Skip to content

Commit

Permalink
Merge remote-tracking branch 'origin/main' into beta-releases
Browse files Browse the repository at this point in the history
  • Loading branch information
github-actions[bot] committed Jan 22, 2024
2 parents 0bde8e3 + ab40e04 commit 39bb633
Show file tree
Hide file tree
Showing 44 changed files with 2,741 additions and 4,477 deletions.
140 changes: 136 additions & 4 deletions .evergreen/functions.yml
Original file line number Diff line number Diff line change
Expand Up @@ -64,10 +64,6 @@ variables:
E2E_TESTS_ATLAS_READANYDATABASE_STRING: ${e2e_tests_atlas_readanydatabase_string}
E2E_TESTS_ATLAS_CUSTOMROLE_STRING: ${e2e_tests_atlas_customrole_string}
E2E_TESTS_ATLAS_SPECIFICPERMISSION_STRING: ${e2e_tests_atlas_specificpermission_string}
NOTARY_URL: http://notary-service.build.10gen.cc:5000
NOTARY_AUTH_TOKEN: ${signing_auth_token}
NOTARY_SIGNING_KEY: ${signing_key_name}
NOTARY_SIGNING_COMMENT: Evergreen project mongodb/compass ${revision} - ${build_variant} - ${branch_name}
MACOS_NOTARY_KEY: ${macos_notary_key}
MACOS_NOTARY_SECRET: ${macos_notary_secret}
MACOS_NOTARY_CLIENT_URL: 'https://macos-notary-1628249594.s3.amazonaws.com/releases/client/latest/darwin_amd64.zip'
Expand All @@ -80,6 +76,10 @@ variables:
MONGODB_RUNNER_LOG_DIR: ${workdir}/src/.testserver/
E2E_TESTS_ATLAS_CS_WITHOUT_SEARCH: ${e2e_tests_atlas_cs_without_search}
E2E_TESTS_ATLAS_CS_WITH_SEARCH: ${e2e_tests_atlas_cs_with_search}
GARASIGN_USERNAME: ${garasign_username}
GARASIGN_PASSWORD: ${garasign_password}
ARTIFACTORY_USERNAME: ${artifactory_username}
ARTIFACTORY_PASSWORD: ${artifactory_password}

# This is here with the variables because anchors aren't supported across includes
post:
Expand Down Expand Up @@ -306,6 +306,85 @@ functions:
# and be able to find the binary that is used for the tests
file: src/packages/compass/expansions.yml

spawn-signing-server:
# spawn
- command: host.create
type: setup
params:
provider: ec2
distro: ubuntu2004-large
security_group_ids:
- sg-097bff6dd0d1d31d0 # Magic string that's needed for SSH'ing.
# write host info (this file will be read by signingtool when connection to ssh server)
- command: host.list
params:
num_hosts: 1
path: spawned_hosts.json
timeout_seconds: 1200
wait: true
# copy ssh key (this key will be used to connect to ssh server)
- command: shell.exec
params:
shell: bash
script: |
set -e
{
set +x
echo '${__project_aws_ssh_key_value}' > ~/.ssh/mcipacker.pem
chmod 0600 ~/.ssh/mcipacker.pem
set -x
}
# wait for host to be ready
- command: shell.exec
params:
exec_as_string: true
shell: bash
script: |
set -e
user=ubuntu
hostname=$(tr -d '"[]{}' < spawned_hosts.json | cut -d , -f 1 | awk -F : '{print $2}')
identity_file=$(echo ~/.ssh/mcipacker.pem)
attempts=0
connection_attempts=25
## Check for remote connectivity
while ! ssh \
-i "$identity_file" \
-o ConnectTimeout=10 \
-o ForwardAgent=yes \
-o IdentitiesOnly=yes \
-o StrictHostKeyChecking=no \
"$(printf "%s@%s" "$user" "$hostname")" \
exit
do
if [ "$attempts" -ge "$connection_attempts" ]; then
echo "SSH connection failed after $connection_attempts attempts. Exiting..."
exit 1
fi
printf "SSH connection attempt %d/%d failed. Retrying...\n" "$((attempts++))" "$connection_attempts"
## sleep for Permission denied (publickey) errors
sleep 20
done
echo "SSH connection established after $attempts attempts"
# Write the host info so that it can be used by the signing tool
if [[ $OSTYPE == "cygwin" ]]; then
identity_file=$(cygpath -wa "$identity_file")
else
identity_file=$(eval echo "$identity_file")
fi
cat <<EOL > signing_host_info.yml
SIGNING_SERVER_HOSTNAME: $hostname
SIGNING_SERVER_PRIVATE_KEY: $identity_file
SIGNING_SERVER_USERNAME: $user
SIGNING_SERVER_PORT: 22
EOL
# Update the expansions
- command: expansions.update
params:
file: signing_host_info.yml

