packaging 0.99.75 → 0.99.79
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/lib/packaging/archive.rb +6 -6
- data/lib/packaging/artifactory.rb +0 -2
- data/lib/packaging/config.rb +31 -1
- data/lib/packaging/config/params.rb +12 -0
- data/lib/packaging/config/validations.rb +13 -0
- data/lib/packaging/deb/repo.rb +5 -5
- data/lib/packaging/paths.rb +2 -1
- data/lib/packaging/platforms.rb +22 -35
- data/lib/packaging/repo.rb +9 -3
- data/lib/packaging/rpm/repo.rb +4 -4
- data/lib/packaging/sign/dmg.rb +68 -30
- data/lib/packaging/sign/ips.rb +8 -8
- data/lib/packaging/sign/msi.rb +9 -6
- data/lib/packaging/util/net.rb +53 -31
- data/lib/packaging/util/ship.rb +4 -4
- data/spec/lib/packaging/artifactory_spec.rb +11 -11
- data/spec/lib/packaging/config_spec.rb +14 -15
- data/spec/lib/packaging/deb/repo_spec.rb +3 -3
- data/spec/lib/packaging/paths_spec.rb +8 -2
- data/spec/lib/packaging/platforms_spec.rb +15 -15
- data/spec/lib/packaging/repo_spec.rb +1 -1
- data/spec/lib/packaging/retrieve_spec.rb +4 -3
- data/spec/lib/packaging/rpm/repo_spec.rb +3 -3
- data/spec/lib/packaging/sign_spec.rb +0 -2
- data/spec/lib/packaging/util/git_tag_spec.rb +1 -1
- data/spec/lib/packaging/util/net_spec.rb +22 -9
- data/spec/lib/packaging/util/ship_spec.rb +2 -2
- data/tasks/archive.rake +3 -4
- data/tasks/config.rake +5 -0
- data/tasks/education.rake +5 -5
- data/tasks/fetch.rake +17 -14
- data/tasks/gem.rake +17 -26
- data/tasks/nightly_repos.rake +9 -9
- data/tasks/pe_ship.rake +11 -19
- data/tasks/ship.rake +46 -46
- data/tasks/sign.rake +3 -3
- metadata +17 -16
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ffbdc37d8e8208db94c8f3ac323ca856d173099795d58c3406b28c06ed04b4a9
|
|
4
|
+
data.tar.gz: 6a261865330a3b86e8795cc3ad586552b744c41e8ce277ce5b7b1595af12bdb5
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 512c7f42a929636c35b01bc50da52dc2e7f9c6387405cf0c4928115aa4b9bfb70e19510da8112fe121022938a89c16c89ba76c3f9142b9b867d1c9a3b28401e4
|
|
7
|
+
data.tar.gz: b55a3806f0f0026be2819f336ffdc5fb6d7641c9f06b6337e7b5e3e81c11766cd95ca2779b1de5dfd31d52fc1193d603b345c5077d6afc4e9d326bf0d486e999
|
data/README.md
CHANGED
|
@@ -404,7 +404,7 @@ deb_build_mirrors:
|
|
|
404
404
|
# Who is packaging. Turns up in various packaging artifacts
|
|
405
405
|
packager: 'puppetlabs'
|
|
406
406
|
# GPG key ID of the signer
|
|
407
|
-
gpg_key: '
|
|
407
|
+
gpg_key: '4528B6CD9E61EF26'
|
|
408
408
|
# Whether to require tarball signing as a prerequisite of other package building
|
|
409
409
|
sign_tar: false
|
|
410
410
|
# a space separated list of mock configs. These are the rpm distributions to package for. If a noarch package, only one arch of each is needed.
|
data/lib/packaging/archive.rb
CHANGED
|
@@ -33,7 +33,7 @@ module Pkg::Archive
|
|
|
33
33
|
sudo chmod g+w -R #{Pkg::Config.yum_archive_path}
|
|
34
34
|
mv #{full_directory} #{archive_path}
|
|
35
35
|
CMD
|
|
36
|
-
Pkg::Util::Net.
