script/release.sh: improve error messages if the tag verification fails
[sfrench/samba-autobuild/.git] / script / release.sh
1 #!/bin/bash
2 # make a release of Samba or a library
3
4 LC_ALL=C
5 export LC_ALL
6 LANG=C
7 export LANG
8 LANGUAGE=C
9 export LANGUAGE
10
11 set -u
12 set -e
13 umask 0022
14
15 CONF_REPO_URL="ssh://git.samba.org/data/git/samba.git"
16 CONF_UPLOAD_URL="samba-bugs@download-master.samba.org:/home/data/ftp/pub"
17 CONF_DOWNLOAD_URL="https://download.samba.org/pub"
18 CONF_HISTORY_URL="https://www.samba.org"
19
20 test -d ".git" || {
21         echo "Run this script from the top-level directory in the"
22         echo "repository"
23         exit 1
24 }
25
26 usage() {
27         echo "Usage: release.sh <PRODUCT> <COMMAND>"
28         echo ""
29         echo "PRODUCT: ldb, talloc, tevent, tdb, samba-rc, samba-stable"
30         echo "COMMAND: fullrelease, create, push, upload, announce"
31         echo ""
32         return 0
33 }
34
35 check_args() {
36         local cmd="$1"
37         local got_args="$2"
38         local take_args="$3"
39
40         test x"${got_args}" = x"${take_args}" || {
41                 usage
42                 echo "cmd[${cmd}] takes ${take_args} instead of ${got_args}"
43                 return 1
44         }
45
46         return 0
47 }
48
49 min_args() {
50         local cmd="$1"
51         local got_args="$2"
52         local min_args="$3"
53
54         test "${got_args}" -ge "${min_args}" || {
55                 usage
56                 echo "cmd[${cmd}] takes at least ${min_args} instead of ${got_args}"
57                 return 1
58         }
59
60         return 0
61 }
62
63 min_args "$0" "$#" "2"
64
65 product="$1"
66 globalcmd="$2"
67 shift 2
68 oldtagname=""
69 tagname=""
70 patchfile=""
71 cmds=""
72 next_cmd=""
73
74 require_tagname() {
75         min_args "${FUNCNAME}" "$#" "1" || return 1
76         local cmd="$1"
77
78         test -n "${tagname}" || {
79                 echo "cmd[${cmd}] requires '\${tagname}' variable to be set"
80                 return 1
81         }
82
83         local name=$(echo "${tagname}" | cut -d '-' -f1)
84         test x"${name}" = x"${productbase}" || {
85                 echo "Invalid tagname[${tgzname}]"
86                 return 1
87         }
88
89         return 0
90 }
91
92 cmd_allowed() {
93         min_args "${FUNCNAME}" "$#" "2" || return 1
94         local cmd="$1"
95         shift 1
96
97         echo "$@" | grep -q "\<${cmd}\>" || {
98                 return 1
99         }
100
101         return 0
102 }
103
104 verify_samba_rc() {
105         check_args "${FUNCNAME}" "$#" "0" || return 1
106
107         test -f VERSION || {
108                 echo "VERSION doesn't exist"
109                 return 1
110         }
111
112         grep -q 'SAMBA_VERSION_IS_GIT_SNAPSHOT=no' VERSION || {
113                 echo "SAMBA_VERSION_IS_GIT_SNAPSHOT is not 'no'"
114                 return 1
115         }
116
117         grep -q '^SAMBA_VERSION_RC_RELEASE=' VERSION || {
118                 echo "SAMBA_VERSION_RC_RELEASE= missing"
119                 return 1
120         }
121
122         grep -q '^SAMBA_VERSION_RC_RELEASE=$' VERSION && {
123                 echo "SAMBA_VERSION_RC_RELEASE= missing the rc version"
124                 return 1
125         }
126
127         return 0
128 }
129
130 load_samba_stable_versions() {
131         check_args "${FUNCNAME}" "$#" "0" || return 1
132
133         test -n "${version-}" && {
134                 return 0
135         }
136
137         local SAMBA_VERSION_MAJOR=$(grep '^SAMBA_VERSION_MAJOR=' VERSION | cut -d '=' -f2 | xargs)
138         local SAMBA_VERSION_MINOR=$(grep '^SAMBA_VERSION_MINOR=' VERSION | cut -d '=' -f2 | xargs)
139         local SAMBA_VERSION_RELEASE=$(grep '^SAMBA_VERSION_RELEASE=' VERSION | cut -d '=' -f2 | xargs)
140
141         version="${SAMBA_VERSION_MAJOR}.${SAMBA_VERSION_MINOR}.${SAMBA_VERSION_RELEASE}"
142         tagname="${productbase}-${version}"
143
144         test ${SAMBA_VERSION_RELEASE} -gt 0 || {
145                 return 0
146         }
147
148         oldversion="${SAMBA_VERSION_MAJOR}.${SAMBA_VERSION_MINOR}.$(expr ${SAMBA_VERSION_RELEASE} - 1)"
149         oldtagname="${productbase}-${oldversion}"
150         patchfile="${productbase}-${oldversion}-${version}.diffs"
151
152         return 0
153 }
154
155 verify_samba_stable() {
156         check_args "${FUNCNAME}" "$#" "0" || return 1
157
158         test -f VERSION || {
159                 echo "VERSION doesn't exist"
160                 return 1
161         }
162
163         grep -q 'SAMBA_VERSION_IS_GIT_SNAPSHOT=no' VERSION || {
164                 echo "SAMBA_VERSION_IS_GIT_SNAPSHOT is not 'no'"
165                 return 1
166         }
167
168         local VARS=""
169         VARS="${VARS} SAMBA_VERSION_REVISION"
170         VARS="${VARS} SAMBA_VERSION_TP_RELEASE"
171         VARS="${VARS} SAMBA_VERSION_ALPHA_RELEASE"
172         VARS="${VARS} SAMBA_VERSION_BETA_RELEASE"
173         VARS="${VARS} SAMBA_VERSION_PRE_RELEASE"
174         VARS="${VARS} SAMBA_VERSION_RC_RELEASE"
175         VARS="${VARS} SAMBA_VERSION_RELEASE_NICKNAME"
176         VARS="${VARS} SAMBA_VERSION_VENDOR_SUFFIX"
177         VARS="${VARS} SAMBA_VERSION_VENDOR_PATCH"
178         for var in ${VARS}; do
179                 grep -q "^${var}" VERSION && {
180                         grep -q "^${var}=$" VERSION || {
181                                 echo "${var} found in stable version"
182                                 return 1
183                         }
184                 }
185         done
186
187         load_samba_stable_versions
188
189         test x"${product}" = x"samba-stable" && {
190                 test -f "announce.${tagname}.quotation.txt" || {
191                         echo ""
192                         echo "announce.${tagname}.quotation.txt missing!"
