wip

wip

wip

more checks

fix bug if release folder already exists

fix bug if release folder already exists

ensure branch has correct release; dry-run

simplify branches

step by step

fix paths

pushd/popd

pushd/popd

use bash

simplify

simplify

simplify

simplify

add dry run

Author: Z80coder

java/ql/automodel/publish.sh

@@ -1,62 +1,118 @@
-#!/bin/sh
+#!/bin/bash
 set -e
 
-# Before running this, make sure
-# 1. there is an SSO-enabled token with package:write permissions to codeql supplied via the GITHUB_TOKEN environment variable
-# 2. the CODEQL_DIST environment variable is set to the path of a codeql distribution
-# 3. the gh command line tool is installed and authenticated with a token that has repo permissions to github/codeml-automodel
-# supplied via the GH_TOKEN environment variable
+# Add help message
+if [ "$1" = "-h" ] || [ "$1" = "--help" ]; then
+  echo "Usage: ./publish [override-release]"
+  echo "By default we publish the version of the codeql repo specified by the latest official release defined by the codeml-automodel repo."
+  echo "Otherwise, the optional argument override-release forces your current HEAD to be published."
+  exit 0
+fi
+
+# If we're publishing the codeml-automodel release then we will checkout the sha specified in the release.
+# So we need to check that there are no uncommitted changes in the local branch.
+# And, if we're publishing the current HEAD, it's cleaner to ensure that there are no uncommitted changes.
+if ! git diff --quiet; then
+  echo "Error: Uncommitted changes exist. Please commit or stash your changes before publishing."
+  exit 1
+fi
+
+# Check the above environment variables are set
+if [ -z "${GITHUB_TOKEN:-}" ]; then
+  echo "Error: GITHUB_TOKEN environment variable not set. Please set this to a token with package:write permissions to codeql."
+  exit 1
+fi
+if [ -z "${CODEQL_DIST:-}" ]; then
+  echo "Error: CODEQL_DIST environment variable not set. Please set this to the path of a codeql distribution."
+  exit 1
+fi
+if [ -z "${GH_TOKEN:-}" ]; then
+  echo "Error: GH_TOKEN environment variable not set. Please set this to a token with repo permissions to github/codeml-automodel."
+  exit 1
+fi
+
+# Get the sha of the previous release
+PREVIOUS_RELEASE_SHA=$(git rev-list -n 1 main -- ./src/qlpack.yml)
+if [ -z "$PREVIOUS_RELEASE_SHA" ]; then
+  echo "Error: Could not get the sha of the previous release of codeml-automodel query pack"
+  exit 1
+else
+  echo "Previous query-pack release sha: $PREVIOUS_RELEASE_SHA"
+fi
 
-# Script to publish a new version of the automodel package to the package registry.
-# Usage: ./publish [override-release]
-# By default the sha of the codeql repo specified in the latest release of codeml-automodel will be published.
-# Otherwise, the optional argument override-release forces the current HEAD to be published.
+CURRENT_BRANCH=$(git rev-parse --abbrev-ref HEAD)
+CURRENT_SHA=$(git rev-parse HEAD)
 
