packaging 0.107.0 → 0.107.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/packaging/platforms.rb +8 -0
- data/lib/packaging/sign/rpm.rb +30 -2
- data/tasks/jenkins.rake +8 -0
- metadata +16 -16
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 26256ba67865f30df015a2bb0e52865c2cbc0962f2048ed468f717a115a273c8
|
|
4
|
+
data.tar.gz: fb1552330cbfb4e3d7bbfd0bbcfb246513d4a5b78a6e34839b90b265a90b0a7b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 521387bdf33b936af8242142f115e50c14343cf842e1d28005c39cc691f1449e241b3344758e40a4f1bdc1dbe161f726e9b0f0c02f50e36c0e8e0e1dffcdef71
|
|
7
|
+
data.tar.gz: 186692c9b584fbd87c989376dce126bd6f4f549756cf90b3cf1e78a171eea9c4c7ddc4cf95fa0c76bb8e54a2ab182e293f238fdd3df84a1fdfa3a375d94a39bc
|
data/lib/packaging/platforms.rb
CHANGED
|
@@ -99,6 +99,14 @@ module Pkg
|
|
|
99
99
|
signature_format: 'v4',
|
|
100
100
|
repo: true,
|
|
101
101
|
},
|
|
102
|
+
'36' => {
|
|
103
|
+
architectures: ['x86_64'],
|
|
104
|
+
source_architecture: 'SRPMS',
|
|
105
|
+
package_format: 'rpm',
|
|
106
|
+
source_package_formats: ['src.rpm'],
|
|
107
|
+
signature_format: 'v4',
|
|
108
|
+
repo: true,
|
|
109
|
+
},
|
|
102
110
|
},
|
|
103
111
|
|
|
104
112
|
'osx' => {
|
data/lib/packaging/sign/rpm.rb
CHANGED
|
@@ -5,7 +5,7 @@ module Pkg::Sign::Rpm
|
|
|
5
5
|
# To enable support for wrappers around rpm and thus support for gpg-agent
|
|
6
6
|
# rpm signing, we have to be able to tell the packaging repo what binary to
|
|
7
7
|
# use as the rpm signing tool.
|
|
8
|
-
|
|
8
|
+
rpm_executable = ENV['RPM'] || Pkg::Util::Tool.find_tool('rpm')
|
|
9
9
|
|
|
10
10
|
# If we're using the gpg agent for rpm signing, we don't want to specify the
|
|
11
11
|
# input for the passphrase, which is what '--passphrase-fd 3' does. However,
|
|
@@ -20,12 +20,34 @@ module Pkg::Sign::Rpm
|
|
|
20
20
|
input_flag = "--passphrase-fd 3"
|
|
21
21
|
end
|
|
22
22
|
|
|
23
|
+
# If gpg version is >=2.1, use the gpg1 binary to sign. Otherwise, use the standard sign command.
|
|
24
|
+
gpg_executable = if gpg_version_greater_than_21?
|
|
25
|
+
"%__gpg /usr/bin/gpg1' --define '%__gpg_sign_cmd %{__gpg} gpg1"
|
|
26
|
+
else
|
|
27
|
+
'%__gpg_sign_cmd %{__gpg} gpg'
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
# rubocop:disable Lint/NestedPercentLiteral
|
|
31
|
+
gpg_signing_macro = %W[
|
|
32
|
+
#{gpg_executable} #{sign_flags} #{input_flag}
|
|
33
|
+
--batch --no-verbose --no-armor
|
|
34
|
+
--no-secmem-warning -u %{_gpg_name}
|
|
35
|
+
-sbo %{__signature_filename} %{__plaintext_filename}
|
|
36
|
+
].join(' ')
|
|
37
|
+
# rubocop:enable Lint/NestedPercentLiteral
|
|
38
|
+
|
|
39
|
+
sign_command = %W[
|
|
40
|
+
#{rpm_executable} #{gpg_check_command}
|
|
41
|
+
--define '%_gpg_name #{Pkg::Util::Gpg.key}'
|
|
42
|
+
--define '#{gpg_signing_macro}' --addsign #{rpm}
|
|
43
|
+
].join(' ')
|
|
44
|
+
|
|
23
45
|
# Try this up to 5 times, to allow for incorrect passwords
|
|
24
46
|
Pkg::Util::Execution.retry_on_fail(:times => 5) do
|
|
25
47
|
# This definition of %__gpg_sign_cmd is the default on modern rpm. We
|
|
26
48
|
# accept extra flags to override certain signing behavior for older
|
|
27
49
|
# versions of rpm, e.g. specifying V3 signatures instead of V4.
|
|
28
|
-
Pkg::Util::Execution.capture3(
|
|
50
|
+
Pkg::Util::Execution.capture3(sign_command)
|
|
29
51
|
end
|
|
30
52
|
end
|
|
31
53
|
|
|
@@ -112,4 +134,10 @@ module Pkg::Sign::Rpm
|
|
|
112
134
|
end
|
|
113
135
|
end
|
|
114
136
|
end
|
|
137
|
+
|
|
138
|
+
def gpg_version_greater_than_21?
