packaging 0.106.2 → 0.107.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/packaging/platforms.rb +16 -0
- data/lib/packaging/sign/rpm.rb +30 -2
- data/lib/packaging/util/net.rb +1 -1
- data/spec/lib/packaging/paths_spec.rb +6 -0
- data/spec/lib/packaging/platforms_spec.rb +6 -2
- data/tasks/jenkins.rake +8 -0
- data/tasks/ship.rake +42 -22
- metadata +17 -17
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 26256ba67865f30df015a2bb0e52865c2cbc0962f2048ed468f717a115a273c8
|
|
4
|
+
data.tar.gz: fb1552330cbfb4e3d7bbfd0bbcfb246513d4a5b78a6e34839b90b265a90b0a7b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 521387bdf33b936af8242142f115e50c14343cf842e1d28005c39cc691f1449e241b3344758e40a4f1bdc1dbe161f726e9b0f0c02f50e36c0e8e0e1dffcdef71
|
|
7
|
+
data.tar.gz: 186692c9b584fbd87c989376dce126bd6f4f549756cf90b3cf1e78a171eea9c4c7ddc4cf95fa0c76bb8e54a2ab182e293f238fdd3df84a1fdfa3a375d94a39bc
|
data/lib/packaging/platforms.rb
CHANGED
|
@@ -99,6 +99,14 @@ module Pkg
|
|
|
99
99
|
signature_format: 'v4',
|
|
100
100
|
repo: true,
|
|
101
101
|
},
|
|
102
|
+
'36' => {
|
|
103
|
+
architectures: ['x86_64'],
|
|
104
|
+
source_architecture: 'SRPMS',
|
|
105
|
+
package_format: 'rpm',
|
|
106
|
+
source_package_formats: ['src.rpm'],
|
|
107
|
+
signature_format: 'v4',
|
|
108
|
+
repo: true,
|
|
109
|
+
},
|
|
102
110
|
},
|
|
103
111
|
|
|
104
112
|
'osx' => {
|
|
@@ -211,6 +219,14 @@ module Pkg
|
|
|
211
219
|
source_package_formats: DEBIAN_SOURCE_FORMATS,
|
|
212
220
|
repo: true,
|
|
213
221
|
},
|
|
222
|
+
'22.04' => {
|
|
223
|
+
codename: 'jammy',
|
|
224
|
+
architectures: ['amd64', 'aarch64'],
|
|
225
|
+
source_architecture: 'source',
|
|
226
|
+
package_format: 'deb',
|
|
227
|
+
source_package_formats: DEBIAN_SOURCE_FORMATS,
|
|
228
|
+
repo: true,
|
|
229
|
+
},
|
|
214
230
|
},
|
|
215
231
|
|
|
216
232
|
'windows' => {
|
data/lib/packaging/sign/rpm.rb
CHANGED
|
@@ -5,7 +5,7 @@ module Pkg::Sign::Rpm
|
|
|
5
5
|
# To enable support for wrappers around rpm and thus support for gpg-agent
|
|
6
6
|
# rpm signing, we have to be able to tell the packaging repo what binary to
|
|
7
7
|
# use as the rpm signing tool.
|
|
8
|
-
|
|
8
|
+
rpm_executable = ENV['RPM'] || Pkg::Util::Tool.find_tool('rpm')
|
|
9
9
|
|
|
10
10
|
# If we're using the gpg agent for rpm signing, we don't want to specify the
|
|
11
11
|
# input for the passphrase, which is what '--passphrase-fd 3' does. However,
|
|
@@ -20,12 +20,34 @@ module Pkg::Sign::Rpm
|
|
|
20
20
|
input_flag = "--passphrase-fd 3"
|
|
21
21
|
end
|
|
22
22
|
|
|
23
|
+
# If gpg version is >=2.1, use the gpg1 binary to sign. Otherwise, use the standard sign command.
|
|
24
|
+
gpg_executable = if gpg_version_greater_than_21?
