test/docker/run_tests/create-one-time-test-data.sh - plugins/task - Git at Google

 #!/usr/bin/env bash

 die() { echo -e "\nERROR:" "$@" ; kill $$ ; exit 1 ; } # error_message

 q() { "$@" > /dev/null 2>&1 ; } # cmd [args...]  # quiet a command

 gssh() { ssh -x -p "$SSH_PORT" "$GERRIT_HOST" gerrit "$@" ; } # run a gerrit ssh command

 create_test_users_and_group() {
     echo "Creating test users and group ..."
     gssh create-account "$NON_SECRET_USER" --full-name "$NON_SECRET_USER" \
            --email "$NON_SECRET_USER"@example.com --ssh-key - < ~/.ssh/id_rsa.pub

     gssh create-account "$UNTRUSTED_USER" --full-name "$UNTRUSTED_USER" \
         --email "$UNTRUSTED_USER"@example.com --ssh-key - < ~/.ssh/id_rsa.pub

     gssh create-group "Visible-Root-Config-Project" --member "$NON_SECRET_USER"

     local secret_user=$USER
     gssh create-group "$NON_SECRET_GROUP_NAME_WITHOUT_SPACE" \
         --member "$NON_SECRET_USER" --member "$secret_user"
     gssh create-group "\"$NON_SECRET_GROUP_NAME_WITH_SPACE\"" \
         --member "$NON_SECRET_USER" --member "$secret_user"
     gssh create-group "$SECRET_GROUP_NAME" --member "$secret_user"
 }

 setup_root_cfg_repo() {
     echo "Updating root-cfg repo ..."

     local uuid=$(gssh ls-groups -v | awk '-F\t' '$1 == "Visible-Root-Config-Project" {print $2}')
     ( cd "$WORKSPACE"
       if ! gssh ls-projects | grep -q "^$ROOT_CONFIG_PRJ$"; then
           echo "Project $ROOT_CONFIG_PRJ does not exist. Creating ..."
           gssh create-project "$ROOT_CONFIG_PRJ" --owner "Administrators" \
               --submit-type "MERGE_IF_NECESSARY" --empty-commit
       fi
       if ! gssh ls-projects --show-branch "$ROOT_CONFIG_BRANCH" | grep -q "$ROOT_CONFIG_PRJ$"; then
           echo "Branch $ROOT_CONFIG_BRANCH in $ROOT_CONFIG_PRJ does not exist. Creating ..."
           gssh create-branch "$ROOT_CONFIG_PRJ" "$ROOT_CONFIG_BRANCH" master
       fi
       q git clone ssh://"$GERRIT_HOST":"$SSH_PORT"/"$ROOT_CONFIG_PRJ" root_cfg_prj
       cd root_cfg_prj
       q git fetch origin refs/meta/config ; q git checkout FETCH_HEAD

       echo -e "$uuid\tVisible-Root-Config-Project" >> groups
       git config -f "project.config" \
           --add access."$ROOT_CONFIG_BRANCH".read "group Visible-Root-Config-Project"
       git config -f "project.config" \
           --add access."$ROOT_CONFIG_BRANCH".exclusiveGroupPermissions "read"
       q git add . && q git commit -m "project config update"
       q git push origin HEAD:refs/meta/config
     )
 }

 setup_capabilities() {
     echo "Updating All-Projects repo with capabilities ..."
     ( cd "$WORKSPACE"
       q git clone ssh://"$GERRIT_HOST":"$SSH_PORT"/All-Projects allProjects_capabilities
       cd allProjects_capabilities
       q git fetch origin refs/meta/config ; q git checkout FETCH_HEAD
       git config -f "project.config" \
           --add capability.viewTaskPaths "group Administrators"
 #     After migrating to version 3.5, it is no longer feasible to assign read permissions to
 #     Administrators for another user's ref. To address this, add the 'accessDatabase' capability,
 #     allowing admins to read the user ref of other users
       git config -f "project.config" \
                 --add capability.accessDatabase "group Administrators"
       q git add . && q git commit -m "project config update"
       q git push origin HEAD:refs/meta/config
     )
 }

