Since Akraino projects do not follow standard release procedures, we
will simply sign the artifacts before pushing them to Nexus, just to
provide signatures showing that all artifacts come from LF infra.
Change-Id: Ia3478900acd02d419fe49c25b1902b1a3459f73d
Issue-ID: LF-Jira RELENG-2819
Signed-off-by: Eric Ball <eball@linuxfoundation.org>
builders:
- lf-infra-pre-build
builders:
- lf-infra-pre-build
+ - config-file-provider:
+ files:
+ - file-id: lftoolsini
+ target: "$HOME/.config/lftools/lftools.ini"
+ - file-id: sigul-config
+ variable: SIGUL_CONFIG
+ - file-id: sigul-password
+ variable: SIGUL_PASSWORD
+ - file-id: sigul-pki
+ variable: SIGUL_PKI
+ - file-id: signing-pubkey
+ variable: SIGNING_PUBKEY
+ - shell: !include-raw-escape: ../global-jjb/shell/sigul-configuration.sh
+ - shell: !include-raw-escape: ../global-jjb/shell/sigul-install.sh
- lf-maven-install:
mvn-version: '{mvn-version}'
- lf-update-java-alternatives:
- lf-maven-install:
mvn-version: '{mvn-version}'
- lf-update-java-alternatives:
builders:
- lf-infra-pre-build
builders:
- lf-infra-pre-build
+ - config-file-provider:
+ files:
+ - file-id: lftoolsini
+ target: "$HOME/.config/lftools/lftools.ini"
+ - file-id: sigul-config
+ variable: SIGUL_CONFIG
+ - file-id: sigul-password
+ variable: SIGUL_PASSWORD
+ - file-id: sigul-pki
+ variable: SIGUL_PKI
+ - file-id: signing-pubkey
+ variable: SIGNING_PUBKEY
+ - shell: !include-raw-escape: ../global-jjb/shell/sigul-configuration.sh
+ - shell: !include-raw-escape: ../global-jjb/shell/sigul-install.sh
- lf-jacoco-nojava-workaround
- lf-maven-install:
mvn-version: '{mvn-version}'
- lf-jacoco-nojava-workaround
- lf-maven-install:
mvn-version: '{mvn-version}'
files:
- file-id: 'ta-settings'
variable: 'SETTINGS_FILE'
files:
- file-id: 'ta-settings'
variable: 'SETTINGS_FILE'
+ - file-id: lftoolsini
+ target: "$HOME/.config/lftools/lftools.ini"
+ - file-id: sigul-config
+ variable: SIGUL_CONFIG
+ - file-id: sigul-password
+ variable: SIGUL_PASSWORD
+ - file-id: sigul-pki
+ variable: SIGUL_PKI
+ - file-id: signing-pubkey
+ variable: SIGNING_PUBKEY
- inject:
properties-content: 'ALT_NEXUS_URL=https://nexus3.akraino.org'
- lf-infra-create-netrc:
- inject:
properties-content: 'ALT_NEXUS_URL=https://nexus3.akraino.org'
- lf-infra-create-netrc:
# Ensure python-tools are installed in case job template does not
# call the lf-infra-pre-build macro.
- ../../global-jjb/shell/python-tools-install.sh
# Ensure python-tools are installed in case job template does not
# call the lf-infra-pre-build macro.
- ../../global-jjb/shell/python-tools-install.sh
+ - shell: !include-raw: ../global-jjb/shell/sigul-configuration.sh
+ - shell: !include-raw: ../global-jjb/shell/sigul-install.sh
- shell: !include-raw:
- ../shell/ta-rpm-deploy.sh
- shell: !include-raw:
- shell: !include-raw:
- ../shell/ta-rpm-deploy.sh
- shell: !include-raw:
files:
- file-id: 'ta-settings'
variable: 'SETTINGS_FILE'
files:
- file-id: 'ta-settings'
variable: 'SETTINGS_FILE'
+ - file-id: lftoolsini
+ target: "$HOME/.config/lftools/lftools.ini"
+ - file-id: sigul-config
+ variable: SIGUL_CONFIG
+ - file-id: sigul-password
+ variable: SIGUL_PASSWORD
+ - file-id: sigul-pki
+ variable: SIGUL_PKI
+ - file-id: signing-pubkey
+ variable: SIGNING_PUBKEY
- lf-infra-create-netrc:
server-id: images-snapshots
- shell: !include-raw:
# Ensure python-tools are installed in case job template does not
# call the lf-infra-pre-build macro.
- ../../global-jjb/shell/python-tools-install.sh
- lf-infra-create-netrc:
server-id: images-snapshots
- shell: !include-raw:
# Ensure python-tools are installed in case job template does not
# call the lf-infra-pre-build macro.
- ../../global-jjb/shell/python-tools-install.sh
+ - shell: !include-raw: ../global-jjb/shell/sigul-configuration.sh
+ - shell: !include-raw: ../global-jjb/shell/sigul-install.sh
- shell: !include-raw:
- ../shell/ta-iso-deploy.sh
- shell: !include-raw:
- shell: !include-raw:
- ../shell/ta-iso-deploy.sh
- shell: !include-raw:
#
# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
#
#
# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
#
# See the License for the specific language governing permissions and
# limitations under the License.
# See the License for the specific language governing permissions and
# limitations under the License.
+echo "---> make-tar.sh"
+
sudo yum install -y dos2unix
# shellcheck source="$WORKSPACE/version.properties" disable=SC1091
dos2unix "${WORKSPACE}/version.properties"
sudo yum install -y dos2unix
# shellcheck source="$WORKSPACE/version.properties" disable=SC1091
dos2unix "${WORKSPACE}/version.properties"
# Build the regional controller scripts tar ball
ARTIFACT_NAME="onap-amsterdam-regional-controller-${STREAM}"
TAR_NAME="${ARTIFACT_NAME}-${VERSION}.tgz"
# Build the regional controller scripts tar ball
ARTIFACT_NAME="onap-amsterdam-regional-controller-${STREAM}"
TAR_NAME="${ARTIFACT_NAME}-${VERSION}.tgz"
- echo "Making tar file ${TARDIR}/${TAR_NAME}"
+ echo "---> Making tar file ${TARDIR}/${TAR_NAME}"
cd ./src/regional_controller_scripts/
tar -cvzf "${TARDIR}/${TAR_NAME}" -- *
# Build the ONAP VM scripts tar ball
ARTIFACT_NAME="onap-amsterdam-VM-${STREAM}"
TAR_NAME="${ARTIFACT_NAME}-${VERSION}.tgz"
cd ./src/regional_controller_scripts/
tar -cvzf "${TARDIR}/${TAR_NAME}" -- *
# Build the ONAP VM scripts tar ball
ARTIFACT_NAME="onap-amsterdam-VM-${STREAM}"
TAR_NAME="${ARTIFACT_NAME}-${VERSION}.tgz"
- echo "Making tar file ${TARDIR}/${TAR_NAME}"
+ echo "---> Making tar file ${TARDIR}/${TAR_NAME}"
cd ../onap_vm_scripts/
tar -cvzf "${TARDIR}/${TAR_NAME}" -- *
else
TAR_NAME="${PROJECT}-${VERSION}.tgz"
cd ../onap_vm_scripts/
tar -cvzf "${TARDIR}/${TAR_NAME}" -- *
else
TAR_NAME="${PROJECT}-${VERSION}.tgz"
- echo "Making tar file ${TARDIR}/${TAR_NAME}"
+ echo "---> Making tar file ${TARDIR}/${TAR_NAME}"
# Put the file in /tmp initially to prevent it $TARDIR from going into the tar file
tar -cvzf "/tmp/${TAR_NAME}" -- *
mkdir "$TARDIR"
cp "/tmp/${TAR_NAME}" "${TARDIR}/${TAR_NAME}"
fi
# Put the file in /tmp initially to prevent it $TARDIR from going into the tar file
tar -cvzf "/tmp/${TAR_NAME}" -- *
mkdir "$TARDIR"
cp "/tmp/${TAR_NAME}" "${TARDIR}/${TAR_NAME}"
fi
+
+echo "-----> Sign all artifacts"
+lftools sign sigul "${TARDIR}"
+
cp "$WORKSPACE/work/results/images/"* "$upload_dir1"
cp "$WORKSPACE/work/results/images/"* "$upload_dir2"
cp "$WORKSPACE/work/results/images/"* "$upload_dir1"
cp "$WORKSPACE/work/results/images/"* "$upload_dir2"
+echo "-----> Sign all artifacts"
+lftools sign sigul "$repo_dir"
+
echo "-----> Upload ISOs to Nexus"
lftools deploy nexus "$nexus_repo_url" "$repo_dir"
rm -rf "$repo_dir"
echo "-----> Upload ISOs to Nexus"
lftools deploy nexus "$nexus_repo_url" "$repo_dir"
rm -rf "$repo_dir"
+echo "-----> Sign all artifacts"
+lftools sign sigul "$repo_dir"
+
echo "-----> Upload RPMs to Nexus"
lftools deploy nexus "$nexus_repo_url" "$repo_dir"
echo "-----> Upload RPMs to Nexus"
lftools deploy nexus "$nexus_repo_url" "$repo_dir"