|
|
139
|
+
gpg_version_output = %x(gpg --version)
|
|
140
|
+
gpg_version = gpg_version_output.split(' ')[2]
|
|
141
|
+
Gem::Version.new(gpg_version) >= Gem::Version.new('2.1.0')
|
|
142
|
+
end
|
|
115
143
|
end
|
data/tasks/jenkins.rake
CHANGED
|
@@ -314,6 +314,14 @@ namespace :pl do
|
|
|
314
314
|
Rake::Task['pl:remote:update_foss_repos'].invoke
|
|
315
315
|
Rake::Task['pl:remote:deploy_final_builds_to_s3'].invoke
|
|
316
316
|
Rake::Task['pl:remote:deploy_to_rsync_server'].invoke
|
|
317
|
+
|
|
318
|
+
# This serves as a cheap feature toggle to avoid things not ready to
|
|
319
|
+
# use it. It should be removed in future versions.
|
|
320
|
+
if ENV['STABLE_SHIP_TO_GCP']
|
|
321
|
+
## apt.repos.puppet.com
|
|
322
|
+
Rake::Task['pl:stage_stable_debs'].invoke
|
|
323
|
+
Rake::Task['pl:remote:sync_apt_repo_to_gcp'].invoke
|
|
324
|
+
end
|
|
317
325
|
end
|
|
318
326
|
|
|
319
327
|
task :stage_release_packages => "pl:fetch" do
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: packaging
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.107.
|
|
4
|
+
version: 0.107.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Puppet Labs
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-08-29 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: pry
|
|
@@ -324,27 +324,27 @@ specification_version: 4
|
|
|
324
324
|
summary: Puppet Labs' packaging automation
|
|
325
325
|
test_files:
|
|
326
326
|
- spec/lib/packaging/gem_spec.rb
|
|
327
|
-
- spec/lib/packaging/retrieve_spec.rb
|
|
328
|
-
- spec/lib/packaging/repo_spec.rb
|
|
329
|
-
- spec/lib/packaging/tar_spec.rb
|
|
330
|
-
- spec/lib/packaging/deb/repo_spec.rb
|
|
331
327
|
- spec/lib/packaging/platforms_spec.rb
|
|
332
328
|
- spec/lib/packaging/artifactory_spec.rb
|
|
333
|
-
- spec/lib/packaging/
|
|
329
|
+
- spec/lib/packaging/tar_spec.rb
|
|
334
330
|
- spec/lib/packaging/config_spec.rb
|
|
335
|
-
- spec/lib/packaging/paths_spec.rb
|
|
336
331
|
- spec/lib/packaging/deb_spec.rb
|
|
337
|
-
- spec/lib/packaging/
|
|
332
|
+
- spec/lib/packaging/deb/repo_spec.rb
|
|
333
|
+
- spec/lib/packaging/repo_spec.rb
|
|
334
|
+
- spec/lib/packaging/retrieve_spec.rb
|
|
335
|
+
- spec/lib/packaging/sign_spec.rb
|
|
336
|
+
- spec/lib/packaging/paths_spec.rb
|
|
338
337
|
- spec/lib/packaging/util/git_tag_spec.rb
|
|
339
|
-
- spec/lib/packaging/util/
|
|
340
|
-
- spec/lib/packaging/util/
|
|
341
|
-
- spec/lib/packaging/util/
|
|
338
|
+
- spec/lib/packaging/util/os_spec.rb
|
|
339
|
+
- spec/lib/packaging/util/jenkins_spec.rb
|
|
340
|
+
- spec/lib/packaging/util/gpg_spec.rb
|
|
342
341
|
- spec/lib/packaging/util/net_spec.rb
|
|
343
|
-
- spec/lib/packaging/util/rake_utils_spec.rb
|
|
344
342
|
- spec/lib/packaging/util/ship_spec.rb
|
|
343
|
+
- spec/lib/packaging/util/rake_utils_spec.rb
|
|
344
|
+
- spec/lib/packaging/util/execution_spec.rb
|
|
345
|
+
- spec/lib/packaging/util/misc_spec.rb
|
|
345
346
|
- spec/lib/packaging/util/file_spec.rb
|
|
346
|
-
- spec/lib/packaging/util/os_spec.rb
|
|
347
|
-
- spec/lib/packaging/util/jenkins_spec.rb
|
|
348
347
|
- spec/lib/packaging/util/git_spec.rb
|
|
349
|
-
- spec/lib/packaging/util/
|
|
348
|
+
- spec/lib/packaging/util/version_spec.rb
|
|
349
|
+
- spec/lib/packaging/rpm/repo_spec.rb
|
|
350
350
|
- spec/lib/packaging_spec.rb
|