Merge remote-tracking branch 'origin/dev' into wip/cmake

Conflicts:
	coin/platform_configs/default.yaml
	coin/platform_configs/qt5.yaml
	coin/platform_configs/qtbase.yaml
	coin/platform_configs/qtdeclarative.yaml
	coin/platform_configs/qtsaferenderer.yaml
	coin/platform_configs/qtsdk.yaml
	coin/provisioning/common/linux/cmake_linux.sh
	coin/provisioning/common/windows/cmake.ps1

Change-Id: I37bb513e3be19e4de4003679f8528677e57c09ee

coin/provisioning/common/unix/DownloadURL.sh

@@ -1,8 +1,8 @@
-#!/usr/bin/env bash
+#!/bin/sh
 
 #############################################################################
 ##
-## Copyright (C) 2017 The Qt Company Ltd.
+## Copyright (C) 2019 The Qt Company Ltd.
 ## Contact: http://www.qt.io/licensing/
 ##
 ## This file is part of the provisioning scripts of the Qt Toolkit.
@@ -33,31 +33,78 @@
 ##
 #############################################################################
 
+
 # A helper script used for downloading a file from a URL or an alternative
-# URL. Also the SHA1 is checked for the file. Target filename should also
-# be given.
-#
-# If called directly from another script, it will exit the parent script
-# as well, if not called in its own subshell with parentheses.
+# URL. Also the SHA is checked for the file (SHA algorithm is autodetected
+# based on the SHA length). Target filename should also be given.
 
-set -ex
+############################ BOILERPLATE ###############################
+command -v sha1sum >/dev/null   ||  alias   sha1sum='shasum -a 1'
+command -v sha256sum >/dev/null ||  alias sha256sum='shasum -a 256'
+command -v sha384sum >/dev/null ||  alias sha384sum='shasum -a 384'
+command -v sha512sum >/dev/null ||  alias sha512sum='shasum -a 512'
+########################################################################
 
-function DownloadURL {
-    url=$1
-    url_alt=$2
-    expectedSha1=$3
-    targetFile=$4
 
-    echo "Downloading from primary URL '$url'"
-    curl --fail -L --retry 5 --retry-delay 5 -o "$targetFile" "$url" ||  {
-        echo "Failed to download '$url' multiple times"
-        echo "Downloading from alternative URL '$url_alt'"
-        curl --fail -L --retry 5 --retry-delay 5 -o "$targetFile" "$url_alt" || { echo 'Failed to download even from alternative url'; exit 1; }
-    }
+Download () {
+    url="$1"
+    targetFile="$2"
 
-    echo "Checking SHA1 on PKG '$targetFile'"
-    echo "$expectedSha1 *$targetFile" > "$targetFile.sha1"
-    sha1sum --check "$targetFile.sha1"
-    rm -f "$targetFile.sha1"
+    command -v curl >/dev/null  \
+        && curl --fail -L --retry 5 --retry-delay 5 -o "$targetFile" "$url"  \
+        || wget --tries 5 -O "$targetFile" "$url"
 }
 
+VerifyHash () {
+    file=$1
+    expectedHash=$2
+
+    if [ ! -f "$file" ]
+    then  return 2              # file does not exist
+    fi
+
+
+    hashLength="$(echo "$expectedHash" | wc -c | sed 's/ *//g')"
+    # Use backticks because of bug with bash-3 (default on macOS),
+    # caused when there are unbalanced parentheses inside $()
+    # shellcheck disable=SC2006
+    hash=`case "$hashLength" in
+            41)  sha1sum    "$file"  ;;
+            65)  sha256sum  "$file"  ;;
+            97)  sha384sum  "$file"  ;;
+            129) sha512sum  "$file"  ;;
+            *) echo "FATAL! Unknown hash length:  $hashLength" 1>&2  &&  exit 1  ;;
+        esac | cut -d ' ' -f 1`
+
+    if [ ! "$expectedHash" = "$hash" ]
+    then
+        echo "FAIL! wrong file hash:  $file  $hash"  1>&2
+        return 1
+    fi
+    echo "OK verified integrity of:  $file"
+}
+
+# Check if file already exists and is good, otherwise download it
+DownloadURL () {
+    url=$1
+    url2=$2
+    expectedHash=$3
+    targetFile=$4
+
+    if VerifyHash "$targetFile" "$expectedHash"
+    then
+        echo "Skipping download, found and validated existing file:  $targetFile"
+    else
+        echo "Downloading from primary URL:  $url"
+        if  ! Download "$url" "$targetFile"
+        then
+            echo "FAIL! to download, trying alternative URL:  $url2"  1>&2
+            if  ! Download "$url2" "$targetFile"
+            then
+                echo 'FAIL! to download even from alternative URL'  1>&2
+                return 1
+            fi
+        fi
+        VerifyHash "$targetFile" "$expectedHash"
+    fi
+}

