From d332515dee3bea08a1f47a7bcb5d4586a86035d6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dylan=20A=C3=AFssi?= <dylan.aissi@collabora.com>
Date: Wed, 10 Jul 2024 16:26:30 +0200
Subject: [PATCH 1/6] trigger-updates: make it compatible with new reports
format
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Late 2021, dashboard's reports gained their own format. See
https://gitlab.apertis.org/infrastructure/dashboard/-/commit/c0c77cb6ea0dce1b289a4df4d111e0c13dc0d7a3
Since then, trigger-updates was not compatible anymore.
Signed-off-by: Dylan Aïssi <dylan.aissi@collabora.com>
---
bin/trigger-updates | 63 ++++++++++++++++++++++++---------------------
1 file changed, 34 insertions(+), 29 deletions(-)
diff --git a/bin/trigger-updates b/bin/trigger-updates
index f2c4398..5f5bd67 100755
--- a/bin/trigger-updates
+++ b/bin/trigger-updates
@@ -23,39 +23,44 @@ def connect(gitlab_instance, gitlab_server_url, gitlab_api_token):
def trigger_updates(gl, data, filterglob):
all_packages = data["packages"]
- all_count = sum(
- len(package.get("updates", [])) for package in all_packages.values()
- )
- filtered_packages = [
- p
- for package_name, p in all_packages.items()
- if fnmatch.fnmatch(package_name, filterglob)
- ]
- filtered_count = sum(
- len(package.get("updates", [])) for package in filtered_packages
- )
+ all_packages_reports = {
+ package: values
+ for package, values in all_packages.items()
+ if "reports" in values
+ }
+ all_packages_updates = {}
+ all_count = 0
+ filtered_count = 0
+ for package, values in all_packages_reports.items():
+ for report in values["reports"]:
+ if report["domain"] == "update" and report["kind"] == "available":
+ all_count += 1
+ all_packages_updates.update({package: values})
+ if fnmatch.fnmatch(package, filterglob):
+ filtered_count += 1
logging.info(
f"Processing {filtered_count} updates matching the '{filterglob}' filter, {all_count} total"
)
- for package_name, package in all_packages.items():
+ for package_name, package in all_packages_updates.items():
should_trigger = fnmatch.fnmatch(package_name, filterglob)
- for update in package.get("updates", []):
- path_with_namespace = package["git"]["path_with_namespace"]
- ref = update.get("base", update["branch"])["name"]
- print(
- f"{path_with_namespace}:",
- "Trigger" if should_trigger else "Skip",
- ref,
- update["branch"]["version"],
- "→",
- update["upstream"]["version"],
- )
- p = gl.projects.get(path_with_namespace, lazy=True)
- update["pipeline"] = {"ref": ref}
- if should_trigger:
- pipeline = p.pipelines.create({"ref": ref})
- print(" ", pipeline.web_url)
- update["pipeline"].update(id=pipeline.id, web_url=pipeline.web_url)
+ for report in package["reports"]:
+ if report["domain"] == "update" and report["kind"] == "available":
+ path_with_namespace = package["git"]["path_with_namespace"]
+ ref = report.get("base")["name"]
+ print(
+ f"{path_with_namespace}:",
+ "Trigger" if should_trigger else "Skip",
+ ref,
+ report["base"]["version"],
+ "→",
+ report["upstream"]["version"],
+ )
+ p = gl.projects.get(path_with_namespace, lazy=True)
+ report["pipeline"] = {"ref": ref}
+ if should_trigger:
+ pipeline = p.pipelines.create({"ref": ref})
+ print(" ", pipeline.web_url)
+ report["pipeline"].update(id=pipeline.id, web_url=pipeline.web_url)
if __name__ == "__main__":
--
GitLab
From 8ea11b3551f3b36ee5ddeb118b6d1643f74afff1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dylan=20A=C3=AFssi?= <dylan.aissi@collabora.com>
Date: Wed, 10 Jul 2024 17:32:45 +0200
