Module: Pkg::Util::Sign
- Defined in:
- lib/packaging/util/sign.rb
Class Method Summary collapse
-
.sign_all(root_directory = nil) ⇒ Object
Sign all locally staged packages on signing server.
Class Method Details
.sign_all(root_directory = nil) ⇒ Object
Sign all locally staged packages on signing server.
7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 |
# File 'lib/packaging/util/sign.rb', line 7 def sign_all(root_directory = nil) Pkg::Util::File.fetch root_directory ||= ENV['DEFAULT_DIRECTORY'] Dir["#{root_directory}/*"].empty? and fail "There were no files found in #{root_directory}. \ Maybe you wanted to build/retrieve something first?" # Because rpms and debs are laid out differently in PE under pkg/ they # have a different sign task to address this. Rather than create a whole # extra :jenkins task for signing PE, we determine which sign task to use # based on if we're building PE. # We also listen in on the environment variable SIGNING_BUNDLE. This is # _NOT_ intended for public use, but rather with the internal promotion # workflow for Puppet Enterprise. SIGNING_BUNDLE is the path to a tarball # containing a git bundle to be used as the environment for the packaging # repo in a signing operation. signing_bundle = ENV['SIGNING_BUNDLE'] sign_tasks = ["pl:sign_rpms"] sign_tasks << "pl:sign_deb_changes" unless Dir["#{root_directory}/**/*.changes"].empty? sign_tasks << "pl:sign_tar" if Pkg::Config.build_tar sign_tasks << "pl:sign_gem" if Pkg::Config.build_gem sign_tasks << "pl:sign_osx" if Pkg::Config.build_dmg || Pkg::Config.vanagon_project sign_tasks << "pl:sign_swix" if Pkg::Config.vanagon_project sign_tasks << "pl:sign_svr4" if Pkg::Config.vanagon_project sign_tasks << "pl:sign_ips" if Pkg::Config.vanagon_project sign_tasks << "pl:sign_msi" if Pkg::Config.build_msi || Pkg::Config.vanagon_project remote_repo = Pkg::Util::Net.remote_unpack_git_bundle(Pkg::Config.signing_server, 'HEAD', nil, signing_bundle) build_params = Pkg::Util::Net.remote_buildparams(Pkg::Config.signing_server, Pkg::Config) Pkg::Util::Net.rsync_to(root_directory, Pkg::Config.signing_server, remote_repo) rake_command = <<~DOC cd #{remote_repo} ; #{Pkg::Util::Net.remote_bundle_install_command} bundle exec rake #{sign_tasks.map { |task| task + "[#{root_directory}]" }.join(' ')} PARAMS_FILE=#{build_params} DOC Pkg::Util::Net.remote_execute(Pkg::Config.signing_server, rake_command) Pkg::Util::Net.rsync_from("#{remote_repo}/#{root_directory}/", Pkg::Config.signing_server, "#{root_directory}/") Pkg::Util::Net.remote_execute(Pkg::Config.signing_server, "rm -rf #{remote_repo}") Pkg::Util::Net.remote_execute(Pkg::Config.signing_server, "rm #{build_params}") puts "Signed packages staged in #{root_directory}/ directory" end |