[Generate model] Fix multiple issues
* Fix pipe for getting secretKeyID for gpg key
Jenkins slaves which are based on debian has different awk package installed
without support for '-e' parameter, so rewrite code to avoid issue.
* Fix gpg generation with non-tty old gpg env's
By default, gpg require passphrase to protect secret key, otherwise
salt not support such configuration.
Change-Id: I76079b62144171c540fde70524f05742ffdcce41
Related-Prod: PROD-30324
Related-Prod: PROD-30324
(cherry picked from commit 131de5fc9adf7035d5e553b804708e1e86bbcaee)
diff --git a/generate-cookiecutter-products.groovy b/generate-cookiecutter-products.groovy
index 124f96b..62a6e00 100644
--- a/generate-cookiecutter-products.groovy
+++ b/generate-cookiecutter-products.groovy
@@ -140,11 +140,15 @@
def secretKeyID = RequesterEmail ?: "salt@${context['cluster_domain']}".toString()
if (!context.get('secrets_encryption_private_key')) {
def batchData = """
+ %echo Generating a basic OpenPGP key for Salt-Master
+ %no-protection
Key-Type: 1
Key-Length: 4096
Expire-Date: 0
Name-Real: ${context['salt_master_hostname']}.${context['cluster_domain']}
Name-Email: ${secretKeyID}
+ %commit
+ %echo done
""".stripIndent()
writeFile file:'gpg-batch.txt', text:batchData
sh "gpg --gen-key --batch < gpg-batch.txt"
@@ -152,7 +156,7 @@
} else {
writeFile file:'gpgkey.asc', text:context['secrets_encryption_private_key']
sh "gpg --import gpgkey.asc"
- secretKeyID = sh(returnStdout: true, script: 'gpg --list-secret-keys --with-colons | awk -F: -e "/^sec/{print \\$5; exit}"').trim()
+ secretKeyID = sh(returnStdout: true, script: 'gpg --list-secret-keys --with-colons | grep -E "^sec" | awk -F: \'{print \$5}\'').trim()
}
context['secrets_encryption_key_id'] = secretKeyID
}