packaging 0.107.2 → 0.108.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/packaging/platforms.rb +0 -40
- data/lib/packaging/sign/rpm.rb +110 -52
- data/spec/lib/packaging/artifactory_spec.rb +9 -9
- data/spec/lib/packaging/config_spec.rb +21 -21
- data/spec/lib/packaging/deb/repo_spec.rb +3 -3
- data/spec/lib/packaging/paths_spec.rb +13 -13
- data/spec/lib/packaging/platforms_spec.rb +10 -14
- data/spec/lib/packaging/sign_spec.rb +82 -55
- data/spec/lib/packaging/util/ship_spec.rb +2 -2
- data/tasks/ship.rake +15 -30
- metadata +17 -45
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 54d6abc8bcaa0d29d1580feff3d35577a3c49dc90721708623971cc189007f74
|
4
|
+
data.tar.gz: 0643a3a7bd158d488ae66b2b245ad3a36ce59875a0d067f7e3d5a88f6a1a0f52
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0b095ae28da4b0843c4f15fa3e597ff18fe693d50556c89a246a735846be5608831fce42e4e44d34f794dc2f98b3db512e635bc74604a2df9fee9caa5e0e0079
|
7
|
+
data.tar.gz: a1e5cc54bdfbd24e529e0b7c99a22675f7c4911cb2f59046ea8a0ac0aa147069a13185351fe0654bb5ba936af39e16fc8dd3435ea3f93e8199ab1d8fb5be022a
|
data/lib/packaging/platforms.rb
CHANGED
@@ -21,14 +21,6 @@ module Pkg
|
|
21
21
|
},
|
22
22
|
|
23
23
|
'debian' => {
|
24
|
-
'9' => {
|
25
|
-
codename: 'stretch',
|
26
|
-
architectures: ['amd64', 'i386'],
|
27
|
-
source_architecture: 'source',
|
28
|
-
package_format: 'deb',
|
29
|
-
source_package_formats: DEBIAN_SOURCE_FORMATS,
|
30
|
-
repo: true,
|
31
|
-
},
|
32
24
|
'10' => {
|
33
25
|
codename: 'buster',
|
34
26
|
architectures: ['amd64', 'i386'],
|
@@ -83,22 +75,6 @@ module Pkg
|
|
83
75
|
},
|
84
76
|
|
85
77
|
'fedora' => {
|
86
|
-
'32' => {
|
87
|
-
architectures: ['x86_64'],
|
88
|
-
source_architecture: 'SRPMS',
|
89
|
-
package_format: 'rpm',
|
90
|
-
source_package_formats: ['src.rpm'],
|
91
|
-
signature_format: 'v4',
|
92
|
-
repo: true,
|
93
|
-
},
|
94
|
-
'34' => {
|
95
|
-
architectures: ['x86_64'],
|
96
|
-
source_architecture: 'SRPMS',
|
97
|
-
package_format: 'rpm',
|
98
|
-
source_package_formats: ['src.rpm'],
|
99
|
-
signature_format: 'v4',
|
100
|
-
repo: true,
|
101
|
-
},
|
102
78
|
'36' => {
|
103
79
|
architectures: ['x86_64'],
|
104
80
|
source_architecture: 'SRPMS',
|
@@ -187,22 +163,6 @@ module Pkg
|
|
187
163
|
},
|
188
164
|
|
189
165
|
'ubuntu' => {
|
190
|
-
'14.04' => {
|
191
|
-
codename: 'trusty',
|
192
|
-
architectures: ['amd64', 'i386'],
|
193
|
-
source_architecture: 'source',
|
194
|
-
package_format: 'deb',
|
195
|
-
source_package_formats: DEBIAN_SOURCE_FORMATS,
|
196
|
-
repo: true,
|
197
|
-
},
|
198
|
-
'16.04' => {
|
199
|
-
codename: 'xenial',
|
200
|
-
architectures: ['amd64', 'i386', 'ppc64el'],
|
201
|
-
source_architecture: 'source',
|
202
|
-
package_format: 'deb',
|
203
|
-
source_package_formats: DEBIAN_SOURCE_FORMATS,
|
204
|
-
repo: true,
|
205
|
-
},
|
206
166
|
'18.04' => {
|
207
167
|
codename: 'bionic',
|
208
168
|
architectures: ['amd64', 'ppc64el', 'aarch64'],
|
data/lib/packaging/sign/rpm.rb
CHANGED
@@ -1,72 +1,128 @@
|
|
1
1
|
module Pkg::Sign::Rpm
|
2
2
|
module_function
|
3
3
|
|
4
|
-
|
4
|
+
# For rpm v4-style signing, we have old (gpg < v2.1) style and new-style
|
5
|
+
# Dispatch those cases.
|
6
|
+
def sign(rpm_path, signing_version = :v4)
|
7
|
+
unless %i[v3 v4].include?(signing_version)
|
8
|
+
fail "Unknown signing version: #{signing_version}. Only ':v3' and ':v4' are supported"
|
9
|
+
end
|
10
|
+
|
11
|
+
if gpg_version_older_than_21?
|
12
|
+
sign_gpg_1(rpm_path, signing_version)
|
13
|
+
else
|
14
|
+
sign_gpg_2(rpm_path, signing_version)
|
15
|
+
end
|
16
|
+
end
|
17
|
+
|
18
|
+
# Support old, old v3 RPM signing
|
19
|
+
def v3_sign(rpm)
|
20
|
+
sign(rpm, :v3)
|
21
|
+
end
|
22
|
+
alias :legacy_sign :v3_sign
|
23
|
+
|
24
|
+
# Construct GPG configuration, then call 'rpm --addsign' with it.
|
25
|
+
def sign_gpg_2(rpm_path, signing_version)
