packaging 0.106.0 → 0.106.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (66) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +4 -4
  3. data/lib/packaging/archive.rb +2 -2
  4. data/lib/packaging/artifactory/extensions.rb +1 -0
  5. data/lib/packaging/artifactory.rb +27 -23
  6. data/lib/packaging/config/params.rb +191 -193
  7. data/lib/packaging/config/validations.rb +0 -2
  8. data/lib/packaging/config.rb +8 -8
  9. data/lib/packaging/deb/repo.rb +11 -14
  10. data/lib/packaging/gem.rb +2 -2
  11. data/lib/packaging/metrics.rb +7 -7
  12. data/lib/packaging/nuget.rb +0 -1
  13. data/lib/packaging/paths.rb +11 -13
  14. data/lib/packaging/platforms.rb +10 -6
  15. data/lib/packaging/repo.rb +11 -12
  16. data/lib/packaging/retrieve.rb +1 -1
  17. data/lib/packaging/rpm/repo.rb +8 -8
  18. data/lib/packaging/sign/dmg.rb +8 -7
  19. data/lib/packaging/sign/ips.rb +64 -32
  20. data/lib/packaging/sign/msi.rb +48 -48
  21. data/lib/packaging/sign/rpm.rb +1 -1
  22. data/lib/packaging/sign.rb +0 -1
  23. data/lib/packaging/tar.rb +2 -4
  24. data/lib/packaging/util/date.rb +0 -1
  25. data/lib/packaging/util/distribution_server.rb +2 -2
  26. data/lib/packaging/util/execution.rb +2 -4
  27. data/lib/packaging/util/file.rb +2 -3
  28. data/lib/packaging/util/git.rb +1 -3
  29. data/lib/packaging/util/git_tags.rb +3 -3
  30. data/lib/packaging/util/gpg.rb +3 -4
  31. data/lib/packaging/util/jenkins.rb +0 -3
  32. data/lib/packaging/util/misc.rb +1 -1
  33. data/lib/packaging/util/net.rb +25 -22
  34. data/lib/packaging/util/repo.rb +0 -1
  35. data/lib/packaging/util/serialization.rb +1 -2
  36. data/lib/packaging/util/ship.rb +3 -3
  37. data/lib/packaging/util/sign.rb +8 -8
  38. data/lib/packaging/util/tool.rb +1 -4
  39. data/lib/packaging/util/version.rb +1 -5
  40. data/lib/packaging/util.rb +1 -1
  41. data/lib/packaging.rb +1 -2
  42. data/spec/lib/packaging/platforms_spec.rb +1 -1
  43. data/spec/lib/packaging/sign_spec.rb +1 -1
  44. data/spec/lib/packaging/util/git_spec.rb +2 -2
  45. data/spec/lib/packaging/util/git_tag_spec.rb +5 -5
  46. data/tasks/30_metrics.rake +2 -2
  47. data/tasks/apple.rake +8 -14
  48. data/tasks/archive.rake +1 -2
  49. data/tasks/deb.rake +7 -8
  50. data/tasks/doc.rake +5 -3
  51. data/tasks/education.rake +2 -4
  52. data/tasks/gem.rake +20 -12
  53. data/tasks/jenkins.rake +27 -15
  54. data/tasks/jenkins_dynamic.rake +10 -10
  55. data/tasks/mock.rake +8 -9
  56. data/tasks/nightly_repos.rake +14 -14
  57. data/tasks/pe_ship.rake +10 -17
  58. data/tasks/retrieve.rake +2 -2
  59. data/tasks/rpm.rake +1 -1
  60. data/tasks/ship.rake +6 -6
  61. data/tasks/sign.rake +5 -5
  62. data/tasks/tar.rake +2 -3
  63. data/tasks/update.rake +2 -2
  64. data/tasks/vendor_gems.rake +5 -7
  65. data/tasks/version.rake +2 -2
  66. metadata +42 -42
@@ -1,57 +1,89 @@
1
1
  module Pkg::Sign::Ips
2
2
  module_function
3
3
 
4
- def sign(target_dir = 'pkg')
5
- use_identity = "-i #{Pkg::Config.ips_signing_ssh_key}" unless Pkg::Config.ips_signing_ssh_key.nil?
4
+ def sign(packages_root = 'pkg')
5
+ identity_spec = ''
6
+ unless Pkg::Config.ips_signing_ssh_key.nil?
7
+ identity_spec = "-i #{Pkg::Config.ips_signing_ssh_key}"
8
+ end
9
+
10
+ signing_server_spec = Pkg::Config.ips_signing_server
11
+ unless Pkg::Config.ips_signing_server.match(%r{.+@.+})
12
+ signing_server_spec = "#{ENV['USER']}@#{Pkg::Config.ips_signing_server}"
13
+ end
6
14
 