 SSH_PORT=29418
 USER_RUN_TESTS_DIR="$USER_HOME"/"$RUN_TESTS_DIR"
 while (( "$#" )) ; do
    case "$1" in
        --non-secret-user)                 shift ; NON_SECRET_USER="$1" ;;
        --untrusted-user)                  shift ; UNTRUSTED_USER="$1" ;;
        --non-secret-group-without-space)  shift ; NON_SECRET_GROUP_NAME_WITHOUT_SPACE="$1" ;;
        --non-secret-group-with-space)     shift ; NON_SECRET_GROUP_NAME_WITH_SPACE="$1" ;;
        --secret-group)                    shift ; SECRET_GROUP_NAME="$1" ;;
        --root-config-project)             shift ; ROOT_CONFIG_PRJ=$1 ;;
        --root-config-branch)              shift ; ROOT_CONFIG_BRANCH=$1 ;;
        *)                                 die "invalid argument '$1'" ;;
    esac
    shift
 done

 [ -z "$NON_SECRET_USER" ] && die "non-secret-user not set"
 [ -z "$UNTRUSTED_USER" ] && die "untrusted-user not set"
 [ -z "$NON_SECRET_GROUP_NAME_WITHOUT_SPACE" ] && die "non-secret-group-without-space not set"
 [ -z "$NON_SECRET_GROUP_NAME_WITH_SPACE" ] && die "non-secret-group-with-space not set"
 [ -z "$SECRET_GROUP_NAME" ] && die "secret-group not set"
 [ -z "$ROOT_CONFIG_PRJ" ] && ROOT_CONFIG_PRJ=All-Projects
 [ -z "$ROOT_CONFIG_BRANCH" ] && ROOT_CONFIG_BRANCH=refs/meta/config

 "$USER_RUN_TESTS_DIR"/create-test-project-and-changes.sh
 "$USER_RUN_TESTS_DIR"/update-all-users-project.sh
 create_test_users_and_group
 setup_root_cfg_repo
 setup_capabilities
	#!/usr/bin/env bash

	die() { echo -e "\nERROR:" "$@" ; kill $$ ; exit 1 ; } # error_message

	q() { "$@" > /dev/null 2>&1 ; } # cmd [args...] # quiet a command

	gssh() { ssh -x -p "$SSH_PORT" "$GERRIT_HOST" gerrit "$@" ; } # run a gerrit ssh command

	create_test_users_and_group() {
	echo "Creating test users and group ..."
	gssh create-account "$NON_SECRET_USER" --full-name "$NON_SECRET_USER" \
	--email "$NON_SECRET_USER"@example.com --ssh-key - < ~/.ssh/id_rsa.pub

	gssh create-account "$UNTRUSTED_USER" --full-name "$UNTRUSTED_USER" \
	--email "$UNTRUSTED_USER"@example.com --ssh-key - < ~/.ssh/id_rsa.pub

	gssh create-group "Visible-Root-Config-Project" --member "$NON_SECRET_USER"

	local secret_user=$USER
	gssh create-group "$NON_SECRET_GROUP_NAME_WITHOUT_SPACE" \
	--member "$NON_SECRET_USER" --member "$secret_user"
	gssh create-group "\"$NON_SECRET_GROUP_NAME_WITH_SPACE\"" \
	--member "$NON_SECRET_USER" --member "$secret_user"
	gssh create-group "$SECRET_GROUP_NAME" --member "$secret_user"
	}

	setup_root_cfg_repo() {
	echo "Updating root-cfg repo ..."