|
5
26
|
# To enable support for wrappers around rpm and thus support for gpg-agent
|
6
27
|
# rpm signing, we have to be able to tell the packaging repo what binary to
|
7
28
|
# use as the rpm signing tool.
|
29
|
+
rpm_executable = Pkg::Util::Tool.find_tool('rpm')
|
30
|
+
|
31
|
+
sign_command = %W[
|
32
|
+
#{rpm_executable} --addsign #{rpm_path}
|
33
|
+
#{define_gpg_name}
|
34
|
+
#{define_gpg_sign_cmd(signing_version)}
|
35
|
+
].join(' ')
|
36
|
+
|
37
|
+
Pkg::Util::Execution.capture3(sign_command, true)
|
38
|
+
end
|
39
|
+
|
40
|
+
def sign_gpg_1(rpm_path, signing_version)
|
41
|
+
# This allows for old-style wrapping of rpmsign with an expect script
|
8
42
|
rpm_executable = ENV['RPM'] || Pkg::Util::Tool.find_tool('rpm')
|
9
43
|
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
44
|
+
sign_command = %W[
|
45
|
+
#{rpm_executable} --addsign #{rpm_path}
|
46
|
+
#{define_gpg_check_password_cmd}
|
47
|
+
#{define_gpg_name}
|
48
|
+
#{define_gpg_sign_cmd(signing_version)}
|
49
|
+
].join(' ')
|
50
|
+
Pkg::Util::Execution.capture3(sign_command, true)
|
51
|
+
end
|
52
|
+
|
53
|
+
def define_gpg_name
|
54
|
+
"--define '%_gpg_name #{Pkg::Util::Gpg.key}'"
|
55
|
+
end
|
22
56
|
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
57
|
+
def define_gpg_sign_cmd(signing_version)
|
58
|
+
"--define '%__gpg_sign_cmd #{gpg_sign_cmd_macro(signing_version)}'"
|
59
|
+
end
|
60
|
+
|
61
|
+
def gpg_sign_cmd_macro(signing_version)
|
62
|
+
gpg_executable = Pkg::Util::Tool.find_tool('gpg')
|
29
63
|
|
30
64
|
# rubocop:disable Lint/NestedPercentLiteral
|
31
|
-
|
32
|
-
#{gpg_executable}
|
33
|
-
|
34
|
-
|
35
|
-
-
|
65
|
+
%W[
|
66
|
+
#{gpg_executable} --sign --detach-sign
|
67
|
+
#{signing_version_flags(signing_version)}
|
68
|
+
#{passphrase_fd_flag}
|
69
|
+
--batch --no-armor --no-secmem-warning
|
70
|
+
--local-user %{_gpg_name}
|
71
|
+
--output %{__signature_filename}
|
72
|
+
%{__plaintext_filename}
|
36
73
|
].join(' ')
|
37
74
|
# rubocop:enable Lint/NestedPercentLiteral
|
75
|
+
end
|
38
76
|
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
--
|
43
|
-
|
77
|
+
def signing_version_flags(signing_version)
|
78
|
+
case signing_version
|
79
|
+
when :v3
|
80
|
+
'--force-v3-sigs --digest-algo=sha1'
|
81
|
+
when :v4
|
82
|
+
''
|
83
|
+
else
|
84
|
+
fail "Unrecognized signing_version: '#{signing_version}'"
|
85
|
+
end
|
86
|
+
end
|
44
87
|
|
45
|
-
|
46
|
-
Pkg::Util
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
Pkg::Util::Execution.capture3(sign_command)
|
88
|
+
def passphrase_fd_flag
|
89
|
+
if Pkg::Util.boolean_value(ENV['RPM_GPG_AGENT'])
|
90
|
+
''
|
91
|
+
else
|
92
|
+
'--passphrase-fd 3'
|
51
93
|
end
|
52
94
|
end
|
53
95
|
|
54
|
-
def
|
55
|
-
|
96
|
+
def define_gpg_check_password_cmd
|
97
|
+
if Pkg::Util.boolean_value(ENV['RPM_GPG_AGENT'])
|
98
|
+
"--define '%__gpg_check_password_cmd /bin/true'"
|
99
|
+
else
|
100
|
+
''
|
101
|
+
end
|
56
102
|
end
|
57
103
|
|
58
|
-
|
104
|
+
|
105
|
+
def signed?(rpm)
|
59
106
|
# This should allow the `Pkg::Util::Gpg.key` method to fail if gpg_key is
|
60
107
|
# not set, before shelling out. We also only want the short key, all
|
61
108
|
# lowercase, since that's what the `rpm -Kv` output uses.
|
62
109
|
key = Pkg::Util::Gpg.key.downcase.chars.last(8).join
|
63
110
|
signature_check_output = %x(rpm --checksig --verbose #{rpm})
|
111
|
+
|
64
112
|
# If the signing key has not been loaded on the system this is running on,
|
65
113
|
# the check will exit 1, even if the rpm is signed, so we can't use capture3,
|
66
114
|
# which bails out with non-0 exit codes. Instead, check that the output
|
67
115
|
# looks more-or-less how we expect it to.
|
68
|
-
|
69
|
-
|
116
|
+
unless signature_check_output.include? "Header"
|
117
|
+
fail "Something went wrong checking the signature of #{rpm}."
|
118
|
+
end
|
119
|
+
|
120
|
+
signature_check_output.include? "key ID #{key}"
|
121
|
+
end
|
122
|
+
|
123
|
+
# For backwards compatibility
|
124
|
+
def has_sig?(rpm)
|
125
|
+
signed?(rpm)
|
70
126
|
end
|
71
127
|
|
72
128
|
def sign_all(rpm_directory)
|
@@ -97,8 +153,8 @@ module Pkg::Sign::Rpm
|
|
97
153
|
# We don't sign AIX rpms
|
98
154
|
next if platform_tag.include?('aix')
|
99
155
|
|
100
|
-
if
|
101
|
-
puts "#{rpm} is already signed
|
156
|
+
if signed?(rpm)
|
157
|
+
puts "#{rpm} is already signed. Skipping."
|
102
158
|
next
|
103
159
|
end
|
104
160
|
|
@@ -113,13 +169,13 @@ module Pkg::Sign::Rpm
|
|
113
169
|
end
|
114
170
|
|
115
171
|
unless v3_rpms.empty?
|
116
|
-
puts "Signing legacy (v3) rpms
|
117
|
-
|
172
|
+
puts "Signing legacy (v3) rpms:"
|
173
|
+
sign(v3_rpms.join(' '), :v3)
|
118
174
|
end
|
119
175
|
|
120
176
|
unless v4_rpms.empty?
|
121
|
-
puts "Signing modern (v4) rpms
|
122
|
-
sign(v4_rpms.join(' '))
|
177
|
+
puts "Signing modern (v4) rpms:"
|
178
|
+
sign(v4_rpms.join(' '), :v4)
|
123
179
|
end
|
124
180
|
|
125
181
|
# Using the map of paths to basenames, we re-hardlink the rpms we deleted.
|
@@ -128,16 +184,18 @@ module Pkg::Sign::Rpm
|
|
128
184
|
FileUtils.mkdir_p(File.dirname(link_path))
|
129
185
|
# Find paths where the signed rpm has the same basename, but different
|
130
186
|
# full path, as the one we need to link.
|
131
|
-
paths_to_link_to = rpms_to_sign.select
|
187
|
+
paths_to_link_to = rpms_to_sign.select do |rpm|
|
188
|
+
File.basename(rpm) == rpm_filename && rpm != link_path
|
189
|
+
end
|
132
190
|
paths_to_link_to.each do |path|
|
133
|
-
FileUtils.ln(path, link_path, :
|
191
|
+
FileUtils.ln(path, link_path, force: true, verbose: true)
|
134
192
|
end
|
135
193
|
end
|
136
194
|
end
|
137
195
|
|
138
|
-
def
|
139
|
-
|
140
|
-
gpg_version =
|
141
|
-
Gem::Version.new(gpg_version)
|
196
|
+
def gpg_version_older_than_21?
|
197
|
+
gpg_executable = Pkg::Util::Tool.find_tool('gpg')
|
198
|
+
gpg_version = %x(#{gpg_executable} --version).split(' ')[2]
|
199
|
+
Gem::Version.new(gpg_version) < Gem::Version.new('2.1.0')
|
142
200
|
end
|
143
201
|
end
|
@@ -16,10 +16,10 @@ describe 'artifactory.rb' do
|
|
16
16
|
:repo_config => "../repo_configs/rpm/pl-puppet-agent-f65f9efbb727c3d2d72d6799c0fc345a726f27b5-el-6-x86_64.repo",
|
17
17
|
:additional_artifacts => ["./el/6/PC1/x86_64/puppet-agent-extras-5.3.1.34.gf65f9ef-1.el6.x86_64.rpm"],
|
18
18
|
},
|
19
|
-
'ubuntu-
|
20
|
-
:artifact => "./deb/
|
21
|
-
:repo_config => "../repo_configs/deb/pl-puppet-agent-f65f9efbb727c3d2d72d6799c0fc345a726f27b5-
|
22
|
-
:additional_artifacts => ["./deb/
|
19
|
+
'ubuntu-18.04-amd64' => {
|
20
|
+
:artifact => "./deb/bionic/PC1/puppet-agent_5.3.1.34.gf65f9ef-1bionic_amd64.deb",
|
21
|
+
:repo_config => "../repo_configs/deb/pl-puppet-agent-f65f9efbb727c3d2d72d6799c0fc345a726f27b5-bionic.list",
|
22
|
+
:additional_artifacts => ["./deb/bionic/PC1/puppet-agent-extras_5.3.1.34.gf65f9ef-1bionic_amd64.deb"],
|
23
23
|
},
|
24
24
|
'debian-10-amd64' => {
|
25
25
|
:artifact => "./deb/buster/PC1/puppetdb_5.3.1.34.gf65f9ef-1buster_all.deb",
|
@@ -61,13 +61,13 @@ describe 'artifactory.rb' do
|
|
61
61
|
:package_name => 'path/to/a/el/6/package/puppet-agent-5.3.1.34.gf65f9ef-1.el6.x86_64.rpm',
|
62
62
|
:all_package_names => ['puppet-agent-5.3.1.34.gf65f9ef-1.el6.x86_64.rpm', 'puppet-agent-extras-5.3.1.34.gf65f9ef-1.el6.x86_64.rpm']
|
63
63
|
},
|
64
|
-
'ubuntu-
|
64
|
+
'ubuntu-18.04-amd64' => {
|
65
65
|
:toplevel_repo => 'debian__local',
|
66
|
-
:repo_subdirectories => "#{default_repo_name}/#{project}/#{project_version}/ubuntu-
|
67
|
-
:codename => '
|
66
|
+
:repo_subdirectories => "#{default_repo_name}/#{project}/#{project_version}/ubuntu-18.04",
|
67
|
+
:codename => 'bionic',
|
68
68
|
:arch => 'amd64',
|
69
|
-
:package_name => 'path/to/a/
|
70
|
-
:all_package_names => ['puppet-agent_5.3.1.34.gf65f9ef-
|
69
|
+
:package_name => 'path/to/a/bionic/package/puppet-agent_5.3.1.34.gf65f9ef-1bionic_amd64.deb',
|
70
|
+
:all_package_names => ['puppet-agent_5.3.1.34.gf65f9ef-1bionic_amd64.deb', 'puppet-agent-extras_5.3.1.34.gf65f9ef-1bionic_amd64.deb']
|
71
71
|
},
|
72
72
|
'debian-10-amd64' => {
|
73
73
|
:toplevel_repo => 'debian__local',
|
@@ -205,7 +205,7 @@ describe "Pkg::Config" do
|
|
205
205
|
platform_tags = [
|
206
206
|
'osx-10.15-x86_64',
|
207
207
|
'osx-11-x86_64',
|
208
|
-
'ubuntu-
|
208
|
+
'ubuntu-18.04-amd64',
|
209
209
|
'el-6-x86_64',
|
210
210
|
'el-7-ppc64le',
|
211
211
|
'sles-12-x86_64',
|
@@ -214,7 +214,7 @@ describe "Pkg::Config" do
|
|
214
214
|
artifacts = \
|
215
215
|
"./artifacts/apple/10.15/PC1/x86_64/puppet-agent-5.3.2.658.gc79ef9a-1.osx10.15.dmg\n" \
|
216
216
|
"./artifacts/apple/11/PC1/x86_64/puppet-agent-5.3.2.658.gc79ef9a-1.osx11.dmg\n" \
|
217
|
-
"./artifacts/deb/
|
217
|
+
"./artifacts/deb/bionic/PC1/puppet-agent_5.3.2-1bionic_amd64.deb\n" \
|
218
218
|
"./artifacts/el/6/PC1/x86_64/puppet-agent-5.3.2.658.gc79ef9a-1.el6.x86_64.rpm\n" \
|
219
219
|
"./artifacts/el/7/PC1/ppc64le/puppet-agent-5.3.2-1.el7.ppc64le.rpm\n" \
|
220
220
|
"./artifacts/sles/12/PC1/x86_64/puppet-agent-5.3.2-1.sles12.x86_64.rpm"
|
@@ -223,7 +223,7 @@ describe "Pkg::Config" do
|
|
223
223
|
"./artifacts/aix/7.1/PC1/ppc/puppet-agent-5.3.2-1.aix7.1.ppc.rpm"
|
224
224
|
|
225
225
|
fedora_artifacts = \
|
226
|
-
"./artifacts/fedora/
|
226
|
+
"./artifacts/fedora/36/PC1/x86_64/puppet-agent-5.3.2-1.fc36.x86_64.rpm"
|
227
227
|
|
228
228
|
windows_artifacts = \
|
229
229
|
"./artifacts/windows/puppet-agent-x64.msi\n" \
|
@@ -237,17 +237,17 @@ describe "Pkg::Config" do
|
|
237
237
|
"./artifacts/solaris/11/PC1/puppet-agent@5.3.2,5.11-1.sparc.p5p\n" \
|
238
238
|
"./artifacts/solaris/10/PC1/puppet-agent-5.3.2-1.i386.pkg.gz"
|
239
239
|
|
240
|
-
|
241
|
-
"./artifacts/deb/
|
242
|
-
"./artifacts/deb/
|
243
|
-
"./artifacts/deb/
|
244
|
-
"./artifacts/deb/
|
240
|
+
buster_artifacts = \
|
241
|
+
"./artifacts/deb/buster/PC1/puppet-agent-dbgsym_5.3.2-1buster_i386.deb\n" \
|
242
|
+
"./artifacts/deb/buster/PC1/puppet-agent_5.3.2-1buster_i386.deb\n" \
|
243
|
+
"./artifacts/deb/buster/PC1/puppet-agent_5.3.2.658.gc79ef9a-1buster_amd64.deb\n" \
|
244
|
+
"./artifacts/deb/buster/PC1/puppet-agent-dbgsym_5.3.2.658.gc79ef9a-1buster_amd64.deb"
|
245
245
|
|
246
246
|
artifacts_not_matching_project = \
|
247
|
-
"./artifacts/deb/
|
248
|
-
"./artifacts/deb/
|
249
|
-
"./artifacts/deb/
|
250
|
-
"./artifacts/deb/
|
247
|
+
"./artifacts/deb/bionic/pe-postgresql-contrib_2019.1.9.6.12-1bionic_amd64.deb\n" \
|
248
|
+
"./artifacts/deb/bionic/pe-postgresql-devel_2019.1.9.6.12-1bionic_amd64.deb\n" \
|
249
|
+
"./artifacts/deb/bionic/pe-postgresql-server_2019.1.9.6.12-1bionic_amd64.deb\n" \
|
250
|
+
"./artifacts/deb/bionic/pe-postgresql_2019.1.9.6.12-1bionic_amd64.deb"
|
251
251
|
project = 'puppet-agent'
|
252
252
|
ref = '5.3.2'
|
253
253
|
|
@@ -280,8 +280,8 @@ describe "Pkg::Config" do
|
|
280
280
|
it "should not use 'f' in fedora platform tags" do
|
281
281
|
allow(Pkg::Util::Net).to receive(:remote_execute).and_return(fedora_artifacts, nil)
|
282
282
|
data = Pkg::Config.platform_data
|
283
|
-
expect(data).to include('fedora-
|
284
|
-
expect(data).not_to include('fedora-
|
283
|
+
expect(data).to include('fedora-36-x86_64')
|
284
|
+
expect(data).not_to include('fedora-f36-x86_64')
|
285
285
|
end
|
286
286
|
|
287
287
|
it "should collect packages whose extname differ from package_format" do
|
@@ -300,19 +300,19 @@ describe "Pkg::Config" do
|
|
300
300
|
end
|
301
301
|
|
302
302
|
it "should not collect debug packages" do
|
303
|
-
allow(Pkg::Util::Net).to receive(:remote_execute).and_return(
|
303
|
+
allow(Pkg::Util::Net).to receive(:remote_execute).and_return(buster_artifacts, nil)
|
304
304
|
data = Pkg::Config.platform_data
|
305
|
-
expect(data['debian-
|
305
|
+
expect(data['debian-10-amd64']).to include(:artifact => './deb/buster/PC1/puppet-agent_5.3.2.658.gc79ef9a-1buster_amd64.deb')
