public ListBoxModel doFillGpgKeyNameItems() {
ListBoxModel items = new ListBoxModel();
for (GpgKey gpgKey : gpgKeys) {
items.add(gpgKey.getName(), gpgKey.getName());
}
return items;
}
private GpgKey getGpgKey(String gpgKeyName) {
GpgSignerDescriptor gpgSignerDescriptor =
Jenkins.getInstance().getDescriptorByType(GpgSignerDescriptor.class);
if (!StringUtils.isEmpty(gpgKeyName) && !gpgSignerDescriptor.getGpgKeys().isEmpty()) {
for (GpgKey gpgKey : gpgSignerDescriptor.getGpgKeys()) {
if (StringUtils.equals(gpgKeyName, gpgKey.getName())) {
return gpgKey;
}
}
}
return null;
}
private boolean isGpgKeyAvailable(
GpgKey gpgKey, AbstractBuild<?, ?> build, Launcher launcher, BuildListener listener)
throws IOException, InterruptedException {
ArgumentListBuilder command = new ArgumentListBuilder();
command.add("gpg", "--fingerprint", gpgKey.getName());
Launcher.ProcStarter ps = launcher.new ProcStarter();
ps = ps.cmds(command).stdout(listener);
ps = ps.pwd(build.getWorkspace()).envs(build.getEnvironment(listener));
Proc proc = launcher.launch(ps);
return proc.join() == 0;
}
@Override
public boolean perform(AbstractBuild<?, ?> build, Launcher launcher, BuildListener listener)
throws InterruptedException, IOException {
if (isPerformDeployment(build)) {
listener.getLogger().println("[RpmSignPlugin] - Starting signing RPMs ...");
for (Rpm rpmEntry : entries) {
StringTokenizer rpmGlobTokenizer = new StringTokenizer(rpmEntry.getIncludes(), ",");
GpgKey gpgKey = getGpgKey(rpmEntry.getGpgKeyName());
if (gpgKey != null && gpgKey.getPrivateKey().getPlainText().length() > 0) {
listener.getLogger().println("[RpmSignPlugin] - Importing private key");
importGpgKey(gpgKey.getPrivateKey().getPlainText(), build, launcher, listener);
listener.getLogger().println("[RpmSignPlugin] - Imported private key");
}
if (!isGpgKeyAvailable(gpgKey, build, launcher, listener)) {
listener
.getLogger()
.println("[RpmSignPlugin] - Can't find GPG key: " + rpmEntry.getGpgKeyName());
return false;
}
while (rpmGlobTokenizer.hasMoreTokens()) {
String rpmGlob = rpmGlobTokenizer.nextToken();
listener.getLogger().println("[RpmSignPlugin] - Publishing " + rpmGlob);
FilePath[] matchedRpms = build.getWorkspace().list(rpmGlob);
if (ArrayUtils.isEmpty(matchedRpms)) {
listener.getLogger().println("[RpmSignPlugin] - No RPMs matching " + rpmGlob);
} else {
ArgumentListBuilder rpmSignCommand = new ArgumentListBuilder();
rpmSignCommand.add("rpm", "--define");
rpmSignCommand.add("_gpg_name " + gpgKey.getName());
rpmSignCommand.addTokenized(rpmEntry.getCmdlineOpts());
if (rpmEntry.isResign()) {
rpmSignCommand.add("--resign");
} else {
rpmSignCommand.add("--addsign");
}
for (FilePath rpmFilePath : matchedRpms) {
rpmSignCommand.add(rpmFilePath.toURI().normalize().getPath());
}
String rpmCommandLine = rpmSignCommand.toString();
listener.getLogger().println("[RpmSignPlugin] - Running " + rpmCommandLine);
ArgumentListBuilder expectCommand = new ArgumentListBuilder();
expectCommand.add("expect", "-");
Launcher.ProcStarter ps = launcher.new ProcStarter();
ps = ps.cmds(expectCommand).stdout(listener);
ps = ps.pwd(build.getWorkspace()).envs(build.getEnvironment(listener));
byte[] expectScript =
createExpectScriptFile(rpmCommandLine, gpgKey.getPassphrase().getPlainText());
ByteArrayInputStream is = new ByteArrayInputStream(expectScript);
ps.stdin(is);
Proc proc = launcher.launch(ps);
int retcode = proc.join();
if (retcode != 0) {
listener.getLogger().println("[RpmSignPlugin] - Failed signing RPMs ...");
return false;
}
}
}
}
listener.getLogger().println("[RpmSignPlugin] - Finished signing RPMs ...");
} else {
listener.getLogger().println("[RpmSignPlugin] - Skipping signing RPMs ...");
}
return true;
}
