Skip to content

Commit

Permalink
Add scripts to validate a release package (awslabs#626)
Browse files Browse the repository at this point in the history
* Add scripts to validate a release package

Signed-off-by: Alessandro Passaro <[email protected]>

* Set executable bit

Signed-off-by: Alessandro Passaro <[email protected]>

* Add minimal readme

Signed-off-by: Alessandro Passaro <[email protected]>

---------

Signed-off-by: Alessandro Passaro <[email protected]>
  • Loading branch information
passaro authored Nov 23, 2023
1 parent 6922c9c commit 801e4c1
Show file tree
Hide file tree
Showing 6 changed files with 132 additions and 0 deletions.
9 changes: 9 additions & 0 deletions package/validate/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
# Validation of a Release Package

The scripts in this directory can be used to validate the artifacts for a released version of Mountpoint.

The `validate.py` python script validates the RPM and DEB packages and the gzip archive for the given Mountpoint release. The script runs a docker container for the specified OS, downloads the Mountpoint package, verifies its signature, and proceeds to installs it. Then, it will use the installed binary to mount the specified bucket and list its content.

To see the available options, run:

python3 validate.py --help
12 changes: 12 additions & 0 deletions package/validate/test-mount-s3.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
#! /bin/sh
set -e

echo
echo "Show installed version:"
mount-s3 --version

echo
echo "Mount and list top-level content of bucket: $BUCKET"
mkdir ~/mnt
mount-s3 "$BUCKET" ~/mnt --no-sign-request
ls ~/mnt
16 changes: 16 additions & 0 deletions package/validate/validate-deb-ubuntu.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
#! /bin/sh
set -e

apt-get -qq update -y && apt-get -qq install -y wget gpg
cd /tmp

wget https://s3.amazonaws.com/mountpoint-s3-release/$VERSION/$ARCH/mount-s3-$VERSION-$ARCH.deb
wget https://s3.amazonaws.com/mountpoint-s3-release/$VERSION/$ARCH/mount-s3-$VERSION-$ARCH.deb.asc

wget https://s3.amazonaws.com/mountpoint-s3-release/public_keys/KEYS
gpg --import KEYS
gpg --verify mount-s3-$VERSION-$ARCH.deb.asc mount-s3-$VERSION-$ARCH.deb

apt-get install -y ./mount-s3-$VERSION-$ARCH.deb

. $(dirname "$0")/test-mount-s3.sh
19 changes: 19 additions & 0 deletions package/validate/validate-gzip-al2.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
#! /bin/sh
set -e

yum update -y && yum install -y wget gpg tar gzip
cd /tmp

wget https://s3.amazonaws.com/mountpoint-s3-release/$VERSION/$ARCH/mount-s3-$VERSION-$ARCH.tar.gz
wget https://s3.amazonaws.com/mountpoint-s3-release/$VERSION/$ARCH/mount-s3-$VERSION-$ARCH.tar.gz.asc

wget https://s3.amazonaws.com/mountpoint-s3-release/public_keys/KEYS
gpg --import KEYS
gpg --verify mount-s3-$VERSION-$ARCH.tar.gz.asc mount-s3-$VERSION-$ARCH.tar.gz

tar -zxvf mount-s3-$VERSION-$ARCH.tar.gz
cp bin/mount-s3 /usr/bin/
# install Mountpoint dependencies manually
yum install -y fuse fuse-devel

. $(dirname "$0")/test-mount-s3.sh
16 changes: 16 additions & 0 deletions package/validate/validate-rpm-al2.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
#! /bin/sh
set -e

yum update -y && yum install -y wget gpg
cd /tmp

wget https://s3.amazonaws.com/mountpoint-s3-release/$VERSION/$ARCH/mount-s3-$VERSION-$ARCH.rpm
wget https://s3.amazonaws.com/mountpoint-s3-release/$VERSION/$ARCH/mount-s3-$VERSION-$ARCH.rpm.asc

wget https://s3.amazonaws.com/mountpoint-s3-release/public_keys/KEYS
gpg --import KEYS
gpg --verify mount-s3-$VERSION-$ARCH.rpm.asc mount-s3-$VERSION-$ARCH.rpm

yum install -y mount-s3-$VERSION-$ARCH.rpm

. $(dirname "$0")/test-mount-s3.sh
60 changes: 60 additions & 0 deletions package/validate/validate.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
#!/usr/bin/env python3

"""
Script for validating a Mountpoint release package.
This script validates the RPM and DEB packages and the gzip archive built for a Mountpoint release.
"""

import argparse
import os
import subprocess

def validate(args: argparse.Namespace) -> str:
"""Top-level driver."""

package=f"{args.artifact}-{args.os}"
if package == "deb-ubuntu":
image = "ubuntu/ubuntu:20.04"
elif package == "rpm-al2" or package == "gzip-al2":
image = "amazonlinux/amazonlinux:2"
else:
raise Exception(f"unsupported OS {args.os} for {args.artifact}. Supported combinations are: deb-ubuntu, rpm-al2, gzip-al2")

print("Validating Mountpoint Release Package")
print(f"\tVersion: {args.version}")
print(f"\tArch: {args.arch}")
print(f"\tOS: {args.os}")
print(f"\tArtifact: {args.artifact}")
print(f"\tBucket: {args.bucket}")
print("\n")

full_image = f"public.ecr.aws/{image}"
validate_script = f"validate-{package}.sh"
scripts_dir = os.path.dirname(os.path.realpath(__file__))

subprocess.run(["docker", "pull", full_image])
subprocess.run(["docker",
"run",
"--rm",
"--cap-add=SYS_ADMIN",
"--device=/dev/fuse",
f"-v={scripts_dir}:/scripts",
f"--env=ARCH={args.arch}",
f"--env=VERSION={args.version}",
f"--env=BUCKET={args.bucket}",
full_image,
"/bin/bash",
f"/scripts/{validate_script}"])

if __name__ == "__main__":
p = argparse.ArgumentParser()
p.add_argument("--version", help="the version number for the Mountpoint release", required=True)
p.add_argument("--arch", help="the architecture to validate", required=True, choices=["x86_64", "arm64"])
p.add_argument("--artifact", help="the artifact to validate", required=True, choices=["deb", "rpm", "gzip"])
p.add_argument("--os", help="the OS to validate on", required=True, choices=["ubuntu", "al2"])
p.add_argument("--bucket", help="the public bucket to mount", required=True)

args = p.parse_args()

validate(args)

0 comments on commit 801e4c1

Please sign in to comment.