coin/provisioning/common/unix/common.sourced.sh

@@ -0,0 +1,159 @@
+#!/bin/sh
+
+
+#############################################################################
+##
+## Copyright (C) 2019 The Qt Company Ltd.
+## Contact: http://www.qt.io/licensing/
+##
+## This file is part of the provisioning scripts of the Qt Toolkit.
+##
+## $QT_BEGIN_LICENSE:LGPL21$
+## Commercial License Usage
+## Licensees holding valid commercial Qt licenses may use this file in
+## accordance with the commercial license agreement provided with the
+## Software or, alternatively, in accordance with the terms contained in
+## a written agreement between you and The Qt Company. For licensing terms
+## and conditions see http://www.qt.io/terms-conditions. For further
+## information use the contact form at http://www.qt.io/contact-us.
+##
+## GNU Lesser General Public License Usage
+## Alternatively, this file may be used under the terms of the GNU Lesser
+## General Public License version 2.1 or version 3 as published by the Free
+## Software Foundation and appearing in the file LICENSE.LGPLv21 and
+## LICENSE.LGPLv3 included in the packaging of this file. Please review the
+## following information to ensure the GNU Lesser General Public License
+## requirements will be met: https://www.gnu.org/licenses/lgpl.html and
+## http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
+##
+## As a special exception, The Qt Company gives you certain additional
+## rights. These rights are described in The Qt Company LGPL Exception
+## version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
+##
+## $QT_END_LICENSE$
+##
+#############################################################################
+
+
+# Script to be sourced from everywhere you need a common environment. Defines:
+export PROVISIONING_DIR
+export PROVISIONING_OS
+export PROVISIONING_OS_ID
+export PROVISIONING_ARCH
+export CMD_PKG_INSTALL
+export CMD_PKG_LOCALINSTALL
+export CMD_INSTALL
+
+
+
+if [ x"$IS_PROVISIONING_COMMON_SOURCED" != x ]
+then
+    echo "common.sourced.sh has already been sourced, re-sourcing skipped"
+    return
+fi
+
+# Do not export; you want children to re-source, because they only inherit the
+# variables but not the functions
+IS_PROVISIONING_COMMON_SOURCED=1
+
+
+fatal () {
+    echo "$1" 1>&2
+    if [ x"$2" != x ]
+    then  exit "$2"
+    else  exit
+    fi
+}
+
+# Takes one argument which should be the filename of this script. Returns true
+# if the script is being sourced, false if the script is being executed.
+is_script_executed () {
+    [ x"$(basename $(echo "$0" | sed s/^-//))" = x"$1" ]
+}
+
+
+is_script_executed  common.sourced.sh  \
+    && fatal "Script common.sourced.sh should always be sourced, not executed"
+
+
+_detect_linux_OS_ID () {
+    if [ -f /etc/os-release ]
+    then
+        . /etc/os-release
+        PROVISIONING_OS_ID="$ID"
+    elif [ -f /etc/redhat-release ]
+    then
+         case "$(cat /etc/redhat-release)" in
+             "Red Hat Enterprise Linux"*)
+                 PROVISIONING_OS_ID="rhel"
+                 ;;
+             "CentOS Linux"*)
+                 PROVISIONING_OS_ID="centos"
+                 ;;
+             *) fatal "Unknown string in /etc/redhat-release" ;;
+         esac
+    fi
+}
+
+set_common_environment () {
+    # Unfortunately we can't find the provisioning directory from a sourced
+    # script in a portable way
+    # PROVISIONING_DIR="$(dirname "$0")/../../"
+
+    [ x"$PROVISIONING_DIR" = x ]  \
+        &&  fatal  "PROVISIONING_DIR variable needs to be set before calling set_common_environment"
+
+    uname_s="$(uname -s)"
+    case "$uname_s" in
+        Linux)
+            PROVISIONING_OS=linux
+            _detect_linux_OS_ID
+            case "$PROVISIONING_OS_ID" in
+                suse|sles|opensuse*)
+                    CMD_PKG_INSTALL="sudo zypper -nq install"
+                    CMD_PKG_LOCALINSTALL="sudo zypper --no-gpg-checks -nq install"
+                    ;;
+                debian|ubuntu)
+                    CMD_PKG_INSTALL="sudo apt -y install"
+                    CMD_PKG_LOCALINSTALL="sudo apt -y install"
+                    ;;
+                rhel|centos|fedora)
+                    CMD_PKG_INSTALL="sudo yum -y install"
+                    CMD_PKG_LOCALINSTALL="sudo yum -y --nogpgcheck localinstall"
+                    ;;
+                *)  fatal "Unknown ID in /etc/os-release: $PROVISIONING_OS_ID" ;;
+            esac
+            ;;
+        Darwin)
+            PROVISIONING_OS=macos
+            PROVISIONING_OS_ID=macos
+            CMD_PKG_INSTALL="brew install"
+            CMD_PKG_LOCALINSTALL="echo 'TODO how to install a package file on macOS'"
+            ;;
+        *)
+            fatal "Unknown system in uname: $uname_s" 42
+            ;;
+    esac
+
+    uname_m="$(uname -m)"
+    case "$uname_m" in
+        x86_64|amd64) PROVISIONING_ARCH=amd64 ;;
+        i[3456]86)    PROVISIONING_ARCH=x86  ;;
+        *) fatal "Unknown architecture in uname: $uname_m" 43 ;;
+    esac
+
+    CMD_INSTALL="sudo install"
+}
+
+set_common_environment
+
+set_dry_run () {
+    if [ x"$PROVISIONING_DRY_RUN" != x ]
+    then
+        CMD_PKG_INSTALL="echo DRYRUN:  $CMD_PKG_INSTALL"
+        CMD_PKG_LOCALINSTALL="echo DRYRUN:  $CMD_PKG_LOCALINSTALL"
+        CMD_INSTALL="echo DRYRUN:  $CMD_INSTALL"
+    fi
+}
+
+set_dry_run

