summaryrefslogtreecommitdiffstats
path: root/security/nss/automation/release
diff options
context:
space:
mode:
Diffstat (limited to 'security/nss/automation/release')
-rw-r--r--security/nss/automation/release/nspr-version.txt10
-rw-r--r--security/nss/automation/release/nss-release-helper.py252
2 files changed, 262 insertions, 0 deletions
diff --git a/security/nss/automation/release/nspr-version.txt b/security/nss/automation/release/nspr-version.txt
new file mode 100644
index 000000000..9e0c933dc
--- /dev/null
+++ b/security/nss/automation/release/nspr-version.txt
@@ -0,0 +1,10 @@
+4.13.1
+
+# The first line of this file must contain the human readable NSPR
+# version number, which is the minimum required version of NSPR
+# that is supported by this version of NSS.
+#
+# This information is used by release automation,
+# when creating an NSS source archive.
+#
+# All other lines in this file are ignored.
diff --git a/security/nss/automation/release/nss-release-helper.py b/security/nss/automation/release/nss-release-helper.py
new file mode 100644
index 000000000..d168febde
--- /dev/null
+++ b/security/nss/automation/release/nss-release-helper.py
@@ -0,0 +1,252 @@
+#!/usr/bin/python
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+import os
+import sys
+import datetime
+import shutil
+import glob
+from optparse import OptionParser
+from subprocess import check_call
+
+nssutil_h = "lib/util/nssutil.h"
+softkver_h = "lib/softoken/softkver.h"
+nss_h = "lib/nss/nss.h"
+nssckbi_h = "lib/ckfw/builtins/nssckbi.h"
+
+def check_call_noisy(cmd, *args, **kwargs):
+ print "Executing command:", cmd
+ check_call(cmd, *args, **kwargs)
+
+o = OptionParser(usage="client.py [options] remove_beta | set_beta | print_library_versions | print_root_ca_version | set_root_ca_version | set_version_to_minor_release | set_version_to_patch_release | set_release_candidate_number | set_4_digit_release_number | create_nss_release_archive")
+
+try:
+ options, args = o.parse_args()
+ action = args[0]
+except IndexError:
+ o.print_help()
+ sys.exit(2)
+
+def exit_with_failure(what):
+ print "failure: ", what
+ sys.exit(2)
+
+def check_files_exist():
+ if (not os.path.exists(nssutil_h) or not os.path.exists(softkver_h)
+ or not os.path.exists(nss_h) or not os.path.exists(nssckbi_h)):
+ exit_with_failure("cannot find expected header files, must run from inside NSS hg directory")
+
+def sed_inplace(sed_expression, filename):
+ backup_file = filename + '.tmp'
+ check_call_noisy(["sed", "-i.tmp", sed_expression, filename])
+ os.remove(backup_file)
+
+def toggle_beta_status(is_beta):
+ check_files_exist()
+ if (is_beta):
+ print "adding Beta status to version numbers"
+ sed_inplace('s/^\(#define *NSSUTIL_VERSION *\"[0-9.]\+\)\" *$/\\1 Beta\"/', nssutil_h)
+ sed_inplace('s/^\(#define *NSSUTIL_BETA *\)PR_FALSE *$/\\1PR_TRUE/', nssutil_h)
+ sed_inplace('s/^\(#define *SOFTOKEN_VERSION *\"[0-9.]\+\" *SOFTOKEN_ECC_STRING\) *$/\\1 \" Beta"/', softkver_h)
