04f9dea597
* Jenkins scripts: - remove POST_ISO_SIGNING job parameter, as ISO signing is controled by build.conf, as originally intended. * build.conf: - rename SIGN_ISO => SIGN_ISO_FORMAL to better reflect purpose. ISOs are always signed, with developer keys (SIGN_ISO_FORMAL=false) or the signing server (SIGN_ISO_FORMAL=true). - add SECUREBOOT_FORMAL - whether to generate secureboot signatures using the signing server (true), or not to generate them at all (false) * Added code in job_utils.sh to set the defaults for these new config options as necessary, in case the job runs against an older build.conf that still has the obsolete BUILD_ISO option. TESTS ======================== * Make sure SIGN_ISO_FORMAL==true calls "build-image --no-sign" followed by "sign_iso_formal.sh" * Make sure SIGN_ISO_FORMAL==false calls "build-image" not followed by "sign_iso_formal.sh" and the dev-key based ISO signature gets created * Make sure SECUREBOOT_FORMAL==true calls calls the secureboot script * Make sure SECUREBOOT_FORMAL==false does not call the secureboot script * Test with both the new parameters undefined, but SIGN_ISO defined, and make sure they aquire expected defaults Story: 2010226 Task: 47777 Depends-On: https://review.opendev.org/c/starlingx/root/+/879206 Signed-off-by: Davlet Panech <davlet.panech@windriver.com> Change-Id: I928de97fefc70b3062820547d1256c2a3ce106e8
70 lines
1.3 KiB
Plaintext
70 lines
1.3 KiB
Plaintext
// vim: syn=groovy
|
|
|
|
//
|
|
// Copyright (c) 2022 Wind River Systems, Inc.
|
|
//
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
//
|
|
|
|
library "common@${params.JENKINS_SCRIPTS_BRANCH}"
|
|
|
|
setBuildDescr()
|
|
|
|
pipeline {
|
|
agent any
|
|
options {
|
|
timestamps()
|
|
}
|
|
parameters {
|
|
string (
|
|
name: 'MASTER_JOB_NAME'
|
|
)
|
|
string (
|
|
name: 'MASTER_BUILD_NUMBER'
|
|
)
|
|
string (
|
|
name: 'JENKINS_SCRIPTS_BRANCH'
|
|
)
|
|
string (
|
|
name: 'BUILD_HOME'
|
|
)
|
|
string (
|
|
name: 'TIMESTAMP'
|
|
)
|
|
string (
|
|
name: 'PUBLISH_TIMESTAMP'
|
|
)
|
|
booleanParam (
|
|
name: 'DRY_RUN'
|
|
)
|
|
booleanParam (
|
|
name: 'SHELL_XTRACE'
|
|
)
|
|
booleanParam (
|
|
name: 'BUILD_ISO'
|
|
)
|
|
}
|
|
stages {
|
|
stage ("build-iso") {
|
|
steps {
|
|
sh ("${Constants.SCRIPTS_DIR}/build-iso.sh")
|
|
}
|
|
}
|
|
stage ("sign-iso") {
|
|
steps {
|
|
sh ("${Constants.SCRIPTS_DIR}/sign-iso.sh")
|
|
}
|
|
}
|
|
}
|
|
post {
|
|
always {
|
|
notAborted {
|
|
sh ("${Constants.SCRIPTS_DIR}/archive-iso.sh")
|
|
}
|
|
}
|
|
cleanup {
|
|
cleanupPartJob()
|
|
}
|
|
}
|
|
}
|