Subject: [PATCH 2/6] trigger-updates: add option to trigger only security
updates
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Dylan Aïssi <dylan.aissi@collabora.com>
---
bin/trigger-updates | 18 ++++++++++++++++--
1 file changed, 16 insertions(+), 2 deletions(-)
diff --git a/bin/trigger-updates b/bin/trigger-updates
index 5f5bd67..168af34 100755
--- a/bin/trigger-updates
+++ b/bin/trigger-updates
@@ -47,9 +47,18 @@ def trigger_updates(gl, data, filterglob):
if report["domain"] == "update" and report["kind"] == "available":
path_with_namespace = package["git"]["path_with_namespace"]
ref = report.get("base")["name"]
+
+ should_trigger_security = True
+ if args.only_security:
+ if not report["branch"].endswith("-security"):
+ should_trigger_security = False
+ logging.debug(
+ f'Skipping {package_name} {report["upstream"]["version"]} from {report["branch"]} due to --only-security'
+ )
+
print(
f"{path_with_namespace}:",
- "Trigger" if should_trigger else "Skip",
+ "Trigger" if should_trigger and should_trigger_security else "Skip",
ref,
report["base"]["version"],
"→",
@@ -57,7 +66,7 @@ def trigger_updates(gl, data, filterglob):
)
p = gl.projects.get(path_with_namespace, lazy=True)
report["pipeline"] = {"ref": ref}
- if should_trigger:
+ if should_trigger and should_trigger_security:
pipeline = p.pipelines.create({"ref": ref})
print(" ", pipeline.web_url)
report["pipeline"].update(id=pipeline.id, web_url=pipeline.web_url)
@@ -96,6 +105,11 @@ if __name__ == "__main__":
"--filter",
help="trigger updates only on matching projects",
)
+ parser.add_argument(
+ "--only-security",
+ action="store_true",
+ help="trigger only security updates",
+ )
parser.add_argument(
"--gitlab-instance",
type=str,
--
GitLab
From cd71fc50a6f4e1d98cc4652b74bf568579526940 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dylan=20A=C3=AFssi?= <dylan.aissi@collabora.com>
Date: Thu, 11 Jul 2024 10:37:12 +0200
Subject: [PATCH 3/6] Add button to process only security updates
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Dylan Aïssi <dylan.aissi@collabora.com>
---
.gitlab-ci.yml | 8 ++++++++
templates/index.html.jinja2 | 6 ++++++
2 files changed, 14 insertions(+)
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index e547ac4..af5647a 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -35,6 +35,13 @@ variables:
For instance use `*` to process all updates, `dash` to only process `pkg/dash`.
Leave it empty to not trigger any update.
value: ""
+ TRIGGER_SECURITY_UPDATES:
+ description: |
+ Set to `1` to pull only security updates from upstream.
+ value: ""
+ options:
+ - ""
+ - "1"
TRIGGER_GITLAB_RULEZ:
description: |
Set to `apply` to run gitlab-rulez on GitLab repositories.
@@ -623,6 +630,7 @@ trigger-updates:
--gitlab-server-url "${CI_SERVER_URL}"
--projects packaging.json
--filter "${TRIGGER_UPDATES}"
+ ${TRIGGER_SECURITY_UPDATES:+--only-security}
${DEBUG:+--debug}
${LOG_TO_FILE:+--log-to-file $LOG_TO_FILE}
artifacts:
diff --git a/templates/index.html.jinja2 b/templates/index.html.jinja2
index 0ee107c..800f9ff 100644
--- a/templates/index.html.jinja2
+++ b/templates/index.html.jinja2
@@ -196,6 +196,12 @@
&var[TRIGGER_FROM_JOB]={{- meta.current_job_url -}}
{%- endif -%}
">Update all</a>
+ <a class="btn btn-danger {{'disabled' if not summary.update_errors_count }}"
+ href="{{- meta.new_pipeline_url -}}&var[TRIGGER_UPDATES]=*&var[TRIGGER_SECURITY_UPDATES]=1
+ {%- if meta.current_job_url -%}
+ &var[TRIGGER_FROM_JOB]={{- meta.current_job_url -}}
+ {%- endif -%}
+ ">Update security</a>
