CI: Add tf-sync-github-repos.yaml
Mirror TF-A, TF-M, Hafnium, and TS repos into GitHub [1]
[1]: https://linaro.atlassian.net/browse/TFC-247
Signed-off-by: Arthur She <arthur.she@linaro.org>
Change-Id: I03557c2142add7ae8fb245cf3f2918085be120fc
diff --git a/ci/tf-sync-repos.sh b/ci/tf-sync-repos.sh
new file mode 100755
index 0000000..9bb134b
--- /dev/null
+++ b/ci/tf-sync-repos.sh
@@ -0,0 +1,88 @@
+#!/usr/bin/env bash
+#
+# Copyright (c) 2023, Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+set -e
+
+# The Gerrit project and Github repo mapping
+# This script will mirror Gerrit_project to Github_repo
+# The format of the following key-value dictionary is
+# [Gerrit_project]="Github_repo"
+declare -A github_repos
+github_repos=(
+[TF-A/trusted-firmware-a]="TrustedFirmware-A/trusted-firmware-a"
+[TF-A/tf-a-tests]="TrustedFirmware-A/tf-a-tests"
+[ci/tf-a-ci-scripts]="TrustedFirmware-A/tf-a-ci-scripts"
+[TF-M/trusted-firmware-m]="TrustedFirmware-M/trusted-firmware-m"
+[TF-M/tf-m-tests]="TrustedFirmware-M/tf-m-tests"
+[TF-M/tf-m-tools]="TrustedFirmware-M/tf-m-tools"
+[TF-M/tf-m-extras]="TrustedFirmware-M/tf-m-extras"
+[hafnium/hafnium]="TF-Hafnium/hafnium"
+[hafnium/driver/linux]="TF-Hafnium/hafnium-driver-linux"
+[hafnium/prebuilts]="TF-Hafnium/hafnium-prebuilts"
+[hafnium/project/reference]="TF-Hafnium/hafnium-project-reference"
+[hafnium/third_party/dtc]="TF-Hafnium/hafnium-third_party-dtc"
+[hafnium/third_party/googletest]="TF-Hafnium/hafnium-third_party-googletest"
+[hafnium/third_party/linux]="TF-Hafnium/hafnium-third_party-linux"
+[ci/hafnium-job-configs]="TF-Hafnium/hafnium-job-configs"
+[ci/hafnium-ci-scripts]="TF-Hafnium/hafnium-ci-scripts"
+[TS/trusted-services]="Trusted-Services/trusted-services"
+)
+
+# Mirror branches, mirror Gerrit_Branch to Github_Branch
+# The format of the following key-value dictionary is
+# [Gerrit project]="Gerrit_Branch_1:Github_Branch_1 Gerrit_Branch_2:Github_Branch_2"
+declare -A mirror_branches
+mirror_branches=(
+[TF-A/trusted-firmware-a]="master:main"
+[TF-A/tf-a-tests]="master:main"
+[ci/tf-a-ci-scripts]="master:main"
+[TF-M/trusted-firmware-m]="main:main"
+[TF-M/tf-m-tests]="main:main"
+[TF-M/tf-m-tools]="main:main"
+[TF-M/tf-m-extras]="main:main"
+[hafnium/hafnium]="master:main"
+[hafnium/driver/linux]="master:main"
+[hafnium/prebuilts]="master:main"
+[hafnium/project/reference]="master:main"
+[hafnium/third_party/dtc]="master:main"
+[hafnium/third_party/googletest]="master:main"
+[hafnium/third_party/linux]="master:main"
+[ci/hafnium-job-configs]="master:main"
+[ci/hafnium-ci-scripts]="master:main"
+[TS/trusted-services]="main:main integration:integration"
+)
+
+_workdir=$(mktemp -d)
+trap '[ -d "${_workdir}" ] && rm -rf "${_workdir}"' EXIT
+
+gerrit_repo="https://review.trustedfirmware.org/${GERRIT_PROJECT}"
+gh_repo=${github_repos[${GERRIT_PROJECT}]}
+
+if [ -z "${gh_repo}" ]; then
+ echo "Can not find GitHub repo for \"${GERRIT_PROJECT}\" Gerrit project!"