	local uuid=$(gssh ls-groups -v \| awk '-F\t' '$1 == "Visible-Root-Config-Project" {print $2}')
	( cd "$WORKSPACE"
	if ! gssh ls-projects \| grep -q "^$ROOT_CONFIG_PRJ$"; then
	echo "Project $ROOT_CONFIG_PRJ does not exist. Creating ..."
	gssh create-project "$ROOT_CONFIG_PRJ" --owner "Administrators" \
	--submit-type "MERGE_IF_NECESSARY" --empty-commit
	fi
	if ! gssh ls-projects --show-branch "$ROOT_CONFIG_BRANCH" \| grep -q "$ROOT_CONFIG_PRJ$"; then
	echo "Branch $ROOT_CONFIG_BRANCH in $ROOT_CONFIG_PRJ does not exist. Creating ..."
	gssh create-branch "$ROOT_CONFIG_PRJ" "$ROOT_CONFIG_BRANCH" master
	fi
	q git clone ssh://"$GERRIT_HOST":"$SSH_PORT"/"$ROOT_CONFIG_PRJ" root_cfg_prj
	cd root_cfg_prj
	q git fetch origin refs/meta/config ; q git checkout FETCH_HEAD

	echo -e "$uuid\tVisible-Root-Config-Project" >> groups
	git config -f "project.config" \
	--add access."$ROOT_CONFIG_BRANCH".read "group Visible-Root-Config-Project"
	git config -f "project.config" \
	--add access."$ROOT_CONFIG_BRANCH".exclusiveGroupPermissions "read"
	q git add . && q git commit -m "project config update"
	q git push origin HEAD:refs/meta/config
	)
	}

	setup_capabilities() {
	echo "Updating All-Projects repo with capabilities ..."
	( cd "$WORKSPACE"
	q git clone ssh://"$GERRIT_HOST":"$SSH_PORT"/All-Projects allProjects_capabilities
	cd allProjects_capabilities
	q git fetch origin refs/meta/config ; q git checkout FETCH_HEAD
	git config -f "project.config" \
	--add capability.viewTaskPaths "group Administrators"
	# After migrating to version 3.5, it is no longer feasible to assign read permissions to
	# Administrators for another user's ref. To address this, add the 'accessDatabase' capability,
	# allowing admins to read the user ref of other users
	git config -f "project.config" \
	--add capability.accessDatabase "group Administrators"
	q git add . && q git commit -m "project config update"
	q git push origin HEAD:refs/meta/config
	)
	}

	SSH_PORT=29418
	USER_RUN_TESTS_DIR="$USER_HOME"/"$RUN_TESTS_DIR"
	while (( "$#" )) ; do
	case "$1" in
	--non-secret-user) shift ; NON_SECRET_USER="$1" ;;
	--untrusted-user) shift ; UNTRUSTED_USER="$1" ;;
	--non-secret-group-without-space) shift ; NON_SECRET_GROUP_NAME_WITHOUT_SPACE="$1" ;;
	--non-secret-group-with-space) shift ; NON_SECRET_GROUP_NAME_WITH_SPACE="$1" ;;
	--secret-group) shift ; SECRET_GROUP_NAME="$1" ;;
	--root-config-project) shift ; ROOT_CONFIG_PRJ=$1 ;;
	--root-config-branch) shift ; ROOT_CONFIG_BRANCH=$1 ;;
	*) die "invalid argument '$1'" ;;
	esac
	shift
	done

	[ -z "$NON_SECRET_USER" ] && die "non-secret-user not set"
	[ -z "$UNTRUSTED_USER" ] && die "untrusted-user not set"
	[ -z "$NON_SECRET_GROUP_NAME_WITHOUT_SPACE" ] && die "non-secret-group-without-space not set"
	[ -z "$NON_SECRET_GROUP_NAME_WITH_SPACE" ] && die "non-secret-group-with-space not set"
	[ -z "$SECRET_GROUP_NAME" ] && die "secret-group not set"
	[ -z "$ROOT_CONFIG_PRJ" ] && ROOT_CONFIG_PRJ=All-Projects
	[ -z "$ROOT_CONFIG_BRANCH" ] && ROOT_CONFIG_BRANCH=refs/meta/config

	"$USER_RUN_TESTS_DIR"/create-test-project-and-changes.sh
	"$USER_RUN_TESTS_DIR"/update-all-users-project.sh
	create_test_users_and_group
	setup_root_cfg_repo
	setup_capabilities