##// END OF EJS Templates
packaging: integrate signing into run_wix_packaging()...
packaging: integrate signing into run_wix_packaging() Previously, signing was implemented via a separate function which called build_installer() and then called signing functionality. In this model, in order to implement an alternative build mechanism, we would have to invent a new variant to handle signing as well. This commit merges the signing logic into the function invoking wix. If we pass an argument holding metadata about how to sign, we sign hg.exe and the installer. This means all we have to do is pass in signing info and the signing just works. A slight change here is that signing of hg.exe happens in the staging directory as opposed to before the staging directory is populated. I don't think this matters. Differential Revision: https://phab.mercurial-scm.org/D8475

File last commit:

r45265:5c1f356b default
r45272:a3998409 stable
Show More
windows.py
510 lines | 15.8 KiB | text/x-python | PythonLexer
Gregory Szorc
automation: perform tasks on remote machines...
r42191 # windows.py - Automation specific to Windows
#
# Copyright 2019 Gregory Szorc <gregory.szorc@gmail.com>
#
# This software may be used and distributed according to the terms of the
# GNU General Public License version 2 or any later version.
# no-check-code because Python 3 native.
Gregory Szorc
automation: implement "publish-windows-artifacts" command...
r43177 import datetime
Gregory Szorc
automation: perform tasks on remote machines...
r42191 import os
Gregory Szorc
automation: implement "publish-windows-artifacts" command...
r43177 import paramiko
Gregory Szorc
automation: perform tasks on remote machines...
r42191 import pathlib
import re
import subprocess
import tempfile
Augie Fackler
formatting: blacken the codebase...
r43346 from .pypi import upload as pypi_upload
from .winrm import run_powershell
Gregory Szorc
automation: perform tasks on remote machines...
r42191
# PowerShell commands to activate a Visual Studio 2008 environment.
# This is essentially a port of vcvarsall.bat to PowerShell.
ACTIVATE_VC9_AMD64 = r'''
Write-Output "activating Visual Studio 2008 environment for AMD64"
$root = "$env:LOCALAPPDATA\Programs\Common\Microsoft\Visual C++ for Python\9.0"
$Env:VCINSTALLDIR = "${root}\VC\"
$Env:WindowsSdkDir = "${root}\WinSDK\"
$Env:PATH = "${root}\VC\Bin\amd64;${root}\WinSDK\Bin\x64;${root}\WinSDK\Bin;$Env:PATH"
$Env:INCLUDE = "${root}\VC\Include;${root}\WinSDK\Include;$Env:PATH"
$Env:LIB = "${root}\VC\Lib\amd64;${root}\WinSDK\Lib\x64;$Env:LIB"
$Env:LIBPATH = "${root}\VC\Lib\amd64;${root}\WinSDK\Lib\x64;$Env:LIBPATH"
'''.lstrip()
ACTIVATE_VC9_X86 = r'''
Write-Output "activating Visual Studio 2008 environment for x86"
$root = "$env:LOCALAPPDATA\Programs\Common\Microsoft\Visual C++ for Python\9.0"
$Env:VCINSTALLDIR = "${root}\VC\"
$Env:WindowsSdkDir = "${root}\WinSDK\"
$Env:PATH = "${root}\VC\Bin;${root}\WinSDK\Bin;$Env:PATH"
$Env:INCLUDE = "${root}\VC\Include;${root}\WinSDK\Include;$Env:INCLUDE"
$Env:LIB = "${root}\VC\Lib;${root}\WinSDK\Lib;$Env:LIB"
Matt Harbison
automation: correct the path separator in LIBPATH on Windows...
r42804 $Env:LIBPATH = "${root}\VC\lib;${root}\WinSDK\Lib;$Env:LIBPATH"
Gregory Szorc
automation: perform tasks on remote machines...
r42191 '''.lstrip()
HG_PURGE = r'''
$Env:PATH = "C:\hgdev\venv-bootstrap\Scripts;$Env:PATH"
Set-Location C:\hgdev\src
hg.exe --config extensions.purge= purge --all
if ($LASTEXITCODE -ne 0) {
throw "process exited non-0: $LASTEXITCODE"
}
Write-Output "purged Mercurial repo"
'''
HG_UPDATE_CLEAN = r'''
$Env:PATH = "C:\hgdev\venv-bootstrap\Scripts;$Env:PATH"
Set-Location C:\hgdev\src
hg.exe --config extensions.purge= purge --all
if ($LASTEXITCODE -ne 0) {{
throw "process exited non-0: $LASTEXITCODE"
}}
hg.exe update -C {revision}
if ($LASTEXITCODE -ne 0) {{
throw "process exited non-0: $LASTEXITCODE"
}}
hg.exe log -r .