+ exit 1
+fi
+
+echo "GitHub repo for \"${GERRIT_PROJECT}\" is \"https://github.com/${gh_repo}\""
+
+gh_remote="https://${AUTH_TOKEN}@github.com/${gh_repo}"
+
+git -C "${_workdir}" init > /dev/null 2>&1
+# Do the mirroring
+mb="${mirror_branches[${GERRIT_PROJECT}]}"
+for branch in ${mb}
+do
+ gerrit_branch=$(echo ${branch} | awk -F: '{print $1}')
+ gh_branch=$(echo ${branch} | awk -F: '{print $2}')
+
+ # Only sync up the branch that triggered the job
+ [ "${gerrit_branch}" != "${GERRIT_BRANCH}" ] && continue
+
+ echo -e "\nFetching Gerrit ${GERRIT_PROJECT}:${gerrit_branch}\n"
+ git -C "${_workdir}" fetch --tags "${gerrit_repo}" "${gerrit_branch}"
+ echo -e "\nSyncing up to GitHub ${gh_repo}:${gh_branch}\n"
+ git -C "${_workdir}" push --tags "${gh_remote}" FETCH_HEAD:refs/heads/"${gh_branch}"
+done
diff --git a/tf-sync-github-repos.yaml b/tf-sync-github-repos.yaml
new file mode 100644
index 0000000..3230edd
--- /dev/null
+++ b/tf-sync-github-repos.yaml
@@ -0,0 +1,122 @@
+- job:
+ name: tf-sync-github-repos
+ node: master
+ project-type: freestyle
+ concurrent: false
+ description: Mirror TF-M, TF-A, TS, and Hafnium projects into GitHub
+ disabled: false
+ builders:
+ - shell: |-
+ #!/bin/bash
+ echo "########################################################################"
+ echo " Gerrit Environment"
+ env |grep '^GERRIT'
+ echo "########################################################################"
+ mkdir -p ci
+ wget -q https://git.trustedfirmware.org/next/ci/tf-ci-scripts.git/plain/ci/tf-sync-repos.sh -O ci/tf-sync-repos.sh
+ bash ci/tf-sync-repos.sh
+ properties:
+ - build-discarder:
+ num-to-keep: 10
+ publishers:
+ - email:
+ recipients: 'arthur.she@linaro.org paul.sokolovsky@linaro.org'
+ triggers:
+ - gerrit:
+ server-name: review.trustedfirmware.org
+ trigger-on:
+ - ref-updated-event
+ projects:
+ - project-compare-type: PLAIN
+ project-pattern: TF-A/trusted-firmware-a
+ branches:
+ - branch-compare-type: PLAIN
+ branch-pattern: master
+ - project-compare-type: PLAIN
+ project-pattern: TF-A/tf-a-tests
+ branches:
+ - branch-compare-type: PLAIN
+ branch-pattern: master
+ - project-compare-type: PLAIN
+ project-pattern: ci/tf-a-ci-scripts
+ branches:
+ - branch-compare-type: PLAIN
+ branch-pattern: master
+ - project-compare-type: PLAIN
+ project-pattern: TF-M/trusted-firmware-m
+ branches:
+ - branch-compare-type: PLAIN
+ branch-pattern: main
+ - project-compare-type: PLAIN
+ project-pattern: TF-M/tf-m-tests
+ branches:
+ - branch-compare-type: PLAIN
+ branch-pattern: main
+ - project-compare-type: PLAIN
+ project-pattern: TF-M/tf-m-tools
+ branches:
+ - branch-compare-type: PLAIN
+ branch-pattern: main
+ - project-compare-type: PLAIN
+ project-pattern: TF-M/tf-m-extras
+ branches:
+ - branch-compare-type: PLAIN
+ branch-pattern: main
+ - project-compare-type: PLAIN
+ project-pattern: hafnium/hafnium
+ branches:
+ - branch-compare-type: PLAIN
+ branch-pattern: master
+ - project-compare-type: PLAIN
+ project-pattern: hafnium/driver/linux
+ branches:
+ - branch-compare-type: PLAIN
+ branch-pattern: master
+ - project-compare-type: PLAIN
+ project-pattern: hafnium/prebuilts
+ branches:
+ - branch-compare-type: PLAIN
+ branch-pattern: master
+ - project-compare-type: PLAIN
+ project-pattern: hafnium/project/reference
+ branches:
+ - branch-compare-type: PLAIN
+ branch-pattern: master
+ - project-compare-type: PLAIN
+ project-pattern: hafnium/third_party/dtc
+ branches:
+ - branch-compare-type: PLAIN
+ branch-pattern: master
+ - project-compare-type: PLAIN
+ project-pattern: hafnium/third_party/googletest
+ branches:
+ - branch-compare-type: PLAIN
+ branch-pattern: master
+ - project-compare-type: PLAIN
+ project-pattern: hafnium/third_party/linux
+ branches:
+ - branch-compare-type: PLAIN
+ branch-pattern: master
+ - project-compare-type: PLAIN
+ project-pattern: ci/hafnium-job-configs
+ branches:
+ - branch-compare-type: PLAIN
+ branch-pattern: master
+ - project-compare-type: PLAIN
+ project-pattern: ci/hafnium-ci-scripts
+ branches:
+ - branch-compare-type: PLAIN
+ branch-pattern: master
+ - project-compare-type: PLAIN
+ project-pattern: TS/trusted-services
+ branches:
+ - branch-compare-type: PLAIN
+ branch-pattern: main
+ - branch-compare-type: PLAIN
+ branch-pattern: integration
+ silent-start: true
+ wrappers:
+ - credentials-binding:
+ - text:
+ credential-id: openci-bot-github-token
+ variable: AUTH_TOKEN