Created automation for Packages.Microsoft publishing (#431)

* Dockerfile which creates container for publishing
* publish.sh script uploads to either testing or prod
* readme with step-by-step docs

Author: Elliot Boschwitz

.bumpversion.cfg

@@ -10,3 +10,4 @@ serialize =
 
 [bumpversion:file:build_scripts/rpm/mssql-cli.spec]
 
+[bumpversion:file:release_scripts/Packages.Microsoft/publish.sh]

.gitignore

@@ -120,3 +120,7 @@ env*/
 
 # .env file
 .env
+
+# cert and config files for Packages.Microsoft publishing
+release_scripts/Packages.Microsoft/private.pem
+release_scripts/Packages.Microsoft/config.json

release_scripts/Packages.Microsoft/Dockerfile

@@ -0,0 +1,26 @@
+FROM amd64/ubuntu:18.04 AS builder
+
+RUN apt-get update
+RUN apt-get -y install wget curl nano sudo gnupg gnupg2 gnupg1 jq
+RUN apt-get -y install software-properties-common
+RUN apt-get -y install apt-transport-https
+
+# Requirements for installing the Repo CLI for Packages.Microsoft
+ADD ./release_scripts/Packages.Microsoft/config.json /root/.repoclient/config.json
+ADD ./release_scripts/Packages.Microsoft/private.pem /root/private.pem
+
+# Install Repo CLI requirements
+RUN curl http://tux-devrepo.corp.microsoft.com/keys/tux-devrepo.asc > tux-devrepo.asc
+RUN apt-key add tux-devrepo.asc
+RUN echo "deb [arch=amd64] http://tux-devrepo.corp.microsoft.com/repos/tux-dev/ xenial main" | tee /etc/apt/sources.list.d/tuxdev.list
+RUN apt-get update
+
+# Add mssql-cli repo
+WORKDIR /root
+RUN mkdir Repos
+RUN mkdir Repos/mssql-cli
+ADD . Repos/mssql-cli
+
+# add privileges to publish script
+WORKDIR /root/Repos/mssql-cli
+RUN chmod +x release_scripts/Packages.Microsoft/publish.sh