7
- ssh_host_string = "#{use_identity} #{ENV['USER']}@#{Pkg::Config.ips_signing_server}"
8
- rsync_host_string = "-e 'ssh #{use_identity}' #{ENV['USER']}@#{Pkg::Config.ips_signing_server}"
15
+ ssh_host_spec = "#{identity_spec} #{signing_server_spec}"
16
+ rsync_host_spec = "-e 'ssh #{identity_spec}' #{signing_server_spec}"
9
17
 
10
- p5ps = Dir.glob("#{target_dir}/solaris/11/**/*.p5p")
18
+ packages = Dir.glob("#{packages_root}/solaris/11/**/*.p5p")
11
19
 
12
- p5ps.each do |p5p|
20
+ packages.each do |package|
13
21
  work_dir = "/tmp/#{Pkg::Util.rand_string}"
14
22
  unsigned_dir = "#{work_dir}/unsigned"
15
23
  repo_dir = "#{work_dir}/repo"
16
24
  signed_dir = "#{work_dir}/pkgs"
25
+ package_name = File.basename(package)
17
26
 
18
- Pkg::Util::Net.remote_execute(ssh_host_string, "mkdir -p #{repo_dir} #{unsigned_dir} #{signed_dir}")
19
- Pkg::Util::Net.rsync_to(p5p, rsync_host_string, unsigned_dir)
27
+ Pkg::Util::Net.remote_execute(
28
+ ssh_host_spec,
29
+ "mkdir -p #{repo_dir} #{unsigned_dir} #{signed_dir}"
30
+ )
31
+ Pkg::Util::Net.rsync_to(package, rsync_host_spec, unsigned_dir)
20
32
 
