Use gpg1 for client-side actions.
JGit has limited support for GPGv2 KBX files. Switching to gpg1 and legacy keyring files enables proper signing of commits.
This commit is contained in:
4
Jenkinsfile
vendored
4
Jenkinsfile
vendored
@@ -25,7 +25,7 @@ pipeline {
|
||||
|
||||
steps {
|
||||
script {
|
||||
def image = docker.build("springci/spring-data-release-tools:0.5", "ci")
|
||||
def image = docker.build("springci/spring-data-release-tools:0.6", "ci")
|
||||
docker.withRegistry('', 'hub.docker.com-springbuildmaster') {
|
||||
image.push()
|
||||
}
|
||||
@@ -39,7 +39,7 @@ pipeline {
|
||||
}
|
||||
agent {
|
||||
docker {
|
||||
image 'springci/spring-data-release-tools:0.5'
|
||||
image 'springci/spring-data-release-tools:0.6'
|
||||
}
|
||||
}
|
||||
options { timeout(time: 4, unit: 'HOURS') }
|
||||
|
||||
@@ -1,48 +0,0 @@
|
||||
pipeline {
|
||||
agent none
|
||||
|
||||
triggers {
|
||||
pollSCM 'H/10 * * * *'
|
||||
}
|
||||
|
||||
options {
|
||||
disableConcurrentBuilds()
|
||||
buildDiscarder(logRotator(numToKeepStr: '14'))
|
||||
}
|
||||
|
||||
stages {
|
||||
stage('Build the Spring Data release tools container') {
|
||||
when {
|
||||
changeset 'ci/Dockerfile'
|
||||
}
|
||||
agent {
|
||||
label 'data'
|
||||
}
|
||||
|
||||
steps {
|
||||
script {
|
||||
def image = docker.build("springci/spring-data-release-tools:0.4", "ci")
|
||||
docker.withRegistry('', 'hub.docker.com-springbuildmaster') {
|
||||
image.push()
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
post {
|
||||
changed {
|
||||
script {
|
||||
slackSend(
|
||||
color: (currentBuild.currentResult == 'SUCCESS') ? 'good' : 'danger',
|
||||
channel: '#spring-data-dev',
|
||||
message: "${currentBuild.fullDisplayName} - `${currentBuild.currentResult}`\n${env.BUILD_URL}")
|
||||
emailext(
|
||||
subject: "[${currentBuild.fullDisplayName}] ${currentBuild.currentResult}",
|
||||
mimeType: 'text/html',
|
||||
recipientProviders: [[$class: 'CulpritsRecipientProvider'], [$class: 'RequesterRecipientProvider']],
|
||||
body: "<a href=\"${env.BUILD_URL}\">${currentBuild.fullDisplayName} is reported as ${currentBuild.currentResult}</a>")
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -26,7 +26,7 @@ deployment.maven-central.staging-profile-id=
|
||||
# GPG
|
||||
gpg.keyname=
|
||||
gpg.passphrase=
|
||||
gpg.executable=/usr/local/bin/gpg2
|
||||
gpg.executable=/usr/local/bin/gpg1
|
||||
|
||||
# A GitHub token with user:email, read:user and read:org scopes.
|
||||
# User needs to be part of the Spring team on GitHub as well.
|
||||
|
||||
@@ -17,7 +17,7 @@ RUN set -eux; \
|
||||
sed -i -e 's/ports.ubuntu.com/ftp.tu-chemnitz.de\/pub\/linux/g' /etc/apt/sources.list && \
|
||||
sed -i -e 's/http/https/g' /etc/apt/sources.list && \
|
||||
apt-get update && \
|
||||
apt-get -y install curl zip gnupg libfreetype6
|
||||
apt-get -y install curl zip gnupg gnupg1 libfreetype6
|
||||
RUN rm -rf /var/lib/apt/lists/* && \
|
||||
rm -rf /tmp/*
|
||||
|
||||
|
||||
@@ -34,9 +34,9 @@ if test -f application-local.properties; then
|
||||
else
|
||||
echo "You are running inside Jenkins! Using parameters fed from the agent."
|
||||
|
||||
echo "${GIT_SIGNING_KEY_PASSWORD}" | /usr/bin/gpg --batch --yes --passphrase-fd 0 --import "${GIT_SIGNING_KEY}"
|
||||
echo "${MAVEN_SIGNING_KEY_PASSWORD}" | /usr/bin/gpg --batch --yes --passphrase-fd 0 --import "${MAVEN_SIGNING_KEY}"
|
||||
/usr/bin/gpg -k
|
||||
echo "${GIT_SIGNING_KEY_PASSWORD}" | /usr/bin/gpg1 --batch --yes --passphrase-fd 0 --import "${GIT_SIGNING_KEY}"
|
||||
echo "${MAVEN_SIGNING_KEY_PASSWORD}" | /usr/bin/gpg1 --batch --yes --passphrase-fd 0 --import "${MAVEN_SIGNING_KEY}"
|
||||
/usr/bin/gpg1 -k
|
||||
|
||||
function spring-data-release-shell {
|
||||
java \
|
||||
|
||||
@@ -34,9 +34,9 @@ if test -f application-local.properties; then
|
||||
else
|
||||
echo "You are running inside Jenkins! Using parameters fed from the agent."
|
||||
|
||||
echo "${GIT_SIGNING_KEY_PASSWORD}" | /usr/bin/gpg --batch --yes --passphrase-fd 0 --import "${GIT_SIGNING_KEY}"
|
||||
echo "${MAVEN_SIGNING_KEY_PASSWORD}" | /usr/bin/gpg --batch --yes --passphrase-fd 0 --import "${MAVEN_SIGNING_KEY}"
|
||||
/usr/bin/gpg -k
|
||||
echo "${GIT_SIGNING_KEY_PASSWORD}" | /usr/bin/gpg1 --batch --yes --passphrase-fd 0 --import "${GIT_SIGNING_KEY}"
|
||||
echo "${MAVEN_SIGNING_KEY_PASSWORD}" | /usr/bin/gpg1 --batch --yes --passphrase-fd 0 --import "${MAVEN_SIGNING_KEY}"
|
||||
/usr/bin/gpg1 -k
|
||||
|
||||
function spring-data-release-shell {
|
||||
java \
|
||||
|
||||
@@ -5,7 +5,7 @@ git.password=${GITHUB_TOKEN}
|
||||
|
||||
#git.gpg.keyname=B3B6F3E392A8615C65A98FC51F33293B709FA3E2
|
||||
#git.gpg.passphrase=${GIT_SIGNING_KEY_PASSWORD}
|
||||
#git.gpg.executable=/usr/bin/gpg
|
||||
#git.gpg.executable=/usr/bin/gpg1
|
||||
|
||||
deployment.username=${REPO_SPRING_IO_USR}
|
||||
deployment.password=${REPO_SPRING_IO_PSW}
|
||||
@@ -16,7 +16,7 @@ deployment.maven-central.stagingProfileId=${STAGING_PROFILE_ID}
|
||||
|
||||
deployment.maven-central.gpg.keyname=E2ACB037933CDEAAB7BF77D49A2C7A98E457C53D
|
||||
deployment.maven-central.gpg.passphrase=${MAVEN_SIGNING_KEY_PASSWORD}
|
||||
deployment.maven-central.gpg.executable=/usr/bin/gpg
|
||||
deployment.maven-central.gpg.executable=/usr/bin/gpg1
|
||||
|
||||
sagan.key=n/a
|
||||
|
||||
|
||||
Reference in New Issue
Block a user