash']) sys.exit(0) print >> sys.stderr, 'No such Gerrit version: %s' % requested_version sys.exit(1) items.sort(cmp=_cmp) for x in items: print '"%s" "%s"' % (x[0]['name'], x[0]['md5Hash']) sys.exit(0) EOF ) "$version" | xargs | while read name md5; do # Download the requested gerrit version if necessary, and verify the md5sum. target="$this_dir/$name" net_sum=$(echo -n $md5 | base64 -d | od -tx1 | head -1 | cut -d ' ' -f 2- | sed 's/ //g') if [ -f "$target" ]; then file_sum=$(md5sum "$target" | awk '{print $1}' | xargs) if [ "$file_sum" = "$net_sum" ]; then ln -sf "$name" "$gerrit_exe" break else rm -rf "$target" fi fi curl --retry 30 --ssl-reqd -s -o "$target" \ "https://gerrit-releases.storage.googleapis.com/$name" file_sum=$(md5sum "$target" | awk '{print $1}' | xargs) if [ "$file_sum" != "$net_sum" ]; then echo "ERROR: md5sum mismatch when downloading $name" 1>&2 rm -rf "$target" exit 1 else ln -sf "$name" "$gerrit_exe" fi done if [ ! -e "$gerrit_exe" ]; then echo "ERROR: No $gerrit_exe file or link present, and unable " 1>&2 echo " to download the latest version." 1>&2 exit 1 fi # By default, gerrit only accepts https connections, which is a good thing. But # for testing, it's convenient to enable plain http. Also, turn off all email # notifications. mkdir -p "${rundir}/etc" cat < "${rundir}/etc/gerrit.config" [auth] type = DEVELOPMENT_BECOME_ANY_ACCOUNT gitBasicAuth = true [gerrit] canonicalWebUrl = http://$(hostname):${http_port}/ [httpd] listenUrl = http://*:${http_port}/ [sshd] listenAddress = *:${ssh_port} [sendemail] enable = false [container] javaOptions = -Duser.home=${rundir}/tmp EOF # Initialize the gerrit instance. java -jar "$gerrit_exe" init --no-auto-start --batch --install-plugin=download-commands -d "${rundir}" # Create SSH key pair for the first user. mkdir -p "${rundir}/tmp" ssh-keygen -t rsa -q -f "${rundir}/tmp/id_rsa" -N "" ssh_public_key="$(cat ${rundir}/tmp/id_rsa.pub)" # Set up the first user, with admin priveleges. cat < /dev/null INSERT INTO ACCOUNTS (FULL_NAME, MAXIMUM_PAGE_SIZE, PREFERRED_EMAIL, REGISTERED_ON, ACCOUNT_ID) VALUES ('${full_name}', ${maximum_page_size}, '${preferred_email}', '${registered_on}', ${account_id}); INSERT INTO ACCOUNT_EXTERNAL_IDS (ACCOUNT_ID, EXTERNAL_ID) VALUES (${account_id}, 'gerrit:${username}'); INSERT INTO ACCOUNT_EXTERNAL_IDS (ACCOUNT_ID, EXTERNAL_ID) VALUES (${account_id}, 'username:${username}'); INSERT INTO ACCOUNT_EXTERNAL_IDS (ACCOUNT_ID, EMAIL_ADDRESS, PASSWORD) VALUES (${account_id}, '${preferred_email}', '${password}'); INSERT INTO ACCOUNT_GROUP_MEMBERS (ACCOUNT_ID, GROUP_ID) VALUES (${account_id}, 1); INSERT INTO ACCOUNT_SSH_KEYS (ACCOUNT_ID, SSH_PUBLIC_KEY, VALID, SEQ) VALUES (${account_id}, '${ssh_public_key}', 'Y', 0); EOF # Create a netrc file to authenticate as the first user. cat < "${rundir}/tmp/.netrc" machine localhost login ${username} password ${password} EOF # Create a .git-credentials file, to enable password-less push. cat < "${rundir}/tmp/.git-credentials" http://${username}:${password}@localhost:${http_port} EOF cat < To use SSH API: ssh ${username}@localhost -p ${ssh_port} -i ${rundir}/tmp/id_rsa gerrit To enable 'git push' without a password prompt: git config credential.helper 'store --file=${rundir}/tmp/.git-credentials' To stop the server: ${rundir}/bin/gerrit.sh stop EOF