|
|
36
|
+
Pkg::Util::Net.remote_execute(Pkg::Config.staging_server, command)
|
|
37
37
|
end
|
|
38
38
|
|
|
39
39
|
# Move directories from freight path (aka repo staging path) to archive staging paths
|
|
@@ -60,7 +60,7 @@ module Pkg::Archive
|
|
|
60
60
|
mv $pool_directory /opt/tmp-apt
|
|
61
61
|
done
|
|
62
62
|
CMD
|
|
63
|
-
Pkg::Util::Net.
|
|
63
|
+
Pkg::Util::Net.remote_execute(Pkg::Config.staging_server, command)
|
|
64
64
|
end
|
|
65
65
|
|
|
66
66
|
# Move downloads directories to archive staging path
|
|
@@ -85,7 +85,7 @@ module Pkg::Archive
|
|
|
85
85
|
sudo chmod g+w -R #{Pkg::Config.downloads_archive_path}
|
|
86
86
|
mv #{full_directory} #{archive_path}
|
|
87
87
|
CMD
|
|
88
|
-
Pkg::Util::Net.
|
|
88
|
+
Pkg::Util::Net.remote_execute(Pkg::Config.staging_server, command)
|
|
89
89
|
end
|
|
90
90
|
|
|
91
91
|
# Delete empty directories from repo paths on weth
|
|
@@ -104,7 +104,7 @@ module Pkg::Archive
|
|
|
104
104
|
fi
|
|
105
105
|
done
|
|
106
106
|
CMD
|
|
107
|
-
Pkg::Util::Net.
|
|
107
|
+
Pkg::Util::Net.remote_execute(Pkg::Config.staging_server, command)
|
|
108
108
|
end
|
|
109
109
|
end
|
|
110
110
|
|
|
@@ -112,7 +112,7 @@ module Pkg::Archive
|
|
|
112
112
|
def remove_dead_symlinks
|
|
113
113
|
base_paths.each do |path|
|
|
114
114
|
command = "find #{path} -xtype l -delete"
|
|
115
|
-
Pkg::Util::Net.
|
|
115
|
+
Pkg::Util::Net.remote_execute(Pkg::Config.staging_server, command)
|
|
116
116
|
end
|
|
117
117
|
end
|
|
118
118
|
|
|
@@ -120,7 +120,7 @@ module Pkg::Archive
|
|
|
120
120
|
def delete_staged_archives
|
|
121
121
|
archive_paths.each do |archive_path|
|
|
122
122
|
command = "sudo rm -rf #{File.join(archive_path, '*')}"
|
|
123
|
-
Pkg::Util::Net.
|
|
123
|
+
Pkg::Util::Net.remote_execute(Pkg::Config.staging_server, command)
|
|
124
124
|
end
|
|
125
125
|
end
|
|
126
126
|
end
|
|
@@ -224,8 +224,6 @@ module Pkg
|
|
|
224
224
|
deploy_properties(platform_tag, File.basename(package)),
|
|
225
225
|
headers
|
|
226
226
|
)
|
|
227
|
-
rescue
|
|
228
|
-
raise "Attempt to upload '#{package}' to #{File.join(@artifactory_uri, data[:full_artifactory_path])} failed"
|
|
229
227
|
end
|
|
230
228
|
|
|
231
229
|
# @param pkg [String] The package to download YAML for
|
data/lib/packaging/config.rb
CHANGED
|
@@ -6,6 +6,7 @@ module Pkg
|
|
|
6
6
|
#
|
|
7
7
|
class Config
|
|
8
8
|
require 'packaging/config/params.rb'
|
|
9
|
+
require 'packaging/config/validations.rb'
|
|
9
10
|
require 'yaml'
|
|
10
11
|
|
|
11
12
|
class << self
|
|
@@ -80,7 +81,11 @@ module Pkg
|
|
|
80
81
|
dir = "/opt/jenkins-builds/#{self.project}/#{self.ref}"
|
|
81
82
|
cmd = "if [ -s \"#{dir}/artifacts\" ]; then cd #{dir};"\
|
|
82
83
|
"find ./artifacts/ -mindepth 2 -type f; fi"
|
|
83
|
-
artifacts, _ = Pkg::Util::Net.
