From b9c4eb70b13a4ee9a5eae150ee8ef02480ed2ad7 Mon Sep 17 00:00:00 2001
From: Leonard Gram <leo@xlson.com>
Date: Tue, 8 Jan 2019 16:20:26 +0100
Subject: [PATCH] build: publishes beta releases to separate repos.

---
 .circleci/config.yml                          |  4 ++--
 .../{sign-deb-repo.sh => unlock-gpg-key.sh}   |  2 +-
 scripts/build/update_repo/update-deb.sh       | 23 +++++++++++++++----
 scripts/build/update_repo/update-rpm.sh       | 17 ++++++++++++--
 4 files changed, 37 insertions(+), 9 deletions(-)
 rename scripts/build/update_repo/{sign-deb-repo.sh => unlock-gpg-key.sh} (66%)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 8cbb124d7c3..58357c1d490 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -423,10 +423,10 @@ jobs:
           comand: './scripts/build/load-signing-key.sh'
       - run:
           name: Update Debian repository
-          command: './scripts/build/update_repo/update-deb.sh "oss" "$GPG_KEY_PASSWORD"'
+          command: './scripts/build/update_repo/update-deb.sh "oss" "$GPG_KEY_PASSWORD" "$CIRCLE_TAG"'
       - run:
           name: Update RPM repository
-          command: './scripts/build/update_repo/update-rpm.sh "oss" "$GPG_KEY_PASSWORD"'
+          command: './scripts/build/update_repo/update-rpm.sh "oss" "$GPG_KEY_PASSWORD" "$CIRCLE_TAG"'
 
 workflows:
   version: 2
diff --git a/scripts/build/update_repo/sign-deb-repo.sh b/scripts/build/update_repo/unlock-gpg-key.sh
similarity index 66%
rename from scripts/build/update_repo/sign-deb-repo.sh
rename to scripts/build/update_repo/unlock-gpg-key.sh
index eb2922104fe..82f981809c2 100755
--- a/scripts/build/update_repo/sign-deb-repo.sh
+++ b/scripts/build/update_repo/unlock-gpg-key.sh
@@ -1,7 +1,7 @@
 #!/usr/bin/env expect
 
 set password [lindex $argv 0]
-spawn aptly publish repo grafana filesystem:repo:grafana
+spawn gpg --detach-sign --armor /tmp/sign-this
 expect "Enter passphrase: "
 send -- "$password\r"
 expect eof
diff --git a/scripts/build/update_repo/update-deb.sh b/scripts/build/update_repo/update-deb.sh
index bc6833d07f2..b08ff36149f 100755
--- a/scripts/build/update_repo/update-deb.sh
+++ b/scripts/build/update_repo/update-deb.sh
@@ -2,12 +2,23 @@
 
 RELEASE_TYPE="${1:-}"
 GPG_PASS="${2:-}"
+RELEASE_TAG="${3:-}"
+REPO="grafana"
 
 if [ -z "$RELEASE_TYPE" -o -z "$GPG_PASS" ]; then
     echo "Both RELEASE_TYPE (arg 1) and GPG_PASS (arg 2) has to be set"
     exit 1
 fi
 
+if [[ "$RELEASE_TYPE" != "oss" && "$RELEASE_TYPE" != "enterprise" ]]; then
+    echo "RELEASE_TYPE (arg 1) must be either oss or enterprise."
+    exit 1
+fi
+
+if echo "$RELEASE_TAG" | grep -q "beta"; then
+    REPO="beta"
+fi
+
 set -e
 
 # Setup environment
@@ -20,22 +31,26 @@ mkdir -p /deb-repo/db   \
 gsutil -m rsync -r "gs://grafana-aptly-db/$RELEASE_TYPE" /deb-repo/db
 
 # Add the new release to the repo
-aptly publish drop squeeze filesystem:repo:grafana || true
+aptly publish drop grafana filesystem:repo:grafana || true
+aptly publish drop beta filesystem:repo:grafana || true
 cp ./dist/*.deb /deb-repo/tmp
 rm /deb-repo/tmp/grafana_latest*.deb || true
-aptly repo add grafana ./dist
+aptly repo add "$REPO" ./dist
 
 # Setup signing and sign the repo
 
 echo "allow-loopback-pinentry" > ~/.gnupg/gpg-agent.conf
 echo "pinentry-mode loopback" > ~/.gnupg/gpg.conf
 
-./scripts/build/update_repo/sign-deb-repo.sh "$GPG_PASS"
+./scripts/build/update_repo/unlock-gpg-key.sh "$GPG_PASS"
+
+aptly publish repo grafana filesystem:repo:grafana
+aptly publish repo beta filesystem:repo:grafana
 
 # Update the repo and db on gcp
 gsutil -m rsync -r -d /deb-repo/db "gs://grafana-aptly-db/$RELEASE_TYPE"
 gsutil -m rsync -r -d /deb-repo/repo/grafana "gs://grafana-repo/$RELEASE_TYPE/deb"
 
 # usage:
-# curl https://packages.grafana.com/gpg.key | apt-key add -
+# 
 # deb https://packages.grafana.com/oss/deb stable main
diff --git a/scripts/build/update_repo/update-rpm.sh b/scripts/build/update_repo/update-rpm.sh
index a98d00a108d..26eb2c5b329 100755
--- a/scripts/build/update_repo/update-rpm.sh
+++ b/scripts/build/update_repo/update-rpm.sh
@@ -3,18 +3,31 @@
 RELEASE_TYPE="${1:-}"
 GPG_PASS="${2:-}"
 
+RELEASE_TAG="${3:-}"
+REPO="rpm"
+
 if [ -z "$RELEASE_TYPE" -o -z "$GPG_PASS" ]; then
     echo "Both RELEASE_TYPE (arg 1) and GPG_PASS (arg 2) has to be set"
     exit 1
 fi
 
+if [[ "$RELEASE_TYPE" != "oss" && "$RELEASE_TYPE" != "enterprise" ]]; then
+    echo "RELEASE_TYPE (arg 1) must be either oss or enterprise."
+    exit 1
+fi
+
+if echo "$RELEASE_TAG" | grep -q "beta"; then
+    REPO="rpm-beta"
+fi
+
 set -e
 
 # Setup environment
+BUCKET="gs://grafana-repo/$RELEASE_TYPE/$REPO"
 mkdir -p /rpm-repo
 
 # Download the database
-gsutil -m rsync -r "gs://grafana-repo/$RELEASE_TYPE/rpm" /rpm-repo
+gsutil -m rsync -r "$BUCKET" /rpm-repo
 
 # Add the new release to the repo
 cp ./dist/*.rpm /rpm-repo
@@ -32,7 +45,7 @@ pkill gpg-agent || true
 ./scripts/build/update_repo/sign-rpm-repo.sh "$GPG_PASS"
 
 # Update the repo and db on gcp
-gsutil -m rsync -r -d /rpm-repo "gs://grafana-repo/$RELEASE_TYPE/rpm"
+gsutil -m rsync -r -d /rpm-repo "$BUCKET"
 
 # usage:
 # [grafana]