release_scripts/Packages.Microsoft/README.md

@@ -0,0 +1,123 @@
+# Publishing to Packages.Microsoft
+> Please ensure that stable versions of rpm and deb have already been published to daily storage.
+
+> Publishing to the Microsoft Repo may only be completed on corp-net. Support for non-corp-net access is not available at the time of this writing. Repo CLI docs may be accessed [here](http://csd-linux-publishing-service.azurewebsites.net/).
+
+The following steps are required to deploy Linux packages to Packages.Microsoft:
+1. Build a Linux environment which supports the Repo CLI installation.
+2. Install [Repo CLI](http://csd-linux-publishing-service.azurewebsites.net/client#commands), a tool used to publish to Packages.Microsoft.
+3. Publish to each supported Linux distribution.
+
+Much of this process has been automated, however, each step may be conducted manually if desired.
+
+## Creating Linux Environment
+A Linux environment needs to be created to install [Repo CLI](http://csd-linux-publishing-service.azurewebsites.net/client#commands), which requires:
+1. AMD architecture.
+2. Connection to corp-net.
+3. Include both config and certificate files, detailed below.
+
+### Required Files for Repo CLI
+[Repo CLI](http://csd-linux-publishing-service.azurewebsites.net/client#commands) is the required API to publish Linux packages to Packages.Microsoft. Two files are required to use this tool:
+1. **A certificate** used for authenticating with the tool.
+2. **A JSON config file** as listed on the [Repo CLI docs](http://csd-linux-publishing-service.azurewebsites.net/client#commands).
+
+#### Certificate
+The certificate is hosted on our team's Key Vault account in Azure, under 'Certificates'. Download the certificate as a PEM file and include it in this directory (Packages.Microsoft). Rename the file as **private.pem**.
+
+* If you plan to use the automated publishing process, place **private.pem** in this directory (`<repo root>/release_scripts/Packages.Microsoft/private.pem`).
+* If a custom Linux environment is used, the location needs to be in `/root/private.pem`.
+
+#### Config
+An incomplete `config.json` file is located in this directory. Complete the empty attributes as follows:
+* `"AADClientId"`: points to the mssql-cli app registration, titled **mssql-cli (Registered with Packages.Microsoft)**. The ID can be obtained by accessing the Azure Portal.
+* `"AADResource"` and `"AADTenant"`: both point to Packages.Microsoft-specific resources. To obtain these values, access the [Repo CLI](http://csd-linux-publishing-service.azurewebsites.net/client) home page, click the **Configure the Repo CLI** tab, followed by the **Packages.Microsoft** sub-tab.
+
+If you plan to use the automated publishing process, keep this file located as is. Otherwise, copy this file to `/root/.repoclient/config.json` on your Linux machine.
+
+### Create Linux Container
+This directory contains a dockerfile that generates a Linux environment that's compliant with Repo CLI.
+
+If a non-Docker Linux environment is desired, you may skip to [Repo CLI Installation](#repo-cli-installation). However, please ensure your Linux machine:
+1. Uses AMD architecture
+2. Is connected to corp-net
+
+#### Building Docker Container
+> Docker Desktop is required and may be installed for macOS or Windows [here](https://www.docker.com/products/docker-desktop).
+
+Complete the below command below to create a Docker container with dependencies installed for publishing.
+
+From the root repo directory, run:
+```sh
+docker build -t mssqlcli-publish-msftrepo -f release_scripts/Packages.Microsoft/Dockerfile . --no-cache
+```
+
+#### Running Docker Container
+This will run the Docker container that was built using the previous command.
+```sh
+docker run -it mssqlcli-publish-msftrepo bash
+```
+
+You may now complete the Repo CLI installation, detailed in the next section.
+
+## Repo CLI Installation
+[Repo CLI](http://csd-linux-publishing-service.azurewebsites.net/client) is the the tool used to publish packages to Packages.Microsoft. Install the Repo CLI in your Linux environment as follows:
+
+```sh
+sudo apt-get -y install azure-repoapi-client
+```
+
+Respond to all prompts to complete installation.
+
+## Publishing to Packages.Microsoft Using Repo CLI
+The `publish.sh` script will upload deb and rpm packages to Packages.Microsoft by consulting the `supported_repos_prod.json` or `supported_repos_testing.json` file. This data is used to find supported repositories located in Packages.Microsoft.
+
+`publish.sh` takes `'testing'` or `'prod'` parameters as its second argument. Uploading to the testing distribution is effective for testing the installation and usage of mssql-cli on various Linux systems without affecting production.
+
+### Publishing to Testing Channel
+From the mssql-cli folder root, make the following command to upload packages to all repositories in the `supported_repos_testing.json` file:
+```sh
+# default call will display commands rather than upload packages
+release_scripts/Packages.Microsoft/publish.sh $(pwd) 'testing'
+
+# use --upload to publish to Packages.Microsoft
+release_scripts/Packages.Microsoft/publish.sh $(pwd) 'testing' --upload
+```
+
+Visit the [testing](#testing-distribution-downloads) section for more information on downloading builds from the testing distribution.
+
+### Publishing to Production Channel
+When ready for production, change `'testing'` with `'prod'`, which will upload to all repositories in the `supported_repos_prod.json` file:
+```sh
+# default call will display commands rather than upload packages
+release_scripts/Packages.Microsoft/publish.sh $(pwd) 'prod'
+
+# use --upload to publish to Packages.Microsoft
+release_scripts/Packages.Microsoft/publish.sh $(pwd) 'prod' --upload
+```
+
+## Repo CLI Commands
+This list below contains frequently used commands to navigate the Repo CLI API:
+
+#### Upload Single Package
+Packages.Microsoft uses **repositories** to distinguish publishing channels. mssql-cli publishes .deb and .rpm packages directly to repositories, which map to a Linux distribution (i.e. Ubuntu 16.04) along with it's distribution channel (i.e. prod or testing). The [list uploaded pacakges](#list-uploaded-packages) command will display a list respositories with previously-published mssql-cli packages.
+
+The call below uploads a .deb or .rpm package to a specificed repository in Packages.Microsoft:
+```sh
+repoclient package add <package filepath> -r <repo ID>
+```
+
+#### List Uploaded Packages
+Use the call below to display a history of previously-published mssql-cli packages:
+```sh
+repoclient package list | jq '.[] | select(.name=="mssql-cli")'
+```
+
+#### List Repositories by Linux Version and Distribution Channel
+Use the below command to list Packages.Microsoft repository information, with filters for Linux OS and distribution channel:
+
+```sh
+repoclient repo list | jq '.[] | select(.url=="<Linux OS name>" and .distribution=="<distribution>")'
+
+# For example:
+repoclient repo list | jq '.[] | select(.url=="microsoft-ubuntu-xenial-prod" and .distribution=="testing")'
+```

release_scripts/Packages.Microsoft/config.json

@@ -0,0 +1,10 @@
+{
+  "server": "package-repo-service.corp.microsoft.com",
+  "port": "443",
+  "AADClientId": "",
+  "AADClientCertificate": "/root/private.pem",
+  "AADResource": "",
+  "AADTenant": "",
+  "AADAuthorityUrl": "https://login.microsoftonline.com",
+  "repositoryId": ""
+}