193                         echo ""
194                         echo "Please create it and retry"
195                         echo ""
196                         echo "The content should look like this:"
197                         echo "cat announce.${tagname}.quotation.txt"
198                         echo '======================================================'
199                         echo '                "Some text'
200                         echo '                 from someone."'
201                         echo ''
202                         echo '                 The author'
203                         echo '======================================================'
204                         echo ""
205                         return 1
206                 }
207         }
208
209         test -n "${oldtagname}" || {
210                 return 0
211         }
212
213         local verify_out="${TMPDIR}/verify-${oldtagname}.out"
214
215         echo "Verifying oldtagname: ${oldtagname}"
216
217         git tag -v "${oldtagname}" >${verify_out} 2>&1 || {
218                 echo "failed to verify old tag[${oldtagname}]"
219                 echo ""
220                 cat "${verify_out}"
221                 return 1
222         }
223
224         grep -q "${GPG_KEYID}" "${verify_out}" || {
225                 echo "oldtagname[${oldtagname}] was not generated with GPG_KEYID[${GPG_KEYID}]!"
226                 echo ""
227                 cat "${verify_out}"
228                 return 1
229         }
230
231         echo "Verifying ${oldtagname}.tar.gz and ${oldtagname}.tar.asc"
232
233         test -f "${oldtagname}.tar.gz" || {
234                 echo "${oldtagname}.tar.gz does not exist"
235                 return 1
236         }
237
238         test -f "${oldtagname}.tar.asc" || {
239                 echo "${oldtagname}.tar.asc does not exist"
240                 return 1
241         }
242
243         zcat "${oldtagname}.tar.gz" | gpg --verify "${oldtagname}.tar.asc" - 2>${verify_out} || {
244                 echo "Failed to verify ${oldtagname}.tar.asc"
245                 return 1
246         }
247
248         grep -q "${GPG_KEYID}" "${verify_out}" || {
249                 echo "${oldtagname}.tar.asc was not generated with GPG_KEYID[${GPG_KEYID}]!"
250                 echo ""
251                 cat "${verify_out}"
252                 return 1
253         }
254
255         return 0
256 }
257
258 verify_release() {
259         check_args "${FUNCNAME}" "$#" "0" || return 1
260
261         test -n "${verify_fn}" || {
262                 echo "verify_fn variable empty"
263                 return 1
264         }
265
266         echo "Running ${verify_fn}"
267         ${verify_fn}
268 }
269
270 create_release() {
271         check_args "${FUNCNAME}" "$#" "0" || return 1
272
273         echo "Releasing product ${product}"
274
275         test -n "${tagname}" && {
276                 git tag -l "${tagname}" | grep -q "${tagname}" && {
277                         echo "tagname[${tagname}] already exist"
278                         return 1
279                 }
280
281                 local _tgzname="${tagname}.tar.gz"
282                 test -e "${_tgzname}" && {
283                         echo "_tgzname[${_tgzname}] already exist"
284                         return 1
285                 }
286         }
287
288         echo "Building release tarball"
289         local tgzname=$(make dist 2>&1 | grep ^Created | cut -d' ' -f2)
290         test -f "${tgzname}" || {
291                 echo "Failed to create tarball"
292                 return 1
293         }
294         CLEANUP_FILES="${CLEANUP_FILES} ${tgzname}"
295
296         local name=$(echo "${tgzname}" | cut -d '-' -f1)
297         test x"${name}" = x"${productbase}" || {
298                 echo "Invalid tgzname[${tgzname}]"
299                 return 1
300         }
301
302         local _tagname=$(basename ${tgzname} .tar.gz)
303         test -n "${tagname}" && {
304                 test x"${_tagname}" = x"${tagname}" || {
305                         echo "Invalid tgzname[${tgzname}]"
306                         return 1
307                 }
308         }
309         tagname="${_tagname}"
310
311         local tarname=$(basename ${tgzname} .gz)
312         echo "Tarball: ${tarname}"
313         gunzip -f ${tgzname} || {
314                 echo "Failed to decompress tarball ${tarname}"
315                 return 1
316         }
317         test -f "${tarname}" || {
318                 echo "Failed to decompress tarball ${tarname}"
319                 return 1
320         }
321         CLEANUP_FILES="${CLEANUP_FILES} ${tarname}"
322
323         # tagname is global
324         echo "Tagging as ${tagname}"
325         git tag -u ${GPG_KEYID} -s "${tagname}" -m "${productbase}: tag release ${tagname}" || {
326                 return 1
327         }
328         CLEANUP_TAGS="${CLEANUP_TAGS} ${tagname}"
329
330         echo "Signing ${tarname} => ${tarname}.asc"
331         rm -f "${tarname}.asc"
332         gpg -u "${GPG_USER}" --detach-sign --armor ${tarname} || {
333                 return 1
334         }
335         test -f "${tarname}.asc" || {
336                 echo "Failed to create signature ${tarname}.asc"
337                 return 1
338         }
339         CLEANUP_FILES="${CLEANUP_FILES} ${tarname}.asc"
340         echo "Compressing ${tarname} => ${tgzname}"
