Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / mcp-ci / pipeline-library / 222c0be9264e7de4c7e2e65006f257a820a36812^2..222c0be9264e7de4c7e2e65006f257a820a36812 / .
commit222c0be9264e7de4c7e2e65006f257a820a36812[log] [tgz]
authorFilip Pytloun <fpytloun@mirantis.com>Wed Mar 22 14:46:20 2017 +0000
committerGerrit Code Review <gerrit2@8d47cb36f245>Wed Mar 22 14:46:21 2017 +0000
tree31d0c3da8e394b1c26e6b406674d2700f2174fa4
parentc684645bada68afc602179349e78e5d58f427ea3 [diff]
parent3e8dd4789406290ff099aa70bff92c000632732c [diff]
Merge "Fixed ssh get known host function"
diff --git a/src/com/mirantis/mk/Aptly.groovy b/src/com/mirantis/mk/Aptly.groovy
index c1197a5..fdf0d27 100644
--- a/src/com/mirantis/mk/Aptly.groovy
+++ b/src/com/mirantis/mk/Aptly.groovy

@@ -73,12 +73,12 @@
 }
 
 def promotePublish(server, source, target, recreate=false, components=null, packages=null, diff=false, opts='-d --timeout 600') {
-    if (components) {
-        def componentsStr = components.join(' ')
+    if (components && components != "all" && components != "") {
+        def componentsStr = components.replaceAll(",", " ")
         opts = "${opts} --components ${componentsStr}"
     }
-    if (packages) {
-        def packagesStr = packages.join(' ')
+    if (packages && packages != "all" && packages != "") {
+        def packagesStr = packages.replaceAll(",", " ")
         opts = "${opts} --packages ${packagesStr}"
     }
     if (recreate.toBoolean() == true) {
@@ -87,6 +87,7 @@
     if (diff.toBoolean() == true) {
         opts = "--dry --diff"
     }
+
     sh("aptly-publisher --url ${server} promote --source ${source} --target ${target} ${opts}")
 }
 

diff --git a/src/com/mirantis/mk/Common.groovy b/src/com/mirantis/mk/Common.groovy
index c515124..768e180 100644
--- a/src/com/mirantis/mk/Common.groovy
+++ b/src/com/mirantis/mk/Common.groovy

@@ -28,6 +28,28 @@
 }
 
 /**
+ * Get UID of jenkins user.
+ * Must be run from context of node
+ */
+def getJenkinsUid() {
+    return sh (
+        script: 'id -u',
+        returnStdout: true
+    ).trim()
+}
+
+/**
+ * Get GID of jenkins user.
+ * Must be run from context of node
+ */
+def getJenkinsGid() {
+    return sh (
+        script: 'id -g',
+        returnStdout: true
+    ).trim()
+}
+
+/**
  * Get credentials from store
  *
  * @param id    Credentials name
@@ -347,4 +369,4 @@
     } catch (Exception e) {
       common.errorMsg("Failed to execute cmd: ${cmd}\n output: ${output}")
     }
-}
\ No newline at end of file
+}

diff --git a/src/com/mirantis/mk/Debian.groovy b/src/com/mirantis/mk/Debian.groovy
index 0ec6dd5..f0f4ba0 100644
--- a/src/com/mirantis/mk/Debian.groovy
+++ b/src/com/mirantis/mk/Debian.groovy

@@ -22,6 +22,9 @@
  */
 def buildBinary(file, image="debian:sid", extraRepoUrl=null, extraRepoKeyUrl=null) {
     def common = new com.mirantis.mk.Common()
+    def jenkinsUID = common.getJenkinsUid()
+    def jenkinsGID = common.getJenkinsGid()
+
     def pkg = file.split('/')[-1].split('_')[0]
     def img = docker.image(image)
 
@@ -35,10 +38,12 @@
                 which curl || (apt-get update && apt-get install -y curl) &&
                 curl --insecure -ss -f "${extraRepoKeyUrl}" | apt-key add -
             ) &&
-            apt-get update && apt-get install -y build-essential devscripts equivs &&
-            dpkg-source -x ${file} build-area/${pkg} && cd build-area/${pkg} &&
+            apt-get update && apt-get install -y build-essential devscripts equivs sudo &&
+            groupadd -g ${jenkinsGID} jenkins &&
+            useradd -s /bin/bash --uid ${jenkinsUID} --gid ${jenkinsGID} -m jenkins &&
+            sudo -H -u jenkins dpkg-source -x ${file} build-area/${pkg} && cd build-area/${pkg} &&
             mk-build-deps -t "apt-get -o Debug::pkgProblemResolver=yes -y" -i debian/control
-            debuild --no-lintian -uc -us -b'""")
+            sudo -H -u jenkins debuild --no-lintian -uc -us -b'""")
 }
 
 /*
@@ -89,14 +94,8 @@
  */
 def buildSourceGbp(dir, image="debian:sid", snapshot=false, gitEmail='jenkins@dummy.org', gitName='Jenkins', revisionPostfix="") {
     def common = new com.mirantis.mk.Common()
-    def jenkinsUID = sh (
-        script: 'id -u',
-        returnStdout: true
-    ).trim()
-    def jenkinsGID = sh (
-        script: 'id -g',
-        returnStdout: true
-    ).trim()
+    def jenkinsUID = common.getJenkinsUid()
+    def jenkinsGID = common.getJenkinsGid()
 
     if (! revisionPostfix) {
         revisionPostfix = ""
@@ -134,7 +133,7 @@
                 sudo -H -u jenkins git add -u debian/changelog &&
                 sudo -H -u jenkins git commit -m "New snapshot version \$NEW_VERSION"
             ) &&
-            gbp buildpackage -nc --git-force-create --git-notify=false --git-ignore-branch --git-ignore-new --git-verbose --git-export-dir=../build-area -S -uc -us'""")
+            sudo -H -u jenkins gbp buildpackage -nc --git-force-create --git-notify=false --git-ignore-branch --git-ignore-new --git-verbose --git-export-dir=../build-area -S -uc -us'""")
 }
 
 /*
@@ -164,8 +163,12 @@
     def workspace = common.getWorkspace()
     def privKey = common.getCredentials(privateKeyCredId, "key")
     def private_key = privKey.privateKeySource.privateKey
-    writeFile file:"${workspace}/private.key", text: private_key
-    sh(script: "gpg --no-tty --allow-secret-key-import --homedir ${workspace}/.gnupg --import ./private.key")
+    def gpg_key_id = common.getCredentials(privateKeyCredId, "key").username
+    def retval = sh(script: "export GNUPGHOME=${workspace}/.gnupg; gpg --list-secret-keys | grep ${gpg_key_id}", returnStatus: true)
+    if (retval) {
+        writeFile file:"${workspace}/private.key", text: private_key
+        sh(script: "gpg --no-tty --allow-secret-key-import --homedir ${workspace}/.gnupg --import ./private.key")
+    }
 }
 
 /*