|
|
84
|
+
artifacts, _ = Pkg::Util::Net.remote_execute(
|
|
85
|
+
self.builds_server,
|
|
86
|
+
cmd,
|
|
87
|
+
{ capture_output: true }
|
|
88
|
+
)
|
|
84
89
|
|
|
85
90
|
artifacts = artifacts.split("\n")
|
|
86
91
|
data = {}
|
|
@@ -389,6 +394,31 @@ module Pkg
|
|
|
389
394
|
end
|
|
390
395
|
end
|
|
391
396
|
|
|
397
|
+
##
|
|
398
|
+
# Ask for validation of BUILD_PARAMS
|
|
399
|
+
#
|
|
400
|
+
# Issued as warnings initially but the intent is to turn this into
|
|
401
|
+
# a failure.
|
|
402
|
+
#
|
|
403
|
+
def perform_validations
|
|
404
|
+
error_count = 0
|
|
405
|
+
Pkg::Params::VALIDATIONS.each do |v|
|
|
406
|
+
variable_name = v[:var]
|
|
407
|
+
variable_value = self.instance_variable_get("@#{v[:var]}")
|
|
408
|
+
validations = v[:validations]
|
|
409
|
+
validations.each do |validation|
|
|
410
|
+
unless Pkg::ConfigValidations.send(validation, variable_value)
|
|
411
|
+
warn "Warning: variable \"#{variable_name}\" failed validation \"#{validation}\""
|
|
412
|
+
error_count += 1
|
|
413
|
+
end
|
|
414
|
+
end
|
|
415
|
+
end
|
|
416
|
+
|
|
417
|
+
if error_count != 0
|
|
418
|
+
warn "Warning: #{error_count} validation failure(s)."
|
|
419
|
+
end
|
|
420
|
+
end
|
|
421
|
+
|
|
392
422
|
def string_to_array(str)
|
|
393
423
|
delimiters = /[,\s;]/
|
|
394
424
|
return str if str.respond_to?('each')
|
|
@@ -65,6 +65,7 @@ module Pkg::Params
|
|
|
65
65
|
:gem_files,
|
|
66
66
|
:gem_forge_project,
|
|
67
67
|
:gem_host,
|
|
68
|
+
:gem_license,
|
|
68
69
|
:gem_name,
|
|
69
70
|
:gem_path,
|
|
70
71
|
:gem_platform_dependencies,
|
|
@@ -363,6 +364,7 @@ module Pkg::Params
|
|
|
363
364
|
{ :oldvar => :yum_host, :newvar => :tar_host },
|
|
364
365
|
]
|
|
365
366
|
|
|
367
|
+
|
|
366
368
|
# These are variables that we have deprecated. If they are encountered in a
|
|
367
369
|
# project's config, we issue deprecations for them.
|
|
368
370
|
#
|
|
@@ -373,4 +375,14 @@ module Pkg::Params
|
|
|
373
375
|
{ :var => :gpg_name, :message => "
|
|
374
376
|
DEPRECATED, 29-Jul-2014: 'gpg_name' has been replaced with 'gpg_key'.
|
|
375
377
|
Please update this field in your build_defaults.yaml" }]
|
|
378
|
+
|
|
379
|
+
# Provide an open-ended template for validating BUILD_PARAMS.
|
|
380
|
+
#
|
|
381
|
+
# Each validatation contains the variable name as ':var' and a list of validations it
|
|
382
|
+
# must pass from the Pkg::Params::Validations class.
|
|
383
|
+
#
|
|
384
|
+
VALIDATIONS = [
|
|
385
|
+
{ :var => :project, :validations => [:not_empty?] }
|
|
386
|
+
]
|
|
387
|
+
|
|
376
388
|
end
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
module Pkg
|
|
2
|
+
class ConfigValidations
|
|
3
|
+
|
|
4
|
+
class << self
|
|
5
|
+
|
|
6
|
+
# As a validation, this one is kindof lame but is intended as a seed pattern for possibly
|
|
7
|
+
# more robust ones.
|
|
8
|
+
def not_empty?(value)
|
|
9
|
+
value.to_s.empty? ? false : true
|
|
10
|
+
end
|
|
11
|
+
end
|
|
12
|
+
end
|
|
13
|
+
end
|
data/lib/packaging/deb/repo.rb
CHANGED
|
@@ -125,7 +125,7 @@ Description: Apt repository for acceptance testing" >> conf/distributions ; )
|
|
|
125
125
|
command = repo_creation_command(File.join(artifact_directory, 'repos'), artifact_paths)
|
|
126
126
|
|
|
127
127
|
begin
|
|
128
|
-
Pkg::Util::Net.
