|
3 | 3 | set -euo pipefail |
4 | 4 |
|
5 | 5 | readonly SCRIPT_DIR="$(cd -- "$(dirname -- "${BASH_SOURCE[0]:-$0}")" &>/dev/null && pwd 2>/dev/null)" |
6 | | -readonly OUT_ENV_FILE="${1:-${SCRIPT_DIR}/../reports/baseline-info.env}" |
7 | | -readonly FALLBACK_MARKER_FILE="${2:-${SCRIPT_DIR}/../reports/fallback_to_master.txt}" |
| 6 | +readonly OUTPUT_DIR="${1:-${SCRIPT_DIR}/../reports}" |
| 7 | +readonly OUT_ENV_FILE="${OUTPUT_DIR}/baseline-info.env" |
| 8 | +readonly FALLBACK_MARKER_FILE="${OUTPUT_DIR}/fallback_to_master.txt" |
8 | 9 | readonly TARGET_BRANCH="${TARGET_BRANCH:-master}" |
9 | 10 |
|
10 | | -mkdir -p "$(dirname "${OUT_ENV_FILE}")" |
| 11 | +mkdir -p "${OUTPUT_DIR}" |
11 | 12 | rm -f "${FALLBACK_MARKER_FILE}" |
12 | 13 |
|
13 | | -if [[ -z "${CI_PROJECT_ID:-}" || -z "${CI_API_V4_URL:-}" ]]; then |
14 | | - echo "Missing CI_PROJECT_ID/CI_API_V4_URL environment variables." >&2 |
| 14 | +if [[ -z "${CI_PROJECT_ID:-}" || -z "${CI_API_V4_URL:-}" || -z "${CI_JOB_TOKEN:-}" ]]; then |
| 15 | + echo "Missing CI_PROJECT_ID/CI_API_V4_URL/CI_JOB_TOKEN environment variables." >&2 |
15 | 16 | exit 1 |
16 | 17 | fi |
17 | 18 |
|
18 | 19 | readonly PROJECT_API_URL="${CI_API_V4_URL}/projects/${CI_PROJECT_ID}" |
19 | 20 |
|
20 | 21 | get_pipeline_id_for_commit() { |
21 | 22 | local commit_sha="$1" |
22 | | - |
23 | | - # Get JWT token with `authanywhere`, needed for internal API authentication |
24 | | - # https://datadoghq.atlassian.net/wiki/spaces/DEVX/pages/3733193227/Authanywhere |
25 | | - local auth_header |
26 | | - if ! auth_header="$(authanywhere --audience sdm 2>&1)"; then |
27 | | - echo "ERROR: Failed to get authanywhere token: ${auth_header}" >&2 |
28 | | - return 1 |
29 | | - fi |
30 | | - |
31 | | - # Get short-lived PAT from BTI CI API |
32 | | - # https://datadoghq.atlassian.net/wiki/spaces/DEVX/pages/5421924354/BTI+CI+API+-+the+swiss+army+knife+of+CI+interactions#Get-Short-lived-Project-Access-Token |
33 | | - local bti_response http_status response_body private_token |
34 | | - bti_response="$(curl -w "\nHTTP_STATUS:%{http_code}" --silent --show-error \ |
35 | | - --header "${auth_header}" \ |
36 | | - "https://bti-ci-api.us1.ddbuild.io/internal/ci/gitlab/token?owner=DataDog&repository=apm-reliability/dd-trace-java" 2>&1)" |
37 | | - http_status="$(echo "${bti_response}" | grep "HTTP_STATUS:" | sed 's/HTTP_STATUS://')" |
38 | | - response_body="$(echo "${bti_response}" | sed '/HTTP_STATUS:/d')" |
39 | | - if [[ "${http_status}" != "200" ]]; then |
40 | | - echo "ERROR: BTI CI API returned HTTP ${http_status} with response: ${response_body:0:200}" >&2 |
41 | | - return 1 |
42 | | - fi |
43 | | - private_token="$(echo "${response_body}" | grep -o '"token":"[^"]*"' | sed 's/"token":"\([^"]*\)"/\1/')" |
44 | | - if [[ -z "${private_token}" ]]; then |
45 | | - echo "ERROR: Failed to retrieve private token from BTI CI API" >&2 |
46 | | - return 1 |
47 | | - fi |
48 | 23 |
|
49 | 24 | # Query GitLab API to get pipeline ID that matches the commit SHA |
50 | 25 | local api_url="${PROJECT_API_URL}/repository/commits/${commit_sha}" |
51 | 26 | local response pipeline_id |
52 | | - response="$(curl --request GET --silent --header "PRIVATE-TOKEN: ${private_token}" --show-error "${api_url}" 2>&1)" |
| 27 | + response="$(curl --request GET --silent --show-error --header "JOB-TOKEN: ${CI_JOB_TOKEN}" "${api_url}" || true)" |
53 | 28 | pipeline_id="$(echo "${response}" | grep -o '"last_pipeline"[^}]*"id":[0-9]*' | grep -o '[0-9]*$' | head -1 || true)" |
54 | 29 | if [[ -n "${pipeline_id}" && "${pipeline_id}" != "null" ]]; then |
55 | | - echo "Found pipeline ID: ${pipeline_id} for commit: ${commit_sha}" >&2 |
56 | 30 | echo "${pipeline_id}" |
57 | 31 | return 0 |
58 | | - else |
59 | | - echo "Could not find pipeline ID for commit ${commit_sha}" >&2 |