-# If the first argument is empty, use the latest release of codeml-automodel
 if [ -z "${1:-}" ]; then
-    TAG_NAME=$(gh api -H 'Accept: application/vnd.github+json' -H 'X-GitHub-Api-Version: 2022-11-28' /repos/github/codeml-automodel/releases/latest | jq -r .tag_name)
-    # Check TAG_NAME is not empty
-    if [ -z "$TAG_NAME" ]; then
-        echo "Error: Could not get latest release of codeml-automodel"
-        exit 1
-    fi
-    echo "Updating to latest automodel release: $TAG_NAME"
-    rm release.zip || true
-    gh release download $TAG_NAME -A zip -O release.zip --repo 'https://github.com/github/codeml-automodel'
-    unzip -o release.zip -d release 
-    REVISION=$(jq -r '.["codeql-sha"]' release/codeml-automodel*/codeml-automodel-release.json)
-    echo "The latest automodel release specifies a codeql revision of $REVISION"
-    if git diff --quiet; then
-      echo "Checking out CodeQL revision $REVISION"
-      git reset --hard "$REVISION"
-    else
-      echo "Error: Uncommitted changes exist. Please commit or stash your changes before resetting."
+  # If the first argument is empty, use the latest release of codeml-automodel
+  TAG_NAME=$(gh api -H 'Accept: application/vnd.github+json' -H 'X-GitHub-Api-Version: 2022-11-28' /repos/github/codeml-automodel/releases/latest | jq -r .tag_name)
+  # Check TAG_NAME is not empty
+  if [ -z "$TAG_NAME" ]; then
+      echo "Error: Could not get latest release of codeml-automodel"
       exit 1
-    fi
+  fi
+  echo "Updating to latest automodel release: $TAG_NAME"
+  rm release.zip || true
+  gh release download $TAG_NAME -A zip -O release.zip --repo 'https://github.com/github/codeml-automodel'
+  rm -rf release || true
+  unzip -o release.zip -d release 
+  REVISION=$(jq -r '.["codeql-sha"]' release/codeml-automodel*/codeml-automodel-release.json)
+  echo "The latest codeml-automodel release specifies the codeql sha $REVISION"
+  # Check that REVISION is downstream from PREVIOUS_RELEASE_SHA
+  if ! git merge-base --is-ancestor "$PREVIOUS_RELEASE_SHA" "$REVISION"; then
+    echo "Error: The codeql version $REVISION is not downstream of the query-pack version $PREVIOUS_RELEASE_SHA"
+    exit 1
+  fi
+  # Get the version of the codeql code specified by the codeml-automodel release
+  git checkout "$REVISION"
+else
+  # Check that the current HEAD is downstream from PREVIOUS_RELEASE_SHA
+  if ! git merge-base --is-ancestor "$PREVIOUS_RELEASE_SHA" "$CURRENT_SHA"; then
+    echo "Error: The current HEAD is not downstream from the previous release"
+    exit 1
+  fi
 fi
 
 AUTOMODEL_ROOT="$(readlink -f "$(dirname $0)")"
 WORKSPACE_ROOT="$AUTOMODEL_ROOT/../../.."
 GRPS="automodel,-test"
 
-if [ -z "$CODEQL_DIST" ]; then
-  echo "CODEQL_DIST not set"
-  exit -1
-fi
-
-cd "$AUTOMODEL_ROOT"
+pushd "$AUTOMODEL_ROOT"
 echo Testing automodel queries
 "${CODEQL_DIST}/codeql" test run test
+popd
+
+pushd "$WORKSPACE_ROOT"
+echo "Preparing the release"
+"${CODEQL_DIST}/codeql" pack release --groups $GRPS -v
 
-cd "$WORKSPACE_ROOT"
+echo "Publishing the release"
+# Add --dry-run to test publishing
+"${CODEQL_DIST}/codeql" pack publish --groups $GRPS -v
 
-echo Preparing release
-"${CODEQL_DIST}/codeql" pack release --groups $GRPS
+echo "Bumping versions"
+"${CODEQL_DIST}/codeql" pack post-release --groups $GRPS -v
+popd
+
+# The above commands update
+#  ./src/CHANGELOG.md
+#  ./src/codeql-pack.release.yml
+#  ./src/qlpack.yml
+# and add a new file
+#  ./src/change-notes/released/<version>.md
+
+if [ -z "${1:-}" ]; then
+  # If we used the latest release of codeml-automodel, then we need to return to the current branch
+  git checkout "$CURRENT_BRANCH"
+fi
 
-echo Publishing automodel
-"${CODEQL_DIST}/codeql" pack publish --groups $GRPS
+# Add the updated files to the current branch
+git add ./src/CHANGELOG.md
+git add ./src/codeql-pack.release.yml
+git add ./src/qlpack.yml
+git add ./src/change-notes/released/*
+echo "Added the following updated version files to the current branch:"
+git status -s
 
-echo Bumping versions
-"${CODEQL_DIST}/codeql" pack post-release --groups $GRPS
+echo "Automodel packs successfully published. Local files have been modified. Please commit and push the version changes and then merge into main."
 
-echo Automodel packs successfully published. Please commit and push the version changes.