|
|
128
|
+
Pkg::Util::Net.remote_execute(Pkg::Config.distribution_server, command)
|
|
129
129
|
# Now that we've created our package repositories, we can generate repo
|
|
130
130
|
# configurations for use with downstream jobs, acceptance clients, etc.
|
|
131
131
|
Pkg::Deb::Repo.generate_repo_configs
|
|
@@ -134,7 +134,7 @@ Description: Apt repository for acceptance testing" >> conf/distributions ; )
|
|
|
134
134
|
Pkg::Deb::Repo.ship_repo_configs
|
|
135
135
|
ensure
|
|
136
136
|
# Always remove the lock file, even if we've failed
|
|
137
|
-
Pkg::Util::Net.
|
|
137
|
+
Pkg::Util::Net.remote_execute(Pkg::Config.distribution_server, "rm -f #{artifact_directory}/repos/.lock")
|
|
138
138
|
end
|
|
139
139
|
end
|
|
140
140
|
|
|
@@ -146,7 +146,7 @@ Description: Apt repository for acceptance testing" >> conf/distributions ; )
|
|
|
146
146
|
|
|
147
147
|
Pkg::Util::RakeUtils.invoke_task("pl:fetch")
|
|
148
148
|
repo_dir = "#{Pkg::Config.jenkins_repo_path}/#{Pkg::Config.project}/#{Pkg::Config.ref}/#{target}/deb"
|
|
149
|
-
Pkg::Util::Net.
|
|
149
|
+
Pkg::Util::Net.remote_execute(Pkg::Config.distribution_server, "mkdir -p #{repo_dir}")
|
|
150
150
|
Pkg::Util::Execution.retry_on_fail(:times => 3) do
|
|
151
151
|
Pkg::Util::Net.rsync_to("pkg/#{target}/deb/", Pkg::Config.distribution_server, repo_dir)
|
|
152
152
|
end
|
|
@@ -252,11 +252,11 @@ SignWith: #{Pkg::Config.gpg_key}"
|
|
|
252
252
|
rsync_command = repo_deployment_command(apt_path, destination_staging_path, destination_server, dryrun)
|
|
253
253
|
cp_command = repo_deployment_command(destination_staging_path, apt_path, nil, dryrun)
|
|
254
254
|
|
|
255
|
-
Pkg::Util::Net.
|
|
255
|
+
Pkg::Util::Net.remote_execute(origin_server, rsync_command)
|
|
256
256
|
if dryrun
|
|
257
257
|
puts "[DRYRUN] not executing #{cp_command} on #{destination_server}"
|
|
258
258
|
else
|
|
259
|
-
Pkg::Util::Net.