21
33
  # Before we can get started with signing packages we need to create a repo
22
- Pkg::Util::Net.remote_execute(ssh_host_string, "sudo -E /usr/bin/pkgrepo create #{repo_dir}")
23
- Pkg::Util::Net.remote_execute(ssh_host_string, "sudo -E /usr/bin/pkgrepo set -s #{repo_dir} publisher/prefix=puppetlabs.com")
24
- # And import all the packages into the repo.
25
- Pkg::Util::Net.remote_execute(ssh_host_string, "sudo -E /usr/bin/pkgrecv -s #{unsigned_dir}/#{File.basename(p5p)} -d #{repo_dir} '*'")
26
- # We are going to hard code the values for signing cert locations for now.
27
- # This autmation will require an update to actually become reusable, but
28
- # for now these values will stay this way so solaris signing will stop
29
- # failing. Please update soon. 06/23/16
30
- #
31
- # - Sean P. McDonald
32
- #
34
+ Pkg::Util::Net.remote_execute(ssh_host_spec, "sudo -E /usr/bin/pkgrepo create #{repo_dir}")
35
+ Pkg::Util::Net.remote_execute(
36
+ ssh_host_spec,
37
+ "sudo -E /usr/bin/pkgrepo set -s #{repo_dir} publisher/prefix=puppetlabs.com"
38
+ )
39
+
40
+ # Import all the packages into the repo.
41
+ Pkg::Util::Net.remote_execute(
42
+ ssh_host_spec,
43
+ "sudo -E /usr/bin/pkgrecv -s #{unsigned_dir}/#{package_name} -d #{repo_dir} '*'"
44
+ )
45
+
33
46
  # We sign the entire repo
34
- sign_cmd = "sudo -E /usr/bin/pkgsign -c /root/signing/signing_cert_2020.pem \
35
- -i /root/signing/Thawte_SHA256_Code_Signing_CA.pem \
36
- -i /root/signing/Thawte_Primary_Root_CA.pem \
37
- -k /root/signing/signing_key_2020.pem \
47
+ # Paths to the .pem files should live elsewhere rather than hardcoded here.
48
+ sign_cmd = "sudo -E /usr/bin/pkgsign -c /root/signing/signing_cert_2022.pem \
49
+ -i /root/signing/DigiCert_Code_Signing_Certificate.pem \
50
+ -i /root/signing/DigiCert_Trusted_Root.pem \
51
+ -k /root/signing/signing_key_2022.pem \
38
52
  -s 'file://#{work_dir}/repo' '*'"
39
- puts "About to sign #{p5p} with #{sign_cmd} in #{work_dir}"
40
- Pkg::Util::Net.remote_execute(ssh_host_string, sign_cmd.squeeze(' '))
41
- # pkgrecv with -a will pull packages out of the repo, so we need to do that too to actually get the packages we signed
42
- Pkg::Util::Net.remote_execute(ssh_host_string, "sudo -E /usr/bin/pkgrecv -d #{signed_dir}/#{File.basename(p5p)} -a -s #{repo_dir} '*'")
53
+ puts "Signing #{package} with #{sign_cmd} in #{work_dir}"
54
+ Pkg::Util::Net.remote_execute(ssh_host_spec, sign_cmd.squeeze(' '))
55
+
56
+ # pkgrecv with -a will pull packages out of the repo, so we need
57
+ # to do that too to actually get the packages we signed
58
+ Pkg::Util::Net.remote_execute(
59
+ ssh_host_spec,
60
+ "sudo -E /usr/bin/pkgrecv -d #{signed_dir}/#{package_name} -a -s #{repo_dir} '*'"
61
+ )
43
62
  begin
44
63
  # lets make sure we actually signed something?
45
64
  # **NOTE** if we're repeatedly trying to sign the same version this
46
65
  # might explode because I don't know how to reset the IPS cache.
47
66
  # Everything is amazing.
48
- Pkg::Util::Net.remote_execute(ssh_host_string, "sudo -E /usr/bin/pkg contents -m -g #{signed_dir}/#{File.basename(p5p)} '*' | grep '^signature '")
67
+ Pkg::Util::Net.remote_execute(
68
+ ssh_host_spec,
69
+ "sudo -E /usr/bin/pkg contents -m -g #{signed_dir}/#{package_name} '*' " \
70
+ "| grep '^signature '"
71
+ )
49
72
  rescue RuntimeError
50
- raise "Looks like #{File.basename(p5p)} was not signed correctly, quitting!"
73
+ raise "Error: #{package_name} was not signed correctly."
51
74
  end
52
- # and pull the packages back.
53
- Pkg::Util::Net.rsync_from("#{signed_dir}/#{File.basename(p5p)}", rsync_host_string, File.dirname(p5p))
54
- Pkg::Util::Net.remote_execute(ssh_host_string, "if [ -e '#{work_dir}' ] ; then sudo rm -r '#{work_dir}' ; fi")
75
+
76
+ # Pull the packages back.
77
+ Pkg::Util::Net.rsync_from(
78
+ "#{signed_dir}/#{package_name}",
79
+ rsync_host_spec,
80
+ File.dirname(package)
81
+ )
82
+
83
+ Pkg::Util::Net.remote_execute(
84
+ ssh_host_spec,
85
+ "if [ -e '#{work_dir}' ] ; then sudo rm -r '#{work_dir}' ; fi"
86
+ )
55
87
  end
56
88
  end
57
89
  end
@@ -63,60 +63,60 @@ module Pkg::Sign::Msi
63
63
  #
64
64
  # Once we no longer support Windows 8/Windows Vista, we can remove the
65
65
  # first Sha1 signature.
66
- sign_command = <<-CMD
67
- for msipath in #{msis.join(" ")}; do
68
- msi="$(basename $msipath)"
69
- msidir="C:/#{work_dir}/$(dirname $msipath)"
70
- if "/cygdrive/c/tools/osslsigncode-fork/osslsigncode.exe" verify -in "$msidir/$msi" ; then
71
- echo "$msi is already signed, skipping . . ." ;
72
- else
73
- tries=5
74
- sha1Servers=(http://timestamp.digicert.com/sha1/timestamp
75
- http://timestamp.comodoca.com/authenticode)
76
- for timeserver in "${sha1Servers[@]}"; do
77
- for ((try=1; try<=$tries; try++)) do
78
- ret=$(/cygdrive/c/tools/osslsigncode-fork/osslsigncode.exe sign \
79
- -n "Puppet" -i "http://www.puppet.com" \
80
- -h sha1 \
81
- -pkcs12 "#{Pkg::Config.msi_signing_cert}" \
82
- -pass "#{Pkg::Config.msi_signing_cert_pw}" \
83
- -t "$timeserver" \
84
- -in "$msidir/$msi" \
85
- -out "$msidir/signed-$msi")
86
- if [[ $ret == *"Succeeded"* ]]; then break; fi
87
- done;
88
- if [[ $ret == *"Succeeded"* ]]; then break; fi
89
- done;
90
- echo $ret
91
- if [[ $ret != *"Succeeded"* ]]; then exit 1; fi
92
- sha256Servers=(http://timestamp.digicert.com/sha256/timestamp
93
- http://timestamp.comodoca.com?td=sha256)
94
- for timeserver in "${sha256Servers[@]}"; do
95
- for ((try=1; try<=$tries; try++)) do
96
- ret=$(/cygdrive/c/tools/osslsigncode-fork/osslsigncode.exe sign \
97
- -n "Puppet" -i "http://www.puppet.com" \
98
- -nest -h sha256 \
99
- -pkcs12 "#{Pkg::Config.msi_signing_cert}" \
100
- -pass "#{Pkg::Config.msi_signing_cert_pw}" \
101
- -ts "$timeserver" \
102
- -in "$msidir/signed-$msi" \
103
- -out "$msidir/$msi")
104
- if [[ $ret == *"Succeeded"* ]]; then break; fi
105
- done;
106
- if [[ $ret == *"Succeeded"* ]]; then break; fi
107
- done;
108
- echo $ret
109
- if [[ $ret != *"Succeeded"* ]]; then exit 1; fi
110
- fi
111
- done
112
- CMD
66
+ sign_command = <<~CMD
67
+ for msipath in #{msis.join(' ')}; do
68
+ msi="$(basename $msipath)"
69
+ msidir="C:/#{work_dir}/$(dirname $msipath)"
70
+ if "/cygdrive/c/tools/osslsigncode-fork/osslsigncode.exe" verify -in "$msidir/$msi" ; then
71
+ echo "$msi is already signed, skipping . . ." ;
72
+ else
73
+ tries=5
74
+ sha1Servers=(http://timestamp.digicert.com/sha1/timestamp
75
+ http://timestamp.comodoca.com/authenticode)
76
+ for timeserver in "${sha1Servers[@]}"; do
77
+ for ((try=1; try<=$tries; try++)) do
78
+ ret=$(/cygdrive/c/tools/osslsigncode-fork/osslsigncode.exe sign \
79
+ -n "Puppet" -i "http://www.puppet.com" \
80
+ -h sha1 \
81
+ -pkcs12 "#{Pkg::Config.msi_signing_cert}" \
82
+ -pass "#{Pkg::Config.msi_signing_cert_pw}" \
83
+ -t "$timeserver" \
84
+ -in "$msidir/$msi" \
85
+ -out "$msidir/signed-$msi")
86
+ if [[ $ret == *"Succeeded"* ]]; then break; fi
87
+ done;
88
+ if [[ $ret == *"Succeeded"* ]]; then break; fi
89
+ done;
90
+ echo $ret
91
+ if [[ $ret != *"Succeeded"* ]]; then exit 1; fi
92
+ sha256Servers=(http://timestamp.digicert.com/sha256/timestamp
93
+ http://timestamp.comodoca.com?td=sha256)
94
+ for timeserver in "${sha256Servers[@]}"; do
95
+ for ((try=1; try<=$tries; try++)) do
96
+ ret=$(/cygdrive/c/tools/osslsigncode-fork/osslsigncode.exe sign \
97
+ -n "Puppet" -i "http://www.puppet.com" \
98
+ -nest -h sha256 \
99
+ -pkcs12 "#{Pkg::Config.msi_signing_cert}" \
100
+ -pass "#{Pkg::Config.msi_signing_cert_pw}" \
101
+ -ts "$timeserver" \
102
+ -in "$msidir/signed-$msi" \
103
+ -out "$msidir/$msi")
104
+ if [[ $ret == *"Succeeded"* ]]; then break; fi
105
+ done;
106
+ if [[ $ret == *"Succeeded"* ]]; then break; fi
107
+ done;
108
+ echo $ret
109
+ if [[ $ret != *"Succeeded"* ]]; then exit 1; fi
110
+ fi
111
+ done
112
+ CMD
113
113
 