+ sed_inplace('s/^\(#define *SOFTOKEN_BETA *\)PR_FALSE *$/\\1PR_TRUE/', softkver_h)
+ sed_inplace('s/^\(#define *NSS_VERSION *\"[0-9.]\+\" *_NSS_CUSTOMIZED\) *$/\\1 \" Beta"/', nss_h)
+ sed_inplace('s/^\(#define *NSS_BETA *\)PR_FALSE *$/\\1PR_TRUE/', nss_h)
+ else:
+ print "removing Beta status from version numbers"
+ sed_inplace('s/^\(#define *NSSUTIL_VERSION *\"[0-9.]\+\) *Beta\" *$/\\1\"/', nssutil_h)
+ sed_inplace('s/^\(#define *NSSUTIL_BETA *\)PR_TRUE *$/\\1PR_FALSE/', nssutil_h)
+ sed_inplace('s/^\(#define *SOFTOKEN_VERSION *\"[0-9.]\+\" *SOFTOKEN_ECC_STRING\) *\" *Beta\" *$/\\1/', softkver_h)
+ sed_inplace('s/^\(#define *SOFTOKEN_BETA *\)PR_TRUE *$/\\1PR_FALSE/', softkver_h)
+ sed_inplace('s/^\(#define *NSS_VERSION *\"[0-9.]\+\" *_NSS_CUSTOMIZED\) *\" *Beta\" *$/\\1/', nss_h)
+ sed_inplace('s/^\(#define *NSS_BETA *\)PR_TRUE *$/\\1PR_FALSE/', nss_h)
+ print "please run 'hg stat' and 'hg diff' to verify the files have been verified correctly"
+
+def print_beta_versions():
+ check_call_noisy(["egrep", "#define *NSSUTIL_VERSION|#define *NSSUTIL_BETA", nssutil_h])
+ check_call_noisy(["egrep", "#define *SOFTOKEN_VERSION|#define *SOFTOKEN_BETA", softkver_h])
+ check_call_noisy(["egrep", "#define *NSS_VERSION|#define *NSS_BETA", nss_h])
+
+def remove_beta_status():
+ print "--- removing beta flags. Existing versions were:"
+ print_beta_versions()
+ toggle_beta_status(False)
+ print "--- finished modifications, new versions are:"
+ print_beta_versions()
+
+def set_beta_status():
+ print "--- adding beta flags. Existing versions were:"
+ print_beta_versions()
+ toggle_beta_status(True)
+ print "--- finished modifications, new versions are:"
+ print_beta_versions()
+
+def print_library_versions():
+ check_files_exist()
+ check_call_noisy(["egrep", "#define *NSSUTIL_VERSION|#define NSSUTIL_VMAJOR|#define *NSSUTIL_VMINOR|#define *NSSUTIL_VPATCH|#define *NSSUTIL_VBUILD|#define *NSSUTIL_BETA", nssutil_h])
+ check_call_noisy(["egrep", "#define *SOFTOKEN_VERSION|#define SOFTOKEN_VMAJOR|#define *SOFTOKEN_VMINOR|#define *SOFTOKEN_VPATCH|#define *SOFTOKEN_VBUILD|#define *SOFTOKEN_BETA", softkver_h])
+ check_call_noisy(["egrep", "#define *NSS_VERSION|#define NSS_VMAJOR|#define *NSS_VMINOR|#define *NSS_VPATCH|#define *NSS_VBUILD|#define *NSS_BETA", nss_h])
+
+def print_root_ca_version():
+ check_files_exist()
+ check_call_noisy(["grep", "define *NSS_BUILTINS_LIBRARY_VERSION", nssckbi_h])
+
+
+def ensure_arguments_after_action(how_many, usage):
+ if (len(sys.argv) != (2+how_many)):
+ exit_with_failure("incorrect number of arguments, expected parameters are:\n" + usage)
+
+def set_major_versions(major):
+ sed_inplace('s/^\(#define *NSSUTIL_VMAJOR *\).*$/\\1' + major + '/', nssutil_h)
+ sed_inplace('s/^\(#define *SOFTOKEN_VMAJOR *\).*$/\\1' + major + '/', softkver_h)
+ sed_inplace('s/^\(#define *NSS_VMAJOR *\).*$/\\1' + major + '/', nss_h)
+
+def set_minor_versions(minor):