coin/provisioning/common/unix/install-openssl.sh

@@ -42,11 +42,11 @@ source "${BASH_SOURCE%/*}/../unix/DownloadURL.sh"
 # shellcheck source=../unix/SetEnvVar.sh
 source "${BASH_SOURCE%/*}/../unix/SetEnvVar.sh"
 
-version="1.1.1b"
+version="1.1.1d"
 officialUrl="https://www.openssl.org/source/openssl-$version.tar.gz"
 cachedUrl="http://ci-files01-hki.intra.qt.io/input/openssl/openssl-$version.tar.gz"
 targetFile="/tmp/openssl-$version.tar.gz"
-sha="e9710abf5e95c48ebf47991b10cbb48c09dae102"
+sha="056057782325134b76d1931c48f2c7e6595d7ef4"
 opensslHome="${HOME}/openssl-${version}"
 opensslSource="${opensslHome}-src"
 DownloadURL "$cachedUrl" "$officialUrl" "$sha" "$targetFile"

coin/provisioning/common/unix/install_protobuff.sh

@@ -64,7 +64,7 @@ if uname -a |grep -q Darwin; then
 else
     ./configure
 fi
-make
+make -j5
 sudo make install
 
 # Refresh shared library cache if OS isn't macOS

coin/provisioning/common/unix/squishInstall.sh

@@ -122,7 +122,7 @@ function MountAndInstall {
         sudo cp $targetFileMount /tmp
         UnMount
         sudo hdiutil attach "/tmp/$targetFile"
-        sudo /Volumes/froglogic\ Squish/Install\ Squish.app/Contents/MacOS/Squish unattended=1 targetdir="$targetDirectory/package" qtpath="$targetDirectory" > /dev/null 2>&1
+        sudo /Volumes/froglogic\ Squish/Install\ Squish.app/Contents/MacOS/Squish unattended=1 targetdir="$targetDirectory/package" qtpath="$targetDirectory" > /dev/null
         mountFolder="/Volumes/froglogic Squish"
         UnMount
     elif [[ $targetFile == *.run ]]; then
@@ -130,7 +130,7 @@ function MountAndInstall {
         sudo cp $targetFileMount $targetDirectory
         UnMount
         sudo chmod +x $targetDirectory/$targetFile
-        sudo $targetDirectory/$targetFile unattended=1 targetdir="$targetDirectory/package" qtpath="$targetDirectory" > /dev/null 2>&1
+        sudo $targetDirectory/$targetFile unattended=1 targetdir="$targetDirectory/package" qtpath="$targetDirectory" > /dev/null
         sudo rm -fr "$targetDirectory/$targetFile"
         if uname -a |grep -q "Ubuntu"; then
             sudo mkdir /usr/lib/tcl8.6

coin/provisioning/common/unix/telegraf_install.sh

@@ -0,0 +1,98 @@
+#!/bin/sh
+
+#############################################################################
+##
+## Copyright (C) 2019 The Qt Company Ltd.
+## Contact: http://www.qt.io/licensing/
+##
+## This file is part of the provisioning scripts of the Qt Toolkit.
+##
+## $QT_BEGIN_LICENSE:LGPL21$
+## Commercial License Usage
+## Licensees holding valid commercial Qt licenses may use this file in
+## accordance with the commercial license agreement provided with the
+## Software or, alternatively, in accordance with the terms contained in
+## a written agreement between you and The Qt Company. For licensing terms
+## and conditions see http://www.qt.io/terms-conditions. For further
+## information use the contact form at http://www.qt.io/contact-us.
+##
+## GNU Lesser General Public License Usage
+## Alternatively, this file may be used under the terms of the GNU Lesser
+## General Public License version 2.1 or version 3 as published by the Free