release_scripts/Packages.Microsoft/publish.sh

@@ -0,0 +1,119 @@
+# Publishes deb and rpm packages to Packages.Microsoft repo
+
+# Validate initial argument is used
+if [[ -z "$1" ]]
+  then
+    echo "First argument should be path to local repo."
+    exit 1
+fi
+
+# Validate second argument specifices either prod or testing for publishing channel.
+# Each dictionary specifies key-value paris for repo URLs with distribution names.
+# Both URL and distribution are needed to query for a repo ID, which is later used
+# for publishing.
+if [[ ${2,,} = 'prod' ]]; then
+    declare -A repos=( \
+        ["microsoft-ubuntu-xenial-prod"]="xenial" \
+        ["microsoft-ubuntu-bionic-prod"]="bionic" \
+        ["microsoft-debian-jessie-prod"]="jessie" \
+        ["microsoft-debian-stretch-prod"]="stretch" \
+        ["microsoft-rhel7.0-prod"]="trusty" \
+        ["microsoft-rhel7.1-prod"]="trusty" \
+        ["microsoft-rhel7.2-prod"]="trusty" \
+        ["microsoft-rhel7.3-prod"]="trusty" \
+        ["microsoft-rhel7.4-prod"]="trusty" \
+        ["microsoft-centos7-prod"]="trusty" \
+        ["microsoft-centos8-prod"]="centos" \
+    )
+elif [[ ${2,,} = 'testing' ]]; then
+    declare -A repos=( \
+        ["microsoft-ubuntu-trusty-prod"]="testing" \
+        ["microsoft-ubuntu-xenial-prod"]="testing" \
+        ["microsoft-debian-jessie-prod"]="testing" \
+        ["microsoft-debian-stretch-prod"]="testing" \
+        ["microsoft-opensuse42.3-testing-prod"]="testing" \
+        ["microsoft-rhel7.0-testing-prod"]="testing" \
+        ["microsoft-rhel7.1-testing-prod"]="testing" \
+        ["microsoft-rhel7.3-testing-prod"]="testing" \
+        ["microsoft-rhel7.2-testing-prod"]="testing" \
+        ["microsoft-rhel7.4-testing-prod"]="testing" \
+        ["microsoft-rhel8.0-testing-prod"]="testing" \
+        ["microsoft-centos7-testing-prod"]="testing" \
+        ["microsoft-centos8-testing-prod"]="testing" \
+        ["microsoft-opensuse42.2-testing-prod"]="testing" \
+        ["microsoft-sles12-testing-prod"]="testing" \
+        ["microsoft-ubuntu-bionic-prod"]="testing" \
+        ["microsoft-ubuntu-cosmic-prod"]="testing" \
+        ["microsoft-ubuntu-disco-prod"]="testing" \
+        ["microsoft-debian-buster-prod"]="testing" \
+        ["microsoft-debian-jessie-prod"]="testing" \
+        ["microsoft-debian-stretch-prod"]="testing" \
+    )
+else
+    echo "Second argument should specify 'prod' or 'testing' for repository distribution type."
+    exit 1
+fi
+
+# Confirm if third optional '--upload' argument is used
+if [[ ${3,,} = '--upload' ]]; then
+    is_upload='True'
+
+    # download latest stable deb and rpm packages
+    wget https://mssqlcli.blob.core.windows.net/daily/deb/mssql-cli_1.0.0-1_all.deb --directory-prefix=/root/
+    wget https://mssqlcli.blob.core.windows.net/daily/rpm/mssql-cli-1.0.0-1.el7.x86_64.rpm --directory-prefix=/root/
+else
+    is_upload='False'
+fi
+
+local_repo=$1
+deb_pkg=/root/mssql-cli_1.0.0-1_all.deb
+rpm_pkg=/root/mssql-cli-1.0.0-1.el7.x86_64.rpm
+
+# build url_match_string to get repo ID's from above URL names
+url_match_str=""
+for repo_url in ${!repos[@]}; do
+    # get key from url string
+    distribution="${repos[$repo_url]}"
+
+    if [[ $url_match_str == "" ]]; then
+        # only append 'or' to string if not first index
+        url_match_str="(.url==\"${repo_url}\" and .distribution==\"${distribution}\")"
+    else
+        url_match_str="${url_match_str} or (.url==\"${repo_url}\" and .distribution==\"${distribution}\")"
+    fi
+done
+
+# construct string for select statement in jq command,
+# filters by repo URL and distribution type
+select_stmnt="select(${url_match_str})"
+
+# query for list of IDs from repo urls
+list_repo_id=$(repoclient repo list | jq -r ".[] | ${select_stmnt} | @base64")
+for repo_data in $(echo "${list_repo_id}"); do
+    _jq() {
+        # decode JSON
+        echo ${repo_data} | base64 --decode | jq -r ${1}
+    }
+    repo_id=$(_jq '.id')
+    repo_type=$(_jq '.type')
+
+    # publish deb or rpm package
+    # '-r' specifies the destination repository (by ID)
+    # 'break' exits loop if something failed with command
+    if [[ $repo_type == "apt" ]]; then
+        command="repoclient package add $deb_pkg -r $repo_id"
+    elif [[ $repo_type == "yum" ]]; then
+        command="repoclient package add $rpm_pkg -r $repo_id"
+    else
+        echo "No package published for $(_jq '.url')"
+        break
+    fi
+
+    echo $command
+    if [[ $is_upload == "True" ]]; then
+        # publish package
+        echo "Publishing $repo_type for $repo_url..."
+        eval "$command || break"
+        printf "\n"
+    fi
+done