+ sed_inplace('s/^\(#define *NSSUTIL_VMINOR *\).*$/\\1' + minor + '/', nssutil_h)
+ sed_inplace('s/^\(#define *SOFTOKEN_VMINOR *\).*$/\\1' + minor + '/', softkver_h)
+ sed_inplace('s/^\(#define *NSS_VMINOR *\).*$/\\1' + minor + '/', nss_h)
+
+def set_patch_versions(patch):
+ sed_inplace('s/^\(#define *NSSUTIL_VPATCH *\).*$/\\1' + patch + '/', nssutil_h)
+ sed_inplace('s/^\(#define *SOFTOKEN_VPATCH *\).*$/\\1' + patch + '/', softkver_h)
+ sed_inplace('s/^\(#define *NSS_VPATCH *\).*$/\\1' + patch + '/', nss_h)
+
+def set_build_versions(build):
+ sed_inplace('s/^\(#define *NSSUTIL_VBUILD *\).*$/\\1' + build + '/', nssutil_h)
+ sed_inplace('s/^\(#define *SOFTOKEN_VBUILD *\).*$/\\1' + build + '/', softkver_h)
+ sed_inplace('s/^\(#define *NSS_VBUILD *\).*$/\\1' + build + '/', nss_h)
+
+def set_full_lib_versions(version):
+ sed_inplace('s/^\(#define *NSSUTIL_VERSION *\"\)\([0-9.]\+\)\(.*\)$/\\1' + version + '\\3/', nssutil_h)
+ sed_inplace('s/^\(#define *SOFTOKEN_VERSION *\"\)\([0-9.]\+\)\(.*\)$/\\1' + version + '\\3/', softkver_h)
+ sed_inplace('s/^\(#define *NSS_VERSION *\"\)\([0-9.]\+\)\(.*\)$/\\1' + version + '\\3/', nss_h)
+
+def set_root_ca_version():
+ ensure_arguments_after_action(2, "major_version minor_version")
+ major = args[1].strip()
+ minor = args[2].strip()
+ version = major + '.' + minor
+ sed_inplace('s/^\(#define *NSS_BUILTINS_LIBRARY_VERSION *\"\).*$/\\1' + version + '/', nssckbi_h)
+ sed_inplace('s/^\(#define *NSS_BUILTINS_LIBRARY_VERSION_MAJOR *\).*$/\\1' + major + '/', nssckbi_h)
+ sed_inplace('s/^\(#define *NSS_BUILTINS_LIBRARY_VERSION_MINOR *\).*$/\\1' + minor + '/', nssckbi_h)
+
+def set_all_lib_versions(version, major, minor, patch, build):
+ set_full_lib_versions(version)
+ set_major_versions(major)
+ set_minor_versions(minor)
+ set_patch_versions(patch)
+ set_build_versions(build)
+
+def set_version_to_minor_release():
+ ensure_arguments_after_action(2, "major_version minor_version")
+ major = args[1].strip()
+ minor = args[2].strip()
+ version = major + '.' + minor
+ patch = "0"
+ build = "0"
+ set_all_lib_versions(version, major, minor, patch, build)
+
+def set_version_to_patch_release():
+ ensure_arguments_after_action(3, "major_version minor_version patch_release")
+ major = args[1].strip()
+ minor = args[2].strip()
+ patch = args[3].strip()
+ version = major + '.' + minor + '.' + patch
+ build = "0"
+ set_all_lib_versions(version, major, minor, patch, build)
+
+def set_release_candidate_number():
+ ensure_arguments_after_action(1, "release_candidate_number")
+ build = args[1].strip()
+ set_build_versions(build)
+
+def set_4_digit_release_number():
+ ensure_arguments_after_action(4, "major_version minor_version patch_release 4th_digit_release_number")
+ major = args[1].strip()
+ minor = args[2].strip()
+ patch = args[3].strip()
+ build = args[4].strip()
+ version = major + '.' + minor + '.' + patch + '.' + build
+ set_all_lib_versions(version, major, minor, patch, build)