{%- endif %}
</div>
{% endblock %}
--
GitLab
From ba9d34b403bdcd5269b33839ff4c8058c1f6df60 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dylan=20A=C3=AFssi?= <dylan.aissi@collabora.com>
Date: Thu, 11 Jul 2024 17:41:50 +0200
Subject: [PATCH 4/6] Count the number of wrong-settings reports
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Dylan Aïssi <dylan.aissi@collabora.com>
---
bin/dashboard | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/bin/dashboard b/bin/dashboard
index 4251769..84a7a88 100755
--- a/bin/dashboard
+++ b/bin/dashboard
@@ -74,6 +74,12 @@ def preprocess_packaging_data(data):
"total_packaging_delta": sum(
count_reports(p, lambda r: r["domain"] == "delta") for p in packages
),
+ "wrong_settings_count": sum(
+ count_reports(
+ p, lambda r: r["domain"] == "git" and r["kind"] == "wrong-settings"
+ )
+ for p in packages
+ ),
}
data["summary"] = summary
--
GitLab
From 27b65051bdad51a01b5ee7b2341e7d462461a3af Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dylan=20A=C3=AFssi?= <dylan.aissi@collabora.com>
Date: Thu, 11 Jul 2024 17:43:42 +0200
Subject: [PATCH 5/6] Disable the 'Run gitlab-rulez' button if not action is
required
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Dylan Aïssi <dylan.aissi@collabora.com>
---
templates/index.html.jinja2 | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/templates/index.html.jinja2 b/templates/index.html.jinja2
index 800f9ff..236430c 100644
--- a/templates/index.html.jinja2
+++ b/templates/index.html.jinja2
@@ -187,7 +187,7 @@
<div>
{% if meta.new_pipeline_url -%}
- <a class="btn btn-primary"
+ <a class="btn btn-primary {{'disabled' if not summary.wrong_settings_count }}"
href="{{- meta.new_pipeline_url -}}&var[TRIGGER_GITLAB_RULEZ]=apply
">Run gitlab-rulez</a>
<a class="btn btn-primary {{'disabled' if not summary.total_updates_count }}"
--
GitLab
From 053085b52278d1149965ceb22da2e16206eedf94 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dylan=20A=C3=AFssi?= <dylan.aissi@collabora.com>
Date: Thu, 11 Jul 2024 17:47:12 +0200
Subject: [PATCH 6/6] Reorganize buttons to avoid breaking the structure
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Dylan Aïssi <dylan.aissi@collabora.com>
---
templates/base.html.jinja2 | 4 ++++
templates/index.html.jinja2 | 10 ++++++----
2 files changed, 10 insertions(+), 4 deletions(-)
diff --git a/templates/base.html.jinja2 b/templates/base.html.jinja2
index 05b4f4e..b908998 100644
--- a/templates/base.html.jinja2
+++ b/templates/base.html.jinja2
@@ -49,6 +49,10 @@
{% block summary %}{% endblock %}
</div>
+ <div class="d-flex align-items-baseline justify-content-between">
+ {% block buttons %}{% endblock %}
+ </div>
+
<div class="d-flex align-items-baseline justify-content-between">
{% block error %}{% endblock %}
</div>
diff --git a/templates/index.html.jinja2 b/templates/index.html.jinja2
index 236430c..47de1ad 100644
--- a/templates/index.html.jinja2
+++ b/templates/index.html.jinja2
@@ -184,9 +184,11 @@
</div>
</div>
</ul>
+{% endblock %}
- <div>
- {% if meta.new_pipeline_url -%}
+{% block buttons %}
+ {% if meta.new_pipeline_url -%}
+ <ul class="list-inline mr-auto">
<a class="btn btn-primary {{'disabled' if not summary.wrong_settings_count }}"
href="{{- meta.new_pipeline_url -}}&var[TRIGGER_GITLAB_RULEZ]=apply
">Run gitlab-rulez</a>
@@ -202,8 +204,8 @@
&var[TRIGGER_FROM_JOB]={{- meta.current_job_url -}}
{%- endif -%}
">Update security</a>
- {%- endif %}
- </div>
+ </ul>
+ {%- endif %}
{% endblock %}
{% block error %}
--
GitLab