114
114
  Pkg::Util::Net.remote_execute(
115
115
  ssh_host_string,
116
116
  sign_command,
117
117
  { fail_fast: false }
118
118
  )
119
- msis.each do | msi |
119
+ msis.each do |msi|
120
120
  Pkg::Util::Net.rsync_from("/cygdrive/c/#{work_dir}/#{msi}", rsync_host_string, File.dirname(msi))
121
121
  end
122
122
  Pkg::Util::Net.remote_execute(ssh_host_string, "if [ -d '/cygdrive/c/#{work_dir}' ]; then rm -rf '/cygdrive/c/#{work_dir}'; fi")
@@ -70,7 +70,7 @@ module Pkg::Sign::Rpm
70
70
  v4_rpms = []
71
71
  rpms_to_sign.each do |rpm|
72
72
  platform_tag = Pkg::Paths.tag_from_artifact_path(rpm)
73
- platform, version, _ = Pkg::Platforms.parse_platform_tag(platform_tag)
73
+ platform, version, = Pkg::Platforms.parse_platform_tag(platform_tag)
74
74
 
75
75
  # We don't sign AIX rpms
76
76
  next if platform_tag.include?('aix')
@@ -4,5 +4,4 @@ module Pkg::Sign
4
4
  require 'packaging/sign/ips'
5
5
  require 'packaging/sign/msi'
6
6
  require 'packaging/sign/rpm'
7
- module_function
8
7
  end
data/lib/packaging/tar.rb CHANGED
@@ -5,7 +5,6 @@ module Pkg
5
5
  include FileUtils
6
6
 
7
7
  attr_accessor :files, :project, :version, :excludes, :target, :templates
8
- attr_reader :tar
9
8
 
10
9
  def initialize
11
10
  @tar = Pkg::Util::Tool.find_tool('tar', :required => true)
@@ -56,7 +55,7 @@ module Pkg
56
55
  patterns =
57
56
  case @files
58
57
  when String
59
- $stderr.puts "warning: `files` should be an array, not a string"
58
+ warn "warning: `files` should be an array, not a string"
60
59
  @files.split(' ')
61
60
  when Array
62
61
  @files
@@ -137,7 +136,7 @@ module Pkg
137
136
  def tar(target, source)
138
137
  mkpath File.dirname(target)
139
138
  cd File.dirname(source) do
140
- %x(#{@tar} #{@excludes.map { |x| (" --exclude #{x} ") }.join if @excludes} -zcf '#{File.basename(target)}' '#{File.basename(source)}')
139
+ %x(#{@tar} #{@excludes.map { |x| " --exclude #{x} " }.join if @excludes} -zcf '#{File.basename(target)}' '#{File.basename(source)}')
141
140
  unless $?.success?
142
141
  fail "Failed to create .tar.gz archive with #{@tar}. Please ensure the tar command in your path accepts the flags '-c', '-z', and '-f'"
143
142
  end
@@ -157,7 +156,6 @@ module Pkg
157
156
  self.tar(@target, workdir)
158
157
  self.clean_up workdir
159
158
  end
160
-
161
159
  end
162
160
  end
163
161
 
