cpkg: allow use of ssh credentials for git

This commit is contained in:
wpetit 2021-09-09 15:45:34 +02:00
parent c5684aafea
commit 62615af5e6
2 changed files with 28 additions and 5 deletions

View File

@ -8,6 +8,7 @@ def call(Map params = [:]) {
def distVersion = params.distVersion ? params.distVersion : '2.7.0' def distVersion = params.distVersion ? params.distVersion : '2.7.0'
def distBranchName = params.distBranchName ? params.distBranchName : env.GIT_BRANCH def distBranchName = params.distBranchName ? params.distBranchName : env.GIT_BRANCH
def gitCredentials = params.gitCredentials ? params.gitCredentials : null def gitCredentials = params.gitCredentials ? params.gitCredentials : null
def gitCredentialsType = params.gitCredentialsType ? params.gitCredentialsType : 'http'
def gitEmail = params.gitEmail ? params.gitEmail : 'jenkins@cadoles.com' def gitEmail = params.gitEmail ? params.gitEmail : 'jenkins@cadoles.com'
def gitUsername = params.gitUsername ? params.gitUsername : 'Jenkins' def gitUsername = params.gitUsername ? params.gitUsername : 'Jenkins'
def skipCi = params.containsKey('skipCi') ? params.skipCi : false def skipCi = params.containsKey('skipCi') ? params.skipCi : false
@ -27,7 +28,7 @@ def call(Map params = [:]) {
sh("git config --add remote.origin.fetch +refs/heads/${distBranch}:refs/remotes/origin/${distBranch}") sh("git config --add remote.origin.fetch +refs/heads/${distBranch}:refs/remotes/origin/${distBranch}")
// Update branches // Update branches
sh("GIT_SSH_COMMAND='ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no' git fetch --all") sh("git fetch --all")
// Merge currentRef into distBranch and push // Merge currentRef into distBranch and push
sh("git checkout -b '${distBranch}' 'origin/${distBranch}'") sh("git checkout -b '${distBranch}' 'origin/${distBranch}'")
@ -39,7 +40,7 @@ def call(Map params = [:]) {
sh("git merge ${currentRef}") sh("git merge ${currentRef}")
if (!skipPush) { if (!skipPush) {
sh("GIT_SSH_COMMAND='ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no' git push") sh("git push")
} else { } else {
println("Skipping push. Set skipPush param to 'true' to enable remote repository update.") println("Skipping push. Set skipPush param to 'true' to enable remote repository update.")
} }
@ -79,7 +80,7 @@ def call(Map params = [:]) {
// Push tag // Push tag
if (!skipPush) { if (!skipPush) {
sh("GIT_SSH_COMMAND='ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no' git push --tags") sh("git push --tags")
} else { } else {
println("Skipping push. Set skipPush param to 'true' to enable remote repository update.") println("Skipping push. Set skipPush param to 'true' to enable remote repository update.")
} }
@ -89,8 +90,16 @@ def call(Map params = [:]) {
} }
if (gitCredentials != null) { if (gitCredentials != null) {
git.withHTTPCredentials(gitCredentials) { if (gitCredentialsType == 'http') {
proc.call() git.withHTTPCredentials(gitCredentials) {
proc.call()
}
} else if (gitCredentialsType == 'ssh') {
git.withSSHCredentials(gitCredentials) {
proc.call()
}
} else {
throw new Exception("Unknown git credentials type '${gitCredentialsType}' ! Expected 'ssh' or 'http' (default).")
} }
} else { } else {
proc.call() proc.call()

View File

@ -28,3 +28,17 @@ def withHTTPCredentials(String credentialsId, Closure fn) {
} }
} }
} }
def withSSHCredentials(String credentialsId, Closure fn) {
def randomUUID = UUID.randomUUID().toString()
withCredentials([
sshUserPrivateKey(
credentialsId: credentialsId,
keyFileVariable: 'GIT_SSH_IDENTITY_FILE',
)
]) {
withEnv(['GIT_SSH_VARIANT=ssh', 'GIT_SSH_COMMAND=ssh -i $GIT_SSH_IDENTITY_FILE -o IdentitiesOnly=yes -o StrictHostKeyChecking=no']) {
fn.call()
}
}
}