diff --git a/Gemfile b/Gemfile index e1eaf5bb33..7374ab616b 100644 --- a/Gemfile +++ b/Gemfile @@ -11,11 +11,14 @@ group :development do gem 'yard' end +group :development, :test do + gem 'rspec-core', '~> 3.7' +end + group :test do gem 'timecop' gem 'rspec-retry' gem 'benchmark-ips' - gem 'rspec-core', '~> 3.7' gem 'rspec-expectations', '~> 3.7', '>= 3.8.4' gem 'rspec-mocks-diag', '~> 3.0' gem 'fuubar' diff --git a/Rakefile b/Rakefile index 7dca66359d..422cca22e3 100644 --- a/Rakefile +++ b/Rakefile @@ -27,11 +27,8 @@ task :install => :build do system "sudo gem install mongoid-#{Mongoid::VERSION}.gem" end -task :release => :build do - system "git tag -a v#{Mongoid::VERSION} -m 'Tagging #{Mongoid::VERSION}'" - system "git push --tags" - system "gem push mongoid-#{Mongoid::VERSION}.gem" - system "rm mongoid-#{Mongoid::VERSION}.gem" +task :release do + raise "Please use ./release.sh to release" end RSpec::Core::RakeTask.new("spec") do |spec| @@ -90,5 +87,3 @@ namespace :release do end end end - -task :release => ['release:check_private_key', 'release:do'] diff --git a/gemfiles/driver_master.gemfile b/gemfiles/driver_master.gemfile index 42e1fdbf0c..675ec24b36 100644 --- a/gemfiles/driver_master.gemfile +++ b/gemfiles/driver_master.gemfile @@ -13,11 +13,14 @@ group :development do gem 'yard' end +group :development, :test do + gem 'rspec-core', '~> 3.7' +end + group :test do gem 'timecop' gem 'rspec-retry' gem 'benchmark-ips' - gem 'rspec-core', '~> 3.7' gem 'rspec-expectations', '~> 3.7', '>= 3.8.4' gem 'rspec-mocks-diag', '~> 3.0' gem 'fuubar' diff --git a/gemfiles/driver_master_jruby.gemfile b/gemfiles/driver_master_jruby.gemfile index 154078504b..0caf76d25c 100644 --- a/gemfiles/driver_master_jruby.gemfile +++ b/gemfiles/driver_master_jruby.gemfile @@ -17,11 +17,14 @@ group :development do gem 'yard' end +group :development, :test do + gem 'rspec-core', '~> 3.7' +end + group :test do gem 'timecop' gem 'rspec-retry' gem 'benchmark-ips' - gem 'rspec-core', '~> 3.7' gem 'rspec-expectations', '~> 3.7', '>= 3.8.4' gem 'rspec-mocks-diag', '~> 3.0' gem 'fuubar' diff --git a/gemfiles/driver_min.gemfile b/gemfiles/driver_min.gemfile index b44152a1c9..0414759271 100644 --- a/gemfiles/driver_min.gemfile +++ b/gemfiles/driver_min.gemfile @@ -12,11 +12,14 @@ group :development do gem 'yard' end +group :development, :test do + gem 'rspec-core', '~> 3.7' +end + group :test do gem 'timecop' gem 'rspec-retry' gem 'benchmark-ips' - gem 'rspec-core', '~> 3.7' gem 'rspec-expectations', '~> 3.7', '>= 3.8.4' gem 'rspec-mocks-diag', '~> 3.0' gem 'fuubar' diff --git a/gemfiles/driver_min_jruby.gemfile b/gemfiles/driver_min_jruby.gemfile index 4c92d5d6cf..d01fef8947 100644 --- a/gemfiles/driver_min_jruby.gemfile +++ b/gemfiles/driver_min_jruby.gemfile @@ -15,11 +15,14 @@ group :development do gem 'yard' end +group :development, :test do + gem 'rspec-core', '~> 3.7' +end + group :test do gem 'timecop' gem 'rspec-retry' gem 'benchmark-ips' - gem 'rspec-core', '~> 3.7' gem 'rspec-expectations', '~> 3.7', '>= 3.8.4' gem 'rspec-mocks-diag', '~> 3.0' gem 'fuubar' diff --git a/gemfiles/driver_oldstable.gemfile b/gemfiles/driver_oldstable.gemfile index dab8c1af77..9bad9e9c87 100644 --- a/gemfiles/driver_oldstable.gemfile +++ b/gemfiles/driver_oldstable.gemfile @@ -13,11 +13,14 @@ group :development do gem 'yard' end +group :development, :test do + gem 'rspec-core', '~> 3.7' +end + group :test do gem 'timecop' gem 'rspec-retry' gem 'benchmark-ips' - gem 'rspec-core', '~> 3.7' gem 'rspec-expectations', '~> 3.7', '>= 3.8.4' gem 'rspec-mocks-diag', '~> 3.0' gem 'fuubar' diff --git a/gemfiles/driver_oldstable_jruby.gemfile b/gemfiles/driver_oldstable_jruby.gemfile index 21631b3bd9..78ed4921b1 100644 --- a/gemfiles/driver_oldstable_jruby.gemfile +++ b/gemfiles/driver_oldstable_jruby.gemfile @@ -15,11 +15,14 @@ group :development do gem 'yard' end +group :development, :test do + gem 'rspec-core', '~> 3.7' +end + group :test do gem 'timecop' gem 'rspec-retry' gem 'benchmark-ips' - gem 'rspec-core', '~> 3.7' gem 'rspec-expectations', '~> 3.7', '>= 3.8.4' gem 'rspec-mocks-diag', '~> 3.0' gem 'fuubar' diff --git a/gemfiles/driver_stable.gemfile b/gemfiles/driver_stable.gemfile index bb62821857..2e2425991e 100644 --- a/gemfiles/driver_stable.gemfile +++ b/gemfiles/driver_stable.gemfile @@ -13,11 +13,14 @@ group :development do gem 'yard' end +group :development, :test do + gem 'rspec-core', '~> 3.7' +end + group :test do gem 'timecop' gem 'rspec-retry' gem 'benchmark-ips' - gem 'rspec-core', '~> 3.7' gem 'rspec-expectations', '~> 3.7', '>= 3.8.4' gem 'rspec-mocks-diag', '~> 3.0' gem 'fuubar' diff --git a/gemfiles/driver_stable_jruby.gemfile b/gemfiles/driver_stable_jruby.gemfile index 50176d7748..de72d1f3f4 100644 --- a/gemfiles/driver_stable_jruby.gemfile +++ b/gemfiles/driver_stable_jruby.gemfile @@ -15,11 +15,14 @@ group :development do gem 'yard' end +group :development, :test do + gem 'rspec-core', '~> 3.7' +end + group :test do gem 'timecop' gem 'rspec-retry' gem 'benchmark-ips' - gem 'rspec-core', '~> 3.7' gem 'rspec-expectations', '~> 3.7', '>= 3.8.4' gem 'rspec-mocks-diag', '~> 3.0' gem 'fuubar' diff --git a/gemfiles/i18n-1.0.gemfile b/gemfiles/i18n-1.0.gemfile index 16b73457ea..58c2cb9650 100644 --- a/gemfiles/i18n-1.0.gemfile +++ b/gemfiles/i18n-1.0.gemfile @@ -11,11 +11,14 @@ group :development do gem 'yard' end +group :development, :test do + gem 'rspec-core', '~> 3.7' +end + group :test do gem 'timecop' gem 'rspec-retry' gem 'benchmark-ips' - gem 'rspec-core', '~> 3.7' gem 'rspec-expectations', '~> 3.7', '>= 3.8.4' gem 'rspec-mocks-diag', '~> 3.0' gem 'fuubar' diff --git a/gemfiles/rails_51.gemfile b/gemfiles/rails_51.gemfile index 194c27de11..3b0a33212e 100644 --- a/gemfiles/rails_51.gemfile +++ b/gemfiles/rails_51.gemfile @@ -10,11 +10,14 @@ group :development do gem 'yard' end +group :development, :test do + gem 'rspec-core', '~> 3.7' +end + group :test do gem 'timecop' gem 'rspec-retry' gem 'benchmark-ips' - gem 'rspec-core', '~> 3.7' gem 'rspec-expectations', '~> 3.7', '>= 3.8.4' gem 'rspec-mocks-diag', '~> 3.0' gem 'fuubar' diff --git a/gemfiles/rails_52.gemfile b/gemfiles/rails_52.gemfile index 8bacaaec06..6d8552a709 100644 --- a/gemfiles/rails_52.gemfile +++ b/gemfiles/rails_52.gemfile @@ -10,11 +10,14 @@ group :development do gem 'yard' end +group :development, :test do + gem 'rspec-core', '~> 3.7' +end + group :test do gem 'timecop' gem 'rspec-retry' gem 'benchmark-ips' - gem 'rspec-core', '~> 3.7' gem 'rspec-expectations', '~> 3.7', '>= 3.8.4' gem 'rspec-mocks-diag', '~> 3.0' gem 'fuubar' diff --git a/gemfiles/rails_master.gemfile b/gemfiles/rails_master.gemfile index 3b34c1060a..1314240774 100644 --- a/gemfiles/rails_master.gemfile +++ b/gemfiles/rails_master.gemfile @@ -10,11 +10,14 @@ group :development