ci(release): Refactor and merge the check.py into verify.py (#4284)

* refactor verify Signed-off-by: Xuanwo <[email protected]> * FIx link Signed-off-by: Xuanwo <[email protected]> --------- Signed-off-by: Xuanwo <[email protected]>
apache · Feb 28, 2024 · 482237a · 482237a
1 parent 7e30586
commit 482237a
Show file tree

Hide file tree

Showing 5 changed files with 73 additions and 88 deletions.
diff --git a/scripts/README.md b/scripts/README.md
@@ -13,14 +13,6 @@ NOTES: all scripts must be running at root folder of OpenDAL project.
 
 > Before running release, please make sure you have bump all versions.
 
-## Check
-
-```shell
-./scripts/check.py
-```
-
-> Before running the check, please ensure that you have completed the following preparations.
-
 ### Preparations
 
 Import gpg key

diff --git a/scripts/check.py b/scripts/check.py
diff --git a/scripts/verify.py b/scripts/verify.py
@@ -24,14 +24,49 @@
 
 BASE_DIR = Path(os.getcwd())
 
+# Define colors for output
+YELLOW = "\033[37;1m"
+GREEN = "\033[32;1m"
+ENDCOLOR = "\033[0m"
 
-def extract_packages():
-    print("Start extracting packages")
 
+def check_signature(pkg):
+    """Check the GPG signature of the package."""
+    try:
+        subprocess.check_call(["gpg", "--verify", f"{pkg}.asc", pkg])
+        print(f"{GREEN}> Success to verify the gpg sign for {pkg}{ENDCOLOR}")
+    except subprocess.CalledProcessError:
+        print(f"{YELLOW}> Failed to verify the gpg sign for {pkg}{ENDCOLOR}")
+
+
+def check_sha512sum(pkg):
+    """Check the sha512 checksum of the package."""
+    try:
+        subprocess.check_call(["sha512sum", "--check", f"{pkg}.sha512"])
+        print(f"{GREEN}> Success to verify the checksum for {pkg}{ENDCOLOR}")
+    except subprocess.CalledProcessError:
+        print(f"{YELLOW}> Failed to verify the checksum for {pkg}{ENDCOLOR}")
+
+
+def extract_packages():
     for file in BASE_DIR.glob("*.tar.gz"):
         subprocess.run(["tar", "-xzf", file], check=True)
 
 
+def check_license(dir):
+    print(f"> Start checking LICENSE file in {dir}")
+    if not (dir / "LICENSE").exists():
+        raise f"{YELLOW}> LICENSE file is not found{ENDCOLOR}"
+    print(f"{GREEN}> LICENSE file exists in {dir}{ENDCOLOR}")
+
+
+def check_notice(dir):
+    print(f"> Start checking NOTICE file in {dir}")
+    if not (dir / "NOTICE").exists():
+        raise f"{YELLOW}> NOTICE file is not found{ENDCOLOR}"
+    print(f"{GREEN}> NOTICE file exists in {dir}{ENDCOLOR}")
+
+
 def check_rust():
     try:
         subprocess.run(["cargo", "--version"], check=True)
@@ -44,7 +79,7 @@ def check_rust():
 
 def check_java():
     try:
-        subprocess.run(["java", "--version"], check=True)
+        subprocess.run(["java", "-version"], check=True)
         return True
     except FileNotFoundError:
         return False
@@ -55,7 +90,13 @@ def check_java():
 def build_core(dir):
     print("Start building opendal core")
 
-    subprocess.run(["cargo", "build", "--release"], cwd=dir/"core", check=True)
+    subprocess.run(
+        ["cargo", "build", "--release"],
+        cwd=dir / "core",
+        check=True,
+        stderr=subprocess.DEVNULL,
+    )
+    print(f"{GREEN}Success to build opendal core{ENDCOLOR}")
 
 
 def build_java_binding(dir):
@@ -70,14 +111,34 @@ def build_java_binding(dir):
             "-Dcargo-build.profile=release",
         ],
         check=True,
-        cwd=dir/"bindings/java",
+        cwd=dir / "bindings/java",
+        stderr=subprocess.DEVNULL,
+        stdout=subprocess.DEVNULL,
     )
+    print(f"> {GREEN}Success to build opendal java binding{ENDCOLOR}")
 
 
 if __name__ == "__main__":
+    # Get a list of all files in the current directory
+    files = [f for f in os.listdir(".") if os.path.isfile(f)]
+
+    for pkg in files:
+        # Skip files that don't have a corresponding .asc or .sha512 file
+        if not os.path.exists(f"{pkg}.asc") or not os.path.exists(f"{pkg}.sha512"):
+            continue
+
+        print(f"> Checking {pkg}")
+
+        # Perform the checks
+        check_signature(pkg)
+        check_sha512sum(pkg)
+
     extract_packages()
 
     for dir in BASE_DIR.glob("apache-opendal-*-src/"):
+        check_license(dir)
+        check_notice(dir)
+
         if check_rust():
             build_core(dir)
         else:
@@ -87,8 +148,6 @@ def build_java_binding(dir):
             print("Visit https://www.rust-lang.org/tools/install for more information")
             sys.exit(1)
 
-        build_core(dir)
-
         if check_java():
             build_java_binding(dir)
         else:

diff --git a/website/community/committers/release.md b/website/community/committers/release.md
@@ -311,7 +311,7 @@ https://downloads.apache.org/opendal/KEYS
 
 Git tag for the release:
 
-https://github.com/apache/opendal/releases/tag/${release_version}
+https://github.com/apache/opendal/releases/tag/v${release_version}
 
 Maven staging repo:
 
@@ -341,15 +341,12 @@ Checklist for reference:
 [ ] All source files have ASF headers
 [ ] Can compile from source
 
-More detailed checklist please refer to:
-https://github.com/apache/opendal/tree/main/scripts
+Use our verify.py to assist in the verify process:
 
-To compile from source, please refer to:
-https://github.com/apache/opendal/blob/main/CONTRIBUTING.md
-
-Here is a Python script in release to help you verify the release candidate:
-
-./scripts/verify.py
+svn co https://dist.apache.org/repos/dist/dev/opendal/${release_version}/ opendal-dev
+cd opendal-dev
+curl -sSL https://github.com/apache/opendal/raw/v${release_version}/scripts/verify.py -o verify.py
+python verify.py
 
 Thanks
 

diff --git a/website/community/committers/verify.md b/website/community/committers/verify.md
@@ -103,7 +103,7 @@ git clone https://github.com/apache/opendal
 Run the script in a specific release candidate's folder:
 
 ```shell
-./scripts/check.py
+./scripts/verify.py
 ```
 
 You will see the following output if the verification is successful: