#156 Add configuration for drone

.drone.yml

@@ -0,0 +1,163 @@
+---
+kind: pipeline
+name: default
+
+# Disable default clone
+clone:
+  disable: true
+
+steps:
+  # This clone step doesn't use "root" user
+  - name: clone
+    image: plugins/git:next
+
+  # Restore cache of downloaded dependencies
+  - name: restore cache
+    image: drillster/drone-volume-cache
+    settings:
+      restore: true
+      mount:
+        - .sbt
+        - .ivy2
+        - www/node_modules
+    volumes: [{name: cache, path: /cache}]
+
+  # Run project tests
+  - name: run tests and build stage
+    image: thehiveproject/drone-scala-node
+    commands:
+      - . ~/.nvm/nvm.sh
+      - sbt -Duser.home=$PWD test stage
+
+  # Build packages
+  - name: build packages
+    image: thehiveproject/drone-scala-node
+    settings:
+      pgp_key: {from_secret: pgp_key}
+    commands:
+      - |
+        . ~/.nvm/nvm.sh
+        [ -n "$PLUGIN_PGP_KEY" ] && gpg --batch --import - <<< $PLUGIN_PGP_KEY
+        sbt -Duser.home=$PWD docker:stage debian:packageBin rpm:packageBin universal:packageBin
+    when:
+      event: [tag]
+
+  # Save external libraries in cache
+  - name: save cache
+    image: drillster/drone-volume-cache
+    settings:
+      rebuild: true
+      mount:
+        - .sbt
+        - .ivy2
+        - www/node_modules
+    volumes: [{name: cache, path: /cache}]
+
+  - name: publish packages
+    image: thehiveproject/drone-bintray
+    settings:
+      user: {from_secret: bintray_user}
+      key: {from_secret: bintray_key}
+      subject: thehive-project
+      package: cortex
+    commands:
+      - |
+        export PLUGIN_USER
+        export PLUGIN_KEY
+        export PLUGIN_SUBJECT
+        export PLUGIN_PACKAGE
+        export PLUGIN_VERSION=$(cut -d\" -f2 version.sbt)
+        echo "Publishing package version $PLUGIN_VERSION"
+
+        if echo $PLUGIN_VERSION | grep -qvi -E \
+            -e '^[0-9]+\.[0-9]+\.[0-9]+$' \
+            -e '^[0-9]+\.[0-9]+\.[0-9]+-[0-9]+$' \
+            -e '^[0-9]+\.[0-9]+\.[0-9]+-RC[0-9]+$'; then
+          echo The version $PLUGIN_VERSION has invalid format
+          exit 1
+        fi
+
+        CHANNEL=stable
+        echo $PLUGIN_VERSION | grep -qi rc && CHANNEL=beta
+
+        DEB_FILE=target/cortex_$${PLUGIN_VERSION}_all.deb
+        RPM_FILE=target/rpm/RPMS/noarch/cortex-$${PLUGIN_VERSION}.noarch.rpm
+        ZIP_FILE=target/universal/cortex-$${PLUGIN_VERSION}.zip
+
+        upload \
+          --file $DEB_FILE \
+          --repo debian-beta \
+          --extra-param deb_distribution=any \
+          --extra-param deb_component=main \
+          --extra-param deb_architecture=all
+
+        [ $CHANNEL = stable ] && upload \
+          --file $DEB_FILE \
+          --repo debian-stable \
+          --extra-param deb_distribution=any \
+          --extra-param deb_component=main \
+          --extra-param deb_architecture=all
+
+        upload \
+          --file $RPM_FILE \
+          --repo rpm-beta
+
+        [ $CHANNEL = stable ] && upload \
+          --file $RPM_FILE \
+          --repo rpm-stable
+
+        upload \
+          --file $ZIP_FILE \
+          --repo binary
+
+        LATEST_VERSION=latest
+        [ $CHANNEL = beta ] && LATEST_VERSION=latest-beta
+
+        removeVersion \
+          --repo binary \
+          --version $LATEST_VERSION
+
+        upload \
+          --file $ZIP_FILE \
+          --repo binary \
+          --version $LATEST_VERSION \
+          --dest-file cortex-$${LATEST_VERSION}.zip
+    when:
+      event: [tag]
+
+  # Publish docker image
+  - name: docker
+    image: plugins/docker
+    settings:
+      context: target/docker/stage
+      dockerfile: target/docker/stage/Dockerfile
+      repo: tooom/cortex
+      auto_tag: true
+      username: {from_secret: docker_username}
+      password: {from_secret: docker_password}
+    when:
+      event: [tag]
+
+  - name: copy binaries
+    image: appleboy/drone-scp
+    settings:
+      host: {from_secret: deploy_beta_host}
+      username: {from_secret: deploy_username}
+      key: {from_secret: deploy_key}
+      target: ./cortex-builds/${DRONE_BUILD_NUMBER}
+      source: target/universal/stage
+      strip_components: 3
+
+  - name: deploy binaries
+    image: appleboy/drone-ssh
+    settings:
+      host: {from_secret: deploy_beta_host}
+      username: {from_secret: deploy_username}
+      key: {from_secret: deploy_key}
+      script:
+        - ./start cortex ${DRONE_BUILD_NUMBER}
+
+volumes:
+  - name: cache
+    host:
+      path: /opt/drone/cache

debian.sbt

@@ -1,6 +1,15 @@
-import Common._
+import Common.{stableVersion, betaVersion, snapshotVersion}
 
-version in Debian := getVersion(version.value) + '-' + getRelease(version.value)
+linuxPackageMappings in Debian += packageMapping(file("LICENSE") -> "/usr/share/doc/cortex/copyright").withPerms("644")
+version in Debian := {
+  version.value match {
+    case stableVersion(_, _) => version.value
+    case betaVersion(v1, v2) => v1 + "-0.1RC" + v2
+    case snapshotVersion(_, _) => version.value + "-SNAPSHOT"
+    case _ => sys.error("Invalid version: " + version.value)
+  }
+}
+debianPackageRecommends := Seq("elasticsearch")
 debianPackageDependencies += "java8-runtime | java8-runtime-headless"
 maintainerScripts in Debian := maintainerScriptsFromDirectory(
   baseDirectory.value / "package" / "debian",

docker.sbt

@@ -1,20 +1,26 @@
-import Common._
-import com.typesafe.sbt.packager.docker.{ Cmd, ExecCmd }
+import Common.{betaVersion, snapshotVersion, stableVersion}
+import com.typesafe.sbt.packager.docker.{Cmd, ExecCmd}
 
-version in Docker := getVersion(version.value) + '-' + getRelease(version.value)
+version in Docker := {
+  version.value match {
+    case stableVersion(_, _) => version.value
+    case betaVersion(v1, v2) => v1 + "-0.1RC" + v2
+    case snapshotVersion(_, _) => version.value + "-SNAPSHOT"
+    case _ => sys.error("Invalid version: " + version.value)
+  }
+}
 defaultLinuxInstallLocation in Docker := "/opt/cortex"
 dockerRepository := Some("thehiveproject")
-dockerUpdateLatest := true
+dockerUpdateLatest := !version.value.toUpperCase.contains("RC")
 dockerEntrypoint := Seq("/opt/cortex/entrypoint")
-dockerExposedPorts := Seq(9001)
+dockerExposedPorts := Seq(9000)
 mappings in Docker ++= Seq(
   file("package/docker/entrypoint") -> "/opt/cortex/entrypoint",
-  file("conf/logback.xml") -> "/etc/cortex/logback.xml",
+  file("package/logback.xml") -> "/etc/cortex/logback.xml",
   file("package/empty") -> "/var/log/cortex/application.log")
 mappings in Docker ~= (_.filterNot {
   case (_, filepath) => filepath == "/opt/cortex/conf/application.conf"
 })
-
 dockerCommands ~= { dc =>
   val (dockerInitCmds, dockerTailCmds) = dc
     .collect {

project/Common.scala

@@ -1,14 +1,17 @@
-import sbt._
+import scala.util.matching.Regex
+
 import sbt.Keys._
+import sbt._
 
