-
Notifications
You must be signed in to change notification settings - Fork 13
/
Copy pathpush-back.php
91 lines (75 loc) · 3.57 KB
/
push-back.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
<?php
include __DIR__ . '/lean-repo-utils.php';
// Do nothing if not on Pantheon or if on the test/live environments.
if (!isset($_ENV['PANTHEON_ENVIRONMENT']) || in_array($_ENV['PANTHEON_ENVIRONMENT'], ['test', 'live']) ) {
return;
}
/**
* This script will separates changes from the most recent commit
* and pushes any that affect the canonical sources back to the
* master repository.
*/
$bindingDir = $_SERVER['HOME'];
$fullRepository = realpath("$bindingDir/code");
// $docRoot = "$fullRepository/" . $_SERVER['DOCROOT'];
print "Enter push-back. Repository root is $fullRepository.\n";
$privateFiles = realpath("$bindingDir/files/private");
$gitSecretsFile = "$privateFiles/.build-secrets/tokens.json";
$gitSecrets = load_git_secrets($gitSecretsFile);
$git_token = $gitSecrets['token'];
if (empty($git_token)) {
$message = "Unable to load Git token from secrets file";
pantheon_raise_dashboard_error($message, true);
}
$workDir = sys_get_temp_dir() . "/pushback-workdir";
// Temporary:
passthru("rm -rf $workDir");
mkdir($workDir);
$buildProviders = load_build_providers($fullRepository);
$buildMetadata = load_build_metadata($fullRepository);
// The remote repo to push to
$upstreamRepo = $buildMetadata['url'];
$upstreamRepoWithCredentials = $upstreamRepo;
if (isset($buildProviders['git'])) {
switch ($buildProviders['git']) {
case 'github':
$upstreamRepoWithCredentials = str_replace('git@github.com:', 'https://github.com/', $upstreamRepoWithCredentials);
$upstreamRepoWithCredentials = str_replace('https://', "https://$git_token:x-oauth-basic@", $upstreamRepoWithCredentials);
break;
case 'gitlab':
// While initial Git URLs from Build Tools are SSH based, they are immediately replaced
// by the HTTP ones from GitLab CI. This runs at initial setup so the SSH one shouldn't
// be there very long.
if ((strpos($upstreamRepoWithCredentials, 'https://') !== false) || (strpos($upstreamRepoWithCredentials, 'http://') !== false)) {
$parsed_url = parse_url($upstreamRepoWithCredentials);
$parsed_url['user'] = 'oauth2';
$parsed_url['pass'] = $git_token;
$upstreamRepoWithCredentials = http_build_url($parsed_url);
}
else {
pantheon_raise_dashboard_error("Error parsing GitLab URL from Build Metadata.", true);
}
break;
case 'bitbucket':
$upstreamRepoWithCredentials = str_replace('git@bitbucket.org:', 'https://bitbucket.org/', $upstreamRepoWithCredentials);
if ((strpos($upstreamRepoWithCredentials, 'https://') !== false) || (strpos($upstreamRepoWithCredentials, 'http://') !== false)) {
$parsed_url = parse_url($upstreamRepoWithCredentials);
$parsed_url['user'] = $gitSecrets['user'];
$parsed_url['pass'] = $gitSecrets['pass'];
$upstreamRepoWithCredentials = http_build_url($parsed_url);
}
else {
pantheon_raise_dashboard_error("Error parsing Bitbucket URL from Build Metadata.", true);
}
break;
default:
}
}
$status = push_back($fullRepository, $workDir, $upstreamRepoWithCredentials, $buildMetadata, "build-metadata.json");
// Throw out the working repository.
passthru("rm -rf $workDir");
// Post error to dashboard and exit if the merge fails.
if ($status != 0) {
$message = "Commit back to canonical repository failed with exit code $status.";
pantheon_raise_dashboard_error($message, true);
}