do gem 'yard' end +group :development, :test do + gem 'rspec-core', '~> 3.7' +end + group :test do gem 'timecop' gem 'rspec-retry' gem 'benchmark-ips' - gem 'rspec-core', '~> 3.7' gem 'rspec-expectations', '~> 3.7', '>= 3.8.4' gem 'rspec-mocks-diag', '~> 3.0' gem 'fuubar' diff --git a/release.sh b/release.sh new file mode 100755 index 0000000000..3cc07b8ff1 --- /dev/null +++ b/release.sh @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +NAME=mongoid +RELEASE_NAME=mongoid-release +VERSION_REQUIRE=mongoid/version +VERSION_CONSTANT_NAME=Mongoid::VERSION + +if ! test -f gem-private_key.pem; then + echo "gem-private_key.pem missing - cannot release" 1>&2 + exit 1 +fi + +VERSION=`ruby -Ilib -r$VERSION_REQUIRE -e "puts $VERSION_CONSTANT_NAME"` + +echo "Releasing $NAME $VERSION" +echo + +for variant in mri; do + docker build -f release/$variant/Dockerfile -t $RELEASE_NAME-$variant . + + docker kill $RELEASE_NAME-$variant || true + docker container rm $RELEASE_NAME-$variant || true + + docker run -d --name $RELEASE_NAME-$variant -it $RELEASE_NAME-$variant + + docker exec $RELEASE_NAME-$variant /app/release/$variant/build.sh + + if test $variant = jruby; then + docker cp $RELEASE_NAME-$variant:/app/pkg/$NAME-$VERSION-java.gem . + else + docker cp $RELEASE_NAME-$variant:/app/pkg/$NAME-$VERSION.gem . + fi + + docker kill $RELEASE_NAME-$variant +done + +echo +echo Built: $NAME-$VERSION.gem +#echo Built: $NAME-$VERSION-java.gem +echo + +git tag -a v$VERSION -m "Tagging release: $VERSION" +git push origin v$VERSION + +gem push $NAME-$VERSION.gem +#gem push $NAME-$VERSION-java.gem diff --git a/release/mri/Dockerfile b/release/mri/Dockerfile new file mode 100644 index 0000000000..19e4dcd52e --- /dev/null +++ b/release/mri/Dockerfile @@ -0,0 +1,11 @@ +FROM debian:10 + +ENV DEBIAN_FRONTEND=noninteractive + +RUN apt-get update && \ + apt-get -y install git ruby-bundler make gcc ruby-dev \ + libxml2-dev zlib1g-dev + +WORKDIR /app + +COPY . . diff --git a/release/mri/build.sh b/release/mri/build.sh new file mode 100755 index 0000000000..5f00c14dce --- /dev/null +++ b/release/mri/build.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +set -e + +rm -f *.lock +rm -f *.gem pkg/*.gem +bundle install --without=test +# Uses bundler gem tasks, outputs the built gem file to pkg subdir. +rake build +/app/release/verify-signature.sh pkg/*.gem diff --git a/release/verify-signature.sh b/release/verify-signature.sh new file mode 100755 index 0000000000..dbac2100b9 --- /dev/null +++ b/release/verify-signature.sh @@ -0,0 +1,41 @@ +#!/bin/bash + +set -ex + +gem="$1" +if test -z "$gem"; then + echo "Usage: `basename $0` /path/to/built.gem" 1>&2 + exit 1 +fi + +gem cert --add gem-public_cert.pem +gem install -P HighSecurity $gem + +exit + +# The verification below does not work. +# https://github.com/rubygems/rubygems/issues/3680 + +# https://docs.ruby-lang.org/en/2.7.0/Gem/Security.html + +tar xf $gem + +# Grab the public key from the gemspec + +gem spec $gem cert_chain | \ + ruby -ryaml -e 'puts YAML.load(STDIN)' > actual_public_key.crt + +for file in data.tar.gz metadata.tar.gz; do + # Generate a SHA1 hash of the data.tar.gz + + openssl dgst -sha1 < $file > actual.hash + + # Verify the signature + + openssl rsautl -verify -inkey actual_public_key.crt -certin \ + -in $file.sig > signed.hash + + # Compare your hash to the verified hash + + diff -s actual.hash signed.hash +done