package:
- command: shell.exec
params:
Expand All @@ -316,6 +395,10 @@ functions:
DEBUG: ${debug}
npm_config_loglevel: ${npm_loglevel}
COMPASS_DISTRIBUTION: ${compass_distribution}
SIGNING_SERVER_HOSTNAME: ${SIGNING_SERVER_HOSTNAME}
SIGNING_SERVER_PRIVATE_KEY: ${SIGNING_SERVER_PRIVATE_KEY}
SIGNING_SERVER_USERNAME: ${SIGNING_SERVER_USERNAME}
SIGNING_SERVER_PORT: ${SIGNING_SERVER_PORT}
script: |
set -e
Expand Down Expand Up @@ -504,12 +587,26 @@ functions:
remote_file: ${project}/${revision}_${revision_order_id}/${windows_zip_filename}
content_type: application/zip
optional: true
- command: s3.put
params:
<<: *save-artifact-params-public
local_file: src/packages/compass/dist/${windows_zip_sign_filename}
remote_file: ${project}/${revision}_${revision_order_id}/${windows_zip_sign_filename}
content_type: application/pgp-signature
optional: true
- command: s3.put
params:
<<: *save-artifact-params-public
local_file: src/packages/compass/dist/${windows_nupkg_full_filename}
remote_file: ${project}/${revision}_${revision_order_id}/${windows_nupkg_full_filename}
optional: true
- command: s3.put
params:
<<: *save-artifact-params-public
local_file: src/packages/compass/dist/${windows_nupkg_full_sign_filename}
remote_file: ${project}/${revision}_${revision_order_id}/${windows_nupkg_full_sign_filename}
content_type: application/pgp-signature
optional: true
- command: s3.put
params:
<<: *save-artifact-params-public
Expand All @@ -530,34 +627,69 @@ functions:
remote_file: ${project}/${revision}_${revision_order_id}/${osx_zip_filename}
content_type: application/zip
optional: true
- command: s3.put
params:
<<: *save-artifact-params-public
local_file: src/packages/compass/dist/${osx_zip_sign_filename}
remote_file: ${project}/${revision}_${revision_order_id}/${osx_zip_sign_filename}
content_type: application/pgp-signature
optional: true
- command: s3.put
params:
<<: *save-artifact-params-public
local_file: src/packages/compass/dist/${linux_rpm_filename}
remote_file: ${project}/${revision}_${revision_order_id}/${linux_rpm_filename}
content_type: application/x-redhat-package-manager
optional: true
- command: s3.put
params:
<<: *save-artifact-params-public
local_file: src/packages/compass/dist/${linux_rpm_sign_filename}
remote_file: ${project}/${revision}_${revision_order_id}/${linux_rpm_sign_filename}
content_type: application/pgp-signature
optional: true
- command: s3.put
params:
<<: *save-artifact-params-public
local_file: src/packages/compass/dist/${rhel_tar_filename}
remote_file: ${project}/${revision}_${revision_order_id}/${rhel_tar_filename}
content_type: application/x-gzip
optional: true
- command: s3.put
params:
<<: *save-artifact-params-public
local_file: src/packages/compass/dist/${rhel_tar_sign_filename}
remote_file: ${project}/${revision}_${revision_order_id}/${rhel_tar_sign_filename}
content_type: application/pgp-signature
optional: true
- command: s3.put
params:
<<: *save-artifact-params-public
local_file: src/packages/compass/dist/${linux_deb_filename}
remote_file: ${project}/${revision}_${revision_order_id}/${linux_deb_filename}
content_type: application/vnd.debian.binary-package
optional: true
- command: s3.put
params:
<<: *save-artifact-params-public
local_file: src/packages/compass/dist/${linux_deb_sign_filename}
remote_file: ${project}/${revision}_${revision_order_id}/${linux_deb_sign_filename}
content_type: application/pgp-signature
optional: true
- command: s3.put
params:
<<: *save-artifact-params-public
local_file: src/packages/compass/dist/${linux_tar_filename}
remote_file: ${project}/${revision}_${revision_order_id}/${linux_tar_filename}
content_type: application/x-gzip
optional: true
- command: s3.put
params:
<<: *save-artifact-params-public
local_file: src/packages/compass/dist/${linux_tar_sign_filename}
remote_file: ${project}/${revision}_${revision_order_id}/${linux_tar_sign_filename}
content_type: application/pgp-signature
optional: true

