Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
c2a2b45d
Commit
c2a2b45d
authored
Jan 08, 2019
by
GitLab Bot
Browse files
Options
Browse Files
Download
Plain Diff
Automatic merge of gitlab-org/gitlab-ce master
parents
641d8038
4aaea7b3
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
127 additions
and
63 deletions
+127
-63
bin/secpick
bin/secpick
+127
-63
No files found.
bin/secpick
View file @
c2a2b45d
#!/usr/bin/env ruby
#!/usr/bin/env ruby
# frozen_string_literal: false
# frozen_string_literal: false
require
'active_support/core_ext/object/to_query'
require
'active_support/core_ext/object/to_query'
...
@@ -7,13 +8,94 @@ require 'open3'
...
@@ -7,13 +8,94 @@ require 'open3'
require
'rainbow/refinement'
require
'rainbow/refinement'
using
Rainbow
using
Rainbow
BRANCH_PREFIX
=
'security'
.
freeze
module
Secpick
REMOTE
=
'dev'
.
freeze
BRANCH_PREFIX
=
'security'
.
freeze
NEW_MR_URL
=
'https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/new'
.
freeze
DEFAULT_REMOTE
=
'dev'
.
freeze
NEW_MR_URL
=
'https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/new'
.
freeze
class
SecurityFix
def
initialize
@options
=
self
.
class
.
options
end
def
ee?
File
.
exist?
(
'./CHANGELOG-EE.md'
)
end
def
dry_run?
@options
[
:try
]
==
true
end
def
original_branch
@options
[
:branch
].
strip
end
def
source_branch
branch
=
"
#{
original_branch
}
-
#{
@options
[
:version
]
}
"
branch
.
prepend
(
"
#{
BRANCH_PREFIX
}
-"
)
unless
branch
.
start_with?
(
"
#{
BRANCH_PREFIX
}
-"
)
branch
.
freeze
end
def
security_branch
"
#{
BRANCH_PREFIX
}
-
#{
@options
[
:version
]
}
"
.
tap
do
|
name
|
name
<<
"-ee"
if
ee?
end
.
freeze
end
def
git_commands
[
"git fetch
#{
@options
[
:remote
]
}
#{
security_branch
}
"
,
"git checkout
#{
security_branch
}
"
,
"git pull
#{
@options
[
:remote
]
}
#{
security_branch
}
"
,
"git checkout -B
#{
source_branch
}
"
,
"git cherry-pick
#{
@options
[
:sha
]
}
"
,
"git push
#{
@options
[
:remote
]
}
#{
source_branch
}
"
,
"git checkout
#{
original_branch
}
"
]
end
def
gitlab_params
{
merge_request:
{
source_branch:
source_branch
,
target_branch:
security_branch
,
title:
"WIP: [
#{
@options
[
:version
].
tr
(
'-'
,
'.'
)
}
] "
,
description:
'/label ~security'
}
}
end
def
new_mr_url
if
ee?
NEW_MR_URL
.
sub
(
'gitlabhq'
,
'gitlab-ee'
)
else
NEW_MR_URL
end
end
def
create!
if
dry_run?
puts
git_commands
.
join
(
"
\n
"
).
green
puts
"
\n
Merge request params: "
.
blue
pp
gitlab_params
else
cmd
=
git_commands
.
join
(
' && '
)
stdin
,
stdout
,
stderr
,
wait_thr
=
Open3
.
popen3
(
cmd
)
options
=
{
version:
nil
,
branch:
nil
,
sha:
nil
}
puts
stdout
.
read
&
.
green
puts
stderr
.
read
&
.
red
parser
=
OptionParser
.
new
do
|
opts
|
if
wait_thr
.
value
.
success?
puts
"
#{
new_mr_url
}
?