|
|
259
|
+
Pkg::Util::Net.remote_execute(destination_server, cp_command)
|
|
260
260
|
end
|
|
261
261
|
end
|
|
262
262
|
|
data/lib/packaging/paths.rb
CHANGED
|
@@ -322,7 +322,8 @@ module Pkg::Paths
|
|
|
322
322
|
if %w(puppet7 puppet7-nightly
|
|
323
323
|
puppet6 puppet6-nightly
|
|
324
324
|
puppet5 puppet5-nightly
|
|
325
|
-
puppet
|
|
325
|
+
puppet puppet-nightly
|
|
326
|
+
puppet-tools).include? repo_name
|
|
326
327
|
return File.join(remote_repo_path, 'pool', code_name, repo_name, project[0], project)
|
|
327
328
|
end
|
|
328
329
|
|
data/lib/packaging/platforms.rb
CHANGED
|
@@ -12,13 +12,6 @@ module Pkg
|
|
|
12
12
|
# Each element in this hash
|
|
13
13
|
PLATFORM_INFO = {
|
|
14
14
|
'aix' => {
|
|
15
|
-
'6.1' => {
|
|
16
|
-
architectures: ['power'],
|
|
17
|
-
source_architecture: 'SRPMS',
|
|
18
|
-
package_format: 'rpm',
|
|
19
|
-
source_package_formats: ['src.rpm'],
|
|
20
|
-
repo: false,
|
|
21
|
-
},
|
|
22
15
|
'7.1' => {
|
|
23
16
|
architectures: ['power'],
|
|
24
17
|
source_architecture: 'SRPMS',
|
|
@@ -28,25 +21,6 @@ module Pkg
|
|
|
28
21
|
},
|
|
29
22
|
},
|
|
30
23
|
|
|
31
|
-
'cisco-wrlinux' => {
|
|
32
|
-
'5' => {
|
|
33
|
-
architectures: ['x86_64'],
|
|
34
|
-
source_architecture: 'SRPMS',
|
|
35
|
-
package_format: 'rpm',
|
|
36
|
-
source_package_formats: ['src.rpm'],
|
|
37
|
-
signature_format: 'v4',
|
|
38
|
-
repo: true,
|
|
39
|
-
},
|
|
40
|
-
'7' => {
|
|
41
|
-
architectures: ['x86_64'],
|
|
42
|
-
source_architecture: 'SRPMS',
|
|
43
|
-
package_format: 'rpm',
|
|
44
|
-
source_package_formats: ['src.rpm'],
|
|
45
|
-
signature_format: 'v4',
|
|
46
|
-
repo: true,
|
|
47
|
-
},
|
|
48
|
-
},
|
|
49
|
-
|
|
50
24
|
'debian' => {
|
|
51
25
|
'8' => {
|
|
52
26
|
codename: 'jessie',
|
|
@@ -72,6 +46,14 @@ module Pkg
|
|
|
72
46
|
source_package_formats: DEBIAN_SOURCE_FORMATS,
|
|
73
47
|
repo: true,
|
|
74
48
|
},
|
|
49
|
+
'11' => {
|
|
50
|
+
codename: 'bullseye',
|
|
51
|
+
architectures: ['amd64'],
|
|
52
|
+
source_architecture: 'source',
|
|
53
|
+
package_format: 'deb',
|
|
54
|
+
source_package_formats: DEBIAN_SOURCE_FORMATS,
|
|
55
|
+
repo: true,
|
|
56
|
+
},
|
|
75
57
|
},
|
|
76
58
|
|
|
77
59
|
'el' => {
|
|
@@ -100,7 +82,7 @@ module Pkg
|
|
|
100
82
|
repo: true,
|
|
101
83
|
},
|
|
102
84
|
'8' => {
|
|
103
|
-
architectures: ['x86_64', 'aarch64'],
|
|
85
|
+
architectures: ['x86_64', 'ppc64le', 'aarch64'],
|
|
104
86
|
source_architecture: 'SRPMS',
|
|
105
87
|
package_format: 'rpm',
|
|
106
88
|
source_package_formats: ['src.rpm'],
|
|
@@ -109,14 +91,6 @@ module Pkg
|
|
|
109
91
|
}
|
|
110
92
|
},
|
|
111
93
|
|
|
112
|
-
'eos' => {
|
|
113
|
-
'4' => {
|
|
114
|
-
architectures: ['i386'],
|
|
115
|
-
package_format: 'swix',
|
|
116
|
-
repo: false,
|
|
117
|
-
},
|
|
118
|
-
},
|
|
119
|
-
|
|
120
94
|
'fedora' => {
|
|
121
95
|
'30' => {
|
|
122
96
|
architectures: ['x86_64'],
|
|
@@ -142,6 +116,14 @@ module Pkg
|
|
|
142
116
|
signature_format: 'v4',
|
|
143
117
|
repo: true,
|
|
144
118
|
},
|
|
119
|
+
'34' => {
|
|
120
|
+
architectures: ['x86_64'],
|
|
121
|
+
source_architecture: 'SRPMS',
|
|
122
|
+
package_format: 'rpm',
|
|
123
|
+
source_package_formats: ['src.rpm'],
|
|
124
|
+
signature_format: 'v4',
|
|
125
|
+
repo: true,
|
|
126
|
+
},
|
|
145
127
|
},
|
|
146
128
|
|
|
147
129
|
'osx' => {
|
|
@@ -160,6 +142,11 @@ module Pkg
|
|
|
160
142
|
package_format: 'dmg',
|
|
161
143
|
repo: false,
|
|
162
144
|
},
|
|
145
|
+
'11' => {
|
|
146
|
+
architectures: ['x86_64', 'arm64'],
|
|
147
|
+
package_format: 'dmg',
|
|
148
|
+
repo: false,
|
|
149
|
+
},
|
|
163
150
|
},
|
|
164
151
|
|
|
165
152
|
'redhatfips' => {
|
data/lib/packaging/repo.rb
CHANGED
|
@@ -110,7 +110,11 @@ module Pkg::Repo
|
|
|
110
110
|
cmd = "[ -d #{artifact_directory} ] || exit 1 ; "
|
|
111
111
|
cmd << "pushd #{artifact_directory} > /dev/null && "
|
|
112
112
|
cmd << "find . -name '*.#{pkg_ext}' -print0 | xargs --no-run-if-empty -0 -I {} dirname {} "
|
|
113
|
-
stdout,
|
|
113
|
+
stdout, _ = Pkg::Util::Net.remote_execute(
|
|
114
|
+
Pkg::Config.distribution_server,
|
|
115
|
+
cmd,
|
|
116
|
+
{ capture_output: true }
|
|
117
|
+
)
|
|
114
118
|
return stdout.split
|
|
115
119
|
rescue => e
|
|
116
120
|
fail "Error: Could not retrieve directories that contain #{pkg_ext} packages in #{Pkg::Config.distribution_server}:#{artifact_directory}"
|
|
@@ -120,7 +124,7 @@ module Pkg::Repo
|
|
|
120
124
|
cmd = "[ -d #{artifact_parent_directory}/artifacts ] || exit 1 ; "
|
|
121
125
|
cmd << "pushd #{artifact_parent_directory} > /dev/null && "
|
|
122
126
|
cmd << 'rsync --archive --verbose --one-file-system --ignore-existing artifacts/ repos/ '
|
|
123
|
-
Pkg::Util::Net.
|
|
127
|
+
Pkg::Util::Net.remote_execute(Pkg::Config.distribution_server, cmd)
|
|
124
128
|
rescue => e
|
|
125
129
|
fail "Error: Could not populate repos directory in #{Pkg::Config.distribution_server}:#{artifact_parent_directory}"
|
|
126
130
|
end
|
|
@@ -143,7 +147,9 @@ module Pkg::Repo
|
|
|
143
147
|
__APT_PLATFORMS__: Pkg::Config.apt_releases.join(' '),
|
|
144
148
|
__GPG_KEY__: Pkg::Util::Gpg.key
|
|
145
149
|
}
|
|
146
|
-
Pkg::Util::Net.
|
|
150
|
+
Pkg::Util::Net.remote_execute(
|
|
151
|
+
remote_host,
|
|
152
|
+
Pkg::Util::Misc.search_and_replace(command, whitelist))
|
|
147
153
|
end
|
|
148
154
|
end
|
|
149
155
|
end
|
data/lib/packaging/rpm/repo.rb
CHANGED
|
@@ -16,7 +16,7 @@ module Pkg::Rpm::Repo
|
|
|
16
16
|
|
|
17
17
|
Pkg::Util::RakeUtils.invoke_task("pl:fetch")
|
|
18
18
|
repo_dir = "#{Pkg::Config.jenkins_repo_path}/#{Pkg::Config.project}/#{Pkg::Config.ref}/#{target}/rpm"
|
|
19
|
-
Pkg::Util::Net.