341         gzip -f -9 ${tarname}
342         test -f "${tgzname}" || {
343                 echo "Failed to compress ${tgzname}"
344                 return 1
345         }
346
347         return 0
348 }
349
350 patch_release() {
351         check_args "${FUNCNAME}" "$#" "0" || return 1
352         require_tagname "${FUNCNAME}"
353
354         test -n "${patchfile}" || {
355                 return 0
356         }
357
358         local oldpwd=$(pwd)
359         echo "Generating ${patchfile}"
360         (
361                 set -e
362                 set -u
363                 pushd "${TMPDIR}"
364                 tar xfz "${oldpwd}/${oldtagname}.tar.gz"
365                 tar xfz "${oldpwd}/${tagname}.tar.gz"
366                 diff -Npur "${oldtagname}/" "${tagname}/" > "${patchfile}"
367                 popd
368         )
369         CLEANUP_FILES="${CLEANUP_FILES} ${patchfile}"
370         mv "${TMPDIR}/${patchfile}" "${patchfile}" || {
371                 echo "failed cmd[mv ${TMPDIR}/${patchfile} ${patchfile}]"
372                 return 1
373         }
374
375         echo "Signing ${patchfile} => ${patchfile}.asc"
376         rm -f "${patchfile}.asc"
377         CLEANUP_FILES="${CLEANUP_FILES} ${patchfile}.asc"
378         gpg -u "${GPG_USER}" --detach-sign --armor ${patchfile} || {
379                 return 1
380         }
381         test -f "${patchfile}.asc" || {
382                 echo "Failed to create signature ${patchfile}.asc"
383                 return 1
384         }
385         echo "Compressing ${patchfile} => ${patchfile}.gz"
386         CLEANUP_FILES="${CLEANUP_FILES} ${patchfile}.gz"
387         gzip -f -9 ${patchfile}
388         test -f "${patchfile}.gz" || {
389                 echo "Failed to compress ${patchfile}.gz"
390                 return 1
391         }
392
393         return 0
394 }
395
396 whatsnew_release() {
397         check_args "${FUNCNAME}" "$#" "0" || return 1
398         require_tagname "${FUNCNAME}"
399
400         echo "extract ${tagname}.WHATSNEW.txt"
401         tar xf ${tagname}.tar.gz --to-stdout ${tagname}/WHATSNEW.txt > ${tagname}.WHATSNEW.txt
402         CLEANUP_FILES="${CLEANUP_FILES} ${tagname}.WHATSNEW.txt"
403
404         return 0
405 }
406
407 check_nopatch() {
408         check_args "${FUNCNAME}" "$#" "0" || return 1
409         require_tagname "${FUNCNAME}"
410
411         local verify_out="${TMPDIR}/verify-${oldtagname}.out"
412
413         echo "Verifying tagname: ${tagname}"
414
415         git tag -v "${tagname}" >${verify_out} 2>&1 || {
416                 echo "failed to verify tag[${tagname}]"
417                 echo ""
418                 cat "${verify_out}"
419                 return 1
420         }
421         grep -q "${GPG_KEYID}" "${verify_out}" || {
422                 echo "tagname[${tagname}] was not generated with GPG_KEYID[${GPG_KEYID}]!"
423                 echo ""
424                 cat "${verify_out}"
425                 return 1
426         }
427
428         echo "Verifying ${tagname}.tar.gz and ${tagname}.tar.asc"
429
430         test -f "${tagname}.tar.gz" || {
431                 echo "${tagname}.tar.gz does not exist"
432                 return 1
433         }
434
435         test -f "${tagname}.tar.asc" || {
436                 echo "${tagname}.tar.asc does not exist"
437                 return 1
438         }
439
440         zcat "${tagname}.tar.gz" | gpg --verify "${tagname}.tar.asc" - 2>${verify_out} || {
441                 echo "Failed to verify ${tagname}.tar.asc"
442                 return 1
443         }
444         grep -q "${GPG_KEYID}" "${verify_out}" || {
445                 echo "${tagname}.tar.asc was not generated with GPG_KEYID[${GPG_KEYID}]!"
446                 echo ""
447                 cat "${verify_out}"
448                 return 1
449         }
450
451         ls -la ${tagname}.*
452
453         return 0
454 }
455
456 check_samba_stable() {
457         check_args "${FUNCNAME}" "$#" "0" || return 1
458         require_tagname "${FUNCNAME}"
459
460         load_samba_stable_versions
461
462         local verify_out="${TMPDIR}/verify-${oldtagname}.out"
463
464         echo "Verifying tagname: ${tagname}"
465
466         git tag -v "${tagname}" >${verify_out} 2>&1 || {
467                 echo "failed to verify tag[${tagname}]"
468                 echo ""
469                 cat "${verify_out}"
470                 return 1
471         }
472         grep -q "${GPG_KEYID}" "${verify_out}" || {
473                 echo "tagname[${tagname}] was not generated with GPG_KEYID[${GPG_KEYID}]!"
474                 echo ""
475                 cat "${verify_out}"
476                 return 1
477         }
478
479         echo "Verifying ${tagname}.tar.gz and ${tagname}.tar.asc"
480
481         test -f "${tagname}.tar.gz" || {
482                 echo "${tagname}.tar.gz does not exist"
483                 return 1
484         }
485
486         test -f "${tagname}.tar.asc" || {
487                 echo "${tagname}.tar.asc does not exist"
488                 return 1
489         }
490
491         zcat "${tagname}.tar.gz" | gpg --verify "${tagname}.tar.asc" - 2>${verify_out} || {
492                 echo "Failed to verify ${tagname}.tar.asc"
493                 return 1
494         }
495         grep -q "${GPG_KEYID}" "${verify_out}" || {
496                 echo "${tagname}.tar.asc was not generated with GPG_KEYID[${GPG_KEYID}]!"