 object Common {
 
   val projectSettings = Seq(
     organizationName := "TheHive-Project",
     organization := "org.thehive-project",
-    licenses += "AGPL-V3" -> url("https://www.gnu.org/licenses/agpl-3.0.html"),
+    licenses += "AGPL-V3" → url("https://www.gnu.org/licenses/agpl-3.0.html"),
     organizationHomepage := Some(url("http://thehive-project.org/")),
     resolvers += Resolver.bintrayRepo("thehive-project", "maven"),
+    resolvers += "elasticsearch-releases" at "https://artifacts.elastic.co/maven",
     scalaVersion := Dependencies.scalaVersion,
     scalacOptions ++= Seq(
       "-deprecation", // Emit warning and location for usages of deprecated APIs.
@@ -22,7 +25,7 @@ object Common {
       "-Ywarn-nullary-override", // Warn when non-nullary overrides nullary, e.g. def foo() over def foo.
       "-Ywarn-numeric-widen" // Warn when numerics are widened.
     ),
-    scalacOptions in Test ~= { options =>
+    scalacOptions in Test ~= { options ⇒
       options filterNot (_ == "-Ywarn-dead-code") // Allow dead code in tests (to support using mockito).
     },
     parallelExecution in Test := false,
@@ -34,13 +37,15 @@ object Common {
     excludeDependencies += "org.apache.logging.log4j" % "log4j-core"
   )
 
-  def getVersion(version: String): String = version.takeWhile(_ != '-')
-
-  def getRelease(version: String): String = {
-    version.dropWhile(_ != '-').dropWhile(_ == '-') match {
-      case "" => "1"
-      case r if r.contains('-') => sys.error("Version can't have more than one dash")
-      case r => s"0.1$r"
+  val stableVersion: Regex = "(\\d+\\.\\d+\\.\\d+)-(\\d+)".r
+  val betaVersion: Regex = "(\\d+\\.\\d+\\.\\d+)-[Rr][Cc](\\d+)".r
+  object snapshotVersion {
+    def unapplySeq(version: String): Option[List[String]] = {
+      if (version.endsWith("-SNAPSHOT")) {
+        val v = version.dropRight(9)
+        stableVersion.unapplySeq(v) orElse betaVersion.unapplySeq(v)
+      }
+      else None
     }
   }
 }

rpm.sbt

@@ -1,23 +1,46 @@
-import Common._
+import Common.{stableVersion, betaVersion, snapshotVersion}
 
-version in Rpm := getVersion(version.value)
-rpmRelease := getRelease(version.value)
-rpmVendor := "TheHive Project"
+version in Rpm := {
+  version.value match {
+    case stableVersion(v1, v2) => v1
+    case betaVersion(v1, v2) => v1
+    case snapshotVersion(v1, v2) => v1
+    case _ => sys.error("Invalid version: " + version.value)
+  }
+}
+rpmRelease := {
+  version.value match {
+    case stableVersion(_, v2) => v2
+    case betaVersion(v1, v2) => "0.1RC" + v2
+    case snapshotVersion(v1, v2) => v2 + "-SNAPSHOT"
+    case _ => sys.error("Invalid version: " + version.value)
+  }
+}
+rpmVendor := organizationName.value
 rpmUrl := organizationHomepage.value.map(_.toString)
 rpmLicense := Some("AGPL")
 rpmRequirements += "java-1.8.0-openjdk-headless"
+
 maintainerScripts in Rpm := maintainerScriptsFromDirectory(
   baseDirectory.value / "package" / "rpm",
   Seq(RpmConstants.Pre, RpmConstants.Preun, RpmConstants.Postun)
 )
-linuxPackageMappings in Rpm := configWithNoReplace((linuxPackageMappings in Rpm).value)
+
 linuxPackageSymlinks in Rpm := Nil
 rpmPrefix := Some(defaultLinuxInstallLocation.value)
 linuxEtcDefaultTemplate in Rpm := (baseDirectory.value / "package" / "etc_default_cortex").asURL
+
+linuxPackageMappings in Rpm := configWithNoReplace((linuxPackageMappings in Rpm).value)
+
 packageBin in Rpm := {
   import scala.sys.process._
-
   val rpmFile = (packageBin in Rpm).value
-  s"rpm --addsign $rpmFile".!!
+  Process("rpm" ::
+    "--define" :: "_gpg_name TheHive Project" ::
+    "--define" :: "_signature gpg" ::
+    "--define" :: "__gpg_check_password_cmd /bin/true" ::
+    "--define" :: "__gpg_sign_cmd %{__gpg} gpg --batch --no-verbose --no-armor --use-agent --no-secmem-warning -u \"%{_gpg_name}\" -sbo %{__signature_filename} %{__plaintext_filename}" ::
+    "--addsign" :: rpmFile.toString ::
+    Nil).!!
   rpmFile
 }