forked from grafana/grafana
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Build: Split up task in the CI pipeline to ease running outside circl…
…eci (grafana#18861) * build: make sign rpm packages not depend on checking out private key * build: move commands from circleci config into verify signed packages script * build: split update and publish of deb and rpm into two scripts * use files argument for sign and verify packages * validate files argument for sign and verify packages * update test publish of deb/rpm readme
- Loading branch information
Showing
14 changed files
with
164 additions
and
48 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
#!/bin/bash | ||
|
||
set -e | ||
|
||
git clone git@github.com:torkelo/private.git ~/private-repo | ||
cp ~/private-repo/signing/private.key /private.key |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,12 +1,24 @@ | ||
#!/bin/bash | ||
|
||
git clone git@github.com:torkelo/private.git ~/private-repo | ||
set -e | ||
|
||
gpg --allow-secret-key-import --import ~/private-repo/signing/private.key | ||
_files=$* | ||
|
||
if [ -z "$_files" ]; then | ||
echo "_files (arg 1) has to be set" | ||
exit 1 | ||
fi | ||
|
||
if [ -z "$GPG_KEY_PASSWORD" ]; then | ||
echo "GPG_KEY_PASSWORD has to be set" | ||
exit 1 | ||
fi | ||
|
||
gpg --allow-secret-key-import --import /private.key | ||
|
||
cp ./scripts/build/rpmmacros ~/.rpmmacros | ||
|
||
for package in dist/*.rpm; do | ||
for package in $_files; do | ||
[ -e "$package" ] || continue | ||
./scripts/build/sign_expect "$GPG_KEY_PASSWORD" "$package" | ||
done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
#!/usr/bin/env bash | ||
|
||
set -e | ||
|
||
gpg --batch --allow-secret-key-import --import /private.key | ||
pkill gpg-agent |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
#!/usr/bin/env bash | ||
|
||
RELEASE_TYPE="${1:-}" | ||
GCP_DB_BUCKET="${2:-grafana-aptly-db}" | ||
GCP_REPO_BUCKET="${3:-grafana-repo}" | ||
|
||
if [ -z "$RELEASE_TYPE" ]; then | ||
echo "RELEASE_TYPE (arg 1) has to be set" | ||
exit 1 | ||
fi | ||
|
||
if [[ "$RELEASE_TYPE" != "oss" && "$RELEASE_TYPE" != "enterprise" ]]; then | ||
echo "RELEASE_TYPE (arg 1) must be either oss or enterprise." | ||
exit 1 | ||
fi | ||
|
||
set -e | ||
|
||
# Update the repo and db on gcp | ||
|
||
gsutil -m rsync -r -d /deb-repo/db "gs://$GCP_DB_BUCKET/$RELEASE_TYPE" | ||
|
||
# Uploads the binaries before the metadata (to prevent 404's for debs) | ||
gsutil -m rsync -r /deb-repo/repo/grafana/pool "gs://$GCP_REPO_BUCKET/$RELEASE_TYPE/deb/pool" | ||
|
||
gsutil -m rsync -r -d /deb-repo/repo/grafana "gs://$GCP_REPO_BUCKET/$RELEASE_TYPE/deb" | ||
|
||
# usage: | ||
# | ||
# deb https://packages.grafana.com/oss/deb stable main |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
#!/usr/bin/env bash | ||
|
||
RELEASE_TYPE="${1:-}" | ||
RELEASE_TAG="${2:-}" | ||
GCP_REPO_BUCKET="${3:-grafana-repo}" | ||
|
||
REPO="rpm" | ||
|
||
if [ -z "$RELEASE_TYPE" ]; then | ||
echo "RELEASE_TYPE (arg 1) has to be set" | ||
exit 1 | ||
fi | ||
|
||
if [[ "$RELEASE_TYPE" != "oss" && "$RELEASE_TYPE" != "enterprise" ]]; then | ||
echo "RELEASE_TYPE (arg 1) must be either oss or enterprise." | ||
exit 1 | ||
fi | ||
|
||
if echo "$RELEASE_TAG" | grep -q "beta"; then | ||
REPO="rpm-beta" | ||
fi | ||
|
||
set -e | ||
|
||
# Setup environment | ||
BUCKET="gs://$GCP_REPO_BUCKET/$RELEASE_TYPE/$REPO" | ||
|
||
# Update the repo and db on gcp | ||
gsutil -m cp /rpm-repo/*.rpm "$BUCKET" # sync binaries first to avoid cache misses | ||
gsutil -m rsync -r -d /rpm-repo "$BUCKET" | ||
|
||
# usage: | ||
# [grafana] | ||
# name=grafana | ||
# baseurl=https://packages.grafana.com/oss/rpm | ||
# repo_gpgcheck=1 | ||
# enabled=1 | ||
# gpgcheck=1 | ||
# gpgkey=https://packages.grafana.com/gpg.key | ||
# sslverify=1 | ||
# sslcacert=/etc/pki/tls/certs/ca-bundle.crt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
#!/usr/bin/env bash | ||
|
||
./scripts/build/update_repo/publish-deb.sh "oss" "grafana-testing-aptly-db" "grafana-testing-repo" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
#!/usr/bin/env bash | ||
|
||
./scripts/build/update_repo/publish-rpm.sh "oss" "v5.4.3" "grafana-testing-repo" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters