Skip to content

Commit

Permalink
cat scripts
Browse files Browse the repository at this point in the history
  • Loading branch information
orouz committed Feb 15, 2024
1 parent 022026b commit 23f13be
Show file tree
Hide file tree
Showing 3 changed files with 4 additions and 275 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/bump-version.yml
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ jobs:
git config --global user.name "Cloud Security Machine"
- name: Bump Cloudbeat
run: scripts/bump_cloudbeat.sh
run: cat scripts/bump_cloudbeat.sh

- name: Bump Cloud Security Posture Integration
run: scripts/bump_integration.sh
run: cat scripts/bump_integration.sh
181 changes: 1 addition & 180 deletions scripts/bump_cloudbeat.sh
Original file line number Diff line number Diff line change
@@ -1,183 +1,4 @@
#!/bin/bash
set -euo pipefail

export NEXT_CLOUDBEAT_BRANCH="bump-to-$NEXT_CLOUDBEAT_VERSION"
NEXT_MINOR_VERSION=$(echo "$NEXT_CLOUDBEAT_VERSION" | cut -d '.' -f1,2)
CURRENT_MINOR_VERSION=$(echo "$CURRENT_CLOUDBEAT_VERSION" | cut -d '.' -f1,2)

export NEXT_MINOR_VERSION
export CURRENT_MINOR_VERSION

export RELEASE_CLOUDBEAT_BRANCH="release-$CURRENT_MINOR_VERSION"

echo "NEXT_CLOUDBEAT_VERSION: $NEXT_CLOUDBEAT_VERSION"
echo "NEXT_MINOR_VERSION: $NEXT_MINOR_VERSION"
echo "CURRENT_CLOUDBEAT_VERSION: $CURRENT_CLOUDBEAT_VERSION"
echo "CURRENT_MINOR_VERSION: $CURRENT_MINOR_VERSION"

update_version_mergify() {
echo "• Add a new entry to .mergify.yml"
cat <<EOF >>.mergify.yml
- name: backport patches to $CURRENT_MINOR_VERSION branch
conditions:
- merged
- label=backport-v$CURRENT_CLOUDBEAT_VERSION
actions:
backport:
assignees:
- "{{ author }}"
branches:
- "$CURRENT_MINOR_VERSION"
labels:
- "backport"
title: "[{{ destination_branch }}](backport #{{ number }}) {{ title }}"
EOF
}

update_version_arm_template_default_value() {
echo "• Update ARM templates with new version"
local single_account_file="deploy/azure/ARM-for-single-account.json"
local organization_account_file="deploy/azure/ARM-for-organization-account.json"

echo "• Replace defaultValue for ElasticAgentVersion in ARM templates"
jq --indent 4 ".parameters.ElasticAgentVersion.defaultValue = \"$NEXT_CLOUDBEAT_VERSION\"" $single_account_file >tmp.json && mv tmp.json $single_account_file
jq --indent 4 ".parameters.ElasticAgentVersion.defaultValue = \"$NEXT_CLOUDBEAT_VERSION\"" $organization_account_file >tmp.json && mv tmp.json $organization_account_file

echo "• Generate dev ARM templates"
./deploy/azure/generate_dev_template.py --template-type single-account
./deploy/azure/generate_dev_template.py --template-type organization-account
}

update_version_arm_template_file_uris() {
echo "• Update ARM templates with new version"
local single_account_file="deploy/azure/ARM-for-single-account.json"
local organization_account_file="deploy/azure/ARM-for-organization-account.json"

echo "• Replace fileUris git branch in ARM templates"
sed -i'' -E "s/cloudbeat\/main/cloudbeat\/$NEXT_MINOR_VERSION/g" $single_account_file
sed -i'' -E "s/cloudbeat\/main/cloudbeat\/$NEXT_MINOR_VERSION/g" $organization_account_file

echo "• Generate dev ARM templates"
./deploy/azure/generate_dev_template.py --template-type single-account
./deploy/azure/generate_dev_template.py --template-type organization-account
}

update_version_beat() {
echo "• Update version/version.go with new version"
sed -i'' -E "s/const defaultBeatVersion = .*/const defaultBeatVersion = \"$NEXT_CLOUDBEAT_VERSION\"/g" version/version.go
}

create_cloudbeat_versions_pr_for_main() {
echo "• Create PR for cloudbeat next version"
# git add .
# git commit -m "Bump cloudbeat to $NEXT_CLOUDBEAT_VERSION"
# git push origin "$NEXT_CLOUDBEAT_BRANCH"

cat <<EOF >cloudbeat_pr_body
Bump cloudbeat version - \`$NEXT_CLOUDBEAT_VERSION\`
> [!NOTE]
> This is an automated PR
EOF

