summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAric Gardner <agardner@linuxfoundation.org>2016-07-13 15:57:46 -0400
committerAric Gardner <agardner@linuxfoundation.org>2016-07-20 14:24:45 -0400
commit8977a7650205d20cbe19deefad3978b7546fcf61 (patch)
tree2b130d13ed3bf3b4a9345c784335c0628c8cd9df
parentba319020129a6d072f2f9a522053bc98701d8a07 (diff)
Enable artifact signing for fuel merge jobs
refactored things into functions so we can choose between verify and merge Will skip verify jobs. Do we need to upload verify jobs to google storage? Change-Id: If9f677cbe38e17a22ac1c54698168383240cbc38 Signed-off-by: Aric Gardner <agardner@linuxfoundation.org>
-rwxr-xr-xjjb/fuel/fuel-upload-artifact.sh38
1 files changed, 38 insertions, 0 deletions
diff --git a/jjb/fuel/fuel-upload-artifact.sh b/jjb/fuel/fuel-upload-artifact.sh
index 47cf8985c..1ccd3282c 100755
--- a/jjb/fuel/fuel-upload-artifact.sh
+++ b/jjb/fuel/fuel-upload-artifact.sh
@@ -19,6 +19,7 @@ fi
# source the opnfv.properties to get ARTIFACT_VERSION
source $WORKSPACE/opnfv.properties
+nfsstore () {
# storing ISOs for verify & merge jobs will be done once we get the disk array
if [[ ! "$JOB_NAME" =~ (verify|merge) ]]; then
# store ISO locally on NFS first
@@ -34,7 +35,30 @@ if [[ ! "$JOB_NAME" =~ (verify|merge) ]]; then
$ISOSTORE/opnfv-$OPNFV_ARTIFACT_VERSION.iso
fi
fi
+}
+importkey () {
+# clone releng repository
+echo "Cloning releng repository..."
+[ -d releng ] && rm -rf releng
+git clone https://gerrit.opnfv.org/gerrit/releng $WORKSPACE/releng/ &> /dev/null
+#this is where we import the siging key
+if [ -f $WORKSPACE/releng/utils/gpg_import_key.sh ]; then
+ source $WORKSPACE/releng/utils/gpg_import_key.sh
+fi
+}
+
+signiso () {
+gpg2 -vvv --batch --yes --no-tty \
+ --default-key opnfv-helpdesk@rt.linuxfoundation.org \
+ --passphrase besteffort \
+ --detach-sig $BUILD_DIRECTORY/opnfv-$OPNFV_ARTIFACT_VERSION.iso
+
+gsutil cp $BUILD_DIRECTORY/opnfv-$OPNFV_ARTIFACT_VERSION.iso.sig gs://$GS_URL/opnfv-$OPNFV_ARTIFACT_VERSION.iso.sig
+echo "ISO signature Upload Complete!"
+}
+
+uploadiso () {
# log info to console
echo "Uploading $INSTALLER_TYPE artifact. This could take some time..."
echo
@@ -80,3 +104,17 @@ echo "Artifact is available as http://$GS_URL/opnfv-$OPNFV_ARTIFACT_VERSION.iso"
echo
echo "--------------------------------------------------------"
echo
+}
+
+nfsstore
+
+if [[ ! "$JOB_NAME" =~ merge ]]; then
+ importkey
+ signiso
+ uploadiso
+fi
+
+if [[ ! "$JOB_NAME" =~ verify ]]; then
+ uploadiso
+fi
+