|
| 1 | +#!/usr/bin/env python3 |
| 2 | + |
| 3 | +""" |
| 4 | +Performs the three git commit required to do a release. See help output for more details. |
| 5 | +""" |
| 6 | + |
| 7 | +import subprocess |
| 8 | +import re |
| 9 | +import sys |
| 10 | + |
| 11 | + |
| 12 | +def cmd(command: list[str]) -> str: |
| 13 | + print('$ ' + ' '.join(command)) |
| 14 | + process = subprocess.run(command, capture_output=True, text=True) |
| 15 | + if process.returncode != 0: |
| 16 | + print('failed to run above command, got exit code: %d', process.returncode) |
| 17 | + print('stderr: ' + process.stderr.strip()) |
| 18 | + exit(process.returncode) |
| 19 | + |
| 20 | + output = process.stdout.strip() |
| 21 | + print('# ' + output) |
| 22 | + return output |
| 23 | + |
| 24 | + |
| 25 | +def find_and_replace_regex_in_file(file_path: str, find_regex: str, |
| 26 | + replace: str): |
| 27 | + |
| 28 | + print(f'Performing find and replace on "{file_path}": s/{find_regex}/{replace}') |
| 29 | + # Read in the file |
| 30 | + with open(file_path, 'r') as file: |
| 31 | + filedata = file.read() |
| 32 | + |
| 33 | + filedata = re.sub(find_regex, replace, filedata) |
| 34 | + |
| 35 | + # Write the file out again |
| 36 | + with open(file_path, 'w') as file: |
| 37 | + file.write(filedata) |
| 38 | + |
| 39 | + |
| 40 | +def print_help(): |
| 41 | + print('''update-script.py <target-tag> |
| 42 | +
|
| 43 | +Performs a series of git merges to update all references of the previous version to the specified tag of osv-scanner. This script expects upstream remote to be named `upstream` |
| 44 | +1. Fetch upstream main branch |
| 45 | +2. Create new branch on the most recent version tag (the last release commit) |
| 46 | +3. Update references to the old osv-scanner tag to the new tag, and make the first commit |
| 47 | +4. Update references to the old .github/workflows/osv-scanner-reusable.yml version to the newly made commit in the last step. Make the second commit. |
| 48 | +5. Finally update the unified workflow to point to the commit made in step 4, perform the third commit. |
| 49 | +
|
| 50 | +After this script is complete, push the new branch and create a PR. This PR must be merged via a normal git merge commit, NOT a squash commit. |
| 51 | +Then create the new release tag on this merged PR commit.''') |
| 52 | + |
| 53 | + |
| 54 | +if len(sys.argv) != 2: |
| 55 | + print_help() |
| 56 | + exit() |
| 57 | + |
| 58 | +target_tag = sys.argv[1] |
| 59 | +if not target_tag.startswith('v'): |
| 60 | + print_help() |
| 61 | + print('Target tag needs to begin with v') |
| 62 | + exit() |
| 63 | + |
| 64 | +cmd(['git', 'fetch', 'upstream']) |
| 65 | +print("fetched and checkout upstream/main") |
| 66 | + |
| 67 | +lastest_tag = cmd(['git', 'describe', '--tags', '--abbrev=0']) |
| 68 | +branch_name = cmd(['git', 'branch', '--show-current']) |
| 69 | + |
| 70 | +cmd(['git', 'checkout', '-b', 'update-to-' + target_tag, 'upstream/main']) |
| 71 | + |
| 72 | +find_and_replace_regex_in_file('osv-reporter-action/action.yml', |
| 73 | + re.escape(lastest_tag), target_tag) |
| 74 | +find_and_replace_regex_in_file('osv-scanner-action/action.yml', |
| 75 | + re.escape(lastest_tag), target_tag) |
| 76 | +find_and_replace_regex_in_file('README.md', re.escape(lastest_tag), target_tag) |
| 77 | + |
| 78 | +cmd([ |
| 79 | + 'git', 'commit', '-a', '-m', |
| 80 | + f'Update actions to use {target_tag} osv-scanner image' |
| 81 | +]) |
| 82 | + |
| 83 | +first_commit_hash = cmd(['git', 'rev-parse', 'HEAD']) |
| 84 | +print('First commit hash: ' + first_commit_hash) |
| 85 | + |
| 86 | +find_and_replace_regex_in_file( |
| 87 | + '.github/workflows/osv-scanner-reusable.yml', |
| 88 | + 'uses: google/osv-scanner-action/osv-(.*?)-action@.*? # .*', |
| 89 | + f'uses: google/osv-scanner-action/osv-\\1-action@{first_commit_hash} # {target_tag}' |
| 90 | +) |
| 91 | + |
| 92 | +find_and_replace_regex_in_file( |
| 93 | + '.github/workflows/osv-scanner-reusable-pr.yml', |
| 94 | + 'uses: google/osv-scanner-action/osv-(.*?)-action@.*? # .*', |
| 95 | + f'uses: google/osv-scanner-action/osv-\\1-action@{first_commit_hash} # {target_tag}' |
| 96 | +) |
| 97 | + |
| 98 | +cmd([ |
| 99 | + 'git', 'commit', '-a', '-m', |
| 100 | + f'Update reusable workflows to point to {target_tag} actions' |
| 101 | +]) |
| 102 | + |
| 103 | +second_commit_hash = cmd(['git', 'rev-parse', 'HEAD']) |
| 104 | +print('Second commit hash: ' + second_commit_hash) |
| 105 | + |
| 106 | +find_and_replace_regex_in_file( |
| 107 | + '.github/workflows/osv-scanner-unified-workflow.yml', |
| 108 | + 'uses: "google/osv-scanner-action/\\.github/workflows/osv-scanner-reusable(.*?)@.*?" # .*', |
| 109 | + f'uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable\\1@{second_commit_hash}" # {target_tag}' |
| 110 | +) |
| 111 | + |
| 112 | +cmd([ |
| 113 | + 'git', 'commit', '-a', '-m', |
| 114 | + f'Update unified workflow example to point to {target_tag} reusable workflows' |
| 115 | +]) |
| 116 | + |
| 117 | +print('Success!') |
0 commit comments