|
|
25
|
+
"%__gpg /usr/bin/gpg1' --define '%__gpg_sign_cmd %{__gpg} gpg1"
|
|
26
|
+
else
|
|
27
|
+
'%__gpg_sign_cmd %{__gpg} gpg'
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
# rubocop:disable Lint/NestedPercentLiteral
|
|
31
|
+
gpg_signing_macro = %W[
|
|
32
|
+
#{gpg_executable} #{sign_flags} #{input_flag}
|
|
33
|
+
--batch --no-verbose --no-armor
|
|
34
|
+
--no-secmem-warning -u %{_gpg_name}
|
|
35
|
+
-sbo %{__signature_filename} %{__plaintext_filename}
|
|
36
|
+
].join(' ')
|
|
37
|
+
# rubocop:enable Lint/NestedPercentLiteral
|
|
38
|
+
|
|
39
|
+
sign_command = %W[
|
|
40
|
+
#{rpm_executable} #{gpg_check_command}
|
|
41
|
+
--define '%_gpg_name #{Pkg::Util::Gpg.key}'
|
|
42
|
+
--define '#{gpg_signing_macro}' --addsign #{rpm}
|
|
43
|
+
].join(' ')
|
|
44
|
+
|
|
23
45
|
# Try this up to 5 times, to allow for incorrect passwords
|
|
24
46
|
Pkg::Util::Execution.retry_on_fail(:times => 5) do
|
|
25
47
|
# This definition of %__gpg_sign_cmd is the default on modern rpm. We
|
|
26
48
|
# accept extra flags to override certain signing behavior for older
|
|
27
49
|
# versions of rpm, e.g. specifying V3 signatures instead of V4.
|
|
28
|
-
Pkg::Util::Execution.capture3(
|
|
50
|
+
Pkg::Util::Execution.capture3(sign_command)
|
|
29
51
|
end
|
|
30
52
|
end
|
|
31
53
|
|
|
@@ -112,4 +134,10 @@ module Pkg::Sign::Rpm
|
|
|
112
134
|
end
|
|
113
135
|
end
|
|
114
136
|
end
|
|
137
|
+
|
|
138
|
+
def gpg_version_greater_than_21?
|
|
139
|
+
gpg_version_output = %x(gpg --version)
|
|
140
|
+
gpg_version = gpg_version_output.split(' ')[2]
|
|
141
|
+
Gem::Version.new(gpg_version) >= Gem::Version.new('2.1.0')
|
|
142
|
+
end
|
|
115
143
|
end
|
data/lib/packaging/util/net.rb
CHANGED
|
@@ -394,7 +394,7 @@ module Pkg::Util::Net
|
|
|
394
394
|
end
|
|
395
395
|
|
|
396
396
|
def remote_bundle_install_command
|
|
397
|
-
rvm_ruby_version = ENV['RVM_RUBY_VERSION'] || '2.5
|
|
397
|
+
rvm_ruby_version = ENV['RVM_RUBY_VERSION'] || '2.7.5'
|
|
398
398
|
export_packaging_location = "export PACKAGING_LOCATION='#{ENV['PACKAGING_LOCATION']}';" if ENV['PACKAGING_LOCATION'] && !ENV['PACKAGING_LOCATION'].empty?
|
|
399
399
|
export_vanagon_location = "export VANAGON_LOCATION='#{ENV['VANAGON_LOCATION']}';" if ENV['VANAGON_LOCATION'] && !ENV['VANAGON_LOCATION'].empty?