497                 echo ""
498                 cat "${verify_out}"
499                 return 1
500         }
501
502         test -n "${patchfile}" || {
503                 ls -lart ${tagname}.*
504                 return 0
505         }
506
507         echo "Verifying ${patchfile}.gz and ${patchfile}.asc"
508
509         test -f "${patchfile}.gz" || {
510                 echo "${patchfile}.gz does not exist"
511                 return 1
512         }
513
514         test -f "${patchfile}.asc" || {
515                 echo "${patchfile}.asc does not exist"
516                 return 1
517         }
518
519         zcat "${patchfile}.gz" | gpg --verify "${patchfile}.asc" - 2>${verify_out} || {
520                 echo "Failed to verify ${patchfile}.asc"
521                 return 1
522         }
523         grep -q "${GPG_KEYID}" "${verify_out}" || {
524                 echo "${patchfile}.asc was not generated with GPG_KEYID[${GPG_KEYID}]!"
525                 echo ""
526                 cat "${verify_out}"
527                 return 1
528         }
529
530         ls -lart ${tagname}.* ${patchfile}.*
531         return 0
532 }
533
534 check_release() {
535         check_args "${FUNCNAME}" "$#" "0" || return 1
536
537         test -n "${check_fn}" || {
538                 echo "check_fn variable empty"
539                 return 1
540         }
541
542         echo "Running ${check_fn}"
543         ${check_fn}
544 }
545
546 push_release() {
547         check_args "${FUNCNAME}" "$#" "0" || return 1
548         require_tagname "${FUNCNAME}"
549
550         echo "Push git tag ${tagname} to '${repo_url}'"
551         git push "${repo_url}" "refs/tags/${tagname}:refs/tags/${tagname}" || {
552                 return 1
553         }
554
555         return 0
556 }
557
558 upload_nopatch() {
559         check_args "${FUNCNAME}" "$#" "0" || return 1
560         require_tagname "${FUNCNAME}"
561
562         echo "Upload ${tagname}.* to '${upload_url}'"
563         rsync -Pav --delay-updates ${tagname}.* "${upload_url}/" || {
564                 return 1
565         }
566         rsync ${upload_url}/${tagname}.*
567
568         return 0
569 }
570
571 upload_samba_stable() {
572         check_args "${FUNCNAME}" "$#" "0" || return 1
573         require_tagname "${FUNCNAME}"
574
575         load_samba_stable_versions
576
577         local release_url="${upload_url}samba/stable/"
578         local patch_url="${upload_url}samba/patches/"
579
580         echo "Upload ${tagname}.tar.* to '${release_url}'"
581         ls -lart ${tagname}.tar.*
582         rsync -Pav --delay-updates ${tagname}.tar.* "${release_url}/" || {
583                 return 1
584         }
585         rsync ${release_url}/${tagname}.tar.*
586
587         test -n "${patchfile}" || {
588                 return 0
589         }
590
591         echo "Upload ${patchfile}.* to '${patch_url}'"
592         ls -lart ${patchfile}.*
593         rsync -Pav --delay-updates ${patchfile}.* "${patch_url}/" || {
594                 return 1
595         }
596         rsync ${patch_url}/${patchfile}.*
597
598         return 0
599 }
600
601 upload_release() {
602         check_args "${FUNCNAME}" "$#" "0" || return 1
603
604         test -n "${upload_fn}" || {
605                 echo "upload_fn variable empty"
606                 return 1
607         }
608
609         echo "Running ${upload_fn}"
610         ${upload_fn}
611 }
612
613 announcement_samba_rc() {
614         check_args "${FUNCNAME}" "$#" "0" || return 1
615         require_tagname "${FUNCNAME}"
616
617         test -f "${tagname}.WHATSNEW.txt" || {
618                 echo "${tagname}.WHATSNEW.txt does not exist"
619                 return 1
620         }
621
622         local t=""
623         local version=$(echo "${tagname}" | sed -e 's!^samba-!!')
624         local href="#${version}"
625         local series=$(echo "${version}" | cut -d '.' -f1-2)
626         local rc=$(echo "${version}" | sed -e 's!.*rc\([0-9][0-9]*\)!\1!')
627         local rcname="${rc}th"
628         case "${rc}" in
629         1)
630                 rcname="first"
631                 ;;
632         2)
633                 rcname="second"
634                 ;;
635         3)
636                 rcname="third"
637                 ;;
638         4)
639                 rcname="fourth"
640                 ;;
641         5)
642                 rcname="fifth"
643                 ;;
644         esac
645
646         CLEANUP_FILES="${CLEANUP_FILES} announce.${tagname}.to.txt"
647         {
648                 echo "samba-announce@lists.samba.org, samba@lists.samba.org, samba-technical@lists.samba.org"
649         } > announce.${tagname}.to.txt
650
651         CLEANUP_FILES="${CLEANUP_FILES} announce.${tagname}.subject.txt"
652         {
653                 echo "[Announce] Samba ${version} Available for Download"
654         } > announce.${tagname}.subject.txt
655
656         CLEANUP_FILES="${CLEANUP_FILES} announce.${tagname}.mail.txt"
657         {
658                 cat ${tagname}.WHATSNEW.txt
659                 echo ""
660                 echo "================"
661                 echo "Download Details"
662                 echo "================"
663                 echo ""
664                 echo "The uncompressed tarballs and patch files have been signed"
665                 echo "using GnuPG (ID 6568B7EA).  The source code can be downloaded"
666                 echo "from:"
667                 echo ""
668                 echo "        ${download_url}"
669                 echo ""
670                 echo "The release notes are available online at:"
671                 echo ""
672                 echo "        ${download_url}${tagname}.WHATSNEW.txt"
673                 echo ""
674                 echo "Our Code, Our Bugs, Our Responsibility."