get-all-artifacts:
- command: shell.exec
Expand Down
3 changes: 3 additions & 0 deletions .evergreen/tasks.yml
Original file line number Diff line number Diff line change
Expand Up @@ -105,6 +105,7 @@ tasks:
- func: apply-compass-target-expansion
vars:
compass_distribution: compass
- func: spawn-signing-server
- func: package
vars:
debug: 'hadron*,mongo*,compass*,electron*'
Expand All @@ -124,6 +125,7 @@ tasks:
- func: apply-compass-target-expansion
vars:
compass_distribution: compass-readonly
- func: spawn-signing-server
- func: package
vars:
debug: 'hadron*,mongo*,compass*,electron*'
Expand All @@ -143,6 +145,7 @@ tasks:
- func: apply-compass-target-expansion
vars:
compass_distribution: compass-isolated
- func: spawn-signing-server
- func: package
vars:
debug: 'hadron*,mongo*,compass*,electron*'
Expand Down
4 changes: 2 additions & 2 deletions .snyk
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,8 @@ ignore:
SNYK-JS-AGGRIDCOMMUNITY-1932011:
- '*':
reason: None Given
expires: 2024-02-09T14:01:23.838Z
created: 2024-01-10T14:01:23.846Z
expires: 2024-07-17T18:27:24.346Z
created: 2024-01-18T18:27:24.353Z
SNYK-JS-AXIOS-6032459:
- '*':
reason: Not applicable to axios usage inside node-analytics package
Expand Down
1 change: 0 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,6 @@ Is there anything else you’d like to see in Compass? Let us know by submitting
- [**@mongodb-js/databases-collections-list**](packages/databases-collections-list): List view for the databases and collections
- [**@mongodb-js/explain-plan-helper**](packages/explain-plan-helper): Explain plan utility methods for MongoDB Compass
- [**@mongodb-js/hadron-plugin-manager**](packages/hadron-plugin-manager): Hadron Plugin Manager
- [**@mongodb-js/mongodb-notary-service-client**](packages/notary-service-client): A client for our notary-service: an API for codesigning
- [**@mongodb-js/ssh-tunnel**](packages/ssh-tunnel): Yet another ssh tunnel based on ssh2
- [**bson-transpilers**](packages/bson-transpilers): Source to source compilers using ANTLR
- [**compass-e2e-tests**](packages/compass-e2e-tests): E2E test suite for Compass app that follows smoke tests / feature testing matrix
Expand Down
Loading

0 comments on commit 39bb633

Please sign in to comment.