Write-Output "updated Mercurial working directory to {revision}"
'''.lstrip()
BUILD_INNO = r'''
Set-Location C:\hgdev\src
$python = "C:\hgdev\python27-{arch}\python.exe"
Gregory Szorc
packaging: consolidate CLI functionality into packaging.py...
r43913 C:\hgdev\python37-x64\python.exe contrib\packaging\packaging.py inno --python $python
Gregory Szorc
automation: perform tasks on remote machines...
r42191 if ($LASTEXITCODE -ne 0) {{
throw "process exited non-0: $LASTEXITCODE"
}}
'''.lstrip()
BUILD_WHEEL = r'''
Set-Location C:\hgdev\src
C:\hgdev\python27-{arch}\Scripts\pip.exe wheel --wheel-dir dist .
if ($LASTEXITCODE -ne 0) {{
throw "process exited non-0: $LASTEXITCODE"
}}
'''
BUILD_WIX = r'''
Set-Location C:\hgdev\src
$python = "C:\hgdev\python27-{arch}\python.exe"
Gregory Szorc
packaging: consolidate CLI functionality into packaging.py...
r43913 C:\hgdev\python37-x64\python.exe contrib\packaging\packaging.py wix --python $python {extra_args}
Gregory Szorc
automation: perform tasks on remote machines...
r42191 if ($LASTEXITCODE -ne 0) {{
throw "process exited non-0: $LASTEXITCODE"
}}
'''
RUN_TESTS = r'''
C:\hgdev\MinGW\msys\1.0\bin\sh.exe --login -c "cd /c/hgdev/src/tests && /c/hgdev/{python_path}/python.exe run-tests.py {test_flags}"
if ($LASTEXITCODE -ne 0) {{
throw "process exited non-0: $LASTEXITCODE"
}}
'''
Gregory Szorc
automation: implement "publish-windows-artifacts" command...
r43177 X86_WHEEL_FILENAME = 'mercurial-{version}-cp27-cp27m-win32.whl'
X64_WHEEL_FILENAME = 'mercurial-{version}-cp27-cp27m-win_amd64.whl'
X86_EXE_FILENAME = 'Mercurial-{version}.exe'
X64_EXE_FILENAME = 'Mercurial-{version}-x64.exe'
X86_MSI_FILENAME = 'mercurial-{version}-x86.msi'
X64_MSI_FILENAME = 'mercurial-{version}-x64.msi'
MERCURIAL_SCM_BASE_URL = 'https://mercurial-scm.org/release/windows'
X86_USER_AGENT_PATTERN = '.*Windows.*'
X64_USER_AGENT_PATTERN = '.*Windows.*(WOW|x)64.*'
Augie Fackler
formatting: blacken the codebase...
r43346 X86_EXE_DESCRIPTION = (
'Mercurial {version} Inno Setup installer - x86 Windows '
'- does not require admin rights'
)
X64_EXE_DESCRIPTION = (
'Mercurial {version} Inno Setup installer - x64 Windows '
'- does not require admin rights'
)
X86_MSI_DESCRIPTION = (
'Mercurial {version} MSI installer - x86 Windows ' '- requires admin rights'
)
X64_MSI_DESCRIPTION = (
'Mercurial {version} MSI installer - x64 Windows ' '- requires admin rights'
)
Gregory Szorc
automation: perform tasks on remote machines...
r42191
def get_vc_prefix(arch):
if arch == 'x86':
return ACTIVATE_VC9_X86
elif arch == 'x64':
return ACTIVATE_VC9_AMD64
else:
raise ValueError('illegal arch: %s; must be x86 or x64' % arch)
def fix_authorized_keys_permissions(winrm_client, path):
commands = [
'$ErrorActionPreference = "Stop"',
'Repair-AuthorizedKeyPermission -FilePath %s -Confirm:$false' % path,
Gregory Szorc
automation: use raw strings when there are backslashes...
r42231 r'icacls %s /remove:g "NT Service\sshd"' % path,
Gregory Szorc
automation: perform tasks on remote machines...
r42191 ]
run_powershell(winrm_client, '\n'.join(commands))
def synchronize_hg(hg_repo: pathlib.Path, revision: str, ec2_instance):
"""Synchronize local Mercurial repo to remote EC2 instance."""
winrm_client = ec2_instance.winrm_client
with tempfile.TemporaryDirectory() as temp_dir:
temp_dir = pathlib.Path(temp_dir)
ssh_dir = temp_dir / '.ssh'
ssh_dir.mkdir()
ssh_dir.chmod(0o0700)
# Generate SSH key to use for communication.
Augie Fackler
formatting: blacken the codebase...