675                 echo "(https://bugzilla.samba.org/)"
676                 echo ""
677                 echo "                        --Enjoy"
678                 echo "                        The Samba Team"
679         } > announce.${tagname}.mail.txt
680
681         CLEANUP_FILES="${CLEANUP_FILES} announce.${tagname}.mutt-arguments.txt"
682         {
683                 echo -n "-i announce.${tagname}.mail.txt "
684                 echo -n "-s \"$(cat announce.${tagname}.subject.txt | xargs)\" "
685                 echo -n "$(cat announce.${tagname}.to.txt | xargs)"
686         } > announce.${tagname}.mutt-arguments.txt
687
688         local headlinefile="posted_news/@UTCTIME@.${version}.headline.html"
689         CLEANUP_FILES="${CLEANUP_FILES} announce.${tagname}.headline.html"
690         {
691                 echo "<!-- BEGIN: ${headlinefile} -->"
692                 echo "<li> @UTCDATE@ <a href=\"${href}\">Samba ${version} Available for Download</a></li>"
693                 echo "<!-- END: ${headlinefile} -->"
694         } > announce.${tagname}.headline.html
695
696         local bodyfile="posted_news/@UTCTIME@.${version}.body.html"
697         CLEANUP_FILES="${CLEANUP_FILES} announce.${tagname}.body.html"
698         {
699                 echo "<!-- BEGIN: ${bodyfile} -->"
700                 echo "<h5><a name=\"${version}\">@UTCDATE@</a></h5>"
701                 echo "<p class="headline">Samba ${version} Available for Download</p>"
702                 echo "<p>"
703                 echo "This is the ${rcname} release candidate of the upcoming Samba ${series} release series."
704                 echo "</p>"
705                 echo "<p>"
706                 echo "The uncompressed tarball has been signed using GnuPG (ID ${GPG_KEYID})."
707                 echo "The source code can be <a href=\"${download_url}${tagname}.tar.gz\">downloaded now</a>."
708                 echo "See <a href=\"${download_url}${tagname}.WHATSNEW.txt\">the release notes for more info</a>."
709                 echo "</p>"
710                 echo "<!-- END: ${bodyfile} -->"
711         } > announce.${tagname}.body.html
712
713         CLEANUP_FILES="${CLEANUP_FILES} announce.${tagname}.todo.txt"
714         {
715                 ls -lart announce.${tagname}.*
716                 echo ""
717                 echo "NOTICE:"
718                 echo "You need to do the following manual steps in order"
719                 echo "to finish the announcement of ${tagname}!"
720                 echo ""
721                 echo "Change to a samba-web checkout and run"
722                 echo "  ./announce_samba_release.sh ${version} $(pwd)/announce.${tagname}.patch.txt"
723                 echo ""
724                 echo "Once the resulting commit is pushed a cron job will update "
725                 echo "the content exported by the webserver every 5-10 mins."
726                 echo "Check https://www.samba.org"
727                 echo ""
728                 echo "If the web content is updated, you need to send the announce mail (gpg signed)."
729                 echo "- announce.${tagname}.to.txt contains the mail's recipients for the To: header."
730                 echo "- announce.${tagname}.subject.txt contains the mail's subject line."
731                 echo "- announce.${tagname}.mail.txt contains the content of the mail body."
732                 echo "In case your're using mutt, you can use the following shortcut:"
733                 echo "  eval mutt \$(cat announce.${tagname}.mutt-arguments.txt)"
734                 echo ""
735                 echo "NOTICE: you're not done yet! Read the above instructions carefully!"
736                 echo "See: announce.${tagname}.todo.txt"
737                 echo ""
738         } > announce.${tagname}.todo.txt
739
740         ls -lart announce.${tagname}.*
741         return 0
742 }
743
744 announcement_samba_stable() {
745         check_args "${FUNCNAME}" "$#" "0" || return 1
746         require_tagname "${FUNCNAME}"
747
748         load_samba_stable_versions
749
750         test -f "${tagname}.tar.gz" || {
751                 echo "${tagname}.tar.gz does not exist"
752                 return 1
753         }
754
755         test -f "announce.${tagname}.quotation.txt" || {
756                 echo "announce.${tagname}.quotation.txt missing!"
757                 return 1
758         }
759
760         local release_url="${download_url}samba/stable/"
761         local patch_url="${download_url}samba/patches/"
762
763         echo "extract WHATSNEW.txt"
764         tar xf ${tagname}.tar.gz --to-stdout ${tagname}/WHATSNEW.txt > ${TMPDIR}/WHATSNEW.txt
765
766         local t=""
767         local oldversion=$(echo "${oldtagname}" | sed -e 's!^samba-!!')
768         local version=$(echo "${tagname}" | sed -e 's!^samba-!!')