+## Software Foundation and appearing in the file LICENSE.LGPLv21 and
+## LICENSE.LGPLv3 included in the packaging of this file. Please review the
+## following information to ensure the GNU Lesser General Public License
+## requirements will be met: https://www.gnu.org/licenses/lgpl.html and
+## http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
+##
+## As a special exception, The Qt Company gives you certain additional
+## rights. These rights are described in The Qt Company LGPL Exception
+## version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
+##
+## $QT_END_LICENSE$
+##
+#############################################################################
+
+
+# This script installs telegraf and ioping and our script telegraf-ioping.sh
+# to the /usr/bin directory.
+#
+# The reasons we don't install to /usr/local/bin are:
+# 1. On SLES and RHEL, the PATH of sudo (secure_path setting in /etc/sudoers)
+#    does not include /usr/local/bin.
+# 2. On macOS /usr/local/bin does not even exist early in provisioning.
+
+
+######################## BOILERPLATE ###########################
+set -e
+
+
+PROVISIONING_DIR="$(dirname "$0")/../../"
+. "$PROVISIONING_DIR"/common/unix/common.sourced.sh
+
+. "$PROVISIONING_DIR"/common/unix/DownloadURL.sh
+
+is_script_executed telegraf_install.sh  \
+    || fatal "Script telegraf_install.sh should be executed, not sourced"
+
+################################################################
+
+
+[ "$PROVISIONING_OS" = linux ]  \
+    && ioping_sha256=259abf04bcb84f4126ff97c04b6651e1cf5ea6d8a9ff364c769a26c95b6eeb44  \
+    || ioping_sha256=55de6a2f1a5343e0ce8df31d82d47a9e79c7e612edbc6dfb39b5fc6fb358b2e3
+DownloadURL "http://ci-files01-hki.intra.qt.io/input/ioping/ioping.${PROVISIONING_OS}-${PROVISIONING_ARCH}"  \
+    ''  "$ioping_sha256"  ioping
+$CMD_INSTALL -m 755 ./ioping /usr/bin/
+rm -f ioping
+
+# 2. Install custom ioping monitoring script
+$CMD_INSTALL -m 755  "$PROVISIONING_DIR"/common/shared/telegraf/telegraf-ioping.sh  /usr/bin/
+
+# 3. Download and install telegraf
+
+[ x"$PROVISIONING_OS"   = xmacos ] && os=darwin || os=linux
+[ x"$PROVISIONING_ARCH" = xx86   ] && arch=i386 || arch=amd64
+package_filename=telegraf-1.12.1_${os}_${arch}.tar.gz
+package_sha256_list="$PROVISIONING_DIR"/common/shared/telegraf/telegraf_packages.sha256.txt
+package_sha256=$(sed -n "s/.*$package_filename *//p" "$package_sha256_list")
+
+DownloadURL  \
+    http://ci-files01-hki.intra.qt.io/input/telegraf/"$package_filename"  \
+    https://dl.influxdata.com/telegraf/releases/"$package_filename"  \
+    "$package_sha256"  \
+    telegraf.tar.gz
+
+tar -xzf ./telegraf.tar.gz -C /tmp
+telegraf_binary=$(find /tmp/telegraf* -name telegraf -type f | grep /bin/ | head -1)
+$CMD_INSTALL -m 755  "$telegraf_binary"  /usr/bin/
+rm -rf /tmp/telegraf*
+
+# 4. Edit config file with passwords
+"$PROVISIONING_DIR"/common/unix/telegraf_password.sh
+
+# 5. Start telegraf in background (-b) and with retaining the environment (-E)
+#    in order to report as hostname = $COIN_UNIQUE_JOB_ID.
+/usr/bin/sudo -b -E telegraf --config /etc/telegraf-coin.conf >/dev/null 2>&1
+
+echo DONE: "Installed and started telegraf: $package_filename"