r43346 subprocess.run(
[
'ssh-keygen',
'-t',
'rsa',
'-b',
'4096',
'-N',
'',
'-f',
str(ssh_dir / 'id_rsa'),
],
check=True,
capture_output=True,
)
Gregory Szorc
automation: perform tasks on remote machines...
r42191
# Add it to ~/.ssh/authorized_keys on remote.
# This assumes the file doesn't already exist.
authorized_keys = r'c:\Users\Administrator\.ssh\authorized_keys'
winrm_client.execute_cmd(r'mkdir c:\Users\Administrator\.ssh')
winrm_client.copy(str(ssh_dir / 'id_rsa.pub'), authorized_keys)
fix_authorized_keys_permissions(winrm_client, authorized_keys)
public_ip = ec2_instance.public_ip_address
ssh_config = temp_dir / '.ssh' / 'config'
with open(ssh_config, 'w', encoding='utf-8') as fh:
fh.write('Host %s\n' % public_ip)
fh.write(' User Administrator\n')
fh.write(' StrictHostKeyChecking no\n')
fh.write(' UserKnownHostsFile %s\n' % (ssh_dir / 'known_hosts'))
fh.write(' IdentityFile %s\n' % (ssh_dir / 'id_rsa'))
Gregory Szorc
automation: add check that hg source directory is a repo...
r42467 if not (hg_repo / '.hg').is_dir():
Augie Fackler
formatting: blacken the codebase...
r43346 raise Exception(
'%s is not a Mercurial repository; '
'synchronization not yet supported' % hg_repo
)
Gregory Szorc
automation: add check that hg source directory is a repo...
r42467
Gregory Szorc
automation: perform tasks on remote machines...
r42191 env = dict(os.environ)
env['HGPLAIN'] = '1'
env['HGENCODING'] = 'utf-8'
hg_bin = hg_repo / 'hg'
res = subprocess.run(
['python2.7', str(hg_bin), 'log', '-r', revision, '-T', '{node}'],
Augie Fackler
formatting: blacken the codebase...
r43346 cwd=str(hg_repo),
env=env,
check=True,
capture_output=True,
)
Gregory Szorc
automation: perform tasks on remote machines...
r42191
full_revision = res.stdout.decode('ascii')
args = [
Augie Fackler
formatting: blacken the codebase...
r43346 'python2.7',
hg_bin,
'--config',
'ui.ssh=ssh -F %s' % ssh_config,
'--config',
'ui.remotecmd=c:/hgdev/venv-bootstrap/Scripts/hg.exe',
Gregory Szorc
automation: push changes affecting .hgtags...
r42911 # Also ensure .hgtags changes are present so auto version
# calculation works.
Augie Fackler
formatting: blacken the codebase...
r43346 'push',
'-f',
'-r',
full_revision,
'-r',
'file(.hgtags)',
Gregory Szorc
automation: do a force push to synchronize...
r42468 'ssh://%s/c:/hgdev/src' % public_ip,
Gregory Szorc
automation: perform tasks on remote machines...
r42191 ]
Gregory Szorc
automation: allow exit code of 1 for `hg push`...
r42884 res = subprocess.run(args, cwd=str(hg_repo), env=env)
# Allow 1 (no-op) to not trigger error.
if res.returncode not in (0, 1):
res.check_returncode()
Gregory Szorc
automation: perform tasks on remote machines...
r42191
Augie Fackler
formatting: blacken the codebase...
r43346 run_powershell(
winrm_client, HG_UPDATE_CLEAN.format(revision=full_revision)
)
Gregory Szorc
automation: perform tasks on remote machines...
r42191
# TODO detect dirty local working directory and synchronize accordingly.
def purge_hg(winrm_client):
"""Purge the Mercurial source repository on an EC2 instance."""
run_powershell(winrm_client, HG_PURGE)
def find_latest_dist(winrm_client, pattern):
"""Find path to newest file in dist/ directory matching a pattern."""
res = winrm_client.execute_ps(
Gregory Szorc
automation: use raw strings when there are backslashes...
r42231 r'$v = Get-ChildItem -Path C:\hgdev\src\dist -Filter "%s" '
Gregory Szorc
automation: perform tasks on remote machines...
r42191 '| Sort-Object LastWriteTime -Descending '
'| Select-Object -First 1\n'
'$v.name' % pattern
)
return res[0]
def copy_latest_dist(winrm_client, pattern, dest_path):
"""Copy latest file matching pattern in dist/ directory.
