mirror of
https://github.com/inspec/inspec
synced 2024-11-14 00:47:10 +00:00
Merge pull request #4765 from inspec/zenspider/bk-refactor
Refactor BK verify script so we can reuse bundle caching across projects easily.
This commit is contained in:
commit
4c3fbe546d
2 changed files with 67 additions and 48 deletions
58
.expeditor/buildkite/cache_support.sh
Executable file
58
.expeditor/buildkite/cache_support.sh
Executable file
|
@ -0,0 +1,58 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -ue
|
||||||
|
|
||||||
|
S3_URL="s3://public-cd-buildkite-cache/${BUILDKITE_PIPELINE_SLUG}/${BUILDKITE_LABEL}"
|
||||||
|
|
||||||
|
pull_s3_file() {
|
||||||
|
aws s3 cp "${S3_URL}/$1" "$1" || echo "Could not pull $1 from S3"
|
||||||
|
}
|
||||||
|
|
||||||
|
push_s3_file() {
|
||||||
|
if [ -f "$1" ]; then
|
||||||
|
aws s3 cp "$1" "${S3_URL}/$1" || echo "Could not push $1 to S3 for caching."
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
install_cache_deps() {
|
||||||
|
apt-get update -y
|
||||||
|
|
||||||
|
if [ -n "${1:-}" ]; then
|
||||||
|
apt-get install "$@" -y
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -z "${SKIP_BUNDLE_CACHE:-}" ]; then
|
||||||
|
apt-get install awscli -y
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
pull_bundle() {
|
||||||
|
if [ -z "${SKIP_BUNDLE_CACHE:-}" ]; then
|
||||||
|
pull_s3_file "bundle.tar.gz"
|
||||||
|
pull_s3_file "bundle.sha256"
|
||||||
|
|
||||||
|
if [ -f bundle.tar.gz ]; then
|
||||||
|
tar -xzf bundle.tar.gz
|
||||||
|
mv Gemfile.lock Gemfile.lock.old || true
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -n "${RESET_BUNDLE_CACHE:-}" ]; then
|
||||||
|
rm bundle.sha256
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
push_bundle() {
|
||||||
|
if [ -z "${SKIP_BUNDLE_CACHE:-}" ]; then
|
||||||
|
if test -f bundle.sha256 && shasum --check bundle.sha256 --status; then
|
||||||
|
echo "Bundled gems have not changed. Skipping upload to s3"
|
||||||
|
else
|
||||||
|
echo "Bundled gems have changed. Uploading to s3"
|
||||||
|
diff -u Gemfile.lock.old Gemfile.lock || true
|
||||||
|
shasum -a 256 Gemfile.lock > bundle.sha256
|
||||||
|
tar -czf bundle.tar.gz Gemfile.lock vendor/
|
||||||
|
push_s3_file bundle.tar.gz
|
||||||
|
push_s3_file bundle.sha256
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
|
@ -1,29 +1,11 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
set -ue
|
|
||||||
|
|
||||||
echo "--- dependencies"
|
echo "--- dependencies"
|
||||||
export LANG=C.UTF-8 LANGUAGE=C.UTF-8
|
. .expeditor/buildkite/cache_support.sh
|
||||||
S3_URL="s3://public-cd-buildkite-cache/${BUILDKITE_PIPELINE_SLUG}/${BUILDKITE_LABEL}"
|
install_cache_deps sudo
|
||||||
|
|
||||||
pull_s3_file() {
|
|
||||||
aws s3 cp "${S3_URL}/$1" "$1" || echo "Could not pull $1 from S3"
|
|
||||||
}
|
|
||||||
|
|
||||||
push_s3_file() {
|
|
||||||
if [ -f "$1" ]; then
|
|
||||||
aws s3 cp "$1" "${S3_URL}/$1" || echo "Could not push $1 to S3 for caching."
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
apt-get update -y
|
|
||||||
apt-get install sudo -y
|
|
||||||
|
|
||||||
if [ -z "${SKIP_BUNDLE_CACHE:-}" ]; then
|
|
||||||
apt-get install awscli -y
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo "--- setting up user"
|
echo "--- setting up user"
|
||||||
|
export LANG=C.UTF-8 LANGUAGE=C.UTF-8
|
||||||
useradd -m -U --uid 2000 normal
|
useradd -m -U --uid 2000 normal
|
||||||
echo "normal ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/normal
|
echo "normal ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/normal
|
||||||
|
|
||||||
|
@ -35,40 +17,19 @@ uname -a
|
||||||
gem env
|
gem env
|
||||||
bundle --version
|
bundle --version
|
||||||
|
|
||||||
echo "--- bundle install"
|
echo "--- pull bundle cache"
|
||||||
if [ -z "${SKIP_BUNDLE_CACHE:-}" ]; then
|
pull_bundle
|
||||||
pull_s3_file "bundle.tar.gz"
|
|
||||||
pull_s3_file "bundle.sha256"
|
|
||||||
|
|
||||||
if [ -f bundle.tar.gz ]; then
|
|
||||||
tar -xzf bundle.tar.gz
|
|
||||||
mv Gemfile.lock Gemfile.lock.old || true
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ -n "${RESET_BUNDLE_CACHE:-}" ]; then
|
|
||||||
rm bundle.sha256
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
|
echo "--- bundle"
|
||||||
bundle config --local path vendor/bundle
|
bundle config --local path vendor/bundle
|
||||||
bundle install --jobs=7 --retry=3 --without tools maintenance deploy
|
bundle install --jobs=7 --retry=3 --without tools maintenance deploy
|
||||||
|
|
||||||
echo "--- bundle cache"
|
echo "--- push bundle cache"
|
||||||
if [ -z "${SKIP_BUNDLE_CACHE:-}" ]; then
|
push_bundle
|
||||||
if test -f bundle.sha256 && shasum --check bundle.sha256 --status; then
|
|
||||||
echo "Bundled gems have not changed. Skipping upload to s3"
|
|
||||||
else
|
|
||||||
echo "Bundled gems have changed. Uploading to s3"
|
|
||||||
diff -u Gemfile.lock.old Gemfile.lock || true
|
|
||||||
shasum -a 256 Gemfile.lock > bundle.sha256
|
|
||||||
tar -czf bundle.tar.gz Gemfile.lock vendor/
|
|
||||||
push_s3_file bundle.tar.gz
|
|
||||||
push_s3_file bundle.sha256
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo "+++ bundle exec rake ${RAKE_TASK:-}"
|
echo "+++ bundle exec rake ${RAKE_TASK:-}"
|
||||||
# TODO: run this as non-root:
|
# TODO: run this as non-root:
|
||||||
# chown -R normal:normal /home/normal /workdir
|
# chown -R normal:normal /home/normal /workdir
|
||||||
# su normal -c "bundle exec rake ${RAKE_TASK:-}"
|
# su normal -c "bundle exec rake ${RAKE_TASK:-}"
|
||||||
|
# shellcheck disable=SC2086
|
||||||
bundle exec rake ${RAKE_TASK:-}
|
bundle exec rake ${RAKE_TASK:-}
|
||||||
|
|
Loading…
Reference in a new issue