vanagon 0.15.37 → 0.15.38

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d81f5bb7831c050aec5ea57db573fcca3f435ab17447809d237d463a43aeed9a
-  data.tar.gz: cc4b94cacd02a497dd55ed6a8498a01784217adf03eef6fe28fa54e3a2cf9cc0
+  metadata.gz: 6ffa8bb7c327a5b46f5403c9fb77cf396c8a9e09fb8d7c7558927bd99830483b
+  data.tar.gz: 8bc7b97f25d0fa5405af34ecddc6e6b00d6c57605d85a16fe232c7477a3083a8
 SHA512:
-  metadata.gz: 7288377a9292bb0a69d6ec996fbee1495c0f8ce729f33f0cbe16523b4f07fee736c63f2638c3a760e3ee09f0ffc4e8f4c11bcfc5cadfee2a35369c2a2e505e2a
-  data.tar.gz: 51340339458db18882d99879774e2d89f36085d034d5935f2884d8dc91ff9938df55e717c98de49c96e7299a2e44216a089340ef198f0efb1936693750b6ba1f
+  metadata.gz: f63aa10d3742e370faaaaf2c7dd5d7720f6598e60944a4d4917cc1e19b761a606a44fac5809f801bbae99b23f3f0221c958b70e7afb2a619d6fe32c0110a052c
+  data.tar.gz: 4303abc3598c0558b349dee95ad81c1f6354845971323ccbaa73f24d841c4eab7e5df39225ea9f58ae305470ec143f849feb7e0adae296430873263729a536ff

data/lib/vanagon/driver.rb

@@ -140,7 +140,7 @@ class Vanagon
       @project.make_bill_of_materials(workdir)
       # Don't generate packaging artifacts if no_packaging is set
       @project.generate_packaging_artifacts(workdir) unless @project.no_packaging
-      @project.save_manifest_json(@platform)
+      @project.save_manifest_json(@platform, workdir)
       @engine.ship_workdir(workdir)
       @engine.dispatch("(cd #{@engine.remote_workdir}; #{@platform.make} #{make_target})")
       @engine.retrieve_built_artifact(@project.artifacts_to_fetch, @project.no_packaging)

data/lib/vanagon/platform.rb

@@ -486,9 +486,9 @@ class Vanagon
     def generate_compiled_archive(project)
       name_and_version = "#{project.name}-#{project.version}"
       name_and_version_and_platform = "#{name_and_version}.#{name}"
+      name_and_platform = "#{project.name}.#{name}"
       final_archive = "output/#{name_and_version_and_platform}.tar.gz"
       archive_directory = "#{project.name}-archive"
-      metadata = project.build_manifest_json(true)
 
       # previously, we weren't properly handling the case of custom BOM paths.
       # If we have a custom BOM path, during Makefile execution, the top-level
@@ -503,7 +503,6 @@ class Vanagon
         bill_of_materials_command = "mv .#{project.bill_of_materials.path}/bill-of-materials ../.."
       end
 
-      metadata.gsub!(/\n/, '\n')
       [
         "mkdir output",
         "mkdir #{archive_directory}",
@@ -511,7 +510,7 @@ class Vanagon
         "rm #{name_and_version}.tar.gz",
         "cd #{archive_directory}/#{name_and_version}; #{bill_of_materials_command}; #{tar} cf ../../#{name_and_version_and_platform}.tar *",
         "gzip -9c #{name_and_version_and_platform}.tar > #{name_and_version_and_platform}.tar.gz",
-        "echo -e \"#{metadata}\" > output/#{name_and_version_and_platform}.json",
+        "cp build_metadata.#{name_and_platform}.json output/#{name_and_version_and_platform}.json",
         "cp bill-of-materials output/#{name_and_version_and_platform}-bill-of-materials ||:",
         "cp #{name_and_version_and_platform}.tar.gz output",
         "#{shasum} #{final_archive} > #{final_archive}.sha1"