Given a WinRM client and a file pattern, find the latest file on the remote
matching that pattern and copy it to the ``dest_path`` directory on the
local machine.
"""
latest = find_latest_dist(winrm_client, pattern)
source = r'C:\hgdev\src\dist\%s' % latest
dest = dest_path / latest
print('copying %s to %s' % (source, dest))
winrm_client.fetch(source, str(dest))
Augie Fackler
formatting: blacken the codebase...
r43346 def build_inno_installer(
winrm_client, arch: str, dest_path: pathlib.Path, version=None
):
Gregory Szorc
automation: perform tasks on remote machines...
r42191 """Build the Inno Setup installer on a remote machine.
Using a WinRM client, remote commands are executed to build
a Mercurial Inno Setup installer.
"""
print('building Inno Setup installer for %s' % arch)
extra_args = []
if version:
extra_args.extend(['--version', version])
Augie Fackler
formatting: blacken the codebase...
r43346 ps = get_vc_prefix(arch) + BUILD_INNO.format(
arch=arch, extra_args=' '.join(extra_args)
)
Gregory Szorc
automation: perform tasks on remote machines...
r42191 run_powershell(winrm_client, ps)
copy_latest_dist(winrm_client, '*.exe', dest_path)
def build_wheel(winrm_client, arch: str, dest_path: pathlib.Path):
"""Build Python wheels on a remote machine.
Using a WinRM client, remote commands are executed to build a Python wheel
for Mercurial.
"""
print('Building Windows wheel for %s' % arch)
ps = get_vc_prefix(arch) + BUILD_WHEEL.format(arch=arch)
run_powershell(winrm_client, ps)
copy_latest_dist(winrm_client, '*.whl', dest_path)
Augie Fackler
formatting: blacken the codebase...
r43346 def build_wix_installer(
winrm_client, arch: str, dest_path: pathlib.Path, version=None
):
Gregory Szorc
automation: perform tasks on remote machines...
r42191 """Build the WiX installer on a remote machine.
Using a WinRM client, remote commands are executed to build a WiX installer.
"""
print('Building WiX installer for %s' % arch)
extra_args = []
if version:
extra_args.extend(['--version', version])
Augie Fackler
formatting: blacken the codebase...
r43346 ps = get_vc_prefix(arch) + BUILD_WIX.format(
arch=arch, extra_args=' '.join(extra_args)
)
Gregory Szorc
automation: perform tasks on remote machines...
r42191 run_powershell(winrm_client, ps)
copy_latest_dist(winrm_client, '*.msi', dest_path)
def run_tests(winrm_client, python_version, arch, test_flags=''):
"""Run tests on a remote Windows machine.
``python_version`` is a ``X.Y`` string like ``2.7`` or ``3.7``.
``arch`` is ``x86`` or ``x64``.
``test_flags`` is a str representing extra arguments to pass to
``run-tests.py``.
"""
Gregory Szorc
automation: use raw strings when there are backslashes...
r42231 if not re.match(r'\d\.\d', python_version):
Augie Fackler
formatting: blacken the codebase...
r43346 raise ValueError(
r'python_version must be \d.\d; got %s' % python_version
)
Gregory Szorc
automation: perform tasks on remote machines...
r42191
if arch not in ('x86', 'x64'):
raise ValueError('arch must be x86 or x64; got %s' % arch)
python_path = 'python%s-%s' % (python_version.replace('.', ''), arch)
Augie Fackler
formatting: blacken the codebase...
r43346 ps = RUN_TESTS.format(python_path=python_path, test_flags=test_flags or '',)
Gregory Szorc
automation: perform tasks on remote machines...
r42191
run_powershell(winrm_client, ps)
Gregory Szorc
automation: implement "publish-windows-artifacts" command...