coin/provisioning/common/unix/telegraf_password.sh

@@ -0,0 +1,60 @@
+#!/bin/sh
+
+#############################################################################
+##
+## Copyright (C) 2019 The Qt Company Ltd.
+## Contact: http://www.qt.io/licensing/
+##
+## This file is part of the provisioning scripts of the Qt Toolkit.
+##
+## $QT_BEGIN_LICENSE:LGPL21$
+## Commercial License Usage
+## Licensees holding valid commercial Qt licenses may use this file in
+## accordance with the commercial license agreement provided with the
+## Software or, alternatively, in accordance with the terms contained in
+## a written agreement between you and The Qt Company. For licensing terms
+## and conditions see http://www.qt.io/terms-conditions. For further
+## information use the contact form at http://www.qt.io/contact-us.
+##
+## GNU Lesser General Public License Usage
+## Alternatively, this file may be used under the terms of the GNU Lesser
+## General Public License version 2.1 or version 3 as published by the Free
+## Software Foundation and appearing in the file LICENSE.LGPLv21 and
+## LICENSE.LGPLv3 included in the packaging of this file. Please review the
+## following information to ensure the GNU Lesser General Public License
+## requirements will be met: https://www.gnu.org/licenses/lgpl.html and
+## http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
+##
+## As a special exception, The Qt Company gives you certain additional
+## rights. These rights are described in The Qt Company LGPL Exception
+## version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
+##
+## $QT_END_LICENSE$
+##
+#############################################################################
+
+
+######################## BOILERPLATE ###########################
+set -e
+
+
+PROVISIONING_DIR="$(dirname "$0")/../../"
+. "$PROVISIONING_DIR"/common/unix/common.sourced.sh
+
+is_script_executed telegraf_password.sh  \
+    || fatal "Script telegraf_password.sh should be executed, not sourced, to avoid leaking secrets in the logs"
+# Avoid leaking secrets in the logs
+set +x
+################################################################
+
+
+# Provisioning should run even without the secrets repository
+influxdb_password=$(cut -d : -f 2  ~qt/work/influxdb/coin_vms_writer.auth)  \
+   || influxdb_password=no_password_provided
+
+rm -f ~qt/work/influxdb/coin_vms_writer.auth
+sed "s|COIN_VMS_WRITER_PASS|$influxdb_password|"  \
+    "$PROVISIONING_DIR"/common/"$PROVISIONING_OS"/telegraf-coin.conf  \
+    > .telegraf-coin.conf.final
+$CMD_INSTALL -m 600 .telegraf-coin.conf.final /etc/telegraf-coin.conf
+rm -f .telegraf-coin.conf.final