|
306
306
|
end
|
307
307
|
|
308
308
|
it "should collect packages that don't match the project name" do
|
309
309
|
allow(Pkg::Util::Net).to receive(:remote_execute).and_return(artifacts_not_matching_project, nil)
|
310
310
|
data = Pkg::Config.platform_data
|
311
|
-
expect(data['ubuntu-
|
312
|
-
expect(data['ubuntu-
|
313
|
-
expect(data['ubuntu-
|
314
|
-
expect(data['ubuntu-
|
315
|
-
expect(data['ubuntu-
|
311
|
+
expect(data['ubuntu-18.04-amd64']).to include(:artifact => './deb/bionic/pe-postgresql-contrib_2019.1.9.6.12-1bionic_amd64.deb')
|
312
|
+
expect(data['ubuntu-18.04-amd64'][:additional_artifacts].size).to eq(3)
|
313
|
+
expect(data['ubuntu-18.04-amd64'][:additional_artifacts]).to include('./deb/bionic/pe-postgresql-devel_2019.1.9.6.12-1bionic_amd64.deb')
|
314
|
+
expect(data['ubuntu-18.04-amd64'][:additional_artifacts]).to include('./deb/bionic/pe-postgresql-server_2019.1.9.6.12-1bionic_amd64.deb')
|
315
|
+
expect(data['ubuntu-18.04-amd64'][:additional_artifacts]).to include('./deb/bionic/pe-postgresql_2019.1.9.6.12-1bionic_amd64.deb')
|
316
316
|
end
|
317
317
|
|
318
318
|
it "should use 'ppc' instead of 'power' in aix paths" do
|
@@ -6,7 +6,7 @@ describe "Pkg::Deb::Repo" do
|
|
6
6
|
let(:project) { "deb_repos" }
|
7
7
|
let(:ref) { "1234abcd" }
|
8
8
|
let(:base_url) { "http://#{builds_server}/#{project}/#{ref}" }
|
9
|
-
let(:cows) { ["
|
9
|
+
let(:cows) { ["bionic", "focal", "buster", ""] }
|
10
10
|
let(:wget_results) { cows.map {|cow| "#{base_url}/repos/apt/#{cow}" }.join("\n") }
|
11
11
|
let(:wget_garbage) { "\n and an index\nhttp://somethingelse.com/robots" }
|
12
12
|
let(:repo_configs) { cows.reject {|cow| cow.empty?}.map {|dist| "pkg/repo_configs/deb/pl-#{project}-#{ref}-#{dist}.list" } }
|
@@ -72,7 +72,7 @@ describe "Pkg::Deb::Repo" do
|
|
72
72
|
|
73
73
|
describe "#repo_creation_command" do
|
74
74
|
let(:prefix) { "thing" }
|
75
|
-
let(:artifact_directory) { ["/a/b/c/
|
75
|
+
let(:artifact_directory) { ["/a/b/c/bionic"] }
|
76
76
|
|
77
77
|
it "returns a command to make repos" do
|
78
78
|
command = Pkg::Deb::Repo.repo_creation_command(prefix, artifact_directory)
|
@@ -85,7 +85,7 @@ describe "Pkg::Deb::Repo" do
|
|
85
85
|
describe "#create_repos" do
|
86
86
|
let(:command) { "/usr/bin/make some repos" }
|
87
87
|
let(:artifact_directory) { "/tmp/dir/thing" }
|
88
|
-
let(:pkg_directories) { ['place/to/deb/
|
88
|
+
let(:pkg_directories) { ['place/to/deb/bionic', 'other/deb/focal'] }
|
89
89
|
|
90
90
|
it "generates repo configs remotely and then ships them" do
|
91
91
|
File.stub(:join) {artifact_directory}
|
@@ -5,11 +5,11 @@ describe 'Pkg::Paths' do
|
|
5
5
|
arch_transformations = {
|
6
6
|
['pkg/el-8-x86_64/puppet-agent-6.9.0-1.el8.x86_64.rpm', 'el', '8'] => 'x86_64',
|
7
7
|
['pkg/el/8/puppet6/aarch64/puppet-agent-6.5.0.3094.g16b6fa6f-1.el8.aarch64.rpm', 'el', '8'] => 'aarch64',
|
8
|
-
['artifacts/fedora/
|
9
|
-
['pkg/ubuntu-
|
8
|
+
['artifacts/fedora/36/puppet6/x86_64/puppet-agent-6.9.0-1.fc32.x86_64.rpm', 'fedora', '36'] => 'x86_64',
|
9
|
+
['pkg/ubuntu-18.04-amd64/puppet-agent_4.99.0-1bionic_amd64.deb', 'ubuntu', '18.04'] => 'amd64',
|
10
10
|
['artifacts/deb/focal/puppet6/puppet-agent_6.5.0.3094.g16b6fa6f-1focal_arm64.deb', 'ubuntu', '20.04'] => 'aarch64',
|
11
11
|
|
12
|
-
['artifacts/ubuntu-
|
12
|
+
['artifacts/ubuntu-18.04-i386/puppetserver_5.0.1-0.1SNAPSHOT.2017.07.27T2346puppetlabs1.debian.tar.gz', 'ubuntu', '18.04'] => 'source',
|
13
13
|
['artifacts/el/6/PC1/SRPMS/puppetserver-5.0.1.master-0.1SNAPSHOT.2017.08.18T0951.el6.src.rpm', 'el', '6'] => 'SRPMS'
|
14
14
|
}
|
15
15
|
arch_transformations.each do |path_array, arch|
|
@@ -23,7 +23,7 @@ describe 'Pkg::Paths' do
|
|
23
23
|
describe '#tag_from_artifact_path' do
|
24
24
|
path_tranformations = {
|
25
25
|
'pkg/el-7-x86_64/puppet-agent-5.5.22-1.el8.x86_64.rpm' => 'el-7-x86_64',
|
26
|
-
'pkg/ubuntu-20.04-amd64/puppet-agent_5.5.22-
|
26
|
+
'pkg/ubuntu-20.04-amd64/puppet-agent_5.5.22-1bionic_amd64.deb' => 'ubuntu-20.04-amd64',
|
27
27
|
'pkg/windows/puppet-agent-5.5.22-x86.msi' => 'windows-2012-x86',
|
28
28
|
'artifacts/el/6/products/x86_64/pe-r10k-2.5.4.3-1.el6.x86_64.rpm' => 'el-6-x86_64',
|
29
29
|
'pkg/pe/rpm/el-6-i386/pe-puppetserver-2017.3.0.3-1.el6.noarch.rpm' => 'el-6-i386',
|
@@ -35,7 +35,7 @@ describe 'Pkg::Paths' do
|
|
35
35
|
'pkg/apple/11/puppet6/x86_64/puppet-agent-6.19.0-1.osx11.dmg' => 'osx-11-x86_64',
|
36
36
|
'pkg/windows/puppet-agent-1.9.0-x86.msi' => 'windows-2012-x86',
|
37
37
|
'pkg/pe/rpm/el-6-i386/pe-puppetserver-2017.3.0.3-1.el6.src.rpm' => 'el-6-SRPMS',
|
38
|
-
'pkg/pe/deb/
|
38
|
+
'pkg/pe/deb/bionic/pe-puppetserver_2017.3.0.3-1puppet1.orig.tar.gz' => 'ubuntu-18.04-source',
|
39
39
|
'pkg/puppet-agent-5.1.0.79.g782e03c.gem' => nil,
|
40
40
|
'pkg/puppet-agent-5.1.0.7.g782e03c.tar.gz' => nil,
|
41
41
|
}
|
@@ -276,11 +276,11 @@ describe 'Pkg::Paths' do
|
|
276
276
|
.to eq(fake_apt_repo_path)
|
277
277
|
end
|
278
278
|
it 'returns nonfinal_yum_repo_path for nonfinal rpms' do
|
279
|
-
expect(Pkg::Paths.remote_repo_base('fedora-
|
279
|
+
expect(Pkg::Paths.remote_repo_base('fedora-36-x86_64', nonfinal: true))
|
280
280
|
.to eq(fake_yum_nightly_repo_path)
|
281
281
|
end
|
282
282
|
it 'returns nonfinal_apt_repo_path for nonfinal debs' do
|
283
|
-
expect(Pkg::Paths.remote_repo_base('debian-
|
283
|
+
expect(Pkg::Paths.remote_repo_base('debian-10-amd64', nonfinal: true))
|
284
284
|
.to eq(fake_apt_nightly_repo_path)
|
285
285
|
end
|
286
286
|
it 'fails if neither tag nor package_format is provided' do
|
@@ -309,8 +309,8 @@ describe 'Pkg::Paths' do
|
|
309
309
|
allow(Pkg::Paths).to receive(:remote_repo_base).and_return('/opt/repository/apt')
|
310
310
|
expect(Pkg::Paths.apt_package_base_path('ubuntu-18.04-amd64', 'puppet6', 'puppet-agent'))
|
311
311
|
.to eq('/opt/repository/apt/pool/bionic/puppet6/p/puppet-agent')
|
312
|
-
expect(Pkg::Paths.apt_package_base_path('debian-
|
313
|
-
.to eq('/opt/repository/apt/pool/
|
312
|
+
expect(Pkg::Paths.apt_package_base_path('debian-10-amd64', 'puppet6', 'bolt-server'))
|
313
|
+
.to eq('/opt/repository/apt/pool/buster/puppet6/b/bolt-server')
|
314
314
|
|
315
315
|
|
316
316
|
end
|
@@ -364,16 +364,16 @@ describe 'Pkg::Paths' do
|
|
364
364
|
.to eq("#{yum_repo_path}/#{repo_name}-release-sles-12.noarch.rpm")
|
365
365
|
end
|
366
366
|
it 'returns the appropriate link path for deb release packages' do
|
367
|
-
expect(Pkg::Paths.release_package_link_path('ubuntu-
|
368
|
-
.to eq("#{apt_repo_path}/#{repo_name}-release-
|
367
|
+
expect(Pkg::Paths.release_package_link_path('ubuntu-18.04-amd64'))
|
368
|
+
.to eq("#{apt_repo_path}/#{repo_name}-release-bionic.deb")
|
369
369
|
end
|
370
370
|
it 'returns the appropriate link path for nonfinal rpm release packages' do
|
371
371
|
expect(Pkg::Paths.release_package_link_path('el-7-x86_64', true))
|
372
372
|
.to eq("#{nonfinal_yum_repo_path}/#{nonfinal_repo_name}-release-el-7.noarch.rpm")
|
373
373
|
end
|
374
374
|
it 'returns the appropriate link path for nonfinal deb release packages' do
|
375
|
-
expect(Pkg::Paths.release_package_link_path('debian-
|
376
|
-
.to eq("#{nonfinal_apt_repo_path}/#{nonfinal_repo_name}-release-
|
375
|
+
expect(Pkg::Paths.release_package_link_path('debian-10-amd64', true))
|
376
|
+
.to eq("#{nonfinal_apt_repo_path}/#{nonfinal_repo_name}-release-buster.deb")
|
377
377
|
end
|
378
378
|
it 'returns nil for package formats that do not have release packages' do
|
379
379
|
expect(Pkg::Paths.release_package_link_path('osx-10.15-x86_64')).to eq(nil)
|
@@ -36,16 +36,12 @@ describe 'Pkg::Platforms' do
|
|
36
36
|
|
37
37
|
describe '#codenames' do
|
38
38
|
it 'should return all codenames for a given platform' do
|
39
|
-
codenames = ['focal', 'bionic', 'bullseye', 'buster', '
|
39
|
+
codenames = ['focal', 'bionic', 'bullseye', 'buster', 'jammy']
|
40
40
|
expect(Pkg::Platforms.codenames).to match_array(codenames)
|
41
41
|
end
|
42
42
|
end
|
43
43
|
|
44
44
|
describe '#codename_to_platform_version' do
|
45
|
-
it 'should return the platform and version corresponding to a given codename' do
|
46
|
-
expect(Pkg::Platforms.codename_to_platform_version('xenial')).to eq(['ubuntu', '16.04'])
|
47
|
-
end
|
48
|
-
|
49
45
|
it 'should return the platform and version corresponding to a given codename' do
|
50
46
|
expect(Pkg::Platforms.codename_to_platform_version('jammy')).to eq(['ubuntu', '22.04'])
|
51
47
|
end
|
@@ -62,18 +58,18 @@ describe 'Pkg::Platforms' do
|
|
62
58
|
end
|
63
59
|
|
64
60
|
describe '#arches_for_codename' do
|
65
|
-
it 'should return an array of
|
66
|
-
expect(Pkg::Platforms.arches_for_codename('
|
61
|
+
it 'should return an array of architectures corresponding to a given codename' do
|
62
|
+
expect(Pkg::Platforms.arches_for_codename('bionic')).to match_array(['amd64', 'aarch64', 'ppc64el'])
|
67
63
|
end
|
68
64
|
|
69
|
-
it 'should be able to include source
|
70
|
-
expect(Pkg::Platforms.arches_for_codename('
|
65
|
+
it 'should be able to include source architectures' do
|
66
|
+
expect(Pkg::Platforms.arches_for_codename('bionic', true)).to match_array(["amd64", "aarch64", "ppc64el", "source"])
|
71
67
|
end
|
72
68
|
end
|
73
69
|
|
74
70
|
describe '#codename_to_tags' do
|
75
71
|
it 'should return an array of platform tags corresponding to a given codename' do
|
76
|
-
expect(Pkg::Platforms.codename_to_tags('
|
72
|
+
expect(Pkg::Platforms.codename_to_tags('bionic')).to match_array(['ubuntu-18.04-aarch64', 'ubuntu-18.04-amd64', "ubuntu-18.04-ppc64el"])
|
77
73
|
end
|
78
74
|
end
|
79
75
|
|
@@ -131,17 +127,17 @@ describe 'Pkg::Platforms' do
|
|
131
127
|
|
132
128
|
describe '#parse_platform_tag' do
|
133
129
|
test_cases = {
|
134
|
-
'debian-
|
130
|
+
'debian-10-amd64' => ['debian', '10', 'amd64'],
|
135
131
|
'windows-2012-x86' => ['windows', '2012', 'x86'],
|
136
132
|
'windowsfips-2012-x64' => ['windowsfips', '2012', 'x64'],
|
137
133
|
'el-7-x86_64' => ['el', '7', 'x86_64'],
|
138
134
|
'el-6' => ['el', '6', ''],
|
139
|
-
'
|
140
|
-
'
|
135
|
+
'bionic-amd64' => ['ubuntu', '18.04', 'amd64'],
|
136
|
+
'bionic' => ['ubuntu', '18.04', ''],
|
141
137
|
'windows-2012' => ['windows', '2012', ''],
|
142
138
|
'redhatfips-7-x86_64' => ['redhatfips', '7', 'x86_64'],
|
143
139
|
'el-7-SRPMS' => ['el', '7', 'SRPMS'],
|
144
|
-
'ubuntu-
|
140
|
+
'ubuntu-18.04-source' => ['ubuntu', '18.04', 'source'],
|
145
141
|
}
|
146
142
|
|
147
143
|
fail_cases = [
|
@@ -3,91 +3,118 @@ require 'packaging/sign'
|
|
3
3
|
|
4
4
|
describe 'Pkg::Sign' do
|
5
5
|
describe 'Pkg::Sign::Rpm' do
|
6
|
-
|
7
6
|
before :each do
|
8
7
|
allow(Pkg::Config).to receive(:gpg_key).and_return('7F438280EF8D349F')
|
9
8
|
end
|
10
9
|
|
11
|
-
describe '#
|
10
|
+
describe '#signed?' do
|
12
11
|
let(:rpm) { 'foo.rpm' }
|
13
|
-
let(:el7_signed_response)
|
14
|
-
|
15
|
-
Header
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
12
|
+
let(:el7_signed_response) do
|
13
|
+
<<~DOC
|
14
|
+
Header V4 RSA/SHA256 Signature, key ID ef8d349f: NOKEY
|
15
|
+
Header SHA1 digest: OK (3cb7e9861e8bc09783a1b6c8d88243a3c16daa81)
|
16
|
+
V4 RSA/SHA256 Signature, key ID ef8d349f: NOKEY
|
17
|
+
MD5 digest: OK (d5f06ba2a9053de532326d0659ec0d11)
|
18
|
+
DOC
|
19
|
+
end
|
20
|
+
|
21
|
+
let(:sles12_signed_response) do
|
22
|
+
<<~DOC
|
23
|
+
Header V4 RSA/SHA256 Signature, key ID ef8d349f: NOKEY
|
24
|
+
Header SHA1 digest: OK (e713487cf21ebeb933aefd5ec9211a34603233d2)
|
25
|
+
V4 RSA/SHA256 Signature, key ID ef8d349f: NOKEY
|
26
|
+
MD5 digest: OK (3093a09ac39bc17751f913e19ca74432)
|
27
|
+
DOC
|
28
|
+
end
|
29
|
+
|
30
|
+
let(:unsigned_response) do
|
31
|
+
<<~DOC
|
32
|
+
Header SHA1 digest: OK (f9404cc95f200568c2dbb1fd24e1119e3e4a40a9)
|
33
|
+
MD5 digest: OK (816095f3cee145091c3fa07a0915ce85)
|
34
|
+
DOC
|
35
|
+
end
|
36
|
+
|
32
37
|
it 'returns true if rpm has been signed (el7)' do
|
33
38
|
allow(Pkg::Sign::Rpm).to receive(:`).and_return(el7_signed_response)
|
34
|
-
expect(Pkg::Sign::Rpm.
|
39
|
+
expect(Pkg::Sign::Rpm.signed?(rpm)).to be true
|
35
40
|
end
|
36
41
|
it 'returns true if rpm has been signed (sles12)' do
|
37
42
|
allow(Pkg::Sign::Rpm).to receive(:`).and_return(sles12_signed_response)
|
38
|
-
expect(Pkg::Sign::Rpm.
|
43
|
+
expect(Pkg::Sign::Rpm.signed?(rpm)).to be true
|
39
44
|
end
|
40
45
|
it 'returns false if rpm has not been signed' do
|
41
46
|
allow(Pkg::Sign::Rpm).to receive(:`).and_return(unsigned_response)
|
42
|
-
expect(Pkg::Sign::Rpm.
|
47
|
+
expect(Pkg::Sign::Rpm.signed?(rpm)).to be false
|
43
48
|
end
|
44
49
|
it 'fails with unexpected output' do
|
45
|
-
allow(Pkg::Sign::Rpm)
|
46
|
-
|
50
|
+
allow(Pkg::Sign::Rpm)
|
51
|
+
.to receive(:`)
|
52
|
+
.and_return('something that is definitely not a normal response')
|
53
|
+
expect { Pkg::Sign::Rpm.signed?(rpm) }
|
54
|
+
.to raise_error(RuntimeError, /Something went wrong checking the signature/)
|
47
55
|
end
|
48
56
|
it 'fails if gpg_key is not set' do
|
49
57
|
allow(Pkg::Config).to receive(:gpg_key).and_return(nil)
|
50
|
-
expect { Pkg::Sign::Rpm.
|
58
|
+
expect { Pkg::Sign::Rpm.signed?(rpm) }
|
59
|
+
.to raise_error(RuntimeError, /You need to set `gpg_key` in your build defaults./)
|
51
60
|
end
|
52
61
|
end
|
53
62
|
|
54
63
|
describe '#sign_all' do
|
55
64
|
let(:rpm_directory) { Dir.mktmpdir }
|
56
|
-
let(:rpms_not_to_sign)
|
57
|
-
"#{rpm_directory}/aix/7.1/PC1/ppc/puppet-agent-5.5.3-1.aix7.1.ppc.rpm"
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
+
let(:rpms_not_to_sign) do
|
66
|
+
["#{rpm_directory}/aix/7.1/PC1/ppc/puppet-agent-5.5.3-1.aix7.1.ppc.rpm"]
|
67
|
+
end
|
68
|
+
|
69
|
+
let(:v3_rpms) do
|
70
|
+
["#{rpm_directory}/sles/11/PC1/x86_64/puppet-agent-5.5.3-1.sles11.x86_64.rpm"]
|
71
|
+
end
|
72
|
+
|
73
|
+
let(:v4_rpms) do
|
74
|
+
["#{rpm_directory}/el/7/PC1/aarch64/puppet-agent-5.5.3-1.el7.aarch64.rpm"]
|
75
|
+
end
|
76
|
+
|
65
77
|
let(:rpms) { rpms_not_to_sign + v3_rpms + v4_rpms }
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
78
|
+
|
79
|
+
let(:already_signed_rpms) do
|
80
|
+
["#{rpm_directory}/el/6/PC1/x86_64/puppet-agent-5.5.3-1.el6.x86_64.rpm"]
|
81
|
+
end
|
82
|
+
|
83
|
+
let(:noarch_rpms) do
|
84
|
+
[
|
85
|
+
"#{rpm_directory}/el/6/puppet5/i386/puppetserver-5.3.3-1.el6.noarch.rpm",
|
86
|
+
"#{rpm_directory}/el/6/puppet5/x86_64/puppetserver-5.3.3-1.el6.noarch.rpm",
|
87
|
+
"#{rpm_directory}/el/7/puppet5/i386/puppetserver-5.3.3-1.el7.noarch.rpm",
|
88
|
+
"#{rpm_directory}/el/7/puppet5/x86_64/puppetserver-5.3.3-1.el7.noarch.rpm",
|
89
|
+
"#{rpm_directory}/sles/12/puppet5/i386/puppetserver-5.3.3-1.sles12.noarch.rpm",
|
90
|
+
"#{rpm_directory}/sles/12/puppet5/x86_64/puppetserver-5.3.3-1.sles12.noarch.rpm"
|
91
|
+
]
|
92
|
+
end
|
77
93
|
|
78
94
|
it 'signs both v3 and v4 rpms' do
|
79
95
|
allow(Dir).to receive(:[]).with("#{rpm_directory}/**/*.rpm").and_return(rpms)
|
80
96
|
rpms.each do |rpm|
|
81
|
-
allow(Pkg::Sign::Rpm).to receive(:
|
97
|
+
allow(Pkg::Sign::Rpm).to receive(:signed?).and_return(false)
|
82
98
|
end
|
83
|
-
|
84
|
-
|
99
|
+
|
100
|
+
v3_items = v3_rpms.length
|
101
|
+
v4_items = v4_rpms.length
|
102
|
+
|
103
|
+
expect(Pkg::Sign::Rpm)
|
104
|
+
.to receive(:sign)
|
105
|
+
.with(v3_rpms.join(' '), :v3)
|
106
|
+
.exactly(v3_items).times
|
107
|
+
expect(Pkg::Sign::Rpm)
|
108
|
+
.to receive(:sign)
|
109
|
+
.with(v4_rpms.join(' '), :v4)
|
110
|
+
.exactly(v4_items).times
|
111
|
+
|
85
112
|
Pkg::Sign::Rpm.sign_all(rpm_directory)
|
86
113
|
end
|
87
114
|
|
88
115
|
it 'does not sign AIX rpms' do
|
89
116
|
allow(Dir).to receive(:[]).with("#{rpm_directory}/**/*.rpm").and_return(rpms_not_to_sign)
|
90
|
-
allow(Pkg::Sign::Rpm).to receive(:
|
117
|
+
allow(Pkg::Sign::Rpm).to receive(:signed?)
|
91
118
|
expect(Pkg::Sign::Rpm).to_not receive(:legacy_sign)
|
92
119
|
expect(Pkg::Sign::Rpm).to_not receive(:sign)
|
93
120
|
Pkg::Sign::Rpm.sign_all(rpm_directory)
|
@@ -96,7 +123,7 @@ DOC
|
|
96
123
|
it 'does not sign already-signed rpms' do
|
97
124
|
allow(Dir).to receive(:[]).with("#{rpm_directory}/**/*.rpm").and_return(already_signed_rpms)
|
98
125
|
already_signed_rpms.each do |rpm|
|
99
|
-
allow(Pkg::Sign::Rpm).to receive(:
|
126
|
+
allow(Pkg::Sign::Rpm).to receive(:signed?).and_return(true)
|
100
127
|
end
|
101
128
|
expect(Pkg::Sign::Rpm).to_not receive(:legacy_sign)
|
102
129
|
expect(Pkg::Sign::Rpm).to_not receive(:sign)
|
@@ -106,9 +133,9 @@ DOC
|
|
106
133
|
it 'deletes and relinks rpms with the same basename' do
|
107
134
|
allow(Dir).to receive(:[]).with("#{rpm_directory}/**/*.rpm").and_return(noarch_rpms)
|
108
135
|
allow(Pkg::Sign::Rpm).to receive(:sign)
|
109
|
-
allow(Pkg::Sign::Rpm).to receive(:
|
110
|
-
expect(FileUtils).to receive(:rm).exactly(noarch_rpms.count/2).times
|
111
|
-
expect(FileUtils).to receive(:ln).exactly(noarch_rpms.count/2).times
|
136
|
+
allow(Pkg::Sign::Rpm).to receive(:signed?)
|
137
|
+
expect(FileUtils).to receive(:rm).exactly(noarch_rpms.count / 2).times
|
138
|
+
expect(FileUtils).to receive(:ln).exactly(noarch_rpms.count / 2).times
|
112
139
|
Pkg::Sign::Rpm.sign_all(rpm_directory)
|
113
140
|
end
|
114
141
|
|
@@ -52,7 +52,7 @@ describe '#Pkg::Util::Ship' do
|
|
52
52
|
pkg/sles/12/puppet6/x86_64/puppet-agent-6.19.0-1.sles12.x86_64.rpm
|
53
53
|
pkg/sles/15/puppet6/x86_64/puppet-agent-6.19.0-1.sles15.x86_64.rpm
|
54
54
|
pkg/apple/10.15/puppet6/x86_64/puppet-agent-6.19.0-1.osx10.15.dmg
|
55
|
-
pkg/fedora/
|
55
|
+
pkg/fedora/36/puppet6/x86_64/puppet-agent-6.19.0-1.fc32.x86_64.rpm
|
56
56
|
pkg/windows/puppet-agent-6.19.0-x64.msi
|
57
57
|
pkg/windows/puppet-agent-6.19.0-x86.msi
|
58
58
|
pkg/windowsfips/puppet-agent-6.19.0-x64.msi
|
@@ -71,7 +71,7 @@ describe '#Pkg::Util::Ship' do
|
|
71
71
|
pkg/puppet6/sles/12/x86_64/puppet-agent-6.19.0-1.sles12.x86_64.rpm
|
72
72
|
pkg/puppet6/sles/15/x86_64/puppet-agent-6.19.0-1.sles15.x86_64.rpm
|
73
73
|
pkg/mac/puppet6/10.15/x86_64/puppet-agent-6.19.0-1.osx10.15.dmg
|
74
|
-
pkg/puppet6/fedora/
|
74
|
+
pkg/puppet6/fedora/36/x86_64/puppet-agent-6.19.0-1.fc32.x86_64.rpm
|
75
75
|
pkg/windows/puppet6/puppet-agent-6.19.0-x64.msi
|
76
76
|
pkg/windows/puppet6/puppet-agent-6.19.0-x86.msi
|
77
77
|
pkg/windowsfips/puppet6/puppet-agent-6.19.0-x64.msi
|
data/tasks/ship.rake
CHANGED
@@ -239,73 +239,58 @@ namespace :pl do
|
|
239
239
|
end
|
240
240
|
|
241
241
|
##
|
242
|
-
## S3
|
242
|
+
## S3 syncing
|
243
243
|
S3_REPO_SYNC = 'sudo /usr/local/bin/s3_repo_sync.sh'
|
244
|
-
GCP_REPO_SYNC = '/usr/local/bin/gcp_repo_sync'
|
245
244
|
|
246
|
-
desc "Sync signed apt repos from #{Pkg::Config.apt_signing_server} to S3
|
245
|
+
desc "Sync signed apt repos from #{Pkg::Config.apt_signing_server} to S3"
|
247
246
|
task :deploy_apt_repo_to_s3 => 'pl:fetch' do
|
248
247
|
s3_sync_command = "#{S3_REPO_SYNC} apt.puppetlabs.com"
|
249
|
-
gcp_sync_command = "#{GCP_REPO_SYNC} apt.puppetlabs.com"
|
250
248
|
|
251
|
-
puts "Sync apt repos from #{Pkg::Config.apt_signing_server} to S3
|
249
|
+
puts "Sync apt repos from #{Pkg::Config.apt_signing_server} to S3? [y,n]"
|
252
250
|
next unless Pkg::Util.ask_yes_or_no
|
253
251
|
|
254
252
|
Pkg::Util::Execution.retry_on_fail(times: 3) do
|
255
253
|
Pkg::Util::Net.remote_execute(Pkg::Config.apt_signing_server, s3_sync_command)
|
256
254
|
end
|
257
|
-
|
258
|
-
Pkg::Util::Execution.retry_on_fail(times: 3) do
|
259
|
-
Pkg::Util::Net.remote_execute(Pkg::Config.apt_signing_server, gcp_sync_command)
|
260
|
-
end
|
261
255
|
end
|
262
256
|
|
263
|
-
desc "Sync signed yum repos from #{Pkg::Config.yum_staging_server} to S3
|
257
|
+
desc "Sync signed yum repos from #{Pkg::Config.yum_staging_server} to S3"
|
264
258
|
task :deploy_yum_repo_to_s3 => 'pl:fetch' do
|
265
259
|
s3_sync_command = "#{S3_REPO_SYNC} yum.puppetlabs.com"
|
266
|
-
|
267
|
-
puts "Sync yum repos from #{Pkg::Config.yum_staging_server} to S3
|
260
|
+
|
261
|
+
puts "Sync yum repos from #{Pkg::Config.yum_staging_server} to S3? [y,n]"
|
268
262
|
next unless Pkg::Util.ask_yes_or_no
|
269
|
-
Pkg::Util::Execution.retry_on_fail(times: 3) do
|
270
|
-
Pkg::Util::Net.remote_execute(Pkg::Config.yum_staging_server, s3_sync_command)
|
271
|
-
end
|
272
263
|
|
273
264
|
Pkg::Util::Execution.retry_on_fail(times: 3) do
|
274
|
-
Pkg::Util::Net.remote_execute(Pkg::Config.yum_staging_server,
|
265
|
+
Pkg::Util::Net.remote_execute(Pkg::Config.yum_staging_server, s3_sync_command)
|
275
266
|
end
|
276
267
|
end
|
277
268
|
|
278
|
-
desc "Sync downloads.puppetlabs.com from #{Pkg::Config.staging_server} to S3
|
269
|
+
desc "Sync downloads.puppetlabs.com from #{Pkg::Config.staging_server} to S3"
|
279
270
|
task :deploy_downloads_to_s3 => 'pl:fetch' do
|
280
271
|
s3_sync_command = "#{S3_REPO_SYNC} downloads.puppetlabs.com"
|
281
|
-
|
282
|
-
puts "Sync downloads.puppetlabs.com from #{Pkg::Config.staging_server} to S3
|
272
|
+
|
273
|
+
puts "Sync downloads.puppetlabs.com from #{Pkg::Config.staging_server} to S3? [y,n]"
|
283
274
|
next unless Pkg::Util.ask_yes_or_no
|
284
|
-
Pkg::Util::Execution.retry_on_fail(times: 3) do
|
285
|
-
Pkg::Util::Net.remote_execute(Pkg::Config.staging_server, s3_sync_command)
|
286
|
-
end
|
287
275
|
|
288
276
|
Pkg::Util::Execution.retry_on_fail(times: 3) do
|
289
|
-
Pkg::Util::Net.remote_execute(Pkg::Config.staging_server,
|
277
|
+
Pkg::Util::Net.remote_execute(Pkg::Config.staging_server, s3_sync_command)
|
290
278
|
end
|
291
279
|
end
|
292
280
|
|
293
|
-
desc "Sync nightlies.puppet.com from #{Pkg::Config.staging_server} to S3
|
281
|
+
desc "Sync nightlies.puppet.com from #{Pkg::Config.staging_server} to S3"
|
294
282
|
task :deploy_nightlies_to_s3 => 'pl:fetch' do
|
295
283
|
s3_sync_command = "#{S3_REPO_SYNC} nightlies.puppet.com"
|
296
|
-
gcp_sync_command = "#{S3_REPO_SYNC} nightlies.puppet.com"
|
297
|
-
puts "Syncing nightly builds from #{Pkg::Config.staging_server} to S3 and GCP"
|
298
|
-
Pkg::Util::Execution.retry_on_fail(times: 3) do
|
299
|
-
Pkg::Util::Net.remote_execute(Pkg::Config.staging_server, s3_sync_command)
|
300
|
-
end
|
301
284
|
|
285
|
+
puts "Syncing nightly builds from #{Pkg::Config.staging_server} to S3"
|
302
286
|
Pkg::Util::Execution.retry_on_fail(times: 3) do
|
303
|
-
Pkg::Util::Net.remote_execute(Pkg::Config.staging_server,
|
287
|
+
Pkg::Util::Net.remote_execute(Pkg::Config.staging_server, s3_sync_command)
|
304
288
|
end
|
305
289
|
end
|
306
290
|
|
307
291
|
desc "Sync signed apt repos from #{Pkg::Config.apt_signing_server} to Google Cloud Platform"
|
308
292
|
task :sync_apt_repo_to_gcp => 'pl:fetch' do
|
293
|
+
GCP_REPO_SYNC = '/usr/local/bin/gcp_repo_sync'
|
309
294
|
target_site = 'apt.repos.puppet.com'
|
310
295
|
sync_command_puppet_6 = "#{GCP_REPO_SYNC} #{target_site} puppet6"
|
311
296
|
sync_command_puppet_7 = "#{GCP_REPO_SYNC} #{target_site} puppet7"
|
metadata
CHANGED
@@ -1,43 +1,15 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: packaging
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.108.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Puppet Labs
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2023-01-04 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
|
-
- !ruby/object:Gem::Dependency
|
14
|
-
name: pry
|
15
|
-
requirement: !ruby/object:Gem::Requirement
|
16
|
-
requirements:
|
17
|
-
- - ">="
|
18
|
-
- !ruby/object:Gem::Version
|
19
|
-
version: '0'
|
20
|
-
type: :development
|
21
|
-
prerelease: false
|
22
|
-
version_requirements: !ruby/object:Gem::Requirement
|
23
|
-
requirements:
|
24
|
-
- - ">="
|
25
|
-
- !ruby/object:Gem::Version
|
26
|
-
version: '0'
|
27
|
-
- !ruby/object:Gem::Dependency
|
28
|
-
name: pry-byebug
|
29
|
-
requirement: !ruby/object:Gem::Requirement
|
30
|
-
requirements:
|
31
|
-
- - ">="
|
32
|
-
- !ruby/object:Gem::Version
|
33
|
-
version: '0'
|
34
|
-
type: :development
|
35
|
-
prerelease: false
|
36
|
-
version_requirements: !ruby/object:Gem::Requirement
|
37
|
-
requirements:
|
38
|
-
- - ">="
|
39
|
-
- !ruby/object:Gem::Version
|
40
|
-
version: '0'
|
41
13
|
- !ruby/object:Gem::Dependency
|
42
14
|
name: rspec
|
43
15
|
requirement: !ruby/object:Gem::Requirement
|
@@ -323,28 +295,28 @@ signing_key:
|
|
323
295
|
specification_version: 4
|
324
296
|
summary: Puppet Labs' packaging automation
|
325
297
|
test_files:
|
326
|
-
- spec/lib/
|
327
|
-
- spec/lib/packaging/
|
298
|
+
- spec/lib/packaging_spec.rb
|
299
|
+
- spec/lib/packaging/sign_spec.rb
|
328
300
|
- spec/lib/packaging/artifactory_spec.rb
|
329
|
-
- spec/lib/packaging/
|
301
|
+
- spec/lib/packaging/retrieve_spec.rb
|
330
302
|
- spec/lib/packaging/config_spec.rb
|
303
|
+
- spec/lib/packaging/rpm/repo_spec.rb
|
331
304
|
- spec/lib/packaging/deb_spec.rb
|
332
|
-
- spec/lib/packaging/deb/repo_spec.rb
|
333
305
|
- spec/lib/packaging/repo_spec.rb
|
334
|
-
- spec/lib/packaging/
|
335
|
-
- spec/lib/packaging/
|
306
|
+
- spec/lib/packaging/gem_spec.rb
|
307
|
+
- spec/lib/packaging/deb/repo_spec.rb
|
308
|
+
- spec/lib/packaging/tar_spec.rb
|
336
309
|
- spec/lib/packaging/paths_spec.rb
|
337
|
-
- spec/lib/packaging/
|
338
|
-
- spec/lib/packaging/util/os_spec.rb
|
310
|
+
- spec/lib/packaging/platforms_spec.rb
|
339
311
|
- spec/lib/packaging/util/jenkins_spec.rb
|
340
|
-
- spec/lib/packaging/util/gpg_spec.rb
|
341
|
-
- spec/lib/packaging/util/net_spec.rb
|
342
312
|
- spec/lib/packaging/util/ship_spec.rb
|
313
|
+
- spec/lib/packaging/util/version_spec.rb
|
314
|
+
- spec/lib/packaging/util/os_spec.rb
|
315
|
+
- spec/lib/packaging/util/git_tag_spec.rb
|
343
316
|
- spec/lib/packaging/util/rake_utils_spec.rb
|
344
|
-
- spec/lib/packaging/util/
|
345
|
-
- spec/lib/packaging/util/misc_spec.rb
|
317
|
+
- spec/lib/packaging/util/gpg_spec.rb
|
346
318
|
- spec/lib/packaging/util/file_spec.rb
|
319
|
+
- spec/lib/packaging/util/net_spec.rb
|
320
|
+
- spec/lib/packaging/util/misc_spec.rb
|
321
|
+
- spec/lib/packaging/util/execution_spec.rb
|
347
322
|
- spec/lib/packaging/util/git_spec.rb
|
348
|
-
- spec/lib/packaging/util/version_spec.rb
|
349
|
-
- spec/lib/packaging/rpm/repo_spec.rb
|
350
|
-
- spec/lib/packaging_spec.rb
|