data/lib/vanagon/platform/deb.rb

@@ -140,7 +140,7 @@ class Vanagon
         @tar = "tar"
         @patch = "/usr/bin/patch"
         @num_cores = "/usr/bin/nproc"
-        @curl = "curl --silent --show-error --fail"
+        @curl = "curl --silent --show-error --fail --location"
         @valid_operators = ['<', '>', '<=', '>=', '=', '<<', '>>']
         super(name)
       end

data/lib/vanagon/platform/rpm.rb

@@ -103,7 +103,7 @@ class Vanagon
         @patch ||= "/usr/bin/patch"
         @num_cores ||= "/bin/grep -c 'processor' /proc/cpuinfo"
         @rpmbuild ||= "/usr/bin/rpmbuild"
-        @curl = "curl --silent --show-error --fail"
+        @curl = "curl --silent --show-error --fail --location"
         super(name)
       end
     end

data/lib/vanagon/platform/windows.rb

@@ -205,11 +205,36 @@ class Vanagon
         # "Misc Dir for versions.txt, License file and Icon file"
         misc_dir = "SourceDir/#{project.settings[:base_dir]}/#{project.settings[:company_id]}/#{project.settings[:product_id]}/misc"
         # Actual array of commands to be written to the Makefile
-        [
+        make_commands = [
           "mkdir -p output/#{target_dir}",
           "mkdir -p $(tempdir)/{SourceDir,wix/wixobj}",
           "#{@copy} -r wix/* $(tempdir)/wix/",
-          "gunzip -c #{project.name}-#{project.version}.tar.gz | '#{@tar}' -C '$(tempdir)/SourceDir' --strip-components 1 -xf -",
+          "gunzip -c #{project.name}-#{project.version}.tar.gz | '#{@tar}' -C '$(tempdir)/SourceDir' --strip-components 1 -xf -"
+        ]
+
+        unless project.extra_files_to_sign.empty?
+          begin
+            tempdir = nil
+            # Skip signing extra files if logging into the signing_host fails
+            # This enables things like CI being able to sign the additional files,
+            # but locally triggered builds by developers who don't have access to
+            # the signing host just print a message and skip the signing.
+            Vanagon::Utilities.retry_with_timeout(3, 5) do
+              tempdir = Vanagon::Utilities::remote_ssh_command("#{project.signing_username}@#{project.signing_hostname}", "#{@mktemp} 2>/dev/null", return_command_output: true)
+            end
+            project.extra_files_to_sign.each do |file|
+              file_location = File.join(tempdir, File.basename(file))
+              make_commands << [
+                "rsync -e '#{Vanagon::Utilities.ssh_command}' -rHlv --no-perms --no-owner --no-group #{File.join('$(tempdir)', 'SourceDir', file)} #{project.signing_username}@#{project.signing_hostname}:#{tempdir}",
+                "#{Vanagon::Utilities.ssh_command} #{project.signing_username}@#{project.signing_hostname} #{project.signing_command} #{file_location}",
+                "rsync -e '#{Vanagon::Utilities.ssh_command}' -rHlv -O --no-perms --no-owner --no-group #{project.signing_username}@#{project.signing_hostname}:#{file_location} #{File.join('$(tempdir)', 'SourceDir', file)}"
+              ]
+            end
+          rescue RuntimeError
+            warn "Unable to connect to #{project.signing_username}@#{project.signing_hostname}, skipping signing extra files: #{project.extra_files_to_sign.join(',')}"
+          end
+        end
+        make_commands << [
           "mkdir -p $(tempdir)/#{misc_dir}",
           # Need to use awk here to convert to DOS format so that notepad can display file correctly.
           "awk 'sub(\"$$\", \"\\r\")' $(tempdir)/SourceDir/bill-of-materials > $(tempdir)/#{misc_dir}/versions.txt",
@@ -225,6 +250,8 @@ class Vanagon
           # -loc is required for the UI localization it points to the actual localization .wxl
           "cd $(tempdir)/wix/wixobj; \"$$WIX/bin/light.exe\" #{light_flags} -b $$(cygpath -aw $(tempdir)) -loc $$(cygpath -aw $(tempdir)/wix/localization/puppet_en-us.wxl) -out $$(cygpath -aw $(workdir)/output/#{target_dir}/#{msi_package_name(project)}) *.wixobj",
         ]
+
+        make_commands.flatten
       end
 