|
|
400
400
|
"source /usr/local/rvm/scripts/rvm; rvm use ruby-#{rvm_ruby_version}; #{export_packaging_location} #{export_vanagon_location} bundle install --path .bundle/gems ;"
|
|
@@ -147,6 +147,10 @@ describe 'Pkg::Paths' do
|
|
|
147
147
|
expect(Pkg::Paths.artifacts_path('ubuntu-20.04-amd64'))
|
|
148
148
|
.to eq('artifacts/FUTURE-puppet7/focal')
|
|
149
149
|
end
|
|
150
|
+
it 'should be correct for jammy' do
|
|
151
|
+
expect(Pkg::Paths.artifacts_path('ubuntu-22.04-amd64'))
|
|
152
|
+
.to eq('artifacts/FUTURE-puppet7/jammy')
|
|
153
|
+
end
|
|
150
154
|
end
|
|
151
155
|
end
|
|
152
156
|
|
|
@@ -328,6 +332,8 @@ describe 'Pkg::Paths' do
|
|
|
328
332
|
.to eq('/opt/repository/apt/FUTURE-puppet7/pool/bionic/p/puppet-agent')
|
|
329
333
|
expect(Pkg::Paths.apt_package_base_path('ubuntu-20.04-amd64', 'FUTURE-puppet7', 'puppet-agent'))
|
|
330
334
|
.to eq('/opt/repository/apt/FUTURE-puppet7/pool/focal/p/puppet-agent')
|
|
335
|
+
expect(Pkg::Paths.apt_package_base_path('ubuntu-22.04-amd64', 'FUTURE-puppet7', 'puppet-agent'))
|
|
336
|
+
.to eq('/opt/repository/apt/FUTURE-puppet7/pool/jammy/p/puppet-agent')
|
|
331
337
|
end
|
|
332
338
|
it 'returns the appropriate nonfinal repo path' do
|
|
333
339
|
allow(Pkg::Paths).to receive(:remote_repo_base).and_return('/opt/repository-nightlies/apt')
|
|
@@ -36,7 +36,7 @@ describe 'Pkg::Platforms' do
|
|
|
36
36
|
|
|
37
37
|
describe '#codenames' do
|
|
38
38
|
it 'should return all codenames for a given platform' do
|
|
39
|
-
codenames = ['focal', 'bionic', 'bullseye', 'buster', 'stretch', 'trusty', 'xenial']
|
|
39
|
+
codenames = ['focal', 'bionic', 'bullseye', 'buster', 'stretch', 'trusty', 'xenial', 'jammy']
|
|
40
40
|
expect(Pkg::Platforms.codenames).to match_array(codenames)
|
|
41
41
|
end
|
|
42
42
|
end
|
|
@@ -46,6 +46,10 @@ describe 'Pkg::Platforms' do
|
|
|
46
46
|
expect(Pkg::Platforms.codename_to_platform_version('xenial')).to eq(['ubuntu', '16.04'])
|
|
47
47
|
end
|
|
48
48
|
|
|
49
|
+
it 'should return the platform and version corresponding to a given codename' do
|
|
50
|
+
expect(Pkg::Platforms.codename_to_platform_version('jammy')).to eq(['ubuntu', '22.04'])
|
|
51
|
+
end
|
|
52
|
+
|
|
49
53
|
it 'should fail if given nil as a codename' do
|
|
50
54
|
expect{Pkg::Platforms.codename_to_platform_version(nil)}.to raise_error
|
|
51
55
|
end
|
|
@@ -53,7 +57,7 @@ describe 'Pkg::Platforms' do
|
|
|
53
57
|
|
|
54
58
|
describe '#codename_for_platform_version' do
|
|
55
59
|
it 'should return the codename corresponding to a given platform and version' do
|
|
56
|
-
expect(Pkg::Platforms.codename_for_platform_version('ubuntu', '
|
|
60
|
+
expect(Pkg::Platforms.codename_for_platform_version('ubuntu', '22.04')).to eq('jammy')
|
|
57
61
|
end
|
|
58
62
|
end
|
|
59
63
|
|
data/tasks/jenkins.rake
CHANGED
|
@@ -314,6 +314,14 @@ namespace :pl do
|
|
|
314
314
|
Rake::Task['pl:remote:update_foss_repos'].invoke
|
|
315
315
|
Rake::Task['pl:remote:deploy_final_builds_to_s3'].invoke
|
|
316
316
|
Rake::Task['pl:remote:deploy_to_rsync_server'].invoke
|
|
317
|
+
|
|
318
|
+
# This serves as a cheap feature toggle to avoid things not ready to
|
|
319
|
+
# use it. It should be removed in future versions.
|
|
320
|
+
if ENV['STABLE_SHIP_TO_GCP']
|
|
321
|
+
## apt.repos.puppet.com
|
|
322
|
+
Rake::Task['pl:stage_stable_debs'].invoke
|
|
323
|
+
Rake::Task['pl:remote:sync_apt_repo_to_gcp'].invoke
|
|
324
|
+
end
|
|
317
325
|
end
|
|
318
326
|
|
|
319
327
|
task :stage_release_packages => "pl:fetch" do
|
data/tasks/ship.rake
CHANGED
|
@@ -243,62 +243,82 @@ namespace :pl do
|
|
|
243
243
|
S3_REPO_SYNC = 'sudo /usr/local/bin/s3_repo_sync.sh'
|
|
244
244
|
GCP_REPO_SYNC = '/usr/local/bin/gcp_repo_sync'
|
|
245
245
|
|
|
246
|
-
desc "Sync signed apt repos from #{Pkg::Config.apt_signing_server} to
|
|
246
|
+
desc "Sync signed apt repos from #{Pkg::Config.apt_signing_server} to S3 and GCP"
|
|
247
247
|
task :deploy_apt_repo_to_s3 => 'pl:fetch' do
|
|
248
|
-
|
|
249
|
-
|
|
248
|
+
s3_sync_command = "#{S3_REPO_SYNC} apt.puppetlabs.com"
|
|
249
|
+
gcp_sync_command = "#{GCP_REPO_SYNC} apt.puppetlabs.com"
|
|
250
|
+
|
|
251
|
+
puts "Sync apt repos from #{Pkg::Config.apt_signing_server} to S3 and GCP? [y,n]"
|
|
250
252
|
next unless Pkg::Util.ask_yes_or_no
|
|
251
253
|
|
|
252
254
|
Pkg::Util::Execution.retry_on_fail(times: 3) do
|
|
253
|
-
Pkg::Util::Net.remote_execute(Pkg::Config.apt_signing_server,
|
|
255
|
+
Pkg::Util::Net.remote_execute(Pkg::Config.apt_signing_server, s3_sync_command)
|
|
256
|
+
end
|
|
257
|
+
|
|
258
|
+
Pkg::Util::Execution.retry_on_fail(times: 3) do
|
|
259
|
+
Pkg::Util::Net.remote_execute(Pkg::Config.apt_signing_server, gcp_sync_command)
|
|
254
260
|
end
|
|
255
261
|
end
|
|
256
262
|
|
|
257
|
-
desc "Sync signed yum repos from #{Pkg::Config.yum_staging_server} to
|
|
263
|
+
desc "Sync signed yum repos from #{Pkg::Config.yum_staging_server} to S3 and GCP"
|
|
258
264
|
task :deploy_yum_repo_to_s3 => 'pl:fetch' do
|
|
259
|
-
|
|
260
|
-
|
|
265
|
+
s3_sync_command = "#{S3_REPO_SYNC} yum.puppetlabs.com"
|
|
266
|
+
gcp_sync_command = "#{GCP_REPO_SYNC} yum.puppetlabs.com"
|
|
267
|
+
puts "Sync yum repos from #{Pkg::Config.yum_staging_server} to S3 and GCP? [y,n]"
|
|
261
268
|
next unless Pkg::Util.ask_yes_or_no
|
|
262
269
|
Pkg::Util::Execution.retry_on_fail(times: 3) do
|
|
263
|
-
Pkg::Util::Net.remote_execute(Pkg::Config.yum_staging_server,
|
|
270
|
+
Pkg::Util::Net.remote_execute(Pkg::Config.yum_staging_server, s3_sync_command)
|
|
271
|
+
end
|
|
272
|
+
|
|