@@ -1,7 +1,6 @@
1
1
  # Utilities for managing/querying date/time
2
2
 
3
3
  module Pkg::Util::Date
4
-
5
4
  class << self
6
5
  def timestamp(separator = nil)
7
6
  if s = separator
@@ -31,8 +31,8 @@ module Pkg::Util::DistributionServer
31
31
 
32
32
  # If we just shipped a tagged version, we want to make it immutable
33
33
  files = Dir.glob("#{local_source_directory}/**/*")
34
- .select { |f| File.file?(f) and !f.include? "#{Pkg::Config.ref}.yaml" }
35
- .map { |f| "#{remote_target_directory}/#{f.sub(/^#{local_source_directory}\//, '')}" }
34
+ .select { |f| File.file?(f) and !f.include? "#{Pkg::Config.ref}.yaml" }
35
+ .map { |f| "#{remote_target_directory}/#{f.sub(/^#{local_source_directory}\//, '')}" }
36
36
 
37
37
  Pkg::Util::Net.remote_set_ownership(Pkg::Config.distribution_server, 'root', 'release', files)
38
38
  Pkg::Util::Net.remote_set_permissions(Pkg::Config.distribution_server, '0664', files)
@@ -1,9 +1,7 @@
1
1
  # Utility methods for handling system calls and interactions
2
2
 
3
3
  module Pkg::Util::Execution
4
-
5
4
  class << self
6
-
7
5
  # Alias to $?.success? that makes success? slightly easier to test and stub
8
6
  # If immediately run, $? will not be instanciated, so only call success? if
9
7
  # $? exists, otherwise return nil
@@ -23,7 +21,7 @@ module Pkg::Util::Execution
23
21
  # while also raising an exception if a command does not succeed (ala `sh "cmd"`).
24
22
  def ex(command, debug = false)
25
23
  puts "Executing '#{command}'..." if debug
26
- ret = `#{command}`
24
+ ret = %x(#{command})
27
25
  unless Pkg::Util::Execution.success?
28
26
  raise RuntimeError
29
27
  end
@@ -71,7 +69,7 @@ module Pkg::Util::Execution
71
69
  blk.call
72
70
  success = true
73
71
  break
74
- rescue => err
72
+ rescue StandardError => err
75
73
  puts "An error was encountered evaluating block. Retrying.."
76
74
  exception = err.to_s + "\n" + err.backtrace.join("\n")
77
75
  end
@@ -2,7 +2,6 @@
2
2
  require 'fileutils'
3
3
 
4
4
  module Pkg::Util::File
5
-
6
5
  class << self
7
6
  def exist?(file)
8
7
  ::File.exist?(file)
@@ -15,7 +14,7 @@ module Pkg::Util::File
15
14
 
16
15
  def mktemp
17
16
  mktemp = Pkg::Util::Tool.find_tool('mktemp', :required => true)
18
- stdout, _, _ = Pkg::Util::Execution.capture3("#{mktemp} -d -t pkgXXXXXX")
17
+ stdout, = Pkg::Util::Execution.capture3("#{mktemp} -d -t pkgXXXXXX")
19
18
  stdout.strip
20
19
  end
21
20
 
@@ -79,7 +78,7 @@ module Pkg::Util::File
79
78
  target_opts = "-C #{target}"
80
79
  end
81
80
  if file_exists?(source, :required => true)
82
- stdout, _, _ = Pkg::Util::Execution.capture3(%Q(#{tar} #{options} #{target_opts} -xf #{source}))
81
+ stdout, = Pkg::Util::Execution.capture3(%(#{tar} #{options} #{target_opts} -xf #{source}))
83
82
  stdout
84
83
  end
85
84
  end
@@ -22,7 +22,6 @@ module Pkg::Util::Git
22
22
  end
23
23
 
24
24
  # Git utility to create a new git bundle
25
- # rubocop:disable Metrics/AbcSize
26
25
  def bundle(treeish, appendix = Pkg::Util.rand_string, temp = Pkg::Util::File.mktemp)
27
26
  fail_unless_repo
28
27
  Pkg::Util::Execution.capture3("#{Pkg::Util::Tool::GIT} bundle create #{temp}/#{Pkg::Config.project}-#{Pkg::Config.version}-#{appendix} #{treeish} --tags")
@@ -113,13 +112,12 @@ module Pkg::Util::Git
113
112
  end
114
113
  end
115
114
 