#{
gitlab_params
.
to_query
}
"
.
blue
end
stdin
.
close
stdout
.
close
stderr
.
close
end
end
def
self
.
options
{
version:
nil
,
branch:
nil
,
sha:
nil
}.
tap
do
|
options
|
parser
=
OptionParser
.
new
do
|
opts
|
opts
.
banner
=
"Usage:
#{
$0
}
[options]"
opts
.
banner
=
"Usage:
#{
$0
}
[options]"
opts
.
on
(
'-v'
,
'--version 10.0'
,
'Version'
)
do
|
version
|
opts
.
on
(
'-v'
,
'--version 10.0'
,
'Version'
)
do
|
version
|
options
[
:version
]
=
version
&
.
tr
(
'.'
,
'-'
)
options
[
:version
]
=
version
&
.
tr
(
'.'
,
'-'
)
...
@@ -27,49 +109,31 @@ parser = OptionParser.new do |opts|
...
@@ -27,49 +109,31 @@ parser = OptionParser.new do |opts|
options
[
:sha
]
=
sha
options
[
:sha
]
=
sha
end
end
opts
.
on
(
'-r'
,
'--remote abcd'
,
'Git remote name of dev.gitlab.org (optional, defaults to `dev`)'
)
do
|
remote
|
options
[
:remote
]
=
remote
end
opts
.
on
(
'-d'
,
'--dry-run'
,
'Only show Git commands, without calling them'
)
do
|
remote
|
options
[
:try
]
=
true
end
opts
.
on
(
'-h'
,
'--help'
,
'Displays Help'
)
do
opts
.
on
(
'-h'
,
'--help'
,
'Displays Help'
)
do
puts
opts
puts
opts
exit
exit
end
end
end
end
parser
.
parse!
options
[
:branch
]
||=
`git rev-parse --abbrev-ref HEAD`
abort
(
"Missing options. Use
#{
$0
}
--help to see the list of options available"
.
red
)
if
options
.
values
.
include?
(
nil
)
abort
(
"Wrong version format
#{
options
[
:version
].
bold
}
"
.
red
)
unless
options
[
:version
]
=~
/\A\d*\-\d*\Z/
ee
=
File
.
exist?
(
'./CHANGELOG-EE.md'
)
original_branch
=
options
[
:branch
].
strip
branch
=
"
#{
original_branch
}
-
#{
options
[
:version
]
}
"
branch
.
prepend
(
"
#{
BRANCH_PREFIX
}
-"
)
unless
branch
.
start_with?
(
"
#{
BRANCH_PREFIX
}
-"
)
branch
=
branch
.
freeze
stable_branch
=
"
#{
BRANCH_PREFIX
}
-
#{
options
[
:version
]
}
"
.
tap
do
|
name
|
name
<<
"-ee"
if
ee
end
.
freeze
command
=
"git fetch
#{
REMOTE
}
#{
stable_branch
}
&& git checkout
#{
stable_branch
}
&& git pull
#{
REMOTE
}
#{
stable_branch
}
&& git checkout -B
#{
branch
}
&& git cherry-pick
#{
options
[
:sha
]
}
&& git push
#{
REMOTE
}
#{
branch
}
&& git checkout
#{
original_branch
}
"
stdin
,
stdout
,
stderr
,
wait_thr
=
Open3
.
popen3
(
command
)
puts
stdout
.
read
&
.
green
parser
.
parse!
puts
stderr
.
read
&
.
red
if
wait_thr
.
value
.
success?
options
[
:branch
]
||=
`git rev-parse --abbrev-ref HEAD`
params
=
{
options
[
:remote
]
||=
DEFAULT_REMOTE
merge_request:
{
source_branch:
branch
,
target_branch:
stable_branch
,
title:
"WIP: [
#{
options
[
:version
].
tr
(
'-'
,
'.'
)
}
] "
,
description:
'/label ~security'
}
}
puts
"
#{
NEW_MR_URL
}
?
#{
params
.
to_query
}
"
.
blue
abort
(
"Missing options. Use
#{
$0
}
--help to see the list of options available"
.
red
)
if
options
.
values
.
include?
(
nil
)
abort
(
"Wrong version format
#{
options
[
:version
].
bold
}
"
.
red
)
unless
options
[
:version
]
=~
/\A\d*\-\d*\Z/
end
end
end
end
end
stdin
.
close
Secpick
::
SecurityFix
.
new
.
create!
stdout
.
close
stderr
.
close
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment