-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit 38d3bb7
Showing
3 changed files
with
248 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,158 @@ | ||
def updated = false; | ||
|
||
pipeline { | ||
triggers { | ||
cron(env.BRANCH_NAME == 'main' ? 'H H * * 4' : '') | ||
} | ||
|
||
agent { | ||
label 'Linux' | ||
} | ||
|
||
environment { | ||
ARTEFACTS_SERVER = credentials ('deployment-server') | ||
ARTEFACTS_PATH="/media/img/coreos" | ||
ARTEFACTS_VERSIONS = "coreos.json" | ||
} | ||
|
||
stages { | ||
stage('Initialize') { | ||
parallel { | ||
stage('Advertise start of build') { | ||
steps { | ||
slackSend color: "#4675b1", message: "${env.JOB_NAME} build #${env.BUILD_NUMBER} started :fire: (<${env.RUN_DISPLAY_URL}|Open>)" | ||
} | ||
} | ||
|
||
stage('Print environments variables') { | ||
steps { | ||
sh 'printenv | sort' | ||
} | ||
} | ||
} | ||
} | ||
|
||
stage('Set up prerequisites') { | ||
parallel { | ||
stage('Get ssh host key') { | ||
steps { | ||
sh ''' | ||
[ -d ~/.ssh ] || mkdir ~/.ssh && chmod 0700 ~/.ssh && touch ~/.ssh/known_hosts | ||
if !(ssh-keygen -F $ARTEFACTS_SERVER) | ||
then | ||
ssh-keyscan -t ed25519 $ARTEFACTS_SERVER >> ~/.ssh/known_hosts | ||
fi | ||
''' | ||
} | ||
} | ||
|
||
stage('Get fedora pgp keys') { | ||
steps { | ||
sh 'curl --no-progress-meter https://fedoraproject.org/fedora.gpg | gpg --import' | ||
} | ||
} | ||
|
||
stage('Get last version') { | ||
steps { | ||
sshagent(credentials: ['Jenkins-Key']) { | ||
sh ''' | ||
if ssh jenkins@$ARTEFACTS_SERVER ls $ARTEFACTS_PATH/$ARTEFACTS_VERSIONS | ||
then | ||
scp jenkins@$ARTEFACTS_SERVER:/$ARTEFACTS_PATH/$ARTEFACTS_VERSIONS ./$ARTEFACTS_VERSIONS | ||
fi | ||
''' | ||
} | ||
} | ||
} | ||
} | ||
} | ||
|
||
stage("Download ... Upload") { | ||
matrix { | ||
axes { | ||
axis { | ||
name 'STREAM' | ||
values 'stable', 'next', 'testing' | ||
} | ||
axis { | ||
name 'ARCH' | ||
values 'x86_64', 'aarch64' | ||
} | ||
axis { | ||
name 'ARTIFACT' | ||
values 'metal' | ||
} | ||
axis { | ||
name 'FORMAT' | ||
values 'pxe' | ||
} | ||
} | ||
|
||
excludes { | ||
exclude { | ||
axis { | ||
name 'STREAM' | ||
values 'testing' | ||
} | ||
} | ||
|
||
exclude { | ||
axis { | ||
name 'ARCH' | ||
values 'aarch64' | ||
} | ||
} | ||
} | ||
|
||
stages { | ||
stage("Getting CoreOS artefacts") { | ||
steps { | ||
sh ''' | ||
./Update.sh --stream $STREAM --arch $ARCH --artifact $ARTIFACT --format $FORMAT --verbose true | ||
''' | ||
} | ||
} | ||
|
||
stage("Upload Files") { | ||
when { expression { return findFiles(glob: "*.${STREAM}").length > 0 } } | ||
steps { | ||
sshagent(credentials: ['Jenkins-Key']) { | ||
sh ''' | ||
echo uploading *.$STREAM files | ||
scp *.$STREAM jenkins@$ARTEFACTS_SERVER:/media/img/coreos/ | ||
''' | ||
script { updated = true } | ||
} | ||
} | ||
} | ||
} | ||
} | ||
} | ||
|
||
stage("Upload versions update") { | ||
when { expression { updated == true } } | ||
steps { | ||
sshagent(credentials: ['Jenkins-Key']) { | ||
sh ''' | ||
scp ./$ARTEFACTS_VERSIONS jenkins@$ARTEFACTS_SERVER:/$ARTEFACTS_PATH/$ARTEFACTS_VERSIONS | ||
''' | ||