116
- # rubocop:disable Style/GuardClause
117
115
  def fail_unless_repo
118
116
  unless repo?
119
117
  raise "Pkg::Config.project_root (#{Pkg::Config.project_root}) is not \
120
118
  a valid git repository"
121
119
  end
122
- end
120
+ end
123
121
 
124
122
  # Return the basename of the project repo
125
123
  def project_name
@@ -1,6 +1,6 @@
1
1
  module Pkg::Util
2
2
  class Git_tag
3
- attr_reader :address, :ref, :ref_name, :ref_type, :branch_name
3
+ attr_reader :address, :ref, :ref_name, :ref_type
4
4
 
5
5
  GIT = Pkg::Util::Tool::GIT
6
6
  DEVNULL = Pkg::Util::OS::DEVNULL
@@ -43,7 +43,7 @@ module Pkg::Util
43
43
  # Fetch the full ref using ls-remote, this should raise an error if it returns non-zero
44
44
  # because that means this ref doesn't exist in the repo
45
45
  def fetch_full_ref
46
- stdout, _, _ = Pkg::Util::Execution.capture3("#{GIT} ls-remote --tags --heads --exit-code #{address} #{ref}")
46
+ stdout, = Pkg::Util::Execution.capture3("#{GIT} ls-remote --tags --heads --exit-code #{address} #{ref}")
47
47
  stdout.split.last
48
48
  rescue RuntimeError => e
49
49
  raise "ERROR : Not a ref or sha!\n#{e}"
@@ -54,7 +54,7 @@ module Pkg::Util
54
54
  end
55
55
 
56
56
  def ref?
57
- `#{GIT} check-ref-format #{ref} >#{DEVNULL} 2>&1`
57
+ %x(#{GIT} check-ref-format #{ref} >#{DEVNULL} 2>&1)
58
58
  $?.success?
59
59
  end
60
60
 
@@ -1,6 +1,5 @@
1
1
  module Pkg::Util::Gpg
2
2
  class << self
3
-
4
3
  # Please note that this method is not used in determining what key is used
5
4
  # to sign the debian repos. That is defined in the freight config that
6
5
  # lives on our internal repo staging host. The debian conf/distribution
@@ -31,14 +30,14 @@ module Pkg::Util::Gpg
31
30
 
32
31
  def kill_keychain
33
32
  if keychain
34
- stdout, _, _ = Pkg::Util::Execution.capture3("#{keychain} -k mine")
33
+ stdout, = Pkg::Util::Execution.capture3("#{keychain} -k mine")
35
34
  stdout
36
35
  end
37
36
  end
38
37
 
39
38
  def start_keychain
40
39
  if keychain
41
- keychain_output, _, _ = Pkg::Util::Execution.capture3("#{keychain} -q --agents gpg --eval #{key}")
40
+ keychain_output, = Pkg::Util::Execution.capture3("#{keychain} -q --agents gpg --eval #{key}")
42
41
  keychain_output.chomp!
43
42
  new_env = keychain_output.match(/GPG_AGENT_INFO=([^;]*)/)
44
43
  ENV["GPG_AGENT_INFO"] = new_env[1]
@@ -56,7 +55,7 @@ module Pkg::Util::Gpg
56
55
  return true
57
56
  end
58
57
  use_tty = "--no-tty --use-agent" if ENV['RPM_GPG_AGENT']
59
- stdout, _, _ = Pkg::Util::Execution.capture3("#{gpg} #{use_tty} --armor --detach-sign -u #{key} #{file}")
58
+ stdout, = Pkg::Util::Execution.capture3("#{gpg} #{use_tty} --armor --detach-sign -u #{key} #{file}")
60
59
  stdout
61
60
  else
62
61
  fail "No gpg available. Cannot sign #{file}."
@@ -3,9 +3,7 @@ require 'net/http'
3
3
  require 'json'
4
4
 
5
5
  module Pkg::Util::Jenkins
6
-
7
6
  class << self
8
-
9
7
  # Use the curl to create a jenkins job from a valid XML
10
8
  # configuration file.
11
9
  # Returns the URL to the job
@@ -90,6 +88,5 @@ module Pkg::Util::Jenkins
90
88
 
91
89
  wait_for_build job_hash['lastBuild']['url']
92
90
  end
93
-
94
91
  end
95
92
  end
@@ -57,7 +57,7 @@ module Pkg::Util::Misc
57
57
  def check_rubygems_ownership(gem_name)
58
58
  require 'yaml'
59
59
  credentials = YAML.load_file("#{ENV['HOME']}/.gem/credentials")
60
- gems = YAML.load(%x(curl -H 'Authorization:#{credentials[:rubygems_api_key]}' https://rubygems.org/api/v1/gems.yaml))
60
+ gems = YAML.safe_load(%x(curl -H 'Authorization:#{credentials[:rubygems_api_key]}' https://rubygems.org/api/v1/gems.yaml))
61
61
  gems.each do |gem|
62
62
  if gem['name'] == gem_name
63
63
  return true
@@ -1,15 +1,13 @@
1
1
  # Utility methods for handling network calls and interactions
2
2
 
