From 28a352ee4ee13f61106eb57a770015010d5e6be9 Mon Sep 17 00:00:00 2001 From: jstastny-cz Date: Fri, 24 May 2024 13:24:28 +0200 Subject: [PATCH] NO_ISSUE: use release shared library --- .ci/jenkins/Jenkinsfile.deploy | 35 +++++++++++++++++----------------- .ci/jenkins/dsl/jobs.groovy | 3 +++ 2 files changed, 21 insertions(+), 17 deletions(-) diff --git a/.ci/jenkins/Jenkinsfile.deploy b/.ci/jenkins/Jenkinsfile.deploy index dce243d719..c1ca9c830a 100644 --- a/.ci/jenkins/Jenkinsfile.deploy +++ b/.ci/jenkins/Jenkinsfile.deploy @@ -116,29 +116,22 @@ pipeline { .withOptions(env.KOGITO_APPS_BUILD_MVN_OPTS ? [ env.KOGITO_APPS_BUILD_MVN_OPTS ] : []) .skipTests(skipTests) + def Closure mavenRunClosure = { + configFileProvider([configFile(fileId: env.MAVEN_SETTINGS_CONFIG_FILE_ID, variable: 'MAVEN_SETTINGS_FILE')]) { + mavenCommand.withSettingsXmlFile(MAVEN_SETTINGS_FILE) + .run("clean $installOrDeploy") + } + } if (isRelease()) { - withCredentials([file(credentialsId: 'asf-release-gpg-signing-key', variable: 'SIGNING_KEY')]) { - withCredentials([file(credentialsId: 'asf-release-gpg-signing-key-password', variable: 'SIGNING_KEY_PASSWORD')]) { - // copy the key to singkey.gpg file in *plain text* so we can import it - sh ('cat $SIGNING_KEY > $WORKSPACE/signkey.gpg') - // Please do not remove list keys command. When gpg is run for the first time, it may initialize some internals. - sh ('gpg --list-keys') - sh ("gpg --batch --pinentry-mode=loopback --passphrase \"${SIGNING_KEY_PASSWORD}\" --import signkey.gpg") - sh ('rm $WORKSPACE/signkey.gpg') - + release.gpgImportKeyFromFileWithPassword(getReleaseGpgSignKeyCredsId(), getReleaseGpgSignPassphraseCredsId()) + withCredentials([string(credentialsId: getReleaseGpgSignPassphraseCredsId(), variable: 'SIGNING_KEY_PASSWORD')]) { mavenCommand.withProperty('gpg.passphrase', SIGNING_KEY_PASSWORD) mavenCommand.withProfiles(['apache-release']) - configFileProvider([configFile(fileId: env.MAVEN_SETTINGS_CONFIG_FILE_ID, variable: 'MAVEN_SETTINGS_FILE')]) { - mavenCommand.withSettingsXmlFile(MAVEN_SETTINGS_FILE).run("clean $installOrDeploy") - } - } + mavenRunClosure() } } else { - configFileProvider([configFile(fileId: env.MAVEN_SETTINGS_CONFIG_FILE_ID, variable: 'MAVEN_SETTINGS_FILE')]){ - mavenCommand.withSettingsXmlFile(MAVEN_SETTINGS_FILE).run("clean $installOrDeploy") - } + mavenRunClosure() } - } } } @@ -282,3 +275,11 @@ MavenCommand getMavenCommand(String directory = '') { .inDirectory(directory) .withProperty('full') } + +String getReleaseGpgSignKeyCredsId() { + return env.RELEASE_GPG_SIGN_KEY_CREDS_ID +} + +String getReleaseGpgSignPassphraseCredsId() { + return env.RELEASE_GPG_SIGN_PASSPHRASE_CREDS_ID +} diff --git a/.ci/jenkins/dsl/jobs.groovy b/.ci/jenkins/dsl/jobs.groovy index a1b3eb7e99..b3a063293f 100644 --- a/.ci/jenkins/dsl/jobs.groovy +++ b/.ci/jenkins/dsl/jobs.groovy @@ -224,6 +224,9 @@ void setupReleaseDeployJob() { MAVEN_DEPENDENCIES_REPOSITORY: "${MAVEN_ARTIFACTS_REPOSITORY}", MAVEN_DEPLOY_REPOSITORY: "${MAVEN_ARTIFACTS_UPLOAD_REPOSITORY_URL}", MAVEN_REPO_CREDS_ID: "${MAVEN_ARTIFACTS_UPLOAD_REPOSITORY_CREDS_ID}", + + RELEASE_GPG_SIGN_KEY_CREDS_ID: Utils.getReleaseGpgSignKeyCredentialsId(this), + RELEASE_GPG_SIGN_PASSPHRASE_CREDS_ID: Utils.getReleaseGpgSignPassphraseCredentialsId(this) ]) KogitoJobTemplate.createPipelineJob(this, jobParams)?.with { parameters {