# gh pr create --title "Bump cloudbeat version" \
# --body-file cloudbeat_pr_body \
# --base "main" \
# --head "$NEXT_CLOUDBEAT_BRANCH" \
# --label "backport-skip"

rm -rf cloudbeat_pr_body
echo "Status 1"
git diff
git checkout .
}

create_cloudbeat_versions_pr_for_release() {
echo "• Create PR for cloudbeat release version"
# git add .
# git commit -m "Release cloudbeat $CURRENT_CLOUDBEAT_VERSION"
# git push origin "$RELEASE_CLOUDBEAT_BRANCH"

cat <<EOF >cloudbeat_pr_body_release
Release cloudbeat version - \`$CURRENT_CLOUDBEAT_VERSION\`
> [!NOTE]
> This is an automated PR
EOF

# gh pr create --title "Release cloudbeat version" \
# --body-file cloudbeat_pr_body_release \
# --base "$CURRENT_MINOR_VERSION" \
# --head "$RELEASE_CLOUDBEAT_BRANCH" \
# --label "backport-skip"

rm -rf cloudbeat_pr_body_release
echo "Status 3"
git diff
git checkout .
}

# We need to bump hermit seperately because we need to wait for the snapshot build to be available
bump_hermit() {
echo "• Bump hermit cloudbeat version"
local BRANCH="bump-hermit-to-$CURRENT_CLOUDBEAT_VERSION"
git checkout -b "$BRANCH" origin/main

sed -i'' -E "s/\"CLOUDBEAT_VERSION\": .*/\"CLOUDBEAT_VERSION\": \"$CURRENT_CLOUDBEAT_VERSION\",/g" bin/hermit.hcl
# git add bin/hermit.hcl
# git commit -m "Bump cloudbeat to $CURRENT_CLOUDBEAT_VERSION"
# git push origin "$BRANCH"

cat <<EOF >hermit_pr_body
Bump cloudbeat version - \`$CURRENT_CLOUDBEAT_VERSION\`
> [!IMPORTANT]
> to be merged after snapshot build for $CURRENT_CLOUDBEAT_VERSION is available
> [!NOTE]
> This is an automated PR
EOF

echo "• Create a PR for cloudbeat hermit version"
# gh pr create --title "Bump hermit cloudbeat version" \
# --body-file hermit_pr_body \
# --base "main" \
# --head "$BRANCH" \
# --label "backport-skip"

rm -rf hermit_pr_body
echo "Status 2"
git diff
git checkout .
}

upload_cloud_formation_templates() {
echo "• Upload cloud formation templates for $CURRENT_CLOUDBEAT_VERSION"
aws configure set aws_access_key_id "$AWS_ACCESS_KEY_ID"
aws configure set aws_secret_access_key "$AWS_SECRET_ACCESS_KEY"
aws configure set region us-east-2
scripts/publish_cft.sh
}

# make changes to 'main' for next version
run_version_changes_for_main() {
git fetch origin main
git checkout -b "$NEXT_CLOUDBEAT_BRANCH" origin/main
update_version_beat
update_version_mergify
update_version_arm_template_default_value
create_cloudbeat_versions_pr_for_main
bump_hermit
}

# make changes for 'release' version
run_version_changes_for_release_branch() {
git fetch origin "$CURRENT_MINOR_VERSION"
git checkout -b "$RELEASE_CLOUDBEAT_BRANCH" origin/"$CURRENT_MINOR_VERSION"
update_version_arm_template_file_uris
create_cloudbeat_versions_pr_for_release
upload_cloud_formation_templates
}

run_version_changes_for_main
run_version_changes_for_release_branch
echo "cloudbeat script"
94 changes: 1 addition & 93 deletions scripts/bump_integration.sh
Original file line number Diff line number Diff line change
@@ -1,96 +1,4 @@
#!/bin/bash
set -euo pipefail