273
|
+
Pkg::Util::Execution.retry_on_fail(times: 3) do
|
|
274
|
+
Pkg::Util::Net.remote_execute(Pkg::Config.yum_staging_server, gcp_sync_command)
|
|
264
275
|
end
|
|
265
276
|
end
|
|
266
277
|
|
|
267
|
-
desc "Sync downloads.puppetlabs.com from #{Pkg::Config.staging_server} to
|
|
278
|
+
desc "Sync downloads.puppetlabs.com from #{Pkg::Config.staging_server} to S3 and GCP"
|
|
268
279
|
task :deploy_downloads_to_s3 => 'pl:fetch' do
|
|
269
|
-
|
|
270
|
-
|
|
280
|
+
s3_sync_command = "#{S3_REPO_SYNC} downloads.puppetlabs.com"
|
|
281
|
+
gcp_sync_command = "#{GCP_REPO_SYNC} downloads.puppetlabs.com"
|
|
282
|
+
puts "Sync downloads.puppetlabs.com from #{Pkg::Config.staging_server} to S3 and GCP? [y,n]"
|
|
271
283
|
next unless Pkg::Util.ask_yes_or_no
|
|
272
284
|
Pkg::Util::Execution.retry_on_fail(times: 3) do
|
|
273
|
-
Pkg::Util::Net.remote_execute(Pkg::Config.staging_server,
|
|
285
|
+
Pkg::Util::Net.remote_execute(Pkg::Config.staging_server, s3_sync_command)
|
|
286
|
+
end
|
|
287
|
+
|
|
288
|
+
Pkg::Util::Execution.retry_on_fail(times: 3) do
|
|
289
|
+
Pkg::Util::Net.remote_execute(Pkg::Config.staging_server, gcp_sync_command)
|
|
274
290
|
end
|
|
275
291
|
end
|
|
276
292
|
|
|
277
|
-
desc "Sync nightlies.puppet.com from #{Pkg::Config.staging_server} to
|
|
293
|
+
desc "Sync nightlies.puppet.com from #{Pkg::Config.staging_server} to S3 and GCP"
|
|
278
294
|
task :deploy_nightlies_to_s3 => 'pl:fetch' do
|
|
279
|
-
|
|
280
|
-
|
|
295
|
+
s3_sync_command = "#{S3_REPO_SYNC} nightlies.puppet.com"
|
|
296
|
+
gcp_sync_command = "#{S3_REPO_SYNC} nightlies.puppet.com"
|
|
297
|
+
puts "Syncing nightly builds from #{Pkg::Config.staging_server} to S3 and GCP"
|
|
298
|
+
Pkg::Util::Execution.retry_on_fail(times: 3) do
|
|
299
|
+
Pkg::Util::Net.remote_execute(Pkg::Config.staging_server, s3_sync_command)
|
|
300
|
+
end
|
|
301
|
+
|
|
281
302
|
Pkg::Util::Execution.retry_on_fail(times: 3) do
|
|
282
|
-
Pkg::Util::Net.remote_execute(Pkg::Config.staging_server,
|
|
303
|
+
Pkg::Util::Net.remote_execute(Pkg::Config.staging_server, gcp_sync_command)
|
|
283
304
|
end
|
|
284
305
|
end
|
|
285
306
|
|
|
286
307
|
desc "Sync signed apt repos from #{Pkg::Config.apt_signing_server} to Google Cloud Platform"
|
|
287
308
|
task :sync_apt_repo_to_gcp => 'pl:fetch' do
|
|
288
|
-
|
|
289
|
-
|
|
290
|
-
|
|
291
|
-
sync_command_puppet_7 = "#{GCP_REPO_SYNC} apt.repos.puppet.com puppet7"
|
|
309
|
+
target_site = 'apt.repos.puppet.com'
|
|
310
|
+
sync_command_puppet_6 = "#{GCP_REPO_SYNC} #{target_site} puppet6"
|
|
311
|
+
sync_command_puppet_7 = "#{GCP_REPO_SYNC} #{target_site} puppet7"
|
|
292
312
|
print "Sync apt repos from #{Pkg::Config.apt_signing_server} to #{target_site}? [y,n] "
|
|
293
313
|
next unless Pkg::Util.ask_yes_or_no
|
|
294
314
|
puts
|
|
295
315