archiveArtifacts ARTEFACTS_VERSIONS | ||
} | ||
} | ||
} | ||
} | ||
|
||
post { | ||
success { | ||
slackSend color: "#4675b1", message: "${env.JOB_NAME} successfully built :blue_heart: !" | ||
} | ||
|
||
failure { | ||
slackSend color: "danger", message: "${env.JOB_NAME} build failed :poop: !" | ||
} | ||
|
||
cleanup { | ||
cleanWs() | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,89 @@ | ||
#!/bin/bash | ||
|
||
jqverbose() { | ||
if $verbose; then echo $1 | jq; fi; | ||
} | ||
|
||
stream="stable" | ||
arch="x86_64" | ||
artifact="metal" | ||
format="pxe" | ||
versions='coreos.json' | ||
streampath='https://builds.coreos.fedoraproject.org/streams' | ||
verbose=false | ||
|
||
while [ $# -gt 0 ]; do | ||
case "$1" in | ||
-s|--stream) | ||
stream="$2" | ||
;; | ||
-a|--arch) | ||
arch="$2" | ||
;; | ||
-t|--artifact) | ||
artifact="$2" | ||
;; | ||
-f|--format) | ||
format="$2" | ||
;; | ||
-v|--verbose) | ||
verbose="$2" | ||
;; | ||
*) | ||
printf "***************************\n" | ||
printf "* Error: Invalid argument.*\n" | ||
printf "***************************\n" | ||
exit 1 | ||
esac | ||
shift | ||
shift | ||
done | ||
|
||
data="$streampath/$stream.json" | ||
echo "Checking updates from $stream stream at : $data" | ||
|
||
echo "Looking for $artifact $arch release" | ||
data=$(curl --no-progress-meter $data | jq .architectures.$arch.artifacts.$artifact) | ||
jqverbose "${data}" | ||
|
||
FCOSrelease=$(jq -n "$data" | jq --raw-output .release) | ||
FCOSversion=$(jq --raw-output .$stream.$arch.$artifact.$format $versions) | ||
|
||
if [ "${FCOSversion}" = "null" ] | ||
then | ||
FCOSversion=0 | ||
fi | ||
|
||
echo FCOSrelease: $FCOSrelease / FCOSversion: $FCOSversion | ||
|
||
if $(jq -n "$data" | jq --raw-output --arg version $FCOSversion '.release > $version') | ||
then | ||
echo "Looking for $format files" | ||
files=$(jq -n "$data" | jq .formats.$format) #filtering $format files version | ||
jqverbose "${files}" | ||
for file in $(jq -n "$files" | jq --raw-output 'keys[]') #downloading all files | ||
do | ||
|
||
echo "Looking for $file" | ||
filename="$file.$format.$artifact.$arch.$stream" | ||
fileinfo=$(jq -n "$files" | jq .$file) #filtering each file informations | ||
jqverbose "${fileinfo}" | ||
|
||
for try in {1..2} #let's try 2 times downloading with correct checksum | ||
do | ||
echo "Downloading $(jq -n "$fileinfo" | jq --raw-output .location) to $filename" | ||
# curl -C - --no-progress-meter --parallel \ | ||
# -o $filename $(jq -n "$fileinfo" | jq --raw-output .location) \ | ||
# -o $filename.sig $(jq -n "$fileinfo" | jq --raw-output .signature) #Downloading fileinfo.location and .signature | ||
if echo "$(jq -n "$fileinfo" | jq --raw-output .sha256) $filename" | sha256sum --check && gpg --verify $filename.sig | ||
then | ||
break | ||
else | ||
rm $filename $filename.sig | ||
fi | ||
done | ||
done | ||
# cat <<< $(jq --arg release $FCOSrelease '.'$stream'.'$arch'.'$artifact'.'$format' = $release' $versions) > $versions | ||
else | ||
echo "Up to date, nothing to do" | ||
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
{} |