This is an automated email from the ASF dual-hosted git repository.
jstastnycz pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/incubator-kie-drools.git
The following commit(s) were added to refs/heads/main by this push:
new f755fa01f8 NO_ISSUE: use release shared library (#5973)
f755fa01f8 is described below
commit f755fa01f8223f66d4250fbc9163553c18b5a948
Author: Jan Stastny <[email protected]>
AuthorDate: Wed Jul 3 16:02:44 2024 +0200
NO_ISSUE: use release shared library (#5973)
* NO_ISSUE: use release shared library
* add gpg into branch.yaml
---------
Co-authored-by: jstastny-cz <[email protected]>
---
.ci/jenkins/Jenkinsfile.deploy | 37 +++++++++++++++++++------------------
.ci/jenkins/config/branch.yaml | 5 +++++
.ci/jenkins/dsl/jobs.groovy | 3 +++
3 files changed, 27 insertions(+), 18 deletions(-)
diff --git a/.ci/jenkins/Jenkinsfile.deploy b/.ci/jenkins/Jenkinsfile.deploy
index 694df3e6d2..20b20701bb 100644
--- a/.ci/jenkins/Jenkinsfile.deploy
+++ b/.ci/jenkins/Jenkinsfile.deploy
@@ -127,29 +127,22 @@ pipeline {
.withProperty('maven.test.failure.ignore', true)
.skipTests(params.SKIP_TESTS)
- if (isRelease()) {
- withCredentials([file(credentialsId:
'asf-release-gpg-signing-key', variable: 'SIGNING_KEY')]) {
- withCredentials([file(credentialsId:
'asf-release-gpg-signing-key-password', variable: 'SIGNING_KEY_PASSWORD')]) {
- // copy the key to singkey.gpg file in
*plain text* so we can import it
- sh ("cat \"${SIGNING_KEY}\" >
\"${WORKSPACE}\"/signkey.gpg")
- // Please do not remove list keys command.
When gpg is run for the first time, it may initialize some internals.
- sh ('gpg --list-keys')
- sh ("gpg --batch --pinentry-mode=loopback
--passphrase \"${SIGNING_KEY_PASSWORD}\" --import
\"${WORKSPACE}\"/signkey.gpg")
- sh ("rm \"${WORKSPACE}\"/signkey.gpg")
+ def Closure mavenRunClosure = {
+ configFileProvider([configFile(fileId:
env.MAVEN_SETTINGS_CONFIG_FILE_ID, variable: 'MAVEN_SETTINGS_FILE')]) {
+
mavenCommand.withSettingsXmlFile(MAVEN_SETTINGS_FILE).run("clean
$installOrDeploy")
+ }
+ }
+ if (isRelease()) {
+
release.gpgImportKeyFromFileWithPassword(getReleaseGpgSignKeyCredsId(),
getReleaseGpgSignPassphraseCredsId())
+ withCredentials([string(credentialsId:
getReleaseGpgSignPassphraseCredsId(), variable: 'SIGNING_KEY_PASSWORD')]) {
mavenCommand.withProperty('gpg.passphrase', SIGNING_KEY_PASSWORD)
.withProfiles(['apache-release'])
-
// If there are passwords, this needs to
be duplicated within the withCredentials block.
- configFileProvider([configFile(fileId:
env.MAVEN_SETTINGS_CONFIG_FILE_ID, variable: 'MAVEN_SETTINGS_FILE')]) {
-
mavenCommand.withSettingsXmlFile(MAVEN_SETTINGS_FILE).run("clean
$installOrDeploy")
- }
+ mavenRunClosure()
}
- }
} else {
- configFileProvider([configFile(fileId:
env.MAVEN_SETTINGS_CONFIG_FILE_ID, variable: 'MAVEN_SETTINGS_FILE')]) {
-
mavenCommand.withSettingsXmlFile(MAVEN_SETTINGS_FILE).run("clean
$installOrDeploy")
- }
+ mavenRunClosure()
}
}
}
@@ -302,4 +295,12 @@ MavenCommand getMavenCommand(String directory = '') {
boolean isMainStream() {
return env.DROOLS_STREAM == 'main'
-}
\ No newline at end of file
+}
+
+String getReleaseGpgSignKeyCredsId() {
+ return env.RELEASE_GPG_SIGN_KEY_CREDS_ID
+}
+
+String getReleaseGpgSignPassphraseCredsId() {
+ return env.RELEASE_GPG_SIGN_PASSPHRASE_CREDS_ID
+}
diff --git a/.ci/jenkins/config/branch.yaml b/.ci/jenkins/config/branch.yaml
index 64732f06bb..439eea1b2d 100644
--- a/.ci/jenkins/config/branch.yaml
+++ b/.ci/jenkins/config/branch.yaml
@@ -95,6 +95,11 @@ cloud:
registry: docker.io
namespace: apache
latest_git_branch: main
+release:
+ gpg:
+ sign:
+ key-credentials-id: 'asf-release-gpg-signing-key'
+ passphrase-credentials-id: 'asf-release-gpg-signing-key-passphrase'
jenkins:
email_creds_id: DROOLS_CI_NOTIFICATION_EMAILS
agent:
diff --git a/.ci/jenkins/dsl/jobs.groovy b/.ci/jenkins/dsl/jobs.groovy
index 9de7fa8698..5e92426421 100644
--- a/.ci/jenkins/dsl/jobs.groovy
+++ b/.ci/jenkins/dsl/jobs.groovy
@@ -322,6 +322,9 @@ void setupDeployJob(JobType jobType) {
MAVEN_REPO_CREDS_ID: "${MAVEN_ARTIFACTS_UPLOAD_REPOSITORY_CREDS_ID}",
DROOLS_STREAM: Utils.getStream(this),
+
+ RELEASE_GPG_SIGN_KEY_CREDS_ID:
Utils.getReleaseGpgSignKeyCredentialsId(this),
+ RELEASE_GPG_SIGN_PASSPHRASE_CREDS_ID:
Utils.getReleaseGpgSignPassphraseCredentialsId(this)
])
KogitoJobTemplate.createPipelineJob(this, jobParams)?.with {
parameters {
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