3
3
  module Pkg::Util::Net
4
-
5
4
  class << self
6
-
7
5
  # This simple method does an HTTP get of a URI and writes it to a file
8
6
  # in a slightly more platform agnostic way than curl/wget
9
7
  def fetch_uri(uri, target)
10
8
  require 'open-uri'
11
9
  if Pkg::Util::File.file_writable?(File.dirname(target))
12
- File.open(target, 'w') { |f| f.puts(open(uri).read) }
10
+ File.open(target, 'w') { |f| f.puts(URI.open(uri).read) }
13
11
  end
14
12
  end
15
13
 
@@ -37,7 +35,7 @@ module Pkg::Util::Net
37
35
  Array(hosts).flatten.each do |host|
38
36
  begin
39
37
  remote_execute(host, 'exit', { extra_options: '-oBatchMode=yes' })
40
- rescue
38
+ rescue StandardError
41
39
  errs << host
42
40
  end
43
41
  end
@@ -56,7 +54,7 @@ module Pkg::Util::Net
56
54
  begin
57
55
  remote_execute(host, "gpg --list-secret-keys #{gpg} > /dev/null 2&>1",
58
56
  { extra_options: '-oBatchMode=yes' })
59
- rescue
57
+ rescue StandardError
60
58
  errs << host
61
59
  end
62
60
  end
@@ -112,13 +110,14 @@ module Pkg::Util::Net
112
110
  ###
113
111
  ### Deprecated method implemented as a shim to the new `remote_execute` method
114
112
  ###
115
- def remote_ssh_cmd(target, command, capture_output = false, extra_options = '', fail_fast = true, trace = false) # rubocop:disable Style/ParameterLists
113
+ def remote_ssh_cmd(target, command, capture_output = false, extra_options = '', fail_fast = true, trace = false) # rubocop:disable Metrics/ParameterLists
116
114
  puts "Warn: \"remote_ssh_cmd\" call in packaging is deprecated. Use \"remote_execute\" instead."
117
115
  remote_execute(target, command, {
118
116
  capture_output: capture_output,
119
117
  extra_options: extra_options,
120
118
  fail_fast: fail_fast,
121
- trace: trace })
119
+ trace: trace
120
+ })
122
121
  end
123
122
 
124
123
  # Construct a valid rsync command
@@ -149,7 +148,8 @@ module Pkg::Util::Net
149
148
  target_path: nil,
150
149
  target_host: nil,
151
150
  extra_flags: nil,
152
- dryrun: false }.merge(opts)
151
+ dryrun: false
152
+ }.merge(opts)
153
153
  origin = Pathname.new(origin_path)
154
154
  target = options[:target_path] || origin.parent
155
155
 
@@ -187,9 +187,10 @@ module Pkg::Util::Net
187
187
  target_path: nil,
188
188
  target_host: nil,
189
189
  extra_flags: nil,
190
- dryrun: ENV['DRYRUN'] }.merge(opts.delete_if { |_, value| value.nil? })
190
+ dryrun: ENV['DRYRUN']
191
+ }.merge(opts.delete_if { |_, value| value.nil? })
191
192
 
192
- stdout, _, _ = Pkg::Util::Execution.capture3(rsync_cmd(source, options), true)
193
+ stdout, = Pkg::Util::Execution.capture3(rsync_cmd(source, options), true)
193
194
  stdout
194
195
  end
195
196
 
@@ -223,7 +224,7 @@ module Pkg::Util::Net
223
224
  s3cmd = Pkg::Util::Tool.check_tool('s3cmd')
224
225
 
225
226
  if Pkg::Util::File.file_exists?(File.join(ENV['HOME'], '.s3cfg'))
226
- stdout, _, _ = Pkg::Util::Execution.capture3("#{s3cmd} sync #{flags.join(' ')} '#{source}' s3://#{target_bucket}/#{target_directory}/")
227
+ stdout, = Pkg::Util::Execution.capture3("#{s3cmd} sync #{flags.join(' ')} '#{source}' s3://#{target_bucket}/#{target_directory}/")
227
228
  stdout
228
229
  else
229
230
  fail "#{File.join(ENV['HOME'], '.s3cfg')} does not exist. It is required to ship files using s3cmd."
@@ -279,7 +280,7 @@ module Pkg::Util::Net
279
280
  '--write-out "%{http_code}"',
280
281
  '--output /dev/null'
281
282
  ]
282
- stdout, _ = Pkg::Util::Net.curl_form_data(uri, data)
283
+ stdout, = Pkg::Util::Net.curl_form_data(uri, data)
283
284
  stdout
284
285
  end
285
286
 