+
+def create_nss_release_archive():
+ ensure_arguments_after_action(3, "nss_release_version nss_hg_release_tag path_to_stage_directory")
+ nssrel = args[1].strip() #e.g. 3.19.3
+ nssreltag = args[2].strip() #e.g. NSS_3_19_3_RTM
+ stagedir = args[3].strip() #e.g. ../stage
+
+ with open('automation/release/nspr-version.txt') as nspr_version_file:
+ nsprrel = next(nspr_version_file).strip()
+
+ nspr_tar = "nspr-" + nsprrel + ".tar.gz"
+ nsprtar_with_path= stagedir + "/v" + nsprrel + "/src/" + nspr_tar
+ if (not os.path.exists(nsprtar_with_path)):
+ exit_with_failure("cannot find nspr archive at expected location " + nsprtar_with_path)
+
+ nss_stagedir= stagedir + "/" + nssreltag + "/src"
+ if (os.path.exists(nss_stagedir)):
+ exit_with_failure("nss stage directory already exists: " + nss_stagedir)
+
+ nss_tar = "nss-" + nssrel + ".tar.gz"
+
+ check_call_noisy(["mkdir", "-p", nss_stagedir])
+ check_call_noisy(["hg", "archive", "-r", nssreltag, "--prefix=nss-" + nssrel + "/nss",
+ stagedir + "/" + nssreltag + "/src/" + nss_tar, "-X", ".hgtags"])
+ check_call_noisy(["tar", "-xz", "-C", nss_stagedir, "-f", nsprtar_with_path])
+ print "changing to directory " + nss_stagedir
+ os.chdir(nss_stagedir)
+ check_call_noisy(["tar", "-xz", "-f", nss_tar])
+ check_call_noisy(["mv", "-i", "nspr-" + nsprrel + "/nspr", "nss-" + nssrel + "/"])
+ check_call_noisy(["rmdir", "nspr-" + nsprrel])
+
+ nss_nspr_tar = "nss-" + nssrel + "-with-nspr-" + nsprrel + ".tar.gz"
+
+ check_call_noisy(["tar", "-cz", "--remove-files", "-f", nss_nspr_tar, "nss-" + nssrel])
+ check_call("sha1sum " + nss_tar + " " + nss_nspr_tar + " > SHA1SUMS", shell=True)
+ check_call("sha256sum " + nss_tar + " " + nss_nspr_tar + " > SHA256SUMS", shell=True)
+ print "created directory " + nss_stagedir + " with files:"
+ check_call_noisy(["ls", "-l"])
+
+if action in ('remove_beta'):
+ remove_beta_status()
+
+elif action in ('set_beta'):
+ set_beta_status()
+
+elif action in ('print_library_versions'):
+ print_library_versions()
+
+elif action in ('print_root_ca_version'):
+ print_root_ca_version()
+
+elif action in ('set_root_ca_version'):
+ set_root_ca_version()
+
+# x.y version number - 2 parameters
+elif action in ('set_version_to_minor_release'):
+ set_version_to_minor_release()
+
+# x.y.z version number - 3 parameters
+elif action in ('set_version_to_patch_release'):
+ set_version_to_patch_release()
+
+# change the release candidate number, usually increased by one,
+# usually if previous release candiate had a bug
+# 1 parameter
+elif action in ('set_release_candidate_number'):
+ set_release_candidate_number()
+
+# use the build/release candiate number in the identifying version number
+# 4 parameters
+elif action in ('set_4_digit_release_number'):
+ set_4_digit_release_number()
+
+elif action in ('create_nss_release_archive'):
+ create_nss_release_archive()
+
+else:
+ o.print_help()
+ sys.exit(2)
+
+sys.exit(0)