|
|
19
|
+
Pkg::Util::Net.remote_execute(Pkg::Config.distribution_server, "mkdir -p #{repo_dir}")
|
|
20
20
|
Pkg::Util::Execution.retry_on_fail(:times => 3) do
|
|
21
21
|
Pkg::Util::Net.rsync_to("pkg/#{target}/rpm/", Pkg::Config.distribution_server, repo_dir)
|
|
22
22
|
end
|
|
@@ -215,7 +215,7 @@ module Pkg::Rpm::Repo
|
|
|
215
215
|
command = Pkg::Rpm::Repo.repo_creation_command(File.join(artifact_directory, directory), artifact_paths)
|
|
216
216
|
|
|
217
217
|
begin
|
|
218
|
-
Pkg::Util::Net.
|
|
218
|
+
Pkg::Util::Net.remote_execute(Pkg::Config.distribution_server, command)
|
|
219
219
|
# Now that we've created our package repositories, we can generate repo
|
|
220
220
|
# configurations for use with downstream jobs, acceptance clients, etc.
|
|
221
221
|
Pkg::Rpm::Repo.generate_repo_configs
|
|
@@ -224,7 +224,7 @@ module Pkg::Rpm::Repo
|
|
|
224
224
|
Pkg::Rpm::Repo.ship_repo_configs
|
|
225
225
|
ensure
|
|
226
226
|
# Always remove the lock file, even if we've failed
|
|
227
|
-
Pkg::Util::Net.
|
|
227
|
+
Pkg::Util::Net.remote_execute(Pkg::Config.distribution_server, "rm -f #{artifact_directory}/repos/.lock")
|
|
228
228
|
end
|
|
229
229
|
end
|
|
230
230
|
|
|
@@ -248,7 +248,7 @@ module Pkg::Rpm::Repo
|
|
|
248
248
|
def deploy_repos(yum_path, origin_server, destination_server, dryrun = false)
|
|
249
249
|
rsync_command = repo_deployment_command(yum_path, yum_path, destination_server, dryrun)
|
|
250
250
|
|
|
251
|
-
Pkg::Util::Net.
|
|
251
|
+
Pkg::Util::Net.remote_execute(origin_server, rsync_command)
|
|
252
252
|
end
|
|
253
253
|
end
|
|
254
254
|
end
|
data/lib/packaging/sign/dmg.rb
CHANGED
|
@@ -1,41 +1,79 @@
|
|
|
1
1
|
module Pkg::Sign::Dmg
|
|
2
2
|
module_function
|
|
3
3
|
|
|
4
|
-
def sign(
|
|
5
|
-
use_identity =
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
host_string = "#{Pkg::Config.osx_signing_server}"
|
|
9
|
-
else
|
|
10
|
-
host_string = "#{ENV['USER']}@#{Pkg::Config.osx_signing_server}"
|
|
4
|
+
def sign(pkg_directory = 'pkg')
|
|
5
|
+
use_identity = ''
|
|
6
|
+
unless Pkg::Config.osx_signing_ssh_key.nil?
|
|
7
|
+
use_identity = "-i #{Pkg::Config.osx_signing_ssh_key}"
|
|
11
8
|
end
|
|
9
|
+
|
|
10
|
+
host_string = "#{ENV['USER']}@#{Pkg::Config.osx_signing_server}"
|
|
11
|
+
host_string = "#{Pkg::Config.osx_signing_server}" if Pkg::Config.osx_signing_server =~ /@/
|
|
12
|
+
|
|
12
13
|
ssh_host_string = "#{use_identity} #{host_string}"
|
|
13
14
|
rsync_host_string = "-e 'ssh #{use_identity}' #{host_string}"
|
|
15
|
+
archs = Dir.glob("#{pkg_directory}/{apple,mac,osx}/**/{x86_64,arm64}").map { |el| el.split('/').last }
|
|
16
|
+
|
|
17
|
+
if archs.empty?
