summaryrefslogtreecommitdiff
path: root/bin
diff options
context:
space:
mode:
Diffstat (limited to 'bin')
-rwxr-xr-xbin/secpick205
1 files changed, 105 insertions, 100 deletions
diff --git a/bin/secpick b/bin/secpick
index e015cc562b7..3d032f696a2 100755
--- a/bin/secpick
+++ b/bin/secpick
@@ -1,4 +1,5 @@
#!/usr/bin/env ruby
+
# frozen_string_literal: false
require 'active_support/core_ext/object/to_query'
@@ -7,128 +8,132 @@ require 'open3'
require 'rainbow/refinement'
using Rainbow
-BRANCH_PREFIX = 'security'.freeze
-DEFAULT_REMOTE = 'dev'.freeze
-NEW_MR_URL = 'https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/new'.freeze
-
-options = { version: nil, branch: nil, sha: nil }
+module Secpick
+ BRANCH_PREFIX = 'security'.freeze
+ DEFAULT_REMOTE = 'dev'.freeze
+ NEW_MR_URL = 'https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/new'.freeze
-parser = OptionParser.new do |opts|
- opts.banner = "Usage: #{$0} [options]"
- opts.on('-v', '--version 10.0', 'Version') do |version|
- options[:version] = version&.tr('.', '-')
- end
-
- opts.on('-b', '--branch security-fix-branch', 'Original branch name (optional, defaults to current)') do |branch|
- options[:branch] = branch
- end
-
- opts.on('-s', '--sha abcd', 'SHA to cherry pick') do |sha|
- options[:sha] = sha
- end
+ class SecurityFix
+ def initialize
+ @options = self.class.options
+ end
- opts.on('-r', '--remote abcd', 'Git remote name of dev.gitlab.org (optional, defaults to `dev`)') do |remote|
- options[:remote] = remote
- end
+ def ee?
+ File.exist?('./CHANGELOG-EE.md')
+ end
- opts.on('-d', '--dry-run', 'Only show Git commands, without calling them') do |remote|
- options[:try] = true
- end
+ def dry_run?
+ @options[:try] == true
+ end
- opts.on('-h', '--help', 'Displays Help') do
- puts opts
+ def original_branch
+ @options[:branch].strip
+ end
- exit
- end
-end
+ def source_branch
+ branch = "#{original_branch}-#{@options[:version]}"
+ branch.prepend("#{BRANCH_PREFIX}-") unless branch.start_with?("#{BRANCH_PREFIX}-")
+ branch.freeze
+ end
-parser.parse!
+ def security_branch
+ "#{BRANCH_PREFIX}-#{@options[:version]}".tap do |name|
+ name << "-ee" if ee?
+ end.freeze
+ end
-options[:branch] ||= `git rev-parse --abbrev-ref HEAD`
-options[:remote] ||= DEFAULT_REMOTE
+ def git_commands
+ ["git fetch #{@options[:remote]} #{security_branch}",
+ "git checkout #{security_branch}",
+ "git pull #{@options[:remote]} #{security_branch}",
+ "git checkout -B #{source_branch}",
+ "git cherry-pick #{@options[:sha]}",
+ "git push #{@options[:remote]} #{source_branch}",
+ "git checkout #{original_branch}"]
+ end
-abort("Missing options. Use #{$0} --help to see the list of options available".red) if options.values.include?(nil)
-abort("Wrong version format #{options[:version].bold}".red) unless options[:version] =~ /\A\d*\-\d*\Z/
+ def gitlab_params
+ {
+ merge_request: {
+ source_branch: source_branch,
+ target_branch: security_branch,
+ title: "WIP: [#{@options[:version].tr('-', '.')}] ",
+ description: '/label ~security'
+ }
+ }
+ end
-class SecurityFix
- def initialize(options)
- @options = options
- end
+ def new_mr_url
+ if ee?
+ NEW_MR_URL.sub('gitlabhq', 'gitlab-ee')
+ else
+ NEW_MR_URL
+ end
+ end
- def ee?
