| #!/usr/bin/env groovy |
| |
| library 'functions' |
| |
| def updateBspPublish(String boardName) { |
| def bspSnapshotName = functions.getLatestSnapshot("unstable-bsp-${boardName}") |
| |
| if (functions.bspIsPublished("unstable", boardName)) { |
| sh "aptly publish switch --batch --force-overwrite --passphrase-file=/var/lib/aptly/keyring/passphrase.txt unstable filesystem:public:unstable-bsp-${boardName} ${bspSnapshotName}" |
| } else { |
| sh "aptly publish snapshot --batch --force-overwrite --passphrase-file=/var/lib/aptly/keyring/passphrase.txt --architectures=source,amd64,arm64,armhf --distribution=unstable ${bspSnapshotName} filesystem:public:unstable-bsp-${boardName}" |
| } |
| } |
| |
| def updateCorePublish() { |
| def debianMainMirrorSnapshotName = functions.getLatestSnapshot('debian-buster') |
| def debianContribMirrorSnapshotName = functions.getLatestSnapshot('debian-buster-contrib') |
| def debianNonfreeMirrorSnapshotName = functions.getLatestSnapshot('debian-buster-non-free') |
| def coreSnapshotName = functions.getLatestSnapshot('unstable-core') |
| String stamp = functions.generateDateStamp() |
| |
| sh """ |
| aptly snapshot merge core-full-unstable-${stamp} ${debianMainMirrorSnapshotName} ${debianContribMirrorSnapshotName} ${debianNonfreeMirrorSnapshotName} ${coreSnapshotName} |
| """ |
| |
| if (functions.coreIsPublished("unstable")) { |
| sh "aptly publish switch --batch --force-overwrite --passphrase-file=/var/lib/aptly/keyring/passphrase.txt unstable filesystem:public:unstable core-full-unstable-${stamp}" |
| } else { |
| sh "aptly publish snapshot --batch --force-overwrite --passphrase-file=/var/lib/aptly/keyring/passphrase.txt --architectures=source,amd64,arm64,armhf --distribution=unstable core-full-unstable-${stamp} filesystem:public:unstable" |
| } |
| } |
| |
| def workspacePath = "/home/jenkins/workspace" |
| def buildLabel = "task.publish.unstable-${UUID.randomUUID().toString()}" |
| def sourcePath = "${workspacePath}/src" |
| |
| // FIXME(jtgans): Get rid of privileged! This is a security risk! |
| def jnlpContainer = containerTemplate(name: 'jnlp', |
| image: 'jenkins/jnlp-slave:alpine') |
| def debianContainer = containerTemplate(name: 'debian', |
| image: 'gcr.io/mendel-linux-cloud-infra/mendel-builder:latest', |
| command: 'cat', |
| args: '', |
| ttyEnabled: true, |
| privileged: true, |
| alwaysPullImage: true) |
| def aptlyVolume = persistentVolumeClaim(claimName: 'aptly-state', mountPath: '/var/lib/aptly') |
| def gpgVolume = secretVolume(secretName: 'mendel-release-credentials', mountPath: '/var/lib/aptly/keyring') |
| |
| podTemplate(label: buildLabel, containers: [jnlpContainer, debianContainer], volumes: [aptlyVolume, gpgVolume], envVars: []) { |
| node(buildLabel) { |
| dir(sourcePath) { |
| container('debian') { |
| sh "cp /etc/aptly.conf ~/.aptly.conf" |
| withEnv(['GNUPGHOME=/var/lib/aptly/.gnupg']) { |
| functions.installGpgKeyring() |
| |
| updateCorePublish(); |
| |
| for (board in functions.getSupportedBoards()) { |
| updateBspPublish(board); |
| } |
| } |
| } |
| } |
| } |
| } |