|
|
18
|
+
$stderr.puts "Error: no architectures found in #{pkg_directory}/{apple,mac,osx}"
|
|
19
|
+
exit 1
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
archs.each do |arch|
|
|
23
|
+
remote_working_directory = "/tmp/#{Pkg::Util.rand_string}/#{arch}"
|
|
24
|
+
dmg_mount_point = File.join(remote_working_directory, "mount")
|
|
25
|
+
signed_items_directory = File.join(remote_working_directory, "signed")
|
|
26
|
+
|
|
27
|
+
dmgs = Dir.glob("#{pkg_directory}/{apple,mac,osx}/**/#{arch}/*.dmg")
|
|
28
|
+
if dmgs.empty?
|
|
29
|
+
$stderr.puts "Error: no dmgs found in #{pkg_directory}/{apple,mac,osx} for #{arch} architecture."
|
|
30
|
+
exit 1
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
dmg_basenames = dmgs.map { |d| File.basename(d, '.dmg') }.join(' ')
|
|
34
|
+
|
|
35
|
+
sign_package_command = %W[
|
|
36
|
+
for dmg in #{dmg_basenames}; do
|
|
37
|
+
/usr/bin/hdiutil attach #{remote_working_directory}/$dmg.dmg
|
|
38
|
+
-mountpoint #{dmg_mount_point} -nobrowse -quiet ;
|
|
14
39
|
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
40
|
+
/usr/bin/security -q unlock-keychain
|
|
41
|
+
-p "#{Pkg::Config.osx_signing_keychain_pw}" "#{Pkg::Config.osx_signing_keychain}" ;
|
|
42
|
+
|
|
43
|
+
for pkg in #{dmg_mount_point}/*.pkg; do
|
|
44
|
+
pkg_basename=$(basename $pkg) ;
|
|
45
|
+
if /usr/sbin/pkgutil --check-signature $pkg ; then
|
|
46
|
+
echo "Warning: $pkg is already signed, skipping" ;
|
|
47
|
+
cp $pkg #{signed_items_directory}/$pkg_basename ;
|
|
48
|
+
continue ;
|
|
49
|
+
fi ;
|
|
50
|
+
|
|
51
|
+
/usr/bin/productsign --keychain "#{Pkg::Config.osx_signing_keychain}"
|
|
52
|
+
--sign "#{Pkg::Config.osx_signing_cert}"
|
|
53
|
+
$pkg #{signed_items_directory}/$pkg_basename ;
|
|
54
|
+
done ;
|
|
55
|
+
|
|
56
|
+
/usr/bin/hdiutil detach #{dmg_mount_point} -quiet ;
|
|
57
|
+
/bin/rm #{remote_working_directory}/$dmg.dmg ;
|
|
58
|
+
/usr/bin/hdiutil create -volname $dmg
|
|
59
|
+
-srcfolder #{signed_items_directory}/ #{remote_working_directory}/$dmg.dmg ;
|
|
60
|
+
/bin/rm #{signed_items_directory}/* ;
|
|
31
61
|
done
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
Pkg::Util::Net.
|
|
62
|
+
].join(' ')
|
|
63
|
+
|
|
64
|
+
Pkg::Util::Net.remote_execute(ssh_host_string,
|
|
65
|
+
"mkdir -p #{dmg_mount_point} #{signed_items_directory}")
|
|
66
|
+
|
|
67
|
+
Pkg::Util::Net.rsync_to(dmgs.join(' '), rsync_host_string, remote_working_directory)
|
|
68
|
+
|
|
69
|
+
Pkg::Util::Net.remote_execute(ssh_host_string, sign_package_command)
|
|
70
|
+
|
|
71
|
+
dmgs.each do |dmg|
|
|
72
|
+
Pkg::Util::Net.rsync_from(
|
|
73
|
+
"#{remote_working_directory}/#{File.basename(dmg)}", rsync_host_string, File.dirname(dmg))
|
|
74
|
+
end
|
|
75
|
+
|
|
76
|
+
Pkg::Util::Net.remote_execute(ssh_host_string, "rm -rf '#{remote_working_directory}'")
|
|
38
77
|
end
|
|
39
|
-
Pkg::Util::Net.remote_ssh_cmd(ssh_host_string, "if [ -d '#{work_dir}' ]; then rm -rf '#{work_dir}'; fi")
|
|
40
78
|
end
|
|
41
79
|
end
|