- File.exist?('./CHANGELOG-EE.md')
- end
+ def create!
+ if dry_run?
+ puts git_commands.join("\n").green
+ puts "\nMerge request params: ".blue
+ pp gitlab_params
+ else
+ cmd = git_commands.join(' && ')
+ stdin, stdout, stderr, wait_thr = Open3.popen3(cmd)
+
+ puts stdout.read&.green
+ puts stderr.read&.red
+
+ if wait_thr.value.success?
+ puts "#{new_mr_url}?#{gitlab_params.to_query}".blue
+ end
+
+ stdin.close
+ stdout.close
+ stderr.close
+ end
+ end
- def dry_run?
- @options[:try] == true
- end
+ def self.options
+ { version: nil, branch: nil, sha: nil }.tap do |options|
+ parser = OptionParser.new do |opts|
+ opts.banner = "Usage: #{$0} [options]"
+ opts.on('-v', '--version 10.0', 'Version') do |version|
+ options[:version] = version&.tr('.', '-')
+ end
- def original_branch
- @options[:branch].strip
- end
+ opts.on('-b', '--branch security-fix-branch', 'Original branch name (optional, defaults to current)') do |branch|
+ options[:branch] = branch
+ end
- def source_branch
- branch = "#{original_branch}-#{@options[:version]}"
- branch.prepend("#{BRANCH_PREFIX}-") unless branch.start_with?("#{BRANCH_PREFIX}-")
- branch = branch.freeze
- end
+ opts.on('-s', '--sha abcd', 'SHA to cherry pick') do |sha|
+ options[:sha] = sha
+ end
- def security_branch
- "#{BRANCH_PREFIX}-#{@options[:version]}".tap do |name|
- name << "-ee" if ee?
- end.freeze
- end
+ opts.on('-r', '--remote abcd', 'Git remote name of dev.gitlab.org (optional, defaults to `dev`)') do |remote|
+ options[:remote] = remote
+ end
- def git_commands
- ["git fetch #{@options[:remote]} #{security_branch}",
- "git checkout #{security_branch}",
- "git pull #{@options[:remote]} #{security_branch}",
- "git checkout -B #{source_branch}",
- "git cherry-pick #{@options[:sha]}",
- "git push #{@options[:remote]} #{source_branch}",
- "git checkout #{original_branch}"]
- end
+ opts.on('-d', '--dry-run', 'Only show Git commands, without calling them') do |remote|
+ options[:try] = true
+ end
- def gitlab_params
- {
- merge_request: {
- source_branch: source_branch,
- target_branch: security_branch,
- title: "WIP: [#{@options[:version].tr('-', '.')}] ",
- description: '/label ~security'
- }
- }
- end
+ opts.on('-h', '--help', 'Displays Help') do
+ puts opts
- def new_mr_url
- if ee?
- NEW_MR_URL.sub('gitlabhq', 'gitlab-ee')
- else
- NEW_MR_URL
- end
- end
+ exit
+ end
+ end
- def create!
- if dry_run?
- puts git_commands.join("\n").green
- puts "\nMerge request params: ".blue
- pp gitlab_params
- else
- cmd = git_commands.join(' && ')
- stdin, stdout, stderr, wait_thr = Open3.popen3(cmd)
+ parser.parse!
- puts stdout.read&.green
- puts stderr.read&.red
+ options[:branch] ||= `git rev-parse --abbrev-ref HEAD`
+ options[:remote] ||= DEFAULT_REMOTE
- if wait_thr.value.success?
- puts "#{new_mr_url}?#{gitlab_params.to_query}".blue
+ abort("Missing options. Use #{$0} --help to see the list of options available".red) if options.values.include?(nil)
+ abort("Wrong version format #{options[:version].bold}".red) unless options[:version] =~ /\A\d*\-\d*\Z/
end
-
- stdin.close
- stdout.close
- stderr.close
end
end
end
-SecurityFix.new(options).create!
+Secpick::SecurityFix.new.create!