       # Method to derive the msi (Windows Installer) package name for the project.

data/lib/vanagon/project.rb

@@ -108,6 +108,14 @@ class Vanagon
     # you just want to perform installation and pull down a file.
     attr_accessor :no_packaging
 
+    # Extra files to sign
+    # Right now just supported on windows, useful for signing powershell scripts
+    # that need to be signed between build and MSI creation
+    attr_accessor :extra_files_to_sign
+    attr_accessor :signing_hostname
+    attr_accessor :signing_username
+    attr_accessor :signing_command
+
     # Loads a given project from the configdir
     #
     # @param name [String] the name of the project
@@ -156,6 +164,10 @@ class Vanagon
       @upstream_metadata = {}
       @no_packaging = false
       @artifacts_to_fetch = []
+      @extra_files_to_sign = []
+      @signing_hostname = ''
+      @signing_username = ''
+      @signing_command = ''
     end
 
     # Magic getter to retrieve settings in the project
@@ -714,20 +726,27 @@ class Vanagon
     # Writes a json file at `ext/build_metadata.<project>.<platform>.json` containing information
     # about what went into a built artifact
     #
-    # @return [Hash] of build information
-    def save_manifest_json(platform)
+    # @param platform [String] platform we're writing metadata for
+    # @param additional_directories [String|Array[String]] additional
+    #        directories to write build_metadata.<project>.<platform>.json to
+    def save_manifest_json(platform, additional_directories = nil) # rubocop:disable Metrics/AbcSize
       manifest = build_manifest_json
       metadata = metadata_merge(manifest, @upstream_metadata)
 
       ext_directory = 'ext'
       FileUtils.mkdir_p ext_directory
 
+      directories = [ext_directory, additional_directories].compact
       metadata_file_name = "build_metadata.#{name}.#{platform.name}.json"
-      File.open(File.join(ext_directory, metadata_file_name), 'w') do |f|
-        f.write(JSON.pretty_generate(metadata))
+      directories.each do |directory|
+        File.open(File.join(directory, metadata_file_name), 'w') do |f|
+          f.write(JSON.pretty_generate(metadata))
+        end
       end
 
       ## VANAGON-132 Backwards compatibility: make a 'build_metadata.json' file
+      # No need to propagate this backwards compatibility to the new additional
+      # directories
       File.open(File.join(ext_directory, 'build_metadata.json'), 'w') do |f|
         f.write(JSON.pretty_generate(metadata))
       end

data/lib/vanagon/project/dsl.rb

@@ -363,6 +363,39 @@ class Vanagon
       def no_packaging(var)
         @project.no_packaging = var
       end
+
+      # Set to sign additional files during buildtime. Only implemented for
+      # windows. Can be specified more than once
+      #
+      # @param [String] file to sign
+      def extra_file_to_sign(file)
+        @project.extra_files_to_sign << file
+      end
+
+      # The hostname to sign additional files on. Only does anything when there
+      # are extra files to sign
+      #
+      # @param [String] hostname of the machine to run the extra file signing on
+      def signing_hostname(hostname)
+        @project.signing_hostname = hostname
+      end
+
+      # The username to log in to the signing_hostname as. Only does anything
+      # when there are extra files to sign
+      #
+      # @param [String] the username to log in to `signing_hostname` as
+      def signing_username(username)
+        @project.signing_username = username
+      end
+
+      # The command to run to sign additional files. The command should assume
+      # it will have the file path appended to the end of the command, since
+      # files end up in a temp directory.
+      #
+      # @param [String] the command to sign additional files
+      def signing_command(command)
+        @project.signing_command = command
+      end
     end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: vanagon
 version: !ruby/object:Gem::Version
-  version: 0.15.37
+  version: 0.15.38
 platform: ruby
 authors:
 - Puppet Labs
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-05-06 00:00:00.000000000 Z
+date: 2020-06-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: git
@@ -265,41 +265,41 @@ signing_key:
 specification_version: 3
 summary: All of your packages will fit into this van with this one simple trick.
 test_files:
-- spec/lib/makefile_spec.rb
-- spec/lib/vanagon/utilities/shell_utilities_spec.rb
-- spec/lib/vanagon/platform_spec.rb
+- spec/lib/git/rev_list_spec.rb
+- spec/lib/vanagon/driver_spec.rb
 - spec/lib/vanagon/project_spec.rb
-- spec/lib/vanagon/component_spec.rb
-- spec/lib/vanagon/extensions/set/json_spec.rb
-- spec/lib/vanagon/extensions/string_spec.rb
-- spec/lib/vanagon/extensions/ostruct/json_spec.rb
-- spec/lib/vanagon/engine/ec2_spec.rb
-- spec/lib/vanagon/engine/hardware_spec.rb
-- spec/lib/vanagon/engine/pooler_spec.rb
-- spec/lib/vanagon/engine/always_be_scheduling_spec.rb
-- spec/lib/vanagon/engine/docker_spec.rb
-- spec/lib/vanagon/engine/base_spec.rb
-- spec/lib/vanagon/engine/local_spec.rb
-- spec/lib/vanagon/environment_spec.rb
+- spec/lib/vanagon/utilities/shell_utilities_spec.rb
 - spec/lib/vanagon/utilities_spec.rb
-- spec/lib/vanagon/driver_spec.rb
-- spec/lib/vanagon/component/rules_spec.rb
+- spec/lib/vanagon/platform/solaris_10_spec.rb
+- spec/lib/vanagon/platform/rpm_spec.rb
+- spec/lib/vanagon/platform/solaris_11_spec.rb
+- spec/lib/vanagon/platform/dsl_spec.rb
+- spec/lib/vanagon/platform/deb_spec.rb
+- spec/lib/vanagon/platform/windows_spec.rb
+- spec/lib/vanagon/platform/osx_spec.rb
+- spec/lib/vanagon/platform/rpm/aix_spec.rb
+- spec/lib/vanagon/component/source_spec.rb
 - spec/lib/vanagon/component/dsl_spec.rb
-- spec/lib/vanagon/component/source/rewrite_spec.rb
-- spec/lib/vanagon/component/source/git_spec.rb
+- spec/lib/vanagon/component/rules_spec.rb
 - spec/lib/vanagon/component/source/http_spec.rb
 - spec/lib/vanagon/component/source/local_spec.rb
-- spec/lib/vanagon/component/source_spec.rb
+- spec/lib/vanagon/component/source/rewrite_spec.rb
+- spec/lib/vanagon/component/source/git_spec.rb
+- spec/lib/vanagon/engine/docker_spec.rb
+- spec/lib/vanagon/engine/hardware_spec.rb
+- spec/lib/vanagon/engine/ec2_spec.rb
+- spec/lib/vanagon/engine/base_spec.rb
+- spec/lib/vanagon/engine/local_spec.rb
+- spec/lib/vanagon/engine/pooler_spec.rb
+- spec/lib/vanagon/engine/always_be_scheduling_spec.rb
+- spec/lib/vanagon/platform_spec.rb
 - spec/lib/vanagon/project/dsl_spec.rb
 - spec/lib/vanagon/optparse_spec.rb
+- spec/lib/vanagon/component_spec.rb
+- spec/lib/vanagon/extensions/ostruct/json_spec.rb
+- spec/lib/vanagon/extensions/string_spec.rb
+- spec/lib/vanagon/extensions/set/json_spec.rb
 - spec/lib/vanagon/common/user_spec.rb
 - spec/lib/vanagon/common/pathname_spec.rb
-- spec/lib/vanagon/platform/dsl_spec.rb
-- spec/lib/vanagon/platform/windows_spec.rb
-- spec/lib/vanagon/platform/solaris_10_spec.rb
-- spec/lib/vanagon/platform/deb_spec.rb
-- spec/lib/vanagon/platform/solaris_11_spec.rb
-- spec/lib/vanagon/platform/rpm/aix_spec.rb
-- spec/lib/vanagon/platform/osx_spec.rb
-- spec/lib/vanagon/platform/rpm_spec.rb
-- spec/lib/git/rev_list_spec.rb
+- spec/lib/vanagon/environment_spec.rb
+- spec/lib/makefile_spec.rb