@@ -292,18 +293,18 @@ module Pkg::Util::Net
292
293
  end
293
294
 
294
295
  def remote_set_ownership(host, owner, group, files)
295
- remote_cmd = "for file in #{files.join(" ")}; do if [[ -d $file ]] || ! `lsattr $file | grep -q '\\-i\\-'`; then sudo chown #{owner}:#{group} $file; else echo \"$file is immutable\"; fi; done"
296
+ remote_cmd = "for file in #{files.join(' ')}; do if [[ -d $file ]] || ! `lsattr $file | grep -q '\\-i\\-'`; then sudo chown #{owner}:#{group} $file; else echo \"$file is immutable\"; fi; done"
296
297
  Pkg::Util::Net.remote_execute(host, remote_cmd)
297
298
  end
298
299
 
299
300
  def remote_set_permissions(host, permissions, files)
300
- remote_cmd = "for file in #{files.join(" ")}; do if [[ -d $file ]] || ! `lsattr $file | grep -q '\\-i\\-'`; then sudo chmod #{permissions} $file; else echo \"$file is immutable\"; fi; done"
301
+ remote_cmd = "for file in #{files.join(' ')}; do if [[ -d $file ]] || ! `lsattr $file | grep -q '\\-i\\-'`; then sudo chmod #{permissions} $file; else echo \"$file is immutable\"; fi; done"
301
302
  Pkg::Util::Net.remote_execute(host, remote_cmd)
302
303
  end
303
304
 
304
305
  # Remotely set the immutable bit on a list of files
305
306
  def remote_set_immutable(host, files)
306
- Pkg::Util::Net.remote_execute(host, "sudo chattr +i #{files.join(" ")}")
307
+ Pkg::Util::Net.remote_execute(host, "sudo chattr +i #{files.join(' ')}")
307
308
  end
308
309
 
309
310
  # Create a symlink indicating the latest version of a package
@@ -350,8 +351,9 @@ module Pkg::Util::Net
350
351
  CMD
351
352
 
352
353
  _, err = Pkg::Util::Net.remote_execute(
353
- Pkg::Config.staging_server, cmd, { capture_output: true })
354
- $stderr.puts err
354
+ Pkg::Config.staging_server, cmd, { capture_output: true }
355
+ )
356
+ warn err
355
357
  end
356
358
 
357
359
  def escape_html(uri)
@@ -383,17 +385,18 @@ module Pkg::Util::Net
383
385
  Pkg::Util::Net.rsync_to(tarball, host, '/tmp')
384
386
  appendix = Pkg::Util.rand_string
385
387
  git_bundle_directory = File.join('/tmp', "#{Pkg::Config.project}-#{appendix}")
386
- command = <<-DOC
387
- #{tar} -zxvf /tmp/#{tarball_name}.tar.gz -C /tmp/ ;
388
- git clone --recursive /tmp/#{tarball_name} #{git_bundle_directory} ;
389
- DOC
388
+ command = <<~DOC
389
+ #{tar} -zxvf /tmp/#{tarball_name}.tar.gz -C /tmp/ ;
390
+ git clone --recursive /tmp/#{tarball_name} #{git_bundle_directory} ;
391
+ DOC
390
392
  Pkg::Util::Net.remote_execute(host, command)
391
393
  return git_bundle_directory
392
394
  end
393
395
 
394
396
  def remote_bundle_install_command
395
397
  export_packaging_location = "export PACKAGING_LOCATION='#{ENV['PACKAGING_LOCATION']}';" if ENV['PACKAGING_LOCATION'] && !ENV['PACKAGING_LOCATION'].empty?
396
- "source /usr/local/rvm/scripts/rvm; rvm use ruby-2.5.1; #{export_packaging_location} bundle install --path .bundle/gems ;"
398
+ export_vanagon_location = "export VANAGON_LOCATION='#{ENV['VANAGON_LOCATION']}';" if ENV['VANAGON_LOCATION'] && !ENV['VANAGON_LOCATION'].empty?
399
+ "source /usr/local/rvm/scripts/rvm; rvm use ruby-2.5.1; #{export_packaging_location} #{export_vanagon_location} bundle install --path .bundle/gems ;"
397
400
  end
398
401
 
399
402
  # Given a BuildInstance object and a host, send its params to the host. Return
@@ -2,7 +2,6 @@
2
2
 
3
3
  module Pkg::Util::Repo
4
4
  class << self
5
-
6
5
  # Create yum repositories of built RPM packages for this SHA on the distribution server
7
6
  def rpm_repos
8
7
  Pkg::Util::File.fetch
@@ -2,14 +2,13 @@
2
2
 
3
3
  module Pkg::Util::Serialization
4
4
  class << self
5
-
6
5
  # Given the path to a yaml file, load the yaml file into an object and return the object.
7
6
  def load_yaml(file)
8
7
  require 'yaml'
9
8
  file = File.expand_path(file)
10
9
  begin
11
10
  input_data = YAML.load_file(file) || {}
12
- rescue => e
11
+ rescue StandardError => e
13
12
  fail "There was an error loading data from #{file}.\n#{e}"
14
13
  end
15
14
  input_data