769         local href="#${version}"
770         local series=$(echo "${version}" | cut -d '.' -f1-2)
771         local release=$(echo "${version}" | cut -d '.' -f3)
772         local releasename="latest"
773         case "${release}" in
774         1)
775                 releasename="first"
776                 ;;
777         *)
778                 releasename="latest"
779                 ;;
780         esac
781
782         CLEANUP_FILES="${CLEANUP_FILES} announce.${tagname}.to.txt"
783         {
784                 echo "samba-announce@lists.samba.org, samba@lists.samba.org, samba-technical@lists.samba.org"
785         } > announce.${tagname}.to.txt
786
787         CLEANUP_FILES="${CLEANUP_FILES} announce.${tagname}.subject.txt"
788         {
789                 echo "[Announce] Samba ${version} Available for Download"
790         } > announce.${tagname}.subject.txt
791
792         CLEANUP_FILES="${CLEANUP_FILES} announce.${tagname}.mail.txt"
793         {
794                 local top=$(cat ${TMPDIR}/WHATSNEW.txt | grep -n '^Release notes for older releases follow:' | head -1 | cut -d ':' -f1)
795                 test -n "${top}" || {
796                         top=$(cat ${TMPDIR}/WHATSNEW.txt | wc -l)
797                 }
798                 local skip=$(cat ${TMPDIR}/WHATSNEW.txt | grep -n '^[^ ]' | head -1 | cut -d ':' -f1)
799                 local bottom=$(expr ${top} - \( ${skip} - 1 \))
800
801                 cat "announce.${tagname}.quotation.txt"
802                 echo ""
803                 echo ""
804                 echo "Release Announcements"
805                 echo "---------------------"
806                 echo ""
807                 head -${top} ${TMPDIR}/WHATSNEW.txt | tail -${bottom}
808                 echo ""
809                 echo "================"
810                 echo "Download Details"
811                 echo "================"
812                 echo ""
813                 echo "The uncompressed tarballs and patch files have been signed"
814                 echo "using GnuPG (ID 6568B7EA).  The source code can be downloaded"
815                 echo "from:"
816                 echo ""
817                 echo "        ${release_url}"
818                 echo ""
819                 echo "The release notes are available online at:"
820                 echo ""
821                 echo "        ${history_url}${tagname}.html"
822                 echo ""
823                 echo "Our Code, Our Bugs, Our Responsibility."
824                 echo "(https://bugzilla.samba.org/)"
825                 echo ""
826                 echo "                        --Enjoy"
827                 echo "                        The Samba Team"
828         } > announce.${tagname}.mail.txt
829
830         CLEANUP_FILES="${CLEANUP_FILES} announce.${tagname}.mutt-arguments.txt"
831         {
832                 echo -n "-i announce.${tagname}.mail.txt "
833                 echo -n "-s \"$(cat announce.${tagname}.subject.txt | xargs)\" "
834                 echo -n "$(cat announce.${tagname}.to.txt | xargs)"
835         } > announce.${tagname}.mutt-arguments.txt
836
837         local htmlfile="history/${tagname}.html"
838         CLEANUP_FILES="${CLEANUP_FILES} announce.${tagname}.html"
839         {
840                 local tmp=$(cat ${TMPDIR}/WHATSNEW.txt | grep -n '^Reporting bugs & Development Discussion' | head -1 | cut -d ':' -f1)
841                 local lines=$(expr ${tmp} - 2)
842
843                 echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"'
844                 echo ' "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">'
845                 echo '<html xmlns="http://www.w3.org/1999/xhtml">'
846
847                 echo "<head>"
848                 echo "<title>Samba ${version} - Release Notes</title>"
849                 echo "</head>"
850
851                 echo "<body>"
852                 echo "<H2>Samba ${version} Available for Download</H2>"
853
854                 echo "<p>"
855                 echo "<a href=\"${release_url}${tagname}.tar.gz\">Samba ${version} (gzipped)</a><br>"
856                 echo "<a href=\"${release_url}${tagname}.tar.asc\">Signature</a>"
857                 echo "</p>"
858
859                 test -n "${patchfile}" && {
860                         echo "<p>"
861                         echo "<a href=\"${patch_url}${patchfile}.gz\">Patch (gzipped) against Samba ${oldversion}</a><br>"
862                         echo "<a href=\"${patch_url}${patchfile}.asc\">Signature</a>"
863                         echo "</p>"
864                 }
865
866                 echo "<p>"
867                 echo "<pre>"
868                 head -${lines} ${TMPDIR}/WHATSNEW.txt | sed \
869                         -e 's!&!\&amp;!g' | sed \
870                         -e 's!<!\&lt;!g' \
871                         -e 's!>!\&gt;!g' \
872                         -e 's!ä!\&auml;!g' \
873                         -e 's!Ä!\&Auml;!g' \
874                         -e 's!ö!\&ouml;!g' \
875                         -e 's!Ö!\&Ouml;!g' \
876                         -e 's!ü!\&uuml;!g' \
877                         -e 's!Ü!\&Uuml;!g' \
878                         -e 's!ß!\&szlig;!g' \
879                         -e 's!"!\&quot;!g' \
880                         -e "s!'!\&apos;!g" \
881                         | cat
882                 echo "</pre>"
883                 echo "</p>"
884
885                 echo "</body>"
886                 echo "</html>"
887         } > announce.${tagname}.html
888
889         local headlinefile="posted_news/@UTCTIME@.${version}.headline.html"
890         CLEANUP_FILES="${CLEANUP_FILES} announce.${tagname}.headline.html"
891         {
892                 echo "<!-- BEGIN: ${headlinefile} -->"
893                 echo "<li> @UTCDATE@ <a href=\"${href}\">Samba ${version} Available for Download</a></li>"
894                 echo "<!-- END: ${headlinefile} -->"
895         } > announce.${tagname}.headline.html
896
897         local bodyfile="posted_news/@UTCTIME@.${version}.body.html"
898         CLEANUP_FILES="${CLEANUP_FILES} announce.${tagname}.body.html"
899         {
900                 echo "<!-- BEGIN: ${bodyfile} -->"
901                 echo "<h5><a name=\"${version}\">@UTCDATE@</a></h5>"
902                 echo "<p class="headline">Samba ${version} Available for Download</p>"
903                 echo "<p>"
904                 echo "This is the ${releasename} stable release of the Samba ${series} release series."
905                 echo "</p>"
906                 echo "<p>"
907                 echo "The uncompressed tarball has been signed using GnuPG (ID ${GPG_KEYID})."
908                 echo "The source code can be <a href=\"${release_url}${tagname}.tar.gz\">downloaded now</a>."
909                 test -n "${patchfile}" && {
910                         echo "A <a href=\"${patch_url}${patchfile}.gz\">patch against Samba ${oldversion}</a> is also available."
911                 }
912                 echo "See <a href=\"${history_url}${tagname}.html\">the release notes for more info</a>."
913                 echo "</p>"
914                 echo "<!-- END: ${bodyfile} -->"
915         } > announce.${tagname}.body.html
916
917         local webrepo="${TMPDIR}/webrepo"
918
919         mkdir "${webrepo}" || {
920                 return 1
921         }
922         git -C "${webrepo}" init || {
923                 return 1
924         }
925
926         mkdir -p "$(dirname ${webrepo}/${htmlfile})" || {
927                 return 1
928         }
929         cp -a "announce.${tagname}.html" "${webrepo}/${htmlfile}" || {
930                 return 1
931         }
932
933         mkdir -p "$(dirname ${webrepo}/${headlinefile})" || {
934                 return 1
935         }
936         cp -a "announce.${tagname}.headline.html" "${webrepo}/${headlinefile}" || {
937                 return 1
938         }
939
940         mkdir -p "$(dirname ${webrepo}/${bodyfile})" || {
941                 return 1
942         }
943         cp -a "announce.${tagname}.body.html" "${webrepo}/${bodyfile}" || {
944                 return 1
945         }
946
947         git -C "${webrepo}" add "${htmlfile}" "${headlinefile}" "${bodyfile}" || {
948                 return 1
949         }
950         git -C "${webrepo}" commit --signoff --message "NEWS[${version}]: Samba ${version} Available for Download" || {
951                 return 1
952         }
953         CLEANUP_FILES="${CLEANUP_FILES} announce.${tagname}.patch.txt"
954         git -C "${webrepo}" format-patch --stdout -1 HEAD > announce.${tagname}.patch.txt || {
955                 return 1
956         }
957
958         CLEANUP_FILES="${CLEANUP_FILES} announce.${tagname}.todo.txt"
959         {
960                 ls -lart announce.${tagname}.*
961                 echo ""
962                 echo "NOTICE:"
963                 echo "You need to do the following manual steps in order"
964                 echo "to finish the announcement of ${tagname}!"
965                 echo ""
966                 echo "Change to a samba-web checkout and run"
967                 echo "  ./announce_samba_release.sh ${version} $(pwd)/announce.${tagname}.patch.txt"
968                 echo ""
969                 echo "Once the resulting commit is pushed a cron job will update "
970                 echo "the content exported by the webserver every 5-10 mins."
971                 echo "Check https://www.samba.org"
972                 echo ""
973                 echo "If the web content is updated, you need to send the announce mail (gpg signed)."
974                 echo "- announce.${tagname}.to.txt contains the mail's recipients for the To: header."
975                 echo "- announce.${tagname}.subject.txt contains the mail's subject line."
976                 echo "- announce.${tagname}.mail.txt contains the content of the mail body."
977                 echo "In case your're using mutt, you can use the following shortcut:"
978                 echo "  eval mutt \$(cat announce.${tagname}.mutt-arguments.txt)"
979                 echo ""
980                 echo "NOTICE: you're not done yet! Read the above instructions carefully!"
981                 echo "See: announce.${tagname}.todo.txt"
982                 echo ""
983         } > announce.${tagname}.todo.txt
984
985         ls -lart announce.${tagname}.*
986         return 0
987 }
988
989 announcement_release() {
990         check_args "${FUNCNAME}" "$#" "0" || return 1
991
992         test -n "${announcement_fn}" || {
993                 echo "announcement_fn variable empty"
994                 return 1
995         }
996
997         echo "Running ${announcement_fn}"
998         ${announcement_fn}
999 }
1000
1001 announce_release() {
1002         check_args "${FUNCNAME}" "$#" "0" || return 1
1003         require_tagname "${FUNCNAME}"
1004
1005         test -f "announce.${tagname}.todo.txt" || {
1006                 echo "announce.${tagname}.todo.txt does not exist"
1007                 return 1
1008         }
1009
1010         cat announce.${tagname}.todo.txt
1011         return 0
1012 }
1013
1014 case "${product}" in
1015 talloc | tdb | tevent | ldb)
1016         test -z "${GPG_USER-}" && {
1017                 GPG_USER='Samba Library Distribution Key <samba-bugs@samba.org>'
1018         }
1019
1020         test -z "${GPG_KEYID-}"  && {
1021                 GPG_KEYID='13084025'
1022         }
1023
1024         productbase="${product}"
1025         srcdir="lib/${product}"
1026         repo_url="${CONF_REPO_URL}"
1027         upload_url="${CONF_UPLOAD_URL}/${product}/"
1028         download_url="${CONF_DOWNLOAD_URL}/${product}/"
1029
1030         check_fn="check_nopatch"
1031         upload_fn="upload_nopatch"
1032         fullcmds="create check push upload"
1033         ;;
1034 samba-rc)
1035         test -z "${GPG_USER-}" && {
1036                 GPG_USER='Samba Distribution Verification Key <samba-bugs@samba.org>'
1037         }
1038
1039         test -z "${GPG_KEYID-}"  && {
1040                 GPG_KEYID='6568B7EA'
1041         }
1042
1043         productbase="samba"
1044         srcdir="."
1045         repo_url="${CONF_REPO_URL}"
1046         upload_url="${CONF_UPLOAD_URL}/samba/rc/"
1047         download_url="${CONF_DOWNLOAD_URL}/samba/rc/"
1048
1049         verify_fn="verify_samba_rc"
1050         check_fn="check_nopatch"
1051         upload_fn="upload_nopatch"
1052         announcement_fn="announcement_samba_rc"
1053         fullcmds="verify create check whatsnew announcement push upload announce"
1054         ;;
1055 samba-stable)
1056         test -z "${GPG_USER-}" && {
1057                 GPG_USER='Samba Distribution Verification Key <samba-bugs@samba.org>'
1058         }
1059
1060         test -z "${GPG_KEYID-}"  && {
1061                 GPG_KEYID='6568B7EA'
1062         }
1063
1064         productbase="samba"
1065         srcdir="."
1066         repo_url="${CONF_REPO_URL}"
1067         upload_url="${CONF_UPLOAD_URL}/"
1068         download_url="${CONF_DOWNLOAD_URL}/"
1069         history_url="${CONF_HISTORY_URL}/samba/history/"
1070
1071         verify_fn="verify_samba_stable"
1072         check_fn="check_samba_stable"
1073         upload_fn="upload_samba_stable"
1074         announcement_fn="announcement_samba_stable"
1075         fullcmds="verify create patch check announcement push upload announce"
1076         ;;
1077 TODO-samba-security)
1078         test -z "${GPG_USER-}" && {
1079                 GPG_USER='Samba Distribution Verification Key <samba-bugs@samba.org>'
1080         }
1081
1082         test -z "${GPG_KEYID-}"  && {
1083                 GPG_KEYID='6568B7EA'
1084         }
1085
1086         productbase="samba"
1087         srcdir="."
1088         repo_url="${CONF_REPO_URL}"
1089         upload_url="${CONF_UPLOAD_URL}/"
1090         download_url="${CONF_DOWNLOAD_URL}/"
1091         history_url="${CONF_HISTORY_URL}/samba/history/"
1092
1093         verify_fn="verify_samba_stable"
1094         check_fn="check_samba_stable"
1095         upload_fn="upload_samba_stable"
1096         announcement_fn="announcement_samba_security"
1097         fullcmds="verify create patch check announcement"
1098         next_cmd="push"
1099         ;;
1100 *)
1101         usage
1102         echo "Unknown product ${product}"
1103         exit 1
1104 esac
1105
1106 pushd ${srcdir} || {
1107         echo "srcdir[${srcdir}] does not exist"
1108         exit 1
1109 }
1110
1111 trap_handler() {
1112         echo ""
1113         echo "ERROR: cleaning up"
1114         echo ""
1115
1116         for t in ${CLEANUP_TAGS}; do
1117                 echo "Removing tag[${t}]"
1118                 git tag -v "${t}" && {
1119                         git tag -d "${t}" || {
1120                                 echo "failed to remove tag ${t}"
1121                         }
1122                 }
1123         done
1124
1125         for f in ${CLEANUP_FILES}; do
1126                 echo "Removing file[${f}]"
1127                 test -f "${f}" && {
1128                         rm "${f}" || {
1129                                 echo "failed to remove ${f}"
1130                         }
1131                 }
1132         done
1133
1134         for d in ${CLEANUP_DIRS}; do
1135                 echo "Removing dir[${d}]"
1136                 test -d "${d}" && {
1137                         rm -rf "${d}" || {
1138                                 echo "failed to remove ${d}"
1139                         }
1140                 }
1141         done
1142 }
1143
1144 CLEANUP_TAGS=""
1145 CLEANUP_FILES=""
1146 CLEANUP_DIRS=""
1147 trap trap_handler INT QUIT TERM EXIT
1148
1149 cmd_allowed "${globalcmd}" fullrelease ${fullcmds} || {
1150         usage
1151         echo "command[${globalcmd}] not supported for product[${product}]"
1152         exit 1
1153 }
1154
1155 case "${globalcmd}" in
1156 fullrelease)
1157         check_args "${globalcmd}" "$#" "0" || exit 1
1158         cmds="${fullcmds}"
1159         ;;
1160 create)
1161         check_args "${globalcmd}" "$#" "0" || exit 1
1162         check_args "create" "$#" "0" || exit 1
1163
1164         cmds=""
1165         cmd_allowed "verify" ${fullcmds} && {
1166                 cmds="${cmds} verify"
1167         }
1168         cmds="${cmds} create"
1169         cmd_allowed "whatsnew" ${fullcmds} && {
1170                 cmds="${cmds} whatsnew"
1171         }
1172         cmd_allowed "patch" ${fullcmds} && {
1173                 cmds="${cmds} patch"
1174         }
1175         cmds="${cmds} check"
1176         cmd_allowed "announcement" ${fullcmds} && {
1177                 cmds="${cmds} announcement"
1178         }
1179         next_cmd="push"
1180         ;;
1181 push)
1182         check_args "${globalcmd}" "$#" "1" || exit 1
1183         tagname="$1"
1184         cmds="check push"
1185         next_cmd="upload"
1186         ;;
1187 upload)
1188         check_args "${globalcmd}" "$#" "1" || exit 1
1189         tagname="$1"
1190         cmds="check upload"
1191         cmd_allowed "announce" ${fullcmds} && {
1192                 next_cmd="announce"
1193         }
1194         ;;
1195 announce)
1196         check_args "${globalcmd}" "$#" "1" || exit 1
1197         tagname="$1"
1198         cmds="check announce"
1199         ;;
1200 *)
1201         usage
1202         echo "Unknown command ${globalcmd}"
1203         exit 1
1204         ;;
1205 esac
1206
1207 TMPDIR="release.$$"
1208 CLEANUP_DIRS="${CLEANUP_DIRS} ${TMPDIR}"
1209 umask 0077
1210 mkdir "${TMPDIR}"
1211 umask 0022
1212
1213 for cmd in ${cmds}; do
1214         echo "Starting subcommand[${cmd}]"
1215         ${cmd}_release || {
1216                 echo "Failed subcommand[${cmd}]"
1217                 exit 1
1218         }
1219         echo "Finished subcommand[${cmd}]"
1220 done
1221
1222 test -d "${TMPDIR}" && {
1223         rm -rf "${TMPDIR}" || {
1224                 echo "failed to remove ${TMPDIR}"
1225         }
1226 }
1227
1228 test -n "${next_cmd}" && {
1229         echo "Continue with '$0 ${product} ${next_cmd} ${tagname}'."
1230 }
1231
1232 trap - INT QUIT TERM EXIT
1233
1234 exit 0