|
|
|
296
316
|
Pkg::Util::Execution.retry_on_fail(times: 3) do
|
|
297
|
-
|
|
317
|
+
Pkg::Util::Net.remote_execute(Pkg::Config.apt_signing_server, sync_command_puppet_6)
|
|
298
318
|
end
|
|
299
319
|
|
|
300
320
|
Pkg::Util::Execution.retry_on_fail(times: 3) do
|
|
301
|
-
|
|
321
|
+
Pkg::Util::Net.remote_execute(Pkg::Config.apt_signing_server, sync_command_puppet_7)
|
|
302
322
|
end
|
|
303
323
|
end
|
|
304
324
|
# Keep 'deploy' for backward compatibility
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: packaging
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.107.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Puppet Labs
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-08-29 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: pry
|
|
@@ -323,28 +323,28 @@ signing_key:
|
|
|
323
323
|
specification_version: 4
|
|
324
324
|
summary: Puppet Labs' packaging automation
|
|
325
325
|
test_files:
|
|
326
|
-
- spec/lib/
|
|
326
|
+
- spec/lib/packaging/gem_spec.rb
|
|
327
327
|
- spec/lib/packaging/platforms_spec.rb
|
|
328
|
-
- spec/lib/packaging/deb/repo_spec.rb
|
|
329
328
|
- spec/lib/packaging/artifactory_spec.rb
|
|
330
|
-
- spec/lib/packaging/
|
|
329
|
+
- spec/lib/packaging/tar_spec.rb
|
|
330
|
+
- spec/lib/packaging/config_spec.rb
|
|
331
331
|
- spec/lib/packaging/deb_spec.rb
|
|
332
|
+
- spec/lib/packaging/deb/repo_spec.rb
|
|
333
|
+
- spec/lib/packaging/repo_spec.rb
|
|
332
334
|
- spec/lib/packaging/retrieve_spec.rb
|
|
333
335
|
- spec/lib/packaging/sign_spec.rb
|
|
334
|
-
- spec/lib/packaging/
|
|
335
|
-
- spec/lib/packaging/util/git_spec.rb
|
|
336
|
-
- spec/lib/packaging/util/execution_spec.rb
|
|
337
|
-
- spec/lib/packaging/util/gpg_spec.rb
|
|
338
|
-
- spec/lib/packaging/util/rake_utils_spec.rb
|
|
336
|
+
- spec/lib/packaging/paths_spec.rb
|
|
339
337
|
- spec/lib/packaging/util/git_tag_spec.rb
|
|
340
|
-
- spec/lib/packaging/util/
|
|
338
|
+
- spec/lib/packaging/util/os_spec.rb
|
|
341
339
|
- spec/lib/packaging/util/jenkins_spec.rb
|
|
340
|
+
- spec/lib/packaging/util/gpg_spec.rb
|
|
342
341
|
- spec/lib/packaging/util/net_spec.rb
|
|
343
|
-
- spec/lib/packaging/util/
|
|
344
|
-
- spec/lib/packaging/util/
|
|
345
|
-
- spec/lib/packaging/util/
|
|
342
|
+
- spec/lib/packaging/util/ship_spec.rb
|
|
343
|
+
- spec/lib/packaging/util/rake_utils_spec.rb
|
|
344
|
+
- spec/lib/packaging/util/execution_spec.rb
|
|
346
345
|
- spec/lib/packaging/util/misc_spec.rb
|
|
347
|
-
- spec/lib/packaging/
|
|
346
|
+
- spec/lib/packaging/util/file_spec.rb
|
|
347
|
+
- spec/lib/packaging/util/git_spec.rb
|
|
348
|
+
- spec/lib/packaging/util/version_spec.rb
|
|
348
349
|
- spec/lib/packaging/rpm/repo_spec.rb
|
|
349
|
-
- spec/lib/
|
|
350
|
-
- spec/lib/packaging/tar_spec.rb
|
|
350
|
+
- spec/lib/packaging_spec.rb
|