Class: Conjur::Debify::Action::Publish

Inherits:

Object

• Object
• Conjur::Debify::Action::Publish

Defined in:

lib/conjur/debify/action/publish.rb

Instance Attribute Summary

• #cmd_options ⇒ Object readonly

  Returns the value of attribute cmd_options.

• #distribution ⇒ Object readonly

  Returns the value of attribute distribution.

• #project_name ⇒ Object readonly

  Returns the value of attribute project_name.

Instance Method Summary

• #create_image ⇒ Object
• #detect_component ⇒ Object
• #fetch_art_creds ⇒ Object
• #initialize(distribution, project_name, cmd_options) ⇒ Publish constructor

  A new instance of Publish.

• #publish(options) ⇒ Object
• #publish_package(publish_image:, art_url:, art_user:, art_password:, art_repo:, package_name:, dir:, deb_info: nil) ⇒ Object
• #run ⇒ Object

Constructor Details

#initialize(distribution, project_name, cmd_options) ⇒ Publish

Returns a new instance of Publish.

# File 'lib/conjur/debify/action/publish.rb', line 15

def initialize(distribution, project_name, cmd_options)
  @distribution = distribution
  @project_name = project_name
  @cmd_options = cmd_options
end

Instance Attribute Details

#cmd_options ⇒ Object (readonly)

Returns the value of attribute cmd_options.

# File 'lib/conjur/debify/action/publish.rb', line 14

def cmd_options
  @cmd_options
end

#distribution ⇒ Object (readonly)

Returns the value of attribute distribution.

# File 'lib/conjur/debify/action/publish.rb', line 14

def distribution
  @distribution
end

#project_name ⇒ Object (readonly)

Returns the value of attribute project_name.

# File 'lib/conjur/debify/action/publish.rb', line 14

def project_name
  @project_name
end

Instance Method Details

#create_image ⇒ Object

# File 'lib/conjur/debify/action/publish.rb', line 73

def create_image
  Docker::Image.build_from_dir File.expand_path('../../publish', File.dirname(__FILE__)), tag: "debify-publish", &DebugMixin::DOCKER
end

#detect_component ⇒ Object

# File 'lib/conjur/debify/action/publish.rb', line 5

def detect_component
  branch = ENV['GIT_BRANCH'] || ENV['BRANCH_NAME'] || `git rev-parse --abbrev-ref HEAD`.strip
  if %w(master origin/master).include?(branch)
    'stable'
  else
    branch.gsub('/', '.')
  end
end

#fetch_art_creds ⇒ Object

# File 'lib/conjur/debify/action/publish.rb', line 77

def fetch_art_creds
  require 'conjur/cli'
  require 'conjur/authn'
  Conjur::Config.load
  Conjur::Config.apply
  conjur = Conjur::Authn.connect nil, noask: true

  account = Conjur.configuration.account
  username_var = [account, "variable", "ci/artifactory/users/jenkins/username"].join(':')
  password_var = [account, "variable", 'ci/artifactory/users/jenkins/password'].join(':')
  [conjur.resource(username_var).value, conjur.resource(password_var).value]
end

#publish(options) ⇒ Object

# File 'lib/conjur/debify/action/publish.rb', line 123

def publish(options)
  container = Docker::Container.create(options)
  begin
    container.tap(&:start!).streaming_logs(follow: true, stdout: true, stderr: true) { |stream, chunk| puts "#{chunk}" }
    status = container.wait
    raise "Failed to publish package" unless status['StatusCode'] == 0
  ensure
    container.delete(force: true)
  end
end

#publish_package(publish_image:, art_url:, art_user:, art_password:, art_repo:, package_name:, dir:, deb_info: nil) ⇒ Object

# File 'lib/conjur/debify/action/publish.rb', line 90

def publish_package(
  publish_image:,
  art_url:,
  art_user:,
  art_password:,
  art_repo:,
  package_name:,
  dir:,
  deb_info: nil
)

  cmd_args = [
    "jfrog", "rt", "upload",
    "--url", art_url,
    "--user", art_user,
    "--password", art_password,
  ]

  cmd_args += ["--deb", deb_info] if deb_info
  cmd_args += [package_name, "#{art_repo}/"]

  options = {
    'Image' => publish_image.id,
    'Cmd' => cmd_args,
    'Binds' => [
      [ dir, "/src" ].join(':')
    ]
  }
  options['Privileged'] = true if Docker.version['Version'] >= '1.10.0'

  publish(options)
end

#run ⇒ Object

# File 'lib/conjur/debify/action/publish.rb', line 21

def run
  dir = cmd_options[:dir] || '.'
  dir = File.expand_path(dir)
  raise "Directory #{dir} does not exist or is not a directory" unless File.directory?(dir)

  Dir.chdir dir do
    version = cmd_options[:version] || detect_version

    publish_image = create_image
    DebugMixin.debug_write "Built base publish image '#{publish_image.id}'\n"

    art_url = cmd_options[:url]
    deb_art_repo = cmd_options[:repo]

    art_user = ENV['ARTIFACTORY_USER']
    art_password = ENV['ARTIFACTORY_PASSWORD']
    unless art_user && art_password
      art_user, art_password = fetch_art_creds
    end

    # Publish deb package
    component = cmd_options[:component] || detect_component
    deb_info = "#{distribution}/#{component}/amd64"
    package_name = "conjur-#{project_name}_#{version}_amd64.deb"
    publish_package(
      publish_image: publish_image,
      art_url: art_url,
      art_user: art_user,
      art_password: art_password,
      art_repo: deb_art_repo,
      package_name: package_name,
      dir: dir,
      deb_info: deb_info
    )

    # Publish RPM package
    # The rpm builder replaces dashes with underscores in the version
    rpm_version = version.tr('-', '_')
    package_name = "conjur-#{project_name}-#{rpm_version}-1.x86_64.rpm"
    rpm_art_repo = cmd_options['rpm-repo']
    publish_package(
      publish_image: publish_image,
      art_url: art_url,
      art_user: art_user,
      art_password: art_password,
      art_repo: rpm_art_repo,
      package_name: package_name,
      dir: dir
    )
  end
end