class Conjur::Debify::Action::Publish

Attributes

cmd_options[R]
distribution[R]
project_name[R]

Public Class Methods

new(distribution, project_name, cmd_options) click to toggle source
# File lib/conjur/debify/action/publish.rb, line 15
def initialize(distribution, project_name, cmd_options)
  @distribution = distribution
  @project_name = project_name
  @cmd_options = cmd_options
end

Public Instance Methods

create_image() click to toggle source
# File lib/conjur/debify/action/publish.rb, line 73
def create_image
  Docker::Image.build_from_dir File.expand_path('../../publish', File.dirname(__FILE__)), tag: "debify-publish", &DebugMixin::DOCKER
end
detect_component() click to toggle source
# File lib/conjur/debify/action/publish.rb, line 5
def detect_component
  branch = ENV['GIT_BRANCH'] || ENV['BRANCH_NAME'] || `git rev-parse --abbrev-ref HEAD`.strip
  if %w(master origin/master).include?(branch)
    'stable'
  else
    branch.gsub('/', '.')
  end
end
fetch_art_creds() click to toggle source
# File lib/conjur/debify/action/publish.rb, line 77
def fetch_art_creds
  require 'conjur/cli'
  require 'conjur/authn'
  Conjur::Config.load
  Conjur::Config.apply
  conjur = Conjur::Authn.connect nil, noask: true

  account = Conjur.configuration.account
  username_var = [account, "variable", "ci/artifactory/users/jenkins/username"].join(':')
  password_var = [account, "variable", 'ci/artifactory/users/jenkins/password'].join(':')
  [conjur.resource(username_var).value, conjur.resource(password_var).value]
end
publish(options) click to toggle source
# File lib/conjur/debify/action/publish.rb, line 123
def publish(options)
  container = Docker::Container.create(options)
  begin
    container.tap(&:start!).streaming_logs(follow: true, stdout: true, stderr: true) { |stream, chunk| puts "#{chunk}" }
    status = container.wait
    raise "Failed to publish package" unless status['StatusCode'] == 0
  ensure
    container.delete(force: true)
  end
end
publish_package( publish_image:, art_url:, art_user:, art_password:, art_repo:, package_name:, dir:, deb_info: nil ) click to toggle source
# File lib/conjur/debify/action/publish.rb, line 90
def publish_package(
  publish_image:,
  art_url:,
  art_user:,
  art_password:,
  art_repo:,
  package_name:,
  dir:,
  deb_info: nil
)

  cmd_args = [
    "jfrog", "rt", "upload",
    "--url", art_url,
    "--user", art_user,
    "--password", art_password,
  ]

  cmd_args += ["--deb", deb_info] if deb_info
  cmd_args += [package_name, "#{art_repo}/"]

  options = {
    'Image' => publish_image.id,
    'Cmd' => cmd_args,
    'Binds' => [
      [ dir, "/src" ].join(':')
    ]
  }
  options['Privileged'] = true if Docker.version['Version'] >= '1.10.0'

  publish(options)
end
run() click to toggle source
# File lib/conjur/debify/action/publish.rb, line 21
def run
  dir = cmd_options[:dir] || '.'
  dir = File.expand_path(dir)
  raise "Directory #{dir} does not exist or is not a directory" unless File.directory?(dir)

  Dir.chdir dir do
    version = cmd_options[:version] || detect_version

    publish_image = create_image
    DebugMixin.debug_write "Built base publish image '#{publish_image.id}'\n"

    art_url = cmd_options[:url]
    deb_art_repo = cmd_options[:repo]

    art_user = ENV['ARTIFACTORY_USER']
    art_password = ENV['ARTIFACTORY_PASSWORD']
    unless art_user && art_password
      art_user, art_password = fetch_art_creds
    end

    # Publish deb package
    component = cmd_options[:component] || detect_component
    deb_info = "#{distribution}/#{component}/amd64"
    package_name = "conjur-#{project_name}_#{version}_amd64.deb"
    publish_package(
      publish_image: publish_image,
      art_url: art_url,
      art_user: art_user,
      art_password: art_password,
      art_repo: deb_art_repo,
      package_name: package_name,
      dir: dir,
      deb_info: deb_info
    )

    # Publish RPM package
    # The rpm builder replaces dashes with underscores in the version
    rpm_version = version.tr('-', '_')
    package_name = "conjur-#{project_name}-#{rpm_version}-1.x86_64.rpm"
    rpm_art_repo = cmd_options['rpm-repo']
    publish_package(
      publish_image: publish_image,
      art_url: art_url,
      art_user: art_user,
      art_password: art_password,
      art_repo: rpm_art_repo,
      package_name: package_name,
      dir: dir
    )
  end
end