export MANIFEST_PATH="packages/cloud_security_posture/manifest.yml"
export CHANGELOG_PATH="packages/cloud_security_posture/changelog.yml"
export INTEGRATION_REPO="elastic/integrations"
export BRANCH="bump-to-$CURRENT_CLOUDBEAT_VERSION"
MAJOR_MINOR_CLOUDBEAT=$(echo "$CURRENT_CLOUDBEAT_VERSION" | cut -d. -f1,2)

export MAJOR_MINOR_CLOUDBEAT

checkout_integration_repo() {
echo "• Checkout integration repo"
gh auth setup-git
gh repo clone $INTEGRATION_REPO
cd integrations
git checkout -b "$BRANCH" origin/main
}

get_next_integration_version() {
current_version=$(yq '.[0].version' $CHANGELOG_PATH | tr -d '"')
preview_number="${current_version##*-preview}"
preview_number="${preview_number##*(0)}"
((next_preview_number = preview_number + 1))
next_preview_number_formatted=$(printf "%02d" "$next_preview_number")
NEXT_INTEGRATION_VERSION="${current_version%-*}-preview${next_preview_number_formatted}"
echo "• Next integration version: $NEXT_INTEGRATION_VERSION"
export NEXT_INTEGRATION_VERSION
}

update_manifest_version_vars() {
# cis_gcp
echo "• Update cloudshell_git_branch in manifest.yml"
sed -i'' -E "s/cloudshell_git_branch=[0-9]+\.[0-9]+/cloudshell_git_branch=$MAJOR_MINOR_CLOUDBEAT/g" $MANIFEST_PATH

# cis_aws + vuln_mgmt_aws
echo "• Update cloudformation-* in manifest.yml"
sed -i'' -E "s/cloudformation-cnvm-[0-9]+\.[0-9]+\.[0-9]+/cloudformation-cnvm-$CURRENT_CLOUDBEAT_VERSION/g" $MANIFEST_PATH
sed -i'' -E "s/cloudformation-cspm-ACCOUNT_TYPE-[0-9]+\.[0-9]+\.[0-9]+/cloudformation-cspm-ACCOUNT_TYPE-$CURRENT_CLOUDBEAT_VERSION/g" $MANIFEST_PATH

# cis_azure
echo "• Update cloudshell_git_branch in manifest.yml"
sed -i'' -E "s/cloudbeat%2F[0-9]+\.[0-9]+/cloudbeat%2F$MAJOR_MINOR_CLOUDBEAT/g" $MANIFEST_PATH

# git add $MANIFEST_PATH
# git commit -m "Update manifest template vars"
# git push origin "$BRANCH"
}
create_integrations_pr() {
cat <<EOF >pr_body
Bump integration version - \`$NEXT_INTEGRATION_VERSION\`
> [!NOTE]
> This is an automated PR
EOF

echo '• Create a PR to update integration'
PR_URL="$(gh pr create --title "[Cloud Security] Bump integration" \
--body-file pr_body \
--base "main" \
--head "$BRANCH" \
--label "enhancement" \
--label "Team:Cloud Security" \
--repo "$INTEGRATION_REPO")"
export PR_URL
}

update_manifest_version() {
echo "• Update manifest version"
yq -i ".version = \"$NEXT_INTEGRATION_VERSION\"" $MANIFEST_PATH
# git add $MANIFEST_PATH
# git commit -m "Update manifest version"
# git push origin "$BRANCH"
}

update_changelog_version() {
PR_URL="foo"
export PR_URL
echo "• Update changelog version"
yq -i ".[0].version = \"$NEXT_INTEGRATION_VERSION\"" $CHANGELOG_PATH
# this line below requires single quotes and env(PR) to interpolate this env var
yq -i '.[0].changes += [{"description": "Bump version", "type": "enhancement", "link": env(PR_URL) }]' $CHANGELOG_PATH
# git add $CHANGELOG_PATH
# git commit -m "Update changelog version"
# git push origin "$BRANCH"
}

checkout_integration_repo
get_next_integration_version
update_manifest_version
update_manifest_version_vars
# create_integrations_pr
update_changelog_version
echo "diff 1"
git diff
git checkout .
echo "integration script"

0 comments on commit 23f13be

Please sign in to comment.