commit 2d40280c7a2fe8dbfbb73bd0fcc88ac0f91a038f
author June Tate-Gans <jtgans@google.com> Wed May 20 16:18:40 2020 -0400
committer June Tate-Gans <jtgans@google.com> Wed May 20 16:18:40 2020 -0400
tree 04dcdbdfe98e1ea78d67c2e1d570071b6f4eb42a
parent a342d1377917a58b2babe7f8a050b89f9ea87149

Add a task to publish the unstable repositories

This will be responsible for merging the debian mirror snapshots in with core
and publishing the snapshots to the filesystem.

Change-Id: I7d59a55bba4518f1124cbe21b3535aaa59f7dbfa

cicd/jobs/task_publish_unstable.jenkins

diff --git a/cicd/jobs/task_publish_unstable.jenkins b/cicd/jobs/task_publish_unstable.jenkins
new file mode 100644
index 0000000..c46405a
--- /dev/null
+++ b/cicd/jobs/task_publish_unstable.jenkins
@@ -0,0 +1,19 @@
+#!/usr/bin/env groovy
+
+pipelineJob("task.publish.unstable") {
+    description("Update apt packages repository for unstable \"release\"")
+
+    definition {
+        cpsScm {
+            scm {
+                git {
+                    remote {
+                        url('https://coral.googlesource.com/gke-jenkins')
+                    }
+                    branches('*/master')
+                }
+            }
+            scriptPath("cicd/pipelines/tasks/task_publish_unstable.jenkins")
+        }
+    }
+}

cicd/pipelines/tasks/task_publish_unstable.jenkins

diff --git a/cicd/pipelines/tasks/task_publish_unstable.jenkins b/cicd/pipelines/tasks/task_publish_unstable.jenkins
new file mode 100644
index 0000000..e0c21c2
--- /dev/null
+++ b/cicd/pipelines/tasks/task_publish_unstable.jenkins
@@ -0,0 +1,49 @@
+#!/usr/bin/env groovy
+
+def workspacePath = "/home/jenkins/workspace"
+def buildLabel = "task.publish.unstable-${UUID.randomUUID().toString()}"
+def sourcePath = "${workspacePath}/src"
+
+// FIXME(jtgans): Get rid of privileged! This is a security risk!
+def jnlpContainer = containerTemplate(name: 'jnlp',
+                                      image: 'jenkins/jnlp-slave:alpine')
+def debianContainer = containerTemplate(name: 'debian',
+                                        image: 'gcr.io/mendel-linux-cloud-infra/mendel-builder:latest',
+                                        command: 'cat',
+                                        args: '',
+                                        ttyEnabled: true,
+                                        privileged: true)
+def aptlyVolume = persistentVolumeClaim(claimName: 'aptly-state', mountPath: '/var/lib/aptly')
+
+def getLatestSnapshot(repository_stem) {
+    def script = """
+        aptly snapshot list --sort=time --raw \
+            | grep -E '^${repository_stem}-' \
+            | head -n1
+    """
+
+    return sh returnStdout: true, script: script
+}
+
+podTemplate(label: buildLabel, containers: [jnlpContainer, debianContainer], volumes: [aptlyVolume], envVars: []) {
+    node(buildLabel) {
+        dir(sourcePath) {
+            container('debian') {
+                withEnv(['GNUPGHOME=/var/lib/aptly/.gnupg']) {
+                    def debianMirrorSnapshotName = getLatestSnapshot('debian-buster')
+                    def coreSnapshotName = getLatestSnapshot('core-unstable')
+                    def bspSnapshotName  = getLatestSnapshot('enterprise-bsp-unstable')
+
+                    def date = new Date()
+                    String stamp = date.format("yyyyMMdd-HHmmss")
+
+                    sh """
+                       aptly task run snapshot merge core-full-unstable-${stamp} ${debianMirrorSnapshotName} ${coreSnapshotName},
+                                      publish snapshot --distribution=unstable core-full-unstable-${stamp} filesystem:unstable, \
+                                      publish snapshot --distribution=unstable ${bspSnapshotName} filesystem:unstable
+                       """
+                }
+            }
+        }
+    }
+}