r43177
def resolve_wheel_artifacts(dist_path: pathlib.Path, version: str):
return (
dist_path / X86_WHEEL_FILENAME.format(version=version),
dist_path / X64_WHEEL_FILENAME.format(version=version),
)
def resolve_all_artifacts(dist_path: pathlib.Path, version: str):
return (
dist_path / X86_WHEEL_FILENAME.format(version=version),
dist_path / X64_WHEEL_FILENAME.format(version=version),
dist_path / X86_EXE_FILENAME.format(version=version),
dist_path / X64_EXE_FILENAME.format(version=version),
dist_path / X86_MSI_FILENAME.format(version=version),
dist_path / X64_MSI_FILENAME.format(version=version),
)
def generate_latest_dat(version: str):
x86_exe_filename = X86_EXE_FILENAME.format(version=version)
x64_exe_filename = X64_EXE_FILENAME.format(version=version)
x86_msi_filename = X86_MSI_FILENAME.format(version=version)
x64_msi_filename = X64_MSI_FILENAME.format(version=version)
entries = (
(
'10',
version,
X86_USER_AGENT_PATTERN,
'%s/%s' % (MERCURIAL_SCM_BASE_URL, x86_exe_filename),
X86_EXE_DESCRIPTION.format(version=version),
),
(
'10',
version,
X64_USER_AGENT_PATTERN,
'%s/%s' % (MERCURIAL_SCM_BASE_URL, x64_exe_filename),
X64_EXE_DESCRIPTION.format(version=version),
),
(
'10',
version,
X86_USER_AGENT_PATTERN,
'%s/%s' % (MERCURIAL_SCM_BASE_URL, x86_msi_filename),
X86_MSI_DESCRIPTION.format(version=version),
),
(
'10',
version,
X64_USER_AGENT_PATTERN,
'%s/%s' % (MERCURIAL_SCM_BASE_URL, x64_msi_filename),
Augie Fackler
formatting: blacken the codebase...
r43346 X64_MSI_DESCRIPTION.format(version=version),
),
Gregory Szorc
automation: implement "publish-windows-artifacts" command...
r43177 )
lines = ['\t'.join(e) for e in entries]
return '\n'.join(lines) + '\n'
def publish_artifacts_pypi(dist_path: pathlib.Path, version: str):
"""Publish Windows release artifacts to PyPI."""
wheel_paths = resolve_wheel_artifacts(dist_path, version)
for p in wheel_paths:
if not p.exists():
raise Exception('%s not found' % p)
print('uploading wheels to PyPI (you may be prompted for credentials)')
pypi_upload(wheel_paths)
Augie Fackler
formatting: blacken the codebase...
r43346 def publish_artifacts_mercurial_scm_org(
dist_path: pathlib.Path, version: str, ssh_username=None
):
Gregory Szorc
automation: implement "publish-windows-artifacts" command...
r43177 """Publish Windows release artifacts to mercurial-scm.org."""
all_paths = resolve_all_artifacts(dist_path, version)
for p in all_paths:
if not p.exists():
raise Exception('%s not found' % p)
client = paramiko.SSHClient()
client.load_system_host_keys()
# We assume the system SSH configuration knows how to connect.
print('connecting to mercurial-scm.org via ssh...')
try:
client.connect('mercurial-scm.org', username=ssh_username)
except paramiko.AuthenticationException:
print('error authenticating; is an SSH key available in an SSH agent?')
raise
print('SSH connection established')
print('opening SFTP client...')
sftp = client.open_sftp()
print('SFTP client obtained')
for p in all_paths:
dest_path = '/var/www/release/windows/%s' % p.name
print('uploading %s to %s' % (p, dest_path))
with p.open('rb') as fh:
data = fh.read()
with sftp.open(dest_path, 'wb') as fh:
fh.write(data)
fh.chmod(0o0664)
latest_dat_path = '/var/www/release/windows/latest.dat'
now = datetime.datetime.utcnow()
backup_path = dist_path / (
Augie Fackler
formatting: blacken the codebase...
r43346 'latest-windows-%s.dat' % now.strftime('%Y%m%dT%H%M%S')
)
Gregory Szorc
automation: implement "publish-windows-artifacts" command...
r43177 print('backing up %s to %s' % (latest_dat_path, backup_path))
with sftp.open(latest_dat_path, 'rb') as fh:
latest_dat_old = fh.read()
with backup_path.open('wb') as fh:
fh.write(latest_dat_old)
print('writing %s with content:' % latest_dat_path)
latest_dat_content = generate_latest_dat(version)
print(latest_dat_content)
with sftp.open(latest_dat_path, 'wb') as fh:
fh.write(latest_dat_content.encode('ascii'))
Augie Fackler
formatting: blacken the codebase...
r43346 def publish_artifacts(
dist_path: pathlib.Path,
version: str,
pypi=True,
mercurial_scm_org=True,
ssh_username=None,
):
Gregory Szorc
automation: implement "publish-windows-artifacts" command...
r43177 """Publish Windows release artifacts.
Files are found in `dist_path`. We will look for files with version string
`version`.
`pypi` controls whether we upload to PyPI.
`mercurial_scm_org` controls whether we upload to mercurial-scm.org.
"""
if pypi:
publish_artifacts_pypi(dist_path, version)
if mercurial_scm_org:
Augie Fackler
formatting: blacken the codebase...
r43346 publish_artifacts_mercurial_scm_org(
dist_path, version, ssh_username=ssh_username
)