60 | | - return 1 |
61 | 32 | fi |
| 33 | + |
| 34 | + echo "" |
| 35 | + return 1 |
62 | 36 | } |
63 | 37 |
|
64 | 38 | get_branch_head_sha() { |
65 | 39 | local branch="$1" |
66 | | - |
67 | | - # Get JWT token with `authanywhere`, needed for internal API authentication |
68 | | - local auth_header |
69 | | - if ! auth_header="$(authanywhere --audience sdm 2>&1)"; then |
70 | | - echo "ERROR: Failed to get authanywhere token: ${auth_header}" >&2 |
71 | | - return 1 |
72 | | - fi |
73 | | - |
74 | | - # Get short-lived PAT from BTI CI API |
75 | | - local bti_response http_status response_body private_token |
76 | | - bti_response="$(curl -w "\nHTTP_STATUS:%{http_code}" --silent --show-error \ |
77 | | - --header "${auth_header}" \ |
78 | | - "https://bti-ci-api.us1.ddbuild.io/internal/ci/gitlab/token?owner=DataDog&repository=apm-reliability/dd-trace-java" 2>&1)" |
79 | | - http_status="$(echo "${bti_response}" | grep "HTTP_STATUS:" | sed 's/HTTP_STATUS://')" |
80 | | - response_body="$(echo "${bti_response}" | sed '/HTTP_STATUS:/d')" |
81 | | - |
82 | | - if [[ "${http_status}" != "200" ]]; then |
83 | | - echo "ERROR: BTI CI API returned HTTP ${http_status} with response: ${response_body:0:200}" >&2 |
84 | | - return 1 |
85 | | - fi |
86 | | - |
87 | | - private_token="$(echo "${response_body}" | grep -o '"token":"[^"]*"' | sed 's/"token":"\([^"]*\)"/\1/')" |
88 | | - if [[ -z "${private_token}" ]]; then |
89 | | - echo "ERROR: Failed to retrieve private token from BTI CI API" >&2 |
90 | | - return 1 |
91 | | - fi |
92 | 40 |
|
93 | 41 | # Query GitLab API to get branch head SHA |
94 | 42 | local api_url="${PROJECT_API_URL}/repository/branches/${branch}" |
95 | 43 | local response branch_sha |
96 | | - response="$(curl --request GET --silent --header "PRIVATE-TOKEN: ${private_token}" --show-error "${api_url}" 2>&1)" |
| 44 | + response="$(curl --request GET --silent --show-error --header "JOB-TOKEN: ${CI_JOB_TOKEN}" "${api_url}" || true)" |
97 | 45 | branch_sha="$(echo "${response}" | grep -o '"commit"[^}]*"id":"[a-f0-9]\{40\}"' | sed -E 's/.*"id":"([a-f0-9]{40})".*/\1/' | head -1 || true)" |
98 | 46 |
|
99 | | - if [[ -n "${branch_sha}" ]]; then |
100 | | - echo "${branch_sha}" |
101 | | - return 0 |
102 | | - else |
103 | | - echo "ERROR: Could not find branch head SHA for branch ${branch}" >&2 |
104 | | - return 1 |
105 | | - fi |
| 47 | + echo "${branch_sha}" |
| 48 | +} |
| 49 | + |
| 50 | +get_latest_pipeline_id_for_branch() { |
| 51 | + local branch="$1" |
| 52 | + local api_url="${PROJECT_API_URL}/pipelines?ref=${branch}&status=success&order_by=updated_at&sort=desc&per_page=1" |
| 53 | + local response pipeline_id |
| 54 | + |
| 55 | + response="$(curl --request GET --silent --show-error --header "JOB-TOKEN: ${CI_JOB_TOKEN}" "${api_url}" || true)" |
| 56 | + pipeline_id="$(echo "${response}" | grep -o '"id":[0-9]*' | head -1 | grep -o '[0-9]*' || true)" |
| 57 | + echo "${pipeline_id}" |
106 | 58 | } |
107 | 59 |
|
108 | 60 | resolve_merge_base_sha() { |
@@ -131,9 +83,14 @@ if [[ -z "${BASELINE_PIPELINE_ID}" ]]; then |
131 | 83 |
|
132 | 84 | BASELINE_SHA="$(git rev-parse "origin/${TARGET_BRANCH}" 2>/dev/null || true)" |
133 | 85 | if [[ -z "${BASELINE_SHA}" ]]; then |
134 | | - BASELINE_SHA="$(get_branch_head_sha "${TARGET_BRANCH}")" |
| 86 | + BASELINE_SHA="$(get_branch_head_sha "${TARGET_BRANCH}" || true)" |
135 | 87 | fi |
136 | 88 | BASELINE_PIPELINE_ID="$(get_pipeline_id_for_commit "${BASELINE_SHA}" || true)" |
| 89 | + |
| 90 | + # use latest successful branch pipeline |
| 91 | + if [[ -z "${BASELINE_PIPELINE_ID}" ]]; then |
| 92 | + BASELINE_PIPELINE_ID="$(get_latest_pipeline_id_for_branch "${TARGET_BRANCH}" || true)" |
| 93 | + fi |
137 | 94 | fi |
138 | 95 |
|
139 | 96 | if [[ -z "${BASELINE_PIPELINE_ID}" ]]; then |
|
0 commit comments