--- /dev/null
+#!/bin/bash
+# The script runnings on the signer box will pull nfs-ganesha packags that wore created in the last 24 hours on chacra.ceph.com to /opt/new-repos
+# After this the sign-rpms-auto script will run and sign the nfs-ganesha packages
+# And finally the sync-push-auto script will run and will push the signed packages to download.ceph.com
+
+today_items=$(ssh ubuntu@chacra.ceph.com 'find /opt/repos/nfs-ganesha-stable -newermt "-24 hours" -ls' | awk '{ print $11 }' )
+if [ -n "$today_items" ]; then
+echo "pulling nfs-ganesha packages from chacra"
+echo "********************************************"
+[[ -d /opt/new-repos/ ]] | mkdir -p /opt/new-repos/
+ for item in $today_items; do
+ sync_cmd="ubuntu@chacra.ceph.com:$item /opt/new-repos/"
+ rsync -Lavh --progress --relative $sync_cmd
+ done
+
+ # sign the rpm's that wore pulled today
+
+echo "signing rpms"
+bash ./sign-rpms-auto
+
+ # syncing the singed rpm's to download.ceph.com
+
+echo "pushing rpms to download.ceph.com"
+bash ./sync-push-auto
+
+fi
--- /dev/null
+#!/bin/bash
+# This script will the rpm files pulled from the chacra machines.
+
+
+keyid=460F3994
+GPG_PASSPHRASE=''
+
+path="/opt/new-repos/"
+echo $path
+update_repo=0
+cd $path
+
+for rpm in `find -name "*.rpm"`
+do
+ signature=$(rpm -qi -p $rpm 2>/dev/null | grep ^Signature)
+ if ! grep -iq $keyid <<< "$signature" ; then
+ rpm_path=`readlink -f $rpm`
+ echo "signing: $rpm_path"
+ update_repo=1
+
+ echo "yes" | setsid rpm \
+ --define "_gpg_name '$keyid'" \
+ --define '_signature gpg' \
+ --define '__gpg_check_password_cmd /bin/true' \
+ --define "__gpg_sign_cmd %{__gpg} gpg --no-tty --yes --batch --no-armor --passphrase '$GPG_PASSPHRASE' --no-secmem-warning -u "%{_gpg_name}" --sign --detach-sign --output %{__signature_filename} %{__plaintext_filename}" \
+ --resign "$rpm_path"
+
+ fi
+done
+
+# now sign the repomd.xml files
+if [[ $update_repo -eq 1 ]]; then
+ for repomd in `find -name repomd.xml`
+ do
+ echo "signing repomd: $repomd"
+ gpg --batch --yes --passphrase "$GPG_PASSPHRASE" --detach-sign --armor -u $keyid $repomd
+ done
+fi
+
+# finally, update the repo metadata
+repodirs=$( find /opt/new-repos/ -type d -name x86_64 | cut -d/ -f 13 --complement )
+if [ -n "$repodirs" ]; then
+ for directory in $repodirs
+ do
+ cd $directory
+ createrepo .
+ cd -
+ done
+fi
--- /dev/null
+#!/bin/bash
+# This script will push repository files from the signer box to the upstream repositories.
+# By default it will push all releases and ceph_versions defined in the releases and ceph_version varibles to download.ceph.com
+
+releases=( V3.5 V2.7 )
+ceph_version=( octopus ceph_pacific )
+
+repodirs=$( find /opt/new-repos/ -type d -name x86_64 | cut -d/ -f 13 --complement )
+for dir in "$repodirs"; do
+ for i in "${releases[@]}"; do
+ for v in "${ceph_version[@]}"; do
+ find_release=$( ls -ld "$dir" | grep "$i" | wc -l )
+ find_version=$( ls -ld "$dir" | grep "$v" | wc -l )
+ if [ $find_release == '1' ] && [ $find_version == '1' ]; then
+ release=$i
+ version=$v
+ ssh signer@download.ceph.com "mkdir -p /data/download.ceph.com/www/nfs-ganesha-new/rpm-$release-stable/$version/el8" && el8_cmd="$dir/* signer@download.ceph.com:/data/download.ceph.com/www/nfs-ganesha-new/rpm-$release-stable/$version/el8" && rsync --progress -avr $el8_cmd
+ rm -rf /opt/new-repos/*
+ fi
+ done
+ done
+done
projects / ceph-build.git / commitdiff