diff options
author | Aric Gardner <agardner@linuxfoundation.org> | 2016-07-13 15:57:46 -0400 |
---|---|---|
committer | Aric Gardner <agardner@linuxfoundation.org> | 2016-07-20 14:24:45 -0400 |
commit | 8977a7650205d20cbe19deefad3978b7546fcf61 (patch) | |
tree | 2b130d13ed3bf3b4a9345c784335c0628c8cd9df | |
parent | ba319020129a6d072f2f9a522053bc98701d8a07 (diff) |
Enable artifact signing for fuel merge jobs
refactored things into functions so we can choose between verify and
merge
Will skip verify jobs.
Do we need to upload verify jobs to google storage?
Change-Id: If9f677cbe38e17a22ac1c54698168383240cbc38
Signed-off-by: Aric Gardner <agardner@linuxfoundation.org>
-rwxr-xr-x | jjb/fuel/fuel-upload-artifact.sh | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/jjb/fuel/fuel-upload-artifact.sh b/jjb/fuel/fuel-upload-artifact.sh index 47cf8985c..1ccd3282c 100755 --- a/jjb/fuel/fuel-upload-artifact.sh +++ b/jjb/fuel/fuel-upload-artifact.sh @@ -19,6 +19,7 @@ fi # source the opnfv.properties to get ARTIFACT_VERSION source $WORKSPACE/opnfv.properties +nfsstore () { # storing ISOs for verify & merge jobs will be done once we get the disk array if [[ ! "$JOB_NAME" =~ (verify|merge) ]]; then # store ISO locally on NFS first @@ -34,7 +35,30 @@ if [[ ! "$JOB_NAME" =~ (verify|merge) ]]; then $ISOSTORE/opnfv-$OPNFV_ARTIFACT_VERSION.iso fi fi +} +importkey () { +# clone releng repository +echo "Cloning releng repository..." +[ -d releng ] && rm -rf releng +git clone https://gerrit.opnfv.org/gerrit/releng $WORKSPACE/releng/ &> /dev/null +#this is where we import the siging key +if [ -f $WORKSPACE/releng/utils/gpg_import_key.sh ]; then + source $WORKSPACE/releng/utils/gpg_import_key.sh +fi +} + +signiso () { +gpg2 -vvv --batch --yes --no-tty \ + --default-key opnfv-helpdesk@rt.linuxfoundation.org \ + --passphrase besteffort \ + --detach-sig $BUILD_DIRECTORY/opnfv-$OPNFV_ARTIFACT_VERSION.iso + +gsutil cp $BUILD_DIRECTORY/opnfv-$OPNFV_ARTIFACT_VERSION.iso.sig gs://$GS_URL/opnfv-$OPNFV_ARTIFACT_VERSION.iso.sig +echo "ISO signature Upload Complete!" +} + +uploadiso () { # log info to console echo "Uploading $INSTALLER_TYPE artifact. This could take some time..." echo @@ -80,3 +104,17 @@ echo "Artifact is available as http://$GS_URL/opnfv-$OPNFV_ARTIFACT_VERSION.iso" echo echo "--------------------------------------------------------" echo +} + +nfsstore + +if [[ ! "$JOB_NAME" =~ merge ]]; then + importkey + signiso + uploadiso +fi + +if [[ ! "$JOB_NAME" =~ verify ]]; then + uploadiso +fi + |